function addSingleQuotation($status, $s_word) { // $status가 ( 1 : 숫자, 2 : 문자일때) ..........문자일때... 이때만 작동을 함 $returnData = $s_word; if ($status == "2") { $returnData = "'" . Addslashes($s_word) . "'"; } return $returnData; }
function smarty_function_get_search($params, &$smarty) { /* $string=escapeshellarg($params['query']); $output=`/usr/local/bin/swish-e -d ::: -p node_name node_id node_type node_content k node_views -s node_views -f /storage/data/index.swish-e -w node_name=($string) or node_content=($string)`; // $output2=`/usr/local/bin/swish-e -d ::: -p node_name node_id node_type node_content k node_views -s node_views -f /storage/data/index.swish-e -w '$string'`; // echo "/usr/local/bin/swish-e -d ::: -p node_name node_id node_type node_content k node_views -s node_views -f /storage/data/index.swish-e -w $string"; // $output=$output1.$output2; $output=str_replace($params['query'],"<span class='most_important'>".$params['query']."</span>",$output); preg_match_all("/:::(.*?):::(.*?):::(.*?):::(.*?):::(.*?):::(.*?):::(.*?):::(.*?):::(.*?)\n/i",$output,$matches); foreach($matches[0] as $key => $value) { preg_match("/(.*?)\.xml/i",$matches[2][$key],$ids); $id=$ids[1]; echo "<a href='/id/".$id."'>".$matches[4][$key]."</a> (".$matches[6][$key].")<br>"; echo $matches[7][$key]."<br><br>"; //echo $matches[5][$key]."<br><br>"; } global $db, $node; $q = "SELECT * FROM nodes WHERE node_system_access!='private' AND template_id=3 AND node_name LIKE '%". str_replace(array("%", "_"), array('\%', '\_'), addslashes($params['query']))."%'"; $set=$db->query($q); while($set->next()) { $rec = $set->getRecord(); echo "<a href='/id/{$rec[node_id]}'>{$rec[node_name]}</a><br>"; } */ global $db, $node; if (is_numeric($params['offset'])) { $offset = $params['offset']; } else { $offset = 0; } if (is_numeric($params['listing_amount'])) { $listing_amount = $params['listing_amount']; } else { $listing_amount = 32; } $query = Addslashes($params['query']); $q = "select * from nodes left join users on users.user_id=nodes.node_creator where node_name like '{$query}%'"; $set = $db->query($q); while ($set->next()) { $array[] = $set->getRecord(); } $smarty->assign('get_search_short', $array); $q = "select users.login as login,nodes.*,node_content,match (node_content) against ('{$query}') as\nprobability from node_content left join users on users.user_id=nodes.node_creator\nleft join nodes on node_content.node_id=nodes.node_id where node_system_access!='private' and match (node_content) against ('{$query}') order by k desc limit {$offset},{$listing_amount}"; $set = $db->query($q); while ($set->next()) { $search[] = $set->getRecord(); } $smarty->assign('get_search', $search); }
function quoteStr($s) { # ekraneerib ohtlikud sümbolid stringis $s = Addslashes($s); #$s = preg_replace ("/(\')/", "\\\'", $s); #$s = preg_replace ("/(_)/", "\\_", $s); return $s; }
public function Cohortsearch($param) { $where = array(); $joins = array(); $selects = array(); $joinstudent = false; $jointutor = false; $joininstitution = false; $joincadre = false; $helper = new Helper(); $institutions = $helper->getUserInstitutions($helper->myid(), false); if (is_array($institutions) && count($institutions) > 0) { $insids = implode(",", $institutions); $where[] = "c.institutionid IN (" . $insids . ")"; } foreach ($param as $key => $value) { if (trim($value) != "") { switch ($key) { case "cohortid": $where[] = "c.cohortid LIKE '%" . addslashes($value) . "%'"; break; case "cohortname": $where[] = "c.cohortname LIKE '%" . Addslashes($value) . "%'"; break; case "startdate": $where[] = "c.startdate = '" . addslashes(date("Y-m-d", strtotime($value))) . "'"; break; case "graddate": $where[] = "c.graddate = '" . addslashes(date("Y-m-d", strtotime($value))) . "'"; break; case "institution": $where[] = "i.id = " . addslashes($value); $joins[] = "INNER JOIN institution i ON i.id = c.institutionid"; # MARK THIS SO WE KNOW WE DON'T NEED AN OPTIONAL LEFT JOIN TO RETRIEVE THE INSTITUTION NAME $joininstitution = true; break; case "cadre": $where[] = "ca.id = " . addslashes($value); $joins[] = "INNER JOIN cadres ca ON ca.id = c.cadreid"; # MARK THIS SO WE KNOW WE DON'T NEED AN OPTIONAL LEFT JOIN TO RETRIEVE THE CADRE NAME $joincadre = true; break; } } } $selects[] = "i.institutionname"; $selects[] = "ca.cadrename"; # IF NO CADRE IS JOINED YET WE DO A LEFT JOIN if (!$joincadre) { $joins[] = "LEFT JOIN cadres ca ON ca.id = c.cadreid"; } # IF NO CADRE IS JOINED YET WE DO A LEFT JOIN if (!$joininstitution) { $joins[] = "LEFT JOIN institution i ON i.id = c.institutionid"; } # STARTING QUERY $query = "SELECT c.*"; # INCLUDING OPTIONAL SELECTS if (count($selects) > 0) { $query .= ", " . implode(", ", $selects); } # CONTINUING BASE QUERY $query .= " FROM cohort c "; # ADDING JOINS if (count($joins) > 0) { $query .= implode("\n", $joins); } # ADDING WHERE CLAUSES if (count($where) > 0) { $query .= " WHERE " . implode(" AND ", $where); } # ADDING ORDERING $query .= " ORDER BY startdate, graddate, cohortname, cohortid"; #die ($query . "<BR><BR><BR>"); # QUERYING $select = $this->dbfunc()->query($query); # RETRIEVING ALL DATA $result = $select->fetchAll(); $helper = new Helper(); $output = array(); foreach ($result as $row) { $students = $helper->getCohortStudents($row['id'], "graduating"); $item = array(); foreach ($row as $key => $value) { $item[$key] = $value; } $item['studentcount'] = count($students); $output[] = $item; } return $output; }
public function buildquery($param, $output) { $where = array(); $joins = array(); $joinstudent = false; $jointutor = false; switch ($output) { case "student": $joinstudent = true; break; case "tutor": $jointutor = true; break; } $helper = new Helper(); $ins = $helper->getUserInstitutions($helper->myid(), false); #var_dump ($ins); foreach ($param as $key => $value) { if (trim($value) != "") { switch ($key) { case "firstname": $where[] = "p.first_name LIKE '%" . addslashes($value) . "%'"; break; case "lastname": $where[] = "p.last_name LIKE '%" . Addslashes($value) . "%'"; break; case "cohort": if ($value != 0) { if ($output == "student") { $where[] = "co.id = " . addslashes($value) . ""; $joinstudent = true; $joins[] = "INNER JOIN link_student_cohort lsco ON lsco.id_student = s.id"; $joins[] = "INNER JOIN cohort co ON co.id = lsco.id_cohort"; } elseif ($output == "tutor") { $where[] = "co.id = " . addslashes($value) . ""; $jointutor = true; $joins[] = "INNER JOIN link_tutor_institution lti ON lti.id_tutor = t.id"; $joins[] = "INNER JOIN cohort co ON co.institutionid = lti.id_institution"; } } break; case "cadre": if ($value != 0) { if ($output == "student") { $where[] = "ca.id = " . addslashes($value) . ""; $joinstudent = true; $joins[] = "INNER JOIN cadres ca ON ca.id = s.cadre"; } elseif ($output == "tutor") { $where[] = "c.id = " . addslashes($value) . ""; $jointutor = true; $joins[] = "INNER JOIN link_cadre_tutor lct ON lct.id_tutor = t.id"; $joins[] = "INNER JOIN cadres c ON c.id = lct.id_cadre"; } } break; case "inst": if ($value != 0) { if ($output == "student") { $where[] = "i.id = " . addslashes($value) . ""; $joinstudent = true; # $joins[] = "INNER JOIN link_student_institution lsi ON lsi.id_student = s.id"; $joins[] = "INNER JOIN institution i ON i.id = s.institutionid"; } elseif ($output == "tutor") { $where[] = "i.institutionname LIKE '%" . addslashes($value) . "%'"; $jointutor = true; $joins[] = "INNER JOIN link_tutor_institution lti ON lti.id_tutor = t.id"; $joins[] = "INNER JOIN institution i ON i.id = lti.id_institution"; } } break; case "fact": if ($value != 0) { if ($output == "student") { $where[] = "f.id = " . addslashes($value) . ""; $joinstudent = true; $joins[] = "INNER JOIN link_student_facility lsf ON lsf.id_student = s.id"; $joins[] = "INNER JOIN facility f ON f.id = lsf.id_facility"; } } break; } } } if ($joinstudent) { $query = "SELECT p.*, s.id AS subid FROM person p "; $query .= " INNER JOIN student s ON s.personid = p.id "; } elseif ($jointutor) { $query = "SELECT p.*, t.id AS subid FROM person p "; $query .= " INNER JOIN tutor t ON t.personid = p.id "; } else { $query = "SELECT p.* FROM person p "; } if (count($joins) > 0) { $query .= implode("\n", $joins); } if (count($where) > 0) { $query .= " WHERE " . implode(" AND ", $where); } $query .= " ORDER BY last_name, first_name"; #die ($query); return $query; }