/** * Sets the Doctrine where clause for fetching pages * * @param QueryBuilder $queryBuilder * @param int $id * @param string $searchFilter * @return QueryBuilder */ protected function setWhereClause(QueryBuilder $queryBuilder, $id, $searchFilter = '') : QueryBuilder { $expressionBuilder = $queryBuilder->expr(); $queryBuilder->where(QueryHelper::stripLogicalOperatorPrefix($GLOBALS['BE_USER']->getPagePermsClause(1))); if (is_numeric($id) && $id >= 0) { $queryBuilder->andWhere($expressionBuilder->eq('pid', $queryBuilder->createNamedParameter($id, \PDO::PARAM_INT))); } $excludedDoktypes = $GLOBALS['BE_USER']->getTSConfigVal('options.pageTree.excludeDoktypes'); if (!empty($excludedDoktypes)) { $queryBuilder->andWhere($expressionBuilder->notIn('doktype', $queryBuilder->createNamedParameter(GeneralUtility::intExplode(',', $excludedDoktypes, true), Connection::PARAM_INT_ARRAY))); } if ($searchFilter !== '') { $searchParts = $expressionBuilder->orX(); if (is_numeric($searchFilter) && $searchFilter > 0) { $searchParts->add($expressionBuilder->eq('uid', $queryBuilder->createNamedParameter($searchFilter, \PDO::PARAM_INT))); } $searchFilter = '%' . $queryBuilder->escapeLikeWildcards($searchFilter) . '%'; $useNavTitle = $GLOBALS['BE_USER']->getTSConfigVal('options.pageTree.showNavTitle'); $useAlias = $GLOBALS['BE_USER']->getTSConfigVal('options.pageTree.searchInAlias'); $aliasExpression = ''; if ($useAlias) { $aliasExpression = $expressionBuilder->like('alias', $queryBuilder->createNamedParameter($searchFilter, \PDO::PARAM_STR)); } if ($useNavTitle) { $searchWhereAlias = $expressionBuilder->orX($expressionBuilder->like('nav_title', $queryBuilder->createNamedParameter($searchFilter, \PDO::PARAM_STR)), $expressionBuilder->andX($expressionBuilder->eq('nav_title', $queryBuilder->createNamedParameter('', \PDO::PARAM_STR)), $expressionBuilder->like('title', $queryBuilder->createNamedParameter($searchFilter, \PDO::PARAM_STR)))); if (strlen($aliasExpression)) { $searchWhereAlias->add($aliasExpression); } $searchParts->add($searchWhereAlias); } else { $searchParts->add($expressionBuilder->like('title', $queryBuilder->createNamedParameter($searchFilter, \PDO::PARAM_STR))); if (strlen($aliasExpression)) { $searchParts->add($aliasExpression); } } $queryBuilder->andWhere($searchParts); } return $queryBuilder; }
/** * Build the MySql where clause by table. * * @param QueryBuilder $queryBuilder * @param string $tableName Record table name * @param array $fieldsToSearchWithin User right based visible fields where we can search within. * @return CompositeExpression */ protected function makeQuerySearchByTable(QueryBuilder &$queryBuilder, $tableName, array $fieldsToSearchWithin) { $constraints = []; // If the search string is a simple integer, assemble an equality comparison if (MathUtility::canBeInterpretedAsInteger($this->queryString)) { foreach ($fieldsToSearchWithin as $fieldName) { if ($fieldName !== 'uid' && $fieldName !== 'pid' && !isset($GLOBALS['TCA'][$tableName]['columns'][$fieldName])) { continue; } $fieldConfig = $GLOBALS['TCA'][$tableName]['columns'][$fieldName]['config']; $fieldType = $fieldConfig['type']; $evalRules = $fieldConfig['eval'] ?: ''; // Assemble the search condition only if the field is an integer, or is uid or pid if ($fieldName === 'uid' || $fieldName === 'pid' || $fieldType === 'input' && $evalRules && GeneralUtility::inList($evalRules, 'int')) { $constraints[] = $queryBuilder->expr()->eq($fieldName, $queryBuilder->createNamedParameter($this->queryString, \PDO::PARAM_INT)); } elseif ($fieldType === 'text' || $fieldType === 'flex' || $fieldType === 'input' && (!$evalRules || !preg_match('/date|time|int/', $evalRules))) { // Otherwise and if the field makes sense to be searched, assemble a like condition $constraints[] = $constraints[] = $queryBuilder->expr()->like($fieldName, $queryBuilder->createNamedParameter('%' . $queryBuilder->escapeLikeWildcards((int) $this->queryString) . '%', \PDO::PARAM_STR)); } } } else { $like = '%' . $queryBuilder->escapeLikeWildcards($this->queryString) . '%'; foreach ($fieldsToSearchWithin as $fieldName) { if (!isset($GLOBALS['TCA'][$tableName]['columns'][$fieldName])) { continue; } $fieldConfig =& $GLOBALS['TCA'][$tableName]['columns'][$fieldName]['config']; $fieldType = $fieldConfig['type']; $evalRules = $fieldConfig['eval'] ?: ''; // Check whether search should be case-sensitive or not $searchConstraint = $queryBuilder->expr()->andX($queryBuilder->expr()->comparison('LOWER(' . $queryBuilder->quoteIdentifier($fieldName) . ')', 'LIKE', $queryBuilder->createNamedParameter(strtolower($like), \PDO::PARAM_STR))); if (is_array($fieldConfig['search'])) { if (in_array('case', $fieldConfig['search'], true)) { // Replace case insensitive default constraint $searchConstraint = $queryBuilder->expr()->andX($queryBuilder->expr()->like($fieldName, $queryBuilder->createNamedParameter($like, \PDO::PARAM_STR))); } // Apply additional condition, if any if ($fieldConfig['search']['andWhere']) { $searchConstraint->add(QueryHelper::stripLogicalOperatorPrefix($fieldConfig['search']['andWhere'])); } } // Assemble the search condition only if the field makes sense to be searched if ($fieldType === 'text' || $fieldType === 'flex' || $fieldType === 'input' && (!$evalRules || !preg_match('/date|time|int/', $evalRules))) { if ($searchConstraint->count() !== 0) { $constraints[] = $searchConstraint; } } } } // If no search field conditions have been build ensure no results are returned if (empty($constraints)) { return '0=1'; } return $queryBuilder->expr()->orX(...$constraints); }