function smd_query($atts, $thing='') { extract(lAtts(array( 'column' => '', 'table' => '', 'where' => '', 'query' => '', 'form' => '', 'colsform' => '', 'escape' => '', 'urlfilter' => '', 'urlreplace' => '', 'defaults' => '', 'delim' => ',', 'paramdelim' => ':', 'silent' => '0', 'count' => 'up', 'break' => '', 'wraptag' => '', 'label' => '', 'labeltag' => '', 'class' => '', 'debug' => '0', ),$atts)); // Grab the form or embedded $thing $thing = ($thing) ? $thing : fetch_form($form); $colsform = (empty($colsform)) ? '' : fetch_form($colsform); $urlfilter = (!empty($urlfilter)) ? do_list($urlfilter, $delim) : ''; $urlreplace = (!empty($urlreplace)) ? do_list($urlreplace, $delim) : ''; if ($debug > 0) { echo "++ URL FILTERS ++"; dmp($urlfilter); dmp($urlreplace); } // Process any defaults $defaults = do_list($defaults, $delim); $dflts = array(); foreach ($defaults as $item) { $item = do_list($item, $paramdelim); if ($item[0] == '') continue; if (count($item) == 2) { $dflts[$item[0]] = smd_query_parse($item[1]); } } if ($debug > 0) { echo "++ DEFAULTS ++"; dmp($dflts); } // Get a list of fields to escape $escapes = do_list($escape, $delim); foreach ($escapes as $idx => $val) { if ($val == '') { unset($escapes[$idx]); } } $rs = array(); $out = array(); $colout = array(); // query overrides column/table/where if ($query) { $query = smd_query_parse($query, $dflts, $urlfilter, $urlreplace); $rs = ($silent) ? @getRows($query, $debug) : getRows($query, $debug); } else { if ($column && $table) { // TODO: Perhaps doSlash() these? $column = smd_query_parse($column, $dflts, $urlfilter, $urlreplace); $table = smd_query_parse($table, $dflts, $urlfilter, $urlreplace); $where = smd_query_parse($where, $dflts, $urlfilter, $urlreplace); $where = ($where) ? $where : "1=1"; $rs = ($silent) ? @safe_rows($column, $table, $where, $debug) : safe_rows($column, $table, $where, $debug); } else { trigger_error("You must specify at least 1 'column' and a 'table'."); } } $numrows = count($rs); $truePart = EvalElse($thing, 1); if ($rs) { if ($debug > 1) { echo "++ QUERY RESULT SET ++"; dmp(count($rs). " ROWS"); dmp($rs); } $replacements = array(); $colreplacements = array(); $qry_rowcnt = ($count=="up") ? 0 : $numrows-1; foreach ($rs as $row) { foreach ($row as $colid => $val) { if ($qry_rowcnt == 0 && $colsform) { $colreplacements['{'.$colid.'}'] = $colid; } // Construct the replacement array $replacements['{'.$colid.'}'] = (in_array($colid, $escapes) ? htmlspecialchars($val, ENT_QUOTES) : $val); } $replacements['{smd_rows}'] = $numrows; $replacements['{smd_thisindex}'] = $qry_rowcnt; $replacements['{smd_thisrow}'] = $qry_rowcnt + 1; if ($debug > 0) { echo "++ REPLACEMENTS ++"; dmp($replacements); } $out[] = parse(strtr($truePart, $replacements)); $qry_rowcnt = ($count=="up") ? $qry_rowcnt+1 : $qry_rowcnt-1; } if ($out) { if ($colreplacements) { $colout[] = parse(strtr($colsform, $colreplacements)); } return doLabel($label, $labeltag).doWrap(array_merge($colout,$out), $wraptag, $break, $class); } } else { return parse(EvalElse($thing, 0)); } return ''; } // Returns a string with any ? variables replaced with their globals // URL Variables are optionally run through preg_replace() to sanitize them. // $pat is an array of regex search patterns // $rep is an array of regex search repalcements (default = '', i.e. remove whatever matches) function smd_query_parse($item, $dflts=array(''), $pat=array(''), $rep=array('')) { global $pretext, $thisarticle, $thisimage, $thisfile, $thislink, $variable; $item = html_entity_decode($item); $modRE = '/(\?)([A-Za-z0-9_\- ]+)/'; $numMods = preg_match_all($modRE, $item, $mods); for ($modCtr = 0; $modCtr < $numMods; $modCtr++) { $modChar = $mods[1][$modCtr]; $modItem = trim($mods[2][$modCtr]); $lowitem = strtolower($modItem); $urlvar = $svrvar = ''; if (gps($lowitem) != '') { $urlvar = doSlash(gps($lowitem)); if ($urlvar && $pat) { $urlvar = preg_replace($pat, $rep, $urlvar); } } if (serverSet($modItem) != '') { $svrvar = doSlash(serverSet($modItem)); if ($svrvar && $pat) { $svrvar = preg_replace($pat, $rep, $svrvar); } } if (isset($variable[$lowitem])) { $item = str_replace($modChar.$modItem, $variable[$lowitem], $item); } else if ($svrvar != '') { $item = str_replace($modChar.$modItem, $svrvar, $item); } else if (isset($thisimage[$lowitem]) && !empty($thisimage[$lowitem])) { $item = str_replace($modChar.$modItem, $thisimage[$lowitem], $item); } else if (isset($thisfile[$lowitem]) && !empty($thisfile[$lowitem])) { $item = str_replace($modChar.$modItem, $thisfile[$lowitem], $item); } else if (isset($thislink[$lowitem]) && !empty($thislink[$lowitem])) { $item = str_replace($modChar.$modItem, $thislink[$lowitem], $item); } else if (array_key_exists($lowitem, $pretext) && !empty($pretext[$lowitem])) { $item = str_replace($modChar.$modItem, $pretext[$lowitem], $item); } else if (isset($thisarticle[$lowitem]) && !empty($thisarticle[$lowitem])) { $item = str_replace($modChar.$modItem, $thisarticle[$lowitem], $item); } else if ($urlvar != '') { $item = str_replace($modChar.$modItem, $urlvar, $item); } else if (isset($dflts[$lowitem])) { $item = str_replace($modChar.$modItem, $dflts[$lowitem], $item); } else { $item = str_replace($modChar.$modItem, $modItem, $item); } } return $item; }