[civicrm-core.git] / CRM / Core / BAO / CustomQuery.php

<?php
/*
 +--------------------------------------------------------------------+
 | CiviCRM version 4.7                                                |
 +--------------------------------------------------------------------+
 | Copyright CiviCRM LLC (c) 2004-2018                                |
 +--------------------------------------------------------------------+
 | This file is a part of CiviCRM.                                    |
 |                                                                    |
 | CiviCRM is free software; you can copy, modify, and distribute it  |
 | under the terms of the GNU Affero General Public License           |
 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception.   |
 |                                                                    |
 | CiviCRM is distributed in the hope that it will be useful, but     |
 | WITHOUT ANY WARRANTY; without even the implied warranty of         |
 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.               |
 | See the GNU Affero General Public License for more details.        |
 |                                                                    |
 | You should have received a copy of the GNU Affero General Public   |
 | License and the CiviCRM Licensing Exception along                  |
 | with this program; if not, contact CiviCRM LLC                     |
 | at info[AT]civicrm[DOT]org. If you have questions about the        |
 | GNU Affero General Public License or the licensing of CiviCRM,     |
 | see the CiviCRM license FAQ at http://civicrm.org/licensing        |
 +--------------------------------------------------------------------+
 */

/**
 *
 *
 * @package CRM
 * @copyright CiviCRM LLC (c) 2004-2018
 */
class CRM_Core_BAO_CustomQuery {
  const PREFIX = 'custom_value_';

  /**
   * The set of custom field ids.
   *
   * @var array
   */
  protected $_ids;

  /**
   * The select clause.
   *
   * @var array
   */
  public $_select;

  /**
   * The name of the elements that are in the select clause.
   * used to extract the values
   *
   * @var array
   */
  public $_element;

  /**
   * The tables involved in the query.
   *
   * @var array
   */
  public $_tables;
  public $_whereTables;

  /**
   * The where clause.
   *
   * @var array
   */
  public $_where;

  /**
   * The english language version of the query.
   *
   * @var array
   */
  public $_qill;

  /**
   * @deprecated
   * No longer needed due to CRM-17646 refactoring, but still used in some places
   *
   * @var array
   */
  public $_options;

  /**
   * The custom fields information.
   *
   * @var array
   */
  public $_fields;

  /**
   * Searching for contacts?
   *
   * @var boolean
   */
  protected $_contactSearch;

  protected $_locationSpecificCustomFields;

  /**
   * This stores custom data group types and tables that it extends.
   *
   * @var array
   */
  static $extendsMap = array(
    'Contact' => 'civicrm_contact',
    'Individual' => 'civicrm_contact',
    'Household' => 'civicrm_contact',
    'Organization' => 'civicrm_contact',
    'Contribution' => 'civicrm_contribution',
    'ContributionRecur' => 'civicrm_contribution_recur',
    'Membership' => 'civicrm_membership',
    'Participant' => 'civicrm_participant',
    'Group' => 'civicrm_group',
    'Relationship' => 'civicrm_relationship',
    'Event' => 'civicrm_event',
    'Case' => 'civicrm_case',
    'Activity' => 'civicrm_activity',
    'Pledge' => 'civicrm_pledge',
    'Grant' => 'civicrm_grant',
    'Address' => 'civicrm_address',
    'Campaign' => 'civicrm_campaign',
    'Survey' => 'civicrm_survey',
  );

  /**
   * Class constructor.
   *
   * Takes in a set of custom field ids andsets up the data structures to
   * generate a query
   *
   * @param array $ids
   *   The set of custom field ids.
   *
   * @param bool $contactSearch
   * @param array $locationSpecificFields
   */
  public function __construct($ids, $contactSearch = FALSE, $locationSpecificFields = array()) {
    $this->_ids = &$ids;
    $this->_locationSpecificCustomFields = $locationSpecificFields;

    $this->_select = array();
    $this->_element = array();
    $this->_tables = array();
    $this->_whereTables = array();
    $this->_where = array();
    $this->_qill = array();
    $this->_options = array();

    $this->_fields = array();
    $this->_contactSearch = $contactSearch;

    if (empty($this->_ids)) {
      return;
    }

    // initialize the field array
    $tmpArray = array_keys($this->_ids);
    $idString = implode(',', $tmpArray);
    $query = "
SELECT f.id, f.label, f.data_type,
       f.html_type, f.is_search_range,
       f.option_group_id, f.custom_group_id,
       f.column_name, g.table_name,
       f.date_format,f.time_format
  FROM civicrm_custom_field f,
       civicrm_custom_group g
 WHERE f.custom_group_id = g.id
   AND g.is_active = 1
   AND f.is_active = 1
   AND f.id IN ( $idString )";

