lib.php 53 KB
Newer Older
Martyn Smith's avatar
Martyn Smith committed
1
2
3
4
5
<?php
/**
 *
 * @package    mahara
 * @subpackage search-internal
6
 * @author     Catalyst IT Ltd
7
8
 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
 * @copyright  For copyright information on Mahara, please see the README file distributed with this software.
Martyn Smith's avatar
Martyn Smith committed
9
10
11
12
 *
 */

defined('INTERNAL') || die();
13
require_once(get_config('docroot') . 'search/lib.php');
Martyn Smith's avatar
Martyn Smith committed
14
15

/**
16
 * The internal search plugin which searches against the
Martyn Smith's avatar
Martyn Smith committed
17
18
19
20
 * Mahara database.
 */
class PluginSearchInternal extends PluginSearch {

21
22
23
24
25
26
27
28
29
30
31
    /**
     * This function indicates whether the plugin should take the raw $query string
     * when its group_search_user function is called, or whether it should get the
     * parsed query string.
     *
     * @return boolean
     */
    public static function can_process_raw_group_search_user_queries() {
        return true;
    }

32
33
34
35
    public static function can_be_disabled() {
        return false;
    }

36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
    public static function has_config() {
        return true;
    }

    public static function get_config_options() {
        return array(
            'elements'   => array(
                'exactusersearch' =>  array(
                    'title'        => get_string('exactusersearch', 'search.internal'),
                    'description'  => get_string('exactusersearchdescription', 'search.internal'),
                    'help'         => true,
                    'type'         => 'checkbox',
                    'defaultvalue' => get_config_plugin('search', 'internal', 'exactusersearch'),
                ),
            ),
        );
    }

    public function save_config_options($values) {
        set_config_plugin('search', 'internal', 'exactusersearch', (int) $values['exactusersearch']);
    }

    public static function postinst($prevversion) {
        if ($prevversion == 0) {
            set_config_plugin('search', 'internal', 'exactusersearch', 1);
        }
    }

Martyn Smith's avatar
Martyn Smith committed
64
65
66
    /**
     * Implement user searching with SQL
     *
67
68
     * NOTE: user with ID zero should never be returned
     *
Martyn Smith's avatar
Martyn Smith committed
69
70
71
     * @param string  The query string
     * @param integer How many results to return
     * @param integer What result to start at (0 == first result)
72
73
     * @param data    Filters the users searched by
     *                can contain:
74
     *             'friends' => boolean     // only return $USER's friends
75
76
     *             'group' => integer, // only users in this group
     *             'owner' => boolean  // include the group ownwer (only if group is set)
77
     *             'exclude'=> int     // excludes a user
Martyn Smith's avatar
Martyn Smith committed
78
79
80
81
82
     * @return array  A data structure containing results looking like ...
     *         $results = array(
     *               count   => integer, // total number of results
     *               limit   => integer, // how many results are returned
     *               offset  => integer, // starting from which result
83
     *               data    => array(   // the result records
Martyn Smith's avatar
Martyn Smith committed
84
     *                   array(
85
86
87
88
89
90
91
     *                       id            => integer,
     *                       username      => string,
     *                       institution   => string,
     *                       firstname     => string,
     *                       lastname      => string,
     *                       preferredname => string,
     *                       email         => string,
Martyn Smith's avatar
Martyn Smith committed
92
93
     *                   ),
     *                   array(
94
95
96
97
98
99
100
     *                       id            => integer,
     *                       username      => string,
     *                       institution   => string,
     *                       firstname     => string,
     *                       lastname      => string,
     *                       preferredname => string,
     *                       email         => string,
Martyn Smith's avatar
Martyn Smith committed
101
102
103
104
105
     *                   ),
     *                   array(...),
     *               ),
     *           );
     */
106
    public static function search_user($query_string, $limit, $offset = 0, $data=array()) {
107
        global $USER;
Richard Mansfield's avatar
Richard Mansfield committed
108

109
        $data = self::prepare_search_user_options($data);
110
111
        $sql = '
            SELECT
Richard Mansfield's avatar
Richard Mansfield committed
112
113
                COUNT(u.id)
            FROM {usr} u';
114
        if (isset($data['group'])) {
115
116
117
            $groupadminsql = '';
            if (isset($data['includeadmins']) and !$data['includeadmins']) {
                $groupadminsql = " AND gm.role != 'admin'";
118
            }
119
120
121
122
            $groupjoin = '
                INNER JOIN {group_member} gm ON
                    (gm.member = u.id AND gm.group = ' . (int)$data['group'] . $groupadminsql . ")\n";
            $sql .= $groupjoin;
123
        }
124
125
126
127
128

        $where = '
            WHERE
                u.id != 0 AND u.active = 1 AND u.deleted = 0';

129
130
131
132
133
134
135
        if (!empty($data['friends'])) {
            // Only include friends in search
            $where .= ' AND u.id IN (
                SELECT usr1 FROM {usr_friend} f1 WHERE f1.usr2 = ' . $USER->get('id')
                . ' UNION SELECT usr2 FROM {usr_friend} f2 WHERE f2.usr1 = ' . $USER->get('id') . ')';
        }

136
137
138
139
140
141
142
143
        if (isset($data['institutions']) && !empty($data['institutions'])) {
            $where .= '
                AND u.id IN (
                    SELECT usr FROM {usr_institution} WHERE institution IN ('
                . join(',', array_map('db_quote', $data['institutions'])) . ')
                )';
        }

144
145
        $sql .= "
                LEFT OUTER JOIN {usr_account_preference} h ON (u.id = h.usr AND h.field = 'hiderealname')";
Richard Mansfield's avatar
Richard Mansfield committed
146

147
        list($namesql, $values) = self::name_search_sql($query_string);
Richard Mansfield's avatar
Richard Mansfield committed
148

149
        $where .= $namesql;
Richard Mansfield's avatar
Richard Mansfield committed
150
151
152
153
154
155

        if (isset($data['exclude'])) {
            $where .= '
                AND u.id != ?';
            $values[] = $data['exclude'];
        }
156

157
158
        $sql .= $where;
        $count = count_records_sql($sql, $values);
159

160
        $result = array(
Nigel McNie's avatar
Nigel McNie committed
161
162
163
            'count'   => $count,
            'limit'   => $limit,
            'offset'  => $offset,
164
            'data'    => false,
Nigel McNie's avatar
Nigel McNie committed
165
        );
166

