function securexss($value)
{
if (is_array($value)) {
$new = array();
foreach ($value as $key => $val) {
$new[$key] = securexss($val);
}
return $new;
}
static $xss_cleanup = array('"' => '"', "'" => ''', '<' => '<', '>' => '>');
$value = preg_replace(array('/javascript:/i', '/\\0/'), array('java script:', ''), $value);
$value = preg_replace('/javascript:/i', 'java script:', $value);
return str_replace(array_keys($xss_cleanup), array_values($xss_cleanup), $value);
}
function preprocess_param($value)
{
if (is_string($value)) {
if (get_magic_quotes_gpc() == 1) {
$value = stripslashes($value);
}
$value = securexss($value);
}
return $value;
}
/**
* Given a list of modules to search and a search string, return the id, module_name, along with the fields
* We will support Accounts, Bug Tracker, Cases, Contacts, Leads, Opportunities, Project, ProjectTask, Quotes
*
* @param string $session - Session ID returned by a previous call to login.
* @param string $search_string - string to search
* @param string[] $modules - array of modules to query
* @param int $offset - a specified offset in the query
* @param int $max_results - max number of records to return
* @param string $assigned_user_id - a user id to filter all records by, leave empty to exclude the filter
* @param string[] $select_fields - An array of fields to return. If empty the default return fields will be from the active list view defs.
* @param bool $unified_search_only - A boolean indicating if we should only search against those modules participating in the unified search.
* @param bool $favorites - A boolean indicating if we should only search against records marked as favorites.
* @return Array return_search_result - Array('Accounts' => array(array('name' => 'first_name', 'value' => 'John', 'name' => 'last_name', 'value' => 'Do')))
* @exception 'SoapFault' -- The SOAP error, if any
*/
function search_by_module($session, $search_string, $modules, $offset, $max_results, $assigned_user_id = '', $select_fields = array(), $unified_search_only = TRUE, $favorites = FALSE)
{
$GLOBALS['log']->info('Begin: SugarWebServiceImpl->search_by_module');
global $beanList, $beanFiles;
global $sugar_config, $current_language;
$error = new SoapError();
$output_list = array();
if (!self::$helperObject->checkSessionAndModuleAccess($session, 'invalid_session', '', '', '', $error)) {
$error->set_error('invalid_login');
$GLOBALS['log']->error('End: SugarWebServiceImpl->search_by_module - FAILED on checkSessionAndModuleAccess');
return;
}
global $current_user;
if ($max_results > 0) {
$sugar_config['list_max_entries_per_page'] = $max_results;
}
require_once 'modules/Home/UnifiedSearchAdvanced.php';
require_once 'include/utils.php';
$usa = new UnifiedSearchAdvanced();
if (!file_exists($cachefile = sugar_cached('modules/unified_search_modules.php'))) {
$usa->buildCache();
}
include $cachefile;
$modules_to_search = array();
$unified_search_modules['Users'] = array('fields' => array());
$unified_search_modules['ProjectTask'] = array('fields' => array());
//If we are ignoring the unified search flag within the vardef we need to re-create the search fields. This allows us to search
//against a specific module even though it is not enabled for the unified search within the application.
if (!$unified_search_only) {
foreach ($modules as $singleModule) {
if (!isset($unified_search_modules[$singleModule])) {
$newSearchFields = array('fields' => self::$helperObject->generateUnifiedSearchFields($singleModule));
$unified_search_modules[$singleModule] = $newSearchFields;
}
}
}
foreach ($unified_search_modules as $module => $data) {
if (in_array($module, $modules)) {
$modules_to_search[$module] = $beanList[$module];
}
// if
}
// foreach
$GLOBALS['log']->info('SugarWebServiceImpl->search_by_module - search string = ' . $search_string);
if (!empty($search_string) && isset($search_string)) {
$search_string = trim($GLOBALS['db']->quote(securexss(from_html(clean_string($search_string, 'UNIFIED_SEARCH')))));
foreach ($modules_to_search as $name => $beanName) {
$where_clauses_array = array();
$unifiedSearchFields = array();
foreach ($unified_search_modules[$name]['fields'] as $field => $def) {
$unifiedSearchFields[$name][$field] = $def;
$unifiedSearchFields[$name][$field]['value'] = $search_string;
}
require_once $beanFiles[$beanName];
$seed = new $beanName();
require_once 'include/SearchForm/SearchForm2.php';
if ($beanName == "User" || $beanName == "ProjectTask") {
if (!self::$helperObject->check_modules_access($current_user, $seed->module_dir, 'read')) {
continue;
}
// if
if (!$seed->ACLAccess('ListView')) {
continue;
}
// if
}
if ($beanName != "User" && $beanName != "ProjectTask") {
$searchForm = new SearchForm($seed, $name);
$searchForm->setup(array($name => array()), $unifiedSearchFields, '', 'saved_views');
$where_clauses = $searchForm->generateSearchWhere();
require_once 'include/SearchForm/SearchForm2.php';
