Exemple #1
0
function extractFormElementsQueryResults($displayType, $originalDisplayType, $showLinks, $citeOrder, $orderBy, $userID, $sqlQuery, $referer, $recordSerialsArray, $recordsSelectionRadio)
{
    global $tableRefs, $tableUserData;
    // defined in 'db.inc.php'
    // Process ALL found records:
    if ($recordsSelectionRadio == "1") {
        // extract the 'WHERE' clause from the SQL query:
        $queryWhereClause = extractWHEREclause($sqlQuery);
        // function 'extractWHEREclause()' is defined in 'include.inc.php'
        if (preg_match("/^(Add|Remove)\$/i", $displayType)) {
            // the user clicked either the 'Add' or the 'Remove' button
            // get the serial numbers of all found records (which is required by function 'modifyUserGroups()'):
            $recordSerialsArray = getFieldContents($tableRefs, "serial", $userID, $queryWhereClause);
        }
        // function 'getFieldContents()' is defined in 'include.inc.php'
    } else {
        if (empty($recordSerialsArray)) {
            // the user did NOT check any checkboxes
            $recordSerialsArray[] = "0";
        }
        // since '0' doesn't exist as serial number, this will result in a "nothing found" feedback
        $queryWhereClause = "serial RLIKE " . quote_smart("^(" . implode("|", $recordSerialsArray) . ")\$");
    }
    if (isset($_SESSION['loginEmail']) and (isset($_SESSION['user_permissions']) and preg_match("/allow_user_groups/", $_SESSION['user_permissions']))) {
        $userGroupActionRadio = $_REQUEST['userGroupActionRadio'];
        // extract user option whether we're supposed to process an existing group name or any custom/new group name that was specified by the user
        // Extract the chosen user group from the request:
        // first, we need to check whether the user did choose an existing group name from the popup menu
        // -OR- if he/she did enter a custom group name in the text entry field:
        if ($userGroupActionRadio == "1") {
            if (isset($_REQUEST['userGroupSelector'])) {
                $userGroup = $_REQUEST['userGroupSelector'];
            } else {
                $userGroup = "";
            }
        } else {
            if (isset($_REQUEST['userGroupName'])) {
                $userGroup = $_REQUEST['userGroupName'];
            } else {
                $userGroup = "";
            }
        }
    }
    // Depending on the chosen output format, construct an appropriate SQL query:
    // TODO: build the complete SQL query using functions 'buildFROMclause()' and 'buildORDERclause()'
    if (preg_match("/^Cite\$/i", $displayType)) {
        $query = buildSELECTclause($displayType, $showLinks);
        // function 'buildSELECTclause()' is defined in 'include.inc.php'
        if (isset($_SESSION['loginEmail'])) {
            // if a user is logged in...
            $query .= " FROM {$tableRefs} LEFT JOIN {$tableUserData} ON serial = record_id AND user_id = " . quote_smart($userID) . " WHERE " . $queryWhereClause;
        } else {
            // NO user logged in
            $query .= " FROM {$tableRefs} WHERE " . $queryWhereClause;
        }
        if ($citeOrder == "year") {
            // sort records first by year (descending), then in the usual way:
            $query .= " ORDER BY year DESC, first_author, author_count, author, title";
        } elseif ($citeOrder == "type") {
            // sort records first by record type (and thesis type), then in the usual way:
            $query .= " ORDER BY type DESC, thesis DESC, first_author, author_count, author, year, title";
        } elseif ($citeOrder == "type-year") {
            // sort records first by record type (and thesis type), then by year (descending), then in the usual way:
            $query .= " ORDER BY type DESC, thesis DESC, year DESC, first_author, author_count, author, title";
        } elseif ($citeOrder == "creation-date") {
            // sort records such that newly added/edited records get listed top of the list:
            $query .= " ORDER BY created_date DESC, created_time DESC, modified_date DESC, modified_time DESC, serial DESC";
        } else {
            // if any other or no '$citeOrder' parameter is specified, we supply the default ORDER BY pattern (which is suitable for citation in a journal etc.):
            $query .= " ORDER BY first_author, author_count, author, year, title";
        }
    } elseif (preg_match("/^(Display|Export)\$/i", $displayType)) {
        $query = buildSELECTclause($displayType, $showLinks);
        // function 'buildSELECTclause()' is defined in 'include.inc.php'
        if (isset($_SESSION['loginEmail'])) {
            // if a user is logged in...
