From 05ac3de2f0a39d08048aabd6f3084c0747d7c743 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 26 May 2020 12:46:51 +0200 Subject: [PATCH] Enhance search / filter --- htdocs/core/lib/website.lib.php | 10 +++++----- htdocs/website/index.php | 6 ++++-- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/htdocs/core/lib/website.lib.php b/htdocs/core/lib/website.lib.php index ebbaf4ec775..b158f65c044 100644 --- a/htdocs/core/lib/website.lib.php +++ b/htdocs/core/lib/website.lib.php @@ -780,26 +780,26 @@ function getPagesFromSearchCriterias($type, $algo, $searchstring, $max = 25, $so if (!is_object($weblangs)) $weblangs = $langs; - if (empty($searchstring)) + if (empty($searchstring) && empty($type) && empty($langcode) && empty($otherfilters)) { $error++; $arrayresult['code'] = 'KO'; $arrayresult['message'] = $weblangs->trans("EmptySearchString"); - } elseif (dol_strlen($searchstring) < 2) { + } elseif ($searchstring && dol_strlen($searchstring) < 2) { $weblangs->load("errors"); $error++; $arrayresult['code'] = 'KO'; $arrayresult['message'] = $weblangs->trans("ErrorSearchCriteriaTooSmall"); } else { $tmparrayoftype = explode(',', $type); - foreach ($tmparrayoftype as $tmptype) { + /*foreach ($tmparrayoftype as $tmptype) { if (!in_array($tmptype, array('', 'page', 'blogpost'))) { $error++; $arrayresult['code'] = 'KO'; $arrayresult['message'] = 'Bad value for parameter type'; break; } - } + }*/ } $searchdone = 0; @@ -819,7 +819,7 @@ function getPagesFromSearchCriterias($type, $algo, $searchstring, $max = 25, $so $tmparrayoftype = explode(',', $type); $typestring = ''; foreach ($tmparrayoftype as $tmptype) { - $typestring .= ($typestring ? ", " : "")."'".trim($tmptype)."'"; + $typestring .= ($typestring ? ", " : "")."'".$db->escape(trim($tmptype))."'"; } $sql .= " AND wp.type_container IN (".$typestring.")"; } diff --git a/htdocs/website/index.php b/htdocs/website/index.php index 9b704405559..aa7e165754f 100644 --- a/htdocs/website/index.php +++ b/htdocs/website/index.php @@ -374,9 +374,10 @@ if ($action == 'unsetshowsubcontainers') exit; } -if (($action == 'replacesite' || $action == 'replacesiteconfirm') && !$searchkey) +if ($massaction == 'replace' && GETPOST('confirmmassaction', 'alpha') && !$searchkey) { $action = 'replacesite'; + $massaction = ''; } // Replacement of string into pages @@ -3648,9 +3649,10 @@ if ($action == 'replacesite' || $action == 'replacesiteconfirm' || $massaction = // List of mass actions available $arrayofmassactions = array(); - if ($user->rights->website->writephp) $arrayofmassactions['replace'] = $langs->trans("Replace"); + if ($user->rights->website->writephp && $searchkey) $arrayofmassactions['replace'] = $langs->trans("Replace"); if ($permissiontodelete) $arrayofmassactions['predelete'] = ''.$langs->trans("Delete"); if (GETPOST('nomassaction', 'int') || in_array($massaction, array('presend', 'predelete'))) $arrayofmassactions = array(); + $massactionbutton = $form->selectMassAction('', $arrayofmassactions); $massactionbutton .= '