/**
* This implementation does not handle AND connectives between players.
* TODO: rewrite the whole crap
*/
public function results($uniqid = false, $page = 1)
{
session_start();
if (empty($_POST)) {
if (isset($_SESSION['post'][$uniqid])) {
$_POST = $_SESSION['post'][$uniqid];
}
} else {
$uniqid = uniqid();
$_SESSION['post'][$uniqid] = $_POST;
}
if (!empty(array_filter($_POST['player']))) {
$params = array();
$server_join = "";
if (isset($_POST['server']) && $_POST['server']) {
$params[":srv"] = $_POST['server'];
$server_join .= "RIGHT OUTER JOIN server AS s " . "ON s.id = g.server AND s.id = :srv ";
}
$where = array();
foreach ($_POST['player'] as $idx => $kw) {
$idx = (int) $idx;
// injection attempts shall only f**k up the results
if ($kw[0] === '"' && $kw[strlen($kw) - 1] === '"') {
$kw = substr($kw, 1, -1);
$kw = str_replace("%", "\\%", $kw);
}
$param = ":like" . $idx;
$where[] = " p.name LIKE " . $param;
$params[$param] = $kw;
}
$sql = "SELECT SQL_CALC_FOUND_ROWS DISTINCT g.* " . "FROM player AS p INNER JOIN game AS g ON g.id = p.game " . $server_join . "WHERE " . implode(" OR ", $where) . " ORDER BY g.starttime DESC LIMIT :offset, :max";
$db = Database::get_instance();
$sth = $db->prepare($sql);
// $params[':offset'] = ($page - 1) * Game::$limit;
// $params[':max'] = Game::$limit;
// $sth->execute($params); // LIMIT params need type info :/
$sth->bindParam(':max', Game::$limit, PDO::PARAM_INT);
$sth->bindValue(':offset', ($page - 1) * Game::$limit, PDO::PARAM_INT);
foreach ($params as $key => $value) {
$sth->bindValue($key, $value);
}
$sth->execute();
$total = (int) $db->query("SELECT FOUND_ROWS() AS t")->fetch()->t;
$resultview = new Template('gamelist', array('list' => $sth->fetchAll(PDO::FETCH_CLASS, "Game"), 'pagination' => gamelist::pagination($page, $total, App()->site_url("search/results/{$uniqid}"))));
$this->form($_POST);
$resultview->render();
} else {
App()->redirect("search");
}
}
public function results($storedrequest = false, $page = 1)
{
session_start();
// this is still really ugly :D
if (empty($_POST)) {
if ($storedrequest && isset($_SESSION['posts'][$storedrequest])) {
$_POST = $_SESSION['posts'][$storedrequest];
} else {
$this->app->redirect("search");
}
}
if (!$storedrequest) {
$storedrequest = uniqid();
$_SESSION['posts'][$storedrequest] = $_POST;
}
$this->form();
$players = array();
$notplayers = array();
foreach ($_POST['played'] as $index => $played) {
if ($played) {
$players[] = $_POST['player'][$index];
} else {
$notplayers[] = $_POST['player'][$index];
}
// array_push(($played ? $players : $notplayers), $_POST['player'][$index]); // o_O
}
$results = $this->run(array("max" => Game::$pagesize, "offset" => ($page - 1) * Game::$pagesize, "players" => $players, "notplayers" => $notplayers, "servers" => array_filter(array_map("intval", $_POST['servers'])), "notservers" => array_filter(array_map("intval", $_POST['notservers']))));
$resultview = new Template('gamelist', array('list' => $results->sth->fetchAll(PDO::FETCH_CLASS, "Game"), 'pagination' => gamelist::pagination($page, $results->total, $this->app->site_url("search/results/{$storedrequest}"))));
$resultview->render();
}
