public function getResults() { $sql = "SELECT subject_id AS 'id', shortform AS 'shortform', subject AS 'matching_text', description as 'additional_text', '' as 'tab_index', '' AS 'parent_id', 'Subject Guide' as 'content_type' FROM subject \nWHERE description LIKE" . $this->getSearch() . "\nOR subject LIKE " . $this->getSearch() . "\nOR keywords LIKE " . $this->getSearch() . "\nOR shortform LIKE " . $this->getSearch() . "\nOR type LIKE " . $this->getSearch() . "\nUNION \nSELECT p.pluslet_id AS 'id', su.shortform as 'shortform', p.title AS 'matching_text',p.body AS 'additional_text', t.tab_index AS 'additional_text', su.subject_id AS 'parent_id', 'Pluslet' AS 'content_type' FROM pluslet AS p \n\tINNER JOIN pluslet_section AS ps \n\tON ps.pluslet_id = p.pluslet_id\n\tINNER JOIN section AS s \n\tON ps.section_id = s.section_id\n\tINNER JOIN tab AS t\n\tON s.tab_id = t.tab_id\n\tINNER JOIN subject AS su \n\tON su.subject_id = t.subject_id\nWHERE p.body LIKE " . $this->getSearch() . "\nOR p.title LIKE " . $this->getSearch() . "\nUNION\nSELECT title_id AS 'id', '' as 'shortform', title AS 'matching_text' , description as 'additional_text','' as 'tab_index', '' AS 'parent_id', 'Record' as 'content_type' FROM title \nWHERE title LIKE " . $this->getSearch() . "\nOR description LIKE " . $this->getSearch() . "\nUNION\nSELECT faq_id AS 'id', '' as 'shortform' , question AS 'matching_text', answer as 'additional_text','' as 'tab_index', '' AS 'parent_id', 'FAQ' as 'content_type' FROM faq \nWHERE question LIKE " . $this->getSearch() . "\nOR answer LIKE " . $this->getSearch() . "\nOR keywords LIKE " . $this->getSearch() . "\nUNION\nSELECT talkback_id AS 'id', '' as 'shortform', question AS 'matching_text' , answer as 'additional_text','' as 'tab_index', '' AS 'parent_id', 'Talkback' as 'content_type' FROM talkback \nWHERE question LIKE " . $this->getSearch() . "\nOR answer LIKE " . $this->getSearch() . "\nUNION\nSELECT staff_id AS 'id', '' as 'shortform', email AS 'matching_text' , fname as 'additional_text','' as 'tab_index', '' AS 'parent_id', 'Staff' as 'content_type' FROM staff \nWHERE fname LIKE " . $this->getSearch() . "\nOR lname LIKE " . $this->getSearch() . "\nOR email LIKE " . $this->getSearch() . "\nOR tel LIKE " . $this->getSearch() . "\nUNION\nSELECT department_id AS 'id', '' as 'shortform', name AS 'matching_text' , telephone as 'additional_text','' as 'tab_index', '' AS 'parent_id', 'Department' as 'content_type' FROM department \nWHERE name LIKE " . $this->getSearch() . "\nOR telephone LIKE " . $this->getSearch() . "\nUNION\nSELECT video_id AS 'id', '' as 'shortform', title AS 'matching_text' , description as 'additional_text','' as 'tab_index', '' AS 'parent_id', 'Video' as 'content_type' FROM video \nWHERE title LIKE " . $this->getSearch() . "\nOR description LIKE " . $this->getSearch() . "\nOR vtags LIKE " . $this->getSearch(); $db = new Querier(); $results = $db->query($sql); return $results; }
public function __construct($lib_guides_xml_path, Logger $log, Querier $db, CatalogMigrator $cm) { $libguides_xml = new \SimpleXMLElement(file_get_contents($lib_guides_xml_path, 'r')); $this->libguidesxml = $libguides_xml; $this->log = $log; $this->db = $db; $this->connection = $db->getConnection(); $this->cm = $cm; }
public function getFavoritePluslets($staff_id = null) { if ($staff_id == null) { $staff_id = $this->_staff_id; } $querier = new Querier(); $sql = "SELECT p.pluslet_id as 'id', p.title AS 'title', p.type AS 'type', t.tab_index AS 'tab_index' FROM pluslet AS p\n INNER JOIN pluslet_section AS ps\n ON ps.pluslet_id = p.pluslet_id\n INNER JOIN section AS s\n ON ps.section_id = s.section_id\n INNER JOIN tab AS t\n ON s.tab_id = t.tab_id\n INNER JOIN subject AS subject\n ON t.subject_id = subject.subject_id\n INNER JOIN staff_subject AS staff_sub\n ON subject.subject_id = staff_sub.subject_id\n WHERE p.favorite_box = 1\n AND staff_sub.staff_id = {$staff_id}"; $favorites = $querier->query($sql); return $favorites; }
public function __construct(Querier $db) { $this->connection = $db->getConnection(); $statement = $this->connection->prepare("SELECT title_id FROM title"); $statement->execute(); $title_ids = $statement->fetchAll(); foreach ($title_ids as $title_id) { $azrecord = new AzRecord($db); $azrecord->getRecord($title_id['title_id']); $this->records[] = $azrecord->toArray(); } }
public function __construct(Querier $db) { $this->connection = $db->getConnection(); $statement = $this->connection->prepare("SELECT subject_id FROM subject WHERE active = :active AND `type` = :type"); $statement->bindParam(':active', $this->active); $statement->bindParam(':type', $this->type); $statement->execute(); $subject_ids = $statement->fetchAll(); foreach ($subject_ids as $subject_id) { $record = new Record($db); $record->getRecord($subject_id['subject_id']); $this->records[] = $record; } }
/** * sp_WebService::setData() - this method sets the data that will be outputted for * the web service with a get method * * @return void */ public function setData() { $lobjParams = $this->mobjUrlParams; $lobjParams = $this->sanitizeParams($lobjParams); if ($lobjParams === false) { die; } $lstrQuery = $this->generateQuery($lobjParams) or die; $lobjQuerier = new Querier(); $lobjResults = $lobjQuerier->query($lstrQuery, \PDO::FETCH_ASSOC); if (!$lobjResults) { $lobjResults = array(); } $this->mobjData[$this->mstrTag] = $lobjResults; }
/** * StaffWebService::setData() - this method overrides the parent method because * the staff webservice requires an append to the tel field * * @return void */ public function setData() { $lobjParams = $this->mobjUrlParams; $lobjParams = $this->sanitizeParams($lobjParams); if ($lobjParams === false) { die; } $lstrQuery = $this->generateQuery($lobjParams) or die; $lobjQuerier = new Querier(); $lobjResults = $lobjQuerier->query($lstrQuery, \PDO::FETCH_ASSOC); if (!$lobjResults) { $lobjResults = array(); } global $tel_prefix; foreach ($lobjResults as &$lobjRow) { if (isset($tel_prefix)) { $lobjRow['tel'] = $tel_prefix . $lobjRow['tel']; } } $this->mobjData[$this->mstrTag] = $lobjResults; }
public function getRelatedTitles() { $db = new Querier(); //get title ids in pluslets' resource token connected to guide $q = "SELECT p.body\n FROM subject AS s\n INNER JOIN tab AS tb ON s.subject_id = tb.subject_id\n LEFT JOIN section AS sc ON tb.tab_id = sc.tab_id\n LEFT JOIN pluslet_section AS ps ON sc.section_id = ps.section_id\n LEFT JOIN pluslet AS p ON ps.pluslet_id = p.pluslet_id\n WHERE p.body LIKE '%{{dab}%'\n AND s.subject_id = {$this->_subject_id}"; $lobjResults = $db->query($q); $lobjMatches = array(); $lobjTitleIds = array(); foreach ($lobjResults as $lobjResult) { preg_match_all('/\\{\\{dab\\},\\{([^}]*)\\}/', $lobjResult['body'], $lobjMatches); $lobjTitleIds = array_merge($lobjTitleIds, $lobjMatches[1]); } return $lobjTitleIds; }
