external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add maintainer search to json interface. Closes FS#15947

Browse source 
Fix for maintainer search ticket: FS#15947
Also http://mailman.archlinux.org/pipermail/aur-dev/2009-September/000892.html

Fixed some problems with selecting the proper data fields in the
original patch. - Loui

Signed-off-by: Loui Chang <louipc.ist@gmail.com>
This commit is contained in:
elij 2009-09-27 20:59:56 -07:00 committed by Loui Chang
parent a6d5cb71a6
commit 325347a268
1 changed files with 37 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
web/lib/aurjson.class.php
View file

@ -18,9 +18,10 @@ include_once("aur.inc");
**/ **/
class AurJSON { class AurJSON {
private $dbh = false; private $dbh = false;
private $exposed_methods = array('search','info'); private $exposed_methods = array('search','info','msearch');
private $fields = array('ID','Name','Version','CategoryID','Description', private $fields = array('Packages.ID','Name','Version','CategoryID',
'LocationID', 'URL','URLPath','License','NumVotes','OutOfDate'); 'Description', 'LocationID', 'URL','URLPath','License','NumVotes',
'OutOfDate');
/** /**
* Handles post data, and routes the request. * Handles post data, and routes the request.
@ -95,10 +96,9 @@ class AurJSON {
$keyword_string = mysql_real_escape_string($keyword_string, $this->dbh); $keyword_string = mysql_real_escape_string($keyword_string, $this->dbh);
$query = "SELECT " . implode(',', $this->fields) . $query = "SELECT " . implode(',', $this->fields) .
" FROM Packages WHERE DummyPkg=0 AND "; " FROM Packages WHERE DummyPkg=0 AND " .
$query .= sprintf("( Name LIKE '%%%s%%' OR Description LIKE '%%%s%%' )", " ( Name LIKE '%{$keyword_string}%' OR " .
$keyword_string, $keyword_string); " Description LIKE '%{$keyword_string}%' )";
$result = db_query($query, $this->dbh); $result = db_query($query, $this->dbh);
if ( $result && (mysql_num_rows($result) > 0) ) { if ( $result && (mysql_num_rows($result) > 0) ) {
@ -128,13 +128,13 @@ class AurJSON {
// just using sprintf to coerce the pqd to an int // just using sprintf to coerce the pqd to an int
// should handle sql injection issues, since sprintf will // should handle sql injection issues, since sprintf will
// bork if not an int, or convert the string to a number 0 // bork if not an int, or convert the string to a number 0
$query_stub = sprintf("ID=%d",$pqdata); $query_stub = "ID={$pqdata}";
} }
else { else {
if(get_magic_quotes_gpc()) { if(get_magic_quotes_gpc()) {
$pqdata = stripslashes($pqdata); $pqdata = stripslashes($pqdata);
} }
$query_stub = sprintf("Name=\"%s\"", $query_stub = printf("Name=\"%s\"",
mysql_real_escape_string($pqdata)); mysql_real_escape_string($pqdata));
} }
@ -158,5 +158,33 @@ class AurJSON {
return $this->json_error('No result found'); return $this->json_error('No result found');
} }
} }
/**
* Returns all the packages for a specific maintainer.
* @param $maintainer The name of the maintainer.
* @return mixed Returns an array of value data containing the package data
**/
private function msearch($maintainer) {
$maintainer = mysql_real_escape_string($maintainer, $this->dbh);
$fields = implode(',', $this->fields);
$query = "SELECT Users.Username as Maintainer, {$fields} " .
" FROM Packages, Users " .
" WHERE Packages.MaintainerUID = Users.ID AND " .
" Users.Username = '{$maintainer}'";
$result = db_query($query, $this->dbh);
if ( $result && (mysql_num_rows($result) > 0) ) {
$packages = array();
while ( $row = mysql_fetch_assoc($result) ) {
array_push($packages, $row);
}
mysql_free_result($result);
return $this->json_results('msearch', $packages);
}
else {
return $this->json_error('No results found');
}
}
} }