    $dao = CRM_Core_DAO::executeQuery($query);
    while ($dao->fetch()) {
      // get the group dao to figure which class this custom field extends
      $extends = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_CustomGroup', $dao->custom_group_id, 'extends');
      $extendsTable = '';
      if (array_key_exists($extends, self::$extendsMap)) {
        $extendsTable = self::$extendsMap[$extends];
      }
      elseif (in_array($extends, CRM_Contact_BAO_ContactType::subTypes())) {
        // if $extends is a subtype, refer contact table
        $extendsTable = self::$extendsMap['Contact'];
      }
      $this->_fields[$dao->id] = array(
        'id' => $dao->id,
        'label' => $dao->label,
        'extends' => $extendsTable,
        'data_type' => $dao->data_type,
        'html_type' => $dao->html_type,
        'is_search_range' => $dao->is_search_range,
        'column_name' => $dao->column_name,
        'table_name' => $dao->table_name,
        'option_group_id' => $dao->option_group_id,
      );

      // Deprecated (and poorly named) cache of field attributes
      $this->_options[$dao->id] = array(
        'attributes' => array(
          'label' => $dao->label,
          'data_type' => $dao->data_type,
          'html_type' => $dao->html_type,
        ),
      );

      $options = CRM_Core_PseudoConstant::get('CRM_Core_BAO_CustomField', 'custom_' . $dao->id, array(), 'search');
      if ($options) {
        $this->_options[$dao->id] += $options;
      }

      if ($dao->html_type == 'Select Date') {
        $this->_options[$dao->id]['attributes']['date_format'] = $dao->date_format;
        $this->_options[$dao->id]['attributes']['time_format'] = $dao->time_format;
      }
    }
  }

  /**
   * Generate the select clause and the associated tables.
   */
  public function select() {
    if (empty($this->_fields)) {
      return;
    }

    foreach ($this->_fields as $id => $field) {
      $name = $field['table_name'];
      $fieldName = 'custom_' . $field['id'];
      $this->_select["{$name}_id"] = "{$name}.id as {$name}_id";
      $this->_element["{$name}_id"] = 1;
      $this->_select[$fieldName] = "{$field['table_name']}.{$field['column_name']} as $fieldName";
      $this->_element[$fieldName] = 1;
      $joinTable = NULL;
      // CRM-14265
      if ($field['extends'] == 'civicrm_group') {
        return;
      }
      elseif ($field['extends'] == 'civicrm_contact') {
        $joinTable = 'contact_a';
      }
      elseif ($field['extends'] == 'civicrm_contribution') {
        $joinTable = $field['extends'];
      }
      elseif (in_array($field['extends'], self::$extendsMap)) {
        $joinTable = $field['extends'];
      }
      else {
        return;
      }

      $this->_tables[$name] = "\nLEFT JOIN $name ON $name.entity_id = $joinTable.id";

      if ($this->_ids[$id]) {
        $this->_whereTables[$name] = $this->_tables[$name];
      }

      if ($joinTable) {
        $joinClause = 1;
        $joinTableAlias = $joinTable;
        // Set location-specific query
        if (isset($this->_locationSpecificCustomFields[$id])) {
          list($locationType, $locationTypeId) = $this->_locationSpecificCustomFields[$id];
          $joinTableAlias = "$locationType-address";
          $joinClause = "\nLEFT JOIN $joinTable `$locationType-address` ON (`$locationType-address`.contact_id = contact_a.id AND `$locationType-address`.location_type_id = $locationTypeId)";
        }
        $this->_tables[$name] = "\nLEFT JOIN $name ON $name.entity_id = `$joinTableAlias`.id";
        if ($this->_ids[$id]) {
          $this->_whereTables[$name] = $this->_tables[$name];
        }
        if ($joinTable != 'contact_a') {
          $this->_whereTables[$joinTableAlias] = $this->_tables[$joinTableAlias] = $joinClause;
        }
        elseif ($this->_contactSearch) {
          CRM_Contact_BAO_Query::$_openedPanes[ts('Custom Fields')] = TRUE;
        }
      }
    }
  }

  /**
   * Generate the where clause and also the english language equivalent.
   */
  public function where() {
    foreach ($this->_ids as $id => $values) {

      // Fixed for Issue CRM 607
      if (CRM_Utils_Array::value($id, $this->_fields) === NULL ||
        !$values
      ) {
        continue;
      }

      $strtolower = function_exists('mb_strtolower') ? 'mb_strtolower' : 'strtolower';

      foreach ($values as $tuple) {
        list($name, $op, $value, $grouping, $wildcard) = $tuple;

        $field = $this->_fields[$id];

        $fieldName = "{$field['table_name']}.{$field['column_name']}";

        $isSerialized = CRM_Core_BAO_CustomField::isSerialized($field);

        // fix $value here to escape sql injection attacks
        $qillValue = NULL;
        if (!is_array($value)) {
          $value = CRM_Core_DAO::escapeString(trim($value));
          $qillValue = CRM_Core_BAO_CustomField::displayValue($value, $id);
        }
        elseif (count($value) && in_array(key($value), CRM_Core_DAO::acceptedSQLOperators(), TRUE)) {
          $op = key($value);
          $qillValue = strstr($op, 'NULL') ? NULL : CRM_Core_BAO_CustomField::displayValue($value[$op], $id);
        }
        else {
          $op = strstr($op, 'IN') ? $op : 'IN';
          $qillValue = CRM_Core_BAO_CustomField::displayValue($value, $id);
        }

