Cracking The Vault (part 2) - Looking For Something?
(Page 5 of 7 )
The final feature I'd like to add is a search capability, to enable users to quickly drill down to the documents matching specific criteria. At the moment, the search "engine" is very primitive, allowing users to only query document descriptions, document names, and document comments for specific keywords. If required, this can easily be improved upon; for a baseline release, it will suffice.
The search feature is accessible from the main menu, and links to "search.php", which contains a simple form.
<table border="0" cellspacing="5" cellpadding="5">
<form action="out.php" method="POST">
<tr>
<td valign="top"><b>Search term</b></td>
<td><input type="Text" name="keyword" size="50"></td>
</tr>
<tr>
<td valign="top"><b>Search</b></td>
<td><select name="where">
<option value="1">Descriptions only</option>
<option value="2">Filenames only</option>
<option value="3">Comments only</option>
<option value="4" selected>All</option>
</select></td>
</tr>
<tr>
<td colspan="2" align="center"><input type="Submit" name="submit"
value="Search"></td>
</tr>
</form>
</table>
The form variable $keyword contains the search term,
while the variable $where contains a number indicating which table column to search against.
You will notice that this form actually submits data to "out.php". How can this be? What does it mean? Am I out of my tiny little gourd?
My original plan was to have "search.php" itself process the search via a SELECT query to the database. I wrote the query I planned to use, and the code looked something like this
$query = "SELECT data.id, user.username, data.realname, data.created,
data.description, data.comment, data.status FROM data, user, perms WHERE
data.id = perms.fid AND user.id = data.owner AND perms.uid = '$SESSION_UID'
AND perms.rights = '1'";
Depending on the contents of $where, this would be
further modified - for example, if
$where == true
the query would read
$query = "SELECT data.id, user.username, data.realname, data.created,
data.description, data.comment, data.status FROM data, user, perms WHERE
data.id = perms.fid AND user.id = data.owner AND perms.uid = '$SESSION_UID'
AND perms.rights = '1' AND data.description LIKE '%$keyword%'";
and so on.
After a little bit of thought, I
realized that the first part of the query was identical to that used in "out.php" to generate an initial document listing...which meant that I could save myself some time by using that script (with some modifications) as my search results page.
Here are the changes I finally made to "out.php".
<?
// my original out.php query
// get a list of documents the user has "view" permission for
$connection = mysql_connect($hostname, $user, $pass) or die ("Unable to
connect!");
$query = "SELECT data.id, user.username, data.realname, data.created,
data.description, data.comment, data.status FROM data, user, perms WHERE
data.id = perms.fid AND user.id = data.owner AND perms.uid = '$SESSION_UID'
AND perms.rights = '1'";
// if coming from the search form, $keyword and $where will exist
// so modify the query with additional constraints
if ($keyword != "" && isset($where))
{
// switch loop
switch ($where)
{
// description search
case 1:
$query .= " AND (data.description LIKE '%$keyword%')";
break;
// filename search
case 2:
$query .= " AND (data.realname LIKE '%$keyword%')";
break;
// comment search
case 3:
$query .= " AND (data.comment LIKE '%$keyword%')";
break;
// search all!
case 4:
$query .= " AND (data.description LIKE '%$keyword%' OR data.realname LIKE
'%$keyword%' OR data.comment LIKE '%$keyword%')";
break;
}
}
$query .= " ORDER BY created DESC";
And now, if "out.php" receives the $keyword and $where
variables, it will "know" that a search is being conducted and will modify the query with additional constraints so as to display only documents which match the search criteria. Cool, huh?
This article copyright Melonfire 2001. All rights reserved.Next: Oops! >>
More PHP Articles
More By Vikram Vaswani, (c) Melonfire
