Coding standards
Security in ResourceSpace
Developer reference
Database
- Table: activity_log
- Table: annotation
- Table: annotation_node
- Table: collection
- Table: collection_keyword
- Table: collection_log
- Table: collection_resource
- Table: collection_savedsearch
- Table: comment
- Table: daily_stat
- Table: dash_tile
- Table: dynamic_tree_node
- Table: external_access_keys
- Table: filter
- Table: filter_rule
- Table: filter_rule_node
- Table: ip_lockout
- Table: job_queue
- Table: keyword
- Table: keyword_related
- Table: mail_log
- Table: message
- Table: node
- Table: node_keyword
- Table: plugins
- Table: preview_size
- Table: report
- Table: report_periodic_emails
- Table: report_periodic_emails_unsubscribe
- Table: request
- Table: research_request
- Table: resource
- Table: resource_alt_files
- Table: resource_custom_access
- Table: resource_data
- Table: resource_dimensions
- Table: resource_keyword
- Table: resource_log
- Table: resource_node
- Table: resource_related
- Table: resource_type
- Table: resource_type_field
- Table: resource_type_field_resource_type
- Table: search_log
- Table: site_text
- Table: slideshow
- Table: sysvars
- Table: tab
- Table: user
- Table: user_collection
- Table: user_dash_tile
- Table: user_message
- Table: user_preferences
- Table: user_rating
- Table: user_report
- Table: user_userlist
- Table: usergroup
- Table: usergroup_collection
- Table: usergroup_dash_tile
Action functions
Admin functions
Ajax functions
Annotation functions
API functions
Collections functions
- get_user_collections()
- get_collection()
- get_collection_resources()
- get_collection_resources_with_data()
- add_resource_to_collection()
- remove_resource_from_collection()
- collection_writeable()
- collection_readable()
- set_user_collection()
- create_collection()
- delete_collection()
- refresh_collection_frame()
- search_public_collections()
- do_collections_search()
- add_collection()
- remove_collection()
- index_collection()
- save_collection()
- get_max_theme_levels()
- get_theme_headers()
- themes_comparator()
- collections_comparator()
- collections_comparator_desc()
- get_themes()
- get_smart_theme_headers()
- get_smart_themes_nodes()
- email_collection()
- generate_collection_access_key()
- get_saved_searches()
- add_saved_search()
- remove_saved_search()
- add_smart_collection()
- get_search_title()
- add_saved_search_items()
- allow_multi_edit()
- get_theme_image()
- swap_collection_order()
- update_collection_order()
- get_collection_resource_comment()
- save_collection_resource_comment()
- relate_to_collection()
- get_mycollection_name()
- get_collection_comments()
- send_collection_feedback()
- copy_collection()
- collection_is_research_request()
- add_to_collection_link()
- change_collection_link()
- get_collection_external_access()
- delete_collection_access_key()
- collection_log()
- get_collection_log()
- get_collection_videocount()
- collection_max_access()
- collection_min_access()
- collection_set_public()
- collection_set_private()
- collection_set_themes()
- remove_all_resources_from_collection()
- get_home_page_promoted_collections()
- is_collection_approved()
- edit_collection_external_access()
- show_hide_collection()
- get_session_collections()
- update_collection_user()
- compile_collection_actions()
- makeFilenameUnique()
- new_featured_collection_form()
- get_last_resource_edit()
- GetThemesFromRequest()
- collection_download_get_archive_file()
- collection_download_use_original_filenames_when_downloading()
- collection_download_process_text_file()
- collection_download_log_resource_ready()
- update_zip_progress_file()
- collection_download_process_data_only_types()
- collection_download_process_summary_notes()
- collection_download_process_csv_metadata_file()
- collection_download_process_command_to_file()
- collection_download_process_collection_download_name()
- collection_download_process_archive_command()
- collection_download_clean_temp_files()
- collection_cleanup_inaccessible_resources()
- relate_all_collection()
- update_collection_type()
- get_user_selection_collection()
- delete_old_collections()
- save_themename()
- get_featured_collection_resources()
- get_featured_collection_categ_sub_fcs()
- generate_featured_collection_image_urls()
- update_collection_parent()
- get_featured_collections()
- featured_collections_permissions_filter_sql()
- featured_collection_check_access_control()
- order_featured_collections_by_hasresources()
- get_featured_collection_categories()
- is_featured_collection_category()
- is_featured_collection_category_by_children()
- validate_collection_parent()
- get_featured_collection_category_branch_by_leaf()
- process_posted_featured_collection_categories()
- get_featured_collection_ref_by_name()
- allow_collection_share()
- allow_featured_collection_share()
- filter_featured_collections_by_root()
- get_featured_collections_by_resources()
- can_delete_featured_collection()
- order_featured_collections()
- strip_prefix_chars()
- allow_upload_to_collection()
- get_all_featured_collections()
- compute_featured_collections_acess_control()
- compute_featured_collections_access_control()
- cleanup_anonymous_collections()
- can_share_upload_link()
- can_edit_upload_share()
- create_upload_link()
- generate_share_key()
- upload_share_active()
- upload_share_setup()
- external_upload_notify()
- purge_expired_shares()
- can_delete_collection()
- move_featured_collection_branch_path_root()
- send_collection_to_admin()
- collection_add_resources()
- collection_remove_resources()
- get_default_user_collection()
- can_reorder_featured_collections()
- reorder_collections()
- update_smart_collection()
