--- loncom/lonsql 2007/08/31 12:33:25 1.87
+++ loncom/lonsql 2007/09/12 03:40:29 1.88
@@ -3,7 +3,7 @@
# The LearningOnline Network
# lonsql - LON TCP-MySQL-Server Daemon for handling database requests.
#
-# $Id: lonsql,v 1.87 2007/08/31 12:33:25 raeburn Exp $
+# $Id: lonsql,v 1.88 2007/09/12 03:40:29 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -442,62 +442,18 @@ sub make_new_child {
$result .= &escape(join(':',map{$_.'='.$replies{$_}} keys %replies));
}
} elsif ($query eq 'usersearch') {
- my $srchdomain = &unescape($arg1);
- my @items = split(/%%/,$arg2);
- my ($srchby,$srchtype) = map {&unescape($_)} @items;
- my $srchterm = &unescape($arg3);
- my $quoted_dom = $dbh->quote( $srchdomain );
- my ($query,$quoted_srchterm,@fields);
- my ($table_columns,$table_indices) =
- &LONCAPA::lonmetadata::describe_metadata_storage('allusers');
- foreach my $coldata (@{$table_columns}) {
- push(@fields,$coldata->{'name'});
- }
- my $fieldlist = join(',',@fields);
- $query = "SELECT $fieldlist FROM allusers WHERE (domain = $quoted_dom AND ";
- if ($srchby eq 'lastfirst') {
- my ($fraglast,$fragfirst) = split(/,/,$srchterm);
- $fragfirst =~ s/^\s+//;
- $fraglast =~ s/\s+$//;
- if ($srchtype eq 'exact') {
- $query .= 'lastname = '.$dbh->quote($fraglast).
- ' AND firstname = '.$dbh->quote($fragfirst);
- } elsif ($srchtype eq 'begins') {
- $query .= 'lastname LIKE '.$dbh->quote($fraglast.'%').' AND firstname LIKE '.$dbh->quote($fragfirst.'%');
- } else {
- $query .= 'lastname LIKE '.$dbh->quote('%'.$fraglast.'%').' AND firstname LIKE '.$dbh->quote('%'.$fragfirst.'%');
- }
+ my ($srchby,$srchtype,$srchterm);
+ if ((&unescape($arg1) eq $searchdomain) &&
+ ($arg2 =~ /\%\%/)) {
+ ($srchby,$srchtype) =
+ map {&unescape($_);} (split(/\%\%/,$arg2));
+ my $srchterm = &unescape($arg3);
} else {
- my %srchfield = (
- uname => 'username',
- lastname => 'lastname',
- );
- if ($srchtype eq 'exact') {
- $query .= $srchfield{$srchby}.' = '.$dbh->quote($srchterm);
- } elsif ($srchtype eq 'begins') {
- $query .= $srchfield{$srchby}.' LIKE '.$dbh->quote($srchterm.'%');
- } else {
- $query .= $srchfield{$srchby}.' LIKE '.$dbh->quote('%'.$srchterm.'%');
- }
+ ($srchby,$srchtype,$srchterm) =
+ map {&unescape($_);} ($arg1,$arg2,$arg3);
}
- $query .= ") ORDER BY username ";
- my $sth = $dbh->prepare($query);
- if ($sth->execute()) {
- my @results;
- while (my @row = $sth->fetchrow_array) {
- my @items;
- for (my $i=0; $i<@row; $i++) {
- push(@items,&escape($fields[$i]).'='.&escape($row[$i]));
- }
- push(@results,join(":", @items));
- }
- $sth->finish;
- $result = &escape(join("&",@results));
- } else {
- &logthis('<font color="blue">'.
- 'WARNING: Could not retrieve from database:'.
- $sth->errstr().'</font>');
- }
+ $result = &do_user_search($searchdomain,$srchby,
+ $srchtype,$srchterm);
} elsif ($query eq 'instdirsearch') {
$result = &do_inst_dir_search($searchdomain,$arg1,$arg2,$arg3);
} elsif ($query eq 'prepare activity log') {
@@ -551,6 +507,67 @@ sub make_new_child {
}
}
+sub do_user_search {
+ my ($domain,$srchby,$srchtype,$srchterm) = @_;
+ my $result;
+ my $quoted_dom = $dbh->quote( $domain );
+ my ($query,$quoted_srchterm,@fields);
+ my ($table_columns,$table_indices) =
+ &LONCAPA::lonmetadata::describe_metadata_storage('allusers');
+ foreach my $coldata (@{$table_columns}) {
+ push(@fields,$coldata->{'name'});
+ }
+ my $fieldlist = join(',',@fields);
+ $query = "SELECT $fieldlist FROM allusers WHERE (domain = $quoted_dom AND ";
+ if ($srchby eq 'lastfirst') {
+ my ($fraglast,$fragfirst) = split(/,/,$srchterm);
+ $fragfirst =~ s/^\s+//;
+ $fraglast =~ s/\s+$//;
+ if ($srchtype eq 'exact') {
+ $query .= 'lastname = '.$dbh->quote($fraglast).
+ ' AND firstname = '.$dbh->quote($fragfirst);
+ } elsif ($srchtype eq 'begins') {
+ $query .= 'lastname LIKE '.$dbh->quote($fraglast.'%').
+ ' AND firstname LIKE '.$dbh->quote($fragfirst.'%');
+ } else {
+ $query .= 'lastname LIKE '.$dbh->quote('%'.$fraglast.'%').
+ ' AND firstname LIKE '.$dbh->quote('%'.$fragfirst.'%');
+ }
+ } else {
+ my %srchfield = (
+ uname => 'username',
+ lastname => 'lastname',
+ );
+ if ($srchtype eq 'exact') {
+ $query .= $srchfield{$srchby}.' = '.$dbh->quote($srchterm);
+ } elsif ($srchtype eq 'begins') {
+ $query .= $srchfield{$srchby}.' LIKE '.$dbh->quote($srchterm.'%');
+ } else {
+ $query .= $srchfield{$srchby}.' LIKE '.$dbh->quote('%'.$srchterm.'%');
+ }
+ }
+ $query .= ") ORDER BY username ";
+ my $sth = $dbh->prepare($query);
+ if ($sth->execute()) {
+ my @results;
+ while (my @row = $sth->fetchrow_array) {
+ my @items;
+ for (my $i=0; $i<@row; $i++) {
+ push(@items,&escape($fields[$i]).'='.&escape($row[$i]));
+ }
+ my $userstr = join(':', @items);
+ push(@results,&escape($userstr));
+ }
+ $sth->finish;
+ $result = join('&',@results);
+ } else {
+ &logthis('<font color="blue">'.
+ 'WARNING: Could not retrieve from database:'.
+ $sth->errstr().'</font>');
+ }
+ return $result;
+}
+
sub do_inst_dir_search {
my ($domain,$srchby,$srchterm,$srchtype) = @_;
$srchby = &unescape($srchby);