From ed83c756e20ae78dd901191a583d7a87f08c8ab6 Mon Sep 17 00:00:00 2001 From: m-lopez-f Date: Mon, 13 Mar 2017 09:49:19 +0100 Subject: [PATCH] Fixed problems with search data in general search. Gitlab: #508 --- .../operation/search_agents.getdata.php | 161 +++++------------- pandora_console/operation/search_results.php | 1 + 2 files changed, 45 insertions(+), 117 deletions(-) diff --git a/pandora_console/operation/search_agents.getdata.php b/pandora_console/operation/search_agents.getdata.php index fb13dc3012..25acafea02 100644 --- a/pandora_console/operation/search_agents.getdata.php +++ b/pandora_console/operation/search_agents.getdata.php @@ -115,113 +115,57 @@ if ($searchAgents) { $userGroups = users_get_groups($config['id_user'], 'AR', false); $id_userGroups = array_keys($userGroups); - switch ($config["dbtype"]) { - case "mysql": - $sql = "SELECT DISTINCT taddress_agent.id_agent FROM taddress + $sql = "SELECT DISTINCT taddress_agent.id_agent FROM taddress INNER JOIN taddress_agent ON taddress.id_a = taddress_agent.id_a WHERE taddress.ip LIKE '%$stringSearchSQL%'"; $id = db_get_all_rows_sql($sql); - if($id != ''){ - $aux = $id[0]['id_agent']; - $search_sql = " t1.nombre COLLATE utf8_general_ci LIKE '%%" . $stringSearchSQL . "%%' OR - t2.nombre COLLATE utf8_general_ci LIKE '%%" . $stringSearchSQL . "%%' OR - t1.id_agente = $aux"; + if ($id != '') { + $aux = $id[0]['id_agent']; + $search_sql = " t1.nombre COLLATE utf8_general_ci LIKE '%%cd " . $stringSearchSQL . "%%' OR + t2.nombre COLLATE utf8_general_ci LIKE '%%" . $stringSearchSQL . "%%' OR + t1.id_agente = $aux"; - if(count($id)>=2){ - for ($i = 1; $i < count($id); $i++){ - $aux = $id[$i]['id_agent']; - $search_sql .= " OR t1.id_agente = $aux"; - } + if (count($id) >= 2) { + for ($i = 1; $i < count($id); $i++) { + $aux = $id[$i]['id_agent']; + $search_sql .= " OR t1.id_agente = $aux"; } - }else{ - $search_sql = " t1.nombre COLLATE utf8_general_ci LIKE '%%" . $stringSearchSQL . "%%' OR - t2.nombre COLLATE utf8_general_ci LIKE '%%" . $stringSearchSQL . "%%' OR - t1.direccion COLLATE utf8_general_ci LIKE '%%" . $stringSearchSQL . "%%' OR - t1.alias COLLATE utf8_general_ci LIKE '%%" . $stringSearchSQL . "%%'"; } - $sql = " - FROM tagente t1 - INNER JOIN tgrupo t2 - ON t2.id_grupo = t1.id_grupo - WHERE ( - 1 = ( - SELECT is_admin - FROM tusuario - WHERE id_user = '" . $config['id_user'] . "' - ) - OR t1.id_grupo IN ( - " . implode(',', $id_userGroups) . " - ) OR 0 IN ( - SELECT id_grupo - FROM tusuario_perfil - WHERE id_usuario = '" . $config['id_user'] . "' - AND id_perfil IN ( - SELECT id_perfil - FROM tperfil WHERE agent_view = 1 - ) - ) - ) - AND ( - ".$search_sql." - ) - "; - break; - case "postgresql": - case "oracle": - $sql = "SELECT DISTINCT taddress_agent.id_agent FROM taddress - INNER JOIN taddress_agent ON - taddress.id_a = taddress_agent.id_a - WHERE taddress.ip LIKE '%$stringSearchSQL%'"; - - $id = db_get_all_rows_sql($sql); - if($id != ''){ - $aux = $id[0]['id_agent']; - $search_sql = " t1.nombre COLLATE utf8_general_ci LIKE '%%" . strtolower($stringSearchSQL) . "%%' OR - t2.nombre COLLATE utf8_general_ci LIKE '%%" . strtolower($stringSearchSQL) . "%%' OR - t1.id_agente = $aux"; - - if(count($id)>=2){ - for ($i = 1; $i < count($id); $i++){ - $aux = $id[$i]['id_agent']; - $search_sql .