* * @author adarby * @date jan 2012 */ use SubjectsPlus\Control\Querier; use SubjectsPlus\Control\CompleteMe; use SubjectsPlus\Control\DbHandler; include "../control/includes/config.php"; include "../control/includes/functions.php"; include "../control/includes/autoloader.php"; // If you have a theme set, but DON'T want to use it for this page, comment out the next line if (isset($subjects_theme) && $subjects_theme != "") { include "themes/{$subjects_theme}/databases.php"; exit; } $db = new Querier(); $use_jquery = array("ui"); $page_title = _("Database List"); $description = _("An alphabetical list of the electronic resources available."); $keywords = _("library, research, electronic journals, databases, electronic resources, full text, online, magazine, articles, paper, assignment"); // set a default if the letter isn't set if (!isset($_GET["letter"])) { $_GET["letter"] = "A"; $page_title .= ": A"; } else { $page_title .= ": " . ucfirst(scrubData($_GET["letter"])); } // Deal with databases by subject display if (!isset($_GET["subject_id"])) { $_GET["subject_id"] = ""; $clean_id = "";
$page_title = "FAQ Admin"; include "../includes/header.php"; try { } catch (Exception $e) { echo $e; } if (isset($_GET["limit"])) { if ($_GET["limit"] == "all") { $limit = ""; } else { $limit = "LIMIT 0," . scrubData($_GET["limit"], "int"); } } else { $limit = "LIMIT 0,10"; } $querierFAQ = new Querier(); $qFAQ = "SELECT faq_id, question, answer, keywords\n\tFROM faq\n\tORDER BY faq_id DESC\n\t{$limit}"; $faqArray = $querierFAQ->query($qFAQ); $row_count1 = 0; $row_count2 = 0; $colour1 = "evenrow"; $colour2 = "oddrow"; $faq_list = ""; if ($faqArray) { foreach ($faqArray as $value) { $row_colour1 = $row_count1 % 2 ? $colour1 : $colour2; $short_question = Truncate($value["question"], 200); $short_answer = stripslashes(htmlspecialchars_decode(TruncByWord($value["answer"], 15))); $last_revised_line = lastModded("faq", $value[0]); // Answered FAQs $faq_list .= "\n <div class=\"striper faq_wrapper {$row_colour1}\">\n <div class=\"faq_tools\">\n <a href=\"faq.php?faq_id={$value['0']}&wintype=pop\" class=\"showmedium-reloader\"><img src=\"{$IconPath}/pencil.png\" alt=\"edit\" width=\"16\" height=\"16\" /></a>\n <a href=\"" . $FAQPath . "?faq_id={$value['0']}\" target=\"_blank\"><img src=\"{$IconPath}/eye.png\" alt=\"edit\" width=\"16\" height=\"16\" /></a>\n </div>\n <div class=\"faq_question\">\n {$short_question} <span class=\"faq-short-question\">({$last_revised_line})</span>\n </div>\n </div>";
$page_title = "Video Admin"; include "../includes/header.php"; try { } catch (Exception $e) { echo $e; } if (isset($_GET["limit"])) { if ($_GET["limit"] == "all") { $limit = ""; } else { $limit = "LIMIT 0," . scrubData($_GET["limit"], "int"); } } else { $limit = ""; } $querierVid = new Querier(); $qVid = "SELECT video_id, title, description, source, foreign_id, duration, date, display, vtags\n\tFROM video\n\tORDER BY video_id DESC\n\t{$limit}"; $vidArray = $querierVid->query($qVid); $row_count1 = 0; $row_count2 = 0; $colour1 = "evenrow"; $colour2 = "oddrow"; $vid_list = ""; if ($vidArray) { foreach ($vidArray as $value) { $row_colour1 = $row_count1 % 2 ? $colour1 : $colour2; $short_title = Truncate($value["title"], 200); $short_desc = stripslashes(htmlspecialchars_decode(TruncByWord($value["description"], 15))); $last_revised_line = lastModded("video", $value[0]); if ($value[7] != "1") { $activity = " <span style=\"color: #666;\">* " . _("unpublished") . "</span>";
} /////////////////// // Browse View /////////////////// if (isset($_GET["browse"])) { $q = "SELECT user_type_id, user_type FROM user_type ORDER BY user_type_id"; $querier = new Querier(); $typeArray = $querier->query($q); print "<div class=\"pure-g\">\n <div class=\"pure-u-2-3\">"; // Loop through user types foreach ($typeArray as $value) { $staff_list = ""; $staffArray = ""; $our_title = $value[1]; $q2 = "SELECT staff_id, fname, lname, email, ptags FROM staff WHERE user_type_id = " . $value[0] . " ORDER BY lname, fname"; $querier2 = new Querier(); $staffArray = $querier2->query($q2); $staff_list .= ""; // if there are no results if (!$staffArray) { $staff_list .= "<p>" . _("None registered. Just as well. They're going to rise up against us someday.") . "</p>"; } else { $staff_list .= "<p>" . _("Click on a name to update details and privileges") . "</p>"; // set up striping $row_count = 0; $colour1 = "oddrow"; $colour2 = "evenrow"; foreach ($staffArray as $staff) { // unpack the ptags $these_tags = ""; $current_ptags = explode("|", $staff[4]);
* @date Nov, 2011; last mod dec 2014 */ use SubjectsPlus\Control\Dropdown; use SubjectsPlus\Control\Record; use SubjectsPlus\Control\LinkChecker; use SubjectsPlus\Control\Querier; $subcat = "records"; $subsubcat = "index.php"; $page_title = "Browse Items"; // init some vars $atoz = ""; $letter = ""; $ctag = ""; $full_query = ""; include "../includes/header.php"; $db = new Querier(); // Where to start? // Choose initial letter to display $alpha_query = "SELECT distinct left(title,1) as 'initial' FROM title, restrictions, location, location_title, source where title.title_id = location_title.title_id and location.location_id = location_title.location_id and restrictions_id = access_restrictions ORDER BY initial"; $alpha_result = $db->query($alpha_query); $count = 0; $firstletter = "A"; foreach ($alpha_result as $myletter) { if ($count == 0) { $firstletter = $myletter[0][0]; } $atoz .= "<a href=\"" . "index.php?letter=" . $myletter[0][0] . "\">" . $myletter[0][0] . "</a> "; $count++; } $atoz .= "<a href=\"index.php?letter=all\">[all]</a>"; // end A-Z header for now
// Show feedbck $feedback = $record->getMessage(); } else { $feedback = "There is no record by that ID."; } } if (isset($_POST["submit_record"])) { // 1. Make sure we have minimum non-dupe data // 1a. Make sure there is a title, location, and subject if ($_POST["title"] == "" || $_POST["location"][0] == "" || $_POST["subject"][0] == "") { echo "<div class=\"feedback\">" . _("You must have a title, location, and subject. Please go back and fix these omissions. And turn on JavaScript, for goodness sakes!") . "</div><br /><br />"; exit; } // 1b. IF THIS IS AN INSERT make sure the title isn't an exact dupe if ($_POST["title_id"] == "") { $querierDupe = new Querier(); $qDupe = "SELECT title_id, title FROM title WHERE title LIKE " . $db->quote($_POST["title"]); $dupetitleArray = $querierDupe->query($qDupe); if ($dupetitleArray) { echo _("There is already a record with this title: ") . "<a href=\"record.php?record_id=" . $dupetitleArray[0] . "\">" . $dupetitleArray[1] . "</a>. " . _("Maybe do a search and make sure it doesn't already exist?"); return FALSE; } } // Submit form $record = new Record($_POST["title_id"], "post"); ////////////////////////////////// // Is this an Insert or an update? ////////////////////////////////// if ($_POST["title_id"] == "") { $record->insertRecord(); $ok_record_id = $record->getRecordId();
