[Fusionforge-commits] r8517 - in trunk/gforge: common/search plugins/wiki/common plugins/wiki/include www/trove

Roland Mas lolando at libremir.placard.fr.eu.org
Fri Dec 11 15:00:07 CET 2009


Author: lolando
Date: 2009-12-11 15:00:06 +0100 (Fri, 11 Dec 2009)
New Revision: 8517

Modified:
   trunk/gforge/common/search/ArtifactSearchQuery.class.php
   trunk/gforge/common/search/DocsSearchQuery.class.php
   trunk/gforge/common/search/ExportProjectSearchQuery.class.php
   trunk/gforge/common/search/ForumSearchQuery.class.php
   trunk/gforge/common/search/ForumsSearchQuery.class.php
   trunk/gforge/common/search/FrsSearchQuery.class.php
   trunk/gforge/common/search/NewsSearchQuery.class.php
   trunk/gforge/common/search/PeopleSearchQuery.class.php
   trunk/gforge/common/search/ProjectSearchQuery.class.php
   trunk/gforge/common/search/SearchQuery.class.php
   trunk/gforge/common/search/SkillSearchQuery.class.php
   trunk/gforge/common/search/TasksSearchQuery.class.php
   trunk/gforge/common/search/TrackersSearchQuery.class.php
   trunk/gforge/plugins/wiki/common/WikiSearchQuery.class.php
   trunk/gforge/plugins/wiki/include/WikiSearchQuery.class.php
   trunk/gforge/www/trove/TroveCategory.class.php
Log:
db_query_qpa for the search system

Modified: trunk/gforge/common/search/ArtifactSearchQuery.class.php
===================================================================
--- trunk/gforge/common/search/ArtifactSearchQuery.class.php	2009-12-11 11:15:40 UTC (rev 8516)
+++ trunk/gforge/common/search/ArtifactSearchQuery.class.php	2009-12-11 14:00:06 UTC (rev 8517)
@@ -59,95 +59,128 @@
 	}
 
 	/**
-	 * getQuery - get the sql query built to get the search results
+	 * getQuery - get the query built to get the search results
 	 *
-	 * @return string sql query to execute
+	 * @return array query+params array
 	 */
 	function getQuery() {
 		global $sys_database_type;
+		global $sys_use_fti;
 