= " OR t1.id_agente = $aux"; - } - } - }else{ - $search_sql = " lower(t1.nombre) LIKE '%%" . strtolower($stringSearchSQL) . "%%' OR - lower(t2.nombre) LIKE '%%" . strtolower($stringSearchSQL) . "%%' OR - lower(t1.direccion) LIKE '%%" . strtolower($stringSearchSQL) . "%%' OR - lower(t1.alias) LIKE '%%" . strtolower($stringSearchSQL) . "%%'"; - } - $sql = " - FROM tagente t1 - INNER JOIN tgrupo t2 - ON t2.id_grupo = t1.id_grupo - WHERE ( - 1 = ( - SELECT is_admin - FROM tusuario - WHERE id_user = '" . $config['id_user'] . "' - ) - OR t1.id_grupo IN ( - " . implode(',', $id_userGroups) . " - ) OR 0 IN ( - SELECT id_grupo - FROM tusuario_perfil - WHERE id_usuario = '" . $config['id_user'] . "' - AND id_perfil IN ( - SELECT id_perfil - FROM tperfil WHERE agent_view = 1 - ) - ) - ) - AND ( - ".$search_sql." - ) - "; - break; } + else { + $search_sql = " t1.nombre COLLATE utf8_general_ci LIKE '%%" . $stringSearchSQL . "%%' OR + t2.nombre COLLATE utf8_general_ci LIKE '%%" . $stringSearchSQL . "%%' OR + t1.direccion COLLATE utf8_general_ci LIKE '%%" . $stringSearchSQL . "%%' OR + t1.alias COLLATE utf8_general_ci LIKE '%%" . $stringSearchSQL . "%%'"; + } + $sql = " + FROM tagente t1 + INNER JOIN tgrupo t2 + ON t2.id_grupo = t1.id_grupo + WHERE ( + 1 = ( + SELECT is_admin + FROM tusuario + WHERE id_user = '" . $config['id_user'] . "' + ) + OR t1.id_grupo IN ( + " . implode(',', $id_userGroups) . " + ) OR 0 IN ( + SELECT id_grupo + FROM tusuario_perfil + WHERE id_usuario = '" . $config['id_user'] . "' + AND id_perfil IN ( + SELECT id_perfil + FROM tperfil WHERE agent_view = 1 + ) + ) + ) + AND ( + ".$search_sql." + ) + "; $select = "SELECT t1.id_agente, t1.ultimo_contacto, t1.nombre, t1.id_os, t1.intervalo, t1.id_grupo, t1.disabled, t1.alias"; if ($only_count) { @@ -235,25 +179,8 @@ if ($searchAgents) { $query = $select . $sql; - switch ($config["dbtype"]) { - case "mysql": - case "postgresql": - $query .= $limit; - break; - case "oracle": - $set = array(); - $set['limit'] = $config['block_size']; - - if ($only_count) - $set['offset'] = 0; - else - $set['offset'] = (int) get_parameter('offset'); - - $query .= " ORDER BY " . $order['field'] . " " . $order['order']; - $query = oracle_recode_query ($query, $set); - break; - } - + $query .= $limit; + $agents = db_process_sql($query); if (empty($agents)) $agents = array(); diff --git a/pandora_console/operation/search_results.php b/pandora_console/operation/search_results.php index 450534ac68..305a77d0f3 100644 --- a/pandora_console/operation/search_results.php +++ b/pandora_console/operation/search_results.php @@ -34,6 +34,7 @@ foreach ($arrayKeywords as $keyword) { array_push($temp, "%" . $keyword . "%"); } $stringSearchSQL = implode(" ", $temp); +$stringSearchSQL = str_replace('_', '\_', $stringSearchSQL); if ($config['search_category'] == "all") $searchTab = "main";