Skip to content
This repository was archived by the owner on Aug 13, 2022. It is now read-only.

Commit 3bc0180

Browse files
committed
Fixed broken search function. Closes #16
1 parent 1528e48 commit 3bc0180

File tree

1 file changed

+25
-29
lines changed

1 file changed

+25
-29
lines changed

src/modules/Feeds/lib/Feeds/Api/Search.php

Lines changed: 25 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -38,9 +38,12 @@ public function options($args)
3838
**/
3939
public function search($args)
4040
{
41+
if (!SecurityUtil::checkPermission('Feeds::', '::', ACCESS_READ)) {
42+
return true;
43+
}
44+
4145
ModUtil::dbInfoLoad('Search');
4246
$pntable = DBUtil::getTables();
43-
$feedstable = $pntable['feeds'];
4447
$feedscolumn = $pntable['feeds_column'];
4548
$searchTable = $pntable['search_result'];
4649
$searchColumn = $pntable['search_result_column'];
@@ -51,18 +54,17 @@ public function search($args)
5154

5255
$sessionId = session_id();
5356

54-
$sql = "
55-
SELECT
56-
$feedscolumn[name] as title,
57-
'' as text,
58-
$feedscolumn[fid] as id,
59-
$feedscolumn[cr_date] as date
60-
FROM $feedstable
61-
WHERE $where";
62-
63-
$result = DBUtil::executeSQL($sql);
64-
if (!$result) {
65-
return LogUtil::registerError($this->__('Error! Could not load any Feed.'));
57+
// define the permission filter to apply
58+
$permFilter = array(array('realm' => 0,
59+
'component_left' => 'Feeds',
60+
'instance_left' => 'fid',
61+
'instance_right' => '',
62+
'level' => ACCESS_READ));
63+
64+
// get the result set
65+
$objArray = DBUtil::selectObjectArray('feeds', $where, 'fid', 1, -1, '', $permFilter);
66+
if ($objArray === false) {
67+
return LogUtil::registerError($this->__('Error! Could not load items.'));
6668
}
6769

6870
$insertSql =
@@ -75,22 +77,18 @@ public function search($args)
7577
$searchColumn[session])
7678
VALUES ";
7779

78-
7980
// Process the result set and insert into search result table
80-
for (; !$result->EOF; $result->MoveNext()) {
81-
$item = $result->GetRowAssoc(2);
82-
if (SecurityUtil::checkPermission('Feeds::item', "$item[name]::$item[id]", ACCESS_READ)) {
83-
$sql = $insertSql . '('
84-
. '\'' . $this->__('Feeds Search') . ': ' . DataUtil::formatForStore($item['title']) . '\', '
85-
. '\'' . DataUtil::formatForStore($item['text']) . '\', '
86-
. '\'' . DataUtil::formatForStore($item['id']) . '\', '
87-
. '\'' . DataUtil::formatForStore($item['date']) . '\', '
81+
foreach ($objArray as $obj) {
82+
$sql = $insertSql . '('
83+
. '\'' . DataUtil::formatForStore($obj['name']) . '\', '
84+
. '\'' . '\', '
85+
. '\'' . DataUtil::formatForStore($obj['fid']) . '\', '
86+
. '\'' . DataUtil::formatForStore($obj['cr_date']) . '\', '
8887
. '\'' . 'Feeds' . '\', '
8988
. '\'' . DataUtil::formatForStore($sessionId) . '\')';
90-
$insertResult = DBUtil::executeSQL($sql);
91-
if (!$insertResult) {
92-
return LogUtil::registerError($this->__('Error! Could not load any Feed.'));
93-
}
89+
$insertResult = DBUtil::executeSQL($sql);
90+
if (!$insertResult) {
91+
return LogUtil::registerError(__('Error! Could not load items.', $dom));
9492
}
9593
}
9694

@@ -103,13 +101,11 @@ public function search($args)
103101
* Access checking is ignored since access check has
104102
* already been done. But we do add a URL to the found item
105103
*/
106-
public function search_check(&$args)
104+
public function search_check($args)
107105
{
108106
$datarow = &$args['datarow'];
109107
$feedsId = $datarow['extra'];
110-
111108
$datarow['url'] = ModUtil::url('Feeds', 'user', 'display', array('fid' => $feedsId));
112-
113109
return true;
114110
}
115111

0 commit comments

Comments
 (0)