// {{{ Global variables used for the search Queries
-$globals->search->result_fields = '
- u.user_id, u.promo, u.matricule, u.matricule_ax,
- if(u.nom_usage=\'\', u.nom, u.nom_usage) AS NomSortKey,
- u.nom_usage,u.date,
- u.deces!=0 AS dcd,u.deces,
- u.perms IN (\'admin\',\'user\', \'disabled\') AS inscrit,
- u.perms != \'pending\' AS wasinscrit,
- FIND_IN_SET(\'femme\', u.flags) AS sexe,
- a.alias AS forlife,
- ad0.text AS app0text, ad0.url AS app0url, ai0.type AS app0type,
- ad1.text AS app1text, ad1.url AS app1url, ai1.type AS app1type,
- es.label AS secteur, ef.fonction_fr AS fonction,
- IF(n.nat=\'\',n.pays,n.nat) AS nat, n.a2 AS iso3166,
- COUNT(em.email) > 0 AS actif,';
+@$globals->search->result_fields = '
+ u.user_id, u.promo, u.matricule, u.matricule_ax,
+ if(u.nom_usage=\'\', u.nom, u.nom_usage) AS NomSortKey,
+ u.nom_usage,u.date,
+ u.deces!=0 AS dcd,u.deces,
+ u.perms IN (\'admin\',\'user\', \'disabled\') AS inscrit,
+ u.perms != \'pending\' AS wasinscrit,
+ FIND_IN_SET(\'femme\', u.flags) AS sexe,
+ a.alias AS forlife,
+ ad0.text AS app0text, ad0.url AS app0url, ai0.type AS app0type,
+ ad1.text AS app1text, ad1.url AS app1url, ai1.type AS app1type,
+ es.label AS secteur, ef.fonction_fr AS fonction,
+ IF(n.nat=\'\',n.pays,n.nat) AS nat, n.a2 AS iso3166,
+ COUNT(em.email) > 0 AS actif,';
// hide private information if not logged
-if (S::logged())
- $globals->search->result_fields .='
- q.profile_web AS web,
- q.profile_mobile AS mobile,
- q.profile_freetext AS freetext,
- adr.city, gp.pays AS countrytxt, gr.name AS region,
- e.entreprise,';
+if (S::logged())
+ $globals->search->result_fields .='
+ q.profile_web AS web,
+ q.profile_mobile AS mobile,
+ q.profile_freetext AS freetext,
+ adr.city, gp.pays AS countrytxt, gr.name AS region,
+ e.entreprise,';
else
- $globals->search->result_fields .="
- IF(q.profile_web_pub='public', q.profile_web, '') AS web,
- IF(q.profile_mobile_pub='public', q.profile_mobile, '') AS mobile,
- IF(q.profile_freetext_pub='public', q.profile_freetext, '') AS freetext,
- IF(adr.pub='public', adr.city, '') AS city,
- IF(adr.pub='public', gp.pays, '') AS countrytxt,
- IF(adr.pub='public', gr.name, '') AS region,
- IF(e.pub='public', e.entreprise, '') AS entreprise,";
-$globals->search->result_where_statement = '
- LEFT JOIN applis_ins AS ai0 ON (u.user_id = ai0.uid AND ai0.ordre = 0)
- LEFT JOIN applis_def AS ad0 ON (ad0.id = ai0.aid)
- LEFT JOIN applis_ins AS ai1 ON (u.user_id = ai1.uid AND ai1.ordre = 1)
- LEFT JOIN applis_def AS ad1 ON (ad1.id = ai1.aid)
- LEFT JOIN entreprises AS e ON (e.entrid = 0 AND e.uid = u.user_id)
- LEFT JOIN emploi_secteur AS es ON (e.secteur = es.id)
- LEFT JOIN fonctions_def AS ef ON (e.fonction = ef.id)
- LEFT JOIN geoloc_pays AS n ON (u.nationalite = n.a2)
- LEFT JOIN adresses AS adr ON (u.user_id = adr.uid AND FIND_IN_SET(\'active\',adr.statut))
- LEFT JOIN geoloc_pays AS gp ON (adr.country = gp.a2)
- LEFT JOIN geoloc_region AS gr ON (adr.country = gr.a2 AND adr.region = gr.region)
- LEFT JOIN emails AS em ON (em.uid = u.user_id AND em.flags = \'active\')';
-
-// }}}
-// {{{ function display_lines()
-
-/**
- * This function is a heuristic that approximatively tells
- * how many lines of output the contact list will use.
