[aur-dev] [PATCH 1/1] fix for FS#15947

elij elij.mx at gmail.com
Mon Sep 28 16:12:47 EDT 2009 

On Mon, Sep 28, 2009 at 12:59 PM, Loui Chang <louipc.ist at gmail.com> wrote:
> On Sun 27 Sep 2009 20:59 -0700, elij wrote:
>> Fix for maintainer search ticket: FS#15947
>> Also http://mailman.archlinux.org/pipermail/aur-dev/2009-September/000892.html
>> ---
>>  web/lib/aurjson.class.php |   41 ++++++++++++++++++++++++++++++++++-------
>>  1 files changed, 34 insertions(+), 7 deletions(-)
>>
>
>> diff --git a/web/lib/aurjson.class.php b/web/lib/aurjson.class.php
>> index 5b9ecd1..3af41be 100644
>> --- a/web/lib/aurjson.class.php
>> +++ b/web/lib/aurjson.class.php
>> @@ -95,10 +95,9 @@ class AurJSON {
>>          $keyword_string = mysql_real_escape_string($keyword_string, $this->dbh);
>>
>>          $query = "SELECT " . implode(',', $this->fields) .
>> -            " FROM Packages WHERE DummyPkg=0 AND ";
>> -        $query .= sprintf("( Name LIKE '%%%s%%' OR Description LIKE '%%%s%%' )",
>> -                $keyword_string, $keyword_string);
>> -
>> +            " FROM Packages, Users WHERE DummyPkg=0 AND " .
>
> This line breaks the basic search function since ID from $fields is not
> unique. Why are you selecting from the Users table anyways?
>
>> +            "  ( Name LIKE '%{$keyword_string}%' OR " .
>> +            "    Description LIKE '%{$keyword_string}%' )";
>>          $result = db_query($query, $this->dbh);
>>
>>          if ( $result && (mysql_num_rows($result) > 0) ) {
>> @@ -158,5 +157,33 @@ class AurJSON {
>>              return $this->json_error('No result found');
>>          }
>>      }
>> +
>> +    /**
>> +     * Returns all the packages for a specific maintainer.
>> +     * @param $maintainer The name of the maintainer.
>> +     * @return mixed Returns an array of value data containing the package data
>> +     **/
>> +    private function msearch($maintainer) {
>> +        $maintainer = mysql_real_escape_string($maintainer, $this->dbh);
>> +        $fields = implode(',', $this->fields);
>> +
>> +        $query = "SELECT Users.Usermain as Maintainer, {$fields} " .
>> +            " FROM Packages, Users " .
>> +            "        WHERE Packages.MaintainerUID = Users.UID AND " .
>> +            "              Users.Username = '{$maintainer}'";
>
> Users.Usermain isn't a field in the database, neither is Users.UID.
> There's also the problem of ID from $fields not being unique.
>
> I've fixed all these and pushed the modified patch.
>
> Please test your patches!
> Thanks
>
>

I didn't have a machine to test it on at the time.
*shrug*

More information about the aur-dev mailing list