167
168
        if ($count < 1) {
            return $result;
169
170
        }

Richard Mansfield's avatar
Richard Mansfield committed
171
172
        $sql = '
            SELECT
173
                u.id, u.username, u.firstname, u.lastname, u.preferredname, u.email, u.studentid, u.staff,
174
                u.admin, u.profileicon, u.urlid
Richard Mansfield's avatar
Richard Mansfield committed
175
            FROM {usr} u';
176

177
178
179
        if (isset($data['group'])) {
            $sql .= $groupjoin;
        }
180
181
        $sql .= "
                LEFT OUTER JOIN {usr_account_preference} h ON (u.id = h.usr AND h.field = 'hiderealname')";
182
183
184
185
186
187
188
189
190
191
192
193
194

        $sql .= $where . '
            ORDER BY ' . $data['orderby'];

        $result['data'] = get_records_sql_array($sql, $values, $offset, $limit);

        if ($result['data']) {
            foreach ($result['data'] as &$item) {
                $item = (array)$item;
            }
        }

        return $result;
195
    }
196

197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223


    /**
     * Returns a snippet of an sql WHERE clause to filter users whose (visible)
     * names match the terms in a given query string.
     */
    function name_search_sql($query_string, $usralias='u', $usrprefalias='h') {

        safe_require('artefact', 'internal');

        // Get the list of searchable profile fields from the internal artefact
        $required   = array_keys(ArtefactTypeProfile::get_always_searchable_fields());
        $optional   = array_diff(array_keys(ArtefactTypeProfile::get_searchable_fields()), $required);
        $required[] = 'username'; // Not a profile field, but used in the search query.

        // Get a list of match expressions to use in the WHERE clause
        $matches = new StdClass;
        foreach (array_merge($required, $optional) as $f) {
            $matches->{$f} = self::match_user_field_expression($f, $usralias);
        }

        $querydata = self::split_query_string(strtolower(trim($query_string)));
        $hidenameallowed = get_config('userscanhiderealnames') ? 'TRUE' : 'FALSE';
        $searchusernamesallowed = get_config('searchusernames') ? 'TRUE' : 'FALSE';

        $termsql = "$matches->preferredname
                    OR (
224
                        ($usralias.preferredname IS NULL OR $usralias.preferredname = '' OR NOT $hidenameallowed OR $usrprefalias.value != '1' OR $usrprefalias.value IS NULL)
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
                        AND ($matches->firstname OR $matches->lastname)
                    )
                    OR ($searchusernamesallowed AND $matches->username)";

        if ($optional) {
            foreach ($optional as $f) {
                $termsql .= "
                    OR {$matches->$f}";
            }
        }

        $where = '';
        $values = array();
        foreach ($querydata as $term) {
            $where .= '
                AND (
                    ' . $termsql . '
                )';
            $values = array_pad($values, count($values) + 4 + count($optional), $term);
        }

        return array($where, $values);
    }



Richard Mansfield's avatar
Richard Mansfield committed
251
252
253
254
255
256
257
    private static function match_user_field_expression($field, $alias) {
        if (get_config_plugin('search', 'internal', 'exactusersearch')) {
            return 'LOWER(' . $alias . '.' . $field . ') = ?';
        }
        return $alias . '.' . $field . ' ' . db_ilike() . " '%' || ? || '%'";
    }

258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296

    /**
     * Split a query string into search terms.
     *
     * Contents of double-quoted strings are counted as a single term,
     * '"' can be entered as '\"', '\' as '\\'.
     */
    private static function split_query_string($query) {
        $terms = array();

        // Split string on unescaped double quotes
        $quotesplit = preg_split('/(?<!\\\)(\")/', $query, -1, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY);

        $inphrase = false;

        foreach ($quotesplit as $q) {
            if ($q == '"') {
                $inphrase = !$inphrase;
                continue;
            }

            // Remove escaping
            $q = preg_replace(array('/\x5C(?!\x5C)/u', '/\x5C\x5C/u'), array('','\\'), $q);
            if ($inphrase) {
                if ($trimmed = trim($q)) {
                    $terms[] = $trimmed;
                }
            }
            else {
                // Split unquoted sequences on spaces
                foreach (preg_split('/\s+/', $q, -1, PREG_SPLIT_NO_EMPTY) as $word) {
                    $terms[] = $word;
                }
            }
        }
        return $terms;
    }


297
    private static function prepare_search_user_options($options) {
298
        global $USER;
299
        if (isset($options['group'])) {
300
301
302
303
304
305
306
307
308
309
            // This option should only be used by group admins, so just ensure that the caller is
            // using it correctly.
            $roles = $USER->get('grouproles');
            if ($USER->get('admin') || $USER->get('staff')
                || (isset($roles[$options['group']]) && $roles[$options['group']] == 'admin')) {
                $options['group'] = intval($options['group']);
            }
            else {
                unset($options['group']);
            }
310
311
312
313
314
315
316
317
318
319
        }
        if (isset($options['includeadmins'])) {
            $options['includeadmins'] = (bool)$options['includeadmins'];
        }
        if (isset($options['orderby']) && $options['orderby'] == 'lastname') {
            $options['orderby'] = 'u.lastname, u.firstname, u.id';
        }
        else {
            $options['orderby'] = 'u.firstname, u.lastname, u.id';
        }
320
321
322
        if (isset($options['exclude'])) {
            $options['exclude'] = intval($options['exclude']);
        }
323
324
325
326
327
        if (isset($options['myinstitutions'])) {
            if ($institutions = array_keys($USER->get('institutions'))) {
                $options['institutions'] = $institutions;
            }
        }
328
329
        return $options;
    }
330

331

332
333
    private static function match_expression($op, $string, &$values, $ilike) {
        switch ($op) {
334
335
        case 'starts':
            $values[] = $string;
336
            return ' ' . $ilike . ' ? || \'%\'';
337
        case 'equals':
338
339
340
            if ($string === null) {
                return ' IS NULL ';
            }
341
342
            $values[] = $string;
            return ' = ? ';
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
        case 'notequals':
            if (is_null($string)) {
                return ' IS NOT NULL ';
            }
            $values[] = $string;
            return ' <> ? ';
        case 'greaterthan':
            $values[] = $string;
            return ' > ? ';
        case 'greaterthanequal':
            $values[] = $string;
            return ' >= ? ';
        case 'lessthan':
            $values[] = $string;
            return ' < ? ';
        case 'lessthanequal':
            $values[] = $string;
            return ' <= ? ';
361
362
        case 'contains':
            $values[] = $string;
363
            return ' ' . $ilike . ' \'%\' || ? || \'%\'';
364
365
366
367
368
369
        case 'in':
            return ' IN (' . join(',', array_map('db_quote',$string)) . ')';
        }
    }