        $qillOp = CRM_Utils_Array::value($op, CRM_Core_SelectValues::getSearchBuilderOperators(), $op);

        switch ($field['data_type']) {
          case 'String':
          case 'StateProvince':
          case 'Country':

            if ($field['is_search_range'] && is_array($value)) {
              //didn't found any field under any of these three data-types as searchable by range
            }
            else {
              // fix $value here to escape sql injection attacks
              if (!is_array($value)) {
                if ($field['data_type'] == 'String') {
                  $value = CRM_Utils_Type::escape($strtolower($value), 'String');
                }
                elseif ($value) {
                  $value = CRM_Utils_Type::escape($value, 'Integer');
                }
                $value = str_replace(array('[', ']', ','), array('\[', '\]', '[:comma:]'), $value);
                $value = str_replace('|', '[:separator:]', $value);
              }
              elseif ($isSerialized) {
                if (in_array(key($value), CRM_Core_DAO::acceptedSQLOperators(), TRUE)) {
                  $op = key($value);
                  $value = $value[$op];
                }
                // CRM-19006: escape characters like comma, | before building regex pattern
                $value = (array) $value;
                foreach ($value as $key => $val) {
                  $value[$key] = str_replace(array('[', ']', ','), array('\[', '\]', '[:comma:]'), $val);
                  $value[$key] = str_replace('|', '[:separator:]', $value[$key]);
                }
                $value = implode(',', $value);
              }

              // CRM-14563,CRM-16575 : Special handling of multi-select custom fields
              if ($isSerialized && !CRM_Utils_System::isNull($value) && !strstr($op, 'NULL') && !strstr($op, 'LIKE')) {
                $sp = CRM_Core_DAO::VALUE_SEPARATOR;
                $value = str_replace(",", "$sp|$sp", $value);
                $value = str_replace(array('[:comma:]', '(', ')'), array(',', '[(]', '[)]'), $value);

                $op = (strstr($op, '!') || strstr($op, 'NOT')) ? 'NOT RLIKE' : 'RLIKE';
                $value = $sp . $value . $sp;
                if (!$wildcard) {
                  foreach (explode("|", $value) as $val) {
                    $val = str_replace('[:separator:]', '\|', $val);
                    $this->_where[$grouping][] = CRM_Contact_BAO_Query::buildClause($fieldName, $op, $val, 'String');
                  }
                }
                else {
                  $value = str_replace('[:separator:]', '\|', $value);
                  $this->_where[$grouping][] = CRM_Contact_BAO_Query::buildClause($fieldName, $op, $value, 'String');
                }
              }
              else {
                //FIX for custom data query fired against no value(NULL/NOT NULL)
                $this->_where[$grouping][] = CRM_Contact_BAO_Query::buildClause($fieldName, $op, $value, 'String');
              }
              $this->_qill[$grouping][] = $field['label'] . " $qillOp $qillValue";
            }
            break;

          case 'ContactReference':
            $label = $value ? CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $value, 'sort_name') : '';
            $this->_where[$grouping][] = CRM_Contact_BAO_Query::buildClause($fieldName, $op, $value, 'String');
            $this->_qill[$grouping][] = $field['label'] . " $qillOp $label";
            break;

          case 'Int':
            $this->_where[$grouping][] = CRM_Contact_BAO_Query::buildClause($fieldName, $op, $value, 'Integer');
            $this->_qill[$grouping][] = ts("%1 %2 %3", array(1 => $field['label'], 2 => $qillOp, 3 => $qillValue));;
            break;

          case 'Boolean':
            if (!is_array($value)) {
              if (strtolower($value) == 'yes' || strtolower($value) == strtolower(ts('Yes'))) {
                $value = 1;
              }
              else {
                $value = (int) $value;
              }
              $value = ($value == 1) ? 1 : 0;
              $qillValue = $value ? 'Yes' : 'No';
            }
            $this->_where[$grouping][] = CRM_Contact_BAO_Query::buildClause($fieldName, $op, $value, 'Integer');
            $this->_qill[$grouping][] = ts("%1 %2 %3", array(1 => $field['label'], 2 => $qillOp, 3 => $qillValue));
            break;

          case 'Link':
          case 'Memo':
            $this->_where[$grouping][] = CRM_Contact_BAO_Query::buildClause($fieldName, $op, $value, 'String');
            $this->_qill[$grouping][] = ts("%1 %2 %3", array(1 => $field['label'], 2 => $qillOp, 3 => $qillValue));
            break;

          case 'Money':
            $value = CRM_Utils_Array::value($op, (array) $value, $value);
            if (is_array($value)) {
              foreach ($value as $key => $val) {
                $value[$key] = CRM_Utils_Rule::cleanMoney($value[$key]);
              }
            }
            else {
              $value = CRM_Utils_Rule::cleanMoney($value);
            }

