[civicrm-core.git] / CRM / Contact / Form / Search / Custom / Base.php

<?php
/*
 +--------------------------------------------------------------------+
 | CiviCRM version 4.7                                                |
 +--------------------------------------------------------------------+
 | Copyright CiviCRM LLC (c) 2004-2015                                |
 +--------------------------------------------------------------------+
 | This file is a part of CiviCRM.                                    |
 |                                                                    |
 | CiviCRM is free software; you can copy, modify, and distribute it  |
 | under the terms of the GNU Affero General Public License           |
 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception.   |
 |                                                                    |
 | CiviCRM is distributed in the hope that it will be useful, but     |
 | WITHOUT ANY WARRANTY; without even the implied warranty of         |
 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.               |
 | See the GNU Affero General Public License for more details.        |
 |                                                                    |
 | You should have received a copy of the GNU Affero General Public   |
 | License and the CiviCRM Licensing Exception along                  |
 | with this program; if not, contact CiviCRM LLC                     |
 | at info[AT]civicrm[DOT]org. If you have questions about the        |
 | GNU Affero General Public License or the licensing of CiviCRM,     |
 | see the CiviCRM license FAQ at http://civicrm.org/licensing        |
 +--------------------------------------------------------------------+
 */

/**
 *
 * @package CRM
 * @copyright CiviCRM LLC (c) 2004-2015
 */
class CRM_Contact_Form_Search_Custom_Base {

  protected $_formValues;

  protected $_columns;

  protected $_stateID;

  /**
   * Class constructor.
   *
   * @param array $formValues
   */
  public function __construct(&$formValues) {
    $this->_formValues = &$formValues;
  }

  /**
   * Builds the list of tasks or actions that a searcher can perform on a result set.
   *
   * The returned array completely replaces the task list, so a child class that
   * wants to modify the existing list should manipulate the result of this method.
   *
   * @param CRM_Core_Form_Search $form
   * @return array
   */
  public function buildTaskList(CRM_Core_Form_Search $form) {
    return $form->getVar('_taskList');
  }

  /**
   * @return null|string
   */
  public function count() {
    return CRM_Core_DAO::singleValueQuery($this->sql('count(distinct contact_a.id) as total'));
  }

  /**
   * @return null
   */
  public function summary() {
    return NULL;
  }

  /**
   * @param int $offset
   * @param int $rowcount
   * @param null $sort
   * @param bool $returnSQL
   *
   * @return string
   */
  public function contactIDs($offset = 0, $rowcount = 0, $sort = NULL, $returnSQL = FALSE) {
    $sql = $this->sql(
      'contact_a.id as contact_id',
      $offset,
      $rowcount,
      $sort
    );
    $this->validateUserSQL($sql);

    if ($returnSQL) {
      return $sql;
    }

    return CRM_Core_DAO::composeQuery($sql, CRM_Core_DAO::$_nullArray);
  }

  /**
   * @param $selectClause
   * @param int $offset
   * @param int $rowcount
   * @param null $sort
   * @param bool $includeContactIDs
   * @param null $groupBy
   *
   * @return string
   */
  public function sql(
    $selectClause,
    $offset = 0,
    $rowcount = 0,
    $sort = NULL,
    $includeContactIDs = FALSE,
    $groupBy = NULL
  ) {

    $sql = "SELECT $selectClause " . $this->from();
    $where = $this->where();
    if (!empty($where)) {
      $sql .= " WHERE " . $where;
    }

    if ($includeContactIDs) {
      $this->includeContactIDs($sql,
        $this->_formValues
      );
    }

    if ($groupBy) {
      $sql .= " $groupBy ";
    }

    $this->addSortOffset($sql, $offset, $rowcount, $sort);
    return $sql;
  }

  /**
   * @return null
   */
  public function templateFile() {
    return NULL;
  }

  public function &columns() {
    return $this->_columns;
  }

  /**
   * @param $sql
   * @param $formValues
   */
  public static function includeContactIDs(&$sql, &$formValues) {
    $contactIDs = array();
    foreach ($formValues as $id => $value) {
      if ($value &&
        substr($id, 0, CRM_Core_Form::CB_PREFIX_LEN) == CRM_Core_Form::CB_PREFIX
      ) {
        $contactIDs[] = substr($id, CRM_Core_Form::CB_PREFIX_LEN);
      }
    }

    if (!empty($contactIDs)) {
      $contactIDs = implode(', ', $contactIDs);
      $sql .= " AND contact_a.id IN ( $contactIDs )";
    }
  }

