Commit | Line | Data |
---|---|---|
6a488035 TO |
1 | <?php |
2 | /* | |
3 | +--------------------------------------------------------------------+ | |
06b69b18 | 4 | | CiviCRM version 4.5 | |
6a488035 | 5 | +--------------------------------------------------------------------+ |
06b69b18 | 6 | | Copyright CiviCRM LLC (c) 2004-2014 | |
6a488035 TO |
7 | +--------------------------------------------------------------------+ |
8 | | This file is a part of CiviCRM. | | |
9 | | | | |
10 | | CiviCRM is free software; you can copy, modify, and distribute it | | |
11 | | under the terms of the GNU Affero General Public License | | |
12 | | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. | | |
13 | | | | |
14 | | CiviCRM is distributed in the hope that it will be useful, but | | |
15 | | WITHOUT ANY WARRANTY; without even the implied warranty of | | |
16 | | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | | |
17 | | See the GNU Affero General Public License for more details. | | |
18 | | | | |
19 | | You should have received a copy of the GNU Affero General Public | | |
20 | | License and the CiviCRM Licensing Exception along | | |
21 | | with this program; if not, contact CiviCRM LLC | | |
22 | | at info[AT]civicrm[DOT]org. If you have questions about the | | |
23 | | GNU Affero General Public License or the licensing of CiviCRM, | | |
24 | | see the CiviCRM license FAQ at http://civicrm.org/licensing | | |
25 | +--------------------------------------------------------------------+ | |
26 | */ | |
27 | ||
28 | /** | |
29 | * | |
30 | * @package CRM | |
06b69b18 | 31 | * @copyright CiviCRM LLC (c) 2004-2014 |
6a488035 TO |
32 | * $Id$ |
33 | * | |
34 | */ | |
35 | class CRM_Contact_Form_Search_Custom_Base { | |
36 | ||
37 | protected $_formValues; | |
38 | ||
39 | protected $_columns; | |
40 | ||
41 | protected $_stateID; | |
42 | ||
86538308 EM |
43 | /** |
44 | * @param $formValues | |
45 | */ | |
6a488035 TO |
46 | function __construct(&$formValues) { |
47 | $this->_formValues = &$formValues; | |
48 | } | |
49 | ||
86538308 EM |
50 | /** |
51 | * @return null|string | |
52 | */ | |
6a488035 TO |
53 | function count() { |
54 | return CRM_Core_DAO::singleValueQuery($this->sql('count(distinct contact_a.id) as total')); | |
55 | } | |
56 | ||
86538308 EM |
57 | /** |
58 | * @return null | |
59 | */ | |
6a488035 TO |
60 | function summary() { |
61 | return NULL; | |
62 | } | |
63 | ||
86538308 EM |
64 | /** |
65 | * @param int $offset | |
66 | * @param int $rowcount | |
67 | * @param null $sort | |
68 | * @param bool $returnSQL | |
69 | * | |
70 | * @return string | |
71 | */ | |
6a488035 TO |
72 | function contactIDs($offset = 0, $rowcount = 0, $sort = NULL, $returnSQL = FALSE) { |
73 | $sql = $this->sql( | |
74 | 'contact_a.id as contact_id', | |
75 | $offset, | |
76 | $rowcount, | |
77 | $sort | |
78 | ); | |
79 | $this->validateUserSQL($sql); | |
80 | ||
81 | if ($returnSQL) { | |
82 | return $sql; | |
83 | } | |
84 | ||
85 | return CRM_Core_DAO::composeQuery($sql, CRM_Core_DAO::$_nullArray); | |
86 | } | |
87 | ||
86538308 EM |
88 | /** |
89 | * @param $selectClause | |
90 | * @param int $offset | |
91 | * @param int $rowcount | |
92 | * @param null $sort | |
93 | * @param bool $includeContactIDs | |
94 | * @param null $groupBy | |
95 | * | |
96 | * @return string | |
97 | */ | |
6a488035 TO |
98 | function sql( |
99 | $selectClause, | |
100 | $offset = 0, | |
101 | $rowcount = 0, | |
102 | $sort = NULL, | |
103 | $includeContactIDs = FALSE, | |
104 | $groupBy = NULL | |
105 | ) { | |
106 | ||
107 | $sql = "SELECT $selectClause " . $this->from(); | |
108 | $where = $this->where(); | |
109 | if (!empty($where)) { | |
110 | $sql .= " WHERE " . $where; | |