370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
    /**
     * Returns a list of search results for the admin user search interface.
     *
     * The constraints parameter takes an array of arrays, like so:
     * $params = array(
     *     array(
     *         'field' => 'institution'
     *         'string' => 'mahara'
     *         'type' => 'equals'
     *     ),
     *     ...
     * )
     *
     * Each constraint should has these three keys:
     * field: Should be a column in the usr table, or the special field "duplicateemails" (which indicates only users with a non-unique email).
     *   also, for the field "institution", a string value of "mahara" indicates users with no institution
     * string: The value to compare the contents of that field against
     * type: The operation by which to compare "field" to "string". This can be any of the operations in PluginSearchInternal::match_expression
     *   (starts, equals, notequals, greaterthan, greaterthanequal, lessthan, lessthanequal, contains, or in)
     *
     * @param string $query_string The string to search for
     * @param array $constraints A list of constraints on the search results (see above for format)
     * @param int $offset
     * @param int $limit
     * @param string $sortfield Which of the output columns to sort by
     * @param string $sortdir DESC or ASC
     */
397
    public static function admin_search_user($query_string, $constraints, $offset, $limit,
398
                                             $sortfield, $sortdir) {
399
400
401
402
403
404
405
406
407
408
        $sort = 'TRUE';
        if (preg_match('/^[a-zA-Z_0-9"]+$/', $sortfield)) {
            $sort = $sortfield;
            if (strtoupper($sortdir) != 'DESC') {
                $sort .= ' ASC';
            }
            else {
                $sort .= ' DESC';
            }
        }
409
        $where = 'WHERE u.id <> 0 AND u.deleted = 0';
410
411
        $values = array();

412
413
414
        // Get the correct keyword for case insensitive LIKE
        $ilike = db_ilike();

415
416
        // Generate the part that matches the search term
        $querydata = self::split_query_string(strtolower(trim($query_string)));
417

418
        $matches = array();
419
        foreach (array('firstname', 'lastname', 'preferredname', 'username', 'email') as $f) {
420
421
422
423
424
425
426
427
428
429
430
            $matches[] = self::match_user_field_expression($f, 'u');
        }

        $termsql = join(" OR ", $matches);

        $values = array();
        foreach ($querydata as $term) {
            $where .= '
                AND (
                    ' . $termsql . '
                )';
431
            $values = array_pad($values, count($values) + 5, $term);
432
        }
433

Richard Mansfield's avatar
Richard Mansfield committed
434
435
        if (!empty($constraints)) {
            foreach ($constraints as $f) {
436
437
438
                if ($f['field'] == 'institution') {
                    if ($f['string'] == 'mahara') {
                        $where .= ' AND u.id NOT IN (SELECT usr FROM {usr_institution})';
439
                    }
440
441
442
443
444
445
                    else {
                        $where .= '
                            AND u.id IN (
                                SELECT usr FROM {usr_institution} WHERE institution '
                            . PluginSearchInternal::match_expression($f['type'], $f['string'], $values, $ilike) . '
                            )';
446
                    }
447
448
449
450
451
452
453
454
455
456
457
458
                }
                else if ($f['field'] == 'duplicateemail') {
                    if (!empty($f['string'])) {
                        $where .= '
                            AND u.id IN (
                                SELECT owner
                                FROM {artefact}
                                WHERE id IN (' . join(',', array_map('db_quote', $f['string'])) . ')
                            )';
                    }
                    else {
                        // No duplicate email is found, return empty list
459
                        $where .= ' AND FALSE';
460
461
462
                    }
                }
                else {
463
                    $where .= ' AND u.' . $f['field']
464
                        . PluginSearchInternal::match_expression($f['type'], $f['string'], $values, $ilike);
465
                }
466
            }
467
468
        }

469
        $count = get_field_sql('SELECT COUNT(*) FROM {usr} u ' . $where, $values);
470
471

        if ($count > 0) {
472
            $data = get_records_sql_assoc('
473
                SELECT
474
                    u.id, u.firstname, u.lastname, u.preferredname, u.username, u.email, u.staff, u.profileicon,
475
476
                    u.lastlogin, u.active, NOT u.suspendedcusr IS NULL as suspended, au.instancename AS authname
                FROM {usr} u INNER JOIN {auth_instance} au ON u.authinstance = au.id ' . $where . '
477
                ORDER BY ' . $sort . ', u.id',
478
                $values,
Richard Mansfield's avatar
Richard Mansfield committed
479
480
                $offset,
                $limit);
481
482

            if ($data) {
483
                $inst = get_records_select_array('usr_institution',
484
485
486
487
488
489
490
                                                 'usr IN (' . join(',', array_keys($data)) . ')',
                                                 null, '', 'usr,institution');
                if ($inst) {
                    foreach ($inst as $i) {
                        $data[$i->usr]->institutions[] = $i->institution;
                    }
                }
491
                foreach ($data as &$item) {
492
                    $item->username = display_username($item);
493
494
                    $item = (array)$item;
                }
495
                $data = array_values($data);
496
497
498
499
500
501
502
503
            }
        }
        else {
            $data = false;
        }

        return array(
            'count'   => $count,
Richard Mansfield's avatar
Richard Mansfield committed
504
505
            'limit'   => $limit,
            'offset'  => $offset,
506
507
508
509
            'data'    => $data,
        );
    }

510

511
    public static function group_search_user($group, $query_string, $constraints, $offset, $limit, $membershiptype, $order, $friendof, $orderbyoptionidx=null) {
512
513

        list($searchsql, $values) = self::name_search_sql($query_string);
514

515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
        $orderbyoptions = array(
            'adminfirst' => 'gm.role = \'admin\' DESC, CASE WHEN NOT u.preferredname IS NULL AND u.preferredname <> \'\' THEN u.preferredname ELSE u.firstname END ASC,
                           CASE WHEN NOT u.preferredname IS NULL AND u.preferredname <> \'\' THEN u.preferredname ELSE u.lastname END ASC, gm.ctime, u.id',
            'nameatoz' => 'CASE WHEN NOT u.preferredname IS NULL AND u.preferredname <> \'\' THEN u.preferredname ELSE u.firstname END ASC,
                           CASE WHEN NOT u.preferredname IS NULL AND u.preferredname <> \'\' THEN u.preferredname ELSE u.lastname END ASC, gm.ctime, u.id',
            'nameztoa' => 'CASE WHEN NOT u.preferredname IS NULL AND u.preferredname <> \'\' THEN u.preferredname ELSE u.firstname END DESC,
                           CASE WHEN NOT u.preferredname IS NULL AND u.preferredname <> \'\' THEN u.preferredname ELSE u.lastname END DESC, gm.ctime, u.id',
            'firstjoined' => 'gm.ctime ASC, CASE WHEN NOT u.preferredname IS NULL AND u.preferredname <> \'\' THEN u.preferredname ELSE u.firstname END ASC,
                           CASE WHEN NOT u.preferredname IS NULL AND u.preferredname <> \'\' THEN u.preferredname ELSE u.lastname END ASC, u.id',
            'lastjoined' => 'gm.ctime DESC, CASE WHEN NOT u.preferredname IS NULL AND u.preferredname <> \'\' THEN u.preferredname ELSE u.firstname END ASC,
                           CASE WHEN NOT u.preferredname IS NULL AND u.preferredname <> \'\' THEN u.preferredname ELSE u.lastname END ASC, u.id'
        );
        if (! key_exists($orderbyoptionidx, $orderbyoptions)) {
            $orderbyoptionidx = 'adminfirst';
        }