- check_upload_terms()
- unrelate_all_collection()
- reorder_all_featured_collections_with_parent()
Comment functions
Config functions
- validate_field()
- render_select_option()
- render_bool_option()
- render_text_option()
- set_config_option()
- get_config_option()
- get_config_option_users()
- get_config_options()
- process_config_options()
- config_clean()
- config_html()
- config_add_html()
- config_text_input()
- config_add_text_input()
- config_file_input()
- config_colouroverride_input()
- config_add_file_input()
- config_single_select()
- config_add_single_select()
- config_boolean_select()
- config_add_boolean_select()
- config_checkbox_select()
- config_add_checkbox_select()
- config_add_colouroverride_input()
- config_add_single_ftype_select()
- config_single_ftype_select()
- config_generate_AutoSaveConfigOption_function()
- config_process_file_input()
- config_generate_html()
- config_merge_non_image_types()
- get_header_image()
- config_register_core_fieldvars()
- config_add_hidden_input()
- config_register_core_field_refs()
- checkValidExtension()
- override_rs_variables_by_eval()
- remove_config_option()
- update_resource_type_field_resource_types()
- get_resource_type_field_resource_types()
- create_resource_type()
- save_resource_type()
- rs_get_resource_type()
- save_resource_type_field()
- get_resource_type_field_columns()
- delete_config_option()
- set_maxNumberOfFiles()
- clear_restype_cache()
- is_valid_contact_sheet_preview_size()
- check_removed_ui_config()
CSV export functions
Dash functions
- create_dash_tile()
- update_dash_tile()
- delete_dash_tile()
- revoke_all_users_flag_cascade_delete()
- append_default_position()
- reorder_default_dash()
- update_default_dash_tile_order()
- get_tile()
- all_user_dash_tile_active()
- existing_tile()
- cleanup_dash_tiles()
- checkTileConfig()
- checkConfigCustomHomePanels()
- get_alluser_available_tiles()
- get_default_dash()
- deleteDefaultDashTile()
- updateDashTileOrder()
- get_managed_dash()
- add_usergroup_dash_tile()
- append_usergroup_position()
- reorder_usergroup_dash()
- update_usergroup_dash_tile_order()
- build_usergroup_dash()
- get_tile_user_groups()
- get_usergroup_available_tiles()
- get_usergroup_tile()
- add_user_dash_tile()
- get_user_tile()
- create_new_user_dash()
- update_user_dash_tile_order()
- delete_user_dash_tile()
- empty_user_dash()
- reorder_user_dash()
- append_user_position()
- get_user_available_tiles()
- get_user_dash()
- deleteDashTile()
- render_delete_dialog_JS()
- parse_dashtile_link()
- build_dash_tile_list()
- allow_tile_colour_change()
- render_dash_tile_colour_chooser()
- update_tile_preview_colour()
- get_tile_custom_style()
- delete_usergroup_dash_tile()
- allowPromotedResources()
- render_upgrade_available_tile()
- generate_dash_tile_toolbar()
- existing_dash_tile()
- dash_tile_featured_collection_get_resources()
- validate_tile_style()
- validate_build_url()
- tltype_srch_generate_js_for_background_and_count()
- get_dash_search_data()
- can_edit_tile()
Debug functions
Encryption functions
Facial recognition functions
File functions
- get_checksum()
- is_safe_basename()
- is_valid_rs_path()
- validate_temp_path()
- validate_resource_files()
- is_valid_upload_path()
- is_banned_extension()
- remove_empty_temp_directory()
- rrmdir()
- check_valid_file_extension()
- temp_local_download_remote_file()
- isPathWhitelisted()
- generateUserFilenameUID()
- safe_file_name()
General functions
- getval()
- getuid()
- escape_check()
- unescape()
- nicedate()
- redirect()
- trim_spaces()
- trim_array()
- tidylist()
- tidy_trim()
- average_length()
- get_stats_activity_types()
- get_stats_years()
- newlines()
- get_all_site_text()
- get_site_text()
- check_site_text_custom()
- save_site_text()
- string_similar()
- formatfilesize()
- filesize2bytes()
- get_mime_type()
- send_mail()
- send_mail_phpmailer()
- log_mail()
- rs_quoted_printable_encode()
- rs_quoted_printable_encode_subject()
- pager()
- send_statistics()
- remove_extension()
- verify_extension()
- get_allowed_extensions()
- get_allowed_extensions_by_type()
- getAbsolutePath()
- getFolderContents()
- mb_basename()
- strip_extension()
- is_process_lock()
- set_process_lock()
- clear_process_lock()
- filesize_unlimited()
- strip_leading_comma()
- convert()
- get_temp_dir()
- convert_path_to_url()
- escape_command_args()
- run_command()
- run_external()
- error_alert()
- xml_entities()
- get_xml_entity_at_index_0()
- sanitize_char()
- format_display_field()
- format_string_more_link()
- sortmulti()
- draw_performance_footer()
- sql_affected_rows()
- get_imagemagick_path()
- get_utility_path()
- get_executable_path()
- truncate_cache_arrays()
- txt2html()
- is_html()
- rs_setcookie()
- get_editable_states()
- validate_html()
- generateURL()
- tail()
- move_array_element()
- emptyiszero()
- array_column()
- get_slideshow_files_data()
- form_value_display()
- job_queue_add()
- job_queue_update()
- job_queue_delete()
- job_queue_get_jobs()
- job_queue_run_job()
- user_set_usergroup()
- generateSecureKey()
- IsModal()
- generateCSRFToken()
- isValidCSRFToken()
- generateFormToken()
- generateAjaxToken()
- enforcePostRequest()
- findDuplicates()
- is_resourcespace_upgrade_available()
- get_recent_users()
- check_script_last_ran()
- count_errors()
- search_array_by_keyvalue()
- bypass_permissions()
- set_sysvar()
- get_sysvar()
- hook()
- strip_tags_and_attributes()
- show_pagetime()
- get_debug_log_dir()
- debug()
- rcRmdir()
- daily_stat()
- pagename()
- text()
- get_section_list()
- resolve_user_agent()
- get_ip()
- ResolveKB()
- trim_filename()
- job_queue_get_job()
- job_queue_purge()
- get_inner_html_from_tag()