- */
-function display_lines($text)
-{
- $n = 0;
- $tokens = Array('<tr>', '<div class="nom">');
- foreach ($tokens as $t) {
- $i = -1;
- while ( ($i = strpos($text,$t,$i+1))!==false) { $n++; }
- }
- return $n;
-}
+ $globals->search->result_fields .="
+ IF(q.profile_web_pub='public', q.profile_web, '') AS web,
+ IF(q.profile_mobile_pub='public', q.profile_mobile, '') AS mobile,
+ IF(q.profile_freetext_pub='public', q.profile_freetext, '') AS freetext,
+ IF(adr.pub='public', adr.city, '') AS city,
+ IF(adr.pub='public', gp.pays, '') AS countrytxt,
+ IF(adr.pub='public', gr.name, '') AS region,
+ IF(e.pub='public', e.entreprise, '') AS entreprise,";
+@$globals->search->result_where_statement = '
+ LEFT JOIN applis_ins AS ai0 ON (u.user_id = ai0.uid AND ai0.ordre = 0)
+ LEFT JOIN applis_def AS ad0 ON (ad0.id = ai0.aid)
+ LEFT JOIN applis_ins AS ai1 ON (u.user_id = ai1.uid AND ai1.ordre = 1)
+ LEFT JOIN applis_def AS ad1 ON (ad1.id = ai1.aid)
+ LEFT JOIN entreprises AS e ON (e.entrid = 0 AND e.uid = u.user_id)
+ LEFT JOIN emploi_secteur AS es ON (e.secteur = es.id)
+ LEFT JOIN fonctions_def AS ef ON (e.fonction = ef.id)
+ LEFT JOIN geoloc_pays AS n ON (u.nationalite = n.a2)
+ LEFT JOIN adresses AS adr ON (u.user_id = adr.uid AND FIND_IN_SET(\'active\',adr.statut))
+ LEFT JOIN geoloc_pays AS gp ON (adr.country = gp.a2)
+ LEFT JOIN geoloc_region AS gr ON (adr.country = gr.a2 AND adr.region = gr.region)
+ LEFT JOIN emails AS em ON (em.uid = u.user_id AND em.flags = \'active\')';
// }}}
// {{{ class ThrowError
*/
class ThrowError
{
+ public static $throwHook = array('ThrowError', 'defaultHandler');
+
/** constuctor
* @param $explain string the error (in natural language)
*/
- function ThrowError($explain)
+ public function __construct($explain)
{
- global $page;
+ call_user_func(ThrowError::$throwHook, $explain);
+ }
+
+ /** defaut error handler
+ */
+ private static function defaultHandler($explain)
+ {
+ global $page, $globals;
+ $page->changeTpl('search/index.tpl');
+ $page->assign('xorg_title','Polytechnique.org - Annuaire');
+ $page->assign('baseurl', $globals->baseurl);
$page->trig('Erreur : '.$explain);
$page->run();
}
class SField
{
// {{{ properties
-
+
/** le nom du champ dans le formulaire HTML */
var $fieldFormName;
/** champs de la bdd correspondant à ce champ sous forme d'un tableau */
// }}}
// {{{ function get_request()
- /** récupérer la requête de l'utilisateur
+ /** récupérer la requête de l'utilisateur
* on met une chaîne vide si le champ n'a pas été complété */
function get_request()
{
// }}}
// {{{ function get_where_statement()
-
+
/** récupérer la clause correspondant au champ dans la clause WHERE de la requête
- * on parcourt l'ensemble des champs de la bdd de $fieldDbName et on associe
+ * on parcourt l'ensemble des champs de la bdd de $fieldDbName et on associe
* à chacun d'entre eux une clause spécifique
* la clause totale et la disjonction de ces clauses spécifiques */
function get_where_statement()
// }}}
// {{{ function get_order_statement()
-
+
