Refbase
/
Refbase2X
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
1.9 MiB
Tree: 64e7261da6
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '64e7261da6'
${ noResults }
Refbase2X/queries.php

127 lines
6.8 KiB
Raw Normal View History

Refbase update_2021-01-28_15_58
4 years ago
 
  1. <?php
  2. 	// Project:    Web Reference Database (refbase) <http://www.refbase.net>

  3. 	// Copyright:  Matthias Steffens <mailto:refbase@extracts.de> and the file's

  4. 	//             original author(s).

  5. 	//

  6. 	//             This code is distributed in the hope that it will be useful,

  7. 	//             but WITHOUT ANY WARRANTY. Please see the GNU General Public

  8. 	//             License for more details.

  9. 	//

  10. 	// File:       ./queries.php

  11. 	// Repository: $HeadURL: file:///svn/p/refbase/code/branches/bleeding-edge/queries.php $

  12. 	// Author(s):  Matthias Steffens <mailto:refbase@extracts.de>

  13. 	//

  14. 	// Created:    16-May-04, 22:03

  15. 	// Modified:   $Date: 2017-04-13 02:00:18 +0000 (Thu, 13 Apr 2017) $

  16. 	//             $Author: karnesky $

  17. 	//             $Revision: 1416 $

  18. 

  19. 	// This script takes a user query name (which was passed to the script by use of the 'Recall My Query' form on the main page 'index.php')

  20. 	// and extracts all saved settings for this particular query from the 'queries' MySQL table. It will then build an appropriate query URL

  21. 	// and pass that to 'search.php' which will finally display all matching records in list view.

  22. 	// TODO: I18n

  23. 

  24. 

  25. 	// Incorporate some include files:

  26. 	include 'initialize/db.inc.php'; // 'db.inc.php' is included to hide username and password

  27. 	include 'includes/include.inc.php'; // include common functions

  28. 	include 'initialize/ini.inc.php'; // include common variables

  29. 

  30. 	// --------------------------------------------------------------------

  31. 

  32. 	// START A SESSION:

  33. 	// call the 'start_session()' function (from 'include.inc.php') which will also read out available session variables:

  34. 	start_session(true);
  35. 

  36. 	// --------------------------------------------------------------------

  37. 

  38. 	// Initialize preferred display language:

  39. 	// (note that 'locales.inc.php' has to be included *after* the call to the 'start_session()' function)

  40. 	include 'includes/locales.inc.php'; // include the locales

  41. 

  42. 	// --------------------------------------------------------------------

  43. 

  44. 	// Extract any parameters passed to the script:

  45. 	if (isset($_REQUEST['querySearchSelector']))
  46. 		$querySearchSelector = $_REQUEST['querySearchSelector']; // get the name of the saved query that was chosen by the user

  47. 	else
  48. 		$querySearchSelector = "";
  49. 

  50. 	// Determine the button that was hit by the user (in English localization, either 'Go' or 'Edit'):

  51. 	$submitAction = $_REQUEST['submit'];
  52. 

  53. 

  54. 	// Check the correct parameters have been passed:

  55. 	if (empty($querySearchSelector)) // if 'queries.php' was called without any valid parameters:

  56. 	{
  57. 		// return an appropriate error message:

  58. 		$HeaderString = returnMsg($loc["Warning_IncorrectOrMissingParams"] . " '" . scriptURL() . "'!", "warning", "strong", "HeaderString"); // functions 'returnMsg()' and 'scriptURL()' are defined in 'include.inc.php'

  59. 

  60. 		// Redirect the browser back to the calling page:

  61. 		header("Location: " . $referer); // variable '$referer' is globally defined in function 'start_session()' in 'include.inc.php'

  62. 		exit; // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> !EXIT! <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

  63. 	}
  64. 

  65. 

  66. 	else // the script was called with required parameters

  67. 	{
  68. 		connectToMySQLDatabase(); // function 'connectToMySQLDatabase()' is defined in 'include.inc.php'

  69. 