- array_flip_by_value_key()
- reshape_array_by_value_keys()
- permission_j()
- permission_negative_j()
- cleanup_files()
- is_int_loose()
- ip_matches()
- set_unique_filename()
- build_permission()
- validate_remote_code()
- get_system_status()
- allowed_type_mime()
- try_unlink()
- check_filestore_browseability()
- check_imagemagick_cli_version_found()
- check_numeric_cli_version_found()
- check_utility_cli_version_found_by_name()
- command_line_only()
- prefix_value()
- generate_csrf_js_object()
- strip_paragraph_tags()
- set_order_by_to_zero()
- try_getimagesize()
- execution_lockout_remove_resource_type_field_props()
- is_positive_int_loose()
- compute_dpi()
- compute_megapixel()
- is_jpeg_extension()
- get_total_approved_users()
- get_total_resources()
- getCertificateExpiry()
- validate_sort_value()
- js_call_CentralSpaceLoad()
- isValidCssColor()
- generateConsistentColour()
- hslToRgb()
Language functions
- ucfirstletter()
- lang_or_i18n_get_translated()
- i18n_get_translated()
- i18n_get_collection_name()
- i18n_get_indexable()
- i18n_get_translations()
- str_replace_formatted_placeholder()
- ucfirstletter_callback()
- normalize_keyword()
- remove_accents()
- seems_utf8()
- http_get_preferred_language()
- setLanguage()
- lang_load_site_text()
- i18n_get_all_translations()
- i18n_merge_translations()
- get_display_language()
Log functions
Login functions
Message functions
- system_notification()
- message_get()
- message_add()
- message_remove()
- message_seen()
- message_unseen()
- message_seen_all()
- message_purge()
- message_send_unread_emails()
- message_remove_related()
- message_user_remove()
- message_get_conversation()
- send_user_message()
- message_deleteselusrmsg()
- message_selectedseen()
- message_selectedunseen()
- message_getrefs()
- send_user_notification()
- get_user_message()
- send_integrity_failure_notices()
- build_specialsearch_list_urls()
Migration functions
Node functions
- set_node()
- delete_node()
- delete_nodes_for_resource_type_field()
- get_node()
- is_parent_node()
- get_tree_node_level()
- get_root_node_by_leaf()
- reorder_node()
- reorder_nodes()
- render_new_node_record()
- get_node_order_by()
- draw_tree_node_table()
- node_field_options_override()
- add_node_keyword()
- remove_node_keyword()
- remove_all_node_keyword_mappings()
- check_node_indexed()
- add_node_keyword_mappings()
- remove_node_keyword_mappings()
- add_resource_nodes()
- add_resource_nodes_multi()
- get_resource_nodes()
- delete_resource_nodes()
- delete_resource_nodes_multi()
- delete_all_resource_nodes()
- copy_resource_nodes()
- get_nodes_from_keywords()
- update_resource_node_hitcount()
- copy_resource_type_field_nodes()
- get_parent_nodes()
- get_nodes_count()
- extract_node_options()
- get_node_by_name()
- get_node_id()
- node_name_comparator()
- node_orderby_comparator()
- get_node_elements()
- get_node_tree()
- get_tree_strings()
- compute_node_branch_path()
- compute_nodes_by_parent()
- get_resource_nodes_batch()
- get_nodes_by_refs()
- process_node_search_syntax_to_names()
- delete_unused_non_fixed_list_nodes()
- remove_invalid_node_keyword_mappings()
- get_nodes_use_count()
- check_delete_nodes()
- remove_field_keywords()
- get_cattree_nodes_ordered()
- get_cattree_node_strings()
- cattree_node_creator()
- cattree_node_flatten()
- get_resources_nodes_by_rtf()
- get_node_strings()
- order_tree_nodes()
- add_sql_node_language()
- migrate_fixed_to_text()
- cleanup_invalid_nodes()
- get_all_parents_by_leaf()
- get_all_ancestors_for_node()
- delete_node_resources()
- remove_invalid_resource_node_mappings()
- update_node_active_state()
- toggle_active_state_for_nodes()
- toggle_category_tree_nodes_active_state()
- node_is_active()
- get_nodes()
PDF functions
Plugin functions
- activate_plugin()
- deactivate_plugin()
- purge_plugin_config()
- get_plugin_yaml()
- config_json_encode()
- config_encode()
- get_plugin_config()
- set_plugin_config()
- is_plugin_activated()
- handle_rsc_upload()
- display_rsc_upload()
- config_gen_setup_post()
- config_gen_setup_html()
- config_section_header()
- config_add_section_header()
- config_add_text_list_input()
- config_multi_select()
- config_add_multi_select()
- config_single_user_select()
- config_add_single_user_select()
- config_multi_user_select()
- config_add_multi_user_select()
- config_single_group_select()
- config_add_single_group_select()
- config_multi_group_select()
- config_add_multi_group_select()
- config_multi_ftype_select()
- config_add_multi_ftype_select()
- config_single_rtype_select()
- config_add_single_rtype_select()
- config_multi_rtype_select()
- config_add_multi_rtype_select()
- config_db_single_select()
- config_add_db_single_select()
- config_db_multi_select()
- config_add_db_multi_select()
- config_add_hidden()
- config_text_field()
- config_userselect_field()
- config_field_select()
- config_boolean_field()
- config_custom_select_multi()
- config_custom_select()
- get_plugin_css()
- plugin_activate_for_setup()
- include_plugin_config()
- register_plugin_language()
- get_plugin_path()
- register_plugin()
- config_multi_archive_select()
- config_add_multi_archive_select()
- plugin_encode_complex_configs()
- plugin_decode_complex_configs()
- get_active_plugins()
- register_group_access_plugins()
- RenderPlugin()
Render functions
- render_search_field()
- render_sort_order()
- render_dropdown_option()
- render_actions()
- render_user_group_multi_select()
- render_user_group_select()
- render_user_group_checkbox_select()
- render_text_question()
- render_split_text_question()
- render_dropdown_question()
- render_access_key_tr()
- is_field_displayed()
- display_multilingual_text_field()
- display_field()