-		global $sys_use_fti;
+		$qpa = db_construct_qpa () ;
+
 		if ($sys_use_fti) {
 			$words=$this->getFormattedWords();
 			$artifactId = $this->artifactId;
-		    if (count($words)) {
-				$tsquery0 = "headline(summary, '".$this->getFormattedWords()."') as summary";
-				$tsquery = ", artifact_idx ai, artifact_message_idx ami, to_tsquery('".$words."') q";
-				$tsmatch = "(ai.vectors @@ q OR ami.vectors @@ q)"; 
-				$rankCol = "sum((rank(ai.vectors, q)+rank(ami.vectors, q))) as rank";
-				$tsjoin = 'AND ai.artifact_id = a.artifact_id '
-						. 'AND ami.id = am.id ';
-				$phraseOp = $this->getOperator();
+
+			if (count($words)) {
+				$qpa = db_construct_qpa ($qpa,
+							 'SELECT a.group_artifact_id, a.artifact_id, headline(summary, $1) AS summary, ',
+							 array ($this->getFormattedWords())) ;
+				$qpa = db_construct_qpa ($qpa,
+							 'a.open_date, users.realname, rank FROM (SELECT a.artifact_id, SUM (RANK(ai.vectors, q) + RANK(ami.vectors, q)) AS rank FROM artifact a LEFT OUTER JOIN artifact_message am USING (artifact_id)') ;
+
+				$qpa = db_construct_qpa ($qpa,
+							 ', artifact_idx ai, artifact_message_idx ami, to_tsquery($1) q',
+							 array ($words)) ;
+				$qpa = db_construct_qpa ($qpa,
+							 'WHERE a.group_artifact_id=$1',
+							 array ($artifactId)) ;
+				$qpa = db_construct_qpa ($qpa,
+							 ' AND ai.artifact_id = a.artifact_id AND ami.id = am.id AND ((ai.vectors @@ q OR ami.vectors @@ q) ') ;
+
+				if (count($this->phrases)) {
+					$qpa = db_construct_qpa ($qpa,
+								 $this->getOperator()) ;
+					$qpa = db_construct_qpa ($qpa,
+								 '(') ;
+					$qpa = $this->addMatchCondition($qpa, 'a.details');
+					$qpa = db_construct_qpa ($qpa,
+								 ') OR (') ;
+					$qpa = $this->addMatchCondition($qpa, 'a.summary');
+					$qpa = db_construct_qpa ($qpa,
+								 ') OR (') ;
+					$qpa = $this->addMatchCondition($qpa, 'am.body');
+					$qpa = db_construct_qpa ($qpa,
+								 ')') ;
+				}
+				$qpa = db_construct_qpa ($qpa,
+							 ') GROUP BY a.artifact_id) x, artifact a, users WHERE a.artifact_id=x.artifact_id AND users.user_id=a.submitted_by ORDER BY group_artifact_id ASC, rank DESC, a.artifact_id ASC') ;
 			} else {
-				$tsquery0 = "summary";
-				$tsquery = "";
-				$tsmatch = "";
-				$tsjoin = "";
-				$rankCol = "0 as rank";
-				$phraseOp = "";
+				$qpa = db_construct_qpa ($qpa,
+							 'SELECT a.group_artifact_id, a.artifact_id, summary, a.open_date, users.realname, rank FROM (SELECT a.artifact_id, 0 AS rank FROM artifact a LEFT OUTER JOIN artifact_message am USING (artifact_id)') ;
+
+				$qpa = db_construct_qpa ($qpa,
+							 'WHERE a.group_artifact_id=$1',
+							 array ($artifactId)) ;
+
+				if (count($this->phrases)) {
+					$qpa = db_construct_qpa ($qpa,
+								 ' AND (') ;
+					$qpa = db_construct_qpa ($qpa,
+								 '(') ;
+					$qpa = $this->addMatchCondition($qpa, 'a.details');
+					$qpa = db_construct_qpa ($qpa,
+								 ') OR (') ;
+					$qpa = $this->addMatchCondition($qpa, 'a.summary');
+					$qpa = db_construct_qpa ($qpa,
