зеркало из https://github.com/mozilla/pjs.git
Restructure Reporter's Query Functionality. Mostly rewritten, much easier to use for other purposes (hint: coming soon). Still buggy, but we'll fix it as we go.
This commit is contained in:
Родитель
886da04a8f
Коммит
aa2b15431e
|
@ -38,9 +38,10 @@
|
||||||
|
|
||||||
require_once('../../config.inc.php');
|
require_once('../../config.inc.php');
|
||||||
require_once($config['base_path'].'/includes/iolib.inc.php');
|
require_once($config['base_path'].'/includes/iolib.inc.php');
|
||||||
require_once($config['base_path'].'/includes/contrib/adodb/adodb.inc.php');
|
require_once($config['base_path'].'/includes/db.inc.php');
|
||||||
require_once($config['base_path'].'/includes/contrib/smarty/libs/Smarty.class.php');
|
require_once($config['base_path'].'/includes/contrib/smarty/libs/Smarty.class.php');
|
||||||
require_once($config['base_path'].'/includes/security.inc.php');
|
require_once($config['base_path'].'/includes/security.inc.php');
|
||||||
|
require_once($config['base_path'].'/includes/query.inc.php');
|
||||||
|
|
||||||
// start the session
|
// start the session
|
||||||
session_name('reportSessID');
|
session_name('reportSessID');
|
||||||
|
@ -51,309 +52,40 @@ printheaders();
|
||||||
$title = "Searching Results";
|
$title = "Searching Results";
|
||||||
$content = initializeTemplate();
|
$content = initializeTemplate();
|
||||||
|
|
||||||
// approved "selectable" fields
|
|
||||||
$approved_fields = array('count' /*special */, 'host_id', 'host_hostname', 'report_id', 'report_url', 'report_host_id', 'report_problem_type', 'report_description', 'report_behind_login', 'report_useragent', 'report_platform', 'report_oscpu', 'report_language', 'report_gecko', 'report_buildconfig', 'report_product', /* 'report_email', 'report_ip',*/ 'report_file_date');
|
|
||||||
|
|
||||||
|
|
||||||
// Ascending or Descending
|
|
||||||
if (strtolower($_GET['ascdesc']) == 'asc' || strtolower($_GET['ascdesc']) == 'asc'){
|
|
||||||
$ascdesc = $_GET['ascdesc'];
|
|
||||||
} else {
|
|
||||||
$ascdesc = 'desc';
|
|
||||||
}
|
|
||||||
|
|
||||||
// order by
|
|
||||||
if (!$_GET['orderby']){
|
|
||||||
$orderby = 'report_file_date';
|
|
||||||
} else {
|
|
||||||
$orderby = $_GET['orderby'];
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!$_GET['show']){
|
|
||||||
$_GET['show'] = $config['show'];
|
|
||||||
}
|
|
||||||
// no more than 200 results per page
|
|
||||||
if (!$_GET['show'] > 200){
|
|
||||||
$_GET['show'] = 200;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!$_GET['page']){
|
|
||||||
$_GET['page'] = 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (isset($_GET['count']) && $_GET['count'] == null){
|
|
||||||
$_GET['count'] = 'host_id';
|
|
||||||
}
|
|
||||||
|
|
||||||
// Open DB
|
// Open DB
|
||||||
$db = NewADOConnection($config['db_dsn']);
|
$db = NewADOConnection($config['db_dsn']);
|
||||||
if (!$db) die("Connection failed");
|
|
||||||
$db->SetFetchMode(ADODB_FETCH_ASSOC);
|
$db->SetFetchMode(ADODB_FETCH_ASSOC);
|
||||||
|
|
||||||
// Initial selected array
|
// DELETED
|
||||||
if ($_GET['selected'] && !isset($_GET['count'])){
|
$query = new query;
|
||||||
$selected = array();
|
$query_input = $query->getQueryInputs();
|
||||||
foreach($_GET['selected'] as $selectedChild){
|
|
||||||
$selected[$selectedChild] = $config['fields'][$selectedChild];
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
$selected = array('report_id' => 'Report ID', 'host_hostname' => 'Host');
|
|
||||||
}
|
|
||||||
|
|
||||||
if (isset($_GET['count'])){
|
$result = $query->doQuery($query_input['selected'],
|
||||||
$selected['count'] = 'Number';
|
$query_input['where'],
|
||||||
unset($selected['report_id']);
|
$query_input['orderby'],
|
||||||
|
$query_input['ascdesc'],
|
||||||
|
$query_input['show'],
|
||||||
|
$query_input['page'],
|
||||||
|
$query_input['count']
|
||||||
|
);
|
||||||
|
$output = $query->outputHTML($result, $query_input);
|
||||||
|
|
||||||
// Hardcode host_id
|
if (sizeof($output['data']) == 0){
|
||||||
$_GET['count'] = 'host_id'; // XXX we just hardcode this (just easier for now, and all people will be doing).