- render_date_range_field()
- renderBreadcrumbs()
- renderCallToActionTile()
- renderSocialMediaShareLinksForUrl()
- renderLockButton()
- render_resource_image()
- calculate_image_display()
- render_share_options()
- render_field_selector_question()
- render_filter_bar_button()
- render_upload_here_button()
- render_trash()
- render_browse_bar()
- generate_browse_bar_item()
- render_help_link()
- render_question_div()
- render_custom_fields()
- render_selected_resources_counter()
- render_edit_selected_btn()
- render_clear_selected_btn()
- render_selected_collection_actions()
- render_user_collection_select()
- render_csrf_data_attributes()
- check_display_condition()
- has_browsebar()
- display_upload_options()
- display_field_data()
- render_resource_lock_link()
- EditNav()
- SaveAndClearButtons()
- UpdateResultOrder()
- display_size_option()
- show_upgrade_in_progress()
- render_audio_download_link()
- render_table()
- render_array_in_table_cells()
- render_new_featured_collection_cta()
- render_featured_collection_category_selector()
- render_featured_collections()
- render_featured_collection()
- DrawOption()
- render_featured_collections_category_permissions()
- render_top_page_error_style()
- render_workflow_state_question()
- render_share_password_question()
- pclick()
- pblur()
- render_question_form_helper()
- render_hidden_input()
- radio_get_layout()
- render_radio_buttons_question()
- render_message()
- render_antispam_question()
- render_fixed_text_question()
- render_fa_icon_selector()
- filterIcons()
- escape_quoted_data()
- display_related_resources()
- admin_resource_type_field_constraint()
- admin_resource_type_field_option()
- showHideResTypeSelector()
- render_resource_type_selector_question()
- add_download_column()
- escape()
- render_resource_view_image()
- is_another_tool_option_enabled()
- toggleMode()
- toggleAnnotationsOption()
- toggleImagePreviewZoomOption()
- render_resource_tools_size_download_options()
- render_fixedlist_as_pills()
- render_fixed_list_as_pills()
Reporting functions
- render_bar_graph()
- render_pie_graph()
- report_process_query_placeholders()
- report_has_thumbnail()
- report_has_date_by_id()
- report_has_date()
- get_translated_activity_type()
- unsubscribe_user_from_periodic_report()
- delete_periodic_report()
- send_periodic_report_emails()
- create_periodic_email()
- do_report()
- get_reports()
- get_report_name()
Request functions
- managed_collection_request()
- get_request()
- get_user_requests()
- save_request()
- get_requests()
- email_collection_request()
- email_resource_request()
- get_valid_custom_fields()
- gen_custom_fields_html_props()
- process_custom_fields_submission()
- can_use_owner_field()
- get_notification_users_by_owner_field()
- resource_request_visible()
Research functions
Slideshow functions
Theme permission functions
User functions
- validate_user()
- setup_user()
- get_users()
- get_users_with_permission()
- get_user_by_email()
- get_user_by_username()
- get_usergroups()
- get_usergroup()
- get_user()
- save_user()
- email_user_welcome()
- email_reset_link()
- auto_create_user_account()
- email_user_request()
- new_user()
- get_active_users()
- change_password()
- make_password()
- bulk_mail()
- get_user_log()
- resolve_userlist_groups()
- resolve_userlist_groups_smart()
- remove_groups_smart_from_userlist()
- check_password()
- resolve_users()
- check_access_key()
- check_access_key_collection()
- make_username()
- get_registration_selectable_usergroups()
- open_access_to_user()
- open_access_to_group()
- resolve_open_access()
- remove_access_to_user()
- user_email_exists()
- resolve_user_emails()
- create_password_reset_key()
- get_rs_session_id()
- get_notification_users()
- verify_antispam()
- check_share_password()
- get_users_from_permission_lookup()
- offset_user_local_timezone()
- checkPermission_anonymoususer()
- checkPermission_dashadmin()
- checkPermission_dashuser()
- checkPermission_dashmanage()
- checkPermission_dashcreate()
- checkperm()
- checkperm_user_edit()
- internal_share_access()
- save_usergroup()
- set_user_profile()
- delete_profile_image()
- get_profile_image()
- get_profile_text()
- get_languages_notify_users()
- get_upload_url()
- emulate_user()
- is_authenticated()
- get_approver_usergroups()
- get_usergroup_approvers()
- copy_usergroup_permissions()
- mark_email_as_invalid()
- check_email_invalid()
- get_users_by_permission()
- is_anonymous_user()
- get_users_by_preference()
- generate_temp_download_key()
- validate_temp_download_key()
- setup_command_line_user()
- user_limit_reached()
- can_set_admin_usergroup()
- update_user_access()
- checkPermission_manage_users()
- set_processing_message()
Video functions
Database functions
- sql_truncate_text_val()
- db_end_transaction()
- db_rollback_transaction()
- sql_query()
- sql_value()
- sql_array()
- sql_insert_id()
- get_query_cache_location()
- clear_query_cache()
- check_db_structs()
- CheckDBStruct()
- sql_limit()
- sql_is_null_or_eq_val()
- sql_null_or_val()
- sql_query_prepared()
- ps_query()
- fetch_assoc_stmt()
- copy_value()
- ps_value()
- ps_array()
- ps_param_insert()
- ps_param_fill()
- columns_in()
- sql_limit_with_total_count()
- sql_reorder_records()
- ps_fill_param_array()
- db_chunk_id_list()
- errorhandler()
- db_use_multiple_connection_modes()
- db_set_connection_mode()
- db_get_connection_mode()
- db_clear_connection_mode()
- sql_connect()
- db_begin_transaction()
Metadata functions
Resource functions
- get_resource_path()
- get_resource_data()
- put_resource_data()
- create_resource()
- update_hitcount()
- save_resource_data()
- set_resource_defaults()
- save_resource_data_multi()