111 | } | |
112 | ||
113 | if ($includeContactIDs) { | |
114 | $this->includeContactIDs($sql, | |
115 | $this->_formValues | |
116 | ); | |
117 | } | |
118 | ||
119 | if ($groupBy) { | |
120 | $sql .= " $groupBy "; | |
121 | } | |
122 | ||
123 | $this->addSortOffset($sql, $offset, $rowcount, $sort); | |
124 | return $sql; | |
125 | } | |
126 | ||
86538308 EM |
127 | /** |
128 | * @return null | |
129 | */ | |
6a488035 TO |
130 | function templateFile() { |
131 | return NULL; | |
132 | } | |
133 | ||
134 | function &columns() { | |
135 | return $this->_columns; | |
136 | } | |
137 | ||
86538308 EM |
138 | /** |
139 | * @param $sql | |
140 | * @param $formValues | |
141 | */ | |
6a488035 TO |
142 | static function includeContactIDs(&$sql, &$formValues) { |
143 | $contactIDs = array(); | |
144 | foreach ($formValues as $id => $value) { | |
145 | if ($value && | |
146 | substr($id, 0, CRM_Core_Form::CB_PREFIX_LEN) == CRM_Core_Form::CB_PREFIX | |
147 | ) { | |
148 | $contactIDs[] = substr($id, CRM_Core_Form::CB_PREFIX_LEN); | |
149 | } | |
150 | } | |
151 | ||
152 | if (!empty($contactIDs)) { | |
153 | $contactIDs = implode(', ', $contactIDs); | |
154 | $sql .= " AND contact_a.id IN ( $contactIDs )"; | |
155 | } | |
156 | } | |
157 | ||
86538308 EM |
158 | /** |
159 | * @param $sql | |
160 | * @param $offset | |
161 | * @param $rowcount | |
162 | * @param $sort | |
163 | */ | |
6a488035 TO |
164 | function addSortOffset(&$sql, $offset, $rowcount, $sort) { |
165 | if (!empty($sort)) { | |
166 | if (is_string($sort)) { | |
21d32567 | 167 | $sort = CRM_Utils_Type::escape($sort, 'String'); |
6a488035 TO |
168 | $sql .= " ORDER BY $sort "; |
169 | } | |
170 | else { | |
171 | $sql .= " ORDER BY " . trim($sort->orderBy()); | |
172 | } | |
173 | } | |
174 | ||
175 | if ($rowcount > 0 && $offset >= 0) { | |
bf00d1b6 | 176 | $offset = CRM_Utils_Type::escape($offset, 'Int'); |
dd3a4117 | 177 | $rowcount = CRM_Utils_Type::escape($rowcount, 'Int'); |
bf00d1b6 | 178 | |
6a488035 TO |
179 | $sql .= " LIMIT $offset, $rowcount "; |
180 | } | |
181 | } | |
182 | ||
86538308 EM |
183 | /** |
184 | * @param $sql | |
185 | * @param bool $onlyWhere | |
186 | * | |
187 | * @throws Exception | |
188 | */ | |
6a488035 TO |
189 | function validateUserSQL(&$sql, $onlyWhere = FALSE) { |
190 | $includeStrings = array('contact_a'); | |
191 | $excludeStrings = array('insert', 'delete', 'update'); | |
192 | ||
193 | if (!$onlyWhere) { | |
194 | $includeStrings += array('select', 'from', 'where', 'civicrm_contact'); | |
195 | } | |
196 | ||
197 | foreach ($includeStrings as $string) { | |
198 | if (stripos($sql, $string) === FALSE) { | |
199 | CRM_Core_Error::fatal(ts('Could not find \'%1\' string in SQL clause.', | |
200 | array(1 => $string) | |
201 | )); | |
202 | } | |
203 | } | |
204 | ||
205 | foreach ($excludeStrings as $string) { | |
206 | if (preg_match('/(\s' . $string . ')|(' . $string . '\s)/i', $sql)) { | |
207 | CRM_Core_Error::fatal(ts('Found illegal \'%1\' string in SQL clause.', | |
208 | array(1 => $string) | |
209 | )); | |
210 | } | |
211 | } | |
212 | } | |
213 | ||
86538308 EM |
214 | /** |
215 | * @param $where | |
c490a46a | 216 | * @param array $params |
86538308 EM |
217 | * |
218 | * @return string | |
219 | */ | |
6a488035 TO |
220 | function whereClause(&$where, &$params) { |
221 | return CRM_Core_DAO::composeQuery($where, $params, TRUE); | |
222 | } | |
6a488035 | 223 | |
d9ab802d PJ |
224 | // override this method to define the contact query object |
225 | // used for creating $sql | |
86538308 EM |
226 | /** |
227 | * @return null | |
228 | */ | |
d9ab802d PJ |
229 | function getQueryObj() { |
230 | return NULL; | |
231 | } | |
232624b1 | 232 | } |