$searchForm = new SearchForm($seed, $name);
$searchForm->setup(array($name => array()), $unifiedSearchFields, '', 'saved_views');
$where_clauses = $searchForm->generateSearchWhere();
$emailQuery = false;
$where = '';
if (count($where_clauses) > 0) {
$where = '(' . implode(' ) OR ( ', $where_clauses) . ')';
}
$mod_strings = return_module_language($current_language, $seed->module_dir);
if (count($select_fields) > 0) {
$filterFields = $select_fields;
} else {
if (file_exists('custom/modules/' . $seed->module_dir . '/metadata/listviewdefs.php')) {
require_once 'custom/modules/' . $seed->module_dir . '/metadata/listviewdefs.php';
} else {
require_once 'modules/' . $seed->module_dir . '/metadata/listviewdefs.php';
}
$filterFields = array();
foreach ($listViewDefs[$seed->module_dir] as $colName => $param) {
if (!empty($param['default']) && $param['default'] == true) {
$filterFields[] = strtolower($colName);
}
}
if (!in_array('id', $filterFields)) {
$filterFields[] = 'id';
}
}
//Pull in any db fields used for the unified search query so the correct joins will be added
$selectOnlyQueryFields = array();
foreach ($unifiedSearchFields[$name] as $field => $def) {
if (isset($def['db_field']) && !in_array($field, $filterFields)) {
$filterFields[] = $field;
$selectOnlyQueryFields[] = $field;
}
}
//Add the assigned user filter if applicable
if (!empty($assigned_user_id) && isset($seed->field_defs['assigned_user_id'])) {
$ownerWhere = $seed->getOwnerWhere($assigned_user_id);
$where = "({$where}) AND {$ownerWhere}";
}
if ($beanName == "Employee") {
$where = "({$where}) AND users.deleted = 0 AND users.is_group = 0 AND users.employee_status = 'Active'";
}
$list_params = array();
$ret_array = $seed->create_new_list_query('', $where, $filterFields, $list_params, 0, '', true, $seed, true);
if (empty($params) or !is_array($params)) {
$params = array();
}
if (!isset($params['custom_select'])) {
$params['custom_select'] = '';
}
if (!isset($params['custom_from'])) {
$params['custom_from'] = '';
}
if (!isset($params['custom_where'])) {
$params['custom_where'] = '';
}
if (!isset($params['custom_order_by'])) {
$params['custom_order_by'] = '';
}
$main_query = $ret_array['select'] . $params['custom_select'] . $ret_array['from'] . $params['custom_from'] . $ret_array['where'] . $params['custom_where'] . $ret_array['order_by'] . $params['custom_order_by'];
} else {
if ($beanName == "User") {
$filterFields = array('id', 'user_name', 'first_name', 'last_name', 'email_address');
$main_query = "select users.id, ea.email_address, users.user_name, first_name, last_name from users ";
$main_query = $main_query . " LEFT JOIN email_addr_bean_rel eabl ON eabl.bean_module = '{$seed->module_dir}'\n LEFT JOIN email_addresses ea ON (ea.id = eabl.email_address_id) ";
$main_query = $main_query . "where ((users.first_name like '{$search_string}') or (users.last_name like '{$search_string}') or (users.user_name like '{$search_string}') or (ea.email_address like '{$search_string}')) and users.deleted = 0 and users.is_group = 0 and users.employee_status = 'Active'";
}
// if
if ($beanName == "ProjectTask") {
$filterFields = array('id', 'name', 'project_id', 'project_name');
$main_query = "select {$seed->table_name}.project_task_id id,{$seed->table_name}.project_id, {$seed->table_name}.name, project.name project_name from {$seed->table_name} ";
$seed->add_team_security_where_clause($main_query);
$main_query .= "LEFT JOIN teams ON {$seed->table_name}.team_id=teams.id AND (teams.deleted=0) ";
$main_query .= "LEFT JOIN project ON {$seed->table_name}.project_id = project.id ";
$main_query .= "where {$seed->table_name}.name like '{$search_string}%'";
}
// if
}
// else
$GLOBALS['log']->info('SugarWebServiceImpl->search_by_module - query = ' . $main_query);
if ($max_results < -1) {
$result = $seed->db->query($main_query);
} else {
if ($max_results == -1) {
$limit = $sugar_config['list_max_entries_per_page'];
} else {
$limit = $max_results;
}
$result = $seed->db->limitQuery($main_query, $offset, $limit + 1);
}
$rowArray = array();
while ($row = $seed->db->fetchByAssoc($result)) {
$nameValueArray = array();
foreach ($filterFields as $field) {
if (in_array($field, $selectOnlyQueryFields)) {
continue;
}
$nameValue = array();
if (isset($row[$field])) {
$nameValueArray[$field] = self::$helperObject->get_name_value($field, $row[$field]);
}
// if
}
// foreach
$rowArray[] = $nameValueArray;
}
// while
$output_list[] = array('name' => $name, 'records' => $rowArray);
}
// foreach
$GLOBALS['log']->info('End: SugarWebServiceImpl->search_by_module');
return array('entry_list' => $output_list);
}
// if
return array('entry_list' => $output_list);
}
/**
* search
*
* Search function run when user goes to Show All and runs a search again. This outputs the search results
* calling upon the various listview display functions for each module searched on.
*
* Todo: Sync this up with SugarSpot.php search method.