  /**
   * @param $sql
   * @param $offset
   * @param $rowcount
   * @param $sort
   */
  public function addSortOffset(&$sql, $offset, $rowcount, $sort) {
    if (!empty($sort)) {
      if (is_string($sort)) {
        $sort = CRM_Utils_Type::escape($sort, 'String');
        $sql .= " ORDER BY $sort ";
      }
      else {
        $sql .= " ORDER BY " . trim($sort->orderBy());
      }
    }

    if ($rowcount > 0 && $offset >= 0) {
      $offset = CRM_Utils_Type::escape($offset, 'Int');
      $rowcount = CRM_Utils_Type::escape($rowcount, 'Int');

      $sql .= " LIMIT $offset, $rowcount ";
    }
  }

  /**
   * @param $sql
   * @param bool $onlyWhere
   *
   * @throws Exception
   */
  public function validateUserSQL(&$sql, $onlyWhere = FALSE) {
    $includeStrings = array('contact_a');
    $excludeStrings = array('insert', 'delete', 'update');

    if (!$onlyWhere) {
      $includeStrings += array('select', 'from', 'where', 'civicrm_contact');
    }

    foreach ($includeStrings as $string) {
      if (stripos($sql, $string) === FALSE) {
        CRM_Core_Error::fatal(ts('Could not find \'%1\' string in SQL clause.',
          array(1 => $string)
        ));
      }
    }

    foreach ($excludeStrings as $string) {
      if (preg_match('/(\s' . $string . ')|(' . $string . '\s)/i', $sql)) {
        CRM_Core_Error::fatal(ts('Found illegal \'%1\' string in SQL clause.',
          array(1 => $string)
        ));
      }
    }
  }

  /**
   * @param $where
   * @param array $params
   *
   * @return string
   */
  public function whereClause(&$where, &$params) {
    return CRM_Core_DAO::composeQuery($where, $params, TRUE);
  }

  /**
   * override this method to define the contact query object
   * used for creating $sql
   * @return null
   */
  public function getQueryObj() {
    return NULL;
  }

  /**
   * Set the title.
   *
   * @param string $title
   */
  public function setTitle($title) {
    if ($title) {
      CRM_Utils_System::setTitle($title);
    }
    else {
      CRM_Utils_System::setTitle(ts('Search'));
    }
  }