public function search() { $db = new Querier(); $search_param = $db->quote("%" . $this->param . "%"); $subject_id = $db->quote($this->subject_id); switch ($this->collection) { case "home": $q = "SELECT subject_id AS 'id', subject AS 'matching_text',subject AS 'label', description as 'additional_text', shortform AS 'short_form', 'Subject Guide' as 'content_type', '' as 'additional_id', '' as 'parent' FROM subject\n WHERE description LIKE " . $search_param . "\n OR subject LIKE " . $search_param . "\n OR keywords LIKE " . $search_param . "\n UNION\n SELECT p.pluslet_id, p.title,p.title AS 'label', su.subject_id AS 'parent_id', su.shortform, 'Pluslet' AS 'content_type', t.tab_index as 'additional_id',su.subject as 'parent' FROM pluslet AS p\n INNER JOIN pluslet_section AS ps\n ON ps.pluslet_id = p.pluslet_id\n INNER JOIN section AS s\n ON ps.section_id = s.section_id\n INNER JOIN tab AS t\n ON s.tab_id = t.tab_id\n INNER JOIN subject AS su\n ON su.subject_id = t.subject_id\n WHERE p.body LIKE " . $search_param . "\n OR p.title LIKE " . $search_param . "\n\n UNION\n SELECT faq_id AS 'id', question AS 'matching_text',question AS 'label', answer as 'additional_text','' AS 'short_form','FAQ' as 'content_type', '' as 'additional_id', '' as 'parent' FROM faq\n WHERE question LIKE " . $search_param . "\n OR answer LIKE " . $search_param . "\n OR keywords LIKE " . $search_param . "\n UNION\n SELECT talkback_id AS 'id', question AS 'matching_text' ,question AS 'label', answer as 'additional_text','' AS 'short_form', 'Talkback' as 'content_type', '' as 'additional_id', '' as 'parent' FROM talkback\n WHERE question LIKE " . $search_param . "\n OR answer LIKE " . $search_param . "\n UNION\n SELECT staff_id AS 'id', email AS 'matching_text' ,email AS 'label', fname as 'additional_text','' AS 'short_form', 'Staff' as 'content_type', '' as 'additional_id', '' as 'parent' FROM staff\n WHERE fname LIKE " . $search_param . "\n OR lname LIKE " . $search_param . "\n OR email LIKE " . $search_param . "\n OR tel LIKE " . $search_param . "\n UNION\n SELECT department_id AS 'id', name AS 'matching_text' , name AS 'label', telephone as 'additional_text','' AS 'short_form', 'Department' as 'content_type', '' as 'additional_id','' as 'parent' FROM department\n WHERE name LIKE " . $search_param . "\n OR telephone LIKE " . $search_param . "\n UNION\n SELECT video_id AS 'id', title AS 'matching_text' ,title AS 'label', description as 'additional_text','' AS 'short_form', 'Video' as 'content_type', '' as 'additional_id', '' as 'parent' FROM video\n WHERE title LIKE " . $search_param . "\n OR description LIKE " . $search_param . "\n OR vtags LIKE " . $search_param; break; case "guides": $q = "SELECT subject_id as 'id', subject,'Subject Guide' as 'content_type', subject AS 'label',shortform AS 'short_form' FROM subject WHERE subject LIKE " . $search_param . "OR shortform LIKE " . $search_param . "OR description LIKE " . $search_param . "OR keywords LIKE " . $search_param . "OR type LIKE " . $search_param; break; case "guide": $q = "SELECT p.pluslet_id as 'id',su.shortform as 'short_form','Pluslet' as 'content_type', p.title, p.title AS 'label', ps.section_id, t.tab_index AS 'additional_id', t.subject_id, su.subject FROM pluslet AS p\n INNER JOIN pluslet_section AS ps\n ON ps.pluslet_id = p.pluslet_id\n INNER JOIN section AS s\n ON ps.section_id = s.section_id\n INNER JOIN tab AS t\n ON s.tab_id = t.tab_id\n INNER JOIN subject AS su\n ON su.subject_id = t.subject_id\n WHERE p.body LIKE " . $search_param . " AND t.subject_id = " . $subject_id; break; case "records": $q = "SELECT title_id AS 'id', 'Record' as 'content_type',title AS 'label', title FROM title WHERE title LIKE " . $search_param; break; case "faq": $q = "SELECT faq_id AS 'id',question AS 'label', LEFT(question, 55), 'FAQ' as 'content_type' FROM faq WHERE question LIKE " . $search_param; break; case "talkback": $q = "SELECT talkback_id AS 'id',question AS 'label','Talkback' as content_type, LEFT(question, 55) FROM talkback WHERE question LIKE " . $search_param; break; case "admin": $q = "SELECT staff_id AS 'id',email AS 'label','Staff' as 'content_type', CONCAT(fname, ' ', lname, ' (', email, ')') as fullname FROM staff WHERE (fname LIKE " . $search_param . ") OR (lname LIKE " . $search_param . ")"; break; } //print_r ($q); $result = $db->query($q); $arr = array(); $i = 0; // This takes the results and creates an array that will be turned into JSON foreach ($result as $myrow) { //add no title label if empty $myrow['label'] = empty($myrow['label']) ? '[no title]' : $myrow['label']; $arr[$i]['label'] = $myrow['label']; if (isset($myrow['content_type'])) { $arr[$i]['id'] = $myrow['id']; if (isset($myrow['short_form'])) { $arr[$i]['shortform'] = $myrow['short_form']; } if (isset($myrow['matching_text'])) { $arr[$i]['value'] = $myrow['matching_text']; } if (isset($myrow['content_type'])) { $arr[$i]['content_type'] = $myrow['content_type']; } if (isset($myrow['parent'])) { $arr[$i]['parent'] = $myrow['parent']; } if (isset($myrow['additional_id'])) { $arr[$i]['parent_id'] = $myrow['additional_id']; } switch ($myrow['content_type']) { case "Record": $arr[$i]['label'] = $myrow['label']; if ($this->getSearchPage() == "control") { $arr[$i]['url'] = 'record.php?record_id=' . $myrow['id']; } else { $db = new Querier(); $record_url_sql = "SELECT location, title\n\t\t\t\tFROM location l, title t, location_title lt \n\t\t\t\tWHERE t.title_id = lt.title_id\n\t\t\t\tAND l.location_id = lt.location_id AND t.title_id = " . $db->quote($myrow['id']) . " "; $record_url_result = $db->query($record_url_sql); if (isset($record_url_result[0]['location'])) { $arr[$i]['url'] = $record_url_result[0]['location']; } else { $arr[$i]['url'] = ''; } } break; case "Subject Guide": if ($this->getSearchPage() == "control") { $arr[$i]['url'] = getControlURL() . 'guides/guide.php?subject_id=' . $myrow['id']; } else { $arr[$i]['url'] = 'guide.php?subject=' . $myrow['short_form']; } break; case "FAQ": $arr[$i]['label'] = $myrow['label']; $arr[$i]['url'] = 'faq.php?faq_id=' . $myrow['id']; break; case "Pluslet": if ($this->getSearchPage() == "control") { $arr[$i]['url'] = getControlURL() . 'guides/guide.php?subject_id=' . $myrow['short_form'] . '#box-' . $myrow['additional_id'] . '-' . $myrow['id']; $arr[$i]['hash'] = '#box-' . $myrow['additional_id'] . '-' . $myrow['id']; $arr[$i]['label'] = $myrow['label']; } else { $arr[$i]['url'] = 'guide.php?subject=' . $myrow['short_form'] . '#box-' . $myrow['additional_id'] . '-' . $myrow['id']; $arr[$i]['hash'] = '#box-' . $myrow['additional_id'] . '-' . $myrow['id']; $arr[$i]['tab_index'] = $myrow['additional_id']; } break; case "Talkback": $arr[$i]['label'] = $myrow['label']; if ($this->getSearchPage() == "control") { $arr[$i]['url'] = 'talkback.php?talkback_id=' . $myrow['id']; } else { $arr[$i]['url'] = 'talkback.php'; } break; case "Staff": $arr[$i]['label'] = $myrow['fullname']; if ($this->getSearchPage() == "control") { $arr[$i]['url'] = 'user.php?staff_id=' . $myrow['id']; } else { $name = explode('@', $myrow['label']); $arr[$i]['url'] = 'staff_details.php?name=' . $name[0]; } break; } } else { $arr[$i]['value'] = $myrow[0]; } $i++; } $response = json_encode($arr); return $response; }