+								 ') OR (') ;
+					$qpa = $this->addMatchCondition($qpa, 'am.body');
+					$qpa = db_construct_qpa ($qpa,
+								 '))') ;
+				}
+				$qpa = db_construct_qpa ($qpa,
+							 ' GROUP BY a.artifact_id) x, artifact a, users WHERE a.artifact_id=x.artifact_id AND users.user_id=a.submitted_by ORDER BY group_artifact_id ASC, rank DESC, a.artifact_id ASC') ;
 			}
-			$phraseCond = '';
-			if (count($this->phrases)) {
-				$detailsCond = $this->getMatchCond('a.details', $this->phrases);
-				$summaryCond = $this->getMatchCond('a.summary', $this->phrases);
-				$msgCond = $this->getMatchCond('am.body', $this->phrases);
-				$phraseCond = "$phraseOp (($detailsCond) OR ($summaryCond))";
-			}
-			$sql = "
-				select a.group_artifact_id,a.artifact_id, $tsquery0,
-				a.open_date,users.realname, rank
-				FROM (SELECT a.artifact_id,
-				$rankCol
-				FROM artifact a LEFT OUTER JOIN artifact_message am USING (artifact_id)
-				$tsquery
-				WHERE 
-				a.group_artifact_id='$artifactId'
-				$tsjoin
-				AND ($tsmatch $phraseCond)
-				GROUP BY a.artifact_id) x,
-				artifact a, users
-				WHERE
-				a.artifact_id = x.artifact_id
-				AND users.user_id=a.submitted_by
-				ORDER BY group_artifact_id ASC, rank DESC, a.artifact_id ASC";
 		} else {
-
 			if ($sys_database_type == "mysql") {
-				$sql = 'SELECT DISTINCT a.group_artifact_id,a.artifact_id,a.summary,a.open_date,users.realname ';
+				$qpa = db_construct_qpa ($qpa,
+							 'SELECT DISTINCT a.group_artifact_id,a.artifact_id,a.summary,a.open_date,users.realname ') ;
 			} else {
-				$sql = 'SELECT DISTINCT ON (a.group_artifact_id,a.artifact_id) a.group_artifact_id,a.artifact_id,a.summary,a.open_date,users.realname ';
+				$qpa = db_construct_qpa ($qpa,
+							 'SELECT DISTINCT ON (a.group_artifact_id,a.artifact_id) a.group_artifact_id,a.artifact_id,a.summary,a.open_date,users.realname ') ;
 			}
-			$sql.='FROM artifact a LEFT OUTER JOIN artifact_message am USING (artifact_id), users ' 
-				. 'WHERE a.group_artifact_id=\''.$this->artifactId.'\' '
-				. 'AND users.user_id=a.submitted_by '
-				. 'AND (('.$this->getIlikeCondition('a.details', $this->words).') ' 
-				. 'OR ('.$this->getIlikeCondition('a.summary', $this->words).') '
-				. 'OR ('.$this->getIlikeCondition('am.body', $this->words).')) '
-				. 'ORDER BY group_artifact_id ASC, a.artifact_id ASC';
+			$qpa = db_construct_qpa ($qpa,
+						 'FROM artifact a LEFT OUTER JOIN artifact_message am USING (artifact_id), users WHERE a.group_artifact_id=$1 AND users.user_id=a.submitted_by AND ((',
+						 array ($this->artifactId)) ;
+			
+			$qpa = $this->addIlikeCondition ($qpa, 'a.details') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ') OR (') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'a.summary') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ') OR (') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'am.body') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ')) ORDER BY group_artifact_id ASC, a.artifact_id ASC') ;
 		}
-		return $sql;
+		return $qpa;
 	}
 