            $query .= " FROM {$tableRefs} LEFT JOIN {$tableUserData} ON serial = record_id AND user_id = " . quote_smart($userID) . " WHERE " . $queryWhereClause . " ORDER BY {$orderBy}";
        } else {
            // NO user logged in
            $query .= " FROM {$tableRefs} WHERE " . $queryWhereClause . " ORDER BY {$orderBy}";
        }
    } elseif (isset($_SESSION['loginEmail']) and preg_match("/^(Add|Remove)\$/i", $displayType)) {
        if (preg_match("/^(Add|Remove)\$/i", $displayType) and !empty($userGroup)) {
            // the user clicked either the 'Add' or the 'Remove' button
            modifyUserGroups($tableUserData, $displayType, $recordSerialsArray, $userID, $userGroup);
        }
        // add (remove) selected records to (from) the specified user group (function 'modifyUserGroups()' is defined in 'include.inc.php')
        // re-apply the current sqlQuery:
        $query = preg_replace("/ FROM {$tableRefs}/i", ", orig_record FROM {$tableRefs}", $sqlQuery);
        // add 'orig_record' column (which is required in order to present visual feedback on duplicate records)
        $query = preg_replace("/ FROM {$tableRefs}/i", ", serial FROM {$tableRefs}", $query);
        // add 'serial' column (which is required in order to obtain unique checkbox names)
        if ($showLinks == "1") {
            $query = preg_replace("/ FROM {$tableRefs}/i", ", file, url, doi, isbn, type FROM {$tableRefs}", $query);
        }
        // add 'file', 'url', 'doi', 'isbn' & 'type columns
        // re-assign the correct display type if the user clicked the 'Add' or 'Remove' button of the 'queryResults' form:
        $displayType = $originalDisplayType;
    }
    return array($query, $displayType);
}
Exemple #2
0
function extractFormElementsQueryResults($displayType, $originalDisplayType, $sqlQuery, $recordSerialsArray)
{
    global $tableUsers;
    // defined in 'db.inc.php'
    $userGroupActionRadio = $_REQUEST['userGroupActionRadio'];
    // extract user option whether we're supposed to process an existing group name or any custom/new group name that was specified by the user
    // Extract the chosen user group from the request:
    // first, we need to check whether the user did choose an existing group name from the popup menu
    // -OR- if he/she did enter a custom group name in the text entry field:
    if ($userGroupActionRadio == "1") {
        if (isset($_REQUEST['userGroupSelector'])) {
            $userGroup = $_REQUEST['userGroupSelector'];
        } else {
            $userGroup = "";
        }
    } else {
        if (isset($_REQUEST['userGroupName'])) {
            $userGroup = $_REQUEST['userGroupName'];
        } else {
            $userGroup = "";
        }
    }
    // extract the specified permission setting:
    if (isset($_REQUEST['userPermissionSelector'])) {
        $userPermission = $_REQUEST['userPermissionSelector'];
    } else {
        $userPermission = "";
    }
    if (!empty($recordSerialsArray)) {
        if (preg_match("/^(Add|Remove)\$/", $displayType)) {
            modifyUserGroups($tableUsers, $displayType, $recordSerialsArray, "", $userGroup);
            // add (remove) selected records to (from) the specified user group (function 'modifyUserGroups()' is defined in 'include.inc.php')
        } elseif (preg_match("/^(Allow|Disallow)\$/", $displayType)) {
            if ($displayType == "Allow") {
                $userPermissionsArray = array("{$userPermission}" => "yes");
            } else {
                // ($displayType == "Disallow")
                $userPermissionsArray = array("{$userPermission}" => "no");
            }
            // Update the specified user permission for the current user:
            $updateSucceeded = updateUserPermissions($recordSerialsArray, $userPermissionsArray);
            // function 'updateUserPermissions()' is defined in 'include.inc.php'
            if ($updateSucceeded) {
                // save an informative message:
                $HeaderString = returnMsg("User permission <code>{$userPermission}</code> was updated successfully!", "", "", "HeaderString");
            } else {
                // return an appropriate error message:
                $HeaderString = returnMsg("User permission <code>{$userPermission}</code> could not be updated!", "warning", "strong", "HeaderString");
            }
        }
    }
    // re-assign the correct display type if the user clicked the 'Add', 'Remove', 'Allow' or 'Disallow' button of the 'queryResults' form:
    $displayType = $originalDisplayType;
    // re-apply the current sqlQuery:
    $query = preg_replace("/ FROM {$tableUsers}/i", ", user_id FROM {$tableUsers}", $sqlQuery);
    // add 'user_id' column (which is required in order to obtain unique checkbox names)
    return array($query, $displayType);
}