diff options
author | elij <elij.mx@gmail.com> | 2009-09-27 20:59:56 -0700 |
---|---|---|
committer | Loui Chang <louipc.ist@gmail.com> | 2009-09-28 15:44:31 -0400 |
commit | 325347a268af8c2587916b5e4f359ffedc758b89 (patch) | |
tree | 0973ed988b4f8f08aed023cf2d13e82c701230bd /web | |
parent | a6d5cb71a69b0296222a0a43fa18279e98686d12 (diff) | |
download | aurweb-325347a268af8c2587916b5e4f359ffedc758b89.tar.xz |
Add maintainer search to json interface. Closes FS#15947
Fix for maintainer search ticket: FS#15947
Also http://mailman.archlinux.org/pipermail/aur-dev/2009-September/000892.html
Fixed some problems with selecting the proper data fields in the
original patch. - Loui
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
Diffstat (limited to 'web')
-rw-r--r-- | web/lib/aurjson.class.php | 46 |
1 files changed, 37 insertions, 9 deletions
diff --git a/web/lib/aurjson.class.php b/web/lib/aurjson.class.php index 06247eb..5794ebc 100644 --- a/web/lib/aurjson.class.php +++ b/web/lib/aurjson.class.php @@ -18,9 +18,10 @@ include_once("aur.inc"); **/ class AurJSON { private $dbh = false; - private $exposed_methods = array('search','info'); - private $fields = array('ID','Name','Version','CategoryID','Description', - 'LocationID', 'URL','URLPath','License','NumVotes','OutOfDate'); + private $exposed_methods = array('search','info','msearch'); + private $fields = array('Packages.ID','Name','Version','CategoryID', + 'Description', 'LocationID', 'URL','URLPath','License','NumVotes', + 'OutOfDate'); /** * Handles post data, and routes the request. @@ -95,10 +96,9 @@ class AurJSON { $keyword_string = mysql_real_escape_string($keyword_string, $this->dbh); $query = "SELECT " . implode(',', $this->fields) . - " FROM Packages WHERE DummyPkg=0 AND "; - $query .= sprintf("( Name LIKE '%%%s%%' OR Description LIKE '%%%s%%' )", - $keyword_string, $keyword_string); - + " FROM Packages WHERE DummyPkg=0 AND " . + " ( Name LIKE '%{$keyword_string}%' OR " . + " Description LIKE '%{$keyword_string}%' )"; $result = db_query($query, $this->dbh); if ( $result && (mysql_num_rows($result) > 0) ) { @@ -128,13 +128,13 @@ class AurJSON { // just using sprintf to coerce the pqd to an int // should handle sql injection issues, since sprintf will // bork if not an int, or convert the string to a number 0 - $query_stub = sprintf("ID=%d",$pqdata); + $query_stub = "ID={$pqdata}"; } else { if(get_magic_quotes_gpc()) { $pqdata = stripslashes($pqdata); } - $query_stub = sprintf("Name=\"%s\"", + $query_stub = printf("Name=\"%s\"", mysql_real_escape_string($pqdata)); } @@ -158,5 +158,33 @@ class AurJSON { return $this->json_error('No result found'); } } + + /** + * Returns all the packages for a specific maintainer. + * @param $maintainer The name of the maintainer. + * @return mixed Returns an array of value data containing the package data + **/ + private function msearch($maintainer) { + $maintainer = mysql_real_escape_string($maintainer, $this->dbh); + $fields = implode(',', $this->fields); + + $query = "SELECT Users.Username as Maintainer, {$fields} " . + " FROM Packages, Users " . + " WHERE Packages.MaintainerUID = Users.ID AND " . + " Users.Username = '{$maintainer}'"; + $result = db_query($query, $this->dbh); + + if ( $result && (mysql_num_rows($result) > 0) ) { + $packages = array(); + while ( $row = mysql_fetch_assoc($result) ) { + array_push($packages, $row); + } + mysql_free_result($result); + return $this->json_results('msearch', $packages); + } + else { + return $this->json_error('No results found'); + } + } } |