diff --git a/mod/data/field/checkbox/field.class.php b/mod/data/field/checkbox/field.class.php index b70bd4e..17b98b1 100755 --- a/mod/data/field/checkbox/field.class.php +++ b/mod/data/field/checkbox/field.class.php @@ -113,17 +113,18 @@ class data_field_checkbox extends data_field_base { } return array('checked'=>$selected, 'allrequired'=>$allrequired); } - + function generate_sql($tablealias, $value) { $allrequired = $value['allrequired']; $selected = $value['checked']; + $varcharcontent = sql_compare_text("{$tablealias}.content", 255); if ($selected) { $conditions = array(); foreach ($selected as $sel) { $likesel = str_replace('%', '\%', $sel); $likeselsel = str_replace('_', '\_', $likesel); - $conditions[] = "({$tablealias}.fieldid = {$this->field->id} AND ({$tablealias}.content = '$sel' + $conditions[] = "({$tablealias}.fieldid = {$this->field->id} AND ($varcharcontent = '$sel' OR {$tablealias}.content LIKE '$likesel##%' OR {$tablealias}.content LIKE '%##$likesel' OR {$tablealias}.content LIKE '%##$likesel##%'))"; @@ -138,7 +139,6 @@ class data_field_checkbox extends data_field_base { } } - function update_content($recordid, $value, $name='') { $content = new object(); $content->fieldid = $this->field->id; diff --git a/mod/data/field/latlong/field.class.php b/mod/data/field/latlong/field.class.php index c5ef25a..5cbe4e5 100755 --- a/mod/data/field/latlong/field.class.php +++ b/mod/data/field/latlong/field.class.php @@ -70,17 +70,19 @@ class data_field_latlong extends data_field_base { function display_search_field($value = '') { global $CFG; - $lats = get_records_sql_menu('SELECT id, content from '.$CFG->prefix.'data_content WHERE fieldid='.$this->field->id.' GROUP BY content ORDER BY content'); - $longs = get_records_sql_menu('SELECT id, content1 from '.$CFG->prefix.'data_content WHERE fieldid='.$this->field->id.' GROUP BY content ORDER BY content'); + $varcharlat = sql_compare_text('content'); + $varcharlong= sql_compare_text('content1'); + $latlongsrs = get_recordset_sql( + "SELECT DISTINCT $varcharlat AS la, $varcharlong AS lo + FROM {$CFG->prefix}data_content + WHERE fieldid = {$this->field->id} + ORDER BY $varcharlat, $varcharlong"); $options = array(); - if(!empty($lats) && !empty($longs)) { - $options[''] = ''; - // Make first index blank. - foreach($lats as $key => $temp) { - $options[$temp.','.$longs[$key]] = $temp.','.$longs[$key]; - } + while ($latlong = rs_fetch_next_record($latlongsrs)) { + $options[$latlong->la . ',' . $latlong->lo] = $latlong->la . ',' . $latlong->lo; } - return choose_from_menu($options, 'f_'.$this->field->id, $value, 'choose', '', 0, true); + rs_close($latlongsrs); + return choose_from_menu($options, 'f_'.$this->field->id, $value, 'choose', '', 0, true); } function parse_search_field() { @@ -91,7 +93,9 @@ class data_field_latlong extends data_field_base { $latlong[0] = ''; $latlong[1] = ''; $latlong = explode (',', $value, 2); - return " ({$tablealias}.fieldid = {$this->field->id} AND {$tablealias}.content = '$latlong[0]' AND {$tablealias}.content1 = '$latlong[1]') "; + $varcharlat = sql_compare_text("{$tablealias}.content"); + $varcharlong= sql_compare_text("{$tablealias}.content1"); + return " ({$tablealias}.fieldid = {$this->field->id} AND $varcharlat = '$latlong[0]' AND $varcharlong = '$latlong[1]') "; } function display_browse_field($recordid, $template) { diff --git a/mod/data/field/menu/field.class.php b/mod/data/field/menu/field.class.php index 16aba4d..7b374e8 100755 --- a/mod/data/field/menu/field.class.php +++ b/mod/data/field/menu/field.class.php @@ -56,14 +56,16 @@ class data_field_menu extends data_field_base { return $str; } - + function display_search_field($content = '') { global $CFG; - $usedoptions = array(); - $sql = "SELECT DISTINCT content + $varcharcontent = sql_compare_text('content', 255); + $sql = "SELECT DISTINCT $varcharcontent AS content FROM {$CFG->prefix}data_content WHERE fieldid={$this->field->id} AND content IS NOT NULL"; + + $usedoptions = array(); if ($used = get_records_sql($sql)) { foreach ($used as $data) { $value = $data->content; @@ -87,7 +89,7 @@ class data_field_menu extends data_field_base { return ''; } - return choose_from_menu($options, 'f_'.