|
|
||||||
// XX NOTE: We don't escape count below because 'host_id' != `host_id`.
|
|
||||||
|
|
||||||
//Sort by
|
|
||||||
if ($orderby == 'report_file_date'){ //XXX this isn't ideal, but nobody will sort by date (pointless and not an option)
|
|
||||||
$orderby = 'count';
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$selected['report_file_date'] = "Date";
|
|
||||||
}
|
|
||||||
|
|
||||||
// Build SELECT clause of SQL
|
|
||||||
reset($selected);
|
|
||||||
while (list($key, $title) = each($selected)) {
|
|
||||||
if (in_array($key, $approved_fields)){
|
|
||||||
// we don't $db->quote here since unless it's in our approved array (exactly), we drop it anyway. i.e. report_id is on our list, 'report_id' is not.
|
|
||||||
// we sanitize on our own
|
|
||||||
if ($key == 'count'){
|
|
||||||
$sql_select .= 'COUNT( '.$_GET['count'].' ) AS count';
|
|
||||||
} else {
|
|
||||||
$sql_select .= $key;
|
|
||||||
}
|
|
||||||
$sql_select .= ',';
|
|
||||||
} else {
|
|
||||||
// silently drop those not in approved array
|
|
||||||
unset($selected[$key]);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
$sql_select = substr($sql_select, 0, -1);
|
|
||||||
|
|
||||||
if (isset($_GET['count'])){
|
|
||||||
$group_by = 'GROUP BY '.$_GET['count'];
|
|
||||||
}
|
|
||||||
|
|
||||||
// Build the Where clause of the SQL
|
|
||||||
if (isset($_GET['submit_reportID'])){
|
|
||||||
$sql_where = 'report_id = '.$db->quote($_GET['report_id']).' ';
|
|
||||||
$sql_where .= 'AND host.host_id = report_host_id';
|
|
||||||
}
|
|
||||||
else if ($_GET['submit_query']){
|
|
||||||
reset($_GET);
|
|
||||||
while (list($param, $val) = each($_GET)) {
|
|
||||||
// To help prevent stupidity with params, we only add it to the WHERE statement if it's passes as a param we allow
|
|
||||||
if (
|
|
||||||
($param == 'report_description') ||
|
|
||||||
($param == 'host_hostname') ||
|
|
||||||
($param == 'report_problem_type') ||
|
|
||||||
($param == 'report_behind_login') ||
|
|
||||||
($param == 'report_useragent') ||
|
|
||||||
($param == 'report_gecko') ||
|
|
||||||
($param == 'report_language') ||
|
|
||||||
($param == 'report_platform') ||
|
|
||||||
($param == 'report_oscpu') ||
|
|
||||||
($param == 'report_product')){
|
|
||||||
// there sare our various ways of saying "no value"
|
|
||||||
if (($val != -1) && ($val != null) && ($val != '0')){
|
|
||||||
// if there's a wildcard (%,_) we should use 'LIKE', otherwise '='
|
|
||||||
// XX-> strpos returns 0 if the first char is % or _, so we just pad it with a 'x' to force it to do so... harmless hack
|
|
||||||
if ((strpos('x'.$val, "%") == false) && (strpos('x'.$val, "_") == false)){
|
|
||||||
$operator = "=";
|
|
||||||
} else {
|
|
||||||
$operator = "LIKE";
|
|
||||||
}
|
|
||||||
// Add to query
|
|
||||||
if (in_array($param, $approved_fields)){
|
|
||||||
$sql_where .= $param." ".$operator." ".$db->quote($val)." AND ";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
// we do the datetime stuff outside the loop, so it doesn't get fubar
|
|
||||||
|
|
||||||
// if the user didn't delete the default YYYY-MM-DD mask, we do it for them
|
|
||||||
if ($_GET['report_file_date_start'] == 'YYYY-MM-DD'){
|
|
||||||
$_GET['report_file_date_start'] = null;
|
|
||||||
}
|
|
||||||
if ($_GET['report_file_date_end'] == 'YYYY-MM-DD'){
|
|
||||||
$_GET['report_file_date_end'] = null;
|
|
||||||
}
|
|
||||||
if (($_GET['report_file_date_start'] != null) || ($_GET['report_file_date_end'] != null)){
|
|
||||||
|
|
||||||
// if we have both, we do a BETWEEN
|
|
||||||
if ($_GET['report_file_date_start'] && $_GET['report_file_date_end']){
|
|
||||||
$sql_where .= "(report_file_date BETWEEN ".$db->quote($_GET['report_file_date_start'])." and ".$db->quote($_GET['report_file_date_end']).") AND ";
|
|
||||||
}
|
|
||||||
|
|
||||||
// if we have only a start, then we do a >
|
|
||||||
else if ($_GET['report_file_date_start']){
|
|
||||||
$sql_where .= "report_file_date > ".$db->quote($_GET['report_file_date_start'])." AND ";
|
|
||||||
}
|
|
||||||
|
|
||||||
// if we have only a end, we do a <
|
|
||||||
else if ($_GET['report_file_date_end']){
|
|
||||||
$sql_where .= "report_file_date < ".$db->quote($_GET['report_file_date_end'])." AND ";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
$sql_where .= 'host.host_id = report_host_id AND ';
|
|
||||||
$sql_where = substr($sql_where, 0, -5);
|
|
||||||
|
|
||||||
if ($orderby != 'report_file_date'){
|
|
||||||
$subOrder = ', report.report_file_date DESC';
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
$content->assign('error', 'No Query');
|
|
||||||
displayPage($content, 'query.tpl');
|
|
||||||
exit;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Security note: we quote() $select as we generate it above (escape each $key), so it would be redundant to do so here.
|
|
||||||
// Not to mention it would break things
|
|
||||||
|
|
||||||
/* SelectLimit isn't bad, but there's no documentation on getting it to use ASC rather than DESC... to investigate */
|
|
||||||
|
|
||||||
$start = ($_GET['page']-1)*$_GET['show'];
|
|
||||||
|
|
||||||
$sql = "SELECT $sql_select
|
|
||||||
FROM `report`, `host`
|
|
||||||
WHERE $sql_where
|
|
||||||
$group_by
|
|
||||||
ORDER BY ".$db->quote($orderby)." ".$ascdesc.$subOrder;
|
|
||||||
$query = $db->SelectLimit($sql,$_GET['show'],$start,$inputarr=false);
|
|
||||||
$numresults = $query->RecordCount();
|
|
||||||
|
|
||||||
// If we have a full page worth of results in our data set, count how many total
|
|
||||||
// so we can paginate. Only do this if $page >= 1 as well.
|
|
||||||
if ($numresults >= $_GET['show'] || $_GET['page'] >= 1){
|
|
||||||
if (isset($_GET['count'])){
|
|
||||||
// REASON WHY PAGINATION IS BROKE ON count queries
|
|
||||||
$trq = $db->Execute("SELECT COUNT(*), $sql_select
|
|
||||||
FROM `report`, `host`
|
|
||||||
WHERE $sql_where
|
|
||||||
$group_by");
|
|
||||||
$totalresults = $trq->RecordCount();
|
|
||||||
} else {
|
|
||||||
$trq = $db->Execute("SELECT COUNT(*)
|
|
||||||
FROM `report`, `host`
|
|
||||||
WHERE $sql_where");
|
|
||||||
$totalresults = $trq->fields['COUNT(*)'];
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Continuity params
|
|
||||||
reset($_GET);
|
|
||||||
while (list($param, $val) = each($_GET)) {
|
|
||||||
if($param != 'page' && $param != 'ascdesc'){
|
|
||||||
if (is_array($val)){
|
|
||||||
$param_name = $param.'[]';
|
|
||||||
foreach($val as $valChild){
|
|
||||||
if (!is_numeric($valChild)){
|
|
||||||
$valChild = rawurlencode($valChild);
|
|
||||||
}
|
|
||||||
$continuity_params .= $param_name.'='.$valChild.'&';
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
if (!is_numeric($val)){
|
|
||||||
$val = rawurlencode($val);
|
|
||||||
}
|
|
||||||
$continuity_params .= $param.'='.$val.'&';
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
$continuity_page = $_GET['page'];
|
|
||||||
$continuity_ascdesc = $_GET['ascdesc'];
|
|
||||||
|
|
||||||
$continuity_params .= 'submit_query=Search';
|
|
||||||
if(isset($_GET['count'])){
|
|
||||||
$continuity_params .= '&count=on';
|
|
||||||
}
|
|
||||||
|
|
||||||
$column = array();
|
|
||||||
reset($selected);
|
|
||||||
$columnCount = 0;
|
|
||||||
|
|
||||||
/******************
|
|
||||||
* Columns
|
|
||||||
*****************/
|
|
||||||
while (list($key, $title) = each($selected)) {
|
|
||||||
$column[$columnCount]['title'] = $title;
|
|
||||||
if ($key != 'report_id'){
|
|
||||||
$column[$columnCount]['url'] = $config['self'].'?orderby='.$key.'&ascdesc=';
|
|
||||||
if ($orderby == $key) {
|
|
||||||
if ($ascdesc == 'asc'){
|
|
||||||
$column[$columnCount]['url'] .= 'desc';
|
|
||||||
}
|
|
||||||
else if ($ascdesc == 'desc'){
|
|
||||||
$column[$columnCount]['url'] .= 'asc';
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
$column[$columnCount]['url'] .= $ascdesc;
|
|
||||||
}
|
|
||||||
$column[$columnCount]['url'] .= '&'.substr($continuity_params, 0, -1).'&page='.$continuity_page;
|
|
||||||
}
|
|
||||||
$columnCount++;
|
|
||||||
}
|
|
||||||
$content->assign('column', $column);
|
|
||||||
|
|
||||||
if ($numresults < 1){
|
|
||||||
$content->assign('error', 'No Results found');
|
$content->assign('error', 'No Results found');
|
||||||
displayPage($content, 'query.tpl');
|
displayPage($content, 'query.tpl');
|
||||||
exit;
|
exit;
|
||||||
} else {
|
|
||||||
/******************
|
|
||||||
* Rows
|
|
||||||
*****************/
|
|
||||||
$row = array();
|
|
||||||
for ($i=0; !$query->EOF; $i++) {
|
|
||||||
reset($selected);
|
|
||||||
$col = 0;
|
|
||||||
while (list($key, $title) = each($selected)) {
|
|
||||||
// For report_id we create a url, for anything else: just dump it to screen
|
|
||||||
if ($key == 'report_id'){
|
|
||||||
$row[$i][$col]['url'] = '/report/?report_id='.$query->fields[$key];
|
|
||||||
$row[$i][$col]['text'] = 'Report';
|
|
||||||
}
|
|
||||||
else if (substr($key, 0, 5) == "COUNT"){
|
|
||||||
$row[$i][$col]['text'] = $query->fields['count'];
|
|
||||||
} else {
|
|
||||||
if(($key == $_GET['count']) || ($key == 'host_hostname' && $_GET['count'] == 'host_id')){
|
|
||||||
if ($key == 'host_hostname' && $_GET['count'] == 'host_id'){
|
|
||||||
$subquery = 'host_hostname='.$query->fields['host_hostname'];
|
|
||||||
} else {
|
|
||||||
$subquery = $_GET['count'].'='.$query->fields[$key];
|
|
||||||
}
|
|
||||||
$row[$i][$col]['url'] = '/query/?'.$subquery.'&submit_query=true';
|
|
||||||
$row[$i][$col]['text'] = $query->fields[$key];
|
|
||||||
} else {
|
|
||||||
// report_problem_type and behind_login are special cases since we need to resolve them
|
|
||||||
if($key == 'report_problem_type'){
|
|
||||||
$row[$i][$col]['text'] = resolveProblemTypes($query->fields[$key]);
|
|
||||||
}
|
|
||||||
else if($key == 'report_behind_login'){
|
|
||||||
$row[$i][$col]['text'] = resolveBehindLogin($query->fields[$key]);
|
|
||||||
} else {
|
|
||||||
$row[$i][$col]['text'] = $query->fields[$key];
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
$col++;
|
|
||||||
}
|
|
||||||
$query->MoveNext();
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
$content->assign('row', $row);
|
|
||||||
|
$content->assign('continuityParams', $query->continuityParams($query_input));
|
||||||
|
$content->assign('count', $result['totalResults']);
|
||||||
|
$content->assign('show', $query_input['show']);
|
||||||
|
$content->assign('page', $query_input['page']);
|
||||||
|
|
||||||
|
$content->assign('column', $output['columnHeaders']);
|
||||||
|
$content->assign('row', $output['data']);
|
||||||
|
displayPage($content, 'query.tpl');
|
||||||
|
|
||||||
// disconnect database
|
// disconnect database
|
||||||
$db->Close();
|
$db->Close();
|
||||||
|
|
||||||
$content->assign('navigation', navigation('?page=', '&'.$continuity_params.'&ascdesc='.$continuity_ascdesc.'&show='.$_GET['show'], $totalresults, $_GET['show'], $_GET['page']));
|
|
||||||
|
|
||||||
displayPage($content, 'query.tpl');
|
|
||||||
?>
|
?>
|
|
@ -38,7 +38,7 @@
|
||||||
|
|
||||||
require_once('../../config.inc.php');
|
require_once('../../config.inc.php');
|
||||||
require_once($config['base_path'].'/includes/iolib.inc.php');
|
require_once($config['base_path'].'/includes/iolib.inc.php');
|
||||||
require_once($config['base_path'].'/includes/contrib/adodb/adodb.inc.php');
|
require_once($config['base_path'].'/includes/db.inc.php');
|
||||||
require_once($config['base_path'].'/includes/contrib/smarty/libs/Smarty.class.php');
|
require_once($config['base_path'].'/includes/contrib/smarty/libs/Smarty.class.php');
|
||||||
require_once($config['base_path'].'/includes/security.inc.php');
|
require_once($config['base_path'].'/includes/security.inc.php');
|
||||||
|
|
||||||
|
@ -50,7 +50,6 @@ printheaders();
|
||||||
|
|
||||||
// Open DB
|
// Open DB
|
||||||
$db = NewADOConnection($config['db_dsn']);
|
$db = NewADOConnection($config['db_dsn']);
|
||||||
if (!$db) die("Connection failed");
|
|
||||||
$db->SetFetchMode(ADODB_FETCH_ASSOC);
|
$db->SetFetchMode(ADODB_FETCH_ASSOC);
|
||||||
|
|
||||||
$query =& $db->Execute("SELECT *
|
$query =& $db->Execute("SELECT *
|
||||||
|
|
Загрузка…
Ссылка в новой задаче