lib/searchlib.php

   1 <?php  // $Id$
   2
   3 require_once($CFG->libdir.'/lexer.php');
   4
   5 // Constants for the various types of tokens
   6
   7 define("TOKEN_USER","0");
   8 define("TOKEN_META","1");
   9 define("TOKEN_EXACT","2");
  10 define("TOKEN_NEGATE","3");
  11 define("TOKEN_STRING","4");
  12 define("TOKEN_USERID","5");
  13 define("TOKEN_DATEFROM","6");
  14 define("TOKEN_DATETO","7");
  15 define("TOKEN_INSTANCE","8");
  16
  17 // Class to hold token/value pairs after they're parsed.
  18
  19 class search_token {
  20   var $value;
  21   var $type;
  22   function search_token($type,$value){
  23     $this->type = $type;
  24     $this->value = $this->sanitize($value);
  25
  26   }
  27
  28   // Try to clean up user input to avoid potential security issues.
  29   // Need to think about this some more.
  30
  31   function sanitize($userstring){
  32     return htmlspecialchars(addslashes($userstring));
  33   }
  34   function getValue(){
  35     return $this->value;
  36   }
  37   function getType(){
  38     return $this->type;
  39   }
  40 }
  41
  42
  43
  44 // This class does the heavy lifting of lexing the search string into tokens.
  45 // Using a full-blown lexer is probably overkill for this application, but
  46 // might be useful for other tasks.
  47
  48 class search_lexer extends Lexer{
  49
  50   function search_lexer(&$parser){
  51
  52     // Call parent constructor.
  53     $this->Lexer($parser);
  54
  55     //Set up the state machine and pattern matches for transitions.
  56
  57     // Patterns to handle strings  of the form datefrom:foo
  58
  59     // If we see the string datefrom: while in the base accept state, start
  60     // parsing a username and go to the indatefrom state.
  61     $this->addEntryPattern("datefrom:\S+","accept","indatefrom");
  62
  63     // Snarf everything into the username until we see whitespace, then exit
  64     // back to the base accept state.
  65     $this->addExitPattern("\s","indatefrom");
  66
  67
  68     // Patterns to handle strings  of the form dateto:foo
  69
  70     // If we see the string dateto: while in the base accept state, start
  71     // parsing a username and go to the indateto state.
  72     $this->addEntryPattern("dateto:\S+","accept","indateto");
  73
  74     // Snarf everything into the username until we see whitespace, then exit
  75     // back to the base accept state.
  76     $this->addExitPattern("\s","indateto");
  77
  78
  79     // Patterns to handle strings  of the form instance:foo
  80
  81     // If we see the string instance: while in the base accept state, start
  82     // parsing for instance number and go to the ininstance state.
  83     $this->addEntryPattern("instance:\S+","accept","ininstance");
  84
  85     // Snarf everything into the username until we see whitespace, then exit
  86     // back to the base accept state.
  87     $this->addExitPattern("\s","ininstance");
  88
  89
  90     // Patterns to handle strings  of the form userid:foo
  91
  92     // If we see the string userid: while in the base accept state, start
  93     // parsing a username and go to the inuserid state.
  94     $this->addEntryPattern("userid:\S+","accept","inuserid");
  95
  96     // Snarf everything into the username until we see whitespace, then exit
  97     // back to the base accept state.
  98     $this->addExitPattern("\s","inuserid");
  99
 100
 101     // Patterns to handle strings  of the form user:foo
 102
 103     // If we see the string user: while in the base accept state, start
 104     // parsing a username and go to the inusername state.
 105     $this->addEntryPattern("user:\S+","accept","inusername");
 106
 107     // Snarf everything into the username until we see whitespace, then exit
 108     // back to the base accept state.
 109     $this->addExitPattern("\s","inusername");
 110
 111
 112     // Patterns to handle strings  of the form meta:foo
 113
 114    // If we see the string meta: while in the base accept state, start
 115     // parsing a username and go to the inmeta state.
 116     $this->addEntryPattern("subject:\S+","accept","inmeta");
 117
 118     // Snarf everything into the meta token until we see whitespace, then exit
 119     // back to the base accept state.
 120     $this->addExitPattern("\s","inmeta");
 121
 122
 123     // Patterns to handle required exact match strings (+foo) .
 124
 125     // If we see a + sign  while in the base accept state, start
 126     // parsing an exact match string and enter the inrequired state
 127     $this->addEntryPattern("\+\S+","accept","inrequired");
 128     // When we see white space, exit back to accept state.