*
*
*/
function search()
{
$unified_search_modules = $this->getUnifiedSearchModules();
$unified_search_modules_display = $this->getUnifiedSearchModulesDisplay();
require_once 'include/ListView/ListViewSmarty.php';
global $modListHeader, $beanList, $beanFiles, $current_language, $app_strings, $current_user, $mod_strings;
$home_mod_strings = return_module_language($current_language, 'Home');
$this->query_string = $GLOBALS['db']->quote(securexss(from_html(clean_string($this->query_string, 'UNIFIED_SEARCH'))));
if (!empty($_REQUEST['advanced']) && $_REQUEST['advanced'] != 'false') {
$modules_to_search = array();
if (!empty($_REQUEST['search_modules'])) {
foreach (explode(',', $_REQUEST['search_modules']) as $key) {
if (isset($unified_search_modules_display[$key]) && !empty($unified_search_modules_display[$key]['visible'])) {
$modules_to_search[$key] = $beanList[$key];
}
}
}
$current_user->setPreference('showGSDiv', isset($_REQUEST['showGSDiv']) ? $_REQUEST['showGSDiv'] : 'no', 0, 'search');
$current_user->setPreference('globalSearch', $modules_to_search, 0, 'search');
// save selections to user preference
} else {
$users_modules = $current_user->getPreference('globalSearch', 'search');
$modules_to_search = array();
if (!empty($users_modules)) {
// use user's previous selections
foreach ($users_modules as $key => $value) {
if (isset($unified_search_modules_display[$key]) && !empty($unified_search_modules_display[$key]['visible'])) {
$modules_to_search[$key] = $beanList[$key];
}
}
} else {
foreach ($unified_search_modules_display as $module => $data) {
if (!empty($data['visible'])) {
$modules_to_search[$module] = $beanList[$module];
}
}
}
$current_user->setPreference('globalSearch', $modules_to_search, 'search');
}
$templateFile = 'modules/Home/UnifiedSearchAdvancedForm.tpl';
if (file_exists('custom/' . $templateFile)) {
$templateFile = 'custom/' . $templateFile;
}
echo $this->getDropDownDiv($templateFile);
$module_results = array();
$module_counts = array();
$has_results = false;
if (!empty($this->query_string)) {
foreach ($modules_to_search as $moduleName => $beanName) {
require_once $beanFiles[$beanName];
$seed = new $beanName();
$lv = new ListViewSmarty();
$lv->lvd->additionalDetails = false;
$mod_strings = return_module_language($current_language, $seed->module_dir);
//retrieve the original list view defs and store for processing in case of custom layout changes
require 'modules/' . $seed->module_dir . '/metadata/listviewdefs.php';
$orig_listViewDefs = $listViewDefs;
if (file_exists('custom/modules/' . $seed->module_dir . '/metadata/listviewdefs.php')) {
require 'custom/modules/' . $seed->module_dir . '/metadata/listviewdefs.php';
}
if (!isset($listViewDefs) || !isset($listViewDefs[$seed->module_dir])) {
continue;
}
$unifiedSearchFields = array();
$innerJoins = array();
foreach ($unified_search_modules[$moduleName]['fields'] as $field => $def) {
$listViewCheckField = strtoupper($field);
//check to see if the field is in listview defs
if (empty($listViewDefs[$seed->module_dir][$listViewCheckField]['default'])) {
//check to see if field is in original list view defs (in case we are using custom layout defs)
if (!empty($orig_listViewDefs[$seed->module_dir][$listViewCheckField]['default'])) {
//if we are here then the layout has been customized, but the field is still needed for query creation
$listViewDefs[$seed->module_dir][$listViewCheckField] = $orig_listViewDefs[$seed->module_dir][$listViewCheckField];
}
}
//bug: 34125 we might want to try to use the LEFT JOIN operator instead of the INNER JOIN in the case we are
//joining against a field that has not been populated.
if (!empty($def['innerjoin'])) {
if (empty($def['db_field'])) {
continue;
}
$innerJoins[$field] = $def;
$def['innerjoin'] = str_replace('INNER', 'LEFT', $def['innerjoin']);
}
if (isset($seed->field_defs[$field]['type'])) {
$type = $seed->field_defs[$field]['type'];
if ($type == 'int' && !is_numeric($this->query_string)) {
continue;
}
}
$unifiedSearchFields[$moduleName][$field] = $def;
$unifiedSearchFields[$moduleName][$field]['value'] = $this->query_string;
}
/*
* Use searchForm2->generateSearchWhere() to create the search query, as it can generate SQL for the full set of comparisons required
* generateSearchWhere() expects to find the search conditions for a field in the 'value' parameter of the searchFields entry for that field
*/
require_once $beanFiles[$beanName];
$seed = new $beanName();
require_once $this->searchFormPath;
$searchForm = new $this->searchFormClass($seed, $moduleName);
$searchForm->setup(array($moduleName => array()), $unifiedSearchFields, '', 'saved_views');
$where_clauses = $searchForm->generateSearchWhere();
//add inner joins back into the where clause
$params = array('custom_select' => "");
foreach ($innerJoins as $field => $def) {
if (isset($def['db_field'])) {
foreach ($def['db_field'] as $dbfield) {
$where_clauses[] = $dbfield . " LIKE '" . $this->query_string . "%'";
}
$params['custom_select'] .= ", {$dbfield}";
$params['distinct'] = true;
//$filterFields[$dbfield] = $dbfield;
}
}
if (count($where_clauses) > 0) {
$where = '((' . implode(' ) OR ( ', $where_clauses) . '))';
} else {
/* Clear $where from prev. module
if in current module $where_clauses */
$where = '';
}
$displayColumns = array();
foreach ($listViewDefs[$seed->module_dir] as $colName => $param) {
if (!empty($param['default']) && $param['default'] == true) {
$param['url_sort'] = true;
//bug 27933
$displayColumns[$colName] = $param;
}
}
if (count($displayColumns) > 0) {
$lv->displayColumns = $displayColumns;
} else {
$lv->displayColumns = $listViewDefs[$seed->module_dir];
}
$lv->export = false;
$lv->mergeduplicates = false;
$lv->multiSelect = false;
$lv->delete = false;
$lv->select = false;
$lv->showMassupdateFields = false;
$lv->email = false;
$lv->setup($seed, 'include/ListView/ListViewNoMassUpdate.tpl', $where, $params, 0, 10);
$module_results[$moduleName] = '<br /><br />' . get_form_header($GLOBALS['app_list_strings']['moduleList'][$seed->module_dir] . ' (' . $lv->data['pageData']['offsets']['total'] . ')', '', false);
$module_counts[$moduleName] = $lv->data['pageData']['offsets']['total'];
if ($lv->data['pageData']['offsets']['total'] == 0) {
