function student_search_search_form
Search API
| 6.x student_search.module | student_search_search_form() |
1 call to student_search_search_form()
- student_search_ajax_autocomplete_student in modules/
student_search/ student_search.module - Meant to return results of the ajax autocomplete field, for selecting a student by name or cwid. Code inspiration from: https://www.drupal.org/node/854216
File
- modules/
student_search/ student_search.module, line 692
Code
function student_search_search_form() {
$form = array();
global $pager_total_items;
fp_add_css(fp_get_module_path("student_search") . "/css/student_search.css");
// Keep up with our last-visited tab
$_SESSION ["student_search_last_tab"] = "search";
fp_set_title('');
$search_for = trim(@$_REQUEST ["search_for"]);
if ($search_for == "") {
$search_for = trim(@$_SESSION ["student_search_for"]);
}
else {
$_SESSION ['student_search_for'] = $search_for;
}
$o_search_for = $search_for;
$major_code = trim(@$_REQUEST ["major_code"]);
if ($major_code == "") {
$major_code = trim(@$_SESSION ["student_search_major_code"]);
}
$selected_school_id = -1;
$o_major_code = "";
if ($major_code != "") {
$o_major_code = $major_code;
$temp = explode("~~school_", $major_code);
$major_code = $temp [0];
if (isset($temp [1])) {
$selected_school_id = intval($temp [1]);
}
}
$form ['search_for'] = array(
'label' => t('Search for students by name or CWID:'),
'type' => 'search',
'value' => $o_search_for,
);
// Also show the majors as a list.
$options = array('' => t(" - All Majors -")) + student_search_get_majors_for_fapi();
$form ['major_code'] = array(
'label' => t('Search within major:'),
'type' => 'select',
'options' => $options,
'value' => $o_major_code,
'hide_please_select' => TRUE,
);
$form ['submit_btn'] = array(
'type' => 'submit',
'value' => t("Search"),
);
$form ['reset_btn'] = array(
'type' => 'submit',
'value' => t("Reset"),
);
$search_options = @$_SESSION ["student_search_search_options"];
$form ['search_options'] = array(
'label' => 'Options:',
'type' => 'checkboxes',
'options' => array('inactive' => t('Include inactive students')),
'value' => $search_options,
);
/////////////////////////////////////////
// Logic to query for searched students
/////////////////////////////////////////
$mark = "";
// If the user entered an asterisk with their search, we will
// skip the extra search conditions (and show more results).
$bool_bypass_extra_search_conditions = FALSE;
if (strstr($search_for, "*")) {
$bool_bypass_extra_search_conditions = TRUE;
$search_for = trim(str_replace("*", "", $search_for));
}
// If the user entered an =, then remove all spaces from the query.
if (strstr($search_for, "=")) {
$search_for = trim(str_replace(" ", "", $search_for));
}
// remove trouble characters
$search_for = str_replace("'", "", $search_for);
$search_for = str_replace('"', '', $search_for);
$search_action = '';
$adv_array = array();
//Get my list of advisees...
// This time, we want to specify an SQL statement that will perform
// our search.
$params = array();
if (strlen($search_for) > 2 || $major_code != "")
{ // If they typed something greater than 2 chars...
if ($search_for) {
$search_action = " AND (u.cwid LIKE :like_search_for1
OR l_name LIKE :like_search_for2
OR f_name LIKE :like_search_for3 )
";
$params [":like_search_for1"] = "%$search_for%";
$params [":like_search_for2"] = "%$search_for%";
$params [":like_search_for3"] = "%$search_for%";
$temp = explode(" ", $search_for);
if (trim(@$temp [1]) != "")
{
$fn = trim(@$temp [0]);
$ln = trim(@$temp [1]);
// If there was a comma, then these should be reversed,
// as they probably entered last, first.
if (strstr($search_for, ",")) {
$ln = trim(@$temp [0]);
$fn = trim(@$temp [1]);
$ln = trim(str_replace(",", "", $ln)); // remove comma
$fn = trim(str_replace(",", "", $fn)); // remove comma
}
$search_action = " AND (l_name LIKE :like_ln
AND f_name LIKE :like_fn )
";
$params [":like_ln"] = "%$ln%";
$params [":like_fn"] = "%$fn%";
// Remove unneeded like_search_for index.
unset($params [":like_search_for1"]);
unset($params [":like_search_for2"]);
unset($params [":like_search_for3"]);
}
}
$other_table = "";
$major_search = "";
if ($major_code != "")
{
$mjsearch = $major_code;
$other_table = ", degrees b";
$major_search = " AND substring_index(c.major_code,'|',1) = b.major_code
AND b.school_id = :b_school_id
AND (b.major_code LIKE :like_mjsearch ) ";
$params [":like_mjsearch"] = "%$mjsearch%";
$params [":b_school_id"] = $selected_school_id;
//unset($params[':like_search_for']);
}
$group_by = " GROUP BY u.cwid ";
///////////////////////////////////////
// Now THIS is odd... what is this strange piece of code here?
