lib.php 53.8 KB
Newer Older
Martyn Smith's avatar
Martyn Smith committed
1
2
<?php
/**
Francois Marier's avatar
Francois Marier committed
3
 * Mahara: Electronic portfolio, weblog, resume builder and social networking
4
5
 * Copyright (C) 2006-2009 Catalyst IT Ltd and others; see:
 *                         http://wiki.mahara.org/Contributors
Martyn Smith's avatar
Martyn Smith committed
6
 *
Francois Marier's avatar
Francois Marier committed
7
8
9
10
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
Martyn Smith's avatar
Martyn Smith committed
11
 *
Francois Marier's avatar
Francois Marier committed
12
13
14
15
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
Martyn Smith's avatar
Martyn Smith committed
16
 *
Francois Marier's avatar
Francois Marier committed
17
18
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
Martyn Smith's avatar
Martyn Smith committed
19
20
21
 *
 * @package    mahara
 * @subpackage search-internal
22
 * @author     Catalyst IT Ltd
Martyn Smith's avatar
Martyn Smith committed
23
 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL
24
 * @copyright  (C) 2006-2009 Catalyst IT Ltd http://catalyst.net.nz
Martyn Smith's avatar
Martyn Smith committed
25
26
27
28
 *
 */

defined('INTERNAL') || die();
29
require_once(get_config('docroot') . 'search/lib.php');
Martyn Smith's avatar
Martyn Smith committed
30
31

/**
32
 * The internal search plugin which searches against the
Martyn Smith's avatar
Martyn Smith committed
33
34
35
36
 * Mahara database.
 */
class PluginSearchInternal extends PluginSearch {

37
38
39
40
41
42
43
44
45
46
47
    /**
     * This function indicates whether the plugin should take the raw $query string
     * when its group_search_user function is called, or whether it should get the
     * parsed query string.
     *
     * @return boolean
     */
    public static function can_process_raw_group_search_user_queries() {
        return true;
    }

48
49
50
51
    public static function can_be_disabled() {
        return false;
    }

52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
    public static function has_config() {
        return true;
    }

    public static function get_config_options() {
        return array(
            'elements'   => array(
                'exactusersearch' =>  array(
                    'title'        => get_string('exactusersearch', 'search.internal'),
                    'description'  => get_string('exactusersearchdescription', 'search.internal'),
                    'help'         => true,
                    'type'         => 'checkbox',
                    'defaultvalue' => get_config_plugin('search', 'internal', 'exactusersearch'),
                ),
            ),
        );
    }

    public function save_config_options($values) {
        set_config_plugin('search', 'internal', 'exactusersearch', (int) $values['exactusersearch']);
    }

    public static function postinst($prevversion) {
        if ($prevversion == 0) {
            set_config_plugin('search', 'internal', 'exactusersearch', 1);
        }
    }

Martyn Smith's avatar
Martyn Smith committed
80
81
82
    /**
     * Implement user searching with SQL
     *
83
84
     * NOTE: user with ID zero should never be returned
     *
Martyn Smith's avatar
Martyn Smith committed
85
86
87
     * @param string  The query string
     * @param integer How many results to return
     * @param integer What result to start at (0 == first result)
88
89
     * @param data    Filters the users searched by
     *                can contain:
90
     *             'friends' => boolean     // only return $USER's friends
91
92
     *             'group' => integer, // only users in this group
     *             'owner' => boolean  // include the group ownwer (only if group is set)
93
     *             'exclude'=> int     // excludes a user
Martyn Smith's avatar
Martyn Smith committed
94
95
96
97
98
     * @return array  A data structure containing results looking like ...
     *         $results = array(
     *               count   => integer, // total number of results
     *               limit   => integer, // how many results are returned
     *               offset  => integer, // starting from which result
99
     *               data    => array(   // the result records
Martyn Smith's avatar
Martyn Smith committed
100
     *                   array(
101
102
103
104
105
106
107
     *                       id            => integer,
     *                       username      => string,
     *                       institution   => string,
     *                       firstname     => string,
     *                       lastname      => string,
     *                       preferredname => string,
     *                       email         => string,
Martyn Smith's avatar
Martyn Smith committed
108
109
     *                   ),
     *                   array(
110
111
112
113
114
115
116
     *                       id            => integer,
     *                       username      => string,
     *                       institution   => string,
     *                       firstname     => string,
     *                       lastname      => string,
     *                       preferredname => string,
     *                       email         => string,
Martyn Smith's avatar
Martyn Smith committed
117
118
119
120
121
     *                   ),
     *                   array(...),
     *               ),
     *           );
     */
122
    public static function search_user($query_string, $limit, $offset = 0, $data=array()) {
123
        global $USER;
Richard Mansfield's avatar
Richard Mansfield committed
124

125
        $data = self::prepare_search_user_options($data);
126
127
        $sql = '
            SELECT
Richard Mansfield's avatar
Richard Mansfield committed
128
129
                COUNT(u.id)
            FROM {usr} u';
130
        if (isset($data['group'])) {
131
132
133
            $groupadminsql = '';
            if (isset($data['includeadmins']) and !$data['includeadmins']) {
                $groupadminsql = " AND gm.role != 'admin'";
134
            }
135
136
137
138
            $groupjoin = '
                INNER JOIN {group_member} gm ON
                    (gm.member = u.id AND gm.group = ' . (int)$data['group'] . $groupadminsql . ")\n";
            $sql .= $groupjoin;
139
        }
140
141
142
143
144

        $where = '
            WHERE
                u.id != 0 AND u.active = 1 AND u.deleted = 0';

145
146
147
148
149
150
151
        if (!empty($data['friends'])) {
            // Only include friends in search
            $where .= ' AND u.id IN (
                SELECT usr1 FROM {usr_friend} f1 WHERE f1.usr2 = ' . $USER->get('id')
                . ' UNION SELECT usr2 FROM {usr_friend} f2 WHERE f2.usr1 = ' . $USER->get('id') . ')';
        }

152
153
154
155
156
157
158
159
        if (isset($data['institutions']) && !empty($data['institutions'])) {
            $where .= '
                AND u.id IN (
                    SELECT usr FROM {usr_institution} WHERE institution IN ('
                . join(',', array_map('db_quote', $data['institutions'])) . ')
                )';
        }

160
161
        $sql .= "
                LEFT OUTER JOIN {usr_account_preference} h ON (u.id = h.usr AND h.field = 'hiderealname')";
Richard Mansfield's avatar
Richard Mansfield committed
162