- append_field_value()
- remove_keyword_mappings()
- remove_keyword_from_resource()
- add_keyword_mappings()
- add_keyword_to_resource()
- remove_all_keyword_mappings_for_field()
- update_field()
- ()
- email_resource()
- delete_resource()
- get_resource_type_field()
- get_resource_field_data()
- get_resource_field_data_batch()
- get_resource_types()
- get_resource_top_keywords()
- clear_resource_data()
- get_max_resource_ref()
- get_resource_ref_range()
- copy_resource()
- resource_log()
- get_resource_log()
- get_resource_type_name()
- get_resource_custom_access()
- get_resource_custom_access_users_usergroups()
- save_resource_custom_access()
- get_custom_access()
- get_themes_by_resource()
- update_resource_type()
- relate_to_array()
- get_exiftool_fields()
- createTempFile()
- stripMetadata()
- write_metadata()
- delete_exif_tmpfile()
- update_resource()
- import_resource()
- get_alternative_files()
- add_alternative_file()
- delete_alternative_file()
- get_alternative_file()
- save_alternative_file()
- user_rating_save()
- process_notify_user_contributed_submitted()
- notify_user_contributed_submitted()
- notify_user_contributed_unsubmitted()
- get_field()
- get_field_options_with_stats()
- save_field_options()
- get_resources_matching_keyword()
- get_keyword_from_option()
- add_field_option()
- get_resource_access()
- get_custom_access_user()
- edit_resource_external_access()
- resource_download_allowed()
- get_edit_access()
- filter_match()
- log_diff()
- get_metadata_templates()
- get_resource_collections()
- download_summary()
- check_use_watermark()
- autocomplete_blank_fields()
- get_resource_files()
- reindex_resource()
- get_page_count()
- update_disk_usage()
- update_disk_usage_cron()
- get_total_disk_usage()
- overquota()
- notify_user_resources_approved()
- get_original_imagesize()
- generate_resource_access_key()
- get_resource_external_access()
- delete_resource_access_key()
- resource_type_config_override()
- update_archive_status()
- delete_resources_in_collection()
- update_related_resource()
- can_share_resource()
- delete_resource_custom_access_usergroups()
- truncate_join_field_value()
- get_video_snapshots()
- resource_file_readonly()
- delete_resource_custom_user_access()
- get_video_info()
- copyAllDataToResource()
- copyResourceDataValues()
- copy_locked_data()
- copy_locked_fields()
- copyRelatedResources()
- process_edit_form()
- update_timestamp()
- get_extension()
- get_last_resource_edit_array()
- get_default_archive_state()
- save_original_file_as_alternative()
- replace_resource_file()
- get_resource_all_image_sizes()
- sanitize_date_field_input()
- download_link_generate_key()
- download_link_check_key()
- filter_check()
- update_resource_keyword_hitcount()
- copy_hitcount_to_live()
- get_image_sizes()
- get_preview_quality()
- get_related_resources()
- get_field_options()
- get_data_by_field()
- get_resources_by_resource_data_value()
- get_all_image_sizes()
- image_size_restricted_access()
- get_fields()
- get_hidden_indexed_fields()
- get_category_tree_fields()
- get_OR_fields()
- get_nopreview_icon()
- get_indexed_resource_type_fields()
- get_resource_type_fields()
- notify_resource_change()
- add_verbatim_keywords()
- metadata_field_edit_access()
- get_download_filename()
- get_resource_type_from_extension()
- canSeePreviewTools()
- checkPreviewToolsOptionUniqueness()
- alt_is_ffmpeg_alternative()
- create_resource_type_field()
- metadata_field_view_access()
- get_workflow_states()
- delete_resource_type_field()
- tab_names()
- get_resource_table_joins()
- update_resource_lock()
- get_resource_lock_message()
- get_resource_data_batch()
- get_external_shares()
- get_video_duration()
- relate_all_resources()
- allow_in_browser()
- update_node_hitcount_from_search()
- update_resource_field_column()
- get_all_resource_types()
- data_joins_field_value_translate_and_csv()
- process_resource_data_joins_values()
- canSeeAnnotationsFields()
- apply_resource_default()
- skip_scr_size_preview()
- related_resource_pull()
- get_resource_preview()
- check_resources()
- get_resources_to_validate()
- get_nopreview_html()
Search functions
- copy_filter()
- save_related_keywords()
- get_simple_search_fields()
- get_fields_for_search_display()
- get_filters()
- get_filter()
- get_filter_rules()
- get_filter_rule()
- save_filter()
- save_filter_rule()
- delete_filter()
- delete_filter_rule()
- get_grouped_related_keywords()
- update_search_from_request()
- get_search_default_restypes()
- get_selectedtypes()
- render_advanced_search_buttons()
- get_collections_resource_count()
- get_search_params()
- is_not_wildcard_only()
- search_title_node_processing()
- setup_search_chunks()
- log_keyword_usage()
- set_search_order_by()
- get_upload_here_selected_nodes()
- suggest_refinement()
- get_advanced_search_fields()
- get_advanced_search_collection_fields()
- search_form_to_search_query()
- refine_searchstring()
- compile_search_actions()
- search_filter()
- search_special()
- resolve_nodes_from_string()
- rebuild_specific_field_search_from_node()
- search_get_previews()
- resolve_soundex()
- get_default_search_states()
- get_filter_sql()
- split_keywords()
- cleanse_string()
- resolve_keyword()
- add_partial_index()
- highlightkeywords()
- str_highlight()
- sorthighlights()
- get_suggested_keywords()
- get_related_keywords()
Map functions
Job functions
Tab functions
Test functions
search_filter()
Description
Constructs a SQL filter based on the provided search parameters.This function generates a prepared statement query that can be used to filter search results
based on various criteria, including archive status, resource types, user permissions, and more.