531
532
        if ($membershiptype == 'nonmember') {
            $select = '
533
                    u.id, u.firstname, u.lastname, u.username, u.email, u.profileicon, u.staff, u.urlid';
534
535
            $from = '
                FROM {usr} u
536
                    LEFT OUTER JOIN {usr_account_preference} h ON (u.id = h.usr AND h.field = \'hiderealname\')
537
538
539
540
                WHERE u.id > 0 AND u.deleted = 0 ' . $searchsql . '
                    AND NOT u.id IN (SELECT member FROM {group_member} gm WHERE gm.group = ?)';
            $values[] = $group;
            $orderby = 'u.firstname, u.lastname, u.id';
541
        }
542
543
        else if ($membershiptype == 'notinvited') {
            $select = '
544
                    u.id, u.firstname, u.lastname, u.username, u.email, u.profileicon, u.staff, u.urlid';
545
546
            $from = '
                FROM {usr} u
547
                    LEFT OUTER JOIN {usr_account_preference} h ON (u.id = h.usr AND h.field = \'hiderealname\')
548
549
550
551
552
553
554
555
556
557
                WHERE u.id > 0 AND u.deleted = 0 ' . $searchsql . '
                    AND NOT u.id IN (SELECT member FROM {group_member} gm WHERE gm.group = ?)
                    AND NOT u.id IN (SELECT member FROM {group_member_invite} gmi WHERE gmi.group = ?)';
            $values[] = $group;
            $values[] = $group;
            $orderby = 'u.firstname, u.lastname, u.id';
        }
        else if ($membershiptype == 'request') {
            $select = '
                    u.id, u.firstname, u.lastname, u.username, u.email, u.profileicon,
558
                    u.staff, u.urlid, ' . db_format_tsfield('gm.ctime', 'jointime');
559
560
            $from = '
                FROM {usr} u
561
                    INNER JOIN {group_member_request} gm ON (gm.member = u.id)
562
                    LEFT OUTER JOIN {usr_account_preference} h ON (u.id = h.usr AND h.field = \'hiderealname\')
563
                WHERE u.id > 0 AND u.deleted = 0 ' . $searchsql . '
564
                    AND gm.group = ?';
565
            $values[] = $group;
566
567
568
569
            if ($orderbyoptionidx == 'adminfirst') {
                $orderbyoptionidx = 'nameatoz';
            }
            $orderby = $orderbyoptions[$orderbyoptionidx];
570
571
572
573
        }
        else if ($membershiptype == 'invite') {
            $select = '
                    u.id, u.firstname, u.lastname, u.username, u.email, u.profileicon,
574
                    u.staff, u.urlid, ' . db_format_tsfield('gm.ctime', 'jointime');
575
576
            $from = '
                FROM {usr} u
577
                    INNER JOIN {group_member_invite} gm ON (gm.member = u.id)
578
                    LEFT OUTER JOIN {usr_account_preference} h ON (u.id = h.usr AND h.field = \'hiderealname\')
579
                WHERE u.id > 0 AND u.deleted = 0 ' . $searchsql . '
580
                    AND gm.group = ?';
581
            $values[] = $group;
582
            $orderby = $orderbyoptions[$orderbyoptionidx];
583
584
585
        }
        else { // All group members
            $select = '
586
                    u.id, u.firstname, u.lastname, u.username, u.preferredname, u.email, u.profileicon,
587
                    u.staff, u.urlid, ' . db_format_tsfield('gm.ctime', 'jointime') . ', gm.role';
588
589
590
            $from = '
                FROM {usr} u
                    INNER JOIN {group_member} gm ON (gm.member = u.id)
591
                    LEFT OUTER JOIN {usr_account_preference} h ON (u.id = h.usr AND h.field = \'hiderealname\')
592
593
594
                WHERE u.id > 0 AND u.deleted = 0 ' . $searchsql . '
                    AND gm.group = ?';
            $values[] = $group;
595
            $orderby = $orderbyoptions[$orderbyoptionidx];
596
597
598
            if ($order == 'latest') {
                $orderby = 'gm.ctime DESC, u.firstname, u.lastname, u.id';
            }
599
600
        }

601
        if ($order == 'random') {
602
603
604
            $orderby = db_random();
        }

605
606
607
608
609
610
611
612
        if ($friendof) {
            $from .= '
                    AND u.id IN (
                        SELECT usr1 FROM {usr_friend} WHERE usr2 = ? UNION SELECT usr2 FROM {usr_friend} WHERE usr1 = ?
                    )';
            array_push($values, $friendof, $friendof);
        }

613
        $count = get_field_sql('SELECT COUNT(*)' . $from, $values);
614
615
616

        if ($count > 0) {
            $data = get_records_sql_assoc('
617
                SELECT ' . $select . $from . ' ORDER BY ' . $orderby,
618
619
620
621
622
623
624
625
626
627
628
629
                $values,
                $offset,
                $limit);

            if ($data) {
                foreach ($data as &$item) {
                    $item = (array)$item;
                }
                $data = array_values($data);
            }
        }
        else {
630
            $data = array();
631
632
633
634
635
636
637
638
639
640
        }

        return array(
            'count'   => $count,
            'limit'   => $limit,
            'offset'  => $offset,
            'data'    => $data,
        );
    }

641
642
643

    public static function institutional_admin_search_user($query, $institution, $limit) {
        $sql = '
644
            FROM {usr} u LEFT OUTER JOIN {usr_tag} t ON (t.usr = u.id) ';
645
646
647
648
649

        $where = '
            WHERE u.id <> 0 AND u.deleted = 0 ';