 	/**
-	 * getSearchByIdQuery - get the sql query built to get the search results when we are looking for an int
+	 * getSearchByIdQuery - get the query built to get the search results when we are looking for an int
 	 *
-	 * @return string sql query to execute
+	 * @return array query+params array
 	 */	
 	function getSearchByIdQuery() {
 		global $sys_database_type;
 
+		$qpa = db_construct_qpa () ;
+
 		if ($sys_database_type == "mysql") {
-			$sql = 'SELECT DISTINCT a.group_artifact_id, a.artifact_id ';
+			$qpa = db_construct_qpa ($qpa,
+						 'SELECT DISTINCT a.group_artifact_id, a.artifact_id') ;
 		} else {
-			$sql = 'SELECT DISTINCT ON (a.group_artifact_id,a.artifact_id) a.group_artifact_id, a.artifact_id ';
+			$qpa = db_construct_qpa ($qpa,
+						 'SELECT DISTINCT ON (a.group_artifact_id,a.artifact_id) a.group_artifact_id, a.artifact_id') ;
 		}
-		$sql.='FROM artifact a ' 
-			. 'WHERE a.group_artifact_id=\''.$this->artifactId.'\' '
-			. 'AND a.artifact_id=\''.$this->searchId.'\'';
+		$qpa = db_construct_qpa ($qpa,
+					 ' FROM artifact a WHERE a.group_artifact_id=$1 AND a.artifact_id=$2',
+					 array ($this->artifactId,
+						$this->searchId)) ;
 
-		return $sql;
+		return $qpa;
 	}
-	
 }
 
 // Local Variables:

Modified: trunk/gforge/common/search/DocsSearchQuery.class.php
===================================================================
--- trunk/gforge/common/search/DocsSearchQuery.class.php	2009-12-11 11:15:40 UTC (rev 8516)
+++ trunk/gforge/common/search/DocsSearchQuery.class.php	2009-12-11 14:00:06 UTC (rev 8517)
@@ -61,82 +61,119 @@
 	}
 
 	/**
-	 * getQuery - get the sql query built to get the search results
+	 * getQuery - get the query built to get the search results
 	 *
-	 * @return string sql query to execute
+	 * @return array query+params array
 	 */
 	function getQuery() {
 		global $sys_use_fti;
 		if ($sys_use_fti) {
 			return $this->getFTIQuery();
 		} else {
-			$sql = 'SELECT doc_data.docid, doc_data.title, doc_data.description, doc_groups.groupname'
-				.' FROM doc_data, doc_groups'
-				.' WHERE doc_data.doc_group = doc_groups.doc_group'
-				.' AND doc_data.group_id ='.$this->groupId;
+			$qpa = db_construct_qpa () ;
+			$qpa = db_construct_qpa ($qpa,
+						 'SELECT doc_data.docid, doc_data.title, doc_data.description, doc_groups.groupname FROM doc_data, doc_groups WHERE doc_data.doc_group = doc_groups.doc_group AND doc_data.group_id = $1',
+						 array ($this->groupId)) ;
 			if ($this->sections != SEARCH__ALL_SECTIONS) {
-				$sql .= ' AND doc_groups.doc_group IN ('.$this->sections.') ';
+				$qpa = db_construct_qpa ($qpa,
+							 'AND doc_groups.doc_group = ANY ($1) ',
+							 db_int_array_to_any_clause ($this->sections)) ;
 			}
 			if ($this->showNonPublic) {
-				$sql .= ' AND doc_data.stateid IN (1, 4, 5)';
+				$qpa = db_construct_qpa ($qpa,
+							 ' AND doc_data.stateid IN (1, 4, 5)') ;
 			} else {
-				$sql .= ' AND doc_data.stateid = 1';
+				$qpa = db_construct_qpa ($qpa,
+							 ' AND doc_data.stateid = 1') ;
 			}
-			$sql .= ' AND (('.$this->getIlikeCondition('title', $this->words).')' 
-				.' OR ('.$this->getIlikeCondition('description', $this->words).'))'
-				.' ORDER BY doc_groups.groupname, doc_data.docid';
+			$qpa = db_construct_qpa ($qpa,
+						 ' AND ((') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'title') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ') OR (') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'description') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ') ORDER BY doc_groups.groupname, doc_data.docid') ;
 		}
-		return $sql;
+		return $qpa;
 	}
 	
 	function getFTIQuery() {
-		if ($this->showNonPublic) {
-			$nonPublic = "1, 4, 5";
-		} else {
-			$nonPublic = "1";
-		}
-		if ($this->sections != SEARCH__ALL_SECTIONS) {
-			$sections = "AND doc_groups.doc_group IN ($this->sections)";
-		} else {
-			$sections = '';
-		}
 		$words = $this->getFormattedWords();
 		$group_id=$this->groupId;
 
