WebSVN – eFlore/Applications.cel – Diff – /trunk/jrest/services/InventoryImageListPublic.php

 <?php
-Class InventoryImageListPublic extends DBAccessor {
-	private $DB = null;
-	private $start = 0;
-	private $limit = 100;
-	private $distinct = true;
+Class InventoryImageListPublic extends Cel {
-	private $criteres = array('mot_cles' => 'c.ci_meta_mots_cles',
+	private $criteres = array('mots-cles' => 'c.ci_meta_mots_cles',
 							'auteur' => 'c.ci_ce_utilisateur',
 							'commune' => 'b.location',
-							'departement' => 'b.id_location',
+							'dept' => 'b.id_location',
 							'taxon' => 'b.nom_ret');
+	function InventoryImageListPublic($config) {
+		parent::__construct($config);
-	function InventoryImageListPublic($config) {
+		$this->start = 0;
 		$this->limit = 100;
-		$this->config=$config;
+		$this->distinct = true;
+	}
 	function getRessource() {
-	}
-	function getElement($uid)
-	{
 		// uid[0] : utilisateur obligatoire
 		// uid[1] : critères de filtrage de la forme critère1:valeur1;critère2:valeur2
-		$this->DB = $this->connectDB($this->config,'cel_db');
+	function getElement($uid)
 		$requete_nb .= $requete;
 		$requete_debut = rtrim($requete_debut,'AND ');
 		$requete_nb = rtrim($requete_nb,'AND ');
-		$requete_debut .= ' ORDER BY '.((!is_null($this->orderby)) ? $this->orderby  : 'c.ci_meta_date_ajout DESC').' ';
+		$requete_debut .= ' ORDER BY c.ci_meta_date_ajout DESC ';
-		$requete_debut .= "LIMIT $this->start,$this->limit ";
-		$res =& $this->DB->query($requete_debut);
-        if (PEAR::isError($res)) {
+		$requete_debut .= "LIMIT $this->start,$this->limit ";
-        	die($res->getMessage());
-        }
 		$res_nb =& $this->DB->query($requete_nb);
-        if (PEAR::isError($res)) {
+		$res = $this->executerRequete($requete_debut);
-        	die($res->getMessage());
 		$res_nb =& $this->executerRequete($requete_nb);
         $images = array();
         $total = 0;
-		while ($row =& $res->fetchrow(DB_FETCHMODE_ASSOC)) {
+		foreach ($res as $row) {
 	    	$images[]= $row;
+	    	$nb_res = $row['nb_res'];
+    	}
 	    	$nb_res = $row['nb_res'];
 		foreach ($res_nb as $row) {
 	    	$total= $row['nb_res'];
 		while ($row =& $res_nb->fetchrow(DB_FETCHMODE_ASSOC)) {
 			if(sizeof($nom_valeur) != 0)
+			{
 					if($nom_valeur[0] == "ci_limite")
 					{
-						$this->limite = $this->DB->escapeSimple($nom_valeur[1]) ;
+						$this->limite = $this->proteger($nom_valeur[1]) ;
+					}
 					elseif($nom_valeur[0] == "c.ci_numero_page")
 					{
-						$this->start = $this->limite*$this->DB->escapeSimple($nom_valeur[1]) ;
+						$this->start = $this->limite*$this->proteger($nom_valeur[1]) ;
+					}
 					elseif($nom_valeur[0] == "c.ci_meta_mots_cles")
-					{
-						$mots_cles = rtrim($nom_valeur[1], ',') ;
-						$mots_cles_liste = explode("," , $mots_cles) ;
-						foreach($mots_cles_liste as $mot_cle)
-						{
+					{
-							$requete .= $nom_valeur[0].' LIKE "%'.$this->DB->escapeSimple($mot_cle).'%"' ;
-							$requete .= ' AND ' ;
 						$requete .= $this->creerSousRequeteMotsCles($nom_valeur[1]);
+					}