163
        list($namesql, $values) = self::name_search_sql($query_string);
Richard Mansfield's avatar
Richard Mansfield committed
164

165
        $where .= $namesql;
Richard Mansfield's avatar
Richard Mansfield committed
166
167
168
169
170
171

        if (isset($data['exclude'])) {
            $where .= '
                AND u.id != ?';
            $values[] = $data['exclude'];
        }
172

173
174
        $sql .= $where;
        $count = count_records_sql($sql, $values);
175

176
        $result = array(
Nigel McNie's avatar
Nigel McNie committed
177
178
179
            'count'   => $count,
            'limit'   => $limit,
            'offset'  => $offset,
180
            'data'    => false,
Nigel McNie's avatar
Nigel McNie committed
181
        );
182

183
184
        if ($count < 1) {
            return $result;
185
186
        }

Richard Mansfield's avatar
Richard Mansfield committed
187
188
        $sql = '
            SELECT
189
                u.id, u.username, u.firstname, u.lastname, u.preferredname, u.email, u.studentid, u.staff,
190
                u.admin, u.profileicon, u.urlid
Richard Mansfield's avatar
Richard Mansfield committed
191
            FROM {usr} u';
192

193
194
195
        if (isset($data['group'])) {
            $sql .= $groupjoin;
        }
196
197
        $sql .= "
                LEFT OUTER JOIN {usr_account_preference} h ON (u.id = h.usr AND h.field = 'hiderealname')";
198
199
200
201
202
203
204
205
206
207
208
209
210

        $sql .= $where . '
            ORDER BY ' . $data['orderby'];

        $result['data'] = get_records_sql_array($sql, $values, $offset, $limit);

        if ($result['data']) {
            foreach ($result['data'] as &$item) {
                $item = (array)$item;
            }
        }

        return $result;
211
    }
212

213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239


    /**
     * Returns a snippet of an sql WHERE clause to filter users whose (visible)
     * names match the terms in a given query string.
     */
    function name_search_sql($query_string, $usralias='u', $usrprefalias='h') {

        safe_require('artefact', 'internal');

        // Get the list of searchable profile fields from the internal artefact
        $required   = array_keys(ArtefactTypeProfile::get_always_searchable_fields());
        $optional   = array_diff(array_keys(ArtefactTypeProfile::get_searchable_fields()), $required);
        $required[] = 'username'; // Not a profile field, but used in the search query.

        // Get a list of match expressions to use in the WHERE clause
        $matches = new StdClass;
        foreach (array_merge($required, $optional) as $f) {
            $matches->{$f} = self::match_user_field_expression($f, $usralias);
        }

        $querydata = self::split_query_string(strtolower(trim($query_string)));
        $hidenameallowed = get_config('userscanhiderealnames') ? 'TRUE' : 'FALSE';
        $searchusernamesallowed = get_config('searchusernames') ? 'TRUE' : 'FALSE';

        $termsql = "$matches->preferredname
                    OR (
240
                        ($usralias.preferredname IS NULL OR $usralias.preferredname = '' OR NOT $hidenameallowed OR $usrprefalias.value != '1' OR $usrprefalias.value IS NULL)
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
                        AND ($matches->firstname OR $matches->lastname)
                    )
                    OR ($searchusernamesallowed AND $matches->username)";

        if ($optional) {
            foreach ($optional as $f) {
                $termsql .= "
                    OR {$matches->$f}";
            }
        }

        $where = '';
        $values = array();
        foreach ($querydata as $term) {
            $where .= '
                AND (
                    ' . $termsql . '
                )';
            $values = array_pad($values, count($values) + 4 + count($optional), $term);
        }

        return array($where, $values);
    }



Richard Mansfield's avatar
Richard Mansfield committed
267
268
269
270
271
272
273
    private static function match_user_field_expression($field, $alias) {
        if (get_config_plugin('search', 'internal', 'exactusersearch')) {
            return 'LOWER(' . $alias . '.' . $field . ') = ?';
        }
        return $alias . '.' . $field . ' ' . db_ilike() . " '%' || ? || '%'";
    }

274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312

    /**
     * Split a query string into search terms.
     *
     * Contents of double-quoted strings are counted as a single term,
     * '"' can be entered as '\"', '\' as '\\'.
     */
    private static function split_query_string($query) {
        $terms = array();

        // Split string on unescaped double quotes
        $quotesplit = preg_split('/(?<!\\\)(\")/', $query, -1, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY);

        $inphrase = false;

        foreach ($quotesplit as $q) {
            if ($q == '"') {
                $inphrase = !$inphrase;
                continue;
            }

            // Remove escaping
            $q = preg_replace(array('/\x5C(?!\x5C)/u', '/\x5C\x5C/u'), array('','\\'), $q);
            if ($inphrase) {
                if ($trimmed = trim($q)) {
                    $terms[] = $trimmed;
                }
            }
            else {
                // Split unquoted sequences on spaces
                foreach (preg_split('/\s+/', $q, -1, PREG_SPLIT_NO_EMPTY) as $word) {
                    $terms[] = $word;
                }
            }
        }
        return $terms;
    }


313
    private static function prepare_search_user_options($options) {
314
        global $USER;
315
        if (isset($options['group'])) {
316
317
318
319
320
321
322
323
324
325
            // This option should only be used by group admins, so just ensure that the caller is
            // using it correctly.
            $roles = $USER->get('grouproles');
            if ($USER->get('admin') || $USER->get('staff')
                || (isset($roles[$options['group']]) && $roles[$options['group']] == 'admin')) {
                $options['group'] = intval($options['group']);
            }
            else {
                unset($options['group']);
            }
326
327
328
329
330
331
332
333
334
335
        }
        if (isset($options['includeadmins'])) {
            $options['includeadmins'] = (bool)$options['includeadmins'];
        }
        if (isset($options['orderby']) && $options['orderby'] == 'lastname') {
            $options['orderby'] = 'u.lastname, u.firstname, u.id';
        }
        else {
            $options['orderby'] = 'u.firstname, u.lastname, u.id';
        }
336
337
338
        if (isset($options['exclude'])) {
            $options['exclude'] = intval($options['exclude']);
        }
339
340
341
342
343
        if (isset($options['myinstitutions'])) {
            if ($institutions = array_keys($USER->get('institutions'))) {
                $options['institutions'] = $institutions;
            }
        }
344
345
        return $options;
    }
346

347

348
349
    private static function match_expression($op, $string, &$values, $ilike) {
        switch ($op) {
350
351
        case 'starts':
            $values[] = $string;
352
            return ' ' . $ilike . ' ? || \'%\'';
353
        case 'equals':
354
355
356
            if ($string === null) {
                return ' IS NULL ';
            }
357
358
            $values[] = $string;
            return ' = ? ';
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
        case 'notequals':
            if (is_null($string)) {
                return ' IS NOT NULL ';
            }
            $values[] = $string;
            return ' <> ? ';
        case 'greaterthan':
            $values[] = $string;
            return ' > ? ';
        case 'greaterthanequal':
            $values[] = $string;
            return ' >= ? ';
        case 'lessthan':
            $values[] = $string;
            return ' < ? ';
        case 'lessthanequal':
            $values[] = $string;
            return ' <= ? ';
377
378
        case 'contains':
            $values[] = $string;
379
            return ' ' . $ilike . ' \'%\' || ? || \'%\'';
380
381
382
383
384
385
        case 'in':
            return ' IN (' . join(',', array_map('db_quote',$string)) . ')';
        }
    }


386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
    /**
     * Returns a list of search results for the admin user search interface.
     *
     * The constraints parameter takes an array of arrays, like so:
     * $params = array(
     *     array(
     *         'field' => 'institution'
     *         'string' => 'mahara'
     *         'type' => 'equals'
     *     ),
     *     ...
     * )
     *
     * Each constraint should has these three keys:
     * field: Should be a column in the usr table, or the special field "duplicateemails" (which indicates only users with a non-unique email).
     *   also, for the field "institution", a string value of "mahara" indicates users with no institution
     * string: The value to compare the contents of that field against
     * type: The operation by which to compare "field" to "string". This can be any of the operations in PluginSearchInternal::match_expression
     *   (starts, equals, notequals, greaterthan, greaterthanequal, lessthan, lessthanequal, contains, or in)
     *
     * @param string $query_string The string to search for
     * @param array $constraints A list of constraints on the search results (see above for format)
     * @param int $offset
     * @param int $limit
     * @param string $sortfield Which of the output columns to sort by
     * @param string $sortdir DESC or ASC
     */
413
    public static function admin_search_user($query_string, $constraints, $offset, $limit,
414
                                             $sortfield, $sortdir) {
415
416
417
418
419
420
421
422
423
424
        $sort = 'TRUE';
        if (preg_match('/^[a-zA-Z_0-9"]+$/', $sortfield)) {
            $sort = $sortfield;
            if (strtoupper($sortdir) != 'DESC') {
                $sort .= ' ASC';
            }
            else {
                $sort .= ' DESC';
            }
        }
425
        $where = 'WHERE u.id <> 0 AND u.deleted = 0';
426
427
        $values = array();

428
429
430
        // Get the correct keyword for case insensitive LIKE
        $ilike = db_ilike();

431
432
        // Generate the part that matches the search term
        $querydata = self::split_query_string(strtolower(trim($query_string)));
433

434
        $matches = array();
435
        foreach (array('firstname', 'lastname', 'preferredname', 'username', 'email') as $f) {
436
437
438
439
440
441
442
443
444
445
446
            $matches[] = self::match_user_field_expression($f, 'u');
        }

        $termsql = join(" OR ", $matches);

        $values = array();
        foreach ($querydata as $term) {
            $where .= '
                AND (
                    ' . $termsql . '
                )';
447
            $values = array_pad($values, count($values) + 5, $term);
448
        }
449

Richard Mansfield's avatar
Richard Mansfield committed
450
451
        if (!empty($constraints)) {
            foreach ($constraints as $f) {
452
453
454
                if ($f['field'] == 'institution') {
                    if ($f['string'] == 'mahara') {
                        $where .= ' AND u.id NOT IN (SELECT usr FROM {usr_institution})';
455
                    }
456
457
458
459
460
461
                    else {
                        $where .= '
                            AND u.id IN (
                                SELECT usr FROM {usr_institution} WHERE institution '
                            . PluginSearchInternal::match_expression($f['type'], $f['string'], $values, $ilike) . '
                            )';
462
                    }
463
464
465
466
467
468
469
470
471
472
473
474
                }
                else if ($f['field'] == 'duplicateemail') {
                    if (!empty($f['string'])) {
                        $where .= '
                            AND u.id IN (
                                SELECT owner
                                FROM {artefact}
                                WHERE id IN (' . join(',', array_map('db_quote', $f['string'])) . ')
                            )';
                    }
                    else {
                        // No duplicate email is found, return empty list
475
                        $where .= ' AND FALSE';
476
477
478
                    }
                }
                else {
479
                    $where .= ' AND u.' . $f['field']
480
                        . PluginSearchInternal::match_expression($f['type'], $f['string'], $values, $ilike);
481
                }
482
            }
483
484
        }

485
        $count = get_field_sql('SELECT COUNT(*) FROM {usr} u ' . $where, $values);
486
487

        if ($count > 0) {
488
            $data = get_records_sql_assoc('
489
                SELECT
490
                    u.id, u.firstname, u.lastname, u.preferredname, u.username, u.email, u.staff, u.profileicon,
491
492
                    u.lastlogin, u.active, NOT u.suspendedcusr IS NULL as suspended, au.instancename AS authname
                FROM {usr} u INNER JOIN {auth_instance} au ON u.authinstance = au.id ' . $where . '
493
                ORDER BY ' . $sort . ', u.id',
494
                $values,
Richard Mansfield's avatar
Richard Mansfield committed
495
496
                $offset,
                $limit);
497
498

            if ($data) {
499
                $inst = get_records_select_array('usr_institution',
500
501
502
503
504
505
506
                                                 'usr IN (' . join(',', array_keys($data)) . ')',
                                                 null, '', 'usr,institution');
                if ($inst) {
                    foreach ($inst as $i) {
                        $data[$i->usr]->institutions[] = $i->institution;
                    }
                }
507
                foreach ($data as &$item) {
508
                    $item->username = display_username($item);
509
510
                    $item = (array)$item;
                }
511
                $data = array_values($data);
512
513
514
515
516
517
518
519
            }
        }
        else {
            $data = false;
        }

        return array(
            'count'   => $count,
Richard Mansfield's avatar
Richard Mansfield committed
520
521
            'limit'   => $limit,
            'offset'  => $offset,
522
523
524
525
            'data'    => $data,
        );
    }