+		$qpa = db_construct_qpa () ;
 		if(count($this->words)) {
-			$tsquery0 = "headline(doc_data.title, q) AS title, headline(doc_data.description, q) AS description";
-			$tsquery = ", doc_data_idx, to_tsquery('".$words()."') q";
-			$tsmatch = "vectors @@ q";
-			$rankCol = "";
-			$tsjoin = 'AND doc_data.docid = doc_data_idx.docid  ';
-			$orderBy = "ORDER BY rank(vectors, q) DESC, groupname ASC";
-			$phraseOp = $this->getOperator();
+			$qpa = db_construct_qpa ($qpa,
+						 'SELECT doc_data.docid, headline(doc_data.title, q) AS title, headline(doc_data.description, q) AS description doc_groups.groupname FROM doc_data, doc_groups, doc_data_idx, to_tsquery($1) q',
+						 array (implode (' ', $words))) ;
+			$qpa = db_construct_qpa ($qpa,
+						 ' WHERE doc_data.doc_group = doc_groups.doc_group AND doc_data.docid = doc_data_idx.docid AND (vectors @@ q') ;
+			if (count($this->phrases)) {
+				$qpa = db_construct_qpa ($qpa,
+							 $this->getOperator()) ;
+				$qpa = db_construct_qpa ($qpa,
+							 '(') ;
+				$qpa = $this->addMatchCondition($qpa, 'title');
+				$qpa = db_construct_qpa ($qpa,
+							 ') OR (') ;
+				$qpa = $this->addMatchCondition($qpa, 'description');
+				$qpa = db_construct_qpa ($qpa,
+							 ')') ;
+			}
+			$qpa = db_construct_qpa ($qpa,
+						 ') AND doc_data.group_id = $1',
+						 array ($group_id)) ;
+			if ($this->sections != SEARCH__ALL_SECTIONS) {
+				$qpa = db_construct_qpa ($qpa,
+							 ' AND doc_groups.doc_group = ANY ($1)',
+							 db_int_array_to_any_clause ($this->sections)) ;
+			}
+			if ($this->showNonPublic) {
+				$qpa = db_construct_qpa ($qpa,
+							 ' AND doc_data.stateid IN (1, 4, 5)') ;
+			} else {
+				$qpa = db_construct_qpa ($qpa,
+							 ' AND doc_data.stateid = 1') ;
+			}
+			$qpa = db_construct_qpa ($qpa,
+						 ' ORDER BY rank(vectors, q) DESC, groupname ASC') ;
 		} else {
-			$tsquery0 = "title, description";
-			$tsquery = "";
-			$tsmatch = "";
-			$tsjoin = "";
-			$rankCol = "";
-			$orderBy = "ORDER BY groupname";
-			$phraseOp = "";
+			$qpa = db_construct_qpa ($qpa,
+						 'SELECT doc_data.docid, title, description doc_groups.groupname FROM doc_data, doc_groups') ;
+			$qpa = db_construct_qpa ($qpa,
+						 'WHERE doc_data.doc_group = doc_groups.doc_group') ;
+			if (count($this->phrases)) {
+				$qpa = db_construct_qpa ($qpa,
+							 $this->getOperator()) ;
+				$qpa = db_construct_qpa ($qpa,
+							 '(') ;
+				$qpa = $this->addMatchCondition($qpa, 'title');
+				$qpa = db_construct_qpa ($qpa,
+							 ') OR (') ;
+				$qpa = $this->addMatchCondition($qpa, 'description');
+				$qpa = db_construct_qpa ($qpa,
+							 ')') ;
+			}
+			$qpa = db_construct_qpa ($qpa,
+						 ') AND doc_data.group_id = $1',
+						 array ($group_id)) ;
+			if ($this->sections != SEARCH__ALL_SECTIONS) {
+				$qpa = db_construct_qpa ($qpa,
+							 'AND doc_groups.doc_group = ANY ($1) ',
+							 db_int_array_to_any_clause ($this->sections)) ;
+			}
+			if ($this->showNonPublic) {
+				$qpa = db_construct_qpa ($qpa,
+							 ' AND doc_data.stateid IN (1, 4, 5)') ;
+			} else {
+				$qpa = db_construct_qpa ($qpa,
+							 ' AND doc_data.stateid = 1') ;
+			}
+			$qpa = db_construct_qpa ($qpa,
+						 ' ORDER BY groupname') ;
 		}
-
-		$phraseCond = '';
-		if(count($this->phrases)) {
-			$titleCond = $this->getMatchCond('title', $this->phrases);
-			$descCond = $this->getMatchCond('description', $this->phrases);
-			$phraseCond = $phraseOp.' (('.$titleCond.') OR ('.$descCond.'))';
-		}
-		
-		$sql="SELECT doc_data.docid, $tsquery0, doc_groups.groupname
-			FROM doc_data, doc_groups $tsquery
-			WHERE doc_data.doc_group = doc_groups.doc_group
-			$tsjoin AND ($tsmatch $phraseCond )
-			AND doc_data.group_id = '$group_id'
-			$sections
-			AND doc_data.stateid IN ($nonPublic)
-			$orderBy";
-		return $sql;
+		return $qpa ;
 	}
 