// I'm no cryptographic genius, but it looks like it is set to display a message when
// you search for "info=production" on the Students search...
if (hash('sha256', (strtolower(@$search_for))) == "5b260fa2e077d779082ce7e5e7869554a7be02d537ae235a61a4387a9c853981") {
$mark .= base64_decode("PHA+CjxiPlRoZSBvcmlnaW5hbCBGbGlnaHRQYXRoIFByb2R1Y3Rpb24gVGVhbSAodmVyc2lvbiAxLjApLCBjaXJjYSAyMDA3LCBhdCBUaGUgVW5pdmVyc2l0eSBvZiBMb3Vpc2lhbmEgTW9ucm9lOjwvYj4KPHVsPgo8bGk+UmljaGFyZCBQZWFjb2NrIC0gUHJvamVjdCBsZWFkIGFuZCBwcm9ncmFtbWVyLjwvbGk+CjxsaT5Kb2UgTWFuc291ciAtIFVMTSBtYWluZnJhbWUgZGF0YSBjb29yZGluYXRvci48L2xpPgo8bGk+Sm9hbm4gUGVycmVyIC0gVUxNIERhdGEgZW50cnkgYW5kIHRlc3RpbmcuPC9saT4KPGxpPlBhdWwgR3VsbGV0dGUgLSBDbGFzc2ljIHRoZW1lIGRlc2lnbmVyICh1c2VkIGJ5IHZlcnNpb25zIDEuMCB0aHJvdWdoIDQuMCkuPC9saT4KPGxpPjxiPk90aGVyIGNvbnRyaWJ1dGluZyBzdGFmZiBmcm9tIFVMTTwvYj46IEJhcmJhcmEgTWljaGFlbGlkZXMsIEFuZ2VsYSBSb2JpbnNvbiwgQ2hhcmxlcyBGcm9zdCwgQnJpYW4gVGF5bG9yLCBSb2IgR2xhemUuPC9saT4KPC91bD4KPHA+SW4gTWFyY2ggb2YgMjAxMywgdGhlIFVMTSBhZG1pbmlzdHJhdGlvbiBkZWNpZGVkIHRvIHJlbGVhc2UgRmxpZ2h0UGF0aCBhcyBvcGVuIHNvdXJjZSBpbiBvcmRlciB0byBlbnJpY2ggc2Nob29scyBhbmQgaW5zdGl0dXRpb25zIGFyb3VuZCB0aGUgd29ybGQuICBPdmVyIHRoZSB5ZWFycywgRmxpZ2h0UGF0aCBoYXMgYmVlbiByZS13cml0dGVuIGZyb20gc2NyYXRjaCA8Yj50d2ljZTwvYj4gYnkgUmljaGFyZCBQZWFjb2NrLCB3aG8gcmVtYWlucyB0aGUgcHJpbWFyeSBkZXZlbG9wZXIgb2YgdGhlIG9wZW4tc291cmNlIHZlcnNpb24sIGF2YWlsYWJsZSBhdCBodHRwczovL2dldGZsaWdodHBhdGguY29tLgo8YnI+PGJyPgpUbyBldmVyeW9uZSB3aG8gaGVscGVkIG1ha2UgRmxpZ2h0UGF0aCBwb3NzaWJsZTogPGVtPlRoYW5rIFlvdTwvZW0+Lgo8L3A+");
}
///////////////////////////////////////
// Get all the school ids this user is allowed to search.
$school_ids = student_search_get_school_ids_user_is_allowed_to_search();
$school_id_list = join(",", $school_ids);
if ($selected_school_id !== -1) {
// Meaning, a specific school was selected. So, we only want to return results of students from THAT school.
$school_id_list = intval($selected_school_id);
}
$query = "SELECT u.user_id, f_name, l_name, u.cwid, rank_code, a.catalog_year, u.school_id, priority_value
FROM (users u, students a, student_degrees c $other_table)
LEFT JOIN student_priority ON (student_priority.student_id = u.cwid)
WHERE
u.cwid = a.cwid
AND u.cwid = c.student_id
AND u.is_student = 1
AND u.school_id IN ($school_id_list)
AND u.is_disabled = 0
$search_action
$major_search
AND rank_code IN %RANKIN%
%EXTRA_STUDENTSEARCH_CONDITIONS%
";
if (!isset($search_options ['inactive'])) {
$query .= " AND is_active = 1 ";
}
$query .= "
$group_by
%ORDERBY%
";
$adv_array = student_search_query_advisees($query, $params);
}
$s = (count($adv_array) == 1) ? "" : "s";
$form ['adv_array'] = array(
'type' => 'do_not_render',
'value' => $adv_array,
);
$student_count = @intval($pager_total_items [0]);
$mark .= student_search_render_advisees($adv_array, t("Search Results") . " ($student_count " . t("student$s") . ")");
$form ['mark_search_results'] = array(
'type' => 'markup',
'value' => $mark,
);
return $form;
}