//$module_results[$moduleName] .= "<li class='noBullet' id='whole_subpanel_{$moduleName}'><div id='div_{$moduleName}'><h2>" . $home_mod_strings['LBL_NO_RESULTS_IN_MODULE'] . '</h2></div></li>';
$module_results[$moduleName] .= '<h2>' . $home_mod_strings['LBL_NO_RESULTS_IN_MODULE'] . '</h2>';
} else {
$has_results = true;
//$module_results[$moduleName] .= "<li class='noBullet' id='whole_subpanel_{$moduleName}'><div id='div_{$moduleName}'>" . $lv->display(false, false) . '</div></li>';
$module_results[$moduleName] .= $lv->display(false, false);
}
}
}
if ($has_results) {
foreach ($module_counts as $name => $value) {
echo $module_results[$name];
}
} else {
if (empty($_REQUEST['form_only'])) {
echo $home_mod_strings['LBL_NO_RESULTS'];
echo $home_mod_strings['LBL_NO_RESULTS_TIPS'];
}
}
}
function display()
{
global $popupMeta, $mod_strings;
if ($this->bean instanceof SugarBean && !$this->bean->ACLAccess('list')) {
ACLController::displayNoAccess();
sugar_cleanup(true);
}
if (isset($_REQUEST['metadata']) && strpos($_REQUEST['metadata'], "..") !== false) {
die("Directory navigation attack denied.");
}
if (!empty($_REQUEST['metadata']) && $_REQUEST['metadata'] != 'undefined' && file_exists('custom/modules/' . $this->module . '/metadata/' . $_REQUEST['metadata'] . '.php')) {
require 'custom/modules/' . $this->module . '/metadata/' . $_REQUEST['metadata'] . '.php';
} elseif (!empty($_REQUEST['metadata']) && $_REQUEST['metadata'] != 'undefined' && file_exists('modules/' . $this->module . '/metadata/' . $_REQUEST['metadata'] . '.php')) {
require 'modules/' . $this->module . '/metadata/' . $_REQUEST['metadata'] . '.php';
} elseif (file_exists('custom/modules/' . $this->module . '/metadata/popupdefs.php')) {
require 'custom/modules/' . $this->module . '/metadata/popupdefs.php';
} elseif (file_exists('modules/' . $this->module . '/metadata/popupdefs.php')) {
require 'modules/' . $this->module . '/metadata/popupdefs.php';
}
if (!empty($popupMeta) && !empty($popupMeta['listviewdefs'])) {
if (is_array($popupMeta['listviewdefs'])) {
//if we have an array, then we are not going to include a file, but rather the
//listviewdefs will be defined directly in the popupdefs file
$listViewDefs[$this->module] = $popupMeta['listviewdefs'];
} else {
//otherwise include the file
require_once $popupMeta['listviewdefs'];
}
} elseif (file_exists('custom/modules/' . $this->module . '/metadata/listviewdefs.php')) {
require_once 'custom/modules/' . $this->module . '/metadata/listviewdefs.php';
} elseif (file_exists('modules/' . $this->module . '/metadata/listviewdefs.php')) {
require_once 'modules/' . $this->module . '/metadata/listviewdefs.php';
}
//check for searchdefs as well
if (!empty($popupMeta) && !empty($popupMeta['searchdefs'])) {
if (is_array($popupMeta['searchdefs'])) {
//if we have an array, then we are not going to include a file, but rather the
//searchdefs will be defined directly in the popupdefs file
$searchdefs[$this->module]['layout']['advanced_search'] = $popupMeta['searchdefs'];
} else {
//otherwise include the file
require_once $popupMeta['searchdefs'];
}
} else {
if (empty($searchdefs) && file_exists('custom/modules/' . $this->module . '/metadata/searchdefs.php')) {
require_once 'custom/modules/' . $this->module . '/metadata/searchdefs.php';
} else {
if (empty($searchdefs) && file_exists('modules/' . $this->module . '/metadata/searchdefs.php')) {
require_once 'modules/' . $this->module . '/metadata/searchdefs.php';
}
}
}
//if you click the pagination button, it will populate the search criteria here
if (!empty($this->bean) && isset($_REQUEST[$this->module . '2_' . strtoupper($this->bean->object_name) . '_offset'])) {
if (!empty($_REQUEST['current_query_by_page'])) {
$blockVariables = array('mass', 'uid', 'massupdate', 'delete', 'merge', 'selectCount', 'sortOrder', 'orderBy', 'request_data', 'current_query_by_page');
$current_query_by_page = unserialize(base64_decode($_REQUEST['current_query_by_page']));
foreach ($current_query_by_page as $search_key => $search_value) {
if ($search_key != $this->module . '2_' . strtoupper($this->bean->object_name) . '_offset' && !in_array($search_key, $blockVariables)) {
if (!is_array($search_value)) {
$_REQUEST[$search_key] = securexss($search_value);
} else {
foreach ($search_value as $key => &$val) {
$val = securexss($val);
}
$_REQUEST[$search_key] = $search_value;
}
}
}
}
}
if (!empty($listViewDefs) && !empty($searchdefs)) {
require_once 'include/Popups/PopupSmarty.php';
$displayColumns = array();
$filter_fields = array();
$popup = new PopupSmarty($this->bean, $this->module);
foreach ($listViewDefs[$this->module] as $col => $params) {
$filter_fields[strtolower($col)] = true;
if (!empty($params['related_fields'])) {
foreach ($params['related_fields'] as $field) {
//id column is added by query construction function. This addition creates duplicates
//and causes issues in oracle. #10165
if ($field != 'id') {
$filter_fields[$field] = true;
}
}
}
if (!empty($params['default']) && $params['default']) {
$displayColumns[$col] = $params;
}
}
$popup->displayColumns = $displayColumns;
$popup->filter_fields = $filter_fields;
$popup->mergeDisplayColumns = true;
//check to see if popupdefs contains searchdefs
$popup->_popupMeta = $popupMeta;
$popup->listviewdefs = $listViewDefs;
$popup->searchdefs = $searchdefs;
if (isset($_REQUEST['query'])) {
$popup->searchForm->populateFromRequest();
}
$massUpdateData = '';
if (isset($_REQUEST['mass'])) {
foreach (array_unique($_REQUEST['mass']) as $record) {
$massUpdateData .= "<input style='display: none' checked type='checkbox' name='mass[]' value='{$record}'>\n";
}
}
$popup->massUpdateData = $massUpdateData;
$tpl = 'include/Popups/tpls/PopupGeneric.tpl';
if (file_exists($this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupGeneric.tpl"))) {
$tpl = $this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupGeneric.tpl");
}
if (file_exists($this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupHeader.tpl"))) {
$popup->headerTpl = $this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupHeader.tpl");
}
if (file_exists($this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupFooter.tpl"))) {
$popup->footerTpl = $this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupFooter.tpl");
}
$popup->setup($tpl);
//We should at this point show the header and javascript even if to_pdf is true.