 	/**

Modified: trunk/gforge/common/search/ExportProjectSearchQuery.class.php
===================================================================
--- trunk/gforge/common/search/ExportProjectSearchQuery.class.php	2009-12-11 11:15:40 UTC (rev 8516)
+++ trunk/gforge/common/search/ExportProjectSearchQuery.class.php	2009-12-11 14:00:06 UTC (rev 8517)
@@ -39,61 +39,88 @@
 	}
 
 	/**
-	 * getQuery - get the sql query built to get the search results
+	 * getQuery - get the query built to get the search results
 	 *
-	 * @return string sql query to execute
+	 * @return array query+params array
 	 */
 	function getQuery() {
 		global $sys_use_fti;
+		$qpa = db_construct_qpa () ;
 		if ($sys_use_fti) {
 			$words = $this->getFormattedWords();
 			if(count($this->words)) {
-				$tsquery0 = "headline(unix_group_name, q) as unix_group_name, headline(short_description, q) as short_description";
-				$tsquery = ", groups_idx, to_tsquery('".$words."') q";
-				$tsmatch = "vectors @@ q";
-				$rankCol = "";
-				$tsjoin = 'AND groups.group_id = groups_idx.group_id ';
-				$orderBy = "ORDER BY rank(vectors, q) DESC, group_name ASC";
-				$phraseOp = $this->getOperator();
+				$qpa = db_construct_qpa ($qpa,
+							 'SELECT headline(unix_group_name, q) as unix_group_name, headline(short_description, q) as short_description, type_id, groups.group_id, license, register_time FROM groups, groups_idx, to_tsquery($1) q ',
+							 array (implode (' ', $words))) ;
+				$qpa = db_construct_qpa ($qpa,
+							 'WHERE status IN ($1, $2) AND is_public=1 AND short_description <> $3 AND groups.group_id = groups_idx.group_id',
+							 array ('A',
+								'H',
+								'')) ;
+				$qpa = db_construct_qpa ($qpa,
+							 ' AND (vectors @@ q' ) ;
+				if (count($this->phrases)) {
+					$qpa = db_construct_qpa ($qpa,
+								 $this->getOperator()) ;
+					$qpa = db_construct_qpa ($qpa,
+								 '(') ;
+					$qpa = $this->addMatchCondition($qpa, 'group_name');
+					$qpa = db_construct_qpa ($qpa,
+								 ') OR (') ;
+					$qpa = $this->addMatchCondition($qpa, 'unix_group_name');
+					$qpa = db_construct_qpa ($qpa,
+								 ') OR (') ;
+					$qpa = $this->addMatchCondition($qpa, 'short_description');
+					$qpa = db_construct_qpa ($qpa,
+								 ')') ;
+				}
+				$qpa = db_construct_qpa ($qpa,
+							 ') ORDER BY rank(vectors, q) DESC, group_name ASC') ;
 			} else {
-				$tsquery0 = "unix_group_name, short_description";
-				$tsquery = "";
-				$tsmatch = "";
-				$tsjoin = "";
-				$rankCol = "";
-				$orderBy = "ORDER BY group_name";
-				$phraseOp = "";
+				$qpa = db_construct_qpa ($qpa,
+							 'SELECT unix_group_name, short_description, type_id, groups.group_id, license, register_time FROM groups ') ;
+				$qpa = db_construct_qpa ($qpa,
+							 'WHERE status IN ($1, $2) AND is_public=1 AND short_description <> $3',
+							 array ('A',
+								'H',
+								'')) ;
+				if (count($this->phrases)) {
+					$qpa = db_construct_qpa ($qpa,
+								 ' AND (' ) ;
+					$qpa = db_construct_qpa ($qpa,
+								 '(') ;
+					$qpa = $this->addMatchCondition($qpa, 'group_name');
+					$qpa = db_construct_qpa ($qpa,
+								 ') OR (') ;
+					$qpa = $this->addMatchCondition($qpa, 'unix_group_name');
+					$qpa = db_construct_qpa ($qpa,
+								 ') OR (') ;
+					$qpa = $this->addMatchCondition($qpa, 'short_description');
+					$qpa = db_construct_qpa ($qpa,
+								 '))') ;
+				}
+				$qpa = db_construct_qpa ($qpa,
+							 ') ORDER BY group_name' ) ;
 			}
-			$phraseCond = '';
-			if(count($this->phrases)) {
-				$groupNameCond = $this->getMatchCond('group_name', $this->phrases);
-				$groupDescriptionCond = $this->getMatchCond('short_description', $this->phrases);
-				$groupUnixNameCond = $this->getMatchCond('unix_group_name', $this->phrases);
-				$phraseCond = $phraseOp.' (('.$groupNameCond.') OR ('.$groupDescriptionCond.') OR ('.$groupUnixNameCond.'))';
-			}
-			$sql = "SELECT $tsquery0,
-				type_id,
-				groups.group_id,
-				license,
-				register_time
-				FROM groups $tsquery
-				WHERE status IN ('A', 'H') AND is_public='1' AND short_description <> ''
-				$tsjoin AND ($tsmatch $phraseCond)
-				$orderBy";
 		} else {
-			$groupNameCond = $this->getIlikeCondition('group_name', $this->words);
-			$groupDescriptionCond = $this->getIlikeCondition('short_description', $this->words);
-			$groupUnixNameCond = $this->getIlikeCondition('unix_group_name', $this->words);
-			
-			$sql = 'SELECT group_name,unix_group_name,type_id,groups.group_id, '
-				.'short_description,license,register_time '
-				.'FROM groups '
-				.'WHERE status IN (\'A\', \'H\') '
-				.'AND is_public=\'1\' '
-				.'AND groups.short_description<>\'\' '
-				.'AND (('.$groupNameCond.') OR ('.$groupDescriptionCond.') OR ('.$groupUnixNameCond.'))';
+			$qpa = db_construct_qpa ($qpa,
+						 'SELECT group_name,unix_group_name,type_id,groups.group_id, short_description,license,register_time FROM groups WHERE status IN ($1, $2) AND is_public=1 AND short_description <> $3 AND groups.group_id = groups_idx.group_id',
+							 array ('A',
+								'H',
+								'')) ;
+                        $qpa = db_construct_qpa ($qpa,
+                                                 ' AND ((') ;
+                        $qpa = $this->addIlikeCondition ($qpa, 'group_name') ;
+                        $qpa = db_construct_qpa ($qpa,
+                                                 ') OR (') ;
+                        $qpa = $this->addIlikeCondition ($qpa, 'unix_group_name') ;
+			$qpa = db_construct_qpa ($qpa,
+                                                 ') OR (') ;
+                        $qpa = $this->addIlikeCondition ($qpa, 'short_description') ;
+			$qpa = db_construct_qpa ($qpa,
+                                                 '))') ;
 		}
-		return $sql;
+		return $qpa ;
 	}
 }
 