public function search() { $db = new Querier(); $connection = $db->getConnection(); $search_param = "%" . $this->param . "%"; $subject_id = $this->subject_id; switch ($this->collection) { case "home": $statement = $connection->prepare("SELECT subject_id AS 'id', subject AS 'matching_text',subject AS 'label', description as 'additional_text', shortform AS 'short_form', 'Subject Guide' as 'content_type', '' as 'additional_id', '' as 'parent' FROM subject\n WHERE description LIKE :search_term\n OR subject LIKE :search_term\n OR keywords LIKE :search_term\n UNION\n SELECT p.pluslet_id, p.title,p.title AS 'label', su.subject_id AS 'parent_id', su.shortform, 'Pluslet' AS 'content_type', t.tab_index as 'additional_id',su.subject as 'parent' FROM pluslet AS p\n INNER JOIN pluslet_section AS ps\n ON ps.pluslet_id = p.pluslet_id\n INNER JOIN section AS s\n ON ps.section_id = s.section_id\n INNER JOIN tab AS t\n ON s.tab_id = t.tab_id\n INNER JOIN subject AS su\n ON su.subject_id = t.subject_id\n WHERE p.body LIKE :search_term\n OR p.title LIKE :search_term\n UNION\n SELECT faq_id AS 'id', question AS 'matching_text',question AS 'label', answer as 'additional_text','' AS 'short_form','FAQ' as 'content_type', '' as 'additional_id', '' as 'parent' FROM faq\n WHERE question LIKE :search_term\n OR answer LIKE :search_term\n OR keywords LIKE :search_term\n UNION\n SELECT talkback_id AS 'id', question AS 'matching_text' ,question AS 'label', answer as 'additional_text','' AS 'short_form', 'Talkback' as 'content_type', '' as 'additional_id', '' as 'parent' FROM talkback\n WHERE question LIKE :search_term\n OR answer LIKE :search_term\n UNION\n SELECT staff_id AS 'id', email AS 'matching_text' ,email AS 'label', fname as 'additional_text','' AS 'short_form', 'Staff' as 'content_type', '' as 'additional_id', '' as 'parent' FROM staff\n WHERE fname LIKE :search_term\n OR lname LIKE :search_term\n OR email LIKE :search_term\n OR tel LIKE :search_term\n UNION\n SELECT department_id AS 'id', name AS 'matching_text' , name AS 'label', telephone as 'additional_text','' AS 'short_form', 'Department' as 'content_type', '' as 'additional_id','' as 'parent' FROM department\n WHERE name LIKE :search_term\n OR telephone LIKE :search_term\n UNION\n SELECT video_id AS 'id', title AS 'matching_text' ,title AS 'label', description as 'additional_text','' AS 'short_form', 'Video' as 'content_type', '' as 'additional_id', '' as 'parent' FROM video\n WHERE title LIKE :search_term\n OR description LIKE :search_term\n OR vtags LIKE :search_term"); break; case "guides": $statement = $connection->prepare("SELECT subject_id as 'id', subject,'Subject Guide' as 'content_type', subject AS 'label',shortform AS 'short_form' \n FROM subject \n WHERE active = '1'\n AND (subject LIKE :search_term\n OR shortform LIKE :search_term\n OR description LIKE :search_term\n OR keywords LIKE :search_term\n OR type LIKE :search_term)\n "); break; case "all_guides": $statement = $connection->prepare("SELECT subject_id as 'id', subject,'Subject Guide' as 'content_type', subject AS 'label',shortform AS 'short_form'\n FROM subject\n WHERE (subject LIKE :search_term\n OR shortform LIKE :search_term\n OR description LIKE :search_term\n OR keywords LIKE :search_term\n OR type LIKE :search_term)\n ORDER BY subject\n "); break; case "guide": $statement = $connection->prepare("SELECT p.pluslet_id as 'id',su.shortform as 'short_form','Pluslet' as 'content_type',p.type as 'type', p.title, p.title AS 'label', ps.section_id, t.tab_index AS 'additional_id', t.subject_id, su.subject FROM pluslet AS p\n INNER JOIN pluslet_section AS ps\n ON ps.pluslet_id = p.pluslet_id\n INNER JOIN section AS s\n ON ps.section_id = s.section_id\n INNER JOIN tab AS t\n ON s.tab_id = t.tab_id\n INNER JOIN subject AS su\n ON su.subject_id = t.subject_id\n WHERE p.body LIKE :search_term\n \t\t\t AND t.subject_id = :subject_id"); $statement->bindParam(":subject_id", $subject_id); break; case "current_guide": $statement = $connection->prepare("SELECT p.pluslet_id as 'id',su.shortform as 'short_form','Pluslet' as 'content_type',p.type as 'type', p.title, p.title AS 'label', ps.section_id, t.tab_index AS 'additional_id', t.subject_id, su.subject FROM pluslet AS p\n INNER JOIN pluslet_section AS ps\n ON ps.pluslet_id = p.pluslet_id\n INNER JOIN section AS s\n ON ps.section_id = s.section_id\n INNER JOIN tab AS t\n ON s.tab_id = t.tab_id\n INNER JOIN subject AS su\n ON su.subject_id = t.subject_id\n WHERE p.title LIKE :search_term\n \t\t\t AND t.subject_id = :subject_id"); $statement->bindParam(":subject_id", $subject_id); break; case "records": $statement = $connection->prepare("SELECT DISTINCT title.title_id as 'id','Record' as 'content_type', title.title as 'label', location.location as 'location_url'\nFROM title\nINNER JOIN location_title\nON title.title_id = location_title.title_id\nINNER JOIN location\nON location.location_id = location_title.location_id\nAND title.title LIKE :search_term"); break; case "azrecords": $statement = $connection->prepare("SELECT DISTINCT title.title_id as 'id','Record' as 'content_type', title.title as 'label', location.location as 'location_url'\nFROM title\nINNER JOIN location_title \nON title.title_id = location_title.title_id\nINNER JOIN location\nON location.location_id = location_title.location_id\nAND eres_display = 'Y'\nAND title.title LIKE :search_term"); break; case "faq": $statement = $connection->prepare("SELECT faq_id AS 'id',question AS 'label', LEFT(question, 55), \n \t\t'FAQ' as 'content_type' FROM faq WHERE question LIKE :search_term"); break; case "talkback": $statement = $connection->prepare("SELECT talkback_id AS 'id',question AS 'label','Talkback' \n \t\tas content_type, LEFT(question, 55) FROM talkback WHERE question LIKE :search_term"); break; case "admin": $statement = $connection->prepare("SELECT staff_id AS 'id',email AS 'label','Staff' \n \t\tas 'content_type', CONCAT(fname, ' ', lname, ' (', email, ')') as fullname \n \t\tFROM staff WHERE (fname LIKE :search_term) OR (lname LIKE :search_term)"); break; case "pluslet": $statement = $connection->prepare("SELECT p.pluslet_id AS 'pluslet_id', p.title,p.title AS 'label',p.type as 'type', p.pluslet_id AS 'id', su.shortform as 'short_form', 'Pluslet' AS 'content_type', t.tab_index as 'additional_id',su.subject as 'parent' FROM pluslet AS p\n INNER JOIN pluslet_section AS ps\n ON ps.pluslet_id = p.pluslet_id\n INNER JOIN section AS s\n ON ps.section_id = s.section_id\n INNER JOIN tab AS t\n ON s.tab_id = t.tab_id\n INNER JOIN subject AS su\n ON su.subject_id = t.subject_id\n WHERE p.title LIKE :search_term\n \t\t\t\n \t\t\t\t"); break; case "my_pluslets": $statement = $connection->prepare("SELECT p.pluslet_id AS 'pluslet_id', p.title,p.title AS 'label',p.type as 'type', p.pluslet_id