2 /***************************************************************************
3 * Copyright (C) 2003-2008 Polytechnique.org *
4 * http://opensource.polytechnique.org/ *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
22 // {{{ Global variables used for the search Queries
24 @$globals->search
->result_fields
= '
25 u.user_id, u.promo, u.matricule, u.matricule_ax,
26 if(u.nom_usage=\'\', u.nom, u.nom_usage) AS NomSortKey,
28 u.deces!=0 AS dcd,u.deces,
29 u.perms IN (\'admin\',\'user\', \'disabled\') AS inscrit,
30 u.perms != \'pending\' AS wasinscrit,
31 FIND_IN_SET(\'femme\', u.flags) AS sexe,
33 ad0.text AS app0text, ad0.url AS app0url, ai0.type AS app0type,
34 ad1.text AS app1text, ad1.url AS app1url, ai1.type AS app1type,
35 es.label AS secteur, ef.fonction_fr AS fonction,
36 IF(n.nat=\'\',n.pays,n.nat) AS nat, n.a2 AS iso3166,
37 (COUNT(em.email) > 0 OR FIND_IN_SET("googleapps", u.mail_storage) > 0) AS actif,';
38 // hide private information if not logged
40 $globals->search
->result_fields
.='
41 q.profile_freetext AS freetext,
42 adr.city, gp.pays AS countrytxt, gr.name AS region,
44 nw.address AS networking_address,
45 nwe.name AS networking_name,';
47 $globals->search
->result_fields
.="
48 IF(q.profile_freetext_pub='public', q.profile_freetext, '') AS freetext,
49 IF(adr.pub='public', adr.city, '') AS city,
50 IF(adr.pub='public', gp.pays, '') AS countrytxt,
51 IF(adr.pub='public', gr.name, '') AS region,
52 IF(e.pub='public', e.entreprise, '') AS entreprise,
53 IF(nw.pub='public', nw.address, '') AS networking_address,
54 IF(nw.pub='public', nwe.name, '') AS networking_name,";
55 @$globals->search
->result_where_statement
= '
56 LEFT JOIN applis_ins AS ai0 ON (u.user_id = ai0.uid AND ai0.ordre = 0)
57 LEFT JOIN applis_def AS ad0 ON (ad0.id = ai0.aid)
58 LEFT JOIN applis_ins AS ai1 ON (u.user_id = ai1.uid AND ai1.ordre = 1)
59 LEFT JOIN applis_def AS ad1 ON (ad1.id = ai1.aid)
60 LEFT JOIN entreprises AS e ON (e.entrid = 0 AND e.uid = u.user_id)
61 LEFT JOIN emploi_secteur AS es ON (e.secteur = es.id)
62 LEFT JOIN fonctions_def AS ef ON (e.fonction = ef.id)
63 LEFT JOIN geoloc_pays AS n ON (u.nationalite = n.a2)
64 LEFT JOIN adresses AS adr ON (u.user_id = adr.uid AND FIND_IN_SET(\'active\',adr.statut))
65 LEFT JOIN geoloc_pays AS gp ON (adr.country = gp.a2)
66 LEFT JOIN geoloc_region AS gr ON (adr.country = gr.a2 AND adr.region = gr.region)
67 LEFT JOIN emails AS em ON (em.uid = u.user_id AND em.flags = \'active\')
68 LEFT JOIN profile_networking AS nw ON (nw.uid = u.user_id)
69 LEFT JOIN profile_networking_enum AS nwe ON (nwe.network_type = nw.network_type)';
72 // {{{ class ThrowError
74 /** handle errors for end-users queries
75 * assign the error message and runs the templates
77 * @author Jean-Sebastien Bedo
81 public static $throwHook = array('ThrowError', 'defaultHandler');
84 * @param $explain string the error (in natural language)
86 public function __construct($explain)
88 call_user_func(ThrowError
::$throwHook, $explain);
91 /** defaut error handler
93 private static function defaultHandler($explain)
96 $page =& Platal
::page();
97 $page->changeTpl('search/index.tpl');
98 $page->setTitle('Polytechnique.org - Annuaire');
99 $page->assign('baseurl', $globals->baseurl
);
100 $page->trigError($explain);
106 // {{{ class SField [Base class]
108 /** classe de base représentant un champ de recherche
109 * (correspond à un champ du formulaire mais peut être à plusieurs champs de la bdd)
