/** * This method uses ajax to save the users query * * @author KnowledgeTree TEam * @access public * @static * @param string $txtName The name of the saved search query * @param string $txtQuery The search query * @param string $userID The id of the user saving the query * @return void */ public static function saveQuery($txtName, $txtQuery, $userID) { /* $lookup = sanitizeForSQL($txtName); $sql = "select 1 from search_saved where name='$lookup'"; $result = DBUtil::getResultArray($sql); */ $result = SearchHelper::checkForSavedSearch($txtName); if (PEAR::isError($result)) { AjaxSearchHelper::createResponse(AjaxSearchHelper::STATUS_INTERNAL); } if (count($result) > 0) { AjaxSearchHelper::createResponse(AjaxSearchHelper::STATUS_SAVED_SEARCH_EXISTS, _kt('Search with this name already exists')); } /* // autoInsert does escaping... $values = array( 'name'=>$txtName, 'expression'=>$txtQuery, 'type'=>'S', 'shared'=>0, 'user_id' => $userID ); $result = DBUtil::autoInsert('search_saved', $values); */ $result = SearchHelper::saveSavedSearch($txtName, $txtQuery, $userID); if (PEAR::isError($result)) { AjaxSearchHelper::createResponse(AjaxSearchHelper::STATUS_INTERNAL); } AjaxSearchHelper::createResponse(AjaxSearchHelper::STATUS_SUCCESS); }