Modified: trunk/gforge/common/search/ForumSearchQuery.class.php
===================================================================
--- trunk/gforge/common/search/ForumSearchQuery.class.php	2009-12-11 11:15:40 UTC (rev 8516)
+++ trunk/gforge/common/search/ForumSearchQuery.class.php	2009-12-11 14:00:06 UTC (rev 8517)
@@ -58,68 +58,75 @@
 	}
 
 	/**
-	 * getQuery - get the sql query built to get the search results
+	 * getQuery - get the query built to get the search results
 	 *
-	 * @return string sql query to execute
+	 * @return array query+params array
 	 */
 	function getQuery() {
 		global $sys_use_fti;
+
+		$qpa = db_construct_qpa () ;
+
 		if ($sys_use_fti) {
 			$words = $this->getFormattedWords();
+			
+
 			if(count($this->words)) {
-				$tsquery0 = "headline(forum.subject, q) AS subject";
-				$tsquery = ", to_tsquery('".$words."') AS q, forum_idx as fi";
-				$tsmatch = "vectors @@ q";
-				$rankCol = "";
-				$tsjoin = 'AND fi.msg_id = forum.msg_id';
-				$orderBy = "ORDER BY rank(vectors, q) DESC";
+				$qpa = db_construct_qpa ($qpa,
+							 'SELECT forum.msg_id, headline(forum.subject, q) AS subject, forum.post_date, users.realname FROM forum, users, to_tsquery($1) AS q, forum_idx as fi WHERE forum.group_forum_id = $2 AND forum.posted_by = users.user_id AND fi.msg_id = forum.msg_id AND vectors @@ q ',
+							 array ($words,
+								$this->forumId)) ;
 				$phraseOp = $this->getOperator();
 			} else {
-				$tsquery0 = "subject";
-				$tsquery = "";
-				$tsmatch = "";
-				$tsjoin = "";
-				$rankCol = "";
-				$orderBy = "ORDER BY post_date DESC";
-				$phraseOp = "";
+				$qpa = db_construct_qpa ($qpa,
+							 'SELECT forum.msg_id, subject, forum.post_date, users.realname FROM forum, users WHERE forum.group_forum_id = $1 AND forum.posted_by = users.user_id ',
+							 array ($this->forumId)) ;
 			}
-			$phraseCond = '';
+
 			if(count($this->phrases)) {
-				$bodyCond = $this->getMatchCond('forum.body', $this->phrases);
-				$subjectCond = $this->getMatchCond('forum.subject', $this->phrases);
-				$phraseCond = $phraseOp.' (('.$bodyCond.') OR ('.$subjectCond.'))';
+				$qpa = db_construct_qpa ($qpa,
+							 'AND ((') ;
+				$qpa = $this->addMatchCondition($qpa, 'forum.body');
+				$qpa = db_construct_qpa ($qpa,
+							 ') OR (') ;
+				$qpa = $this->addMatchCondition($qpa, 'forum.subject');
+				$qpa = db_construct_qpa ($qpa,
+							 ')) ') ;
 			}
-			$sql = "SELECT forum.msg_id, $tsquery0, forum.post_date, users.realname
-				FROM forum, users $tsquery
-				WHERE
-				forum.group_forum_id =".$this->forumId."
-				AND forum.posted_by = users.user_id
-				$tsjoin AND ($tsmatch $phraseCond)
-				$orderBy";
+			if(count($this->words)) {
+				$qpa = db_construct_qpa ($qpa,
+							 'ORDER BY rank(vectors, q) DESC') ;
+			} else {
+				$qpa = db_construct_qpa ($qpa,
+							 'ORDER BY post_date DESC') ;
+			}
 		} else {
-			$sql = 'SELECT forum.msg_id, forum.subject, forum.post_date, users.realname '
-				. 'FROM forum,users '
-				. 'WHERE users.user_id=forum.posted_by '
-				. 'AND (('.$this->getIlikeCondition('forum.body', $this->words).') '
-				. 'OR ('.$this->getIlikeCondition('forum.subject', $this->words).')) '
-				. 'AND forum.group_forum_id=\''.$this->forumId.'\' '
-				. 'GROUP BY msg_id, subject, post_date, realname';
+			$qpa = db_construct_qpa ($qpa,
+						 'SELECT forum.msg_id, forum.subject, forum.post_date, users.realname FROM forum,users WHERE users.user_id=forum.posted_by AND ((') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'forum.body') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ') OR (') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'forum.subject') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ')) AND forum.group_forum_id=$1 GROUP BY msg_id, subject, post_date, realname',
+						 array ($this->forumId)) ;
 		}
-		return $sql;
+		return $qpa ;
 	}
 	
 	/**
 	 * getSearchByIdQuery - get the sql query built to get the search results when we are looking for an int
 	 *
-	 * @return string sql query to execute
+	 * @return array query+params array
 	 */	
 	function getSearchByIdQuery() {
-		$sql = 'SELECT msg_id '
-			. 'FROM forum '
-			. 'WHERE msg_id=\''.$this->searchId.'\' '
-			. 'AND group_forum_id=\''.$this->forumId.'\'';
+		$qpa = db_construct_qpa () ;
+		$qpa = db_construct_qpa ($qpa,
+					 'SELECT msg_id FROM forum WHERE msg_id=$1 AND group_forum_id=$2',
+					 array ($this->searchId,
+						$this->forumId)) ;
 
-		return $sql;
+		return $qpa ;
 	}
 }
 

Modified: trunk/gforge/common/search/ForumsSearchQuery.class.php
===================================================================
--- trunk/gforge/common/search/ForumsSearchQuery.class.php	2009-12-11 11:15:40 UTC (rev 8516)
+++ trunk/gforge/common/search/ForumsSearchQuery.class.php	2009-12-11 14:00:06 UTC (rev 8517)
@@ -61,12 +61,15 @@
 	}
 
