On Sun 27 Sep 2009 20:59 -0700, elij wrote: > Fix for maintainer search ticket: FS#15947 > Also http://mailman.archlinux.org/pipermail/aur-dev/2009-September/000892.html > --- > web/lib/aurjson.class.php | 41 ++++++++++++++++++++++++++++++++++------- > 1 files changed, 34 insertions(+), 7 deletions(-) >
> diff --git a/web/lib/aurjson.class.php b/web/lib/aurjson.class.php > index 5b9ecd1..3af41be 100644 > --- a/web/lib/aurjson.class.php > +++ b/web/lib/aurjson.class.php > @@ -95,10 +95,9 @@ class AurJSON { > $keyword_string = mysql_real_escape_string($keyword_string, > $this->dbh); > > $query = "SELECT " . implode(',', $this->fields) . > - " FROM Packages WHERE DummyPkg=0 AND "; > - $query .= sprintf("( Name LIKE '%%%s%%' OR Description LIKE '%%%s%%' > )", > - $keyword_string, $keyword_string); > - > + " FROM Packages, Users WHERE DummyPkg=0 AND " . This line breaks the basic search function since ID from $fields is not unique. Why are you selecting from the Users table anyways? > + " ( Name LIKE '%{$keyword_string}%' OR " . > + " Description LIKE '%{$keyword_string}%' )"; > $result = db_query($query, $this->dbh); > > if ( $result && (mysql_num_rows($result) > 0) ) { > @@ -158,5 +157,33 @@ class AurJSON { > return $this->json_error('No result found'); > } > } > + > + /** > + * Returns all the packages for a specific maintainer. > + * @param $maintainer The name of the maintainer. > + * @return mixed Returns an array of value data containing the package > data > + **/ > + private function msearch($maintainer) { > + $maintainer = mysql_real_escape_string($maintainer, $this->dbh); > + $fields = implode(',', $this->fields); > + > + $query = "SELECT Users.Usermain as Maintainer, {$fields} " . > + " FROM Packages, Users " . > + " WHERE Packages.MaintainerUID = Users.UID AND " . > + " Users.Username = '{$maintainer}'"; Users.Usermain isn't a field in the database, neither is Users.UID. There's also the problem of ID from $fields not being unique. I've fixed all these and pushed the modified patch. Please test your patches! Thanks