 					elseif($nom_valeur[0] == "c.ci_meta_comment")
+					{
 						$mots_comment_liste = explode(" " , $nom_valeur[1]) ;
 						foreach($mots_comment_liste as $mot_comment)
 						{
 							$mot_comment = trim($mot_comment) ;
-							$requete .= $nom_valeur[0].' LIKE "%'.$this->DB->escapeSimple($mot_comment).'%"' ;
+							$requete .= $nom_valeur[0].' LIKE "%'.$this->proteger($mot_comment).'%"' ;
 							$requete .= ' AND ' ;
+						}
+					}
 					elseif($nom_valeur[0] == "c.ci_meta_date")
+					{
-						$requete .= 'DATE_FORMAT( '.$nom_valeur[0].', \'%Y-%m-%d\' ) = "'.$this->DB->escapeSimple($nom_valeur[1]).'"' ;
+						$requete .= 'DATE_FORMAT( '.$nom_valeur[0].', \'%Y-%m-%d\' ) = "'.$this->proteger($nom_valeur[1]).'"' ;
 						$requete .= ' AND ' ;
+					}
 					elseif($nom_valeur[0] == "c.ci_id_tampon")
 					{
 						$ids_tampon = rtrim($nom_valeur[1], ',') ;
-						$requete .= 'c.ci_id_image IN ( '.$this->DB->escapeSimple($ids_tampon).')' ;
+						$requete .= 'c.ci_id_image IN ( '.$this->proteger($ids_tampon).')' ;
+					}
 					elseif($nom_valeur[0] == "b.nom_ret")
+					{
 						if($nom_valeur[1] == "indetermine") {
 							$nom_valeur[1] = 'null';
 						}
 						$requete .= ' (';
-						$requete .= $nom_valeur[0].' LIKE "%'.$this->DB->escapeSimple($nom_valeur[1]).'%"' ;
+						$requete .= $nom_valeur[0].' LIKE "%'.$this->proteger($nom_valeur[1]).'%"' ;
 						$requete .= ' OR ' ;
-						$requete .= 'b.nom_sel LIKE "%'.$this->DB->escapeSimple($nom_valeur[1]).'%"' ;
+						$requete .= 'b.nom_sel LIKE "%'.$this->proteger($nom_valeur[1]).'%"' ;
 						$requete .= ') AND ' ;
 					} else
+					{
-						$requete .= $nom_valeur[0].' = "'.$this->DB->escapeSimple($nom_valeur[1]) ;
+						$requete .= $nom_valeur[0].' = "'.$this->proteger($nom_valeur[1]) ;
 		$chaine_requete = str_replace(' ','_',$chaine_requete);
 		$requete = ' (';
-		$requete .= 'b.nom_ret LIKE "'.$this->DB->escapeSimple($chaine_requete).'%"' ;
+		$requete .= 'b.nom_ret LIKE "'.$this->proteger($chaine_requete).'%"' ;
 		$requete .= ' OR ' ;
-		$requete .= 'b.nom_sel LIKE "'.$this->DB->escapeSimple($chaine_requete).'%"' ;
+		$requete .= 'b.nom_sel LIKE "'.$this->proteger($chaine_requete).'%"' ;
 		$requete .= ' OR ' ;
+		$requete .= 'b.location LIKE "'.$this->proteger($chaine_requete).'%" ' ;
+		$requete .= ' OR ' ;
-		$requete .= 'b.location LIKE "'.$this->DB->escapeSimple($chaine_requete).'%" ' ;
+		$requete .= 'b.id_location LIKE "'.$this->proteger($chaine_requete).'%" ' ;
 		$requete .= ' OR ' ;
+			}
+		}
 		return $tableau_criteres_pour_bdd;
+	}
+	private function creerSousRequeteMotsCles($mot_cle) {
+        $requete = '';
+        if (preg_match('/.*,.*/', $mot_cle)) {
+            $requete = $this->creerSousRequeteMotsClesOu($mot_cle);
+        } else if (preg_match('/.*ET.*/', $mot_cle)) {
+            $requete = $this->creerSousRequeteMotsClesEt($mot_cle);
+        } else {
+            // Construction de la requête
+            $prerequete =   "SELECT cmc_id_mot_cle_utilisateur, cmc_id_proprietaire FROM cel_mots_cles_images WHERE $where ".
