function search($where, $keyword, $exact_phrase, $case_sensitivity, $search_array) { global $pdo; $remain = ''; if ($exact_phrase != 'on') { $keyword = '%' . $keyword . '%'; } if ($case_sensitivity != 'on') { $equate = ' LIKE '; } else { $equate = ' LIKE BINARY '; } $query_pre = "\n SELECT\n d.id\n FROM\n {$GLOBALS['CONFIG']['db_prefix']}data as d,\n {$GLOBALS['CONFIG']['db_prefix']}user as u,\n {$GLOBALS['CONFIG']['db_prefix']}department dept,\n {$GLOBALS['CONFIG']['db_prefix']}category as c "; $query = "\n WHERE\n d.owner = u.id\n AND\n d.department = dept.id\n AND\n d.category = c.id AND (\n "; $author_first_name = ''; $author_last_name = ''; $use_uid = false; switch ($where) { // Put all the category for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the category array are synchronized. case 'author_locked_files': $use_uid = true; $query .= "d.status {$equate} :keyword AND d.owner = :uid "; break; // Put all the category for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the category array are synchronized. // Put all the category for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the category array are synchronized. case 'category': $query .= "c.name {$equate} :keyword "; break; // Put all the author name for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the author name array are synchronized. // Put all the author name for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the author name array are synchronized. case 'author': if ($exact_phrase == 'on') { $author_first_name = substr($keyword, strpos($keyword, ' ') + 1); $author_last_name = substr($keyword, 0, strpos($keyword, ' ')); $query .= " u.first_name {$equate} :author_first_name AND u.last_name {$equate} :author_last_name "; } else { $query .= " u.first_name {$equate} :keyword OR u.last_name {$equate} :keyword "; } break; // Put all the department name for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the department name array are synchronized.case 'department': // Put all the department name for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the department name array are synchronized.case 'department': case 'department': $query .= "dept.name {$equate} :keyword "; break; // Put all the description for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the description array are synchronized. // Put all the description for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the description array are synchronized. case 'descriptions': $query .= "d.description {$equate} :keyword "; break; // Put all the file name for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the file name array are synchronized. // Put all the file name for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the file name array are synchronized. case 'filenames': $query .= "d.realname {$equate} :keyword "; break; // Put all the comments for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the comments array are synchronized. // Put all the comments for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the comments array are synchronized. case 'comments': $query .= "d.comment {$equate} :keyword "; break; case 'file_id': $query .= "d.id {$equate} :keyword "; break; case 'all': $query .= "c.name {$equate} :keyword OR " . "u.first_name {$equate} :keyword OR u.last_name {$equate} :keyword OR " . "dept.name {$equate} :keyword OR " . "d.description {$equate} :keyword OR " . "d.realname {$equate} :keyword OR " . "d.comment {$equate} :keyword "; break; default: list($query_pre, $query) = udf_functions_search($where, $query_pre, $query, $equate, $keyword); break; } $query .= ") ORDER BY d.id ASC"; $final_query = $query_pre . $query; $stmt = $pdo->prepare($final_query); if (!empty($use_uid)) { $stmt->bindParam(':uid', $_SESSION['uid']); $stmt->bindParam(':keyword', $keyword); } elseif (!empty($author_last_name) && $exact_phrase == 'on') { $stmt->bindParam(':author_first_name', $author_first_name); $stmt->bindParam(':author_last_name', $author_last_name); } else { $stmt->bindParam(':keyword', $keyword); } $stmt->execute(); $result = $stmt->fetchAll(); $index = 0; $id_array = array(); foreach ($result as $row) { $id_array[$index++] = $row['id']; $index++; } if (@$remain != '' && $exact_phrase != "on") { return array_values(array_unique(array_merge($id_array, search($where, substr($remain, 1), $exact_phrase, $case_sensitivity, $search_array)))); } return array_values(array_intersect($id_array, $search_array)); }