 129     $this->addExitPattern("\s","inrequired");
 130
 131     // Handle excluded strings (-foo)
 132
 133    // If we see a - sign  while in the base accept state, start
 134     // parsing an excluded string and enter the inexcluded state
 135     $this->addEntryPattern("\-\S+","accept","inexcluded");
 136     // When we see white space, exit back to accept state.
 137     $this->addExitPattern("\s","inexcluded");
 138
 139
 140     // Patterns to handle quoted strings.
 141
 142     // If we see a quote  while in the base accept state, start
 143     // parsing a quoted string and enter the inquotedstring state.
 144     // Grab everything until we see the closing quote.
 145
 146     $this->addEntryPattern("\"[^\"]+","accept","inquotedstring");
 147
 148     // When we see a closing quote, reenter the base accept state.
 149     $this->addExitPattern("\"","inquotedstring");
 150
 151     // Patterns to handle ordinary, nonquoted words.
 152
 153     // When we see non-whitespace, snarf everything into the nonquoted word
 154     // until we see whitespace again.
 155     $this->addEntryPattern("\S+","accept","plainstring");
 156
 157     // Once we see whitespace, reenter the base accept state.
 158     $this->addExitPattern("\s","plainstring");
 159
 160   }
 161 }
 162
 163
 164
 165
 166 // This class takes care of sticking the proper token type/value pairs into
 167 // the parsed token  array.
 168 // Most functions in this class should only be called by the lexer, the
 169 // one exception being getParseArray() which returns the result.
 170
 171 class search_parser {
 172     var $tokens;
 173
 174
 175     // This function is called by the code that's interested in the result of the parse operation.
 176     function get_parsed_array(){
 177         return $this->tokens;
 178     }
 179
 180     /*
 181      * Functions below this are part of the state machine for the parse
 182      * operation and should not be called directly.
 183      */
 184
 185     // Base state. No output emitted.
 186     function accept() {
 187         return true;
 188     }
 189
 190     // State for handling datefrom:foo constructs. Potentially emits a token.
 191     function indatefrom($content){
 192         if (strlen($content) < 10) { // State exit or missing parameter.
 193             return true;
 194         }
 195         // Strip off the datefrom: part and add the reminder to the parsed token array
 196         $param = trim(substr($content,9));
 197         $this->tokens[] = new search_token(TOKEN_DATEFROM,$param);
 198         return true;
 199     }
 200
 201     // State for handling dateto:foo constructs. Potentially emits a token.
 202     function indateto($content){
 203         if (strlen($content) < 8) { // State exit or missing parameter.
 204             return true;
 205         }
 206         // Strip off the dateto: part and add the reminder to the parsed token array
 207         $param = trim(substr($content,7));
 208         $this->tokens[] = new search_token(TOKEN_DATETO,$param);
 209         return true;
 210     }
 211
 212     // State for handling instance:foo constructs. Potentially emits a token.
 213     function ininstance($content){
 214         if (strlen($content) < 10) { // State exit or missing parameter.
 215             return true;
 216         }
 217         // Strip off the instance: part and add the reminder to the parsed token array
 218         $param = trim(substr($content,9));
 219         $this->tokens[] = new search_token(TOKEN_INSTANCE,$param);
 220         return true;
 221     }
 222
 223
 224     // State for handling userid:foo constructs. Potentially emits a token.
 225     function inuserid($content){
 226         if (strlen($content) < 8) { // State exit or missing parameter.
 227             return true;
 228         }
 229         // Strip off the userid: part and add the reminder to the parsed token array
 230         $param = trim(substr($content,7));
 231         $this->tokens[] = new search_token(TOKEN_USERID,$param);
 232         return true;
 233     }
 234
 235
 236     // State for handling user:foo constructs. Potentially emits a token.
 237     function inusername($content){
 238         if (strlen($content) < 6) { // State exit or missing parameter.
 239             return true;
 240         }
 241         // Strip off the user: part and add the reminder to the parsed token array
 242         $param = trim(substr($content,5));
 243         $this->tokens[] = new search_token(TOKEN_USER,$param);
 244         return true;
 245     }
 246
 247
 248     // State for handling meta:foo constructs. Potentially emits a token.
 249     function inmeta($content){
 250         if (strlen($content) < 9) { // Missing parameter.
 251             return true;
 252         }
 253         // Strip off the meta: part and add the reminder to the parsed token array.
 254         $param = trim(substr($content,8));
 255         $this->tokens[] = new search_token(TOKEN_META,$param);
 256         return true;
 257     }
 258
 259
 260     // State entered when we've seen a required string (+foo). Potentially
 261     // emits a token.
 262     function inrequired($content){
 263         if (strlen($content) < 2) { // State exit or missing parameter, don't emit.
