--- /dev/null
+<?php
+// JSON web service for PO terms: autocomplete and search methods
+
+/* require the user as the parameter */
+if(isset($_GET['user']) && ($_GET['user']) == 'paw') {
+
+ $arr_field_names = array('name','acc');
+
+ /* read the params and/or set our own */
+ $type = isset($_GET['type']) ? $_GET['type'] : autocomplete; // autocomplete is the default
+
+ // security measures; helps to avoid SQL injection attacks
+ $field = isset($_GET['field']) && in_array($_GET['field'],$arr_field_names)
+ ? $_GET['field']
+ : die('"field" is a required parameter and must match an available data field.');
+
+ $number_of_terms = isset($_GET['max']) ? intval($_GET['max']) : 10; //10 is the default
+
+ $qval = $_GET['qval'];
+
+ $qval = isset($_GET['qval']) && strlen($_GET['qval']) > 0
+ ? strtolower($_GET['qval'])
+ : die('Please provide a searchable value');
+
+ // optional, for type 'lookup'
+ if ($type == 'lookup' && isset($_GET['ret_field']) && in_array($_GET['ret_field'],$arr_field_names)) {
+ $ret_field = $_GET['ret_field'];
+ }
+
+ $format = strtolower($_GET['format']) != 'json'
+ ? strtolower($_GET['format'])
+ : 'json'; //json is the default
+
+ /* connect to the db */
+ $link = mysql_connect('floret.cgrb.oregonstate.edu', 'po-read-user', 'po-read-user_pw') or die('Cannot connect to the DB');
+ mysql_select_db('po_beta',$link) or die('Cannot select the DB');
+
+ switch ($type) {
+ case 'autocomplete':
+ /* grab the terms from the db */
+ $query = "select $field from term where $field like '%$qval%' ORDER BY name LIMIT $number_of_terms";
+ $result = mysql_query($query,$link) or die('Errant query: '.$query);
+
+ /* create one master array of the records */
+ $terms = array();
+ if(mysql_num_rows($result)) {
+ while($term = mysql_fetch_assoc($result)) {
+ $terms[] = array('title'=>$term[$field]);
+ }
+ }
+
+ /* output in necessary format */
+ if($format == 'json') {
+ header('Content-type: application/json');
+ echo json_encode(array('sfautocomplete'=>$terms));
+ }
+ else {
+ die('Sorry, this request cannot be fulfilled in '.$format.' format.');
+ }
+ break;
+
+ case 'lookup':
+ /* grab the terms from the db */
+ $query = "select distinct $ret_field from term where $field = '$qval' ORDER BY name LIMIT 1";
+ $result = mysql_query($query,$link) or die('Errant query: '.$query);
+
+ /* create one master array of the records */
+ $terms = array();
+ if(mysql_num_rows($result)) {
+ while($term = mysql_fetch_assoc($result)) {
+ $terms[] = array('title'=>$term[$ret_field]);
+ }
+ }
+ // TODO: change this to the necessary output for #get_web_data wiki call
+ /* output in necessary format */
+ if($format == 'json') {
+ header('Content-type: application/json');
+ echo json_encode(array('sfautocomplete'=>$terms));
+ }
+ else {
+ die('Sorry, this request cannot be fulfilled in '.$format.' format.');
+ }
+ break;
+ default:
+ die('Sorry, this web service method is not available.');
+ }
+ /* disconnect from the db */
+ @mysql_close($link);
+}
+else { die('Not authorized.'); }
+?>
+
projects / old-jaiswallab-svn / .git / commitdiff