110 * interface étendue pour chaque type de champ particulier
116 /** le nom du champ dans le formulaire HTML */
118 /** champs de la bdd correspondant à ce champ sous forme d'un tableau */
120 /** champ résultat dans la requête MySQL correspondant à ce champ
121 * (alias utilisé pour la clause ORDER BY) */
122 var $fieldResultName;
123 /** valeur du champ instanciée par l'utilisateur */
130 * (récupère la requête de l'utilisateur pour ce champ) */
131 function SField($_fieldFormName, $_fieldDbName='', $_fieldResultName='')
133 $this->fieldFormName
= $_fieldFormName;
134 $this->fieldDbName
= $_fieldDbName;
135 $this->fieldResultName
= $_fieldResultName;
136 $this->get_request();
140 // {{{ function get_request()
142 /** récupérer la requête de l'utilisateur
143 * on met une chaîne vide si le champ n'a pas été complété */
144 function get_request()
146 $this->value
= trim(Env
::v($this->fieldFormName
));
150 // {{{ function get_where_statement()
152 /** récupérer la clause correspondant au champ dans la clause WHERE de la requête
153 * on parcourt l'ensemble des champs de la bdd de $fieldDbName et on associe
154 * à chacun d'entre eux une clause spécifique
155 * la clause totale et la disjonction de ces clauses spécifiques */
156 function get_where_statement()
158 if ($this->value
=='') {
161 $res = implode(' OR ', array_filter(array_map(array($this, 'get_single_where_statement'), $this->fieldDbName
)));
162 return empty($res) ?
'' : "($res)";
166 // {{{ function get_order_statement()
168 /** récupérer la clause correspondant au champ dans la clause ORDER BY de la requête
169 * utilisé par exemple pour placer d'abord le nom égal à la requête avant les approximations */
170 function get_order_statement()
176 // {{{ function get_select_statement()
178 function get_select_statement()
184 // {{{ function get_url()
186 /** récupérer le bout d'URL correspondant aux paramètres permettant d'imiter une requête d'un
187 * utilisateur assignant la valeur $this->value à ce champ */
190 if (empty($this->value
)) {
193 return $this->fieldFormName
.'='.urlencode($this->value
);
201 // {{{ class QuickSearch [Google Like]
203 class QuickSearch
extends SField
209 /** stores numerical ranges */
211 /** stores admin searches */
214 /** stores phone number */
220 function QuickSearch($_fieldFormName)
222 $this->fieldFormName
= $_fieldFormName;
223 $this->get_request();
224 if (preg_match(":[\]\[{}~/§_`|%$^=+]|\*\*:u", $this->value
)) {
225 new ThrowError('Un champ contient un caractère interdit rendant la recherche impossible.');
230 // {{{ function isempty()
234 return empty($this->strings
) && empty($this->ranges
) && empty($this->email
) && empty($this->ip
) && empty($this->phone
);
238 // {{{ function get_request()
240 function get_request()
242 parent
::get_request();
243 $s = replace_accent(trim($this->value
));
244 $r = $s = str_replace('*','%',$s);
246 if (S
::has_perms() && strpos($s, '@') !== false
) {
248 } else if (S
::has_perms() && preg_match('/[0-9]+\.([0-9]+|%)\.([0-9]+|%)\.([0-9]+|%)/', $s)) {
251 if ($this->email ||
$this->ip
) {
252 $this->strings
= $this->ranges
= array();
256 $s = preg_replace('!\d+!', ' ', $s);
257 $this->strings
= preg_split("![^a-zA-Z%]+!",$s, -1, PREG_SPLIT_NO_EMPTY
);
258 if (count($this->strings
) > 5) {
259 Platal
::page()->trigWarning("Tu as indiqué trop d'éléments dans ta recherche, seuls les 5 premiers seront pris en compte");
260 $this->strings
= array_slice($this->strings
, 0, 5);
263 $s = preg_replace('! *- *!', '-', $r);
264 $s = preg_replace('!([<>]) *!', ' \1', $s);
265 $s = preg_replace('![^0-9\-><]!', ' ', $s);
266 $s = preg_replace('![<>\-] !', '', $s);
267 $ranges = preg_split('! +!', $s, -1, PREG_SPLIT_NO_EMPTY
);
268 $this->ranges
=Array();
269 foreach ($ranges as $r) {
270 if (preg_match('!^([<>]\d{4}|\d{4}(-\d{4})?)$!', $r)) $this->ranges
[] = $r;
273 $t = preg_replace('!(\d{4}-\d{4}|>\d{4}|<\d{4})!', '', $s);
274 $t = preg_replace('![<>\- ]!', '', $t);
275 if (strlen($t) > 4) {
281 // {{{ function get_where_statement()
283 function get_where_statement()
286 foreach ($this->strings
as $i => $s) {
287 if (Env
::i('with_soundex') && strlen($s) > 1) {
289 $where[] = "sn$i.soundex = '$t'";
291 $t = str_replace('*', '%', $s).'%';
292 $t = str_replace('%%', '%', $t);
293 $where[] = "sn$i.token LIKE '$t'";
298 foreach ($this->ranges
as $r) {
299 if (preg_match('!^\d{4}$!', $r)) {
300 $wherep[] = "u.promo=$r";
301 } elseif (preg_match('!^(\d{4})-(\d{4})$!', $r, $matches)) {
302 $p1=min(intval($matches[1]), intval($matches[2]));
303 $p2=max(intval($matches[1]), intval($matches[2]));
304 $wherep[] = "(u.promo>=$p1 AND u.promo<=$p2)";
305 } elseif (preg_match('!^<(\d{4})!', $r, $matches)) {
306 $wherep[] = "u.promo<={$matches[1]}";
307 } elseif (preg_match('!^>(\d{4})!', $r, $matches)) {
308 $wherep[] = "u.promo>={$matches[1]}";
311 if (!empty($wherep)) {
312 $where[] = '('.join(' OR ',$wherep).')';
314 if (!empty($this->email
)) {
315 $where[] = 'ems.email = ' . XDB
::escape($this->email
);
317 if (!empty($this->ip
)) {
318 $ip = ip_to_uint($this->ip
);
319 $where[] = "( ls.ip = $ip OR ls.forward_ip = $ip ) AND ls.suid = 0";
321 if (!empty($this->phone
)){
322 require_once("profil.func.inc.php");
323 $phone = format_phone_number($this->phone
) . "%";
324 $where[] = 't.search_tel LIKE ' . XDB
::escape($phone);
327 return join(" AND ", $where);
331 // {{{ get_select_statement
332 function get_select_statement()
337 foreach ($this->strings
as $i => $s) {
339 $and = "AND FIND_IN_SET('public', sn$i.flags)";
341 $myu = str_replace('snv', "sn$i", $uniq);
342 $join .= "INNER JOIN search_name AS sn$i ON (u.user_id = sn$i.uid $and$myu)\n";
343 $uniq .= " AND sn$i.token != snv.token";
345 if (!empty($this->email
)) {
346 $join .= "LEFT JOIN emails AS ems ON (ems.uid = u.user_id)";
348 if (!empty($this->ip
)) {
349 $join .= "INNER JOIN logger.sessions AS ls ON (ls.uid = u.user_id)\n";
351 if (!empty($this->phone
)) {
353 $join .= "INNER JOIN profile_phones AS t ON (t.uid = u.user_id AND t.pub = 'public')";
355 $join .= "INNER JOIN profile_phones AS t ON (t.uid = u.user_id)";
361 // {{{ function get_order_statement()
363 function get_order_statement()
369 // {{{ function get_score_statement
371 function get_score_statement()
374 foreach ($this->strings
as $i => $s) {
375 $sum[] .= "SUM(sn$i.score + IF('$s'=sn$i.token,5,0))";
377 return join('+', $sum).' AS score';
384 // {{{ class NumericSField [Integer fields]
386 /** classe de champ numérique entier (offset par exemple)
388 class NumericSField
extends SField
393 * (récupère la requête de l'utilisateur pour ce champ) */
394 function NumericSField($_fieldFormName)
396 $this->fieldFormName
= $_fieldFormName;
397 $this->get_request();
401 // {{{ function get_request()
403 /** récupère la requête de l'utilisateur et échoue s'il ne s'agit pas d'un entier */
404 function get_request()
406 parent
::get_request();
407 if (empty($this->value
)) {