        $values = array();
650
        if ($query != '') {
651
652
            $where .= 'AND (t.tag = LOWER(?) OR ';
            $values[] = $query;
653
654
655
656
657
658
659
            $query = preg_replace('/\s\s+/', ' ', $query);
            $words = explode(' ', $query);
            foreach ($words as &$word) {
                $values[] = $word;
                $values[] = $word;
                $word = 'u.firstname ' . db_ilike() . ' \'%\' || ? || \'%\' OR u.lastname ' . db_ilike() . ' \'%\' || ? || \'%\'';
            }
660
            $where .= join(' OR ', $words) . ') ';
661
662
        }

663
        $studentid = '';
664
665
666
667
668
669
        if (!is_null($institution->member)) {
            $sql .= '
                LEFT OUTER JOIN {usr_institution} member ON (member.usr = u.id
                    AND member.institution = ' . db_quote($institution->name) . ')';
            $where .= '
                AND ' . ($institution->member ? ' NOT ' : '') . ' member.usr IS NULL';
670
            $studentid = ', member.studentid';
671
        }
672
        if (!is_null($institution->requested) || !is_null($institution->invitedby)) {
673
674
675
676
677
678
679
680
681
            $sql .= '
                LEFT OUTER JOIN {usr_institution_request} req ON (req.usr = u.id
                    AND req.institution = ' . db_quote($institution->name) . ')';
            if (!is_null($institution->requested)) {
                if ($institution->requested == 1) {
                    $where .= ' AND req.confirmedusr = 1';
                } else {
                    $where .= ' AND (req.confirmedusr = 0 OR req.confirmedusr IS NULL)';
                }
682
                $studentid = ', req.studentid';
683
            }
684
            if (!is_null($institution->invitedby)) {
685
                if ($institution->invitedby == 1) {
686
687
688
689
690
691
                    $where .= ' AND req.confirmedinstitution = 1';
                } else {
                    $where .= ' AND (req.confirmedinstitution = 0 OR req.confirmedinstitution IS NULL)';
                }
            }
        }
692
693
694
695
        if (!is_null($institution->lastinstitution)) {
            $where .= " AND t.tag = ?";
            $values[] = 'lastinstitution:' . $institution->lastinstitution;
        }
696
697
698
699
700

        $count = get_field_sql('SELECT COUNT(*) ' . $sql . $where, $values);

        if ($count > 0) {
            $data = get_records_sql_array('
701
702
                SELECT
                    u.id, u.firstname, u.lastname, u.username, u.preferredname,
703
                    u.admin, u.staff' . $studentid . $sql . $where . '
704
                GROUP BY u.id, u.firstname, u.lastname, u.username, u.preferredname, u.admin, u.staff' . $studentid . '
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
                ORDER BY u.firstname ASC',
                $values,
                0,
                $limit);
            foreach ($data as &$item) {
                $item = (array)$item;
            }
        }
        else {
            $data = false;
        }

        return array(
            'count'   => $count,
            'limit'   => $limit,
            'offset'  => 0,
            'data'    => $data,
        );
    }





729
730
731
732
733
734
    /**
     * Implement group searching with SQL
     *
     * @param string  The query string
     * @param integer How many results to return
     * @param integer What result to start at (0 == first result)
735
     * @param string  Which groups to search (all, member, notmember)
736
737
738
739
740
741
742
     * @return array  A data structure containing results looking like ...
     *         $results = array(
     *               count   => integer, // total number of results
     *               limit   => integer, // how many results are returned
     *               offset  => integer, // starting from which result
     *               data    => array(   // the result records
     *                   array(
Nigel McNie's avatar
Nigel McNie committed
743
     *                       id            => integer,
744
745
746
747
748
749
     *                       name          => string,
     *                       description   => string,
     *                       jointype      => string,
     *                       owner         => string,
     *                       ctime         => string,
     *                       mtime         => string,
Nigel McNie's avatar
Nigel McNie committed
750
751
752
     *                   ),
     *                   array(
     *                       id            => integer,
753
754
755
756
757
758
     *                       name          => string,
     *                       description   => string,
     *                       jointype      => string,
     *                       owner         => string,
     *                       ctime         => string,
     *                       mtime         => string,
Nigel McNie's avatar
Nigel McNie committed
759
760
761
762
763
     *                   ),
     *                   array(...),
     *               ),
     *           );
     */
764
    public static function search_group($query_string, $limit, $offset=0, $type='member', $category='') {
765
        global $USER;
766
767
        $data = array();

768
769
        $sql = "
            FROM
770
                {group}
771
            WHERE (
772
773
                name " . db_ilike() . " '%' || ? || '%'
                OR description " . db_ilike() . " '%' || ? || '%'
774
775
776
            ) AND deleted = 0 ";
        $values = array($query_string, $query_string);

777
778
779
780
        if (!$grouproles = join(',', array_keys($USER->get('grouproles')))) {
            $grouproles = '-1';
        }

781
782
        $canseehidden = $USER->get('admin') || $USER->get('staff');

783
        if ($type == 'member') {
784
            $sql .=  'AND id IN (' . $grouproles . ')';
785
        }
786
        else if ($type == 'notmember') {
787
            $sql .= 'AND id NOT IN (' . $grouproles . ')';
788
        }
789
        else if ($type == 'canjoin') {
790
791
            $sql .= 'AND (jointype != ? AND NOT (jointype = ? AND request = 0)) AND id NOT IN (' . $grouproles . ')';
            $values = array_merge($values, array('controlled', 'approve'));
792
793
794
        }

        if (!$canseehidden) {
795
796
797
            $sql .= ' AND (hidden = 0 OR id IN (' . $grouproles . '))';
        }

798
        if (!empty($category)) {
Dan Marsden's avatar
Dan Marsden committed
799
            if ($category == -1) { //find unassigned groups
800
                $sql .= " AND category IS NULL";
Dan Marsden's avatar
Dan Marsden committed
801
            } else {
802
803
                $sql .= ' AND category = ?';
                $values[] = $category;
Dan Marsden's avatar
Dan Marsden committed
804
            }
805
        }
806

807
808
809
        $count = get_field_sql('SELECT COUNT(*) '.$sql, $values);

        if ($count > 0) {
810
            $sql = 'SELECT id, name, description, grouptype, jointype, request, public, ctime, mtime, category, urlid ' . $sql . ' ORDER BY name';
811
            $data = get_records_sql_array($sql, $values, $offset, $limit);
812
        }
Martyn Smith's avatar
Martyn Smith committed
813
814
815
816
817

        return array(
            'count'   => $count,
            'limit'   => $limit,
            'offset'  => $offset,
818
            'data'    => $data,
Martyn Smith's avatar
Martyn Smith committed
819
820
        );
    }
Martyn Smith's avatar
Martyn Smith committed
821
822
823
824
825
826
827
828
829
830
831

    /**
     * Given a query string and limits, return an array of matching objects
     * owned by the current user.  Possible return types are ...
     *   - artefact
     *   - view
     *
     * Implementations of this search should search across tags for artefacts
     * and views at a minimum. Ideally the search would also index
     * title/description and other metadata for these objects.
     *
832
833
834
     * NOTE: This implementation of internal search only does artefacts, and
     * badly at that. See the bug tracker for more information.
     *
Martyn Smith's avatar
Martyn Smith committed
835
836
837
838
     * @param string  The query string
     * @param integer How many results to return
     * @param integer What result to start at (0 == first result)
     * @param string  Type to search for (either 'all' or one of the types above).
839
     *
Martyn Smith's avatar
Martyn Smith committed
840
     */
841
842
    public static function self_search($querystring, $limit, $offset, $type = 'all') {
        global $USER;
843
844
845
846
        if (trim($querystring) == '') {
            return false;
        }

847
848
849
850
851
        // Tokenise the search
        $querydata = self::search_parse_query($querystring);

        $sql = "
            SELECT
852
                a.id, a.artefacttype, a.title, a.description
853
            FROM
854
                {artefact} a
855
            LEFT JOIN {artefact_tag} at ON (at.artefact = a.id)
856
            WHERE
857
858
859
860
861
862
                a.owner = ?
            AND (
                ($querydata[0])
                OR
                (LOWER(at.tag) = ?)
            )";
863
864
865
866
        $count_sql = "
            SELECT
                COUNT(*)
            FROM
867
                {artefact} a
868
            LEFT JOIN {artefact_tag} at ON (at.artefact = a.id)
869
            WHERE
870
871
872
873
874
875
                a.owner = ?
            AND (
                ($querydata[0])
                OR
                (LOWER(at.tag) = ?)
            )";
876
        array_unshift($querydata[1], $USER->get('id'));
877
        array_push($querydata[1], strtolower($querystring));
878

879
880
881
882
883
884
885
        $results = array(
            'data'   => get_records_sql_array($sql, $querydata[1], $offset, $limit),
            'offset' => $offset,
            'limit'  => $limit,
            'count'  => get_field_sql($count_sql, $querydata[1])
        );

886
        if ($results['data']) {
887
            require_once(get_config('docroot') . 'artefact/lib.php');
888
889
890
891
892
893
            foreach ($results['data'] as &$result) {
                $newresult = array();
                foreach ($result as $key => &$value) {
                    if ($key == 'id' || $key == 'artefacttype' || $key == 'title' || $key == 'description') {
                        $newresult[$key] = $value;
                    }
894
                }
895
                $newresult['type'] = 'artefact';
896
897
898
899
900

                $artefact = artefact_instance_from_id($newresult['id']);
                $artefactplugin = $artefact->get_plugin_name();
                if ($artefactplugin == 'internal' && in_array($artefact->get('artefacttype'), PluginArtefactInternal::get_profile_artefact_types())) {
                    // Profile artefact
901
                    $newresult['summary'] = $newresult['title'];
902
                    $newresult['title'] = get_string($artefact->get('artefacttype'), 'artefact.' . $artefactplugin);
903
904
905
906
                }
                else {
                    $newresult['summary'] = $newresult['description'];
                }
907
                $newresult['summary'] = clean_html($newresult['summary']);
908
                $result = $newresult;
909
            }
910
911

            self::self_search_make_links($results);
912
913
914
915
916
917
        }

        return $results;
    }


918
919
920
921
922
923
924
925
    /**
     * Returns portfolio items (artefacts, views) owned by $owner and tagged
     * with $tag.
     *
     * @param string   $tag Tag
     * @param object   $owner: owner type (user,group,institution), and id
     * @param integer  $limit
     * @param integer  $offset
926
     * @param string   $sort
927
     * @param array    $types view/artefacttype filters
928
     * @param boolean  $returntags Return all the tags that have been attached to each result
929
     */
930
    public static function portfolio_search_by_tag($tag, $owner, $limit, $offset, $sort, $types, $returntags) {
931
        $viewfilter = is_null($types) || $types['view'] == true ? 'AND TRUE' : 'AND FALSE';
932
        $collectionfilter = is_null($types) || $types['collection'] == true ? 'AND TRUE' : 'AND FALSE';
933

934
935
936
937
938
939
940
941
942
943
        if (is_null($types)) {
            $artefacttypefilter = '';
        }
        else if (!empty($types['artefact'])) {
            $artefacttypefilter = ' AND a.artefacttype IN (' . join(',', array_map('db_quote', $types['artefact'])) . ')';
        }
        else {
            $artefacttypefilter = ' AND FALSE';
        }

944
945
946
        if (!is_null($tag)) {
            $artefacttypefilter .= ' AND at.tag = ?';
            $viewfilter .= ' AND vt.tag = ?';
947
948
            $collectionfilter .= ' AND ct.tag = ?';
            $values = array($owner->id, $tag, $owner->id, $tag, $owner->id, $tag);
949
950
        }
        else {
951
            $values = array($owner->id, $owner->id, $owner->id);
952
953
        }

954
955
        $from = "
        FROM (
956
957
           (SELECT a.id, a.title, a.description, 'artefact' AS type, a.artefacttype, " . db_format_tsfield('a.ctime', 'ctime') . ",
                a.owner, a.group, a.institution, NULL AS urlid
958
            FROM {artefact} a JOIN {artefact_tag} at ON (a.id = at.artefact)
959
            WHERE a.owner = ?" . $artefacttypefilter . ")
960
           UNION
961
962
           (SELECT v.id, v.title, v.description, 'view' AS type, NULL AS artefacttype, " . db_format_tsfield('v.ctime', 'ctime') . ",
                v.owner, v.group, v.institution, v.urlid
963
964
            FROM {view} v JOIN {view_tag} vt ON (v.id = vt.view)
            WHERE v.owner = ? " . $viewfilter . ")
965
966
967
968
969
           UNION
           (SELECT c.id, c.name, c.description, 'collection' AS type, NULL AS artefacttype, " . db_format_tsfield('c.ctime', 'ctime') . ",
                c.owner, c.group, c.institution, NULL AS urlid
            FROM {collection} c JOIN {collection_tag} ct ON (c.id = ct.collection)
            WHERE c.owner = ? " . $collectionfilter . ")
970
971
972
973
974
975
976
        ) p";

