Revision Log

smartsearch.php

Revision 384 (checked in by brieb, 7 months ago)

Pre v0.96 check in:

Added support for multiple addresses
Added link to google maps for addresses on client and sales order screens.
Added obfuscation ability to sensitive payment information when voiding/deleting or posting receipts and sales orders.
Replaced autofill fields with new smartsearch technologies
Fixed recurring invoice bug
Switched several sales order AJAX calls to use JSON
Reorganized quickView screens

Left to do:

Finish BMS update/install scripts with address and addressto record tabledef/table support information
Re-code delete prospect code
Finish BMS update/install scripts with new client/client dup tabledef/table support information.

Line
1	<?php
2	/*
3	$Rev: 375 $ \| $LastChangedBy: brieb $
4	$LastChangedDate: 2008-01-29 18:01:42 -0700 (Tue, 29 Jan 2008) $
5	+-------------------------------------------------------------------------+
6	\| Copyright (c) 2004 - 2007, Kreotek LLC \|
7	\| All rights reserved. \|
8	+-------------------------------------------------------------------------+
9	\| \|
10	\| Redistribution and use in source and binary forms, with or without \|
11	\| modification, are permitted provided that the following conditions are \|
12	\| met: \|
13	\| \|
14	\| - Redistributions of source code must retain the above copyright \|
15	\| notice, this list of conditions and the following disclaimer. \|
16	\| \|
17	\| - Redistributions in binary form must reproduce the above copyright \|
18	\| notice, this list of conditions and the following disclaimer in the \|
19	\| documentation and/or other materials provided with the distribution. \|
20	\| \|
21	\| - Neither the name of Kreotek LLC nor the names of its contributore may \|
22	\| be used to endorse or promote products derived from this software \|
23	\| without specific prior written permission. \|
24	\| \|
25	\| THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \|
26	\| "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT \|
27	\| LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A \|
28	\| PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT \|
29	\| OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, \|
30	\| SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT \|
31	\| LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, \|
32	\| DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY \|
33	\| THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT \|
34	\| (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE \|
35	\| OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. \|
36	\| \|
37	+-------------------------------------------------------------------------+
38	*/
39
40	session_cache_limiter('private');
41
42	include("include/session.php");
43
44	class smartSearch{
45
46	var $totalcount = 0;
47
48	function smartSearch($db, $sdbid){
49
50	$this->db = $db;
51
52	$this->getSearchParams($sdbid);
53
54	}//end method init
55
56
57	function getSearchParams($sdbid){
58
59	$querystatement = "
60	SELECT
61	*
62	FROM
63	smartsearches
64	WHERE
65	id = ".((int) $sdbid);
66
67	$this->searchParams = $this->db->fetchArray($this->db->query($querystatement));
68
69	}//end method - getSearchParams
70
71
72	function find($term, $offset=0){
73
74	$term = trim(mysql_real_escape_string($term));
75
76	// first we take the entered text and explode int by words
77	$terms = explode(" ",$term);
78
79	//next we take the list of fields to search and create an array
80	$searchFields = explode(",", $this->searchParams["searchfields"]);
81
82	$wheres="";
83	foreach($terms as $value){
84
85	// this series of foreachs builds a SQL OR clause to search
86	// the search fields to match things that start with the term
87	// or has words inside that start with the term.
88
89	$wheres .="AND (";
90
91	foreach($searchFields as $field)
92	$wheres .= trim($field)." LIKE '".$value."%' OR ".trim($field)." LIKE '% ".$value."%'\nOR ";
93
94	$wheres = substr($wheres,0,strlen($wheres)-3);
95	$wheres .= ")";
96
97	}//endforeach
98
99	if($wheres){
100
101	$finalsearch = "";
102	foreach($searchFields as $field)
103	$finalsearch .= trim($field)." LIKE '".$term."%'\nOR ";
104
105	$finalsearch = substr($finalsearch,0,strlen($finalsearch)-3);
106
107	$wheres = "AND ( (".$finalsearch.") OR (".substr($wheres,4)."))";
108
109	}//endif - where
110
111	$securityWhere = "";
112
113	if($this->searchParams["rolefield"]){
114
115	// If the rolefield is present, we need to make sure the rolefield
116	// of each record matches the logged in users array of roles
117
118	if ($_SESSION["userinfo"]["admin"]!=1){
119
120	if(count($_SESSION["userinfo"]["roles"])>0)
121	$securityWhere = " AND ".$this->searchParams["rolefield"]." IN (".implode(",",$_SESSION["userinfo"]["roles"]).",0)";
122	else
123	$securityWhere = " AND ".$this->searchParams["rolefield"]." = 0";
124
125	}//endif admin
126
127	}//endif rolefield
128
129	$querystatement = "
130	SELECT DISTINCT
131	".$this->searchParams["displayfield"]." AS display,
132	".$this->searchParams["valuefield"]." AS value,
133	".$this->searchParams["secondaryfield"]." AS secondary,
134	".$this->searchParams["classfield"]." AS classname
135	FROM
136	".$this->searchParams["fromclause"]."
137	WHERE
138	(".$this->searchParams["filterclause"].")
139	".$securityWhere."
140	".$wheres."
141	ORDER BY
142	".$this->searchParams["displayfield"]."
143	LIMIT ".((int) $offset).", 8";
144
145
146	//need to retireve count of all records so
147	// the JS can know wheher to put the show more results on.
148	$totalCountStatement = "
149	SELECT
150	COUNT(".$this->searchParams["displayfield"].") AS thecount
151	FROM
152	".$this->searchParams["fromclause"]."
153	WHERE
154	(".$this->searchParams["filterclause"].")
155	".$securityWhere."
156	".$wheres;
157
158	$countrecord = $this->db->fetchArray($this->db->query($totalCountStatement));
159	$this->totalcount = $countrecord["thecount"];
160
161	return $this->db->query($querystatement);
162
163	}//end method
164
165
166	function display($result){
167	// This function will spit out a JSON array of records
168
169	$output = "{totalRecords: ".$this->totalcount.", resultRecords: [";
170
171	while($therecord = $this->db->fetchArray($result)){
172
173	$output .= "{display: '".str_replace("'", "\'", formatVariable($therecord["display"],"bbcode"))."',";
174	$output .= "value: '".str_replace("'", "\'", formatVariable($therecord["value"]))."',";
175	$output .= "secondary: '".str_replace("'", "\'", formatVariable($therecord["secondary"],"bbcode"))."',";
176	$output .= "classname: '".str_replace("'", "\'", formatVariable($therecord["classname"]))."'},";
177
178	}//endwhile
179
180	if($output != "{totalRecords: ".$this->totalcount.", resultRecords: [")
181	$output = substr($output, 0, strlen($output)-1);
182
183	$output .= "] }";
184
185	header("Content-type: text/plain");
186	echo $output;
187
188	}//end method - display
189
190	}//end class
191
192
193	//processing
194	//=========================================================================
195	if(isset($_GET["sdbid"]) && isset($_GET["t"])){
196
197	$smartSearch = new smartSearch($db, $_GET["sdbid"]);
198
199	if(!isset($_GET["o"]))
200	$_GET["o"] = 0;
201
202	$theresult = $smartSearch->find($_GET["t"],((int) $_GET["o"]));
203
204	if(isset($theresult))
205	$smartSearch->display($theresult);
206
207	}//end if
208	?>

Note: See TracBrowser for help on using the browser.

phpBMS - Open Source Business Management Software

root/trunk/phpbms/smartsearch.php

Download in other formats: