kb-search.php3 7.18 KB
Newer Older
1 2 3
<?php
#
# EMULAB-COPYRIGHT
4
# Copyright (c) 2005, 2006, 2007 University of Utah and the Flux Group.
5 6 7 8
# All rights reserved.
#
if (!isset($embedded)) {
    require("defs.php3");
9 10

    # Some Knowledge Base entries are visible only to admins.
11 12
    $this_user = CheckLogin($check_status);
    $admin_access = ISADMIN() || ISFOREIGN_ADMIN();
13 14 15 16 17 18 19 20 21 22 23 24 25
    $embedded = 0;

    $optargs = OptionalPageArguments("submit",      PAGEARG_STRING,
				     "query",       PAGEARG_STRING,
				     "query_which", PAGEARG_STRING,
				     "query_type",  PAGEARG_STRING);
}
else {
    #
    # Sheesh. This file is included from search.php3, hence the sillyness.
    #
    $embedded = 1;
    $admin_access = 0;
26 27 28 29 30
}

#
# Standard Testbed Header
#
31
if (!$embedded) {
32 33 34 35 36
    PAGEHEADER("Search Emulab Knowledge Base");
} 

function SPITFORM($query, $query_type, $query_which, $error)
{
37 38
    global $TBBASE;

39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118
    echo "<table align=center border=1>
          <form action=kb-search.php3 method=get>\n";

    $query = htmlspecialchars($query);

    if ($error) {
	echo "<center><font color=red>
	      $error
	      </font></center><br>\n";
    }

    #
    # The query
    #
    echo "<tr>
             <td>Keywords:</td>
             <td class=left>
                 <input type=text name=query value=\"$query\"
                        size=50 maxlength=100>
             </td>
           </tr>\n";

    #
    # The query type
    #
    $temp_array = array("and"   => "All Words",
			"or"    => "Any Words",
			"exact" => "Exact Phrase");
    if (!$query_type)
	$query_type = "and";
    
    echo "<tr>
             <td>Search for:</td>
             <td class=left>\n";

    foreach ($temp_array as $key => $phrase) {
	$checked = "";

	if ($query_type == $key)
	    $checked = "checked";
	
	echo "<input type=radio $checked name=query_type value=$key>$phrase\n";
    }
    echo "   </td>
           </tr>\n";

    #
    # What to search
    #
    $temp_array = array("title" => "Title",
			"body"  => "Body",
			"both"  => "Both");
    if (!$query_which)
	$query_which = "title";

    echo "<tr>
             <td>Search what:</td>
             <td class=left>\n";

    foreach ($temp_array as $key => $phrase) {
	$checked = "";

	if ($query_which == $key)
	    $checked = "checked";
	
	echo "<input type=radio $checked name=query_which value=$key>".
	    "$phrase\n";
    }
    echo "   </td>
          </tr>\n";

    echo "<tr>
              <td colspan=2 align=center>
                 <b><input type=submit name=submit value='Submit Query'></b>
              </td>
          </tr>\n";

    echo "</form>
          </table><br>\n";

119 120 121 122
    # Link to kb-browse through $TBBASE (https:), not $TBDOCBASE (http:).
    # On https:, the browser sends HashCookie, so we get CHECKLOGIN_LOGGEDIN
    # status.  Going via http:, we get CHECKLOGIN_MAYBEVALID, and can't know
    # whether to show admin KB entries.
123
    echo "<center>".
124
	 "You may also <a href=$TBBASE/kb-browse.php3>
125
	     browse the entire Knowledge Base</a>.".
126 127 128 129 130 131
         "</center>\n";
}

#
# First page load ...
# 
132
if (!isset($submit) && !$embedded) {
133
    SPITFORM("", null, "both", null);
134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158
    PAGEFOOTER();
    return;
}

#
# Check the query type
#
if (!isset($query_type) || $query_type == "") {
    $query_type == "and";
}
if (! ($query_type == "and" || $query_type == "or" ||
       $query_type == "exact")) {
    PAGEARGERROR("Improper query type $query_type");
}

#
# Check the query which
#
if (!isset($query_which) || $query_which == "") {
    $query_which == "title";
}
if (! ($query_which == "title" ||
       $query_which == "body" || $query_which == "both")) {
    PAGEARGERROR("Improper query which $query_which");
}
159 160
# Strip leading and trailing whitespace to avoid confusion below.
$query = trim($query);
161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182

#
# Must supply a query!
# 
if (!isset($query) || $query == "") {
    SPITFORM("", $query_type, $query_which, "Please provide a query!");
    PAGEFOOTER();
    return;
}

