SF.net SVN: postfixadmin:[1772] trunk
Brought to you by:
christian_boltz,
gingerdog
From: <chr...@us...> - 2015-04-06 13:39:28
|
Revision: 1772 http://sourceforge.net/p/postfixadmin/code/1772 Author: christian_boltz Date: 2015-04-06 13:39:21 +0000 (Mon, 06 Apr 2015) Log Message: ----------- PFAHandler: - build_select_query(): add support for $search['_'] (searching if one of the $this->searchfields contains the search text) - getList(): make sure '_' is kept in the search parameters functions.inc.php: - db_where_clause(): slightly relax checks - if $condition is empty, only error out if $additional_raw_where is also empty Modified Paths: -------------- trunk/functions.inc.php trunk/model/PFAHandler.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2015-04-06 13:29:28 UTC (rev 1771) +++ trunk/functions.inc.php 2015-04-06 13:39:21 UTC (rev 1772) @@ -1628,7 +1628,7 @@ die('db_where_cond: parameter $cond is not an array!'); } elseif(!is_array($searchmode)) { die('db_where_cond: parameter $searchmode is not an array!'); - } elseif (count($condition) == 0) { + } elseif (count($condition) == 0 && trim($additional_raw_where) == '') { die("db_where_cond: parameter is an empty array!"); # die() might sound harsh, but can prevent information leaks } elseif(!is_array($struct)) { die('db_where_cond: parameter $struct is not an array!'); Modified: trunk/model/PFAHandler.php =================================================================== --- trunk/model/PFAHandler.php 2015-04-06 13:29:28 UTC (rev 1771) +++ trunk/model/PFAHandler.php 2015-04-06 13:39:21 UTC (rev 1772) @@ -609,6 +609,14 @@ } if (is_array($condition)) { + if (isset($condition['_']) && count($this->searchfields) > 0) { + $simple_search = array(); + foreach ($this->searchfields as $field) { + $simple_search[] = "$field LIKE '%" . escape_string($condition['_']) . "%'"; + } + $additional_where .= " AND ( " . join(" OR ", $simple_search) . " ) "; + unset($condition['_']); + } $where = db_where_clause($condition, $this->struct, $additional_where, $searchmode); } else { if ($condition == "") $condition = '1=1'; @@ -716,6 +724,8 @@ # allow only access to fields the user can access to avoid information leaks via search parameters if (isset($this->struct[$key]) && ($this->struct[$key]['display_in_list'] || $this->struct[$key]['display_in_form']) ) { $real_condition[$key] = $value; + } elseif (($key == '_') && count($this->searchfields)) { + $real_condition[$key] = $value; } else { $this->errormsg[] = "Ignoring unknown search field $key"; } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |