>From 8291457849d761e13f141514f558efd76982cabc Mon Sep 17 00: 00:00 2001
From: Sylvester Johansson <[EMAIL PROTECTED]>
Date: Thu, 29 May 2008 08:35:36 +0200
To: [email protected]
Subject: [PATCH] Added json query method
Message-ID: <[EMAIL PROTECTED]>
---
web/lib/aurjson.class.php | 55 ++++++++++++++++++++++++++++++++++++++------
1 files changed, 47 insertions(+), 8 deletions(-)
diff --git a/web/lib/aurjson.class.php b/web/lib/aurjson.class.php
index be92c25..271c528 100644
--- a/web/lib/aurjson.class.php
+++ b/web/lib/aurjson.class.php
@@ -21,7 +21,8 @@ if (!extension_loaded('json'))
**/
class AurJSON {
private $dbh = false;
- private $exposed_methods = array('search','info');
+ private $exposed_methods = array('search','info','query');
+ private $valid_parameters =
array('ID','Name','Version','Description','URL','URLPath','License','NumVotes','OutOfDate');
/**
* Handles post data, and routes the request.
@@ -42,14 +43,19 @@ class AurJSON {
// do the routing
if ( in_array($http_data['type'], $this->exposed_methods) ) {
// ugh. this works. I hate you php.
+ if ($http_data['type'] === 'query') {
+ $json = query($http_data['arg'],$http_data['include']);
+ }
+ else {
$json =
call_user_func_array(array(&$this,$http_data['type']),$http_data['arg']);
- // allow rpc callback for XDomainAjax
- if ( isset($http_data['callback']) ) {
- return $http_data['callback'] . "({$json})";
- }
- else {
- return $json;
- }
+ // allow rpc callback for XDomainAjax
+ if ( isset($http_data['callback']) ) {
+ return $http_data['callback'] . "({$json})";
+ }
+ else {
+ return $json;
+ }
+ }
}
else {
return $this->json_error('Incorrect request type specified.');
@@ -137,5 +143,38 @@ class AurJSON {
return $this->json_error('No result found');
}
}
+
+ private function query($value,$pqdata) {
+ $params = explode(";",$pqdata);
+ if (!parameter_sanity($params)) {
+ return $this->json_error('Parameter error');
+ }
+ $base_query = "SELECT " . implode(',',$pqdata) . " FROM Packages WHERE
DummyPkg=0 AND " . sprintf("( Name LIKE '%%%s%%' OR Description LIKE '%%%s%%'
)",$value,$value);
+ $result = db_query(âbase_query,$this->dbh);
+ if($result && (mysql_num_rows($result)>0)){
+ $search_data = array();
+ while($row = mysql_fetch_assoc($result)) {
+ $elem = array();
+ foreach($pqdata as $p){
+ array_push($p,$row[$p]);
+ }
+ array_push($search_data,$elem);
+ }
+ mysql_free_result($result);
+ return $this->json_results('query',$search_data)
+ return $this->json_results(''
+
+ /**
+ * @param $parameters is a semicolon separated string of column names
+ * @return True if the parameters are acceptable, otherwise false
+ **/
+ private function parameter_sanity($parameters) {
+ foreach($parameters as $param) {
+ if (!in_array($param, $this->$validparams)) {
+ return false;
+ }
+ }
+ return true;
+ }
}
?>
--
1.5.5.1
