Refbase
/
Refbase2X
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
10 Commits
1 Branch
1.9 MiB
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
Refbase2X/queries.php

129 lines
6.9 KiB
Raw Permalink Normal View History

Refbase update_2021-01-28_15_58
4 years ago
Drush_Update_2021-01-28_17_01
4 years ago
Refbase update_2021-01-28_15_58
4 years ago
 
  1. <?php
  2.         // turn  on warnings and notice during  developement

  3.         include('initialize/PhpErrorSettings.inc.php'); 
  4. 	// Project:    Web Reference Database (refbase) <http://www.refbase.net>

  5. 	// Copyright:  Matthias Steffens <mailto:refbase@extracts.de> and the file's

  6. 	//             original author(s).

  7. 	//

  8. 	//             This code is distributed in the hope that it will be useful,

  9. 	//             but WITHOUT ANY WARRANTY. Please see the GNU General Public

  10. 	//             License for more details.

  11. 	//

  12. 	// File:       ./queries.php

  13. 	// Repository: $HeadURL: file:///svn/p/refbase/code/branches/bleeding-edge/queries.php $

  14. 	// Author(s):  Matthias Steffens <mailto:refbase@extracts.de>

  15. 	//

  16. 	// Created:    16-May-04, 22:03

  17. 	// Modified:   $Date: 2017-04-13 02:00:18 +0000 (Thu, 13 Apr 2017) $

  18. 	//             $Author: karnesky $

  19. 	//             $Revision: 1416 $

  20. 

  21. 	// This script takes a user query name (which was passed to the script by use of the 'Recall My Query' form on the main page 'index.php')

  22. 	// and extracts all saved settings for this particular query from the 'queries' MySQL table. It will then build an appropriate query URL

  23. 	// and pass that to 'search.php' which will finally display all matching records in list view.

  24. 	// TODO: I18n

  25. 

  26. 

  27. 	// Incorporate some include files:

  28. 	include 'initialize/db.inc.php'; // 'db.inc.php' is included to hide username and password

  29. 	include 'includes/include.inc.php'; // include common functions

  30. 	include 'initialize/ini.inc.php'; // include common variables

  31. 

  32. 	// --------------------------------------------------------------------

  33. 

  34. 	// START A SESSION:

  35. 	// call the 'start_session()' function (from 'include.inc.php') which will also read out available session variables:

  36. 	start_session(true);
  37. 

  38. 	// --------------------------------------------------------------------

  39. 

  40. 	// Initialize preferred display language:

  41. 	// (note that 'locales.inc.php' has to be included *after* the call to the 'start_session()' function)

  42. 	include 'includes/locales.inc.php'; // include the locales

  43. 

  44. 	// --------------------------------------------------------------------

  45. 

  46. 	// Extract any parameters passed to the script:

  47. 	if (isset($_REQUEST['querySearchSelector']))
  48. 		$querySearchSelector = $_REQUEST['querySearchSelector']; // get the name of the saved query that was chosen by the user

  49. 	else
  50. 		$querySearchSelector = "";
  51. 

  52. 	// Determine the button that was hit by the user (in English localization, either 'Go' or 'Edit'):

  53. 	$submitAction = $_REQUEST['submit'];
  54. 

  55. 

  56. 	// Check the correct parameters have been passed:

  57. 	if (empty($querySearchSelector)) // if 'queries.php' was called without any valid parameters:

  58. 	{
  59. 		// return an appropriate error message:

  60. 		$HeaderString = returnMsg($loc["Warning_IncorrectOrMissingParams"] . " '" . scriptURL() . "'!", "warning", "strong", "HeaderString"); // functions 'returnMsg()' and 'scriptURL()' are defined in 'include.inc.php'

  61. 

  62. 		// Redirect the browser back to the calling page:

  63. 		header("Location: " . $referer); // variable '$referer' is globally defined in function 'start_session()' in 'include.inc.php'

  64. 		exit; // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> !EXIT! <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

  65. 	}
  66. 

  67. 

  68. 	else // the script was called with required parameters

  69. 	{
  70. 		connectToMySQLDatabase(); // function 'connectToMySQLDatabase()' is defined in 'include.inc.php'

  71. 

