if (isset($_REQUEST['search_terms'])) {
$search_terms = addslashes($_REQUEST['search_terms']);
}
if (empty($search_terms)) {
// display form
$tool_content .= "\n <form method='post' action='{$_SERVER['SCRIPT_NAME']}'>\n <fieldset>\n <legend>{$langSearchCriteria}</legend>\n <table width='100%' class='tbl'>\n <tr>\n <th class='left' width='120'>{$langOR}</th>\n <td colspan='2'><input name='search_terms' type='text' size='80'/></td>\n </tr>\n <tr>\n <th width='30%' class='left' valign='top' rowspan='4'>{$langSearchIn}</th>\n <td width='35%'><input type='checkbox' name='announcements' checked='checked' />{$langAnnouncements}</td>\n <td width='35%'><input type='checkbox' name='agenda' checked='checked' />{$langAgenda}</td>\n </tr>\n <tr>\n <td><input type='checkbox' name='course_units' checked='checked' />{$langCourseUnits}</td>\n <td><input type='checkbox' name='documents' checked='checked' />{$langDoc}</td>\n </tr>\n <tr>\n <td><input type='checkbox' name='forums' checked='checked' />{$langForums}</td>\n <td><input type='checkbox' name='exercises' checked='checked' />{$langExercices}</td>\n </tr>\n <tr>\n <td><input type='checkbox' name='video' checked='checked' />{$langVideo}</td>\n <td><input type='checkbox' name='links' checked='checked' />{$langLinks}</td>\n </tr>\n <tr>\n <th> </th>\n <td colspan='2' class='right'><input class='btn btn-primary' type='submit' name='submit' value='{$langDoSearch}' /></td>\n </tr>\n </table>\n </fieldset>\n </form>";
} else {
// ResourceIndexers require course_id inside the input data array (POST, but we do not want to pass it through the form)
$_POST['course_id'] = $course_id;
// Search Terms might come from GET, but we want to pass it alltogether with POST in ResourceIndexers
$_POST['search_terms'] = $search_terms;
$idx = new Indexer();
$tool_content .= "\n <div id=\"operations_container\">\n <ul id='opslist'>\n <li><a href='" . $_SERVER['SCRIPT_NAME'] . "'>{$langNewSearch}</a></li>\n </ul>\n </div>\n <p class='sub_title1'>{$langResults}</p>";
// search in announcements
if ($announcements) {
$announceHits = $idx->searchRaw(AnnouncementIndexer::buildQuery($_POST));
if (count($announceHits) > 0) {
$tool_content .= "<script type='text/javascript' src='../auth/sorttable.js'></script>\n <table width='99%' class='sortable' id='t1' align='left'>\n <tr>\n <th colspan='2'>{$langAnnouncements}:</th>\n </tr>";
$numLine = 0;
foreach ($announceHits as $annHit) {
$announce = Database::get()->querySingle("SELECT title, content, date FROM announcement WHERE id = ?d", $annHit->pkid);
$class = $numLine % 2 ? 'odd' : 'even';
$tool_content .= "<tr class='{$class}'>\n <td width='1' valign='top'><img style='padding-top:3px;' src='{$themeimg}/arrow.png' title='bullet' /></td>\n <td><b><a href='" . $annHit->url . "'>" . q($announce->title) . "</a></b> \n <small>(" . nice_format(claro_format_locale_date($dateFormatLong, strtotime($announce->date))) . ")\n </small><br />" . $announce->content . "</td></tr>";
$numLine++;
}
$tool_content .= "</table>";
$found = true;
}
}
// search in agenda
if ($agenda) {
$pageName = $langSearch;
// exit if search is disabled
if (!get_config('enable_search')) {
$tool_content .= "<div class='alert alert-info'>{$langSearchDisabled}</div>";
draw($tool_content, 0);
exit;
}
// exit if no POST data
if (!register_posted_variables(array('search_terms' => false, 'search_terms_title' => false, 'search_terms_keywords' => false, 'search_terms_instructor' => false, 'search_terms_coursecode' => false, 'search_terms_description' => false), 'any')) {
$tool_content .= CourseIndexer::getDetailedSearchForm();
draw($tool_content, 0);
exit;
}
// search in the index
$idx = new Indexer();
$hits1 = $idx->searchRaw(CourseIndexer::buildQuery($_POST));
// courses with visible 1 or 2
// Additional Access Rights
$anonymous = false;
if (isset($uid) and $uid) {
$anonymous = true;
$hits2 = $idx->searchRaw(CourseIndexer::buildQuery($_POST, false));
// courses with visible 0 or 3
if ($uid == 0) {
$hits = array_merge($hits1, $hits2);
// admin has access to all
} else {
$res = Database::get()->queryArray("SELECT course.id \n FROM course \n JOIN course_user ON course.id = course_user.course_id \n AND course_user.user_id = ?d", $uid);
$subscribed = array();
foreach ($res as $row) {
$subscribed[] = $row->id;
// exit if no POST data
if (!register_posted_variables(array('search_terms' => false,
'search_terms_title' => false,
'search_terms_keywords' => false,
'search_terms_instructor' => false,
'search_terms_coursecode' => false,
'search_terms_description' => false), 'any')) {
$tool_content .= CourseIndexer::getDetailedSearchForm();
draw($tool_content, 0);
exit();
}
// search in the index
$idx = new Indexer();
$hits1 = $idx->searchRaw(CourseIndexer::buildQuery($_POST)); // courses with visible 1 or 2
// Additional Access Rights
$anonymous = false;
if (isset($uid) and $uid) {
$anonymous = true;
$hits2 = $idx->searchRaw(CourseIndexer::buildQuery($_POST, false)); // courses with visible 0 or 3
if ($uid == 0) {
$hits = array_merge($hits1, $hits2); // admin has access to all
} else {
$res = Database::get()->queryArray("SELECT course.id
FROM course
JOIN course_user ON course.id = course_user.course_id
AND course_user.user_id = ?d", $uid);
$subscribed = array();
foreach ($res as $row) {