        $result = (object) array(
            'tag'    => $tag,
            'owner'  => $owner,
            'offset' => $offset,
            'limit'  => $limit,
977
            'sort'   => $sort,
978
979
980
981
982
983
            'count'  => 0,
            'data'   => array(),
        );

        if ($count = count_records_sql('SELECT COUNT(*) ' . $from, $values, $offset, $limit)) {
            $result->count = $count;
984
            $sort = $sort == 'date' ? 'ctime DESC' : 'title ASC';
985
            if ($data = get_records_sql_assoc("SELECT type || ':' || id AS tid, p.* " . $from . ' ORDER BY ' . $sort, $values, $offset, $limit)) {
986
                if ($returntags) {
987
                    $ids = array('view' => array(), 'collection' => array(), 'artefact' => array());
988
989
990
991
992
993
994
995
996
997
                    foreach ($data as &$d) {
                        $ids[$d->type][$d->id] = 1;
                    }
                    if (!empty($ids['view'])) {
                        if ($viewtags = get_records_select_array('view_tag', 'view IN (' . join(',', array_keys($ids['view'])) . ')')) {
                            foreach ($viewtags as &$vt) {
                                $data['view:' . $vt->view]->tags[] = $vt->tag;
                            }
                        }
                    }
998
999
1000
1001
1002
1003
1004
                    if (!empty($ids['collection'])) {
                        if ($collectiontags = get_records_select_array('collection_tag', 'collection IN (' . join(',', array_keys($ids['collection'])) . ')')) {
                            foreach ($collectiontags as &$ct) {
                                $data['collection:' . $ct->collection]->tags[] = $ct->tag;
                            }
                        }
                    }
1005
                    if (!empty($ids['artefact'])) {
1006
                        if ($artefacttags = get_records_select_array('artefact_tag', 'artefact IN (' . join(',', array_keys($ids['artefact'])) . ')', NULL, 'tag')) {
1007
1008
1009
1010
1011
1012
                            foreach ($artefacttags as &$at) {
                                $data['artefact:' . $at->artefact]->tags[] = $at->tag;
                            }
                        }
                    }
                }
1013
1014
1015
1016
1017
1018
1019
                $result->data = $data;
            }
        }
        return $result;
    }


1020
    /**
1021
     * Parses a query string into SQL fragments for searching. Supports
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
     * phrases, AND/OR etc.
     *
     * Lifted from drupal 5.1, (C) 2007 Drupal
     *
     * This function comes from Drupal's search module, with some small changes.
     */
    private static function search_parse_query($text) {
        $keys = array('positive' => array(), 'negative' => array());

        // Tokenize query string
        preg_match_all('/ (-?)("[^"]+"|[^" ]+)/i', ' '. $text, $matches, PREG_SET_ORDER);

        if (count($matches) < 1) {
          return NULL;
        }

        // Classify tokens
        $or = FALSE;
        foreach ($matches as $match) {
          $phrase = FALSE;
          // Strip off phrase quotes
          if ($match[2]{0} == '"') {
            $match[2] = substr($match[2], 1, -1);
            $phrase = TRUE;
          }
          // Simplify keyword according to indexing rules and external preprocessors
          $words = self::search_simplify($match[2]);
          // Re-explode in case simplification added more words, except when matching a phrase
          $words = $phrase ? array($words) : preg_split('/ /', $words, -1, PREG_SPLIT_NO_EMPTY);
          // Negative matches
          if ($match[1] == '-') {
            $keys['negative'] = array_merge($keys['negative'], $words);
          }
          // OR operator: instead of a single keyword, we store an array of all
          // OR'd keywords.
          elseif ($match[2] == 'OR' && count($keys['positive'])) {
            $last = array_pop($keys['positive']);
            // Starting a new OR?
            if (!is_array($last)) {
              $last = array($last);
            }
            $keys['positive'][] = $last;
            $or = TRUE;
            continue;
          }
          // Plain keyword
          else {
            if ($or) {
              // Add to last element (which is an array)
              $keys['positive'][count($keys['positive']) - 1] = array_merge($keys['positive'][count($keys['positive']) - 1], $words);
            }
            else {
              $keys['positive'] = array_merge($keys['positive'], $words);
            }
          }
          $or = FALSE;
        }

        // Convert keywords into SQL statements.
        $query = array();
        //$query2 = array();
        $arguments = array();
        $arguments2 = array();
1085
        //$matches = 0;
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
        // Positive matches
        foreach ($keys['positive'] as $key) {
          // Group of ORed terms
          if (is_array($key) && count($key)) {
            $queryor = array();
            $any = FALSE;
            foreach ($key as $or) {
              list($q, $count) = self::_search_parse_query($or, $arguments2);
              $any |= $count;
              if ($q) {
                $queryor[] = $q;
                $arguments[] = $or;
                $arguments[] = $or;
              }
            }

            if (count($queryor)) {
              $query[] = '('. implode(' OR ', $queryor) .')';
              // A group of OR keywords only needs to match once
              //$matches += ($any > 0);
            }
          }
          // Single ANDed term
          else {
            list($q, $count) = self::_search_parse_query($key, $arguments2);
            if ($q) {
              $query[] = $q;
              $arguments[] = $key;
              $arguments[] = $key;
              // Each AND keyword needs to match at least once
              //$matches += $count;
            }
          }
        }
        // Negative matches
        foreach ($keys['negative'] as $key) {
          list($q) = self::_search_parse_query($key, $arguments2, TRUE);
          if ($q) {
            $query[] = $q;
            $arguments[] = $key;
            $arguments[] = $key;
          }
        }
        $query = implode(' AND ', $query);

        // Build word-index conditions for the first pass
        //$query2 = substr(str_repeat("i.word = '%s' OR ", count($arguments2)), 0, -4);

        return array($query, $arguments, /*$query2, $arguments2, $matches*/);
Martyn Smith's avatar
Martyn Smith committed
1135
    }
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156

    /**
     * Helper function for search_parse_query();
     */
    private static function _search_parse_query(&$word, &$scores, $not = FALSE) {
      $count = 0;
      // Determine the scorewords of this word/phrase
      if (!$not) {
        $split = explode(' ', $word);
        foreach ($split as $s) {
          $num = is_numeric($s);
          if ($num || strlen($s) >= /*variable_get('minimum_word_size', 3)*/3) {
            $s = $num ? ((int)ltrim($s, '-0')) : $s;
            if (!isset($scores[$s])) {
              $scores[$s] = $s;
              $count++;
            }
          }
        }
      }
      // Return matching snippet and number of added words
1157
      return array("a.title ". ($not ? 'NOT ' : '') . db_ilike() . " '%' || ? || '%'" . ($not ? ' AND ' : ' OR ') . 'a.description ' . ($not ? 'NOT ' : '') . db_ilike() . " '%' || ? || '%'", $count);
1158
1159
1160
1161
1162
1163
1164
1165
    }

    /**
     * Simplifies a string according to indexing rules.
     */
    private static function search_simplify($text) {
      // Decode entities to UTF-8
      $text = self::decode_entities($text);
1166

1167
1168
      // Lowercase
      $text = strtolower($text);
1169

1170
1171
      // Call an external processor for word handling.
      //search_preprocess($text);
1172

1173
1174
1175
1176
      // Simple CJK handling
      //if (variable_get('overlap_cjk', TRUE)) {
      //  $text = preg_replace_callback('/['. PREG_CLASS_CJK .']+/u', 'search_expand_cjk', $text);
      //}
1177

1178
1179
1180
1181
1182
1183
1184
      // To improve searching for numerical data such as dates, IP addresses
      // or version numbers, we consider a group of numerical characters
      // separated only by punctuation characters to be one piece.
      // This also means that searching for e.g. '20/03/1984' also returns
      // results with '20-03-1984' in them.
      // Readable regexp: ([number]+)[punctuation]+(?=[number])
      $text = preg_replace('/(['. PREG_CLASS_NUMBERS .']+)['. PREG_CLASS_PUNCTUATION .']+(?=['. PREG_CLASS_NUMBERS .'])/u', '\1', $text);
1185

1186
1187
1188
      // The dot, underscore and dash are simply removed. This allows meaningful
      // search behaviour with acronyms and URLs.
      $text = preg_replace('/[._-]+/', '', $text);
1189

1190
1191
1192
      // With the exception of the rules above, we consider all punctuation,
      // marks, spacers, etc, to be a word boundary.
      $text = preg_replace('/['. PREG_CLASS_SEARCH_EXCLUDE . ']+/u', ' ', $text);
1193

1194
1195
1196
1197
1198
1199
1200
1201
1202
      return $text;
    }

    /**
     * Decode all HTML entities (including numerical ones) to regular UTF-8 bytes.
     * Double-escaped entities will only be decoded once ("&amp;lt;" becomes "&lt;", not "<").
     *
     * @param $text
     *   The text to decode entities in.
1203
     * @param $exclude
1204
1205
1206
1207
1208
1209
     *   An array of characters which should not be decoded. For example,
     *   array('<', '&', '"'). This affects both named and numerical entities.
     */
    function decode_entities($text, $exclude = array()) {
      static $table;
      // We store named entities in a table for quick processing.
1210
1211
      if (!isset($table)) {
        // Get all named HTML entities.
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
        $table = array_flip(get_html_translation_table(HTML_ENTITIES));
        // PHP gives us ISO-8859-1 data, we need UTF-8.
        $table = array_map('utf8_encode', $table);
        // Add apostrophe (XML)
        $table['&apos;'] = "'";
      }
      $newtable = array_diff($table, $exclude);

      // Use a regexp to select all entities in one pass, to avoid decoding double-escaped entities twice.
      return preg_replace('/&(#x?)?([A-Za-z0-9]+);/e', '_decode_entities("$1", "$2", "$0", $newtable, $exclude)', $text);
    }

    /**
     * Helper function for decode_entities
     */
    function _decode_entities($prefix, $codepoint, $original, &$table, &$exclude) {
      // Named entity
      if (!$prefix) {
        if (isset($table[$original])) {
          return $table[$original];
        }
        else {
          return $original;
1235
1236
        }
      }
1237
1238
1239
      // Hexadecimal numerical entity
      if ($prefix == '#x') {
        $codepoint = base_convert($codepoint, 16, 10);
1240
      }
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
      // Decimal numerical entity (strip leading zeros to avoid PHP octal notation)
      else {
        $codepoint = preg_replace('/^0+/', '', $codepoint);
      }
      // Encode codepoint as UTF-8 bytes
      if ($codepoint < 0x80) {
        $str = chr($codepoint);
      }
      else if ($codepoint < 0x800) {
        $str = chr(0xC0 | ($codepoint >> 6))
             . chr(0x80 | ($codepoint & 0x3F));
      }
      else if ($codepoint < 0x10000) {
        $str = chr(0xE0 | ( $codepoint >> 12))
             . chr(0x80 | (($codepoint >> 6) & 0x3F))
             . chr(0x80 | ( $codepoint       & 0x3F));
      }
      else if ($codepoint < 0x200000) {
        $str = chr(0xF0 | ( $codepoint >> 18))
             . chr(0x80 | (($codepoint >> 12) & 0x3F))
             . chr(0x80 | (($codepoint >> 6)  & 0x3F))
             . chr(0x80 | ( $codepoint        & 0x3F));
      }
      // Check for excluded characters
      if (in_array($str, $exclude)) {
        return $original;
      }
1268
      else {
1269
1270
1271
1272
        return $str;
      }
    }

Martyn Smith's avatar
Martyn Smith committed
1273
1274
}

1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
/**
 * Matches Unicode character classes to exclude from the search index.
 *
 * See: http://www.unicode.org/Public/UNIDATA/UCD.html#General_Category_Values
 *
 * The index only contains the following character classes:
 * Lu     Letter, Uppercase
 * Ll     Letter, Lowercase
 * Lt     Letter, Titlecase
 * Lo     Letter, Other
 * Nd     Number, Decimal Digit
 * No     Number, Other
 */
define('PREG_CLASS_SEARCH_EXCLUDE',
'\x{0}-\x{2f}\x{3a}-\x{40}\x{5b}-\x{60}\x{7b}-\x{bf}\x{d7}\x{f7}\x{2b0}-'.
'\x{385}\x{387}\x{3f6}\x{482}-\x{489}\x{559}-\x{55f}\x{589}-\x{5c7}\x{5f3}-'.
'\x{61f}\x{640}\x{64b}-\x{65e}\x{66a}-\x{66d}\x{670}\x{6d4}\x{6d6}-\x{6ed}'.
'\x{6fd}\x{6fe}\x{700}-\x{70f}\x{711}\x{730}-\x{74a}\x{7a6}-\x{7b0}\x{901}-'.
'\x{903}\x{93c}\x{93e}-\x{94d}\x{951}-\x{954}\x{962}-\x{965}\x{970}\x{981}-'.
'\x{983}\x{9bc}\x{9be}-\x{9cd}\x{9d7}\x{9e2}\x{9e3}\x{9f2}-\x{a03}\x{a3c}-'.
'\x{a4d}\x{a70}\x{a71}\x{a81}-\x{a83}\x{abc}\x{abe}-\x{acd}\x{ae2}\x{ae3}'.
'\x{af1}-\x{b03}\x{b3c}\