--- ZSQLExtend/ZSQLExtend.py 2004/08/27 23:03:48 1.32 +++ ZSQLExtend/ZSQLExtend.py 2004/09/27 20:43:58 1.36 @@ -5,7 +5,7 @@ from Globals import DTMLFile import urllib import re import string -from pyPgSQL import libpq +#from pyPgSQL import libpq from AccessControl import getSecurityManager import os.path from Products.PageTemplates.PageTemplateFile import PageTemplateFile @@ -13,6 +13,14 @@ from Products.PageTemplates.PageTemplate from Products.ZSQLMethods.SQL import SQLConnectionIDs import Shared.DC.ZRDB.DA +def sql_quote(self, v): + # quote dictionary + quote_dict = {"\'": "''", "\\": "\\\\"} + for dkey in quote_dict.keys(): + if find(v, dkey) >= 0: + v=join(split(v,dkey),quote_dict[dkey]) + return "'%s'" % v + def showSQLConnectionIDs(self): return SQLConnectionIDs(self) @@ -20,6 +28,24 @@ class ZSQLExtendFolder(Folder,Persistent """Folder""" meta_type="ZSQLExtendFolder" + def testneu(self): + """test""" + relStatement="""period like '%s%%'""" + statement="select * from cdli_cat" + wherePart="museum_no like 'VAT%'" + classes=['Uruk III','Uruk IV'] + return self.searchRel(relStatement,statement,wherePart,classes) + + def searchRel(self,relStatement,statement,wherePart,classes): + """suche relative haufigkeiten""" + ret={} + allRecords=len(self.ZSQLSimpleSearch(statement + " where "+wherePart)) + print statement + " where "+wherePart + for oneclass in classes: + ret[oneclass]=len(self.ZSQLSimpleSearch(statement + " where ("+wherePart+") and "+ relStatement%oneclass)) + print statement + " where ("+wherePart+") and "+ relStatement%oneclass + return (ret,allRecords) + def content_html(self): """template fuer content""" @@ -276,7 +302,7 @@ class ZSQLExtendFolder(Folder,Persistent valueList=[] for x in addList.keys(): keyList.append("\""+x+"\"") - valueList.append(libpq.PgQuoteString(addList[x])) + valueList.append(sql_quote(addList[x])) keyString=string.join(keyList,",") valueString=string.join(valueList,",") @@ -286,7 +312,7 @@ class ZSQLExtendFolder(Folder,Persistent return self.REQUEST.RESPONSE.redirect(format) def ZSQLChange(self,**argv): - """Ändern von Einträgen""" + """change entries""" #qs=self.REQUEST['QUERY_STRING'] # very bad hack qs_temp=[] @@ -309,18 +335,18 @@ class ZSQLExtendFolder(Folder,Persistent table=urllib.unquote(value) elif name=="-identify": identify=urllib.unquote(value) - identify=identify.split("=")[0]+"="+libpq.PgQuoteString(identify.split("=")[1]) + identify=identify.split("=")[0]+"="+sql_quote(identify.split("=")[1]) elif name=="-format": format=urllib.unquote(value) elif (not name[0]=="-") and (not len(value)==0): - changeList.append("\""+name+"\"="+libpq.PgQuoteString(urllib.unquote(value))) + changeList.append("\""+name+"\"="+sql_quote(urllib.unquote(value))) changeString=string.join(changeList,",") queryString="UPDATE %s SET %s WHERE %s"%(table,changeString,identify) self.ZSQLSimpleSearch(queryString) return self.REQUEST.RESPONSE.redirect(format) def ZSQLChange_old(self): - """Ändern von Einträgen""" + """change entries""" qs=self.REQUEST['QUERY_STRING'] #print "CHANGE QS",self.REQUEST #return self.REQUEST @@ -334,11 +360,11 @@ class ZSQLExtendFolder(Folder,Persistent table=urllib.unquote(value) elif name=="-identify": identify=urllib.unquote(value) - identify=identify.split("=")[0]+"="+libpq.PgQuoteString(identify.split("=")[1]) + identify=identify.split("=")[0]+"="+sql_quote(identify.split("=")[1]) elif name=="-format": format=urllib.unquote(value) elif (not name[0]=="-") and (not len(value)==0): - changeList.append("\""+name+"\"="+libpq.PgQuoteString(urllib.unquote(value))) + changeList.append("\""+name+"\"="+sql_quote(urllib.unquote(value))) changeString=string.join(changeList,",") queryString="UPDATE %s SET %s WHERE %s"%(table,changeString,identify) self.ZSQLSimpleSearch(queryString) @@ -360,7 +386,7 @@ class ZSQLExtendFolder(Folder,Persistent #return self.ZSQLFind(qs="",select="oid,*",storename=None,tableExt=None,NoQuery=None,**argv) - def