/** * Search Users and wishLists by username or email * @param string|VulnerableField $searchQuery * @return array */ public function searchWishlists($searchQuery) { if ($searchQuery instanceof VulnerableField) { $searchString = $searchQuery->copy('%' . $searchQuery->raw() . '%'); } else { $searchString = '%' . $searchQuery . '%'; } /** @var User[] $users */ $users = $this->pixie->db->query('select')->fields('id')->table('tbl_users', 'user')->join(['tbl_wish_list', 'wishlists'], ['wishlists.user_id', 'user.id'])->where('wishlists.type', 'public')->where('and', [array('email', 'like', $searchString), array('or', array('username', 'like', $searchString))])->execute()->as_array(true); $userIds = []; foreach ($users as $usr) { $userIds[] = $usr->id; // That's correct, not ->id() } if ($userIds) { $users = $this->pixie->orm->get('User')->where('id', 'IN', $this->pixie->db->expr('(' . implode(',', $userIds) . ')'))->find_all()->as_array(); } else { $users = []; } $userList = array(); $followers = array(); if ($this->pixie->auth->user() !== null) { $userFollowers = $this->pixie->orm->get('WishListFollowers')->where('user_id', $this->pixie->auth->user()->id())->find_all()->as_array(); foreach ($userFollowers as $userFollower) { $followers[] = $userFollower->follower_id; } } $curUser = $this->pixie->auth->user(); foreach ($users as $user) { if ($curUser && $user->id() == $curUser->id()) { continue; } $userList[$user->id()] = $user->as_array(); $userList[$user->id()]['remembered'] = in_array($user->id(), $followers) ? true : false; $userList[$user->id()]['wishLists'] = array(); $publicListExists = false; foreach ($user->lists as $list) { if ($list->type != self::TYPE_PUBLIC) { continue; } $userList[$user->id()]['wishLists'][] = $list->as_array(); $publicListExists = true; } if (!$publicListExists) { unset($userList[$user->id()]); } } return $userList; }
/** * @param string $value * @param string $path Absolute path to vulnerability block which is to be bound to variable. * @param bool $restored Indicates, whether the field is restored from serialized source. * @return VulnerableField */ public function wrapValueByPath($value, $path, $restored = true) { $parts = preg_split('/\\|/', $path); if (!$parts[0] || !$parts[1] || !$parts[2] && $parts[2] != 0) { throw new \InvalidArgumentException(); } $element = $this->getElementByPath($path) ?: new VulnerableElement(); $fieldParts = preg_split('/:/', $parts[1]); $name = $fieldParts[0]; $source = $fieldParts[1] ?: FieldDescriptor::SOURCE_ANY; $result = new VulnerableField(new FieldDescriptor($name, $source), $value, $element); $result->setRestored($restored); return $result; }