410 if (!preg_match("/^[0-9]+$/", $this->value
)) {
411 new ThrowError('Un champ numérique contient des caractères alphanumériques.');
419 // {{{ class RefSField [ ??? ]
421 class RefSField
extends SField
433 function RefSField($_fieldFormName, $_fieldDbName='', $_refTable, $_refAlias, $_refCondition, $_exact=true
)
435 $this->fieldFormName
= $_fieldFormName;
436 $this->fieldDbName
= $_fieldDbName;
437 $this->refTable
= $_refTable;
438 $this->refAlias
= $_refAlias;
439 $this->refCondition
= $_refCondition;
440 $this->exact
= $_exact;
441 $this->get_request();
445 // {{{ function get_request()
447 function get_request() {
448 parent
::get_request();
449 if ($this->value
=='00' ||
$this->value
=='0') {
455 // {{{ function too_large()
459 return ($this->value
=='');
463 // {{{ function compare()
467 $val = addslashes($this->value
);
468 return $this->exact ?
"='$val'" : " LIKE '%$val%'";
472 // {{{ function get_single_match_statement()
474 function get_single_match_statement($field)
476 return $field.$this->compare();
480 // {{{ function get_single_where_statement()
482 function get_single_where_statement($field)
484 return $this->refTable
=='' ?
$this->get_single_match_statement($field) : false
;
488 // {{{ function get_select_statement()
490 function get_select_statement()
492 if ($this->value
=='' ||
$this->refTable
=='') {
495 $res = implode(' OR ', array_filter(array_map(array($this, 'get_single_match_statement'), $this->fieldDbName
)));
496 if (is_array($this->refTable
)) {
497 foreach ($this->refTable
as $i => $refT)
500 foreach ($this->refTable
as $i => $refT)
501 $inner .= " INNER JOIN {$refT} AS {$this->refAlias[$i]} ON ({$this->refCondition[$i]} ".(($i == $last)?
"AND ($res) ":"").")\n";
504 return "INNER JOIN {$this->refTable} AS {$this->refAlias} ON ({$this->refCondition} AND ($res) )";
513 // {{{ class RefSFieldMultipleTable
514 class PhoneSField
extends RefSField
516 function PhoneSField($_fieldFormName, $_fieldDbName='', $_refTable, $_refAlias, $_refCondition)
518 $this->RefSField($_fieldFormName, $_fieldDbName, $_refTable, $_refAlias, $_refCondition, true
);
521 function get_request()
523 require_once("profil.func.inc.php");
524 $this->value
= trim(Env
::v($this->fieldFormName
));
525 $this->value
= format_phone_number($this->value
);
530 return " LIKE '" . addslashes($this->value
) . "%'";
534 class IndexSField
extends RefSField
536 function IndexSField($_fieldFormName, $_fieldDbName='', $_refTable, $_refAlias, $_refCondition)
538 $this->RefSField($_fieldFormName, $_fieldDbName, $_refTable, $_refAlias, $_refCondition, true
);
541 function get_request()
543 $this->value
= trim(Env
::v($this->fieldFormName
));
547 class MapSField
extends RefSField
551 function MapSField($_fieldFormName, $_fieldDbName='', $_refTable, $_refAlias, $_refCondition, $_mapId=false
)
553 if ($_mapId === false
)
554 $this->mapId
= Env
::v($_fieldFormName, '');
556 $this->mapId
= $_mapId;
557 $this->value
= $this->mapId
;
558 $this->RefSField($_fieldFormName, $_fieldDbName, $_refTable, $_refAlias, $_refCondition, true
, false
);
561 function get_select_statement()
563 if ($this->mapId
=== '') return false
;
564 $res = implode(' OR ', array_filter(array_map(array($this, 'get_single_match_statement'), $this->fieldDbName
)));
565 foreach ($this->refTable
as $i => $refT)
568 foreach ($this->refTable
as $i => $refT)
569 $inner .= " INNER JOIN {$refT} AS {$this->refAlias[$i]} ON ({$this->refCondition[$i]} ".(($i == $last)?
