function student_search_display_search
Search API
| 4.x student_search.module | student_search_display_search() |
| 5.x student_search.module | student_search_display_search() |
File
- modules/
student_search/ student_search.module, line 467
Code
function student_search_display_search() {
$rtn = "";
$_SESSION ["student_search_last_tab"] = "search";
$url = fp_url("student-search/search");
$rtn .= "<table class='fp-semester-table'>
<form id='mainform' name='mainform' method='post'
action='" . $url . "' >
";
// Get search results from POST -or- past search attempts
// from the session.
$search_for = trim(@$_REQUEST ["search_for"]);
if ($search_for == "") {
$search_for = trim(@$_SESSION ["student_search_for"]);
}
$o_search_for = $search_for;
// If the user entered an asterisk with their search, we will
// skip the extra search conditions (and show more results).
$bool_bypass_extra_search_conditions = FALSE;
if (strstr($search_for, "*")) {
$bool_bypass_extra_search_conditions = TRUE;
$search_for = trim(str_replace("*", "", $search_for));
}
// If the user entered an =, then remove all spaces from the query.
if (strstr($search_for, "=")) {
$search_for = trim(str_replace(" ", "", $search_for));
}
// remove trouble characters
$search_for = str_replace("'", "", $search_for);
$search_for = str_replace('"', '', $search_for);
$isize = "25";
// $screen variable is never initialized. Old code?
//if ($screen->page_is_mobile) $isize = "10";
$rtn .= "<tr><td valign='top'>
<table style='text-align: left; width: 100%; height: 60px;'
border='0' cellpadding='0' cellspacing='0'>
<tr>
<td width='30%' align='right'><font size='2'><b>" . t("Search for advisees:") . " </b></td>
<td width='30%'><input name='search_for' ID='input_search_for' TYPE='text' SIZE='$isize' value='$o_search_for'></font>
<input type='hidden' name='did_search' id='input_did_search' value='true'></td>
<td class='tenpt'>";
$rtn .= fp_render_button("Search", "jQuery(\"#mainform\").submit();");
$rtn .= "</td><td width='1'>
</td></tr>
</table>";
$rtn .= student_search_get_advanced_search_tips();
$adv_array = array();
//Get my list of advisees...
// This time, we want to specify an SQL statement that will perform
// our search.
$params = array();
if ($search_for != "" && strlen($search_for) > 2)
{ // If they typed something greater than 2 chars...
$search_action = " AND (u.cwid LIKE :like_search_for
OR l_name LIKE :like_search_for
OR f_name LIKE :like_search_for )
";
$params [":like_search_for"] = "%$search_for%";
// If you searched for 2 things seperated by a space, it is likely you
// are searching for a name, so check that...
$_SESSION ["student_search_for"] = $o_search_for;
$temp = explode(" ", $search_for);
if (trim(@$temp [1]) != "")
{
$fn = trim(@$temp [0]);
$ln = trim(@$temp [1]);
// If there was a comma, then these should be reversed,
// as they probably entered last, first.
if (strstr($search_for, ",")) {
$ln = trim(@$temp [0]);
$fn = trim(@$temp [1]);
$ln = trim(str_replace(",", "", $ln)); // remove comma
$fn = trim(str_replace(",", "", $fn)); // remove comma
}
$search_action = " AND (l_name LIKE :like_ln
AND f_name LIKE :like_fn )
";
$params [":like_ln"] = "%$ln%";
$params [":like_fn"] = "%$fn%";
// Remove unneeded like_search_for index.
unset($params [":like_search_for"]);
}
$other_table = "";
$major_search = "";
$group_by = " GROUP BY u.cwid ";
$temp = explode("=", $search_for);
if (trim(strtolower($temp [0])) == "major")
{
$mjsearch = trim(@$temp [1]);
$search_action = "";
$other_table = ", degrees b";
$major_search = " AND substring_index(c.major_code,'|',1) = b.major_code
AND (b.major_code LIKE :like_mjsearch ) ";
$params [":like_mjsearch"] = "%$mjsearch%";
unset($params [':like_search_for']);
}
// Now THIS is odd... what is this strange piece of code here?
// I'm no cryptographic genius, but it looks like it is set to display a message when
// you search for "info=production" on the Advisees search tab...
if (md5(strtolower(@$temp [1])) == "fd89784e59c72499525556f80289b2c7") {
$rtn .= base64_decode("DQo8cD4NCjxiPlRoZSBvcmlnaW5hbCBGbGlnaHRQYXRoIFByb2R1Y3Rpb24gVGVhbSwgY2lyY2EgMjAwNywgYXQgVGhlIFVuaXZlcnNpdHkgb2YgTG91aXNpYW5hIGF0IE1vbnJvZTo8L2I+DQo8dWw+DQo8bGk+UmljaGFyZCBQZWFjb2NrIC0gUHJvamVjdCBsZWFkIGFuZCBwcmltYXJ5IGxvZ2ljIHByb2dyYW1tZXIuPC9saT4NCjxsaT5Kb2UgTWFuc291ciAtIERhdGFiYXNlIGFkbWluaXN0cmF0b3IgYW5kIG1haW5mcmFtZS9CYW5uZXIgZGF0YSBjb29yZGluYXRvci48L2xpPg0KPGxpPkpvYW5uIFBlcnJlciAtIERhdGEgZW50cnksIHRlc3RpbmcgYW5kIHNvZnR3YXJlIGNvb3JkaW5hdG9yLjwvbGk+DQo8bGk+UGF1bCBHdWxsZXR0ZSAtIENsYXNzaWMgdGhlbWUgZGVzaWduZXIuPC9saT4NCjxsaT48Yj5PdGhlciBjb250cmlidXRpbmcgcHJvZ3JhbW1lcnM8L2I+OiBDaGFybGVzIEZyb3N0LCBCcmlhbiBUYXlsb3IuPC9saT4NCjwvdWw+DQpUbyBldmVyeW9uZSB3aG8gaGVscGVkIG1ha2UgRmxpZ2h0UGF0aCBwb3NzaWJsZTogVGhhbmsgWW91Lg0KPC9wPg==");
}
$query = "SELECT u.user_id, f_name, l_name, u.cwid, rank_code, a.catalog_year
FROM users u, students a, student_degrees c $other_table
WHERE
u.cwid = a.cwid
AND u.cwid = c.student_id
AND u.is_student = 1
AND u.is_disabled = 0
$search_action
$major_search
";
if (!$bool_bypass_extra_search_conditions) {
$query .= "
AND rank_code IN %RANKIN%
%EXTRA_STUDENTSEARCH_CONDITIONS%
";
}
$query .= "
$group_by
ORDER BY %ORDERBY%
LIMIT 300
";
$adv_array = student_search_query_advisees($query, $params);
}
$s = (count($adv_array) == 1) ? "" : "s";
// Are we showing the maximum number of students?
if (count($adv_array) == 300) {
$rtn .= "<div class='student-search-max-results'><em>" . t("Showing maximum 300 results. Please narrow search criteria.") . "</em></div>";
}
$rtn .= student_search_render_advisees($adv_array, t("Search Results") . " ( " . count($adv_array) . " " . t("student$s") . " )");
$rtn .= "</form>";
$rtn .= "</table>";
return $rtn;
}