Collections functions
General functions
Render functions
Theme permission functions
Resource functions

get_filter_sql()

Description

Get the required search filter sql for the given filter for use in do_search()

Parameters

ColumnTypeDefaultDescription
$filterid

Return

PreparedStatementQuery

Location

include/search_functions.php lines 1892 to 1975

Definition

 
function get_filter_sql($filterid)
    {
    global 
$userref$access_override$custom_access_overrides_search_filter$open_access_for_contributor;

    
$filter         get_filter($filterid);
    if (!
$filter)
        {
        return 
false;
        }
    
$filterrules    get_filter_rules($filterid);

    
$modfilterrules=hook("modifysearchfilterrules");
    if (
$modfilterrules)
        {
        
$filterrules $modfilterrules;
        }

    
$filtercondition $filter["filter_condition"];
    
$filters = array();
    
$filter_ors = array(); // Allow filters to be overridden in certain cases
    
$filter_ors_params = array();
    foreach(
$filterrules as $filterrule)
        {
        
$filtersql = new PreparedStatementQuery();
        if(
count($filterrule["nodes_on"]) > 0)
            {
            
$filtersql->sql .= "r.ref " . ($filtercondition == RS_FILTER_NONE " NOT " "") . " IN (SELECT rn.resource FROM resource_node rn WHERE rn.node IN (" ps_param_insert(count($filterrule["nodes_on"])) . ")) ";
            
$filtersql->parameters array_merge($filtersql->parameters,ps_param_fill($filterrule["nodes_on"],"i"));
            }

        if(
count($filterrule["nodes_off"]) > 0)
            {
            if(
$filtersql->sql != "")
                {
                
$filtersql->sql .= " OR ";
                }
            
$filtersql->sql .= "r.ref " . ($filtercondition == RS_FILTER_NONE "" " NOT") . " IN (SELECT rn.resource FROM resource_node rn WHERE rn.node IN (" ps_param_insert(count($filterrule["nodes_off"])) . ")) ";
            
$filtersql->parameters array_merge($filtersql->parameters,ps_param_fill($filterrule["nodes_off"],"i"));
            }
        
$filters[] = $filtersql;
        }

    if (
count($filters) > 0)
        {
        if(
$filtercondition == RS_FILTER_ALL || $filtercondition == RS_FILTER_NONE)
            {
            
$glue " AND ";
            }
        else 
            {
            
// This is an OR filter
            
$glue " OR ";
            }

        
$filter_add =  new PreparedStatementQuery();
        
// Bracket the filters to ensure that there is no hanging OR to create an unintentional disjunct
        
$filter_add->sql "(" implode($gluearray_column($filters,"sql")) . ")";
        foreach(
$filters as $filter)
            {
            
$filter_add->parameters array_merge($filter_add->parameters,$filter->parameters);
            }

        
# If custom access has been granted for the user or group, nullify the search filter, effectively selecting "true".
        
if (!checkperm("v") && !$access_override && $custom_access_overrides_search_filter# only for those without 'v' (which grants access to all resources)
            
{
            
$filter_ors[] = "(rca.access IS NOT null AND rca.access<>2) OR (rca2.access IS NOT null AND rca2.access<>2)";
            }

        if(
$open_access_for_contributor)
            {
            
$filter_ors[] = "(r.created_by = ?)";
            
array_push($filter_ors_params,"i",$userref);
            }
        
        if(
count($filter_ors) > 0)
            {
            
$filter_add->sql "((" $filter_add->sql ") OR (" implode(") OR (",$filter_ors) . "))";
            
$filter_add->parameters array_merge($filter_add->parameters,$filter_ors_params);
            }

        return 
$filter_add;
        }
    return 
false;
    }

This article was last updated 3rd October 2022 11:05 Europe/London time based on the source file dated 13th September 2022 17:55 Europe/London time.