AS 'id', su.shortform as 'short_form', 'Pluslet' AS 'content_type', t.tab_index as 'additional_id',su.subject as 'parent' FROM pluslet AS p\n INNER JOIN pluslet_section AS ps\n ON ps.pluslet_id = p.pluslet_id\n INNER JOIN section AS s\n ON ps.section_id = s.section_id\n INNER JOIN tab AS t\n ON s.tab_id = t.tab_id\n INNER JOIN subject AS su\n ON su.subject_id = t.subject_id\n INNER JOIN staff_subject AS st_sub\n ON st_sub.subject_id = su.subject_id\n WHERE p.title LIKE :search_term\n AND st_sub.staff_id = :staff_id\n \t\t\t\n \t\t\t\t"); $statement->bindParam(":staff_id", $this->staff_id); break; } $search_param = '%' . $search_param . '%'; $statement->bindParam(":search_term", $search_param); $statement->execute(); $result = $statement->fetchAll(); $arr = array(); $i = 0; // This takes the results and creates an array that will be turned into JSON foreach ($result as $myrow) { //add no title label if empty $myrow['label'] = empty($myrow['label']) ? '[no title]' : $myrow['label']; $arr[$i]['label'] = html_entity_decode($myrow['label']); if (isset($myrow['content_type'])) { if (isset($myrow['id'])) { $arr[$i]['id'] = $myrow['id']; } $arr[$i]['content_type'] = $myrow['content_type']; if (isset($myrow['location_url'])) { $arr[$i]['location_url'] = $myrow['location_url']; } if (isset($myrow['short_form'])) { $arr[$i]['shortform'] = $myrow['short_form']; } if (isset($myrow['matching_text'])) { $arr[$i]['value'] = $myrow['matching_text']; } if (isset($myrow['parent'])) { $arr[$i]['parent'] = $myrow['parent']; } if (isset($myrow['additional_id'])) { $arr[$i]['parent_id'] = $myrow['additional_id']; } switch ($myrow['content_type']) { case "Record": $arr[$i]['label'] = html_entity_decode($myrow['label']); if ($this->getSearchPage() == "control") { $arr[$i]['url'] = 'record.php?record_id=' . $myrow['id']; } else { $db = new Querier(); $record_url_sql = "SELECT location, title\n FROM location l, title t, location_title lt \n WHERE t.title_id = lt.title_id\n AND l.location_id = lt.location_id AND t.title_id = " . $db->quote($myrow['id']) . " "; $record_url_result = $db->query($record_url_sql); if (isset($record_url_result[0]['location'])) { $arr[$i]['url'] = $record_url_result[0]['location']; } else { $arr[$i]['url'] = ''; } } break; case "Subject Guide": if ($this->getSearchPage() == "control") { $arr[$i]['url'] = getControlURL() . 'guides/guide.php?subject_id=' . $myrow['id']; } else { $arr[$i]['url'] = 'guide.php?subject=' . $myrow['short_form']; } break; case "FAQ": $arr[$i]['label'] = html_entity_decode($myrow['label']); $arr[$i]['url'] = 'faq.php?faq_id=' . $myrow['id']; break; case "Pluslet": if ($this->getSearchPage() == "control") { $arr[$i]['url'] = getControlURL() . 'guides/guide.php?subject_id=' . $myrow['short_form'] . '#box-' . $myrow['additional_id'] . '-' . $myrow['id']; $arr[$i]['hash'] = '#box-' . $myrow['additional_id'] . '-' . $myrow['id']; $arr[$i]['label'] = html_entity_decode($myrow['label']); if (isset($myrow['type'])) { $arr[$i]['type'] = $myrow['type']; } if (isset($arr[$i]['pluslet_id'])) { $arr[$i]['pluslet_id'] = $myrow['id']; } } else { $arr[$i]['url'] = 'guide.php?subject=' . $myrow['short_form'] . '#box-' . $myrow['additional_id'] . '-' . $myrow['id']; $arr[$i]['hash'] = '#box-' . $myrow['additional_id'] . '-' . $myrow['id']; $arr[$i]['tab_index'] = $myrow['additional_id']; $arr[$i]['pluslet_id'] = $myrow['id']; } break; case "Talkback": $arr[$i]['label'] = html_entity_decode($myrow['label']); if ($this->getSearchPage() == "control") { $arr[$i]['url'] = 'talkback.php?talkback_id=' . $myrow['id']; } else { $arr[$i]['url'] = 'talkback.php'; } break; case "Staff": if ($myrow['fullname'] != null) { $arr[$i]['label'] = $myrow['fullname']; } else { $arr[$i]['label'] = ""; } if ($this->getSearchPage() == "control") { $arr[$i]['url'] = 'user.php?staff_id=' . $myrow['id']; } else { $name = explode('@', $myrow['label']); $arr[$i]['url'] = 'staff_details.php?name=' . $name[0]; } break; } } else { $arr[$i]['value'] = $myrow[0]; } $i++; } $response = json_encode($arr); return $response; }
public function save() { $db = new Querier(); $lobjTabs = json_decode($this->_input['tabs'], true); // Remove all existing entries for that guide from intervening table $subject_id = $this->_input["this_subject_id"]; $qs = "SELECT tab_id FROM tab WHERE subject_id = '{$subject_id}'"; $drs = $db->query($qs); // list all pluslets associated with guide before save that aren't special $qp = "SELECT p.pluslet_id\nFROM pluslet p\nINNER JOIN pluslet_section ps\nON p.pluslet_id = ps.pluslet_id\nINNER JOIN section sec\nON ps.section_id = sec.section_id\nINNER JOIN tab t\nON sec.tab_id = t.tab_id\nINNER JOIN subject s\nON t.subject_id = s.subject_id\nWHERE s.subject_id = {$subject_id}\nAND p.type != 'Special'"; $lobjBeforePluslets = $db->query($qp); $lobjAfterPluslets = array(); // initiate list currently saving pluslets foreach ($drs as $row) { $qd = "DELETE ps, sec FROM pluslet_section ps\n\tINNER JOIN section sec\n\tON ps.section_id = sec.section_id\n\tWHERE sec.tab_id = '{$row[0]}'"; $db->exec($qd); $qd = "DELETE FROM tab WHERE tab_id = '{$row[0]}'"; $db->exec($qd); } $lintTabIndex = 0; foreach ($lobjTabs as $lobjTab) { if (isset($lobjTab['external'])) { } else { $lobjTab['external'] = NULL; } $qi = "INSERT INTO tab (subject_id, label, tab_index, external_url, visibility) VALUES ('{$subject_id}', '{$lobjTab['name']}', {$lintTabIndex}, '{$lobjTab['external']}', {$lobjTab['visibility']})"; // print $qi . "<br />"; $db->exec($qi); $lintTabId = $db->last_id(); $lintSectionIndex = 0; // insert sections foreach ($lobjTab['sections'] as $lobjSection) { // insert section, as of now only one per tab $qi = "INSERT INTO section (section_index, layout, tab_id) VALUES ('{$lintSectionIndex}', '{$lobjSection['layout']}', '{$lintTabId}')"; // print $qi . "<br />"; $db->exec($qi); $lintSecId = $db->last_id(); $left_col = $lobjSection["left_data"]; $center_col = $lobjSection["center_data"]; $sidebar = $lobjSection["sidebar_data"]; // added by dgonzalez in order to separate by '&pluslet[]=' even if dropspot-left doesn't exist $left_col = "&" . $left_col; $center_col = "&" . $center_col; $sidebar = "&" . $sidebar; // remove the "drop here" non-content & get all our "real" contents into array $left_col = str_replace("dropspot-left[]=1", "", $left_col); $leftconts = explode("&pluslet[]=", $left_col); $center_col = str_replace("dropspot-center[]=1", "", $center_col); $centerconts = explode("&pluslet[]=", $center_col); $sidebar = str_replace("dropspot-sidebar[]=1", "", $sidebar); $sidebarconts = explode("&pluslet[]=", $sidebar); // CHECK IF THERE IS CONTENT // Now insert the appropriate entries foreach ($leftconts as $key => $value) { if ($key != 0) { $qi = "INSERT INTO pluslet_section (pluslet_id, section_id, pcolumn, prow) VALUES ('{$value}', '{$lintSecId}', 0, '{$key}')"; // print $qi . "<br />"; $db->exec($qi); array_push($lobjAfterPluslets, $value); } } foreach ($centerconts