"AND ($res) ":"").")";
572 function get_request()
574 $this->value
= $this->mapId
;
578 // {{{ class RefWithSoundexSField [ ??? ]
580 class RefWithSoundexSField
extends RefSField
582 // {{{ function compare()
586 return "='".soundex_fr($this->value
)."'";
593 // {{{ class StringSField [String fields]
595 /** classe de champ texte (nom par exemple)
597 class StringSField
extends SField
599 // {{{ function get_request()
601 /** récupère la requête de l'utilisateur et échoue si la chaîne contient des caractères
603 function get_request()
605 parent
::get_request();
606 if (preg_match(":[\]\[<>{}~/§_`|%$^=+]|\*\*:u", $this->value
)) {
607 new ThrowError('Un champ contient un caractère interdit rendant la recherche impossible.');
612 // {{{ function length()
614 /** donne la longueur de la requête de l'utilisateur
615 * (au sens strict i.e. pas d'* ni d'espace ou de trait d'union -> les contraintes réellement
616 * imposées par l'utilisateur) */
619 $cleaned = replace_accent(strtolower($this->value
));
620 $length = strlen(ereg_replace('[a-z0-9]', '', $cleaned));
621 return strlen($this->value
) - $length;
625 // {{{ function too_large()
629 return ($this->length()<2);
633 // {{{ function get_single_where_statement()
635 /** clause WHERE correspondant à un champ de la bdd et à ce champ de formulaire
636 * @param field nom de champ de la bdd concerné par la clause */
637 function get_single_where_statement($field)
639 $regexp = strtr(addslashes($this->value
), '-*', '_%');
640 return "$field LIKE '$regexp%'";
644 // {{{ function get_order_statement()
646 /** clause ORDER BY correspondant à ce champ de formulaire */
647 function get_order_statement()
649 if ($this->value
!='' && $this->fieldResultName
!='') {
650 return "{$this->fieldResultName}!='".addslashes($this->value
)."'";
660 // {{{ class NameSField [Names : serach 'n%' + '% b']
662 /** classe pour les noms : on cherche en plus du like 'foo%' le like '% foo' (particules)
664 class NameSField
extends StringSField
666 // {{{ function get_single_where_statement()
668 function get_single_where_statement($field)
670 $regexp = strtr(addslashes($this->value
), '-*', '_%');
671 return "$field LIKE '$regexp%' OR $field LIKE '% $regexp%' OR $field LIKE '%-$regexp%'";
675 // {{{ function get_order_statement()
677 function get_order_statement()
679 if ($this->value
!='' && $this->fieldResultName
!='') {
680 return "{$this->fieldResultName} NOT LIKE '".addslashes($this->value
)."'";
690 // {{{ class StringWithSoundexSField [Strings + soundex]
692 /** classe de champ texte avec soundex (nom par exemple)
694 class StringWithSoundexSField
extends StringSField
696 // {{{ function get_single_where_statement()
698 /** clause WHERE correspondant à un champ de la bdd et à ce champ de formulaire
699 * @param field nom de champ de la bdd concerné par la clause */
700 function get_single_where_statement($field) {
701 return $field.'="'.soundex_fr($this->value
).'"';
708 // {{{ class PromoSField [Prom field]
710 /** classe de champ de promotion */
711 class PromoSField
extends SField
715 /** opérateur de comparaison (<,>,=) de la promo utilisé pour ce champ de formulaire */
722 * compareField est un champ de formulaire très simple qui ne sert qu'à la construction de la
723 * clause WHERE de la promo */
724 function PromoSField($_fieldFormName, $_compareFieldFormName, $_fieldDbName, $_fieldResultName)
726 parent
::SField($_fieldFormName, $_fieldDbName, $_fieldResultName);
727 $this->compareField
= new SField($_compareFieldFormName);
731 // {{{ function get_request()
733 /** récupère la requête utilisateur et échoue si le champ du formulaire ne représente pas une
734 * promotion (nombre à 4 chiffres) */
735 function get_request()
737 parent
::get_request();
738 if (preg_match('/^[0-9]{2}$/', $this->value