function search($lwhere, $lkeyword, $lexact_phrase, $lcase_sensitivity, $lsearch_array) { $lequate = '='; $l_remain = ''; if ($lexact_phrase != 'on') { $lkeyword = '%' . $lkeyword . '%'; } if ($lcase_sensitivity != 'on') { $lequate = ' LIKE '; } else { $lequate = ' COLLATE latin1_general_cs LIKE '; } $lkeyword = addslashes($lkeyword); $lquery_pre = "SELECT {$GLOBALS['CONFIG']['db_prefix']}data.id FROM {$GLOBALS['CONFIG']['db_prefix']}data, {$GLOBALS['CONFIG']['db_prefix']}user, {$GLOBALS['CONFIG']['db_prefix']}department, {$GLOBALS['CONFIG']['db_prefix']}category"; $lquery = " WHERE {$GLOBALS['CONFIG']['db_prefix']}data.owner = {$GLOBALS['CONFIG']['db_prefix']}user.id\n\t\t\t\t\tAND {$GLOBALS['CONFIG']['db_prefix']}data.department={$GLOBALS['CONFIG']['db_prefix']}department.id \n\t\t\t\t\tAND {$GLOBALS['CONFIG']['db_prefix']}data.category = {$GLOBALS['CONFIG']['db_prefix']}category.id AND ("; $larray_len = sizeof($lsearch_array); switch ($lwhere) { // Put all the category for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the category array are synchronized. case 'author_locked_files': $lquery .= $GLOBALS['CONFIG']['db_prefix'] . 'data.status' . $lequate . '\'' . $lkeyword . '\' AND ' . $GLOBALS['CONFIG']['db_prefix'] . 'data.owner=\'' . $_SESSION['uid'] . '\''; break; // Put all the category for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the category array are synchronized. // Put all the category for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the category array are synchronized. case 'category': $lquery .= $GLOBALS['CONFIG']['db_prefix'] . 'category.name' . $lequate . '\'' . $lkeyword . '\''; break; // Put all the author name for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the author name array are synchronized. // Put all the author name for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the author name array are synchronized. case 'author': if ($lexact_phrase == 'on') { $lquery .= $GLOBALS['CONFIG']['db_prefix'] . 'user.first_name' . $lequate . '\'' . substr($lkeyword, strpos($lkeyword, ' ') + 1) . '\' AND ' . $GLOBALS['CONFIG']['db_prefix'] . 'user.last_name' . $lequate . '\'' . substr($lkeyword, 0, strpos($lkeyword, ' ')) . '\''; } else { $lquery .= $GLOBALS['CONFIG']['db_prefix'] . 'user.first_name' . $lequate . '\'' . $lkeyword . '\' OR ' . $GLOBALS['CONFIG']['db_prefix'] . 'user.last_name' . $lequate . '\'' . $lkeyword . '\''; } break; // Put all the department name for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the department name array are synchronized.case 'department': // Put all the department name for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the department name array are synchronized.case 'department': case 'department': $lquery .= $GLOBALS['CONFIG']['db_prefix'] . 'department.name' . $lequate . '\'' . $lkeyword . '\''; break; // Put all the description for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the description array are synchronized. // Put all the description for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the description array are synchronized. case 'descriptions': $lquery .= $GLOBALS['CONFIG']['db_prefix'] . 'data.description' . $lequate . '\'' . $lkeyword . '\''; break; // Put all the file name for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the file name array are synchronized. // Put all the file name for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the file name array are synchronized. case 'filenames': $lquery .= $GLOBALS['CONFIG']['db_prefix'] . 'data.realname' . $lequate . '\'' . $lkeyword . '\''; break; // Put all the comments for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the comments array are synchronized. // Put all the comments for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the comments array are synchronized. case 'comments': $lquery .= $GLOBALS['CONFIG']['db_prefix'] . 'data.comment' . $lequate . '\'' . $lkeyword . '\''; break; case 'file_id': $lquery .= $GLOBALS['CONFIG']['db_prefix'] . 'data.id' . $lequate . '\'' . $lkeyword . '\''; break; case 'all': $lquery .= $GLOBALS['CONFIG']['db_prefix'] . 'category.name' . $lequate . '\'' . $lkeyword . '\' OR ' . $GLOBALS['CONFIG']['db_prefix'] . 'user.first_name' . $lequate . '\'' . $lkeyword . '\' OR ' . $GLOBALS['CONFIG']['db_prefix'] . 'user.last_name ' . $lequate . '\'' . $lkeyword . '\' OR ' . $GLOBALS['CONFIG']['db_prefix'] . 'department.name' . $lequate . '\'' . $lkeyword . '\' OR ' . $GLOBALS['CONFIG']['db_prefix'] . 'data.description' . $lequate . '\'' . $lkeyword . '\' OR ' . $GLOBALS['CONFIG']['db_prefix'] . 'data.realname' . $lequate . '\'' . $lkeyword . '\' OR ' . $GLOBALS['CONFIG']['db_prefix'] . 'data.comment' . $lequate . '\'' . $lkeyword . '\''; break; default: list($lquery_pre, $lquery) = udf_functions_search($lwhere, $lquery_pre, $lquery, $lequate, $lkeyword); break; } $lquery .= ") ORDER BY {$GLOBALS['CONFIG']['db_prefix']}data.id ASC"; $final_query = $lquery_pre . $lquery; $lresult = mysql_query($final_query); $lindex = 0; $lid_array = array(); if ($lresult) { $llen = mysql_num_rows($lresult); } else { $llen = 0; } while ($lindex < $llen) { list($lid_array[$lindex++]) = mysql_fetch_row($lresult); } if (@$l_remain != '' && $lexact_phrase != "on") { return array_values(array_unique(array_merge($lid_array, search($lwhere, substr($l_remain, 1), $lexact_phrase, $lcase_sensitivity, $lsearch_array)))); } return array_values(array_intersect($lid_array, $lsearch_array)); }