}
Commit	Line	Data
6a488035 TO	1	<?php
	2	/*
	3	+--------------------------------------------------------------------+
7e9e8871	4	\| CiviCRM version 4.7 \|
6a488035	5	+--------------------------------------------------------------------+
e7112fa7	6	\| Copyright CiviCRM LLC (c) 2004-2015 \|
6a488035 TO	7	+--------------------------------------------------------------------+
	8	\| This file is a part of CiviCRM. \|
	9	\| \|
	10	\| CiviCRM is free software; you can copy, modify, and distribute it \|
	11	\| under the terms of the GNU Affero General Public License \|
	12	\| Version 3, 19 November 2007 and the CiviCRM Licensing Exception. \|
	13	\| \|
	14	\| CiviCRM is distributed in the hope that it will be useful, but \|
	15	\| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	16	\| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. \|
	17	\| See the GNU Affero General Public License for more details. \|
	18	\| \|
	19	\| You should have received a copy of the GNU Affero General Public \|
	20	\| License and the CiviCRM Licensing Exception along \|
	21	\| with this program; if not, contact CiviCRM LLC \|
	22	\| at info[AT]civicrm[DOT]org. If you have questions about the \|
	23	\| GNU Affero General Public License or the licensing of CiviCRM, \|
	24	\| see the CiviCRM license FAQ at http://civicrm.org/licensing \|
	25	+--------------------------------------------------------------------+
d25dd0ee	26	*/
6a488035 TO	27
	28	/**
	29	*
	30	* @package CRM
e7112fa7	31	* @copyright CiviCRM LLC (c) 2004-2015
6a488035 TO	32	*/
	33	class CRM_Contact_Form_Search_Custom_Base {
	34
	35	protected $_formValues;
	36
	37	protected $_columns;
	38
	39	protected $_stateID;
	40
86538308	41	/**
5a409b50	42	* Class constructor.
	43	*
	44	* @param array $formValues
86538308	45	*/
00be9182	46	public function __construct(&$formValues) {
6a488035 TO	47	$this->_formValues = &$formValues;
	48	}
	49
7a3978aa FG	50	/**
	51	* Builds the list of tasks or actions that a searcher can perform on a result set.
	52	*
	53	* The returned array completely replaces the task list, so a child class that
	54	* wants to modify the existing list should manipulate the result of this method.
	55	*
	56	* @param CRM_Core_Form_Search $form
	57	* @return array
	58	*/
383e190d	59	public function buildTaskList(CRM_Core_Form_Search $form) {
7a3978aa FG	60	return $form->getVar('_taskList');
	61	}
	62
86538308 EM	63	/**
	64	* @return null\|string
	65	*/
00be9182	66	public function count() {
6a488035 TO	67	return CRM_Core_DAO::singleValueQuery($this->sql('count(distinct contact_a.id) as total'));
	68	}
	69
86538308 EM	70	/**
	71	* @return null
	72	*/
00be9182	73	public function summary() {
6a488035 TO	74	return NULL;
	75	}
	76
86538308 EM	77	/**
	78	* @param int $offset
	79	* @param int $rowcount
	80	* @param null $sort
	81	* @param bool $returnSQL
	82	*
	83	* @return string
	84	*/
00be9182	85	public function contactIDs($offset = 0, $rowcount = 0, $sort = NULL, $returnSQL = FALSE) {
6a488035 TO	86	$sql = $this->sql(
	87	'contact_a.id as contact_id',
	88	$offset,
	89	$rowcount,
	90	$sort
	91	);
	92	$this->validateUserSQL($sql);
	93
	94	if ($returnSQL) {
	95	return $sql;
	96	}
	97
	98	return CRM_Core_DAO::composeQuery($sql, CRM_Core_DAO::$_nullArray);
	99	}
	100
86538308 EM	101	/**
	102	* @param $selectClause
	103	* @param int $offset
	104	* @param int $rowcount
	105	* @param null $sort
	106	* @param bool $includeContactIDs
	107	* @param null $groupBy
	108	*
	109	* @return string
	110	*/
acb1052e	111	public function sql(
6a488035	112	$selectClause,
242bd179	113	$offset = 0,
6a488035 TO	114	$rowcount = 0,
	115	$sort = NULL,
	116	$includeContactIDs = FALSE,
242bd179	117	$groupBy = NULL
6a488035 TO	118	) {
	119
	120	$sql = "SELECT $selectClause " . $this->from();