The function also takes into account user-specific access rights and other configurations
to ensure that the returned resources meet the necessary visibility and editability criteria.
Parameters
Column | Type | Default | Description |
---|---|---|---|
$search | string | The search query string. | |
$archive | mixed | Archive states to filter by (can be a comma-separated string). | |
$restypes | string | Resource types to include in the search. | |
$recent_search_daylimit | int | Limit for filtering recent searches by creation date. | |
$access_override | mixed | If set, overrides access restrictions. | |
$return_disk_usage | bool | Indicates whether to include disk usage information. | |
$editable_only | bool | false | If true, only returns resources that are editable by the user. |
$access | int|null | null | The specific access level to filter by (if applicable). |
$smartsearch | bool | false | If true, enables smart search features. |
Return
PreparedStatementQuery | A prepared statement object containing the SQL query and parameters. |
Location
include/search_functions.php lines 867 to 1239
Definition
function search_filter($search,$archive,$restypes,$recent_search_daylimit,$access_override,$return_disk_usage,$editable_only=false, $access = null, $smartsearch = false)
{
debug_function_call("search_filter", func_get_args());
global $userref,$userpermissions,$resource_created_by_filter,$uploader_view_override,$edit_access_for_contributor,$additional_archive_states,$heightmin,
$search_all_workflow_states,$collections_omit_archived,$k,$collection_allow_not_approved_share,$archive_standard;
if (hook("modifyuserpermissions")){$userpermissions=hook("modifyuserpermissions");}
$userpermissions = (isset($userpermissions)) ? $userpermissions : array();
# Convert the provided search parameters into appropriate SQL, ready for inclusion in the do_search() search query.
if(!is_array($archive)){$archive=explode(",",$archive);}
$archive = array_filter($archive,function($state){return (string)(int)$state==(string)$state;}); // remove non-numeric values
$sql_filter = new PreparedStatementQuery();
# Apply resource types
if (($restypes!="")&&(substr($restypes,0,6)!="Global") && substr($search, 0, 11) != '!collection')
{
if ($sql_filter->sql != "")
{
$sql_filter->sql.=" AND ";
}
$restypes_x=explode(",",$restypes);
$sql_filter->sql.="resource_type IN (" . ps_param_insert(count($restypes_x)) . ")";
$sql_filter->parameters = array_merge($sql_filter->parameters, ps_param_fill($restypes_x,"i"));
}
# Apply day limit
if('' != $recent_search_daylimit && is_numeric($recent_search_daylimit))
{
if('' != $sql_filter->sql)
{
$sql_filter->sql .= ' AND ';
}
$sql_filter->sql.= "creation_date > (curdate() - interval ? DAY)";
$sql_filter->parameters = array_merge($sql_filter->parameters,["i",$recent_search_daylimit]);
}
# The ability to restrict access by the user that created the resource.
if (isset($resource_created_by_filter) && count($resource_created_by_filter)>0)
{
$created_filter="";
$created_filter_params = [];
foreach ($resource_created_by_filter as $filter_user)
{
if ($filter_user==-1) {$filter_user=$userref;} # '-1' can be used as an alias to the current user. I.e. they can only see their own resources in search results.
if ($created_filter!="")
{
$created_filter.=" OR ";
}
$created_filter .= "created_by = ?";
$created_filter_params[] = "i";
$created_filter_params[] = $filter_user;
}
if ($created_filter!="")
{
if ($sql_filter->sql!="") {$sql_filter->sql.=" AND ";}
$sql_filter->sql .= "(" . $created_filter . ")";
$sql_filter->parameters = array_merge($sql_filter->parameters,$created_filter_params);
}
}
# append resource type restrictions based on 'T' permission
# look for all 'T' permissions and append to the SQL filter.
$rtfilter=array();
for ($n=0;$n<count($userpermissions);$n++)
{
if (substr($userpermissions[$n],0,1)=="T")
{
$rt=substr($userpermissions[$n],1);
if (is_numeric($rt)&&!$access_override) {$rtfilter[]=$rt;}
}
}
if (count($rtfilter)>0)
{
if ($sql_filter->sql!="") {$sql_filter->sql.=" AND ";}
$sql_filter->sql.="resource_type NOT IN (" . ps_param_insert(count($rtfilter)) . ")";
$sql_filter->parameters = array_merge($sql_filter->parameters,ps_param_fill($rtfilter,"i"));
}
# append "use" access rights, do not show confidential resources unless admin
if (!checkperm("v")&&!$access_override)
{
if ($sql_filter->sql!="") {$sql_filter->sql.=" AND ";}
# Check both the resource access, but if confidential is returned, also look at the joined user-specific or group-specific custom access for rows.
$sql_filter->sql .= "(r.access<>'2' OR (r.access=2 AND ((rca.access IS NOT null AND rca.access<>2) OR (rca2.access IS NOT null AND rca2.access<>2))))";
}
# append standard archive searching criteria. Updated Jan 2016 to apply to collections as resources in a pending state that are in a shared collection could bypass approval process
if (!$access_override)
{
if(substr($search,0,11)=="!collection" || substr($search,0,5)=="!list" || substr($search,0,15)=="!archivepending" || substr($search,0,12)=="!userpending")
{
# Resources in a collection or list may be in any archive state
# Other special searches define the archive state in search_special()
if(substr($search,0,11)=="!collection" && $collections_omit_archived && !checkperm("e2"))
{
$sql_filter->sql.= (($sql_filter->sql!="")?" AND ":"") . "archive<>2";
}
}
elseif ($search_all_workflow_states || substr($search,0,8)=="!related" || substr($search,0,8)=="!hasdata" || strpos($search,"integrityfail") !== false)
{
hook("search_all_workflow_states_filter","",[$sql_filter]);
}
elseif (count($archive) == 0 || $archive_standard && !$smartsearch)
{
# If no archive specified add in default archive states (set by config options or as set in rse_workflow plugin)
# Defaults are not used if searching smartsearch collection, actual values will be used instead
if ($sql_filter->sql!="") {$sql_filter->sql.=" AND ";}
$defaultsearchstates = get_default_search_states();
if(count($defaultsearchstates) == 0)
{
// Make sure we have at least one state - system has been misconfigured
$defaultsearchstates[] = 0;
}
$sql_filter->sql.="archive IN (" . ps_param_insert(count($defaultsearchstates)) . ")";
$sql_filter->parameters = array_merge($sql_filter->parameters,ps_param_fill($defaultsearchstates,"i"));
}
else
{
# Append normal filtering - extended as advanced search now allows searching by archive state
if($sql_filter->sql!="")
{
$sql_filter->sql.=" AND ";
}
$sql_filter->sql.="archive IN (" . ps_param_insert(count($archive)) . ")";
$sql_filter->parameters = array_merge($sql_filter->parameters,ps_param_fill($archive,"i"));
}
if (!checkperm("v") && !(substr($search,0,11)=="!collection" && $k!='' && $collection_allow_not_approved_share))
{
// Append standard filtering to hide resources in a pending state, whatever the search
// except when the resource is of a type that the user has ert permission for
$rtexclusions = "";
$rtexclusions_params = [];
for ($n=0;$n<count($userpermissions);$n++)
{
if (substr($userpermissions[$n],0,3)=="ert")
{
$rt=substr($userpermissions[$n],3);
if (is_int_loose($rt))
{
$rtexclusions .= " OR (resource_type = ?)";
array_push($rtexclusions_params,"i",$rt);
}
}
}
$sql_filter->sql .= " AND (((r.archive<>-2 OR r.created_by = ?) AND (r.archive<>-1 OR r.created_by = ?)) " . $rtexclusions . ")";
$sql_filter->parameters = array_merge($sql_filter->parameters,["i",$userref,"i",$userref],$rtexclusions_params);
unset($rtexclusions);
}
}
# Add code to filter out resoures in archive states that the user does not have access to due to a 'z' permission
$filterblockstates = [];
for ($n=-2;$n<=3;$n++)
{
if(checkperm("z" . $n) && !$access_override)
{
$filterblockstates[] = $n;
}
}
foreach ($additional_archive_states as $additional_archive_state)
{
if(checkperm("z" . $additional_archive_state))
{
$filterblockstates[] = $additional_archive_state;
}
}
if (count($filterblockstates) > 0 && !$access_override)
{
if ($uploader_view_override)
{
if ($sql_filter->sql != "")
{
$sql_filter->sql .= " AND ";
}
$sql_filter->sql .= "(archive NOT IN (" . ps_param_insert(count($filterblockstates)) . ") OR created_by = ?)";
$sql_filter->parameters = array_merge($sql_filter->parameters,ps_param_fill($filterblockstates,"i"));
$sql_filter->parameters[] = "i";
$sql_filter->parameters[] = $userref;
}
else
{
if ($sql_filter->sql != "") {$sql_filter->sql .= " AND ";}
$sql_filter->sql.="archive NOT IN (" . ps_param_insert(count($filterblockstates)) . ")";
$sql_filter->parameters = array_merge($sql_filter->parameters,ps_param_fill($filterblockstates,"i"));
}
}
# Append media restrictions
if ($heightmin!='')
{
if ($sql_filter->sql != "") {$sql_filter->sql .= " AND ";}
$sql_filter->sql .= "dim.height>= ? ";
$sql_filter->parameters[] = "i";
$sql_filter->parameters[] = $heightmin;
}
# append ref filter - never return the batch upload template (negative refs)
if ($sql_filter->sql != "") {$sql_filter->sql .= " AND ";}
$sql_filter->sql .= "r.ref>0";
// Only users with v perm can search for resources with a specific access
if(checkperm("v") && !is_null($access) && is_numeric($access))
{
$sql_filter->sql .= (trim($sql_filter->sql) != "" ? " AND " : "");
$sql_filter->sql .= "r.access = ?";
$sql_filter->parameters[] = "i";
$sql_filter->parameters[] = $access;
}
// Append filter if only searching for editable resources
if($editable_only)
{
$editable_filter = new PreparedStatementQuery();
if(!checkperm("v") && !$access_override)
{
// following condition added 2020-03-02 so that resources without an entry in the resource_custom_access table are included in the search results - "OR (rca.access IS NULL AND rca2.access IS NULL)"
$editable_filter->sql .= "(r.access <> 1 OR (r.access = 1 AND ((rca.access IS NOT null AND rca.access <> 1) OR (rca2.access IS NOT null AND rca2.access <> 1) OR (rca.access IS NULL AND rca2.access IS NULL)))) ";
}
# Construct resource type exclusion based on 'ert' permission
# look for all 'ert' permissions and append to the exclusion array.
$rtexclusions=array();
for ($n=0;$n<count($userpermissions);$n++)
{
if (substr($userpermissions[$n],0,3)=="ert")
{
$rt=substr($userpermissions[$n],3);
if (is_numeric($rt)) {$rtexclusions[]=$rt;}
}
}
$blockeditstates = array();
for ($n=-2;$n<=3;$n++)
{
if(!checkperm("e" . $n))
{
$blockeditstates[] = $n;
}
}
foreach ($additional_archive_states as $additional_archive_state)
{
if(!checkperm("e" . $n))
{
$blockeditstates[] = $n;
}
}
// Add code to hide resources in archive<0 unless has 't' permission, resource has been contributed by user or has ert permission
if(!checkperm("t"))
{
if ($editable_filter->sql != "") {$editable_filter->sql .= " AND ";}
$editable_filter->sql .= "(archive NOT IN (-2,-1) OR (created_by = ?";
$editable_filter->parameters = ["i",$userref];
if(count($rtexclusions)>0)
{
$editable_filter->sql .= " OR resource_type IN (" . ps_param_insert(count($rtexclusions)) . ")";
$editable_filter->parameters = array_merge($editable_filter->parameters,ps_param_fill($rtexclusions,"i"));
}
$editable_filter->sql .= "))";
}
if (count($blockeditstates) > 0)
{
$blockeditoverride = "";
$blockeditoverride_params = [];
global $userref;
if ($edit_access_for_contributor)
{
$blockeditoverride .= " created_by = ?";
$blockeditoverride_params[] = "i";
$blockeditoverride_params[] = $userref;
}
if(count($rtexclusions)>0)
{
if ($blockeditoverride!="") {$blockeditoverride.=" AND ";}
$blockeditoverride .= "resource_type IN (" . ps_param_insert(count($rtexclusions)) . ")";
$blockeditoverride_params = array_merge($blockeditoverride_params,ps_param_fill($rtexclusions,"i"));
}
if ($editable_filter->sql !="") {$editable_filter->sql .= " AND ";}
$editable_filter->sql .= "(archive NOT IN (" . ps_param_insert(count($blockeditstates)) . ")";
$editable_filter->parameters = array_merge($editable_filter->parameters,ps_param_fill($blockeditstates,"i"));
if($blockeditoverride!="")
{
$editable_filter->sql .= " OR " . $blockeditoverride;
$editable_filter->parameters = array_merge($editable_filter->parameters,$blockeditoverride_params);
}
$editable_filter->sql .= ")";
}
// Check for blocked/allowed resource types
$allrestypes = get_resource_types("",false,false,true);
$blockedrestypes = array();
foreach($allrestypes as $restype)
{
if(checkperm("XE" . $restype["ref"]))
{
$blockedrestypes[] = $restype["ref"];
}
}
if(checkperm("XE"))
{
$okrestypes = array();
$okrestypesor = "";$okrestypesorparams =[];
foreach($allrestypes as $restype)
{
if(checkperm("XE-" . $restype["ref"]))
{
$okrestypes[] = $restype["ref"];
}
}
if(count($okrestypes) > 0)
{
if ($editable_filter->sql != "")
{
$editable_filter->sql .= " AND ";
}
if ($edit_access_for_contributor)
{
$okrestypesor .= " created_by = ?";
$okrestypesorparams = ["i",$userref];
}
$editable_filter->sql .= "(resource_type IN (" . ps_param_insert(count($okrestypes)) . ")" . (($okrestypesor != "") ? " OR " . $okrestypesor : "") . ")";
$editable_filter->parameters = array_merge($editable_filter->parameters,ps_param_fill($okrestypes,"i"),$okrestypesorparams);
}
else
{
if ($editable_filter->sql != "")
{
$editable_filter->sql .= " AND ";
}
$editable_filter->sql .= " 0=1";
}
}
if (count($blockedrestypes) > 0)
{
$blockrestypesor = "";$blockrestypesorparams =[];
if ($edit_access_for_contributor)
{
$blockrestypesor .= " created_by = ?";
$blockrestypesorparams = ["i",$userref];
}
if ($editable_filter->sql != "")
{
$editable_filter->sql .= " AND ";
}
$editable_filter->sql .= "(resource_type NOT IN (" . ps_param_insert(count($blockedrestypes)) . ")" . (($blockrestypesor != "") ? " OR " . $blockrestypesor : "") . ")";
$editable_filter->parameters = array_merge($editable_filter->parameters,ps_param_fill($blockedrestypes,"i"),$blockrestypesorparams);
}
$updated_editable_filter = hook("modifysearcheditable","",array($editable_filter,$userref));
if($updated_editable_filter !== false)
{
$editable_filter = $updated_editable_filter;
}
if($editable_filter->sql != "")
{
if ($sql_filter->sql != "")
{
$sql_filter->sql .= " AND ";
}
$sql_filter->sql .= $editable_filter->sql;
$sql_filter->parameters = array_merge($sql_filter->parameters,$editable_filter->parameters);
}
}
return $sql_filter;
}
This article was last updated 12th December 2024 20:35 Europe/London time based on the source file dated 12th December 2024 10:30 Europe/London time.