          case 'Float':
            $this->_where[$grouping][] = CRM_Contact_BAO_Query::buildClause($fieldName, $op, $value, 'Float');
            $this->_qill[$grouping][] = ts("%1 %2 %3", array(1 => $field['label'], 2 => $qillOp, 3 => $qillValue));
            break;

          case 'Date':
            $this->_where[$grouping][] = CRM_Contact_BAO_Query::buildClause($fieldName, $op, $value, 'String');
            list($qillOp, $qillVal) = CRM_Contact_BAO_Query::buildQillForFieldValue(NULL, $field['label'], $value, $op, array(), CRM_Utils_Type::T_DATE);
            $this->_qill[$grouping][] = "{$field['label']} $qillOp '$qillVal'";
            break;

          case 'File':
            if ($op == 'IS NULL' || $op == 'IS NOT NULL' || $op == 'IS EMPTY' || $op == 'IS NOT EMPTY') {
              switch ($op) {
                case 'IS EMPTY':
                  $op = 'IS NULL';
                  break;

                case 'IS NOT EMPTY':
                  $op = 'IS NOT NULL';
                  break;
              }
              $this->_where[$grouping][] = CRM_Contact_BAO_Query::buildClause($fieldName, $op);
              $this->_qill[$grouping][] = $field['label'] . " {$qillOp} ";
            }
            break;
        }
      }
    }
  }

  /**
   * Function that does the actual query generation.
   * basically ties all the above functions together
   *
   * @return array
   *   array of strings
   */
  public function query() {
    $this->select();

    $this->where();

    $whereStr = NULL;
    if (!empty($this->_where)) {
      $clauses = array();
      foreach ($this->_where as $grouping => $values) {
        if (!empty($values)) {
          $clauses[] = ' ( ' . implode(' AND ', $values) . ' ) ';
        }
      }
      if (!empty($clauses)) {
        $whereStr = ' ( ' . implode(' OR ', $clauses) . ' ) ';
      }
    }

    return array(
      implode(' , ', $this->_select),
      implode(' ', $this->_tables),
      $whereStr,
    );
  }