  70. 		// CONSTRUCT SQL QUERY:

  71. 		// Fetch all saved settings for the user's query from the 'queries' table:

  72. 		$query = "SELECT query_id, display_type, view_type, query, show_query, show_links, show_rows, cite_style_selector, cite_order FROM $tableQueries WHERE user_id = " . quote_smart($loginUserID) . " AND query_name = " . quote_smart($querySearchSelector); // the global variable '$loginUserID' gets set in function 'start_session()' within 'include.inc.php'

  73. 

  74. 		$result = queryMySQLDatabase($query); // RUN the query on the database through the connection (function 'queryMySQLDatabase()' is defined in 'include.inc.php')

  75. 

  76. 		$rowsFound = @ mysqli_num_rows($result);
  77. 		if ($rowsFound == 1) // if there was exactly one row found (normally, this should be the case) ...

  78. 		{
  79. 			$row = mysqli_fetch_array($result);
  80. 

  81. 			// redirect the browser to 'query_manager.php':

  82. 			if (encodeHTML($submitAction) == $loc["ButtonTitle_Edit"]) // note that we need to HTML encode '$submitAction' for comparison with the HTML encoded locales (function 'encodeHTML()' is defined in 'include.inc.php')

  83. 			{
  84. 				header("Location: query_manager.php?queryAction=edit&queryID=" . $row['query_id']);
  85. 				exit; // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> !EXIT! <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

  86. 			}
  87. 		}
  88. 		else // if ($rowsFound != 1) // if there was NOT exactly one row found (i.e., something went wrong) ...

  89. 		{
  90. 			if ($rowsFound > 1) // if there were more than one row found ...

  91. 				$HeaderString = "<b><span class=\"warning\">There's more than one saved query matching your query title!</span></b>";
  92. 			else // if ($rowsFound == 0) // nothing found

  93. 				$HeaderString = "<b><span class=\"warning\">Your saved query couldn't be found!</span></b>";
  94. 

  95. 			// update the 'userQueries' session variable:

  96. 			getUserQueries($loginUserID); // function 'getUserQueries()' is defined in 'include.inc.php'

  97. 

  98. 			// Write back session variable:

  99. 			saveSessionVariable("HeaderString", $HeaderString); // function 'saveSessionVariable()' is defined in 'include.inc.php'

  100. 	
  101. 			// Redirect the browser back to the calling page:

  102. 			header("Location: " . $referer);
  103. 			exit; // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> !EXIT! <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

  104. 		}
  105. 

  106. 		// We also update the time stamp for that query in the 'queries' table:

  107. 		$updateQuery = "UPDATE $tableQueries SET "
  108. 					. "last_execution = NOW() " // set 'last_execution' field to the current date & time in 'DATETIME' format (which is 'YYYY-MM-DD HH:MM:SS', e.g.: '2003-12-31 23:45:59')

  109. 					. "WHERE user_id = " . quote_smart($loginUserID) . " AND query_id = " . quote_smart($row['query_id']);
  110. 

  111. 		$updateResult = queryMySQLDatabase($updateQuery); // RUN the query on the database through the connection (function 'queryMySQLDatabase()' is defined in 'include.inc.php')

  112. 

  113. 		// update the 'userQueries' session variable:

  114. 		getUserQueries($loginUserID); // function 'getUserQueries()' is defined in 'include.inc.php'

  115. 

  116. 		disconnectFromMySQLDatabase(); // function 'disconnectFromMySQLDatabase()' is defined in 'include.inc.php'

  117. 

  118. 

  119. 		// Build the correct query URL:

  120. 		// TODO: use function 'generateURL()'

  121. 		$queryURL = "sqlQuery=" . rawurlencode($row['query']) . "&formType=sqlSearch&submit=" . $row['display_type'] . "&viewType=" . $row['view_type'] . "&showQuery=" . $row['show_query'] . "&showLinks=" . $row['show_links'] . "&showRows=" . $row['show_rows'] . "&citeOrder=" . $row['cite_order'] . "&citeStyle=" . $row['cite_style_selector'];
  122. 

  123. 	
  124. 		// call 'search.php' with the correct query URL in order to display all records matching the user's query:

  125. 		header("Location: search.php?$queryURL");
  126. 	}
  127. ?>