ZSQLFind(self,qs="",select="oid,*",storename=None,tableExt=None,NoQuery=None,NoLimit=None,restrictField=None,restrictConnect=None,**argv): + def ZSQLFind(self,qs="",select="oid,*",storename=None,tableExt=None,NoQuery=None,NoLimit=None,restrictField=None,restrictConnect=None,filter=None,**argv): """Find""" def delEmpty(list): @@ -373,7 +399,7 @@ class ZSQLExtendFolder(Folder,Persistent #self.REQUEST.SESSION['come_from_search']="no" # zurücksetzen if qs=="": - print "HI" + if self.REQUEST['QUERY_STRING']: qs=self.REQUEST['QUERY_STRING'] @@ -387,7 +413,7 @@ class ZSQLExtendFolder(Folder,Persistent else: qs=self.REQUEST.SESSION.get('query','') - print "QS:",qs + for field in argv.keys(): #print field qs+=",-%s=%s"%(field,argv[field]) @@ -409,11 +435,11 @@ class ZSQLExtendFolder(Folder,Persistent storename="foundCount" - print "calling Query with",repr(NoQuery) - ret=self.parseQueryString(qs,"-",select=select,storemax="yes",storename=storename,tableExt=tableExt,NoQuery=NoQuery,NoLimit=NoLimit,restrictField=restrictField,restrictConnect=restrictConnect) + #print "calling Query with",repr(NoQuery) + ret=self.parseQueryString(qs,"-",select=select,storemax="yes",storename=storename,tableExt=tableExt,NoQuery=NoQuery,NoLimit=NoLimit,restrictField=restrictField,restrictConnect=restrictConnect,filter=filter) #print self.REQUEST.SESSION["foundCount"] - print "called query" + return ret def ZSQLFoundCountLen(self,var): @@ -469,7 +495,7 @@ class ZSQLExtendFolder(Folder,Persistent return str(min(int(self.REQUEST.SESSION[storename]['rangeEnd']),int(self.REQUEST.SESSION[storename]['count']))) - def parseQueryString(self,qs,iCT,storemax="no",select=None,nostore=None,storename=None,tableExt=None,NoQuery=None,NoLimit=None,restrictField=None,restrictConnect=None): + def parseQueryString(self,qs,iCT,storemax="no",select=None,nostore=None,storename=None,tableExt=None,NoQuery=None,NoLimit=None,restrictField=None,restrictConnect=None,filter=None): """analysieren den QueryString""" #print "NO",nostore lop="AND" # standardsuche mit and @@ -480,6 +506,7 @@ class ZSQLExtendFolder(Folder,Persistent op="bw" opfields={} lopfields={} #Verknüpfung bei mehrfachauswahl von einem feld + sortfields={} #order of sortfields skip="" rangeStart=0 limit=0 @@ -516,6 +543,13 @@ class ZSQLExtendFolder(Folder,Persistent field=name[5:] lopfields[field]=lop + + if name[0:10]==iCT+"sortorder": + sort=value + + field=name[11:] + sortfields[field]=sort + #print "HI",op,field #print opfieldsa #now analyse the querystring @@ -530,7 +564,7 @@ class ZSQLExtendFolder(Folder,Persistent except: value="" - #value=libpq.PgQuoteString(value) + #value=sql_quote(value) if name==iCT+"lop": @@ -551,7 +585,14 @@ class ZSQLExtendFolder(Folder,Persistent elif name==iCT+"join": whereList.append(value) elif name==iCT+"sort": - sort="ORDER BY "+value.replace(' AND ',',') + sortstrs=[] + for word in value.split(','): + wordstr=word.lstrip().rstrip() + order=sortfields.get(wordstr,'ASC') + sortstrs.append(wordstr+" "+order) + if len(sortstrs)>0: + sort="ORDER BY "+string.join(sortstrs,',') + elif name==iCT+"token": if not nostore=="yes": self.REQUEST.SESSION['token']=value @@ -573,19 +614,26 @@ class ZSQLExtendFolder(Folder,Persistent namealt=name name="LOWER("+name+")" if op=="ct": - tmp=(name+" LIKE "+libpq.PgQuoteString("%"+value+"%")) + tmp=(name+" LIKE "+sql_quote("%"+value+"%")) elif op=="gt": - tmp=(name+">"+libpq.PgQuoteString(value)) + tmp=(name+">"+sql_quote(value)) elif op=="lt": - tmp=(name+"<"+libpq.PgQuoteString(value)) + tmp=(name+"<"+sql_quote(value)) elif op=="eq": - tmp=(name+"="+libpq.PgQuoteString(value)) + tmp=(name+"="+sql_quote(value)) elif op=="bw": - tmp=(name+" LIKE "+libpq.PgQuoteString(value+"%")) + tmp=(name+" LIKE "+sql_quote(value+"%")) elif op=="ew": - tmp=(name+" LIKE "+libpq.PgQuoteString("%"+value)) + tmp=(name+" LIKE "+sql_quote("%"+value)) + elif op=="all": + tmps=[] + for word in value.split(" "): + tmps.append(name+" LIKE "+sql_quote("%"+word+"%")) + + tmp=string.join(tmps,' AND ') + op="ct" - print "TTT",tableExt + if (not tableExt) or (namealt.split('.')[0]==tableExt): if searchFields.has_key(name): searchFields[name]+=lopfields.get(name,'OR')+" "+tmp @@ -604,17 +652,17 @@ class ZSQLExtendFolder(Folder,Persistent ## op="ct" ## name="LOWER("+name+")" ## if op=="ct": -## whereList.append(name+" LIKE "+libpq.PgQuoteString("%"+value+"%")) +## whereList.append(name+" LIKE "+sql_quote("%"+value+"%")) ## elif op=="gt": -## whereList.append(name+">"+libpq.PgQuoteString(value)) +## whereList.append(name+">"+sql_quote(value)) ## elif op=="lt": -## whereList.append(name+"<"+libpq.PgQuoteString(value)) +## whereList.append(name+"<"+sql_quote(value)) ## elif op=="eq": -## whereList.append(name+"="+libpq.PgQuoteString(value)) +## whereList.append(name+"="+sql_quote(value)) ## elif op=="bw": -## whereList.append(name+" LIKE "+libpq.PgQuoteString(value+"%")) +## whereList.append(name+" LIKE "+sql_quote(value+"%")) ## elif op=="ew": -## whereList.append(name+" LIKE "+libpq.PgQuoteString("%"+value)) +## whereList.append(name+" LIKE "+sql_quote("%"+value)) ## op="ct" ## #except: @@ -623,13 +671,19 @@ class ZSQLExtendFolder(Folder,Persistent whereList=["("+searchFields[x]+")" for x in searchFields.keys()] if len(whereList)>0: - - where="WHERE "+string.join(whereList," "+lop+" ") + if filter: + whereStr="("+string.join(whereList," "+lop+" ")+") AND "+filter + else: + whereStr=string.join(whereList," "+lop+" ") + where="WHERE "+whereStr else: - where="" + if filter: + where="WHERE "+filter + else: + where="" if restrictConnect: - print "resticted" + if len(where)==0: where="WHERE "+restrictConnect[0]+" in ("+restrictConnect[1]+")" else: @@ -646,12 +700,12 @@ class ZSQLExtendFolder(Folder,Persistent if storename and (not NoQuery): query2="SELECT count(*) FROM %s %s"%(table,where) - print "storing",query2 + #print "QUERYSTRING:",self.REQUEST.SESSION[storename]['queryString2'] if not self.REQUEST.SESSION.has_key(storename): self.REQUEST.SESSION[storename]={} if self.REQUEST.SESSION[storename].has_key('queryString2'): - print "HI",storename + if not self.REQUEST.SESSION[storename]['queryString2']==query2: #print "HOOOOO",storename self.REQUEST.SESSION[storename]['queryString2']=query2 @@ -660,7 +714,7 @@ class ZSQLExtendFolder(Folder,Persistent #print "QUERY",query2,"::::",self.REQUEST.SESSION[storename]['queryString2'] else: - print "go" + self.REQUEST.SESSION[storename]['queryString2']=query2 self.REQUEST.SESSION[storename]['count']=self.ZSQLSimpleSearch(query2)[0].count #print "QUERYNEW",self.REQUEST.SESSION[storename]['queryString2'] @@ -676,10 +730,10 @@ class ZSQLExtendFolder(Folder,Persistent self.REQUEST.SESSION[storename]['searchFieldsOnly']=searchFieldsOnly if not NoQuery: - print "noquery",query + return self.ZSQLQuery(query) else: - print "query" + return query def ZSQLQuery(self,query): @@ -1073,11 +1127,24 @@ class ZSQLBibliography(Folder,ZSQLExtend def getMetaDatasXML(self): """index""" + # check if the request's host part was OK + http_host = self.REQUEST['HTTP_HOST'] + host_port = self.REQUEST['SERVER_PORT'] + fix_host = None + if http_host and http_host.rfind(host_port) == -1: + print "HTTP_HOST needs fixing!" + fix_host = http_host + ":" + host_port + ret=""" """ for found in self.ZSQLSimpleSearch("select oid from %s limit ALL"%self.tableName): - link=self.absolute_url()+"/"+"record.html?oid=%i"%found.oid - metalink=self.absolute_url()+"/"+"getMetaDataXML?oid=%i"%found.oid + base_url = self.absolute_url() + if fix_host: + #print "replacing ", http_host, " by ", fix_host + base_url = string.replace(base_url, http_host, fix_host, 1) + + link=base_url+"/"+"record.html?oid=%i"%found.oid + metalink=base_url+"/"+"getMetaDataXML?oid=%i"%found.oid ret+="""\n"""%(link,metalink)