function document_perform_search in Document 6

Same name and namespace in other branches

1. 7 document.inc \document_perform_search()
2. 8.x document.inc \document_perform_search()

2 calls to document_perform_search()

document_search in ./document.callback.inc

document_search_form in ./document.search.inc

File

./document.inc, line 105

Code

function document_perform_search($searchFields, $searchText, $searchYear = NULL, $searchDocType = NULL) {
  $sql = sprintf('SELECT * FROM {node} n INNER JOIN {document} d ON n.vid = d.vid WHERE n.status = %d', DOCUMENT_STATUS_PUBLISHED);
  $where = '';
  switch ($searchFields) {
    case 0:
      $where .= sprintf(" AND author LIKE '%%%1\$s%%' ", db_escape_string($searchText));
      break;
    case 1:
      $where .= sprintf(" AND keywords LIKE '%%%1\$s%%' ", db_escape_string($searchText));
      break;
    case 2:
      $where .= sprintf(" AND author LIKE '%%%1\$s%%' OR keywords LIKE '%%%1\$s%%' ", db_escape_string($searchText));
      break;
    case 3:
      break;
    default:
      die('Invalid Input');
  }
  if (!empty($searchYear)) {
    $where .= sprintf(" AND publish_year = %1\$s ", db_escape_string($searchYear));
  }
  if (!empty($searchDocType) > 0) {
    $where .= sprintf(" AND d.type LIKE '%%%1\$s%%' ", db_escape_string($searchDocType));
  }
  $sql .= $where;

  //db_query adds parameter substitution, so things like %d, %s are processed as arguments to the db_query call.

  //A side effect is that the use of % in a query needs to be double so for example "%blah%" would become "%%blah%%"
  $sql = str_replace('%', '%%', $sql);
  return document_search_table($sql);
}