526

527
    public static function group_search_user($group, $query_string, $constraints, $offset, $limit, $membershiptype, $order, $friendof, $orderbyoptionidx=null) {
528
529

        list($searchsql, $values) = self::name_search_sql($query_string);
530

531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
        $orderbyoptions = array(
            'adminfirst' => 'gm.role = \'admin\' DESC, CASE WHEN NOT u.preferredname IS NULL AND u.preferredname <> \'\' THEN u.preferredname ELSE u.firstname END ASC,
                           CASE WHEN NOT u.preferredname IS NULL AND u.preferredname <> \'\' THEN u.preferredname ELSE u.lastname END ASC, gm.ctime, u.id',
            'nameatoz' => 'CASE WHEN NOT u.preferredname IS NULL AND u.preferredname <> \'\' THEN u.preferredname ELSE u.firstname END ASC,
                           CASE WHEN NOT u.preferredname IS NULL AND u.preferredname <> \'\' THEN u.preferredname ELSE u.lastname END ASC, gm.ctime, u.id',
            'nameztoa' => 'CASE WHEN NOT u.preferredname IS NULL AND u.preferredname <> \'\' THEN u.preferredname ELSE u.firstname END DESC,
                           CASE WHEN NOT u.preferredname IS NULL AND u.preferredname <> \'\' THEN u.preferredname ELSE u.lastname END DESC, gm.ctime, u.id',
            'firstjoined' => 'gm.ctime ASC, CASE WHEN NOT u.preferredname IS NULL AND u.preferredname <> \'\' THEN u.preferredname ELSE u.firstname END ASC,
                           CASE WHEN NOT u.preferredname IS NULL AND u.preferredname <> \'\' THEN u.preferredname ELSE u.lastname END ASC, u.id',
            'lastjoined' => 'gm.ctime DESC, CASE WHEN NOT u.preferredname IS NULL AND u.preferredname <> \'\' THEN u.preferredname ELSE u.firstname END ASC,
                           CASE WHEN NOT u.preferredname IS NULL AND u.preferredname <> \'\' THEN u.preferredname ELSE u.lastname END ASC, u.id'
        );
        if (! key_exists($orderbyoptionidx, $orderbyoptions)) {
            $orderbyoptionidx = 'adminfirst';
        }

547
548
        if ($membershiptype == 'nonmember') {
            $select = '
549
                    u.id, u.firstname, u.lastname, u.username, u.email, u.profileicon, u.staff, u.urlid';
550
551
            $from = '
                FROM {usr} u
552
                    LEFT OUTER JOIN {usr_account_preference} h ON (u.id = h.usr AND h.field = \'hiderealname\')
553
554
555
556
                WHERE u.id > 0 AND u.deleted = 0 ' . $searchsql . '
                    AND NOT u.id IN (SELECT member FROM {group_member} gm WHERE gm.group = ?)';
            $values[] = $group;
            $orderby = 'u.firstname, u.lastname, u.id';
557
        }
558
559
        else if ($membershiptype == 'notinvited') {
            $select = '
560
                    u.id, u.firstname, u.lastname, u.username, u.email, u.profileicon, u.staff, u.urlid';
561
562
            $from = '
                FROM {usr} u
563
                    LEFT OUTER JOIN {usr_account_preference} h ON (u.id = h.usr AND h.field = \'hiderealname\')
564
565
566
567
568
569
570
571
572
573
                WHERE u.id > 0 AND u.deleted = 0 ' . $searchsql . '
                    AND NOT u.id IN (SELECT member FROM {group_member} gm WHERE gm.group = ?)
                    AND NOT u.id IN (SELECT member FROM {group_member_invite} gmi WHERE gmi.group = ?)';
            $values[] = $group;
            $values[] = $group;
            $orderby = 'u.firstname, u.lastname, u.id';
        }
        else if ($membershiptype == 'request') {
            $select = '
                    u.id, u.firstname, u.lastname, u.username, u.email, u.profileicon,
574
                    u.staff, u.urlid, ' . db_format_tsfield('gm.ctime', 'jointime');
575
576
            $from = '
                FROM {usr} u
577
                    INNER JOIN {group_member_request} gm ON (gm.member = u.id)
578
                    LEFT OUTER JOIN {usr_account_preference} h ON (u.id = h.usr AND h.field = \'hiderealname\')
579
                WHERE u.id > 0 AND u.deleted = 0 ' . $searchsql . '
580
                    AND gm.group = ?';
581
            $values[] = $group;
582
583
584
585
            if ($orderbyoptionidx == 'adminfirst') {
                $orderbyoptionidx = 'nameatoz';
            }
            $orderby = $orderbyoptions[$orderbyoptionidx];
586
587
588
589
        }
        else if ($membershiptype == 'invite') {
            $select = '
                    u.id, u.firstname, u.lastname, u.username, u.email, u.profileicon,
590
                    u.staff, u.urlid, ' . db_format_tsfield('gm.ctime', 'jointime');
591
592
            $from = '
                FROM {usr} u
593
                    INNER JOIN {group_member_invite} gm ON (gm.member = u.id)
594
                    LEFT OUTER JOIN {usr_account_preference} h ON (u.id = h.usr AND h.field = \'hiderealname\')
595
                WHERE u.id > 0 AND u.deleted = 0 ' . $searchsql . '
596
                    AND gm.group = ?';
597
            $values[] = $group;
598
            $orderby = $orderbyoptions[$orderbyoptionidx];
599
600
601
        }
        else { // All group members
            $select = '
602
                    u.id, u.firstname, u.lastname, u.username, u.preferredname, u.email, u.profileicon,
603
                    u.staff, u.urlid, ' . db_format_tsfield('gm.ctime', 'jointime') . ', gm.role';
604
605
606
            $from = '
                FROM {usr} u
                    INNER JOIN {group_member} gm ON (gm.member = u.id)
607
                    LEFT OUTER JOIN {usr_account_preference} h ON (u.id = h.usr AND h.field = \'hiderealname\')
608
609
610
                WHERE u.id > 0 AND u.deleted = 0 ' . $searchsql . '
                    AND gm.group = ?';
            $values[] = $group;
611
            $orderby = $orderbyoptions[$orderbyoptionidx];
612
613
614
            if ($order == 'latest') {
                $orderby = 'gm.ctime DESC, u.firstname, u.lastname, u.id';
            }
615
616
        }

617
        if ($order == 'random') {
618
619
620
            $orderby = db_random();
        }

