Important fixes for search engine (thx @mariroz)

So sorry for the mess... :( * search only in users' own articles * sanitized what is searched * display what is searched * pagination, sorting available when searching * use existing function to query db * bad encoding caracters fixed * link to JQuery into default theme, no longer in each theme * some spaces instead of tabs
author: tcit <tcit@tcit.fr> 2014-04-02 17:44:47 +0200
committer: tcit <tcit@tcit.fr> 2014-04-02 17:44:47 +0200
commit: d967a1fa14237648fc63c44f6a28c9c077b3e1bc (patch)
tree: e8c81af9d50c140f00da15e720eb3f29cdaede96 /inc/poche/Database.class.php
parent: 22db488d21bc23dc28fc2d60574803525fe53b53 (diff)
download: wallabag-d967a1fa14237648fc63c44f6a28c9c077b3e1bc.tar.gz
wallabag-d967a1fa14237648fc63c44f6a28c9c077b3e1bc.tar.zst
wallabag-d967a1fa14237648fc63c44f6a28c9c077b3e1bc.zip
1 files changed, 7 insertions, 6 deletions
diff --git a/inc/poche/Database.class.php b/inc/poche/Database.class.php
index 6f5c9ac0..2257f281 100755
--- a/inc/poche/Database.class.php
+++ b/inc/poche/Database.class.php
@@ -389,12 +389,13 @@ class Database {
        return $this->getHandle()->lastInsertId($column);
    }
        
-        public function search($term){
+   public function search($term,$id,$limit = ''){
-                $search = '%'.$term.'%';
+      $search = '%'.$term.'%';
-                $query = $this->getHandle()->prepare("SELECT * FROM entries WHERE content LIKE ? OR title LIKE ? OR url LIKE ?"); //searches in content, title and URL
+      $sql_action     = ("SELECT * FROM entries WHERE user_id=? AND (content LIKE ? OR title LIKE ? OR url LIKE ?) "); //searches in content, title and URL
-                $query->execute(array($search,$search,$search));
+      $sql_action .= $this->getEntriesOrder().' ' . $limit;
-                $entries = $query->fetchAll();
+      $params_action  = array($id,$search,$search,$search);
-                return $entries;
+      $query          = $this->executeQuery($sql_action, $params_action);
+      return $query->fetchAll();
        }
    public function retrieveAllTags($user_id, $term = null) {
author	tcit <tcit@tcit.fr>	2014-04-02 17:44:47 +0200
committer	tcit <tcit@tcit.fr>	2014-04-02 17:44:47 +0200
commit	d967a1fa14237648fc63c44f6a28c9c077b3e1bc (patch)
tree	e8c81af9d50c140f00da15e720eb3f29cdaede96 /inc/poche/Database.class.php
parent	22db488d21bc23dc28fc2d60574803525fe53b53 (diff)
download	wallabag-d967a1fa14237648fc63c44f6a28c9c077b3e1bc.tar.gz wallabag-d967a1fa14237648fc63c44f6a28c9c077b3e1bc.tar.zst wallabag-d967a1fa14237648fc63c44f6a28c9c077b3e1bc.zip

diff --git a/inc/poche/Database.class.php b/inc/poche/Database.class.php index 6f5c9ac0..2257f281 100755 --- a/inc/poche/Database.class.php +++ b/inc/poche/Database.class.php
@@ -389,12 +389,13 @@ class Database {
389	return $this->getHandle()->lastInsertId($column);	389	return $this->getHandle()->lastInsertId($column);
390	}	390	}
391		391
392	public function search($term){	392	public function search($term,$id,$limit = ''){
393	$search = '%'.$term.'%';	393	$search = '%'.$term.'%';
394	$query = $this->getHandle()->prepare("SELECT * FROM entries WHERE content LIKE ? OR title LIKE ? OR url LIKE ?"); //searches in content, title and URL	394	$sql_action = ("SELECT * FROM entries WHERE user_id=? AND (content LIKE ? OR title LIKE ? OR url LIKE ?) "); //searches in content, title and URL
395	$query->execute(array($search,$search,$search));	395	$sql_action .= $this->getEntriesOrder().' ' . $limit;
396	$entries = $query->fetchAll();	396	$params_action = array($id,$search,$search,$search);
397	return $entries;	397	$query = $this->executeQuery($sql_action, $params_action);
		398	return $query->fetchAll();
398	}	399	}
399		400
400	public function retrieveAllTags($user_id, $term = null) {	401	public function retrieveAllTags($user_id, $term = null) {