[prev in list] [next in list] [prev in thread] [next in thread]
List: lon-capa-cvs
Subject: [LON-CAPA-cvs] cvs: loncom /interface lonsearchcat.pm
From: raeburn <lon-capa-cvs-allow () mail ! lon-capa ! org>
Date: 2008-10-16 22:58:15
Message-ID: cvsraeburn1224197895 () cvsserver
[Download RAW message or body]
raeburn Thu Oct 16 18:58:15 2008 EDT
Modified files:
/loncom/interface lonsearchcat.pm
Log:
- As dates/times stored in the mysql tables are UTC-based, comparisons with current \
time need to use UTC_TIMESTAMP() for current time.
- * allowed in strings used in searches.
Index: loncom/interface/lonsearchcat.pm
diff -u loncom/interface/lonsearchcat.pm:1.299 loncom/interface/lonsearchcat.pm:1.300
--- loncom/interface/lonsearchcat.pm:1.299 Wed Aug 27 15:50:46 2008
+++ loncom/interface/lonsearchcat.pm Thu Oct 16 18:58:15 2008
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Search Catalog
#
-# $Id: lonsearchcat.pm,v 1.299 2008/08/27 19:50:46 raeburn Exp $
+# $Id: lonsearchcat.pm,v 1.300 2008/10/16 22:58:15 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -1394,7 +1394,7 @@
'lastrevisiondatestart_month','lastrevisiondatestart_day',
'lastrevisiondatestart_year','lastrevisiondateend_month',
'lastrevisiondateend_day','lastrevisiondateend_year') {
- $env{'form.'.$field}=~s/[^\w\/\s\(\)\=\-\"\'.]//g;
+ $env{'form.'.$field}=~s/[^\w\/\s\(\)\=\-\"\'.\*]//g;
}
foreach ('mode','form','element') {
# is this required? Hmmm.
@@ -1639,7 +1639,7 @@
#
if (@queries) {
if ($env{'form.area'} eq 'portfolio') {
- $query ="SELECT pm.*,pa.keynum,pa.scope FROM portfolio_metadata pm, \
portfolio_access pa, portfolio_addedfields pf WHERE (pm.url = pa.url AND pf.url = \
pm.url AND (pa.start < NOW() AND (pa.end IS NULL OR pa.end > NOW())) AND (".join(') \
AND (',@queries).'))'; + $query ="SELECT pm.*,pa.keynum,pa.scope FROM \
portfolio_metadata pm, portfolio_access pa, portfolio_addedfields pf WHERE (pm.url = \
pa.url AND pf.url = pm.url AND (pa.start < UTC_TIMESTAMP() AND (pa.end IS NULL OR \
pa.end > UTC_TIMESTAMP())) AND (".join(') AND (',@queries).'))'; } else {
$query="SELECT * FROM metadata WHERE (".join(") AND (",@queries).')';
}
@@ -1702,7 +1702,7 @@
#
# Clean up fields for safety
for my $field ('basicexp') {
- $env{"form.$field"}=~s/[^\w\s\'\"\!\(\)\-]//g;
+ $env{"form.$field"}=~s/[^\w\s\'\"\!\(\)\-\*]//g;
}
foreach ('mode','form','element') {
# is this required? Hmmm.
@@ -1741,7 +1741,7 @@
#}
my $final_query;
if ($env{'form.area'} eq 'portfolio') {
- $final_query = 'SELECT pm.*,pa.keynum,pa.scope FROM portfolio_metadata pm, \
portfolio_access pa WHERE (pm.url = pa.url AND (pa.start < NOW() AND (pa.end IS NULL \
OR pa.end > NOW())) AND '.join(" AND ",@Queries).')'; + $final_query = 'SELECT \
pm.*,pa.keynum,pa.scope FROM portfolio_metadata pm, portfolio_access pa WHERE \
(pm.url = pa.url AND (pa.start < UTC_TIMESTAMP() AND (pa.end IS NULL OR pa.end > \
UTC_TIMESTAMP())) AND '.join(" AND ",@Queries).')'; } else {
$final_query = 'SELECT * FROM metadata WHERE '.join(" AND ",@Queries);
}
_______________________________________________
LON-CAPA-cvs mailing list
LON-CAPA-cvs@mail.lon-capa.org
http://mail.lon-capa.org/mailman/listinfo/lon-capa-cvs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic