} elseif ($formType == "duplicateSearch") { // find duplicate records within results of the given SQL query (using settings extracted from the 'duplicateSearch' form // in 'duplicate_search.php') and return a modified database query that only matches these duplicate entries: list($sqlQuery, $displayType) = findDuplicates($sqlQuery, $originalDisplayType); // by passing the generated SQL query thru the 'verifySQLQuery()' function we ensure that necessary fields are added as needed: // (this function does add/remove user-specific query code as required and will fix problems with escape sequences within the SQL query) $query = verifySQLQuery($sqlQuery, $referer, $displayType, $showLinks); // function 'verifySQLQuery()' is defined in 'include.inc.php' (since it's also used by 'rss.php') } elseif ($formType == "simpleSearch") { $query = extractFormElementsSimple($showLinks, $userID); } elseif ($formType == "librarySearch") { $query = extractFormElementsLibrary($showLinks, $userID); } elseif ($formType == "advancedSearch") { $query = extractFormElementsAdvanced($showLinks, $loginEmail, $userID); } elseif ($formType == "refineSearch" or $formType == "displayOptions") { list($query, $displayType) = extractFormElementsRefineDisplay($tableRefs, $displayType, $originalDisplayType, $sqlQuery, $showLinks, $citeOrder, $userID); // function 'extractFormElementsRefineDisplay()' is defined in 'include.inc.php' since it's also used by 'users.php' } elseif ($formType == "queryResults") { list($query, $displayType) = extractFormElementsQueryResults($displayType, $originalDisplayType, $showLinks, $citeOrder, $orderBy, $userID, $sqlQuery, $referer, $recordSerialsArray, $recordsSelectionRadio); } elseif ($formType == "extractSearch") { $query = extractFormElementsExtract($showLinks, $citeOrder, $userID); } elseif ($formType == "myRefsSearch") { $query = extractFormElementsMyRefs($showLinks, $loginEmail, $userID); } elseif ($formType == "quickSearch") { list($query, $displayType) = extractFormElementsQuick($sqlQuery, $showLinks, $userID, $displayType, $originalDisplayType); } elseif ($formType == "myRefsBrowse") { $query = extractFormElementsBrowseMyRefs($showLinks, $loginEmail, $userID); } elseif ($formType == "groupSearch") { list($query, $displayType) = extractFormElementsGroup($sqlQuery, $showLinks, $userID, $displayType, $originalDisplayType); } // --------------------------------------------------------------------
if (empty($recordSerialsArray)) { // no checkboxes were marked $nothingChecked = true; } else { // some checkboxes were marked $nothingChecked = false; } // -------------------------------------------------------------------- // CONSTRUCT SQL QUERY: // --- Embedded sql query: ---------------------- if ($formType == "sqlSearch") { $query = preg_replace("/ FROM {$tableUsers}/i", ", user_id FROM {$tableUsers}", $sqlQuery); // add 'user_id' column (which is required in order to obtain unique checkbox names as well as for use in the 'getUserID()' function) $query = stripSlashesIfMagicQuotes($query); } elseif ($formType == "refineSearch" or $formType == "displayOptions") { list($query, $displayType) = extractFormElementsRefineDisplay($tableUsers, $displayType, $originalDisplayType, $sqlQuery, $showLinks, "", ""); // function 'extractFormElementsRefineDisplay()' is defined in 'include.inc.php' since it's also used by 'users.php' } elseif ($formType == "groupSearch") { $query = extractFormElementsGroup($sqlQuery); } elseif ($formType == "queryResults") { list($query, $displayType) = extractFormElementsQueryResults($displayType, $originalDisplayType, $sqlQuery, $recordSerialsArray); } else { $query = "SELECT first_name, last_name, abbrev_institution, email, last_login, logins, user_id FROM {$tableUsers} WHERE user_id RLIKE \".+\" ORDER BY last_login DESC, last_name, first_name"; } // ---------------------------------------------- // (1) OPEN CONNECTION, (2) SELECT DATABASE connectToMySQLDatabase(); // function 'connectToMySQLDatabase()' is defined in 'include.inc.php' // (3) RUN the query on the database through the connection: $result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'