Add maintainer search to json interface. Closes FS#15947

Fix for maintainer search ticket: FS#15947 Also http://mailman.archlinux.org/pipermail/aur-dev/2009-September/000892.html Fixed some problems with selecting the proper data fields in the original patch. - Loui Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2025-02-03 10:43:03 +01:00 · 2009-09-27 20:59:56 -07:00 · 2009-09-27 20:59:56 -07:00 · 325347a268
commit 325347a268
parent a6d5cb71a6
1 changed files with 37 additions and 9 deletions
--- a/web/lib/aurjson.class.php
+++ b/web/lib/aurjson.class.php
@ -18,9 +18,10 @@ include_once("aur.inc");
 **/
 class AurJSON {
    private $dbh = false;
-    private $exposed_methods = array('search','info');
-    private $fields = array('ID','Name','Version','CategoryID','Description',
-        'LocationID', 'URL','URLPath','License','NumVotes','OutOfDate');
+    private $exposed_methods = array('search','info','msearch');
+    private $fields = array('Packages.ID','Name','Version','CategoryID',
+	'Description', 'LocationID', 'URL','URLPath','License','NumVotes',
+	'OutOfDate');

    /**
     * Handles post data, and routes the request.
@ -95,10 +96,9 @@ class AurJSON {
        $keyword_string = mysql_real_escape_string($keyword_string, $this->dbh);

        $query = "SELECT " . implode(',', $this->fields) .
-            " FROM Packages WHERE DummyPkg=0 AND ";
-        $query .= sprintf("( Name LIKE '%%%s%%' OR Description LIKE '%%%s%%' )",
-                $keyword_string, $keyword_string);
-
+            " FROM Packages WHERE DummyPkg=0 AND " .
+            "  ( Name LIKE '%{$keyword_string}%' OR " .
+            "    Description LIKE '%{$keyword_string}%' )";
        $result = db_query($query, $this->dbh);

        if ( $result && (mysql_num_rows($result) > 0) ) {
@ -128,13 +128,13 @@ class AurJSON {
            // just using sprintf to coerce the pqd to an int
            // should handle sql injection issues, since sprintf will
            // bork if not an int, or convert the string to a number 0
-            $query_stub = sprintf("ID=%d",$pqdata);
+            $query_stub = "ID={$pqdata}";
        }
        else {
            if(get_magic_quotes_gpc()) {
                $pqdata = stripslashes($pqdata);
            }
-            $query_stub = sprintf("Name=\"%s\"",
+            $query_stub = printf("Name=\"%s\"",
                mysql_real_escape_string($pqdata));
        }

@ -158,5 +158,33 @@ class AurJSON {
            return $this->json_error('No result found');
        }
    }
+
+    /**
+     * Returns all the packages for a specific maintainer.
+     * @param $maintainer The name of the maintainer.
+     * @return mixed Returns an array of value data containing the package data
+     **/
+    private function msearch($maintainer) {
+        $maintainer = mysql_real_escape_string($maintainer, $this->dbh);
+        $fields = implode(',', $this->fields);
+
+        $query = "SELECT Users.Username as Maintainer, {$fields} " .
+            " FROM Packages, Users " .
+            "        WHERE Packages.MaintainerUID = Users.ID AND " .
+            "              Users.Username = '{$maintainer}'";
+        $result = db_query($query, $this->dbh);
+
+        if ( $result && (mysql_num_rows($result) > 0) ) {
+            $packages = array();
+            while ( $row = mysql_fetch_assoc($result) ) {
+                array_push($packages, $row);
+            }
+            mysql_free_result($result);
+            return $this->json_results('msearch', $packages);
+        }
+        else {
+            return $this->json_error('No results found');
+        }
+    }
 }