//The insert_popup_header javascript is incomplete and shouldn't be relied on.
if (isset($this->options['show_all']) && $this->options['show_all'] == false) {
unset($this->options['show_all']);
$this->options['show_javascript'] = true;
$this->options['show_header'] = true;
$this->_displayJavascript();
}
insert_popup_header(null, false);
if (isset($this->override_popup['template_data']) && is_array($this->override_popup['template_data'])) {
$popup->th->ss->assign($this->override_popup['template_data']);
}
echo $popup->display();
} else {
if (file_exists('modules/' . $this->module . '/Popup_picker.php')) {
require_once 'modules/' . $this->module . '/Popup_picker.php';
} else {
require_once 'include/Popups/Popup_picker.php';
}
$popup = new Popup_Picker();
$popup->_hide_clear_button = true;
echo $popup->process_page();
}
}
function listViewPrepare()
{
$module = $GLOBALS['module'];
$metadataFile = $this->getMetaDataFile();
if (!file_exists($metadataFile)) {
sugar_die($GLOBALS['app_strings']['LBL_NO_ACTION']);
}
require $metadataFile;
$this->listViewDefs = $listViewDefs;
if (!empty($this->bean->object_name) && isset($_REQUEST[$module . '2_' . strtoupper($this->bean->object_name) . '_offset'])) {
//if you click the pagination button, it will populate the search criteria here
if (!empty($_REQUEST['current_query_by_page'])) {
//The code support multi browser tabs pagination
$blockVariables = array('mass', 'uid', 'massupdate', 'delete', 'merge', 'selectCount', 'request_data', 'current_query_by_page', $module . '2_' . strtoupper($this->bean->object_name) . '_ORDER_BY');
if (isset($_REQUEST['lvso'])) {
$blockVariables[] = 'lvso';
}
$current_query_by_page = sugar_unserialize(base64_decode($_REQUEST['current_query_by_page']));
foreach ($current_query_by_page as $search_key => $search_value) {
if ($search_key != $module . '2_' . strtoupper($this->bean->object_name) . '_offset' && !in_array($search_key, $blockVariables)) {
if (!is_array($search_value)) {
$_REQUEST[$search_key] = securexss($search_value);
} else {
foreach ($search_value as $key => &$val) {
$val = securexss($val);
}
$_REQUEST[$search_key] = $search_value;
}
}
}
}
}
if (!empty($_REQUEST['saved_search_select'])) {
if ($_REQUEST['saved_search_select'] == '_none' || !empty($_REQUEST['button'])) {
$_SESSION['LastSavedView'][$_REQUEST['module']] = '';
unset($_REQUEST['saved_search_select']);
unset($_REQUEST['saved_search_select_name']);
//use the current search module, or the current module to clear out layout changes
if (!empty($_REQUEST['search_module']) || !empty($_REQUEST['module'])) {
$mod = !empty($_REQUEST['search_module']) ? $_REQUEST['search_module'] : $_REQUEST['module'];
global $current_user;
//Reset the current display columns to default.
$current_user->setPreference('ListViewDisplayColumns', array(), 0, $mod);
}
} else {
if (empty($_REQUEST['button']) && (empty($_REQUEST['clear_query']) || $_REQUEST['clear_query'] != 'true')) {
$this->saved_search = loadBean('SavedSearch');
$this->saved_search->retrieveSavedSearch($_REQUEST['saved_search_select']);
$this->saved_search->populateRequest();
} elseif (!empty($_REQUEST['button'])) {
// click the search button, after retrieving from saved_search
$_SESSION['LastSavedView'][$_REQUEST['module']] = '';
unset($_REQUEST['saved_search_select']);
unset($_REQUEST['saved_search_select_name']);
}
}
}
$this->storeQuery = new StoreQuery();
if (!isset($_REQUEST['query'])) {
$this->storeQuery->loadQuery($this->module);
$this->storeQuery->populateRequest();
} else {
$this->storeQuery->saveFromRequest($this->module);
}
$this->seed = $this->bean;
$displayColumns = array();
if (!empty($_REQUEST['displayColumns'])) {
foreach (explode('|', $_REQUEST['displayColumns']) as $num => $col) {
if (!empty($this->listViewDefs[$module][$col])) {
$displayColumns[$col] = $this->listViewDefs[$module][$col];
}
}
} else {
foreach ($this->listViewDefs[$module] as $col => $this->params) {
if (!empty($this->params['default']) && $this->params['default']) {
$displayColumns[$col] = $this->params;
}
}
}
$this->params = array('massupdate' => true);
if (!empty($_REQUEST['orderBy'])) {
$this->params['orderBy'] = $_REQUEST['orderBy'];
$this->params['overrideOrder'] = true;
if (!empty($_REQUEST['sortOrder'])) {
$this->params['sortOrder'] = $_REQUEST['sortOrder'];
}
}
$this->lv->displayColumns = $displayColumns;
$this->module = $module;
$this->prepareSearchForm();
if (isset($this->options['show_title']) && $this->options['show_title']) {
$moduleName = isset($this->seed->module_dir) ? $this->seed->module_dir : $GLOBALS['mod_strings']['LBL_MODULE_NAME'];
echo $this->getModuleTitle(true);
}
}
function preprocess_param($value)
{
if (is_string($value)) {
if (get_magic_quotes_gpc() == 1) {
$value = stripslashes($value);
}
$value = securexss($value);
} else {
if (is_array($value)) {
foreach ($value as $key => $element) {
$value[$key] = preprocess_param($element);
}
}
}
return $value;
}
function search()
{
if (!file_exists($GLOBALS['sugar_config']['cache_dir'] . 'modules/unified_search_modules.php')) {
$this->buildCache();
}
include $GLOBALS['sugar_config']['cache_dir'] . 'modules/unified_search_modules.php';
require_once 'include/ListView/ListViewSmarty.php';
global $modListHeader, $beanList, $beanFiles, $current_language, $app_strings, $current_user, $mod_strings;
$home_mod_strings = return_module_language($current_language, 'Home');
$overlib = true;
$this->query_string = $GLOBALS['db']->quote(securexss(from_html(clean_string($this->query_string, 'UNIFIED_SEARCH'))));
if (!empty($_REQUEST['advanced']) && $_REQUEST['advanced'] != 'false') {
$modules_to_search = array();
foreach ($_REQUEST as $param => $value) {
if (preg_match('/^search_mod_(.*)$/', $param, $match)) {
$modules_to_search[$match[1]] = $beanList[$match[1]];
}
}
$current_user->setPreference('globalSearch', $modules_to_search, 0, 'search');
// save selections to user preference
} else {
$users_modules = $current_user->getPreference('globalSearch', 'search');
if (isset($users_modules)) {
// use user's previous selections
foreach ($users_modules as $key => $value) {
if (isset($unified_search_modules[$key])) {
$modules_to_search[$key] = $value;
}
}
} else {
// select all the modules (ie first time user has used global search)
foreach ($unified_search_modules as $module => $data) {
if (!empty($data['default'])) {
$modules_to_search[$module] = $beanList[$module];
}
}
}
$current_user->setPreference('globalSearch', $modules_to_search, 'search');
}
echo $this->getDropDownDiv('modules/Home/UnifiedSearchAdvancedForm.tpl');
$module_results = array();
$module_counts = array();
$has_results = false;
if (!empty($this->query_string)) {
foreach ($modules_to_search as $moduleName => $beanName) {
$unifiedSearchFields = array();
$innerJoins = array();
foreach ($unified_search_modules[$moduleName]['fields'] as $field => $def) {
//bug: 34125 we might want to try to use the LEFT JOIN operator instead of the INNER JOIN in the case we are
//joining against a field that has not been populated.
if (!empty($def['innerjoin'])) {
if (empty($def['db_field'])) {
continue;
}
$innerJoins[$field] = $def;
$def['innerjoin'] = str_replace('INNER', 'LEFT', $def['innerjoin']);
}
$unifiedSearchFields[$moduleName][$field] = $def;
$unifiedSearchFields[$moduleName][$field]['value'] = $this->query_string;
}
/*
* Use searchForm2->generateSearchWhere() to create the search query, as it can generate SQL for the full set of comparisons required
* generateSearchWhere() expects to find the search conditions for a field in the 'value' parameter of the searchFields entry for that field
*/
require_once $beanFiles[$beanName];
$seed = new $beanName();
require_once 'include/SearchForm/SearchForm2.php';
$searchForm = new SearchForm($seed, $moduleName);
$searchForm->setup(array($moduleName => array()), $unifiedSearchFields, '', 'saved_views');
$where_clauses = $searchForm->generateSearchWhere();
//add inner joins back into the where clause
$params = array('custom_select' => "");
foreach ($innerJoins as $field => $def) {
if (isset($def['db_field'])) {
foreach ($def['db_field'] as $dbfield) {
$where_clauses[] = $dbfield . " LIKE '" . $this->query_string . "%'";
}
$params['custom_select'] .= ", {$dbfield}";
$params['distinct'] = true;
//$filterFields[$dbfield] = $dbfield;
}
}
if (count($where_clauses) > 0) {
$where = '((' . implode(' ) OR ( ', $where_clauses) . '))';
}
$lv = new ListViewSmarty();
$lv->lvd->additionalDetails = false;
$mod_strings = return_module_language($current_language, $seed->module_dir);
if (file_exists('custom/modules/' . $seed->module_dir . '/metadata/listviewdefs.php')) {
require_once 'custom/modules/' . $seed->module_dir . '/metadata/listviewdefs.php';
} else {
require_once 'modules/' . $seed->module_dir . '/metadata/listviewdefs.php';
}
if (!isset($listViewDefs) || !isset($listViewDefs[$seed->module_dir])) {
continue;
}
$displayColumns = array();
foreach ($listViewDefs[$seed->module_dir] as $colName => $param) {
if (!empty($param['default']) && $param['default'] == true) {
$param['url_sort'] = true;
//bug 27933
$displayColumns[$colName] = $param;
}
}
if (count($displayColumns) > 0) {
$lv->displayColumns = $displayColumns;
} else {
$lv->displayColumns = $listViewDefs[$seed->module_dir];
}
$lv->export = false;
$lv->mergeduplicates = false;
$lv->multiSelect = false;
$lv->delete = false;
$lv->select = false;
$lv->showMassupdateFields = false;
if ($overlib) {
$lv->overlib = true;
$overlib = false;
} else {
$lv->overlib = false;
}
$lv->setup($seed, 'include/ListView/ListViewGeneric.tpl', $where, $params, 0, 10);
$module_results[$moduleName] = '<br /><br />' . get_form_header($GLOBALS['app_list_strings']['moduleList'][$seed->module_dir] . ' (' . $lv->data['pageData']['offsets']['total'] . ')', '', false);
$module_counts[$moduleName] = $lv->data['pageData']['offsets']['total'];
if ($lv->data['pageData']['offsets']['total'] == 0) {
$module_results[$moduleName] .= '<h2>' . $home_mod_strings['LBL_NO_RESULTS_IN_MODULE'] . '</h2>';
} else {
$has_results = true;
$module_results[$moduleName] .= $lv->display(false, false);
}
}
}
if ($has_results) {
arsort($module_counts);
foreach ($module_counts as $name => $value) {
echo $module_results[$name];
}
} else {
echo '<br>';
echo $home_mod_strings['LBL_NO_RESULTS'];
echo $home_mod_strings['LBL_NO_RESULTS_TIPS'];
}
}
function search()
{
if (!file_exists($GLOBALS['sugar_config']['cache_dir'] . 'modules/unified_search_modules.php')) {
$this->buildCache();
}
include $GLOBALS['sugar_config']['cache_dir'] . 'modules/unified_search_modules.php';
require_once 'include/ListView/ListViewSmarty.php';
global $modListHeader, $beanList, $beanFiles, $current_language, $app_strings, $current_user, $mod_strings;
$home_mod_strings = return_module_language($current_language, 'Home');
$overlib = true;
$_REQUEST['query_string'] = $GLOBALS['db']->quote(securexss(from_html(clean_string($_REQUEST['query_string'], 'UNIFIED_SEARCH'))));
if (!empty($_REQUEST['advanced']) && $_REQUEST['advanced'] != 'false') {
$modules_to_search = array();
foreach ($_REQUEST as $param => $value) {
if (preg_match('/^search_mod_(.*)$/', $param, $match)) {