621
622
623
624
625
626
627
628
        if ($friendof) {
            $from .= '
                    AND u.id IN (
                        SELECT usr1 FROM {usr_friend} WHERE usr2 = ? UNION SELECT usr2 FROM {usr_friend} WHERE usr1 = ?
                    )';
            array_push($values, $friendof, $friendof);
        }

629
        $count = get_field_sql('SELECT COUNT(*)' . $from, $values);
630
631
632

        if ($count > 0) {
            $data = get_records_sql_assoc('
633
                SELECT ' . $select . $from . ' ORDER BY ' . $orderby,
634
635
636
637
638
639
640
641
642
643
644
645
                $values,
                $offset,
                $limit);

            if ($data) {
                foreach ($data as &$item) {
                    $item = (array)$item;
                }
                $data = array_values($data);
            }
        }
        else {
646
            $data = array();
647
648
649
650
651
652
653
654
655
656
        }

        return array(
            'count'   => $count,
            'limit'   => $limit,
            'offset'  => $offset,
            'data'    => $data,
        );
    }

657
658
659

    public static function institutional_admin_search_user($query, $institution, $limit) {
        $sql = '
660
            FROM {usr} u LEFT OUTER JOIN {usr_tag} t ON (t.usr = u.id) ';
661
662
663
664
665

        $where = '
            WHERE u.id <> 0 AND u.deleted = 0 ';

        $values = array();
666
        if ($query != '') {
667
668
            $where .= 'AND (t.tag = LOWER(?) OR ';
            $values[] = $query;
669
670
671
672
673
674
675
            $query = preg_replace('/\s\s+/', ' ', $query);
            $words = explode(' ', $query);
            foreach ($words as &$word) {
                $values[] = $word;
                $values[] = $word;
                $word = 'u.firstname ' . db_ilike() . ' \'%\' || ? || \'%\' OR u.lastname ' . db_ilike() . ' \'%\' || ? || \'%\'';
            }
676
            $where .= join(' OR ', $words) . ') ';
677
678
        }

679
        $studentid = '';
680
681
682
683
684
685
        if (!is_null($institution->member)) {
            $sql .= '
                LEFT OUTER JOIN {usr_institution} member ON (member.usr = u.id
                    AND member.institution = ' . db_quote($institution->name) . ')';
            $where .= '
                AND ' . ($institution->member ? ' NOT ' : '') . ' member.usr IS NULL';
686
            $studentid = ', member.studentid';
687
        }
688
        if (!is_null($institution->requested) || !is_null($institution->invitedby)) {
689
690
691
692
693
694
695
696
697
            $sql .= '
                LEFT OUTER JOIN {usr_institution_request} req ON (req.usr = u.id
                    AND req.institution = ' . db_quote($institution->name) . ')';
            if (!is_null($institution->requested)) {
                if ($institution->requested == 1) {
                    $where .= ' AND req.confirmedusr = 1';
                } else {
                    $where .= ' AND (req.confirmedusr = 0 OR req.confirmedusr IS NULL)';
                }
698
                $studentid = ', req.studentid';
699
            }
700
            if (!is_null($institution->invitedby)) {
701
                if ($institution->invitedby == 1) {
702
703
704
705
706
707
                    $where .= ' AND req.confirmedinstitution = 1';
                } else {
                    $where .= ' AND (req.confirmedinstitution = 0 OR req.confirmedinstitution IS NULL)';
                }
            }
        }
708
709
710
711
        if (!is_null($institution->lastinstitution)) {
            $where .= " AND t.tag = ?";
            $values[] = 'lastinstitution:' . $institution->lastinstitution;
        }
712
713
714
715
716

        $count = get_field_sql('SELECT COUNT(*) ' . $sql . $where, $values);

        if ($count > 0) {
            $data = get_records_sql_array('
717
718
                SELECT
                    u.id, u.firstname, u.lastname, u.username, u.preferredname,
719
                    u.admin, u.staff' . $studentid . $sql . $where . '
720
                GROUP BY u.id, u.firstname, u.lastname, u.username, u.preferredname, u.admin, u.staff' . $studentid . '
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
                ORDER BY u.firstname ASC',
                $values,
                0,
                $limit);
            foreach ($data as &$item) {
                $item = (array)$item;
            }
        }
        else {
            $data = false;
        }

        return array(
            'count'   => $count,
            'limit'   => $limit,
            'offset'  => 0,
            'data'    => $data,
        );
    }





745
746
747
748
749
750
    /**
     * Implement group searching with SQL
     *
     * @param string  The query string
     * @param integer How many results to return
     * @param integer What result to start at (0 == first result)
751
     * @param string  Which groups to search (all, member, notmember)
752
753
754
755
756
757
758
     * @return array  A data structure containing results looking like ...
     *         $results = array(
     *               count   => integer, // total number of results
     *               limit   => integer, // how many results are returned
     *               offset  => integer, // starting from which result
     *               data    => array(   // the result records
     *                   array(
Nigel McNie's avatar
Nigel McNie committed
759
     *                       id            => integer,
760
761
762
763
764
765
     *                       name          => string,
     *                       description   => string,
     *                       jointype      => string,
     *                       owner         => string,
     *                       ctime         => string,
     *                       mtime         => string,
Nigel McNie's avatar
Nigel McNie committed
766
767
768
     *                   ),
     *                   array(
     *                       id            => integer,
769
770
771
772
773
774
     *                       name          => string,
     *                       description   => string,
     *                       jointype      => string,
     *                       owner         => string,
     *                       ctime         => string,
     *                       mtime         => string,
Nigel McNie's avatar
Nigel McNie committed
775
776
777
778
779
     *                   ),
     *                   array(...),
     *               ),
     *           );
     */
780
    public static function search_group($query_string, $limit, $offset=0, $type='member', $category='') {
781
        global $USER;
782
783
        $data = array();

784
785
        $sql = "
            FROM
786
                {group}
787
            WHERE (
788
789
                name " . db_ilike() . " '%' || ? || '%'
                OR description " . db_ilike() . " '%' || ? || '%'
790
791
792
            ) AND deleted = 0 ";
        $values = array($query_string, $query_string);

793
794
795
796
        if (!$grouproles = join(',', array_keys($USER->get('grouproles')))) {
            $grouproles = '-1';
        }

797
798
        $canseehidden = $USER->get('admin') || $USER->get('staff');