}
Commit	Line	Data
6a488035	1	<?php
6a488035 TO	2	/*
6a488035 TO	3	+--------------------------------------------------------------------+
7e9e8871	4	\| CiviCRM version 4.7 \|
6a488035	5	+--------------------------------------------------------------------+
8c9251b3	6	\| Copyright CiviCRM LLC (c) 2004-2018 \|
6a488035 TO	7	+--------------------------------------------------------------------+
	8	\| This file is a part of CiviCRM. \|
	9	\| \|
	10	\| CiviCRM is free software; you can copy, modify, and distribute it \|
	11	\| under the terms of the GNU Affero General Public License \|
	12	\| Version 3, 19 November 2007 and the CiviCRM Licensing Exception. \|
	13	\| \|
	14	\| CiviCRM is distributed in the hope that it will be useful, but \|
	15	\| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	16	\| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. \|
	17	\| See the GNU Affero General Public License for more details. \|
	18	\| \|
	19	\| You should have received a copy of the GNU Affero General Public \|
	20	\| License and the CiviCRM Licensing Exception along \|
	21	\| with this program; if not, contact CiviCRM LLC \|
	22	\| at info[AT]civicrm[DOT]org. If you have questions about the \|
	23	\| GNU Affero General Public License or the licensing of CiviCRM, \|
	24	\| see the CiviCRM license FAQ at http://civicrm.org/licensing \|
	25	+--------------------------------------------------------------------+
d25dd0ee	26	*/
6a488035 TO	27
	28	/**
	29	*
	30	*
	31	* @package CRM
8c9251b3	32	* @copyright CiviCRM LLC (c) 2004-2018
6a488035 TO	33	*/
6a488035 TO	34	class CRM_Core_BAO_CustomQuery {
7da04cde	35	const PREFIX = 'custom_value_';
6a488035 TO	36
6a488035 TO	37	/**
d2e5d2ce	38	* The set of custom field ids.
6a488035 TO	39	*
	40	* @var array
	41	*/
	42	protected $_ids;
	43
	44	/**
d2e5d2ce	45	* The select clause.
6a488035 TO	46	*
	47	* @var array
	48	*/
	49	public $_select;
	50
	51	/**
d2e5d2ce	52	* The name of the elements that are in the select clause.
6a488035 TO	53	* used to extract the values
	54	*
	55	* @var array
	56	*/
	57	public $_element;
	58
	59	/**
d2e5d2ce	60	* The tables involved in the query.
6a488035 TO	61	*
	62	* @var array
	63	*/
	64	public $_tables;
	65	public $_whereTables;
	66
	67	/**
d2e5d2ce	68	* The where clause.
6a488035 TO	69	*
	70	* @var array
	71	*/
	72	public $_where;
	73
	74	/**
d2e5d2ce	75	* The english language version of the query.
6a488035 TO	76	*
	77	* @var array
	78	*/
	79	public $_qill;
	80
	81	/**
b4fb2d23 CW	82	* @deprecated
b4fb2d23 CW	83	* No longer needed due to CRM-17646 refactoring, but still used in some places
6a488035 TO	84	*
	85	* @var array
	86	*/
	87	public $_options;
	88
	89	/**
d2e5d2ce	90	* The custom fields information.
6a488035 TO	91	*
	92	* @var array
	93	*/
	94	public $_fields;
	95
	96	/**
	97	* Searching for contacts?
	98	*
	99	* @var boolean
	100	*/
	101	protected $_contactSearch;
	102
247ad911	103	protected $_locationSpecificCustomFields;
442df34b	104
6a488035	105	/**
d2e5d2ce	106	* This stores custom data group types and tables that it extends.
6a488035 TO	107	*
6a488035 TO	108	* @var array
6a488035 TO	109	*/
	110	static $extendsMap = array(
	111	'Contact' => 'civicrm_contact',
	112	'Individual' => 'civicrm_contact',
	113	'Household' => 'civicrm_contact',
	114	'Organization' => 'civicrm_contact',
	115	'Contribution' => 'civicrm_contribution',
95974e8e	116	'ContributionRecur' => 'civicrm_contribution_recur',
6a488035 TO	117	'Membership' => 'civicrm_membership',
	118	'Participant' => 'civicrm_participant',
	119	'Group' => 'civicrm_group',
	120	'Relationship' => 'civicrm_relationship',
	121	'Event' => 'civicrm_event',
	122	'Case' => 'civicrm_case',
	123	'Activity' => 'civicrm_activity',
	124	'Pledge' => 'civicrm_pledge',
	125	'Grant' => 'civicrm_grant',
	126	'Address' => 'civicrm_address',
5b37ca7b EM	127	'Campaign' => 'civicrm_campaign',
5b37ca7b EM	128	'Survey' => 'civicrm_survey',
6a488035 TO	129	);
	130
	131	/**
d2e5d2ce	132	* Class constructor.
6a488035 TO	133	*
	134	* Takes in a set of custom field ids andsets up the data structures to
	135	* generate a query
	136	*
6a0b768e TO	137	* @param array $ids
6a0b768e TO	138	* The set of custom field ids.
fd31fa4c EM	139	*
	140	* @param bool $contactSearch
	141	* @param array $locationSpecificFields
442df34b	142	*/
00be9182	143	public function __construct($ids, $contactSearch = FALSE, $locationSpecificFields = array()) {
6a488035	144	$this->_ids = &$ids;
247ad911	145	$this->_locationSpecificCustomFields = $locationSpecificFields;
6a488035	146
