/** * Mark dupe pairs as selected from un-selected state or vice-versa, in dupe cache table. */ public static function toggleDedupeSelect() { $rgid = CRM_Utils_Type::escape($_REQUEST['rgid'], 'Integer'); $gid = CRM_Utils_Type::escape($_REQUEST['gid'], 'Integer'); $pnid = $_REQUEST['pnid']; $isSelected = CRM_Utils_Type::escape($_REQUEST['is_selected'], 'Boolean'); $cacheKeyString = CRM_Dedupe_Merger::getMergeCacheKeyString($rgid, $gid); $params = array(1 => array($isSelected, 'Boolean'), 3 => array("{$cacheKeyString}%", 'String')); //check pnid is_array or integer $whereClause = NULL; if (is_array($pnid) && !CRM_Utils_Array::crmIsEmptyArray($pnid)) { CRM_Utils_Type::escapeAll($pnid, 'Positive'); $pnid = implode(', ', $pnid); $whereClause = " id IN ( {$pnid} ) "; } else { $pnid = CRM_Utils_Type::escape($pnid, 'Integer'); $whereClause = " id = %2"; $params[2] = array($pnid, 'Integer'); } $sql = "UPDATE civicrm_prevnext_cache SET is_selected = %1 WHERE {$whereClause} AND cacheKey LIKE %3"; CRM_Core_DAO::executeQuery($sql, $params); CRM_Utils_System::civiExit(); }
/** * Generate where clause. * * This can be overridden in reports for special treatment of a field * * @param array $field Field specifications * @param string $op Query operator (not an exact match to sql) * @param mixed $value * @param float $min * @param float $max * * @return null|string */ public function whereClause(&$field, $op, $value, $min, $max) { $type = CRM_Utils_Type::typeToString(CRM_Utils_Array::value('type', $field)); $clause = NULL; switch ($op) { case 'bw': case 'nbw': if ($min !== NULL && strlen($min) > 0 || $max !== NULL && strlen($max) > 0) { $min = CRM_Utils_Type::escape($min, $type); $max = CRM_Utils_Type::escape($max, $type); $clauses = array(); if ($min) { if ($op == 'bw') { $clauses[] = "( {$field['dbAlias']} >= {$min} )"; } else { $clauses[] = "( {$field['dbAlias']} < {$min} )"; } } if ($max) { if ($op == 'bw') { $clauses[] = "( {$field['dbAlias']} <= {$max} )"; } else { $clauses[] = "( {$field['dbAlias']} > {$max} )"; } } if (!empty($clauses)) { if ($op == 'bw') { $clause = implode(' AND ', $clauses); } else { $clause = implode(' OR ', $clauses); } } } break; case 'has': case 'nhas': if ($value !== NULL && strlen($value) > 0) { $value = CRM_Utils_Type::escape($value, $type); if (strpos($value, '%') === FALSE) { $value = "'%{$value}%'"; } else { $value = "'{$value}'"; } $sqlOP = $this->getSQLOperator($op); $clause = "( {$field['dbAlias']} {$sqlOP} {$value} )"; } break; case 'in': case 'notin': if (is_string($value) && strlen($value)) { $value = explode(',', $value); } if ($value !== NULL && is_array($value) && count($value) > 0) { $sqlOP = $this->getSQLOperator($op); if (CRM_Utils_Array::value('type', $field) == CRM_Utils_Type::T_STRING) { //cycle through selections and escape values foreach ($value as $key => $selection) { $value[$key] = CRM_Utils_Type::escape($selection, $type); } $clause = "( {$field['dbAlias']} {$sqlOP} ( '" . implode("' , '", $value) . "') )"; } else { // for numerical values $clause = "{$field['dbAlias']} {$sqlOP} (" . implode(', ', $value) . ")"; } if ($op == 'notin') { $clause = "( " . $clause . " OR {$field['dbAlias']} IS NULL )"; } else { $clause = "( " . $clause . " )"; } } break; case 'mhas': case 'mnot': // multiple has or multiple not if ($value !== NULL && count($value) > 0) { $value = CRM_Utils_Type::escapeAll($value, $type); $operator = $op == 'mnot' ? 'NOT' : ''; $regexp = "[[:cntrl:]]*" . implode('[[:>:]]*|[[:<:]]*', (array) $value) . "[[:cntrl:]]*"; $clause = "{$field['dbAlias']} {$operator} REGEXP '{$regexp}'"; } break; case 'sw': case 'ew': if ($value !== NULL && strlen($value) > 0) { $value = CRM_Utils_Type::escape($value, $type); if (strpos($value, '%') === FALSE) { if ($op == 'sw') { $value = "'{$value}%'"; } else { $value = "'%{$value}'"; } } else { $value = "'{$value}'"; } $sqlOP = $this->getSQLOperator($op); $clause = "( {$field['dbAlias']} {$sqlOP} {$value} )"; } break; case 'nll': case 'nnll': $sqlOP = $this->getSQLOperator($op); $clause = "( {$field['dbAlias']} {$sqlOP} )"; break; default: if ($value !== NULL && strlen($value) > 0) { if (isset($field['clause'])) { // FIXME: we not doing escape here. Better solution is to use two // different types - data-type and filter-type $clause = $field['clause']; } else { $value = CRM_Utils_Type::escape($value, $type); $sqlOP = $this->getSQLOperator($op); if ($field['type'] == CRM_Utils_Type::T_STRING) { $value = "'{$value}'"; } $clause = "( {$field['dbAlias']} {$sqlOP} {$value} )"; } } break; } if (!empty($field['group']) && $clause) { $clause = $this->whereGroupClause($field, $value, $op); } elseif (!empty($field['tag']) && $clause) { // not using left join in query because if any contact // belongs to more than one tag, results duplicate // entries. $clause = $this->whereTagClause($field, $value, $op); } elseif (!empty($field['membership_org']) && $clause) { $clause = $this->whereMembershipOrgClause($value, $op); } elseif (!empty($field['membership_type']) && $clause) { $clause = $this->whereMembershipTypeClause($value, $op); } return $clause; }