	121	$where = $this->where();
	122	if (!empty($where)) {
	123	$sql .= " WHERE " . $where;
	124	}
	125
	126	if ($includeContactIDs) {
	127	$this->includeContactIDs($sql,
	128	$this->_formValues
	129	);
	130	}
	131
	132	if ($groupBy) {
	133	$sql .= " $groupBy ";
	134	}
	135
	136	$this->addSortOffset($sql, $offset, $rowcount, $sort);
	137	return $sql;
	138	}
	139
86538308 EM	140	/**
	141	* @return null
	142	*/
00be9182	143	public function templateFile() {
6a488035 TO	144	return NULL;
	145	}
	146
00be9182	147	public function &columns() {
6a488035 TO	148	return $this->_columns;
	149	}
	150
86538308 EM	151	/**
	152	* @param $sql
	153	* @param $formValues
	154	*/
00be9182	155	public static function includeContactIDs(&$sql, &$formValues) {
6a488035 TO	156	$contactIDs = array();
	157	foreach ($formValues as $id => $value) {
	158	if ($value &&
	159	substr($id, 0, CRM_Core_Form::CB_PREFIX_LEN) == CRM_Core_Form::CB_PREFIX
	160	) {
	161	$contactIDs[] = substr($id, CRM_Core_Form::CB_PREFIX_LEN);
	162	}
	163	}
	164
	165	if (!empty($contactIDs)) {
	166	$contactIDs = implode(', ', $contactIDs);
	167	$sql .= " AND contact_a.id IN ( $contactIDs )";
	168	}
	169	}
	170
86538308 EM	171	/**
	172	* @param $sql
	173	* @param $offset
	174	* @param $rowcount
	175	* @param $sort
	176	*/
00be9182	177	public function addSortOffset(&$sql, $offset, $rowcount, $sort) {
6a488035 TO	178	if (!empty($sort)) {
6a488035 TO	179	if (is_string($sort)) {
21d32567	180	$sort = CRM_Utils_Type::escape($sort, 'String');
6a488035 TO	181	$sql .= " ORDER BY $sort ";
	182	}
	183	else {
	184	$sql .= " ORDER BY " . trim($sort->orderBy());
	185	}
	186	}
	187
	188	if ($rowcount > 0 && $offset >= 0) {
bf00d1b6	189	$offset = CRM_Utils_Type::escape($offset, 'Int');
dd3a4117	190	$rowcount = CRM_Utils_Type::escape($rowcount, 'Int');
bf00d1b6	191
6a488035 TO	192	$sql .= " LIMIT $offset, $rowcount ";
	193	}
	194	}
	195
86538308 EM	196	/**
	197	* @param $sql
	198	* @param bool $onlyWhere
	199	*
	200	* @throws Exception
	201	*/
00be9182	202	public function validateUserSQL(&$sql, $onlyWhere = FALSE) {
6a488035 TO	203	$includeStrings = array('contact_a');
	204	$excludeStrings = array('insert', 'delete', 'update');
	205
	206	if (!$onlyWhere) {
	207	$includeStrings += array('select', 'from', 'where', 'civicrm_contact');
	208	}
	209
	210	foreach ($includeStrings as $string) {
	211	if (stripos($sql, $string) === FALSE) {
	212	CRM_Core_Error::fatal(ts('Could not find \'%1\' string in SQL clause.',
353ffa53 TO	213	array(1 => $string)
353ffa53 TO	214	));
6a488035 TO	215	}
	216	}
	217
	218	foreach ($excludeStrings as $string) {
	219	if (preg_match('/(\s' . $string . ')\|(' . $string . '\s)/i', $sql)) {
	220	CRM_Core_Error::fatal(ts('Found illegal \'%1\' string in SQL clause.',
353ffa53 TO	221	array(1 => $string)
353ffa53 TO	222	));
6a488035 TO	223	}
	224	}
	225	}
	226
86538308 EM	227	/**
86538308 EM	228	* @param $where
c490a46a	229	* @param array $params
86538308 EM	230	*
	231	* @return string
	232	*/
00be9182	233	public function whereClause(&$where, &$params) {
6a488035 TO	234	return CRM_Core_DAO::composeQuery($where, $params, TRUE);
6a488035 TO	235	}
6a488035	236
86538308	237	/**
4f1f1f2a CW	238	* override this method to define the contact query object
4f1f1f2a CW	239	* used for creating $sql
86538308 EM	240	* @return null
86538308 EM	241	*/
00be9182	242	public function getQueryObj() {
d9ab802d PJ	243	return NULL;
d9ab802d PJ	244	}
96025800	245
4bc31366 EM	246	/**
	247	* Set the title.
	248	*
	249	* @param string $title
	250	*/
383e190d	251	public function setTitle($title) {
4bc31366 EM	252	if ($title) {
	253	CRM_Utils_System::setTitle($title);
	254	}
	255	else {
	256	CRM_Utils_System::setTitle(ts('Search'));
	257	}
	258	}
	259
232624b1	260	}