as $key => $value) { if ($key != 0) { $qi = "INSERT INTO pluslet_section (pluslet_id, section_id, pcolumn, prow) VALUES ('{$value}', '{$lintSecId}', 1, '{$key}')"; // print $qi . "<br />"; $db->exec($qi); array_push($lobjAfterPluslets, $value); } } foreach ($sidebarconts as $key => $value) { if ($key != 0) { $qi = "INSERT INTO pluslet_section (pluslet_id, section_id, pcolumn, prow) VALUES ('{$value}', '{$lintSecId}', 2, '{$key}')"; // print $qi . "<br />"; $db->exec($qi); array_push($lobjAfterPluslets, $value); } } $lintSectionIndex++; } $lintTabIndex++; } // delete all pluslets that are not being used anymore to avoid orphans foreach ($lobjBeforePluslets as $lobjPluslet) { if (!in_array($lobjPluslet['pluslet_id'], $lobjAfterPluslets)) { $q = "DELETE FROM pluslet WHERE pluslet_id = {$lobjPluslet['pluslet_id']}"; if ($db->exec($q) === FALSE) { print "Error could not remove pluslet orphans!"; exit; } } } // /////////////////// // Alter chchchanges table // table, flag, item_id, title, staff_id // ////////////////// // $updateChangeTable = changeMe("guide", "update", $_COOKIE["our_guide_id"], $_COOKIE["our_guide"], $_SESSION['staff_id']); print _("Thy Will Be Done: Guide Updated."); }
use SubjectsPlus\Control\Querier; include "../control/includes/config.php"; include "../control/includes/functions.php"; include "../control/includes/autoloader.php"; //include("libraryHeader.php"); // If you have a theme set, but DON'T want to use it for this page, comment out the next line if (isset($subjects_theme) && $subjects_theme != "") { include "themes/{$subjects_theme}/index.php"; exit; } $use_jquery = array("ui"); $page_title = $resource_name; $description = "The best stuff for your research. No kidding."; $keywords = "research, databases, subjects, search, find"; $noheadersearch = TRUE; $db = new Querier(); // let's use our Pretty URLs if mod_rewrite = TRUE or 1 if ($mod_rewrite == 1) { $guide_path = ""; } else { $guide_path = "guide.php?subject="; } if (isset($_GET['type']) && in_array($_GET['type'], $guide_types)) { // use the submitted value $view_type = scrubData($_GET['type']); } else { $view_type = "all"; } /////////////////////// // Have they done a search? $search = "";
$a = $_POST["discipline_id"]; $b = $_POST["discipline"]; $result = array_combine($a, $b); // Loop through array, update departments table $row_count = 1; foreach ($result as $key => $value) { $qUpDept = "UPDATE discipline SET\n\t\tdiscipline = " . $db->quote(scrubData($value)) . ", \n\t\tsort = " . $row_count . " \n\t\tWHERE discipline_id = " . scrubData($key, "integer"); $rUpDept = $db->exec($qUpDept); $row_count++; } $feedback = _("Thy Will Be Done. discipline list updated."); } /////////////// // disciplines /////////////// $querierDept = new Querier(); $qdiscipline = "select discipline_id, discipline, sort from discipline order by sort, discipline"; $disciplineArray = $querierDept->query($qdiscipline); foreach ($disciplineArray as $value) { $ourlist .= "<li id=\"item-{$value['0']}\" class=\"sortable_item disc-sortable\"><a id=\"delete-{$value['0']}\"><img src=\"{$IconPath}/delete.png\" class=\"pointer\" /></a> <input type=\"text\" size=\"40\" name=\"discipline[]\" value=\"{$value['1']}\" /> <input type=\"hidden\" name=\"discipline_id[]\" value=\"{$value['0']}\" /></li>"; } $discipline_box = "\n<form id=\"disciplines\" action=\"\" method=\"post\">\n<button class=\"button\" id=\"save_guide\" class=\"button pure-button pure-button-primary\" style=\"display: block;\" name=\"update_disciplines\" >" . _("SAVE CHANGES") . "</button>\n\n<p>" . _("NOTE: Disciplines were added to facilitate Serials Solution ingest of data. This original set was provided by SerSol in Nov 2012. \n If you are a SerSol customer, you might not want to change these. Sort may or may not be implemented in your version of SP.") . "</p>\n<p>" . _("Enter discipline type label.") . "</p>\n<br />\n\n<ul id=\"sortable-\" class=\"sortable_list\">\n{$ourlist}\n</ul>\n</form>\n"; $add_discipline_box = "\n<form id=\"new_discipline\" action=\"\" method=\"post\">\n<span class=\"record_label\">" . _("Source Name") . "</span><br />\n<input type=\"text\" name=\"source\" id=\"\" size=\"40\" class=\"\" value=\"\">\n<br /><br />\n<button class=\"button\" id=\"add_discipline\" name=\"add_discipline\">" . _("Add New Discipline") . "</button>\n</form>"; print feedBack($feedback); print "\n\n<form id=\"disciplines\" action=\"\" method=\"post\">\n\n<div class=\"pure-g\">\n <div class=\"pure-u-2-3\">\n"; makePluslet(_("Disciplines"), $discipline_box, "no_overflow"); print "</div>\n<div class=\"pure-u-1-3\">"; makePluslet(_("Add Discipline"), $add_discipline_box, "no_overflow"); print "</div>"; // close pure-u- print "</div>";
//print $address; $output = json_decode($address); //print $output->results[0]->geometry->location->lat; $lat = $output->results[0]->geometry->location->lat; $long = $output->results[0]->geometry->location->lng; $coords = $lat . "," . $long; print $coords; //print $address; return; // return early so we don't show the stuff that follows break; } // End Action loop // Now generate results, $extra_q set in action loop above $q = "SELECT s.subject_id, subject, fname, lname, st.staff_id, type, shortform, s.active\nFROM subject s\nLEFT JOIN staff_subject ss ON s.subject_id = ss.subject_id\nLEFT JOIN staff st ON ss.staff_id = st.staff_id\n{$extra_q}\nORDER BY subject"; $querier = new Querier(); $subsArray = $querier->query($q); if (!empty($subsArray)) { // set up striping $row_count = 0; $colour1 = "oddrow"; $colour2 = "evenrow"; $staff_list = ""; foreach ($subsArray as $value) { if ($value[7] != "1") { $active = " <span style=\"font-size:smaller; color: #666;\">" . _("inactive") . "</span>"; } else { $active = ""; } $row_colour = $row_count % 2 ? $colour1 : $colour2; $staff_list .= "<div class=\"{$row_colour} striper\" style=\"clear: both; float: left; min-width: 500px;\"><input type=\"checkbox\" name=\"guide-{$value['0']}\" value=\"{$value['0']}\"><a class=\"showmedium-reloader\" href=\"../guides/metadata.php?subject_id={$value['0']}&wintype=pop\"><img src=\"{$IconPath}/emblem-system.png\" alt=\"" . _("delete") . "\" border=\"0\"></a> \n <a target=\"_blank\" href=\"../../subjects/guide.php?subject={$value['0']}\"><img src=\"{$IconPath}/eye.png\" alt=\"" . _("see live") . "\" border=\"0\"></a> \n <a href=\"../guides/guide.php?subject_id={$value['0']}\">{$value['1']}</a> {$active}</div> <div class=\"{$row_colour} striper\" style=\"float: left; min-width: 100px; font-size: smaller;\">{$value['2']} {$value['3']}</div> <div class=\"{$row_colour} striper\" style=\"float: left; min-width: 75px;font-size: smaller;\">{$value['5']}</div>";