+                'cmc_id_mot_cle_general = '.$this->proteger($this->encoderMotCle($mot_cle));
+            $elements = $this->executerRequete($prerequete);
+            if ($elements != false && count($elements) > 0) {
+                foreach ($elements as $occurence) {
+                    $requete .= '(ci_meta_mots_cles LIKE "%'.$occurence['cmc_id_mot_cle_utilisateur'].'%" AND ci_ce_utilisateur = '.
+                        $this->proteger($occurence['cmc_id_proprietaire']).' ) OR ';
+                }
+            }
+        }
+        $requete = rtrim($requete,' OR ').' AND ';
+        return $requete;
+    }
+    private function creerSousRequeteMotsClesOu($mot_cle) {
+        $requete = '';
+        $tab_mots_cles = explode(',', $mot_cle);
+        $where = '';
+        foreach ($tab_mots_cles as $mot) {
+            $where .= 'cmc_id_mot_cle_general = '.$this->proteger($this->encoderMotCle($mot)).' OR ';
+        }
+        $where = rtrim($where,' OR ');
+        // Construction de la requête
+        $prerequete =   "SELECT cmc_id_mot_cle_utilisateur, cmc_id_proprietaire FROM cel_mots_cles_images WHERE $where ";
+        $elements = $this->executerRequete($prerequete);//print_r($elements);
+        if ($elements != false && count($elements) > 0) {
+            foreach ($elements as $occurence) {
+                $requete .= '(ci_meta_mots_cles LIKE "%'.$occurence['cmc_id_mot_cle_utilisateur'].'%" AND ci_ce_utilisateur = '.
+                    $this->proteger($occurence['cmc_id_proprietaire']).' ) OR ';
+            }
+        }
+        return $requete;
+    }
+	private function creerSousRequeteMotsClesEt($mot_cle) {
+        $requete = '';
+        $where = '';
+        $champs = 'a.cmc_id_proprietaire , ';
+        $table = '';
+        $i = "a"; $j = "a";
+        $tab_mots_cles = explode("ET", $mot_cle);
+        foreach ($tab_mots_cles as $mot) {
+            $champs .= "$i.cmc_id_mot_cle_utilisateur as $i , ";
+            $table .= "cel_mots_cles_images $i , ";
+            $where .= "$i.cmc_id_mot_cle_general = ".$this->proteger($this->encoderMotCle($mot)).' AND ';
+            if ($i !== "a") {
+                $where .= " $i.cmc_id_proprietaire = ".$j.".cmc_id_proprietaire AND ";
+                $j++;
+            }
+            $i++;
+        }
+        $where = rtrim($where,' AND '); $champs = rtrim($champs,' , '); $table = rtrim($table,' , ');
+        // Construction de la requête
+        $prerequete =   "SELECT $champs FROM $table WHERE $where ";
+        $elements = $this->executerRequete($prerequete);//print_r($elements);
+        if ($elements != false && count($elements) > 0) {
+            foreach ($elements as $occurence) {
+                $requete = ' (';
+                for ($j = 'a'; $j < $i; $j++) {
+                    $requete .= 'ci_meta_mots_cles like "%'.$occurence[$j].'%" AND ';
+                }
+                $requete .= ' ci_ce_utilisateur = '.$this->proteger($occurence['cmc_id_proprietaire']).' ) OR ';
+            }
+        }
+        return $requete;
+    }
+}
 ?>

Subversion Repositories eFlore/Applications.cel

(root)/trunk/jrest/services/InventoryImageListPublic.php – Rev 605 → 761