3 +--------------------------------------------------------------------+
4 | CiviCRM version 4.5 |
5 +--------------------------------------------------------------------+
6 | Copyright CiviCRM LLC (c) 2004-2014 |
7 +--------------------------------------------------------------------+
8 | This file is a part of CiviCRM. |
10 | CiviCRM is free software; you can copy, modify, and distribute it |
11 | under the terms of the GNU Affero General Public License |
12 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
14 | CiviCRM is distributed in the hope that it will be useful, but |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
17 | See the GNU Affero General Public License for more details. |
19 | You should have received a copy of the GNU Affero General Public |
20 | License and the CiviCRM Licensing Exception along |
21 | with this program; if not, contact CiviCRM LLC |
22 | at info[AT]civicrm[DOT]org. If you have questions about the |
23 | GNU Affero General Public License or the licensing of CiviCRM, |
24 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
25 +--------------------------------------------------------------------+
31 * @copyright CiviCRM LLC (c) 2004-2014
35 class CRM_Contact_Form_Search_Custom_Base
{
37 protected $_formValues;
46 function __construct(&$formValues) {
47 $this->_formValues
= &$formValues;
54 return CRM_Core_DAO
::singleValueQuery($this->sql('count(distinct contact_a.id) as total'));
66 * @param int $rowcount
68 * @param bool $returnSQL
72 function contactIDs($offset = 0, $rowcount = 0, $sort = NULL, $returnSQL = FALSE) {
74 'contact_a.id as contact_id',
79 $this->validateUserSQL($sql);
85 return CRM_Core_DAO
::composeQuery($sql, CRM_Core_DAO
::$_nullArray);
89 * @param $selectClause
91 * @param int $rowcount
93 * @param bool $includeContactIDs
94 * @param null $groupBy
103 $includeContactIDs = FALSE,
107 $sql = "SELECT $selectClause " . $this->from();
108 $where = $this->where();
109 if (!empty($where)) {
110 $sql .= " WHERE " . $where;
113 if ($includeContactIDs) {
114 $this->includeContactIDs($sql,
120 $sql .= " $groupBy ";
123 $this->addSortOffset($sql, $offset, $rowcount, $sort);
130 function templateFile() {
134 function &columns() {
135 return $this->_columns
;
142 static function includeContactIDs(&$sql, &$formValues) {
143 $contactIDs = array();
144 foreach ($formValues as $id => $value) {
146 substr($id, 0, CRM_Core_Form
::CB_PREFIX_LEN
) == CRM_Core_Form
::CB_PREFIX
148 $contactIDs[] = substr($id, CRM_Core_Form
::CB_PREFIX_LEN
);
152 if (!empty($contactIDs)) {
153 $contactIDs = implode(', ', $contactIDs);
154 $sql .= " AND contact_a.id IN ( $contactIDs )";
164 function addSortOffset(&$sql, $offset, $rowcount, $sort) {
166 if (is_string($sort)) {
167 $sort = CRM_Utils_Type
::escape($sort, 'String');
168 $sql .= " ORDER BY $sort ";
171 $sql .= " ORDER BY " . trim($sort->orderBy());
175 if ($rowcount > 0 && $offset >= 0) {
176 $offset = CRM_Utils_Type
::escape($offset, 'Int');
177 $rowcount = CRM_Utils_Type
::escape($rowcount, 'Int');
179 $sql .= " LIMIT $offset, $rowcount ";
185 * @param bool $onlyWhere
189 function validateUserSQL(&$sql, $onlyWhere = FALSE) {
190 $includeStrings = array('contact_a');
191 $excludeStrings = array('insert', 'delete', 'update');
194 $includeStrings +
= array('select', 'from', 'where', 'civicrm_contact');
197 foreach ($includeStrings as $string) {
198 if (stripos($sql, $string) === FALSE) {
199 CRM_Core_Error
::fatal(ts('Could not find \'%1\' string in SQL clause.',
205 foreach ($excludeStrings as $string) {
206 if (preg_match('/(\s' . $string . ')|(' . $string . '\s)/i', $sql)) {
207 CRM_Core_Error
::fatal(ts('Found illegal \'%1\' string in SQL clause.',
216 * @param array $params
220 function whereClause(&$where, &$params) {
221 return CRM_Core_DAO
::composeQuery($where, $params, TRUE);
224 // override this method to define the contact query object
225 // used for creating $sql
229 function getQueryObj() {