//depending on step, display content switch ($lintStep) { case 0: //first setup config with site configurations $lobjConfig->displaySetupSiteConfigForm(); break; case 1: //on POST and second step, write configuration and install if (isset($_POST['submit_setup_site_config'])) { $lobjConfig->setNewConfigValues(); if (!$lobjConfig->writeConfigFile()) { //error message $lobjConfig->displayMessage(_("Something went wrong and could not save configurations.")); } else { //include again if config variables have changed include_once 'includes/config.php'; //new installer instance and install and on success show complete page $lobjInstaller = new Installer(); if ($lobjInstaller->install()) { $administrator_email = $_POST['administrator_email']; $db = new Querier(); $db->exec("UPDATE staff SET staff.email=" . $db->quote($administrator_email) . " WHERE staff.staff_id = 1"); $lobjInstaller->displayInstallationCompletePage(); $_SESSION['firstInstall'] = 1; } } } break; } } include_once "includes/footer.php";
// Show feedbck $feedback = $record->getMessage(); } else { $feedback = "There is no record by that ID."; } } if (isset($_POST["submit_record"])) { // 1. Make sure we have minimum non-dupe data // 1a. Make sure there is a title, location, and subject if ($_POST["title"] == "" || $_POST["location"][0] == "" || $_POST["subject"][0] == "") { echo "<div class=\"feedback\">" . _("You must have a title, location, and subject. Please go back and fix these omissions. And turn on JavaScript, for goodness sakes!") . "</div><br /><br />"; exit; } // 1b. IF THIS IS AN INSERT make sure the title isn't an exact dupe if ($_POST["title_id"] == "") { $db = new Querier(); $qDupe = "SELECT title_id, title FROM title WHERE title LIKE " . $db->quote($_POST["title"]); $dupetitleArray = $db->query($qDupe); if ($dupetitleArray) { echo _("There is already a record with this title: ") . "<a href=\"record.php?record_id=" . $dupetitleArray[0] . "\">" . $dupetitleArray[1] . "</a>. " . _("Maybe do a search and make sure it doesn't already exist?"); return FALSE; } } // Submit form $record = new Record($_POST["title_id"], "post"); ////////////////////////////////// // Is this an Insert or an update? ////////////////////////////////// if ($_POST["title_id"] == "") { $record->insertRecord(); $ok_record_id = $record->getRecordId();
include "../includes/header.php"; // Connect to database //print_r($_POST); switch ($_POST["type"]) { case "location": $record = new Record(); $record->buildLocation(); break; case "add_subject": $subject_name = Truncate($_POST["our_sub_text"], 25, ''); $source_name = Truncate($_POST["our_source_text"], 15, ''); echo "<div class=\"selected_item_wrapper\"><div class=\"selected_item\" id=\"root-" . $_POST["our_source_id"] . "\"><input type=\"hidden\" name=\"rank[]\" value=\"0\" /><input type=\"hidden\" name=\"subject[]\" value=\"" . $_POST["our_sub_id"] . "\" /><input type=\"hidden\" id=\"hidden_source-" . $_POST["our_sub_id"] . "-" . $_POST["our_source_id"] . "\" name=\"source[]\" value=\"" . $_POST["our_source_id"] . "\" />" . $subject_name . "<span class=\"small_extra\"> " . $source_name . " </span><br />\n <textarea class=\"desc_override desc-area\" name=\"description_override[]\" rows=\"4\" cols=\"35\"></textarea></div>\n <div class=\"selected_item_options\"><i class=\"fa fa-lg fa-trash delete_sub clickable\" alt=\"" . _("remove subject") . "\" title=\"" . _("remove subject") . "\"></i>\n <i class=\"fa fa-book fa-lg\"></i>\n <i class=\"fa fa-lg fa-file-text-o source_override clickable\" id=\"source_override-" . $_POST["our_sub_id"] . "-" . $_POST["our_source_id"] . "\"></i> </div></div>"; break; case "source_override": // load list of sources $querierSource = new Querier(); $qSource = "select source_id, source from source order by source"; $defsourceArray = $querierSource->query($qSource); $sourceMe = new Dropdown("source_override[]", $defsourceArray, $_POST["our_source_id"]); $source_string = $sourceMe->display(); echo "<span class=\"record-source-override\">" . _("Source Override") . "<br />{$source_string} <img src=\"{$IconPath}/list-add.png\" class=\"add_source\" id=\"add_source_id-" . $_POST["our_subject_id"] . "-" . $_POST["our_source_id"] . "\" alt=\"" . _("add source override") . "\" title=\"" . _("add source override") . "\" border=\"0\">\n <i class=\"fa fa-times clickable cancel_add_source\" id=\"cancel_add_source_id-" . $_POST["our_subject_id"] . "-" . $_POST["our_source_id"] . "\" alt=\"" . _("never mind") . "\" title=\"" . _("never mind") . "\" border=\"0\"></i></span>"; break; case "new_record_label": switch ($_POST["format_type_id"]) { case 1: $label_text = _("Location (Enter URL)"); break; case 2: $label_text = _("Location (Enter Call Number)"); break; case 3:
echo "<br /><br /><p class=\"box\">" . _("You are not authorized to view this.") . "</p>"; include "../includes/footer.php"; exit; } $querier = new Querier(); $q1 = 'SELECT staff_id, CONCAT( fname, " ", lname ) AS fullname, email, CONCAT( emergency_contact_name, " (", emergency_contact_relation, ")", ": ", emergency_contact_phone ) AS contact, CONCAT( street_address, "<br />", city, " ", state, " ", zip ) AS full_address, home_phone, cell_phone, lat_long FROM staff WHERE lat_long != "" AND active = 1'; if (isset($_GET["fac_only"]) && $_GET["fac_only"] == 1) { $q1 = 'SELECT staff_id, CONCAT( fname, " ", lname ) AS fullname, email, CONCAT( emergency_contact_name, " (", emergency_contact_relation, ")", ": ", emergency_contact_phone ) AS contact, CONCAT( street_address, "<br />", city, " ", state, " ", zip ) AS full_address, home_phone, cell_phone, lat_long FROM staff WHERE lat_long != "" AND ptags LIKE "%librarian%"'; } $db = new Querier(); $staffArray = $db->query($q1); ?> <div id="map" style="width: 100%; height: 800px; border: 1px solid #333;"></div> <?php include "../includes/footer.php"; ?> <script type="text/javascript" src="https://maps.google.com/maps/api/js?sensor=false"></script> <script type="text/javascript"> google.maps.event.addDomListener(window, 'load', function() { var requested = ""; /////////////////////
function getAssocSubjects($staff_id, $ptags) { global $mod_rewrite; $assoc_subjects = ""; // See if they're a librarian, and then check for subjects $islib = preg_match('/librarian/', $ptags); if ($islib == 1) { // UM hack in query $q2 = "SELECT subject, shortform \n FROM subject, staff_subject \n WHERE subject.subject_id = staff_subject.subject_id\n AND staff_subject.staff_id = {$staff_id}\n AND subject.active = 1\n AND shortform != 'NewDatabases'\n ORDER BY subject"; //print $q2; $db = new Querier(); $r2 = $db->query($q2); foreach ($r2 as $myrow2) { if ($mod_rewrite == 1) { $link_to_guide = $myrow2[1]; } else { $link_to_guide = "guide.php?subject=" . $myrow2[1]; } $assoc_subjects .= "<a href=\"{$link_to_guide}\">{$myrow2['0']}</a>, "; } } if ($assoc_subjects != "") { $assoc_subjects = rtrim($assoc_subjects, ", "); $assoc_subjects = "<br /><span class=\"smaller\">{$assoc_subjects}</span>"; } else { $assoc_subjects = ""; } return $assoc_subjects; }