  72. 		// CONSTRUCT SQL QUERY:

  73. 		// Fetch all saved settings for the user's query from the 'queries' table:

  74. 		$query = "SELECT query_id, display_type, view_type, query, show_query, show_links, show_rows, cite_style_selector, cite_order FROM $tableQueries WHERE user_id = " . quote_smart($loginUserID) . " AND query_name = " . quote_smart($querySearchSelector); // the global variable '$loginUserID' gets set in function 'start_session()' within 'include.inc.php'

  75. 

  76. 		$result = queryMySQLDatabase($query); // RUN the query on the database through the connection (function 'queryMySQLDatabase()' is defined in 'include.inc.php')

  77. 

  78. 		$rowsFound = @ mysqli_num_rows($result);
  79. 		if ($rowsFound == 1) // if there was exactly one row found (normally, this should be the case) ...

  80. 		{
  81. 			$row = mysqli_fetch_array($result);
  82. 

  83. 			// redirect the browser to 'query_manager.php':

  84. 			if (encodeHTML($submitAction) == $loc["ButtonTitle_Edit"]) // note that we need to HTML encode '$submitAction' for comparison with the HTML encoded locales (function 'encodeHTML()' is defined in 'include.inc.php')

  85. 			{
  86. 				header("Location: query_manager.php?queryAction=edit&queryID=" . $row['query_id']);
  87. 				exit; // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> !EXIT! <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

  88. 			}
  89. 		}
  90. 		else // if ($rowsFound != 1) // if there was NOT exactly one row found (i.e., something went wrong) ...

  91. 		{
  92. 			if ($rowsFound > 1) // if there were more than one row found ...

  93. 				$HeaderString = "<b><span class=\"warning\">There's more than one saved query matching your query title!</span></b>";
  94. 			else // if ($rowsFound == 0) // nothing found

  95. 				$HeaderString = "<b><span class=\"warning\">Your saved query couldn't be found!</span></b>";
  96. 

  97. 			// update the 'userQueries' session variable:

  98. 			getUserQueries($loginUserID); // function 'getUserQueries()' is defined in 'include.inc.php'

  99. 

  100. 			// Write back session variable:

  101. 			saveSessionVariable("HeaderString", $HeaderString); // function 'saveSessionVariable()' is defined in 'include.inc.php'

  102. 	
  103. 			// Redirect the browser back to the calling page:

  104. 			header("Location: " . $referer);
  105. 			exit; // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> !EXIT! <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

  106. 		}
  107. 

  108. 		// We also update the time stamp for that query in the 'queries' table:

  109. 		$updateQuery = "UPDATE $tableQueries SET "
  110. 					. "last_execution = NOW() " // set 'last_execution' field to the current date & time in 'DATETIME' format (which is 'YYYY-MM-DD HH:MM:SS', e.g.: '2003-12-31 23:45:59')

  111. 					. "WHERE user_id = " . quote_smart($loginUserID) . " AND query_id = " . quote_smart($row['query_id']);
  112. 

  113. 		$updateResult = queryMySQLDatabase($updateQuery); // RUN the query on the database through the connection (function 'queryMySQLDatabase()' is defined in 'include.inc.php')

  114. 

  115. 		// update the 'userQueries' session variable:

  116. 		getUserQueries($loginUserID); // function 'getUserQueries()' is defined in 'include.inc.php'

  117. 

  118. 		disconnectFromMySQLDatabase(); // function 'disconnectFromMySQLDatabase()' is defined in 'include.inc.php'

  119. 

  120. 

  121. 		// Build the correct query URL:

  122. 		// TODO: use function 'generateURL()'

  123. 		$queryURL = "sqlQuery=" . rawurlencode($row['query']) . "&formType=sqlSearch&submit=" . $row['display_type'] . "&viewType=" . $row['view_type'] . "&showQuery=" . $row['show_query'] . "&showLinks=" . $row['show_links'] . "&showRows=" . $row['show_rows'] . "&citeOrder=" . $row['cite_order'] . "&citeStyle=" . $row['cite_style_selector'];
  124. 

  125. 	
  126. 		// call 'search.php' with the correct query URL in order to display all records matching the user's query:

  127. 		header("Location: search.php?$queryURL");
  128. 	}
  129. ?>