353ffa53 TO	147	$this->_select = array();
	148	$this->_element = array();
	149	$this->_tables = array();
6a488035	150	$this->_whereTables = array();
353ffa53 TO	151	$this->_where = array();
	152	$this->_qill = array();
	153	$this->_options = array();
6a488035 TO	154
	155	$this->_fields = array();
	156	$this->_contactSearch = $contactSearch;
	157
	158	if (empty($this->_ids)) {
	159	return;
	160	}
	161
	162	// initialize the field array
	163	$tmpArray = array_keys($this->_ids);
	164	$idString = implode(',', $tmpArray);
353ffa53	165	$query = "
6a488035 TO	166	SELECT f.id, f.label, f.data_type,
	167	f.html_type, f.is_search_range,
	168	f.option_group_id, f.custom_group_id,
	169	f.column_name, g.table_name,
	170	f.date_format,f.time_format
	171	FROM civicrm_custom_field f,
	172	civicrm_custom_group g
	173	WHERE f.custom_group_id = g.id
	174	AND g.is_active = 1
	175	AND f.is_active = 1
	176	AND f.id IN ( $idString )";
	177
	178	$dao = CRM_Core_DAO::executeQuery($query);
	179	while ($dao->fetch()) {
	180	// get the group dao to figure which class this custom field extends
	181	$extends = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_CustomGroup', $dao->custom_group_id, 'extends');
63b7d442	182	$extendsTable = '';
6a488035 TO	183	if (array_key_exists($extends, self::$extendsMap)) {
	184	$extendsTable = self::$extendsMap[$extends];
	185	}
	186	elseif (in_array($extends, CRM_Contact_BAO_ContactType::subTypes())) {
	187	// if $extends is a subtype, refer contact table
	188	$extendsTable = self::$extendsMap['Contact'];
	189	}
	190	$this->_fields[$dao->id] = array(
	191	'id' => $dao->id,
	192	'label' => $dao->label,
	193	'extends' => $extendsTable,
	194	'data_type' => $dao->data_type,
	195	'html_type' => $dao->html_type,
	196	'is_search_range' => $dao->is_search_range,
	197	'column_name' => $dao->column_name,
	198	'table_name' => $dao->table_name,
	199	'option_group_id' => $dao->option_group_id,
	200	);
	201
b4fb2d23 CW	202	// Deprecated (and poorly named) cache of field attributes
	203	$this->_options[$dao->id] = array(
	204	'attributes' => array(
	205	'label' => $dao->label,
	206	'data_type' => $dao->data_type,
	207	'html_type' => $dao->html_type,
	208	),
75cda526 CW	209	);
	210
	211	$options = CRM_Core_PseudoConstant::get('CRM_Core_BAO_CustomField', 'custom_' . $dao->id, array(), 'search');
	212	if ($options) {
	213	$this->_options[$dao->id] += $options;
	214	}
6a488035	215
b4fb2d23	216	if ($dao->html_type == 'Select Date') {
6a488035 TO	217	$this->_options[$dao->id]['attributes']['date_format'] = $dao->date_format;
	218	$this->_options[$dao->id]['attributes']['time_format'] = $dao->time_format;
	219	}
6a488035 TO	220	}
	221	}
	222
	223	/**
d2e5d2ce	224	* Generate the select clause and the associated tables.
6a488035	225	*/
00be9182	226	public function select() {
6a488035 TO	227	if (empty($this->_fields)) {
	228	return;
	229	}
	230
	231	foreach ($this->_fields as $id => $field) {
	232	$name = $field['table_name'];
	233	$fieldName = 'custom_' . $field['id'];
	234	$this->_select["{$name}_id"] = "{$name}.id as {$name}_id";
	235	$this->_element["{$name}_id"] = 1;
	236	$this->_select[$fieldName] = "{$field['table_name']}.{$field['column_name']} as $fieldName";
	237	$this->_element[$fieldName] = 1;
	238	$joinTable = NULL;
dcf0d348 PJ	239	// CRM-14265
	240	if ($field['extends'] == 'civicrm_group') {
	241	return;
	242	}
	243	elseif ($field['extends'] == 'civicrm_contact') {
6a488035 TO	244	$joinTable = 'contact_a';
	245	}
	246	elseif ($field['extends'] == 'civicrm_contribution') {
dcf0d348	247	$joinTable = $field['extends'];
6a488035	248	}
dcf0d348 PJ	249	elseif (in_array($field['extends'], self::$extendsMap)) {
dcf0d348 PJ	250	$joinTable = $field['extends'];
6a488035	251	}
dcf0d348 PJ	252	else {
dcf0d348 PJ	253	return;
6a488035	254	}
dcf0d348 PJ	255
	256	$this->_tables[$name] = "\nLEFT JOIN $name ON $name.entity_id = $joinTable.id";
	257
	258	if ($this->_ids[$id]) {
	259	$this->_whereTables[$name] = $this->_tables[$name];
6a488035 TO	260	}
	261
	262	if ($joinTable) {
442df34b CW	263	$joinClause = 1;
	264	$joinTableAlias = $joinTable;
	265	// Set location-specific query
247ad911	266	if (isset($this->_locationSpecificCustomFields[$id])) {
247ad911	267	list($locationType, $locationTypeId) = $this->_locationSpecificCustomFields[$id];
442df34b CW	268	$joinTableAlias = "$locationType-address";
	269	$joinClause = "\nLEFT JOIN $joinTable `$locationType-address` ON (`$locationType-address`.contact_id = contact_a.id AND `$locationType-address`.location_type_id = $locationTypeId)";
	270	}
	271	$this->_tables[$name] = "\nLEFT JOIN $name ON $name.entity_id = `$joinTableAlias`.id";
6a488035 TO	272	if ($this->_ids[$id]) {
	273	$this->_whereTables[$name] = $this->_tables[$name];
	274	}
	275	if ($joinTable != 'contact_a') {
442df34b	276	$this->_whereTables[$joinTableAlias] = $this->_tables[$joinTableAlias] = $joinClause;
6a488035 TO	277	}
	278	elseif ($this->_contactSearch) {
	279	CRM_Contact_BAO_Query::$_openedPanes[ts('Custom Fields')] = TRUE;
	280	}
	281	}
	282	}
	283	}
	284
	285	/**
192d36c5	286	* Generate the where clause and also the english language equivalent.
6a488035	287	*/
00be9182	288	public function where() {
6a488035 TO	289	foreach ($this->_ids as $id => $values) {
6a488035 TO	290
192d36c5	291	// Fixed for Issue CRM 607
6a488035 TO	292	if (CRM_Utils_Array::value($id, $this->_fields) === NULL \|\|
	293	!$values
	294	) {
	295	continue;
	296	}
	297
	298	$strtolower = function_exists('mb_strtolower') ? 'mb_strtolower' : 'strtolower';
	299
	300	foreach ($values as $tuple) {
	301	list($name, $op, $value, $grouping, $wildcard) = $tuple;
	302
6a488035	303	$field = $this->_fields[$id];
6a488035	304
3130209f CW	305	$fieldName = "{$field['table_name']}.{$field['column_name']}";
3130209f CW	306
05c5cbc8	307	$isSerialized = CRM_Core_BAO_CustomField::isSerialized($field);
05c5cbc8	308
3130209f	309	// fix $value here to escape sql injection attacks
7ecb613a	310	$qillValue = NULL;
9f388466 CW	311	if (!is_array($value)) {
9f388466 CW	312	$value = CRM_Core_DAO::escapeString(trim($value));
8cee0c70	313	$qillValue = CRM_Core_BAO_CustomField::displayValue($value, $id);
7ecb613a	314	}
	315	elseif (count($value) && in_array(key($value), CRM_Core_DAO::acceptedSQLOperators(), TRUE)) {
	316	$op = key($value);
8cee0c70	317	$qillValue = strstr($op, 'NULL') ? NULL : CRM_Core_BAO_CustomField::displayValue($value[$op], $id);
9f388466	318	}
c94d39fd	319	else {
ec28b24d	320	$op = strstr($op, 'IN') ? $op : 'IN';
8cee0c70	321	$qillValue = CRM_Core_BAO_CustomField::displayValue($value, $id);
c94d39fd	322	}
3130209f	323
2c261619	324	$qillOp = CRM_Utils_Array::value($op, CRM_Core_SelectValues::getSearchBuilderOperators(), $op);
3130209f	325
6a488035 TO	326	switch ($field['data_type']) {
6a488035 TO	327	case 'String':
16b6d3d4	328	case 'StateProvince':
16b6d3d4	329	case 'Country':
3130209f CW	330
3130209f CW	331	if ($field['is_search_range'] && is_array($value)) {
4c2fe77b	332	//didn't found any field under any of these three data-types as searchable by range
6a488035 TO	333	}
6a488035 TO	334	else {
05c5cbc8	335	// fix $value here to escape sql injection attacks
05c5cbc8	336	if (!is_array($value)) {
16b6d3d4	337	if ($field['data_type'] == 'String') {
	338	$value = CRM_Utils_Type::escape($strtolower($value), 'String');
	339	}
bb0300b9	340	elseif ($value) {
16b6d3d4	341	$value = CRM_Utils_Type::escape($value, 'Integer');
16b6d3d4	342	}
2f32a341	343	$value = str_replace(array('[', ']', ','), array('\[', '\]', '[:comma:]'), $value);
2f32a341	344	$value = str_replace('\|', '[:separator:]', $value);
05c5cbc8	345	}
c94d39fd	346	elseif ($isSerialized) {
	347	if (in_array(key($value), CRM_Core_DAO::acceptedSQLOperators(), TRUE)) {
	348	$op = key($value);
	349	$value = $value[$op];
	350	}
7bcee799	351	// CRM-19006: escape characters like comma, \| before building regex pattern
	352	$value = (array) $value;
	353	foreach ($value as $key => $val) {
894223d8	354	$value[$key] = str_replace(array('[', ']', ','), array('\[', '\]', '[:comma:]'), $val);
894223d8	355	$value[$key] = str_replace('\|', '[:separator:]', $value[$key]);
7bcee799	356	}
7bcee799	357	$value = implode(',', $value);
05c5cbc8	358	}
3130209f	359
2c261619	360	// CRM-14563,CRM-16575 : Special handling of multi-select custom fields
78fe145d	361	if ($isSerialized && !CRM_Utils_System::isNull($value) && !strstr($op, 'NULL') && !strstr($op, 'LIKE')) {
528f09a1	362	$sp = CRM_Core_DAO::VALUE_SEPARATOR;
2f32a341	363	$value = str_replace(",", "$sp\|$sp", $value);
0526be26	364	$value = str_replace(array('[:comma:]', '(', ')'), array(',', '[(]', '[)]'), $value);
2f32a341	365
c94d39fd	366	$op = (strstr($op, '!') \|\| strstr($op, 'NOT')) ? 'NOT RLIKE' : 'RLIKE';
528f09a1	367	$value = $sp . $value . $sp;
c94d39fd	368	if (!$wildcard) {
528f09a1	369	foreach (explode("\|", $value) as $val) {
e5ccf3d9	370	$val = str_replace('[:separator:]', '\\|', $val);
528f09a1	371	$this->_where[$grouping][] = CRM_Contact_BAO_Query::buildClause($fieldName, $op, $val, 'String');
	372	}
	373	}
	374	else {
