Suche

"; $queryString = $_REQUEST["search"]; if (!preg_match("/^[\*a-zA-Z0-9_-\s]*$/", $queryString)) { $errorMessage = _mb("Invalid search term"); $e = new mb_exception($errorMessage); die; } $backlink = $_REQUEST["backlink"]; if ($backlink !== "parent") { $backlink = false; } echo "var backlink = '".$backlink."';"; $lingo = $_REQUEST["lingo"]; if (!preg_match("/^[a-zA-Z]+$/", $lingo)) { $errorMessage = _mb("Invalid language") . ": " . $lingo; $e = new mb_exception($errorMessage); die; } echo "var lingo = '".$lingo."';"; $title = "layername_".$lingo; $confFile = basename($_REQUEST["conf_file"]); if (!preg_match("/^[a-zA-Z0-9_-]+(\.[a-zA-Z0-9]+)$/", $confFile) || !file_exists(dirname(__FILE__) . "/../../conf/".$confFile)) { $errorMessage = _mb("Invalid configuration file") . ": " . $confFile; $e = new mb_exception($errorMessage); die; } echo "var conffile = '".$confFile."';"; /* * @security_patch finc open */ require_once(dirname(__FILE__) . "/../../conf/".$confFile); echo ""; ?> "; echo "Suchen: "; echo ""; echo ""; echo ""; } else{ if(preg_match("/\*/",$queryString)){ $search = trim(preg_replace("/\*/i","", $queryString)); } $con = pg_connect ($con_string) or die ("Error while connecting database $dbname"); /* * @security_patch sqli open */ #$sql = "SELECT DISTINCT identificationinfo,minscale, md_fileidentifier ,search_columns, search_result FROM tab_metadata WHERE public = '1' and not identificationinfo = 'Rasterebene' and not identificationinfo = 'rasterlayer'"; $sql = "SELECT DISTINCT identificationinfo,minscale, md_fileidentifier ,".$title.",search_columns, search_result,search_keywords, wms_title FROM tab_metadata WHERE public = '1' and not identificationinfo = 'Rasterebene' and not identificationinfo = 'rasterlayer'"; $res = pg_query($con,$sql); $cnt = 0; while(pg_fetch_row($res)){ $table[$cnt] = pg_result($res,$cnt,"identificationinfo"); # Tabellen, Abfragenname $minscale[$cnt] = pg_result($res,$cnt,"minscale"); $md_fileidentifier[$cnt] = pg_result($res,$cnt,"md_fileidentifier"); # Layername $layername[$cnt] = pg_result($res,$cnt,"md_fileidentifier"); # Layername in der Mapdatei $result_title[$cnt] = pg_result($res,$cnt,"\"".$title."\""); # layer_deutsch Ergebnisname $search_columns[$cnt] = pg_result($res,$cnt,"search_columns"); # Suchspalten, Trennung über , $search_result[$cnt] = pg_result($res,$cnt,"search_result"); # Ergebnisspalte $search_keywords[$cnt] = pg_result($res,$cnt,"search_keywords"); # Ergebnisspalte $wms_title[$cnt] = pg_result($res,$cnt,"wms_title"); # WMS tile # if one of the searchkeywords is found the data of the whole table is displayed as the result if($search_keywords[$cnt] != '') { $array_search_keywords = explode(",", $search_keywords[$cnt]); $all[$cnt] = false; for ($p=0 ; $p0){ $all[$cnt] = true; } } } //echo "hit:".$hit."all: ".$all[$cnt] ; $cnt++; } $field_has_parent = false; $has_result = false; for($i=0; $i0){ $array_search_columns[count($array_search_columns)] = $array_search_columns [0]; $array_search_columns [0] = "platzhalterxy"; for($j=0; $j0){ $sel_lay = pg_result($res1,$cnt,"fkey_md_fileidentifier"); if($minscale[$i] > 0){$scale = $minscale[$i]+100; } for ($cnt=0; $cnt < pg_num_rows($res1); $cnt++){ if($cnt == 0){ $title = "layername_".$lingo; echo ""; } if($backlink=='parent'){ echo ""; echo pg_result($res1,$cnt,$search_result[$i])."
"; $has_result = true; } } } if($has_result == false){echo "Kein Ergebnis!";} echo ""; } ?>