 264             return true;
 265         }
 266         // Strip off the + sign and add the reminder to the parsed token array.
 267         $this->tokens[] = new search_token(TOKEN_EXACT,substr($content,1));
 268         return true;
 269     }
 270
 271     // State entered when we've seen an excluded string (-foo). Potentially
 272     // emits a token.
 273     function inexcluded($content){
 274         if (strlen($content) < 2) { // State exit or missing parameter.
 275             return true;
 276         }
 277         // Strip off the -sign and add the reminder to the parsed token array.
 278         $this->tokens[] = new search_token(TOKEN_NEGATE,substr($content,1));
 279         return true;
 280     }
 281
 282
 283     // State entered when we've seen a quoted string. Potentially emits a token.
 284     function inquotedstring($content){
 285         if (strlen($content) < 2) { // State exit or missing parameter.
 286             return true;
 287         }
 288         // Strip off the opening quote and add the reminder to the parsed token array.
 289         $this->tokens[] = new search_token(TOKEN_STRING,substr($content,1));
 290         return true;
 291     }
 292
 293     // State entered when we've seen an ordinary, non-quoted word. Potentially
 294     // emits a token.
 295     function plainstring($content){
 296         if (ctype_space($content)) { // State exit
 297             return true;
 298         }
 299         // Add the string to the parsed token array.
 300         $this->tokens[] = new search_token(TOKEN_STRING,$content);
 301         return true;
 302     }
 303 }
 304
 305
 306 // Primitive function to generate a SQL string from a parse tree.
 307 // Parameters:
 308 //
 309 // $parsetree should be a parse tree generated by a
 310 // search_lexer/search_parser combination.
 311 // Other fields are database table names to search.
 312
 313 function search_generate_SQL($parsetree, $datafield, $metafield, $mainidfield, $useridfield,
 314                              $userfirstnamefield, $userlastnamefield, $timefield, $instancefield) {
 315     global $CFG;
 316
 317     if ($CFG->dbtype == "postgres7") {
 318         $LIKE = "ILIKE";   // case-insensitive
 319         $NOTLIKE = "NOT ILIKE";   // case-insensitive
 320         $REGEXP = "~*";
 321         $NOTREGEXP = "!~*";
 322     } else {
 323         $LIKE = "LIKE";
 324         $NOTLIKE = "NOT LIKE";
 325         $REGEXP = "REGEXP";
 326         $NOTREGEXP = "NOT REGEXP";
 327     }
 328
 329     $ntokens = count($parsetree);
 330     if ($ntokens == 0) {
 331         return "";
 332     }
 333
 334     $SQLString = '';
 335
 336     for ($i=0; $i<$ntokens; $i++){
 337         if ($i > 0) {// We have more than one clause, need to tack on AND
 338             $SQLString .= ' AND ';
 339         }
 340
 341         $type = $parsetree[$i]->getType();
 342         $value = $parsetree[$i]->getValue();
 343
 344         switch($type){
 345             case TOKEN_STRING:
 346                 $SQLString .= "(($datafield $LIKE '%$value%') OR ($metafield $LIKE '%$value%') )";
 347                 break;
 348             case TOKEN_EXACT:
 349                 $SQLString .= "(($datafield $REGEXP '[[:<:]]".$value."[[:>:]]') OR ($metafield $REGEXP '[[:<:]]".$value."[[:>:]]'))";
 350                 break;
 351             case TOKEN_META:
 352                 if ($metafield != '') {
 353                     $SQLString .= "($metafield $LIKE '%$value%')";
 354                 }
 355                 break;
 356             case TOKEN_USER:
 357                 $SQLString .= "(($mainidfield = $useridfield) AND (($userfirstnamefield $LIKE '%$value%') OR ($userlastnamefield $LIKE '%$value%')))";
 358                 break;
 359             case TOKEN_USERID:
 360                 $SQLString .= "($useridfield = $value)";
 361                 break;
 362             case TOKEN_INSTANCE:
 363                 $SQLString .= "($instancefield = $value)";
 364                 break;
 365             case TOKEN_DATETO:
 366                 $SQLString .= "($timefield <= $value)";
 367                 break;
 368             case TOKEN_DATEFROM:
 369                 $SQLString .= "($timefield >= $value)";
 370                 break;
 371             case TOKEN_NEGATE:
 372                 $SQLString .= "(NOT (($datafield  $LIKE '%$value%') OR ($metafield  $LIKE '%$value%')))";
 373                 break;
 374             default:
 375                 return '';
 376
 377         }
 378     }
 379     return $SQLString;
 380 }
 381
 382
 383 ?>