799
        if ($type == 'member') {
800
            $sql .=  'AND id IN (' . $grouproles . ')';
801
        }
802
        else if ($type == 'notmember') {
803
            $sql .= 'AND id NOT IN (' . $grouproles . ')';
804
        }
805
        else if ($type == 'canjoin') {
806
807
            $sql .= 'AND (jointype != ? AND NOT (jointype = ? AND request = 0)) AND id NOT IN (' . $grouproles . ')';
            $values = array_merge($values, array('controlled', 'approve'));
808
809
810
        }

        if (!$canseehidden) {
811
812
813
            $sql .= ' AND (hidden = 0 OR id IN (' . $grouproles . '))';
        }

814
        if (!empty($category)) {
Dan Marsden's avatar
Dan Marsden committed
815
            if ($category == -1) { //find unassigned groups
816
                $sql .= " AND category IS NULL";
Dan Marsden's avatar
Dan Marsden committed
817
            } else {
818
819
                $sql .= ' AND category = ?';
                $values[] = $category;
Dan Marsden's avatar
Dan Marsden committed
820
            }
821
        }
822

823
824
825
        $count = get_field_sql('SELECT COUNT(*) '.$sql, $values);

        if ($count > 0) {
826
            $sql = 'SELECT id, name, description, grouptype, jointype, request, public, ctime, mtime, category, urlid ' . $sql . ' ORDER BY name';
827
            $data = get_records_sql_array($sql, $values, $offset, $limit);
828
        }
Martyn Smith's avatar
Martyn Smith committed
829
830
831
832
833

        return array(
            'count'   => $count,
            'limit'   => $limit,
            'offset'  => $offset,
834
            'data'    => $data,
Martyn Smith's avatar
Martyn Smith committed
835
836
        );
    }
Martyn Smith's avatar
Martyn Smith committed
837
838
839
840
841
842
843
844
845
846
847

    /**
     * Given a query string and limits, return an array of matching objects
     * owned by the current user.  Possible return types are ...
     *   - artefact
     *   - view
     *
     * Implementations of this search should search across tags for artefacts
     * and views at a minimum. Ideally the search would also index
     * title/description and other metadata for these objects.
     *
848
849
850
     * NOTE: This implementation of internal search only does artefacts, and
     * badly at that. See the bug tracker for more information.
     *
Martyn Smith's avatar
Martyn Smith committed
851
852
853
854
     * @param string  The query string
     * @param integer How many results to return
     * @param integer What result to start at (0 == first result)
     * @param string  Type to search for (either 'all' or one of the types above).
855
     *
Martyn Smith's avatar
Martyn Smith committed
856
     */
857
858
    public static function self_search($querystring, $limit, $offset, $type = 'all') {
        global $USER;
859
860
861
862
        if (trim($querystring) == '') {
            return false;
        }

863
864
865
866
867
        // Tokenise the search
        $querydata = self::search_parse_query($querystring);

        $sql = "
            SELECT
868
                a.id, a.artefacttype, a.title, a.description
869
            FROM
870
                {artefact} a
871
            LEFT JOIN {artefact_tag} at ON (at.artefact = a.id)
872
            WHERE
873
874
875
876
877
878
                a.owner = ?
            AND (
                ($querydata[0])
                OR
                (LOWER(at.tag) = ?)
            )";
879
880
881
882
        $count_sql = "
            SELECT
                COUNT(*)
            FROM
883
                {artefact} a
884
            LEFT JOIN {artefact_tag} at ON (at.artefact = a.id)
885
            WHERE
886
887
888
889
890
891
                a.owner = ?
            AND (
                ($querydata[0])
                OR
                (LOWER(at.tag) = ?)
            )";
892
        array_unshift($querydata[1], $USER->get('id'));
893
        array_push($querydata[1], strtolower($querystring));
894

895
896
897
898
899
900
901
        $results = array(
            'data'   => get_records_sql_array($sql, $querydata[1], $offset, $limit),
            'offset' => $offset,
            'limit'  => $limit,
            'count'  => get_field_sql($count_sql, $querydata[1])
        );

902
        if ($results['data']) {
903
            require_once(get_config('docroot') . 'artefact/lib.php');
904
905
906
907
908
909
            foreach ($results['data'] as &$result) {
                $newresult = array();
                foreach ($result as $key => &$value) {
                    if ($key == 'id' || $key == 'artefacttype' || $key == 'title' || $key == 'description') {
                        $newresult[$key] = $value;
                    }
910
                }
911
                $newresult['type'] = 'artefact';
912
913
914
915
916

                $artefact = artefact_instance_from_id($newresult['id']);
                $artefactplugin = $artefact->get_plugin_name();
                if ($artefactplugin == 'internal' && in_array($artefact->get('artefacttype'), PluginArtefactInternal::get_profile_artefact_types())) {
                    // Profile artefact
917
                    $newresult['summary'] = $newresult['title'];
918
                    $newresult['title'] = get_string($artefact->get('artefacttype'), 'artefact.' . $artefactplugin);
919
920
921
922
                }
                else {
                    $newresult['summary'] = $newresult['description'];
                }
923
                $newresult['summary'] = clean_html($newresult['summary']);
924
                $result = $newresult;
925
            }
926
927

            self::self_search_make_links($results);
928
929
930
931
932
933
        }

        return $results;
    }


934
935
936
937
938
939
940
941
    /**
     * Returns portfolio items (artefacts, views) owned by $owner and tagged
     * with $tag.
     *
     * @param string   $tag Tag
     * @param object   $owner: owner type (user,group,institution), and id
     * @param integer  $limit
     * @param integer  $offset
942
     * @param string   $sort
943
     * @param array    $types view/artefacttype filters
944
     * @param boolean  $returntags Return all the tags that have been attached to each result
945
     */
946
    public static function portfolio_search_by_tag($tag, $owner, $limit, $offset, $sort, $types, $returntags) {
947
        $viewfilter = is_null($types) || $types['view'] == true ? 'AND TRUE' : 'AND FALSE';
948
        $collectionfilter = is_null($types) || $types['collection'] == true ? 'AND TRUE' : 'AND FALSE';
949

950
951
952
953
954
955
956
957
958
959
        if (is_null($types)) {
            $artefacttypefilter = '';
        }
        else if (!empty($types['artefact'])) {
            $artefacttypefilter = ' AND a.artefacttype IN (' . join(',', array_map('db_quote', $types['artefact'])) . ')';
        }
        else {
            $artefacttypefilter = ' AND FALSE';
        }