$this->field->id, stripslashes($content), ' ', '', 0, true); + return choose_from_menu($options, 'f_'.$this->field->id, stripslashes($content), 'choose', '', 0, true); } function parse_search_field() { @@ -95,7 +97,8 @@ class data_field_menu extends data_field_base { } function generate_sql($tablealias, $value) { - return " ({$tablealias}.fieldid = {$this->field->id} AND {$tablealias}.content = '$value') "; + $varcharcontent = sql_compare_text("{$tablealias}.content", 255); + return " ({$tablealias}.fieldid = {$this->field->id} AND $varcharcontent = '$value') "; } } diff --git a/mod/data/field/multimenu/field.class.php b/mod/data/field/multimenu/field.class.php index 038a494..a51a674 100755 --- a/mod/data/field/multimenu/field.class.php +++ b/mod/data/field/multimenu/field.class.php @@ -78,10 +78,12 @@ class data_field_multimenu extends data_field_base { $str = ''; + return ''; } - + function parse_search_field() { return optional_param('f_'.$this->field->id, '', PARAM_NOTAGS); } - + function generate_sql($tablealias, $value) { - return " ({$tablealias}.fieldid = {$this->field->id} AND {$tablealias}.content LIKE '%{$value}%') "; + return " ({$tablealias}.fieldid = {$this->field->id} AND {$tablealias}.content LIKE '%{$value}%') "; } - + } ?> diff --git a/mod/data/field/textarea/field.class.php b/mod/data/field/textarea/field.class.php index 9d22247..7ebf19c 100755 --- a/mod/data/field/textarea/field.class.php +++ b/mod/data/field/textarea/field.class.php @@ -68,20 +68,20 @@ class data_field_textarea extends data_field_base { $str .= ''; return $str; } - - + + function display_search_field($value = '') { - return ''; + return ''; } - + function parse_search_field() { return optional_param('f_'.$this->field->id, '', PARAM_NOTAGS); } - + function generate_sql($tablealias, $value) { - return " ({$tablealias}.fieldid = {$this->field->id} AND {$tablealias}.content LIKE '%{$value}%') "; + return " ({$tablealias}.fieldid = {$this->field->id} AND {$tablealias}.content LIKE '%{$value}%') "; } - + function gen_textarea($usehtmleditor, $text='') { // MDL-16018: Don't print htmlarea with < 7 lines height, causes visualization problem $text = clean_text($text); diff --git a/mod/data/view.php b/mod/data/view.php index b717a18..45fe21c 100755 --- a/mod/data/view.php +++ b/mod/data/view.php @@ -504,10 +504,10 @@ } else { - $sortcontent = $sortfield->get_sort_field(); - $sortcontentfull = $sortfield->get_sort_sql('c.'.$sortcontent); + $sortcontent = sql_compare_text('c.' . $sortfield->get_sort_field()); + $sortcontentfull = $sortfield->get_sort_sql($sortcontent); - $what = ' DISTINCT r.id, r.approved, r.timecreated, r.timemodified, r.userid, u.firstname, u.lastname, '.sql_compare_text($sortcontentfull).' AS _order '; + $what = ' DISTINCT r.id, r.approved, r.timecreated, r.timemodified, r.userid, u.firstname, u.lastname, '.$sortcontentfull.' AS _order '; $count = ' COUNT(DISTINCT c.recordid) '; $tables = $CFG->prefix.'data_content c,'.$CFG->prefix.'data_records r,'.$CFG->prefix.'data_content cs, '.$CFG->prefix.'user u '; $where = 'WHERE c.recordid = r.id @@ -545,7 +545,6 @@ $fromsql = "FROM $tables $advtables $where $advwhere $groupselect $approveselect $searchselect $advsearchselect"; $sqlselect = "SELECT $what $fromsql $sortorder"; $sqlcount = "SELECT $count $fromsql"; // Total number of records when searching - $sqlrids = "SELECT tmp.id FROM ($sqlselect) tmp"; $sqlmax = "SELECT $count FROM $tables $where $groupselect $approveselect"; // number of all recoirds user may see /// Work out the paging numbers and counts @@ -562,7 +561,8 @@ $mode = 'single'; $page = 0; - if ($allrecordids = get_records_sql($sqlrids)) { + // TODO: Improve this because we are executing $sqlselect twice (here and some lines below)! + if ($allrecordids = get_fieldset_sql($sqlselect)) { $allrecordids = array_keys($allrecordids); $page = (int)array_search($record->id, $allrecordids); unset($allrecordids);