loncom/interface/lonsearchcat.pm - diff

Return to lonsearchcat.pm CVS log

Up to [LON-CAPA] / loncom / interface

Diff for /loncom/interface/lonsearchcat.pm between versions 1.299 and 1.300

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

version 1.299, 2008/08/27 19:50:46	version 1.300, 2008/10/16 22:58:15
Line 1394 sub parse_advanced_search {	Line 1394 sub parse_advanced_search {
'lastrevisiondatestart_month','lastrevisiondatestart_day',	'lastrevisiondatestart_month','lastrevisiondatestart_day',
'lastrevisiondatestart_year','lastrevisiondateend_month',	'lastrevisiondatestart_year','lastrevisiondateend_month',
'lastrevisiondateend_day','lastrevisiondateend_year') {	'lastrevisiondateend_day','lastrevisiondateend_year') {
$env{'form.'.$field}=~s/[^\w\/\s\(\)\=\-\"\'.]//g;	$env{'form.'.$field}=~s/[^\w\/\s\(\)\=\-\"\'.\*]//g;
}	}
foreach ('mode','form','element') {	foreach ('mode','form','element') {
# is this required? Hmmm.	# is this required? Hmmm.
Line 1639 sub parse_advanced_search {	Line 1639 sub parse_advanced_search {
#	#
if (@queries) {	if (@queries) {
if ($env{'form.area'} eq 'portfolio') {	if ($env{'form.area'} eq 'portfolio') {
$query ="SELECT pm.*,pa.keynum,pa.scope FROM portfolio_metadata pm, portfolio_access pa, portfolio_addedfields pf WHERE (pm.url = pa.url AND pf.url = pm.url AND (pa.start < NOW() AND (pa.end IS NULL OR pa.end > NOW())) AND (".join(') AND (',@queries).'))';	$query ="SELECT pm.*,pa.keynum,pa.scope FROM portfolio_metadata pm, portfolio_access pa, portfolio_addedfields pf WHERE (pm.url = pa.url AND pf.url = pm.url AND (pa.start < UTC_TIMESTAMP() AND (pa.end IS NULL OR pa.end > UTC_TIMESTAMP())) AND (".join(') AND (',@queries).'))';
} else {	} else {
$query="SELECT * FROM metadata WHERE (".join(") AND (",@queries).')';	$query="SELECT * FROM metadata WHERE (".join(") AND (",@queries).')';
}	}
Line 1702 sub parse_basic_search {	Line 1702 sub parse_basic_search {
#	#
# Clean up fields for safety	# Clean up fields for safety
for my $field ('basicexp') {	for my $field ('basicexp') {
$env{"form.$field"}=~s/[^\w\s\'\"\!\(\)\-]//g;	$env{"form.$field"}=~s/[^\w\s\'\"\!\(\)\-\*]//g;
}	}
foreach ('mode','form','element') {	foreach ('mode','form','element') {
# is this required? Hmmm.	# is this required? Hmmm.
Line 1741 sub parse_basic_search {	Line 1741 sub parse_basic_search {
#}	#}
my $final_query;	my $final_query;
if ($env{'form.area'} eq 'portfolio') {	if ($env{'form.area'} eq 'portfolio') {
$final_query = 'SELECT pm.*,pa.keynum,pa.scope FROM portfolio_metadata pm, portfolio_access pa WHERE (pm.url = pa.url AND (pa.start < NOW() AND (pa.end IS NULL OR pa.end > NOW())) AND '.join(" AND ",@Queries).')';	$final_query = 'SELECT pm.*,pa.keynum,pa.scope FROM portfolio_metadata pm, portfolio_access pa WHERE (pm.url = pa.url AND (pa.start < UTC_TIMESTAMP() AND (pa.end IS NULL OR pa.end > UTC_TIMESTAMP())) AND '.join(" AND ",@Queries).')';
} else {	} else {
$final_query = 'SELECT * FROM metadata WHERE '.join(" AND ",@Queries);	$final_query = 'SELECT * FROM metadata WHERE '.join(" AND ",@Queries);
}	}

Removed from v.1.299
changed lines
	Added in v.1.300