960
961
962
        if (!is_null($tag)) {
            $artefacttypefilter .= ' AND at.tag = ?';
            $viewfilter .= ' AND vt.tag = ?';
963
964
            $collectionfilter .= ' AND ct.tag = ?';
            $values = array($owner->id, $tag, $owner->id, $tag, $owner->id, $tag);
965
966
        }
        else {
967
            $values = array($owner->id, $owner->id, $owner->id);
968
969
        }

970
971
        $from = "
        FROM (
972
973
           (SELECT a.id, a.title, a.description, 'artefact' AS type, a.artefacttype, " . db_format_tsfield('a.ctime', 'ctime') . ",
                a.owner, a.group, a.institution, NULL AS urlid
974
            FROM {artefact} a JOIN {artefact_tag} at ON (a.id = at.artefact)
975
            WHERE a.owner = ?" . $artefacttypefilter . ")
976
           UNION
977
978
           (SELECT v.id, v.title, v.description, 'view' AS type, NULL AS artefacttype, " . db_format_tsfield('v.ctime', 'ctime') . ",
                v.owner, v.group, v.institution, v.urlid
979
980
            FROM {view} v JOIN {view_tag} vt ON (v.id = vt.view)
            WHERE v.owner = ? " . $viewfilter . ")
981
982
983
984
985
           UNION
           (SELECT c.id, c.name, c.description, 'collection' AS type, NULL AS artefacttype, " . db_format_tsfield('c.ctime', 'ctime') . ",
                c.owner, c.group, c.institution, NULL AS urlid
            FROM {collection} c JOIN {collection_tag} ct ON (c.id = ct.collection)
            WHERE c.owner = ? " . $collectionfilter . ")
986
987
988
989
990
991
992
        ) p";

        $result = (object) array(
            'tag'    => $tag,
            'owner'  => $owner,
            'offset' => $offset,
            'limit'  => $limit,
993
            'sort'   => $sort,
994
995
996
997
998
999
            'count'  => 0,
            'data'   => array(),
        );

        if ($count = count_records_sql('SELECT COUNT(*) ' . $from, $values, $offset, $limit)) {
            $result->count = $count;
1000
            $sort = $sort == 'date' ? 'ctime DESC' : 'title ASC';
1001
            if ($data = get_records_sql_assoc("SELECT type || ':' || id AS tid, p.* " . $from . ' ORDER BY ' . $sort, $values, $offset, $limit)) {
1002
                if ($returntags) {
1003
                    $ids = array('view' => array(), 'collection' => array(), 'artefact' => array());
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
                    foreach ($data as &$d) {
                        $ids[$d->type][$d->id] = 1;
                    }
                    if (!empty($ids['view'])) {
                        if ($viewtags = get_records_select_array('view_tag', 'view IN (' . join(',', array_keys($ids['view'])) . ')')) {
                            foreach ($viewtags as &$vt) {
                                $data['view:' . $vt->view]->tags[] = $vt->tag;
                            }
                        }
                    }
1014
1015
1016
1017
1018
1019
1020
                    if (!empty($ids['collection'])) {
                        if ($collectiontags = get_records_select_array('collection_tag', 'collection IN (' . join(',', array_keys($ids['collection'])) . ')')) {
                            foreach ($collectiontags as &$ct) {
                                $data['collection:' . $ct->collection]->tags[] = $ct->tag;
                            }
                        }
                    }
1021
                    if (!empty($ids['artefact'])) {
1022
                        if ($artefacttags = get_records_select_array('artefact_tag', 'artefact IN (' . join(',', array_keys($ids['artefact'])) . ')', NULL, 'tag')) {
1023
1024
1025
1026
1027
1028
                            foreach ($artefacttags as &$at) {
                                $data['artefact:' . $at->artefact]->tags[] = $at->tag;
                            }
                        }
                    }
                }
1029
1030
1031
1032
1033
1034
1035
                $result->data = $data;
            }
        }
        return $result;
    }


1036
    /**
1037
     * Parses a query string into SQL fragments for searching. Supports
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
     * phrases, AND/OR etc.
     *
     * Lifted from drupal 5.1, (C) 2007 Drupal
     *
     * This function comes from Drupal's search module, with some small changes.
     */
    private static function search_parse_query($text) {
        $keys = array('positive' => array(), 'negative' => array());

        // Tokenize query string
        preg_match_all('/ (-?)("[^"]+"|[^" ]+)/i', ' '. $text, $matches, PREG_SET_ORDER);

        if (count($matches) < 1) {
          return NULL;
        }

        // Classify tokens
        $or = FALSE;
        foreach ($matches as $match) {
          $phrase = FALSE;
          // Strip off phrase quotes
          if ($match[2]{0} == '"') {
            $match[2] = substr($match[2], 1, -1);
            $phrase = TRUE;
          }
          // Simplify keyword according to indexing rules and external preprocessors
          $words = self::search_simplify($match[2]);
          // Re-explode in case simplification added more words, except when matching a phrase
          $words = $phrase ? array($words) : preg_split('/ /', $words, -1, PREG_SPLIT_NO_EMPTY);
          // Negative matches
          if ($match[1] == '-') {
            $keys['negative'] = array_merge($keys['negative'], $words);
          }
          // OR operator: instead of a single keyword, we store an array of all
          // OR'd keywords.
          elseif ($match[2] == 'OR' && count($keys['positive'])) {
            $last = array_pop($keys['positive']);
            // Starting a new OR?
            if (!is_array($last)) {
              $last = array($last);
            }
            $keys['positive'][] = $last;
            $or = TRUE;
            continue;
          }
          // Plain keyword
          else {
            if ($or) {
              // Add to last element (which is an array)
              $keys['positive'][count($keys['positive']) - 1] = array_merge($keys['positive'][count($keys['positive']) - 1], $words);
            }
            else {
              $keys['positive'] = array_merge($keys['positive'], $words);
            }
          }
          $or = FALSE;
        }

