if (isset($_REQUEST['search_terms'])) { $search_terms = addslashes($_REQUEST['search_terms']); } if (empty($search_terms)) { // display form $tool_content .= "\n <form method='post' action='{$_SERVER['SCRIPT_NAME']}'>\n <fieldset>\n <legend>{$langSearchCriteria}</legend>\n <table width='100%' class='tbl'>\n <tr>\n <th class='left' width='120'>{$langOR}</th>\n <td colspan='2'><input name='search_terms' type='text' size='80'/></td>\n </tr>\n <tr>\n <th width='30%' class='left' valign='top' rowspan='4'>{$langSearchIn}</th>\n <td width='35%'><input type='checkbox' name='announcements' checked='checked' />{$langAnnouncements}</td>\n <td width='35%'><input type='checkbox' name='agenda' checked='checked' />{$langAgenda}</td>\n </tr>\n <tr>\n <td><input type='checkbox' name='course_units' checked='checked' />{$langCourseUnits}</td>\n <td><input type='checkbox' name='documents' checked='checked' />{$langDoc}</td>\n </tr>\n <tr>\n <td><input type='checkbox' name='forums' checked='checked' />{$langForums}</td>\n <td><input type='checkbox' name='exercises' checked='checked' />{$langExercices}</td>\n </tr>\n <tr>\n <td><input type='checkbox' name='video' checked='checked' />{$langVideo}</td>\n <td><input type='checkbox' name='links' checked='checked' />{$langLinks}</td>\n </tr>\n <tr>\n <th> </th>\n <td colspan='2' class='right'><input class='btn btn-primary' type='submit' name='submit' value='{$langDoSearch}' /></td>\n </tr>\n </table>\n </fieldset>\n </form>"; } else { // ResourceIndexers require course_id inside the input data array (POST, but we do not want to pass it through the form) $_POST['course_id'] = $course_id; // Search Terms might come from GET, but we want to pass it alltogether with POST in ResourceIndexers $_POST['search_terms'] = $search_terms; $idx = new Indexer(); $tool_content .= "\n <div id=\"operations_container\">\n <ul id='opslist'>\n <li><a href='" . $_SERVER['SCRIPT_NAME'] . "'>{$langNewSearch}</a></li>\n </ul>\n </div>\n <p class='sub_title1'>{$langResults}</p>"; // search in announcements if ($announcements) { $announceHits = $idx->searchRaw(AnnouncementIndexer::buildQuery($_POST)); if (count($announceHits) > 0) { $tool_content .= "<script type='text/javascript' src='../auth/sorttable.js'></script>\n <table width='99%' class='sortable' id='t1' align='left'>\n <tr>\n <th colspan='2'>{$langAnnouncements}:</th>\n </tr>"; $numLine = 0; foreach ($announceHits as $annHit) { $announce = Database::get()->querySingle("SELECT title, content, date FROM announcement WHERE id = ?d", $annHit->pkid); $class = $numLine % 2 ? 'odd' : 'even'; $tool_content .= "<tr class='{$class}'>\n <td width='1' valign='top'><img style='padding-top:3px;' src='{$themeimg}/arrow.png' title='bullet' /></td>\n <td><b><a href='" . $annHit->url . "'>" . q($announce->title) . "</a></b> \n <small>(" . nice_format(claro_format_locale_date($dateFormatLong, strtotime($announce->date))) . ")\n </small><br />" . $announce->content . "</td></tr>"; $numLine++; } $tool_content .= "</table>"; $found = true; } } // search in agenda if ($agenda) {
$pageName = $langSearch; // exit if search is disabled if (!get_config('enable_search')) { $tool_content .= "<div class='alert alert-info'>{$langSearchDisabled}</div>"; draw($tool_content, 0); exit; } // exit if no POST data if (!register_posted_variables(array('search_terms' => false, 'search_terms_title' => false, 'search_terms_keywords' => false, 'search_terms_instructor' => false, 'search_terms_coursecode' => false, 'search_terms_description' => false), 'any')) { $tool_content .= CourseIndexer::getDetailedSearchForm(); draw($tool_content, 0); exit; } // search in the index $idx = new Indexer(); $hits1 = $idx->searchRaw(CourseIndexer::buildQuery($_POST)); // courses with visible 1 or 2 // Additional Access Rights $anonymous = false; if (isset($uid) and $uid) { $anonymous = true; $hits2 = $idx->searchRaw(CourseIndexer::buildQuery($_POST, false)); // courses with visible 0 or 3 if ($uid == 0) { $hits = array_merge($hits1, $hits2); // admin has access to all } else { $res = Database::get()->queryArray("SELECT course.id \n FROM course \n JOIN course_user ON course.id = course_user.course_id \n AND course_user.user_id = ?d", $uid); $subscribed = array(); foreach ($res as $row) { $subscribed[] = $row->id;
// exit if no POST data if (!register_posted_variables(array('search_terms' => false, 'search_terms_title' => false, 'search_terms_keywords' => false, 'search_terms_instructor' => false, 'search_terms_coursecode' => false, 'search_terms_description' => false), 'any')) { $tool_content .= CourseIndexer::getDetailedSearchForm(); draw($tool_content, 0); exit(); } // search in the index $idx = new Indexer(); $hits1 = $idx->searchRaw(CourseIndexer::buildQuery($_POST)); // courses with visible 1 or 2 // Additional Access Rights $anonymous = false; if (isset($uid) and $uid) { $anonymous = true; $hits2 = $idx->searchRaw(CourseIndexer::buildQuery($_POST, false)); // courses with visible 0 or 3 if ($uid == 0) { $hits = array_merge($hits1, $hits2); // admin has access to all } else { $res = Database::get()->queryArray("SELECT course.id FROM course JOIN course_user ON course.id = course_user.course_id AND course_user.user_id = ?d", $uid); $subscribed = array(); foreach ($res as $row) {