$modules_to_search[$match[1]] = $beanList[$match[1]];
}
}
$current_user->setPreference('globalSearch', $modules_to_search, 0, 'search');
// save selections to user preference
} else {
$users_modules = $current_user->getPreference('globalSearch', 'search');
if (isset($users_modules)) {
// use user's previous selections
$modules_to_search = $users_modules;
} else {
// select all the modules (ie first time user has used global search)
foreach ($unified_search_modules as $module => $data) {
$modules_to_search[$module] = $beanList[$module];
}
$current_user->setPreference('globalSearch', $modules_to_search, 'search');
}
}
echo $this->getDropDownDiv('modules/Home/UnifiedSearchAdvancedForm.tpl');
$module_results = array();
$module_counts = array();
$has_results = false;
if (!empty($_REQUEST['query_string'])) {
// MFH BUG 15404: Added support to trim off whitespace at the beginning and end of a search string
$_REQUEST['query_string'] = trim($_REQUEST['query_string']);
foreach ($modules_to_search as $moduleName => $beanName) {
if (array_key_exists($moduleName, $modListHeader)) {
$unifiedSearchFields = array();
foreach ($unified_search_modules[$moduleName]['fields'] as $field => $def) {
$unifiedSearchFields[$moduleName][$field] = $def;
$unifiedSearchFields[$moduleName][$field]['value'] = $_REQUEST['query_string'];
}
/*
* Use searchForm2->generateSearchWhere() to create the search query, as it can generate SQL for the full set of comparisons required
* generateSearchWhere() expects to find the search conditions for a field in the 'value' parameter of the searchFields entry for that field
*/
require_once $beanFiles[$beanName];
$seed = new $beanName();
require_once 'include/SearchForm/SearchForm2.php';
$searchForm = new SearchForm($seed, $moduleName);
$searchForm->setup(array($moduleName => array()), $unifiedSearchFields, '', 'saved_views');
$where_clauses = $searchForm->generateSearchWhere();
if (count($where_clauses) > 0) {
$where = '(' . implode(' ) OR ( ', $where_clauses) . ')';
}
$lv = new ListViewSmarty();
$lv->lvd->additionalDetails = false;
$mod_strings = return_module_language($current_language, $seed->module_dir);
if (file_exists('custom/modules/' . $seed->module_dir . '/metadata/listviewdefs.php')) {
require_once 'custom/modules/' . $seed->module_dir . '/metadata/listviewdefs.php';
} else {
require_once 'modules/' . $seed->module_dir . '/metadata/listviewdefs.php';
}
$displayColumns = array();
foreach ($listViewDefs[$seed->module_dir] as $colName => $param) {
if (!empty($param['default']) && $param['default'] == true) {
$param['url_sort'] = true;
//bug 27933
$displayColumns[$colName] = $param;
}
}
if (count($displayColumns) > 0) {
$lv->displayColumns = $displayColumns;
} else {
$lv->displayColumns = $listViewDefs[$seed->module_dir];
}
$lv->export = false;
$lv->mergeduplicates = false;
$lv->multiSelect = false;
$lv->delete = false;
$lv->select = false;
if ($overlib) {
$lv->overlib = true;
$overlib = false;
} else {
$lv->overlib = false;
}
$lv->setup($seed, 'include/ListView/ListViewGeneric.tpl', $where, 0, 10);
$module_results[$moduleName] = '<br /><br />' . get_form_header($GLOBALS['app_list_strings']['moduleList'][$seed->module_dir] . ' (' . $lv->data['pageData']['offsets']['total'] . ')', '', false);
$module_counts[$moduleName] = $lv->data['pageData']['offsets']['total'];
if ($lv->data['pageData']['offsets']['total'] == 0) {
$module_results[$moduleName] .= '<h2>' . $home_mod_strings['LBL_NO_RESULTS_IN_MODULE'] . '</h2>';
} else {
$has_results = true;
$module_results[$moduleName] .= $lv->display(false, false);
}
}
}
}
if ($has_results) {
arsort($module_counts);
foreach ($module_counts as $name => $value) {
echo $module_results[$name];
}
} else {
echo '<br>';
echo $home_mod_strings['LBL_NO_RESULTS'];
echo $home_mod_strings['LBL_NO_RESULTS_TIPS'];
}
}
/**
* Given a list of modules to search and a search string, return the id, module_name, along with the fields
* We will support Accounts, Bug Tracker, Cases, Contacts, Leads, Opportunities, Project, ProjectTask, Quotes
*
* @param string $session - Session ID returned by a previous call to login.