        // Convert keywords into SQL statements.
        $query = array();
        //$query2 = array();
        $arguments = array();
        $arguments2 = array();
1101
        //$matches = 0;
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
        // Positive matches
        foreach ($keys['positive'] as $key) {
          // Group of ORed terms
          if (is_array($key) && count($key)) {
            $queryor = array();
            $any = FALSE;
            foreach ($key as $or) {
              list($q, $count) = self::_search_parse_query($or, $arguments2);
              $any |= $count;
              if ($q) {
                $queryor[] = $q;
                $arguments[] = $or;
                $arguments[] = $or;
              }
            }

            if (count($queryor)) {
              $query[] = '('. implode(' OR ', $queryor) .')';
              // A group of OR keywords only needs to match once
              //$matches += ($any > 0);
            }
          }
          // Single ANDed term
          else {
            list($q, $count) = self::_search_parse_query($key, $arguments2);
            if ($q) {
              $query[] = $q;
              $arguments[] = $key;
              $arguments[] = $key;
              // Each AND keyword needs to match at least once
              //$matches += $count;
            }
          }
        }
        // Negative matches
        foreach ($keys['negative'] as $key) {
          list($q) = self::_search_parse_query($key, $arguments2, TRUE);
          if ($q) {
            $query[] = $q;
            $arguments[] = $key;
            $arguments[] = $key;
          }
        }
        $query = implode(' AND ', $query);

        // Build word-index conditions for the first pass
        //$query2 = substr(str_repeat("i.word = '%s' OR ", count($arguments2)), 0, -4);

        return array($query, $arguments, /*$query2, $arguments2, $matches*/);
Martyn Smith's avatar
Martyn Smith committed
1151
    }
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172

    /**
     * Helper function for search_parse_query();
     */
    private static function _search_parse_query(&$word, &$scores, $not = FALSE) {
      $count = 0;
      // Determine the scorewords of this word/phrase
      if (!$not) {
        $split = explode(' ', $word);
        foreach ($split as $s) {
          $num = is_numeric($s);
          if ($num || strlen($s) >= /*variable_get('minimum_word_size', 3)*/3) {
            $s = $num ? ((int)ltrim($s, '-0')) : $s;
            if (!isset($scores[$s])) {
              $scores[$s] = $s;
              $count++;
            }
          }
        }
      }
      // Return matching snippet and number of added words
1173
      return array("a.title ". ($not ? 'NOT ' : '') . db_ilike() . " '%' || ? || '%'" . ($not ? ' AND ' : ' OR ') . 'a.description ' . ($not ? 'NOT ' : '') . db_ilike() . " '%' || ? || '%'", $count);
1174
1175
1176
1177
1178
1179
1180
1181
    }

    /**
     * Simplifies a string according to indexing rules.
     */
    private static function search_simplify($text) {
      // Decode entities to UTF-8
      $text = self::decode_entities($text);
1182

1183
1184
      // Lowercase
      $text = strtolower($text);
1185

1186
1187
      // Call an external processor for word handling.
      //search_preprocess($text);
1188

1189
1190
1191
1192
      // Simple CJK handling
      //if (variable_get('overlap_cjk', TRUE)) {
      //  $text = preg_replace_callback('/['. PREG_CLASS_CJK .']+/u', 'search_expand_cjk', $text);
      //}
1193

1194
1195
1196
1197
1198
1199
1200
      // To improve searching for numerical data such as dates, IP addresses
      // or version numbers, we consider a group of numerical characters
      // separated only by punctuation characters to be one piece.
      // This also means that searching for e.g. '20/03/1984' also returns
      // results with '20-03-1984' in them.
      // Readable regexp: ([number]+)[punctuation]+(?=[number])
      $text = preg_replace('/(['. PREG_CLASS_NUMBERS .']+)['. PREG_CLASS_PUNCTUATION .']+(?=['. PREG_CLASS_NUMBERS .'])/u', '\1', $text);
1201

1202
1203
1204
      // The dot, underscore and dash are simply removed. This allows meaningful
      // search behaviour with acronyms and URLs.
      $text = preg_replace('/[._-]+/', '', $text);
1205

1206
1207
1208
      // With the exception of the rules above, we consider all punctuation,
      // marks, spacers, etc, to be a word boundary.
      $text = preg_replace('/['. PREG_CLASS_SEARCH_EXCLUDE . ']+/u', ' ', $text);
1209

1210
1211
1212
1213
1214
1215
1216
1217
1218
      return $text;
    }

    /**
     * Decode all HTML entities (including numerical ones) to regular UTF-8 bytes.
     * Double-escaped entities will only be decoded once ("&amp;lt;" becomes "&lt;", not "<").
     *
     * @param $text
     *   The text to decode entities in.
1219
     * @param $exclude
1220
1221
1222
1223
1224
1225
     *   An array of characters which should not be decoded. For example,
     *   array('<', '&', '"'). This affects both named and numerical entities.
     */
    function decode_entities($text, $exclude = array()) {
      static $table;
      // We store named entities in a table for quick processing.
1226
1227
      if (!isset($table)) {
        // Get all named HTML entities.
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
        $table = array_flip(get_html_translation_table(HTML_ENTITIES));
        // PHP gives us ISO-8859-1 data, we need UTF-8.
        $table = array_map('utf8_encode', $table);
        // Add apostrophe (XML)
        $table['&apos;'] = "'";
      }
      $newtable = array_diff($table, $exclude);

      // Use a regexp to select all entities in one pass, to avoid decoding double-escaped entities twice.
      return preg_replace('/&(#x?)?([A-Za-z0-9]+);/e', '_decode_entities("$1", "$2", "$0", $newtable, $exclude)', $text);
    }

    /**
     * Helper function for decode_entities
     */
    function _decode_entities($prefix, $codepoint, $original, &$table, &$exclude) {
      // Named entity
      if (!$prefix) {
        if (isset($table[$original])) {
          return $table[$original];
        }
        else {
          return $original;
1251
1252
        }
      }
1253
1254
1255
      // Hexadecimal numerical entity
      if ($prefix == '#x') {
        $codepoint = base_convert($codepoint, 16, 10);
1256
      }
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
      // Decimal numerical entity (strip leading zeros to avoid PHP octal notation)
      else {
        $codepoint = preg_replace('/^0+/', '', $codepoint);
      }
      // Encode codepoint as UTF-8 bytes
      if ($codepoint < 0x80) {
        $str = chr($codepoint);
      }
      else if ($codepoint < 0x800) {
        $str = chr(0xC0 | ($codepoint >> 6))
             . chr(0x80 | ($codepoint & 0x3F));
      }
      else if ($codepoint < 0x10000) {
        $str = chr(0xE0 | ( $codepoint >> 12))
             . chr(0x80 | (($codepoint >> 6) & 0x3F))
             . chr(0x80 | ( $codepoint       & 0x3F));
      }
      else if ($codepoint < 0x200000) {
        $str =