)){
739 $this->value
= intval($this->value
) +
1900;
741 if (!(empty($this->value
) or preg_match('/^[0-9]{4}$/', $this->value
))) {
742 new ThrowError('La promotion est une année à quatre chiffres.');
747 // {{{ function is_a_single_promo()
749 /** teste si la requête est de la forme =promotion -> contrainte forte imposée -> elle suffit
750 * pour autoriser un affichage des résultats alors que <promotion est insuffisant */
751 function is_a_single_promo()
753 return ($this->compareField
->value
=='=' && $this->value
!='');
757 // {{{ function too_large()
761 return !$this->is_a_single_promo();
765 // {{{ function get_single_where_statement()
767 /** clause WHERE correspondant à ce champ */
768 function get_single_where_statement($field)
770 return $field.$this->compareField
->value
.$this->value
;
774 // {{{ function get_url()
776 /** récupérer le bout d'URL correspondant aux paramètres permettant d'imiter une requête
777 * d'un utilisateur assignant la valeur $this->value à ce champ et assignant l'opérateur de
778 * comparaison adéquat */
781 if (!($u=parent
::get_url())) {
784 return $u.'&'.$this->compareField
->get_url();
791 // {{{ class SFieldGroup [Group fields]
793 /** classe groupant des champs de formulaire de recherche */
798 /** tableau des classes correspondant aux champs groupés */
800 /** type de groupe : ET ou OU */
807 function SFieldGroup($_and, $_fields)
809 $this->fields
= $_fields;
811 foreach ($this->fields
as $key=>&$field) {
812 if (is_null($field)) {
813 unset($this->fields
[$key]);
819 // {{{ function too_large()
824 for ($i=0 ; $b && $i<count($this->fields
) ; $i++
) {
825 if (!is_null($this->fields
[$i])) {
826 $b = $b && $this->fields
[$i]->too_large();
833 // {{{ function field_get_select()
835 function field_get_select($f)
837 return $f->get_select_statement();
841 // {{{ function field_get_where()
843 /** récupérer la clause WHERE d'un objet champ de recherche */
844 function field_get_where($f)
846 return $f->get_where_statement();
850 // {{{ function field_get_order()
852 /** récupérer la clause ORDER BY d'un objet champ de recherche */
853 function field_get_order($f)
855 return $f->get_order_statement();
859 // {{{ function field_get_url()
861 /** récupérer le bout d'URL correspondant à un objet champ de recherche */
862 function field_get_url($f)
864 return $f->get_url();
868 // {{{ function get_select_statement()
870 function get_select_statement()
872 return implode(' ', array_filter(array_map(array($this, 'field_get_select'), $this->fields
)));
876 // {{{ function get_where_statement()
878 /** récupérer la clause WHERE du groupe de champs = conjonction (ET) ou disjonction (OU) de
879 * clauses des champs élémentaires */
880 function get_where_statement()
882 $joinText = $this->and ?
' AND ' : ' OR ';
883 $res = implode($joinText, array_filter(array_map(array($this, 'field_get_where'), $this->fields
)));
884 return $res == '' ?
'' : "($res)";
888 // {{{ function get_order_statement()
890 /** récupérer la clause ORDER BY du groupe de champs = conjonction (ET) ou disjonction (OU) de
891 * clauses des champs élémentaires */
892 function get_order_statement()
894 $order = array_filter(array_map(array($this, 'field_get_order'), $this->fields
));
895 return count($order)>0 ?
implode(',', $order) : false
;
899 // {{{ function get_url()
901 /** récupérer le bout d'URL correspondant à ce groupe de champs = concaténation des bouts d'URL
902 * des champs élémentaires */
903 function get_url($others=Array())
905 $url = array_filter(array_map(array($this, 'field_get_url'), $this->fields
));
906 foreach ($url as $key=>$val) {
911 foreach ($others as $key=>$val) {
913 $url[] = "$key=$val";
916 return count($url)>0 ?
implode('&', $url) : false
;
924 // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: