Gossamer Forum
Home : Products : DBMan SQL : Discussion :

Finding more than 'own' records in keyword search

Quote Reply
Finding more than 'own' records in keyword search
Though this problem seems to have been discussed many years back but I could not find a solution in any of the posts --- maybe I missed it!

I notice that for database where 'auth_view_own' has been set to 'yes' when a registered user logs in and does a keyword search, it overrides everything and give records of all users not just your own. Surprisingly when you give a '*' keyword search, it works well and give only your own records.

But for any other word in keyword search give all users record.

Is there a fix for this? Will appreciate any help in solving this.
Quote Reply
Re: [TIF] Finding more than 'own' records in keyword search In reply to
I recently started installed the WordSearch Plugin. This does a wonderful job of doing a Multiple Word search for a set of columns.

But this again for a registered user, who is logged in, & the for a DB that has a setup of auth_view_own=1, when I use a WordSearch for doing a multiple words search it shows all the records from the database that match the search condition rather than only the records owned by the logged in user that match the search criteria.

Any ideas how I can restrict search to show only the logged in users own records only.

Thanks.
Quote Reply
Re: [TIF] Finding more than 'own' records in keyword search In reply to
Well with little bit of struggle I think I found a solution. It seems to work for me.

Make following changes in WordSearch plugin.

Instead of

# ===
my $sb = $home->{cgi}->{sb};
my $so = $home->{cgi}->{so} || 'ASC';
my $mh = $home->{cgi}->{mh} || 25;
my $nh = $home->{cgi}->{nh} || 1;
my $bg = ($nh == 1) ? 0 : ($nh - 1) * $mh;
my $lm = "LIMIT $bg, $mh";
# Do the search and count the results.
my $sth = $home->{db}->select($cond) or return $home->search_form($GT::SQL::error);
my $hits = $sth->rows;

( $sb ) ? $home->{db}->select_options("ORDER BY $sb $so", $lm) : $home->{db}->select_options($lm);
$sth = $home->{db}->select($cond) or return $home->search_form($GT::SQL::error);
# ===

Use the following

# ===
# Start of mod - to ensure view_own_only works
# creating another Condition Object as WordSearch is a OR condition object
# $totalcond is a AND condition which will be ANDed with OR

my $totalcond = new GT::SQL::Condition('AND');
$totalcond->add($cond);

# Check if users can view only their own record
if ($home->{cfg}->{'auth_view_own'} and $home->{cfg}->{'auth_user_field'}) {
$totalcond->add($home->{cfg}->{'auth_user_field'},'=', "$home->{user}->{'Username'}");
}
# End


my $sb = $home->{cgi}->{sb};
my $so = $home->{cgi}->{so} || 'ASC';
my $mh = $home->{cgi}->{mh} || 25;
my $nh = $home->{cgi}->{nh} || 1;
my $bg = ($nh == 1) ? 0 : ($nh - 1) * $mh;
my $lm = "LIMIT $bg, $mh";
# Do the search and count the results.
my $sth = $home->{db}->select($totalcond) or return $home->search_form($GT::SQL::error);
my $hits = $sth->rows;

( $sb ) ? $home->{db}->select_options("ORDER BY $sb $so", $lm) : $home->{db}->select_options($lm);
$sth = $home->{db}->select($totalcond) or return $home->search_form($GT::SQL::error);

# ===

Plugin worked with this change, now it shows only records created by the user.