#
# Check the query
#
if (! TBvalid_userdata($query)) {
    SPITFORM($query, $query_type, $query_which, "Illegal characters in query");
    PAGEFOOTER();
    return;
}

#
# Look for special "*" query; just get everything and list it. 
#
183 184
if ($query == "*" ||
    preg_match("/^\s+$/", $query)) {
185 186
    $search_result =
	DBQueryFatal("select * from knowledge_base_entries ".
187 188
		     ($admin_access ? "" :
		      "where section != 'Testbed Operations' ").
189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251
		     "order by section,date_created");
}
else {
    #
    # Mysql 4.0 has all this stuff built in, but not 3.23. So, do it by hand.
    #
    #
    # Exact phrase search is easy!
    #
    if ($query_type == "exact") {
	$clause = "";
	$qsafe  = addslashes($query);

	if ($query_which == "title") {
	    $clause = "where title like '%${qsafe}%'";
	}
	elseif ($query_which == "body") {
	    $clause = "where body like '%${qsafe}%'";
	}
	elseif ($query_which == "both") {
	    $clause = "where body like '%${qsafe}%' ".
		"or title like '%${qsafe}%'";
	}
    }
    elseif ($query_type == "or") {
	$wordarray = preg_split("/[\s,]+/", $query);

	foreach ($wordarray as $i => $word) {
	    $wordarray[$i] = addslashes($word);
	}
	$qstring = implode("|", $wordarray);
	    
	if ($query_which == "title") {
	    $clause = "where title regexp '$qstring'";
	}
	elseif ($query_which == "body") {
	    $clause = "where body regexp '$qstring'";
	}
	elseif ($query_which == "both") {
	    $clause = "where title regexp '$qstring' ".
		"or body regexp '$qstring'";
	}
    }
    else {
	$wordarray = preg_split("/[\s,]+/", $query);

	foreach ($wordarray as $i => $word) {
	    if ($query_which == "title") {
		$wordarray[$i] = "title regexp '" . addslashes($word) . "'";
	    }
	    elseif ($query_which == "body") {
		$wordarray[$i] = "body regexp '" . addslashes($word) . "'";
	    }
	    else {
		$wordarray[$i] = "(title regexp '" . addslashes($word) . "' ".
		    "or body regexp '" . addslashes($word) . "')";
	    }
	}
	$clause = "where ". implode(" and ", $wordarray);
    }
    $search_result =
	DBQueryFatal("select * from knowledge_base_entries ".
		     "$clause ".
252 253
		     ($admin_access ? "" : 
		      "and section != 'Testbed Operations' ").
254 255 256 257
		     "order by section,date_created");
}

if (! mysql_num_rows($search_result)) {
258
    if (!$embedded) {
259 260 261 262 263 264 265 266 267 268
	SPITFORM($query, $query_type, $query_which,
		 "No Matches. Please try again");
	PAGEFOOTER();
    }
    return;
}

#
# Okay, format the list ...
#
269
if (!$embedded) {
270 271 272
    SPITFORM($query, $query_type, $query_which, null);
}

273
if (!$embedded) {
274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298
    echo "<blockquote><blockquote>\n";
}
echo "<font size=+2>Knowledge Base search results</font>\n";
echo "<ul>\n";

$lastsection = "";

while ($row = mysql_fetch_array($search_result)) {
    $section  = $row['section'];
    $title    = $row['title'];
    $idx      = $row['idx'];
    $xref_tag = $row['xref_tag'];

    if ($lastsection != $section) {
	if ($lastsection != "") {
	    echo "</ul><hr>\n";
	}
	$lastsection = $section;
	
	echo "<li><font size=+1><b>$section</b></font>\n";
	echo "<ul>\n";
    }
    echo "<li>";
    if (isset($xref_tag) && $xref_tag != "") {
	echo "<a NAME='$xref_tag'></a>";
Russ Fish's avatar
Russ Fish committed
299 300 301 302
	echo "<a href=kb-show.php3?xref_tag=$xref_tag>$title</a>\n";
    }
    else {
	echo "<a href=kb-show.php3?idx=$idx>$title</a>\n";
303 304 305 306
    }
}

echo "</ul></ul>\n";
307
if (!$embedded) {
308 309 310 311 312 313
    echo "</blockquote></blockquote>\n";
}

#
# Standard Testbed Footer
#
314
if (!$embedded) {
315 316 317 318
    PAGEFOOTER();
}
?>