/** récupérer la clause correspondant au champ dans la clause ORDER BY de la requête
* utilisé par exemple pour placer d'abord le nom égal à la requête avant les approximations */
function get_order_statement()
class QuickSearch extends SField
{
// {{{ properties
-
+
/** stores tokens */
var $strings;
/** stores numerical ranges */
var $ranges;
+ /** stores admin searches */
+ var $email;
+ var $ip;
// }}}
// {{{ constructor
-
+
function QuickSearch($_fieldFormName)
{
$this->fieldFormName = $_fieldFormName;
$this->get_request();
- if (preg_match(":[\]\[{}~/§_`|%$^=+]|\*\*:", $this->value)) {
+ if (preg_match(":[\]\[{}~/§_`|%$^=+]|\*\*:u", $this->value)) {
new ThrowError('Un champ contient un caractère interdit rendant la recherche impossible.');
}
}
function isempty()
{
- return empty($this->strings) && empty($this->ranges);
+ return empty($this->strings) && empty($this->ranges) && empty($this->email) && empty($this->ip);
}
// }}}
// {{{ function get_request()
-
+
function get_request()
{
- parent::get_request();
- $s = replace_accent(trim($this->value));
- $s = preg_replace('!\d+!', ' ', $s);
- $s = str_replace('*','%',$s);
- $this->strings = preg_split("![^a-zA-Z%]+!",$s, -1, PREG_SPLIT_NO_EMPTY);
+ parent::get_request();
+ $s = replace_accent(trim($this->value));
+ $r = $s = str_replace('*','%',$s);
- $s = trim($this->value);
- $s = preg_replace('! *- *!', '-', $s);
- $s = preg_replace('!([<>]) *!', ' \1', $s);
- $s = preg_replace('![^0-9\-><]!', ' ', $s);
- $s = preg_replace('![<>\-] !', '', $s);
- $ranges = preg_split('! +!', $s, -1, PREG_SPLIT_NO_EMPTY);
- $this->ranges=Array();
- foreach ($ranges as $r) {
- if (preg_match('!^([<>]\d{4}|\d{4}(-\d{4})?)$!', $r)) $this->ranges[] = $r;
- }
+ if (S::has_perms() && strpos($s, '@') !== false) {
+ $this->email = $s;
+ } else if (S::has_perms() && preg_match('/[0-9]+\.([0-9]+|%)\.([0-9]+|%)\.([0-9]+|%)/', $s)) {
+ $this->ip = $s;
+ }
+ if ($this->email || $this->ip) {
+ $this->strings = $this->ranges = array();
+ return;
+ }
+
+ $s = preg_replace('!\d+!', ' ', $s);
+ $this->strings = preg_split("![^a-zA-Z%]+!",$s, -1, PREG_SPLIT_NO_EMPTY);
+ if (count($this->strings) > 5) {
+ global $page;
+ $page->trig("Tu as indiqué trop d'éléments dans ta recherche, seuls les 5 premiers seront pris en compte");
+ $this->strings = array_slice($this->strings, 0, 5);
+ }
+
+ $s = preg_replace('! *- *!', '-', $r);
+ $s = preg_replace('!([<>]) *!', ' \1', $s);
+ $s = preg_replace('![^0-9\-><]!', ' ', $s);
+ $s = preg_replace('![<>\-] !', '', $s);
+ $ranges = preg_split('! +!', $s, -1, PREG_SPLIT_NO_EMPTY);
+ $this->ranges=Array();
+ foreach ($ranges as $r) {
+ if (preg_match('!^([<>]\d{4}|\d{4}(-\d{4})?)$!', $r)) $this->ranges[] = $r;
+ }
}
// }}}
// {{{ function get_where_statement()
-
+
function get_where_statement()
{
- $where = Array();
- foreach ($this->strings as $i => $s) {
- $t = str_replace('*', '%', $s).'%';
- $t = str_replace('%%', '%', $t);
- $where[] = "sn$i.token LIKE '$t'";
- }
-
- $wherep = Array();
- foreach ($this->ranges as $r) {
- if (preg_match('!^\d{4}$!', $r)) {
- $wherep[] = "u.promo=$r";