e5ccf3d9	375	$value = str_replace('[:separator:]', '\\|', $value);
528f09a1	376	$this->_where[$grouping][] = CRM_Contact_BAO_Query::buildClause($fieldName, $op, $value, 'String');
2c261619	377	}
6a488035	378	}
528f09a1	379	else {
	380	//FIX for custom data query fired against no value(NULL/NOT NULL)
	381	$this->_where[$grouping][] = CRM_Contact_BAO_Query::buildClause($fieldName, $op, $value, 'String');
	382	}
b4fb2d23	383	$this->_qill[$grouping][] = $field['label'] . " $qillOp $qillValue";
6a488035	384	}
3130209f	385	break;
6a488035 TO	386
	387	case 'ContactReference':
	388	$label = $value ? CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $value, 'sort_name') : '';
	389	$this->_where[$grouping][] = CRM_Contact_BAO_Query::buildClause($fieldName, $op, $value, 'String');
2c261619	390	$this->_qill[$grouping][] = $field['label'] . " $qillOp $label";
3130209f	391	break;
6a488035 TO	392
6a488035 TO	393	case 'Int':
4c2fe77b	394	$this->_where[$grouping][] = CRM_Contact_BAO_Query::buildClause($fieldName, $op, $value, 'Integer');
4c2fe77b	395	$this->_qill[$grouping][] = ts("%1 %2 %3", array(1 => $field['label'], 2 => $qillOp, 3 => $qillValue));;
3130209f	396	break;
6a488035 TO	397
6a488035 TO	398	case 'Boolean':
16b6d3d4	399	if (!is_array($value)) {
	400	if (strtolower($value) == 'yes' \|\| strtolower($value) == strtolower(ts('Yes'))) {
	401	$value = 1;
	402	}
	403	else {
	404	$value = (int) $value;
	405	}
	406	$value = ($value == 1) ? 1 : 0;
	407	$qillValue = $value ? 'Yes' : 'No';
6a488035	408	}
6a488035	409	$this->_where[$grouping][] = CRM_Contact_BAO_Query::buildClause($fieldName, $op, $value, 'Integer');
16b6d3d4	410	$this->_qill[$grouping][] = ts("%1 %2 %3", array(1 => $field['label'], 2 => $qillOp, 3 => $qillValue));
3130209f	411	break;
6a488035 TO	412
6a488035 TO	413	case 'Link':
16b6d3d4	414	case 'Memo':
6a488035	415	$this->_where[$grouping][] = CRM_Contact_BAO_Query::buildClause($fieldName, $op, $value, 'String');
16b6d3d4	416	$this->_qill[$grouping][] = ts("%1 %2 %3", array(1 => $field['label'], 2 => $qillOp, 3 => $qillValue));
3130209f	417	break;
6a488035 TO	418
6a488035 TO	419	case 'Money':
ec28b24d	420	$value = CRM_Utils_Array::value($op, (array) $value, $value);
16b6d3d4	421	if (is_array($value)) {
6a488035	422	foreach ($value as $key => $val) {
ec28b24d	423	$value[$key] = CRM_Utils_Rule::cleanMoney($value[$key]);
6a488035	424	}
16b6d3d4	425	}
	426	else {
	427	$value = CRM_Utils_Rule::cleanMoney($value);
	428	}
	429
	430	case 'Float':
4c2fe77b	431	$this->_where[$grouping][] = CRM_Contact_BAO_Query::buildClause($fieldName, $op, $value, 'Float');
4c2fe77b	432	$this->_qill[$grouping][] = ts("%1 %2 %3", array(1 => $field['label'], 2 => $qillOp, 3 => $qillValue));
3130209f	433	break;
6a488035	434
6a488035	435	case 'Date':
4c2fe77b	436	$this->_where[$grouping][] = CRM_Contact_BAO_Query::buildClause($fieldName, $op, $value, 'String');
	437	list($qillOp, $qillVal) = CRM_Contact_BAO_Query::buildQillForFieldValue(NULL, $field['label'], $value, $op, array(), CRM_Utils_Type::T_DATE);
	438	$this->_qill[$grouping][] = "{$field['label']} $qillOp '$qillVal'";
3130209f	439	break;
6a488035	440
6a488035	441	case 'File':
481a74f4	442	if ($op == 'IS NULL' \|\| $op == 'IS NOT NULL' \|\| $op == 'IS EMPTY' \|\| $op == 'IS NOT EMPTY') {
6a488035 TO	443	switch ($op) {
	444	case 'IS EMPTY':
	445	$op = 'IS NULL';
	446	break;
2aa397bc	447
6a488035 TO	448	case 'IS NOT EMPTY':
	449	$op = 'IS NOT NULL';
	450	break;
	451	}
	452	$this->_where[$grouping][] = CRM_Contact_BAO_Query::buildClause($fieldName, $op);
2c261619	453	$this->_qill[$grouping][] = $field['label'] . " {$qillOp} ";
6a488035	454	}
3130209f	455	break;
6a488035 TO	456	}
	457	}
	458	}
	459	}
	460
	461	/**
d2e5d2ce	462	* Function that does the actual query generation.
6a488035 TO	463	* basically ties all the above functions together
6a488035 TO	464	*
a6c01b45 CW	465	* @return array
a6c01b45 CW	466	* array of strings
6a488035	467	*/
00be9182	468	public function query() {
6a488035 TO	469	$this->select();
	470
	471	$this->where();
	472
	473	$whereStr = NULL;
	474	if (!empty($this->_where)) {
	475	$clauses = array();
	476	foreach ($this->_where as $grouping => $values) {
	477	if (!empty($values)) {
	478	$clauses[] = ' ( ' . implode(' AND ', $values) . ' ) ';
	479	}
	480	}
	481	if (!empty($clauses)) {
	482	$whereStr = ' ( ' . implode(' OR ', $clauses) . ' ) ';
	483	}
	484	}
	485
353ffa53 TO	486	return array(
353ffa53 TO	487	implode(' , ', $this->_select),
6a488035 TO	488	implode(' ', $this->_tables),
	489	$whereStr,
	490	);
	491	}
	492
6a488035	493	}