* @param string $search_string - string to search
* @param string[] $modules - array of modules to query
* @param int $offset - a specified offset in the query
* @param int $max_results - max number of records to return
* @return Array 'entry_list' -- Array('Accounts' => array(array('name' => 'first_name', 'value' => 'John', 'name' => 'last_name', 'value' => 'Do')))
* @exception 'SoapFault' -- The SOAP error, if any
*/
function search_by_module($session, $search_string, $modules, $offset, $max_results)
{
$GLOBALS['log']->info('Begin: SugarWebServiceImpl->search_by_module');
global $beanList, $beanFiles;
global $sugar_config, $current_language;
$error = new SoapError();
$output_list = array();
if (!self::$helperObject->checkSessionAndModuleAccess($session, 'invalid_session', '', '', '', $error)) {
$error->set_error('invalid_login');
$GLOBALS['log']->info('End: SugarWebServiceImpl->search_by_module');
return;
}
global $current_user;
if ($max_results > 0) {
$sugar_config['list_max_entries_per_page'] = $max_results;
}
require_once 'modules/Home/UnifiedSearchAdvanced.php';
require_once 'include/utils.php';
$usa = new UnifiedSearchAdvanced();
if (!file_exists($cachedfile = sugar_cached('modules/unified_search_modules.php'))) {
$usa->buildCache();
}
include $cachedfile;
$modules_to_search = array();
$unified_search_modules['Users'] = array('fields' => array());
$unified_search_modules['ProjectTask'] = array('fields' => array());
foreach ($unified_search_modules as $module => $data) {
if (in_array($module, $modules)) {
$modules_to_search[$module] = $beanList[$module];
}
// if
}
// foreach
$GLOBALS['log']->info('SugarWebServiceImpl->search_by_module - search string = ' . $search_string);
if (!empty($search_string) && isset($search_string)) {
$search_string = trim($GLOBALS['db']->quote(securexss(from_html(clean_string($search_string, 'UNIFIED_SEARCH')))));
foreach ($modules_to_search as $name => $beanName) {
$where_clauses_array = array();
$unifiedSearchFields = array();
foreach ($unified_search_modules[$name]['fields'] as $field => $def) {
$unifiedSearchFields[$name][$field] = $def;
$unifiedSearchFields[$name][$field]['value'] = $search_string;
}
$seed = BeanFactory::getBean($name);
require_once 'include/SearchForm/SearchForm2.php';
if ($beanName == "User" || $beanName == "ProjectTask") {
if (!self::$helperObject->check_modules_access($current_user, $seed->module_dir, 'read')) {
continue;
}
// if
if (!$seed->ACLAccess('ListView')) {
continue;
}
// if
}
if ($beanName != "User" && $beanName != "ProjectTask") {
$searchForm = new SearchForm($seed, $name);
$searchForm->setup(array($name => array()), $unifiedSearchFields, '', 'saved_views');
$where_clauses = $searchForm->generateSearchWhere();
require_once 'include/SearchForm/SearchForm2.php';
$searchForm = new SearchForm($seed, $name);
$searchForm->setup(array($name => array()), $unifiedSearchFields, '', 'saved_views');
$where_clauses = $searchForm->generateSearchWhere();
$emailQuery = false;
$where = '';
if (count($where_clauses) > 0) {
$where = '(' . implode(' ) OR ( ', $where_clauses) . ')';
}
$mod_strings = return_module_language($current_language, $seed->module_dir);
require_once SugarAutoLoader::loadWithMetafiles($seed->module_dir, 'listviewdefs');
$filterFields = array();
foreach ($listViewDefs[$seed->module_dir] as $colName => $param) {
if (!empty($param['default']) && $param['default'] == true) {
$filterFields[] = strtolower($colName);
}
// if
}
// foreach
if (!in_array('id', $filterFields)) {
$filterFields[] = 'id';
}
// if
$ret_array = $seed->create_new_list_query('', $where, $filterFields, array(), 0, '', true, $seed, true);
if (empty($params) or !is_array($params)) {
$params = array();
}
if (!isset($params['custom_select'])) {
$params['custom_select'] = '';
}
if (!isset($params['custom_from'])) {
$params['custom_from'] = '';
}
if (!isset($params['custom_where'])) {
$params['custom_where'] = '';
}
if (!isset($params['custom_order_by'])) {
$params['custom_order_by'] = '';
}
$main_query = $ret_array['select'] . $params['custom_select'] . $ret_array['from'] . $params['custom_from'] . $ret_array['where'] . $params['custom_where'] . $ret_array['order_by'] . $params['custom_order_by'];
} else {
if ($beanName == "User") {
// $search_string gets cleaned above, so we can use it here
$filterFields = array('id', 'user_name', 'first_name', 'last_name', 'email_address');
$main_query = "select users.id, ea.email_address, users.user_name, first_name, last_name from users ";
$main_query = $main_query . " LEFT JOIN email_addr_bean_rel eabl ON eabl.bean_module = '{$seed->module_dir}'\nLEFT JOIN email_addresses ea ON (ea.id = eabl.email_address_id) ";
$main_query = $main_query . "where ((users.first_name like '{$search_string}') or (users.last_name like '{$search_string}') or (users.user_name like '{$search_string}') or (ea.email_address like '{$search_string}')) and users.deleted = 0 and users.is_group = 0 and users.employee_status = 'Active'";
}
// if
if ($beanName == "ProjectTask") {
// $search_string gets cleaned above, so we can use it here
$filterFields = array('id', 'name', 'project_id', 'project_name');
$main_query = "select {$seed->table_name}.project_task_id id,{$seed->table_name}.project_id, {$seed->table_name}.name, project.name project_name from {$seed->table_name} ";
$seed->add_team_security_where_clause($main_query);
$main_query .= "LEFT JOIN teams ON {$seed->table_name}.team_id=teams.id AND (teams.deleted=0) ";
$main_query .= "LEFT JOIN project ON {$seed->table_name}.project_id = project.id ";
$main_query .= "where {$seed->table_name}.name like '{$search_string}%'";
}
// if
}
// else
$GLOBALS['log']->info('SugarWebServiceImpl->search_by_module - query = ' . $main_query);
if ($max_results < -1) {
$result = $seed->db->query($main_query);
} else {
if ($max_results == -1) {
$limit = $sugar_config['list_max_entries_per_page'];
} else {
$limit = $max_results;
}
$result = $seed->db->limitQuery($main_query, $offset, $limit + 1);
}
$rowArray = array();
while ($row = $seed->db->fetchByAssoc($result)) {
$nameValueArray = array();
foreach ($filterFields as $field) {
$nameValue = array();
if (isset($row[$field])) {
$nameValueArray[$field] = self::$helperObject->get_name_value($field, $row[$field]);
}
// if
}
// foreach
$rowArray[] = $nameValueArray;
}
// while
$output_list[] = array('name' => $name, 'records' => $rowArray);
}
// foreach
$GLOBALS['log']->info('End: SugarWebServiceImpl->search_by_module');
return array('entry_list' => $output_list);
}
// if
return array('entry_list' => $output_list);
}