- } elseif (preg_match('!^(\d{4})-(\d{4})$!', $r, $matches)) {
- $p1=min(intval($matches[1]), intval($matches[2]));
- $p2=max(intval($matches[1]), intval($matches[2]));
- $wherep[] = "(u.promo>=$p1 AND u.promo<=$p2)";
- } elseif (preg_match('!^<(\d{4})!', $r, $matches)) {
- $wherep[] = "u.promo<={$matches[1]}";
- } elseif (preg_match('!^>(\d{4})!', $r, $matches)) {
- $wherep[] = "u.promo>={$matches[1]}";
- }
- }
- if (!empty($wherep)) {
+ $where = Array();
+ foreach ($this->strings as $i => $s) {
+ if (Env::i('with_soundex') && strlen($s) > 1) {
+ $t = soundex_fr($s);
+ $where[] = "sn$i.soundex = '$t'";
+ } else {
+ $t = str_replace('*', '%', $s).'%';
+ $t = str_replace('%%', '%', $t);
+ $where[] = "sn$i.token LIKE '$t'";
+ }
+ }
+
+ $wherep = Array();
+ foreach ($this->ranges as $r) {
+ if (preg_match('!^\d{4}$!', $r)) {
+ $wherep[] = "u.promo=$r";
+ } elseif (preg_match('!^(\d{4})-(\d{4})$!', $r, $matches)) {
+ $p1=min(intval($matches[1]), intval($matches[2]));
+ $p2=max(intval($matches[1]), intval($matches[2]));
+ $wherep[] = "(u.promo>=$p1 AND u.promo<=$p2)";
+ } elseif (preg_match('!^<(\d{4})!', $r, $matches)) {
+ $wherep[] = "u.promo<={$matches[1]}";
+ } elseif (preg_match('!^>(\d{4})!', $r, $matches)) {
+ $wherep[] = "u.promo>={$matches[1]}";
+ }
+ }
+ if (!empty($wherep)) {
$where[] = '('.join(' OR ',$wherep).')';
}
- return join(" AND ", $where);
+ if (!empty($this->email)) {
+ $where[] = 'ems.email = ' . XDB::escape($this->email);
+ }
+ if (!empty($this->ip)) {
+ $ip = XDB::escape($this->ip);
+ $where[] = "( ls.ip = $ip OR ls.forward_ip = $ip )";
+ }
+
+ return join(" AND ", $where);
}
// }}}
function get_select_statement()
{
$join = "";
- foreach ($this->strings as $i => $s) {
- $join .= "INNER JOIN search_name AS sn$i ON (u.user_id = sn$i.uid)\n";
+ $and = '';
+ $uniq = '';
+ foreach ($this->strings as $i => $s) {
+ if (!S::logged()) {
+ $and = "AND FIND_IN_SET('public', sn$i.flags)";
+ }
+ $myu = str_replace('snv', "sn$i", $uniq);
+ $join .= "INNER JOIN search_name AS sn$i ON (u.user_id = sn$i.uid $and$myu)\n";
+ $uniq .= " AND sn$i.token != snv.token";
+ }
+ if (!empty($this->email)) {
+ $join .= "LEFT JOIN emails AS ems ON (ems.uid = u.user_id)";
+ }
+ if (!empty($this->ip)) {
+ $join .= "INNER JOIN logger.sessions AS ls ON (ls.uid = u.user_id)\n";
}
return $join;
}
// }}}
// {{{ function get_order_statement()
-
+
function get_order_statement()
{
return false;
// }}}
// {{{ function get_score_statement
-
+
function get_score_statement()
{
$sum = array('0');
- foreach ($this->strings as $i => $s) {
+ foreach ($this->strings as $i => $s) {
$sum[] .= "SUM(sn$i.score + IF('$s'=sn$i.token,5,0))";
}
return join('+', $sum).' AS score';
class NumericSField extends SField
{
// {{{ constructor
-
+
/** constructeur
* (récupère la requête de l'utilisateur pour ce champ) */
function NumericSField($_fieldFormName)
// }}}
// {{{ function get_request()
-
+
/** récupère la requête de l'utilisateur et échoue s'il ne s'agit pas d'un entier */
function get_request()
{
new ThrowError('Un champ numérique contient des caractères alphanumériques.');