function checkReports($staff_id, $super_chain = "", $recursion = 0) { global $all_supers; $indent = ""; $data = ""; $q = "SELECT staff_id, CONCAT( fname, ' ', lname ) AS fullname, email, CONCAT( street_address, ' ', city, ' ', state, ' ', zip) as full_address\n , home_phone, cell_phone,\n emergency_contact_name, emergency_contact_relation,emergency_contact_phone, supervisor_id, lname, fname\n FROM staff\n WHERE supervisor_id = '" . $staff_id . "'\n AND active = 1\n ORDER BY lname, fname"; //print $q . "<br /><br />"; $db = new Querier(); $r = $db->query($q); if (!$r) { return $data; } $row_count = count($r); foreach ($r as $myrow) { if ($recursion == 1) { $q2 = "select lname, staff_id from staff where staff_id = " . $myrow[9] . " ORDER BY lname, fname"; $supername = $db->query($q2); $superbits = explode("-", $super_chain); if (!in_array($supername[1], $superbits)) { $super_chain = $super_chain . "-" . $supername[1]; array_push($all_supers, $supername[1]); } $superbits = explode("-", $super_chain); // need to reset this after the alteration $num_supervisors = count($superbits); //$row_colour = ($row_count % 2) ? $colour1 : $colour2; if ($num_supervisors > 2) { $indent = "margin-left:" . 1 * ($num_supervisors * 1) . "em"; } else { $indent = "font-weight: bold;"; } } //$data .= makeExcelData($myrow); //$data = str_replace( "\r" , "" , $data ); $data .= makeTR($myrow, $indent); if ($recursion == 1) { $data .= checkReports($myrow[0], $super_chain, 1); } } //print "<pre>"; // print_r($typeArray); //return $typeArray; return $data; }
<?php //include subjectsplus config and functions files include_once '../../../../control/includes/config.php'; include_once '../../../../control/includes/functions.php'; include_once '../../../../control/includes/autoloader.php'; use SubjectsPlus\Control\Querier; //only do something if the search_terms is activated if (isset($_POST["search_terms"])) { //initiate Querier $db = new Querier(); $content = '<strong>Results</strong><br />'; if (get_magic_quotes_gpc()) { $searcher = $_POST["search_terms"]; } else { $searcher = addslashes($_POST["search_terms"]); } // Connect to database try { } catch (Exception $e) { echo $e; } //create query to search terms $q = "SELECT title_id, title FROM title WHERE title LIKE '%" . $searcher . "%' ORDER BY title"; //query results $r = $db->query($q); //total returned rows $total_items = count($r); //return message if no results if ($total_items == 0) { $content .= "<br /><div valign=\"top\" style=\"float: left; min-width: 230px;\"><p>" . _("There were no results matching your query.") . "</p></div>";
break; default: //depending on permissions user has, set credential as true or false $check_credentials = isset($_SESSION["view_map"]) && $_SESSION["view_map"] == 1 ? TRUE : FALSE; $and = "AND user_type_id = '1' "; } // Boot them out if they shouldn't be viewing this file if ($check_credentials == FALSE) { echo "<p style=\"background-color: red; color: white;\">You probably should not be here. Please use the back button. If you think you should be able to access this part of the site, please contact an administrator"; include "../includes/footer.php"; exit; } $header = ""; $data = ""; $select = "SELECT lname AS 'Last Name', fname AS 'First Name', tel AS 'Work Phone #', cell_phone AS 'Cell Phone #', home_phone as 'Home Phone', staff.email AS 'Email',\nemergency_contact_name AS 'Contact Name', emergency_contact_phone AS 'Contact Phone #', emergency_contact_relation AS 'Relationship', name AS 'Department',\n street_address AS 'Street Address', city as 'City', state AS 'State', zip as 'Zip Code', supervisor_id AS Super_ID, (SELECT lname from staff where staff.staff_id = Super_ID) AS 'Supervisor LName', (SELECT \n fname from staff where staff.staff_id = Super_ID) AS 'Supervisor FName'\n FROM staff, department\n WHERE active = '1'\n AND staff.department_id = department.department_id\n {$and}\n ORDER BY lname"; $db = new Querier(); $export = $db->query($select); $fields = count($export); // yes, i cheated. couldn't figure out how to get this with pdo from $select query $header_fields = array("Last Name", "First Name", "Work Phone #", "Cell Phone #", "Home Phone", "Contact Name", "Contact Phone #", "Relationship", "Department", "Street Address", "City", "State", "Zip", "Super_ID", "Supervisor Lname", "Supervisor Fname"); foreach ($header_fields as $key => $value) { $header .= $value . "\t"; } foreach ($export as $row) { $line = ''; foreach ($row as $value) { if (!isset($value) || $value == "") { $value = "\t"; } else { $value = str_replace('"', '""', $value); $value = '"' . $value . '"' . "\t";
/** * @file index.php * @brief Display the subject guides by collection splash page * * @author adarby * @date sept 2015 */ use SubjectsPlus\Control\CompleteMe; use SubjectsPlus\Control\Querier; $use_jquery = array("ui"); $page_title = _("Research Guide Collections"); $description = _("The best stuff for your research. No kidding."); $keywords = _("research, databases, subjects, search, find"); $noheadersearch = TRUE; $db = new Querier(); $connection = $db->getConnection(); // let's use our Pretty URLs if mod_rewrite = TRUE or 1 if ($mod_rewrite == 1) { $guide_path = ""; } else { $guide_path = "guide.php?subject="; } /////////////////////// // Have they done a search? $search = ""; if (isset($_POST["search"])) { $search = scrubData($_POST["search"]); } // Get the subjects for jquery autocomplete $suggestibles = "";
s.subject_id = ps.subject_id AND p.body LIKE '%" . $location_hint . "/" . $shortName . "%'"; //print $findGuidesQuery; $findGuidesResult = $querier->query($findGuidesQuery); $guides = array(); // for the list of guides in which the file appears if ($findGuidesResult) { foreach ($findGuidesResult as $row) { $guideName = $row['subject']; $guideId = $row['subject_id']; $guides["$guideId"] = $guideName; } } */ $db = new Querier(); $findGuidesQuery = "\n\t\t\t\tSELECT st.fname, st.lname, s.subject, s.subject_id\n\t\t\t\tFROM pluslet p INNER JOIN pluslet_section ps\n\t\t\t\tON p.pluslet_id = ps.pluslet_id\n\t\t\t\tINNER JOIN section sec\n\t\t\t\tON ps.section_id = sec.section_id\n\t\t\t\tINNER JOIN tab t\n\t\t\t\tON sec.tab_id = t.tab_id\n\t\t\t\tINNER JOIN subject s\n\t\t\t\tON t.subject_id = s.subject_id\n\t\t\t\tINNER JOIN staff_subject ss\n\t\t\t\tON s.subject_id = ss.subject_id\n\t\t\t\tINNER JOIN staff st\n\t\t\t\tON ss.staff_id = st.staff_id\n\t\t\t\tWHERE p.body LIKE " . $db->quote('%' . $location_hint . "/" . $shortName . '%') . "\n OR p.body LIKE " . $db->quote('%' . $location_hint . trim(" \\ ") . $shortName . '%') . "\n OR p.body LIKE " . $db->quote('%' . $location_hint . trim(" \\ ") . "image" . trim(" \\ ") . $shortName . '%') . "\n OR p.body LIKE " . $db->quote('%' . $location_hint . "/image/" . $shortName . '%'); $findGuidesResult = $querier->query($findGuidesQuery); $guides = array(); // for the list of guides in which the file appears if ($findGuidesResult) { foreach ($findGuidesResult as $row) { $owner = $row['fname'] . " " . $row['lname']; $guideName = $row['subject']; $guideId = $row['subject_id']; $guides["{$guideId}"] = $guideName; } } else { $owner = ''; } if (empty($guides)) {