}
}
-
+
// }}}
}
class RefSField extends SField
{
// {{{ properties
-
+
var $refTable;
var $refAlias;
var $refCondition;
// }}}
// {{{ function get_request()
-
+
function get_request() {
parent::get_request();
if ($this->value=='00' || $this->value=='0') {
// {{{ class RefSFieldMultipleTable
class MapSField extends RefSField
{
- var $mapId;
-
+ var $mapId;
+
function MapSField($_fieldFormName, $_fieldDbName='', $_refTable, $_refAlias, $_refCondition, $_mapId=false)
{
if ($_mapId === false)
$this->mapId = Env::v($_fieldFormName, '');
else
$this->mapId = $_mapId;
+ $this->value = $this->mapId;
$this->RefSField($_fieldFormName, $_fieldDbName, $_refTable, $_refAlias, $_refCondition, true, false);
}
+
function get_select_statement()
{
if ($this->mapId === '') return false;
class RefWithSoundexSField extends RefSField
{
// {{{ function compare()
-
+
function compare()
{
- return "='".soundex_fr($this->value)."'";
+ return "='".soundex_fr($this->value)."'";
}
// }}}
class StringSField extends SField
{
// {{{ function get_request()
-
+
/** récupère la requête de l'utilisateur et échoue si la chaîne contient des caractères
* interdits */
function get_request()
{
parent::get_request();
- if (preg_match(":[\]\[<>{}~/§_`|%$^=+]|\*\*:", $this->value)) {
+ if (preg_match(":[\]\[<>{}~/§_`|%$^=+]|\*\*:u", $this->value)) {
new ThrowError('Un champ contient un caractère interdit rendant la recherche impossible.');
}
}
* imposées par l'utilisateur) */
function length()
{
- global $lc_accent,$uc_accent;
- return strlen($this->value) - strlen(ereg_replace('[a-z'.$lc_accent.$uc_accent.']', '', strtolower($this->value)));
+ $cleaned = replace_accent(strtolower($this->value));
+ $length = strlen(ereg_replace('[a-z0-9]', '', $cleaned));
+ return strlen($this->value) - $length;
}
// }}}
class NameSField extends StringSField
{
// {{{ function get_single_where_statement()
-
+
function get_single_where_statement($field)
{
$regexp = strtr(addslashes($this->value), '-*', '_%');
// }}}
// {{{ function get_order_statement()
-
+
function get_order_statement()
{
if ($this->value!='' && $this->fieldResultName!='') {
class PromoSField extends SField
{
// {{{ properties
-
+
/** opérateur de comparaison (<,>,=) de la promo utilisé pour ce champ de formulaire */
var $compareField;
// }}}
// {{{ constructor
- /** constructeur
+ /** constructeur
* compareField est un champ de formulaire très simple qui ne sert qu'à la construction de la
* clause WHERE de la promo */
function PromoSField($_fieldFormName, $_compareFieldFormName, $_fieldDbName, $_fieldResultName)
class SFieldGroup
{
// {{{ properties
-
+
/** tableau des classes correspondant aux champs groupés */
var $fields;
/** type de groupe : ET ou OU */
function too_large()
{
$b = true;
- for ($i=0; $b && $i<count($this->fields); $i++) {
- $b &= $this->fields[$i]->too_large();
+ for ($i=0 ; $b && $i<count($this->fields) ; $i++) {
+ $b = $b && $this->fields[$i]->too_large();
}
return $b;
}
{
return $f->get_url();
}
-
+
// }}}
// {{{ function get_select_statement()