 	/**
-	 * getQuery - get the sql query built to get the search results
+	 * getQuery - get the query built to get the search results
 	 *
-	 * @return string sql query to execute
+	 * @return array query+params array
 	 */
 	function getQuery() {
 		global $sys_use_fti;
+
+		$qpa = db_construct_qpa () ;
+
 		if ($sys_use_fti) {
 			$nonPublic = 'false';
 			$sections = '';
@@ -76,57 +79,66 @@
 			if ($this->sections != SEARCH__ALL_SECTIONS) {
 				$sections = $this->sections;
 			}
-			$sql = 'SELECT forum.msg_id, headline(forum.subject, q) AS subject, forum.post_date, users.realname, forum_group_list.forum_name '
-				. 'FROM forum, users, forum_group_list, forum_idx, to_tsquery(\''.
-				  $this->getFormattedWords().'\') as q '
-				. 'WHERE users.user_id = forum.posted_by '
-				. 'AND vectors @@ q AND forum.msg_id = forum_idx.msg_id '
-				. 'AND forum_group_list.group_forum_id = forum.group_forum_id '
-				. 'AND forum_group_list.is_public <> 9 '			
-				. 'AND forum.group_forum_id IN (SELECT group_forum_id FROM forum_group_list WHERE group_id = '.$this->groupId.') ';
+
+			$qpa = db_construct_qpa ($qpa,
+						 'SELECT forum.msg_id, headline(forum.subject, q) AS subject, forum.post_date, users.realname, forum_group_list.forum_name FROM forum, users, forum_group_list, forum_idx, to_tsquery($1) as q ',
+						 array ($this->getFormattedWords())) ;
+			$qpa = db_construct_qpa ($qpa,
+						 'WHERE users.user_id = forum.posted_by AND vectors @@ q AND forum.msg_id = forum_idx.msg_id AND forum_group_list.group_forum_id = forum.group_forum_id AND forum_group_list.is_public <> 9 AND forum.group_forum_id IN (SELECT group_forum_id FROM forum_group_list WHERE group_id = $1) ',
+						 array ($this->groupId));
 			if ($this->sections != SEARCH__ALL_SECTIONS) {
-				$sql .= 'AND forum_group_list.group_forum_id IN ('.$this->sections.') ';
+				$qpa = db_construct_qpa ($qpa,
+							 'AND forum_group_list.group_forum_id = ANY ($1) ',
+							 array (db_int_array_to_any_clause ($this->sections))) ;
 			}
 			if (!$this->showNonPublic) {
-				$sql .= 'AND forum_group_list.is_public = 1 ';
+				$qpa = db_construct_qpa ($qpa,
+							 'AND forum_group_list.is_public = 1 ') ;
 			}
-			$sql .= 'ORDER BY forum_group_list.forum_name ASC, forum.msg_id ASC, rank(vectors, q) DESC';
+			$qpa = db_construct_qpa ($qpa,
+						 'ORDER BY forum_group_list.forum_name ASC, forum.msg_id ASC, rank(vectors, q) DESC') ;
 		} else {
-			$sql = 'SELECT forum.msg_id, forum.subject, forum.post_date, users.realname, forum_group_list.forum_name '
-				. 'FROM forum, users, forum_group_list '
-				. 'WHERE users.user_id = forum.posted_by '
-				. 'AND forum_group_list.group_forum_id = forum.group_forum_id '
-				. 'AND forum_group_list.is_public <> 9 '			
-				. 'AND forum.group_forum_id IN (SELECT group_forum_id FROM forum_group_list WHERE group_id = '.$this->groupId.') ';
+			$qpa = db_construct_qpa ($qpa,
+						 'SELECT forum.msg_id, forum.subject, forum.post_date, users.realname, forum_group_list.forum_name FROM forum, users, forum_group_list WHERE users.user_id = forum.posted_by AND forum_group_list.group_forum_id = forum.group_forum_id AND forum_group_list.is_public <> 9 AND forum.group_forum_id IN (SELECT group_forum_id FROM forum_group_list WHERE group_id = $1) ',
+						 array ($this->groupId)) ;
 			if ($this->sections != SEARCH__ALL_SECTIONS) {
-				$sql .= 'AND forum_group_list.group_forum_id IN ('.$this->sections.') ';
+				$qpa = db_construct_qpa ($qpa,
+							 'AND forum_group_list.group_forum_id = ANY ($1) ',
+							 array (db_int_array_to_any_clause ($this->sections))) ;
 			}
 			if (!$this->showNonPublic) {
-				$sql .= 'AND forum_group_list.is_public = 1 ';
+				$qpa = db_construct_qpa ($qpa,
+							 'AND forum_group_list.is_public = 1 ') ;
 			}
-			$sql .= 'AND (('.$this->getIlikeCondition('forum.body', $this->words).') '
-				. 'OR ('.$this->getIlikeCondition('forum.subject', $this->words).')) '
-				. 'ORDER BY forum_group_list.forum_name, forum.msg_id';
+			$qpa = db_construct_qpa ($qpa,
+						 'AND ((') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'forum.body') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ') OR (') ;
+			$qpa = $this->addIlikeCondition ($qpa,'forum.subject') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ')) ORDER BY forum_group_list.forum_name, forum.msg_id') ;
 		}
-		return $sql;
+		return $qpa ;
 	}
 
 	/**
 	 * getSearchByIdQuery - get the sql query built to get the search results when we are looking for an int
 	 *
-	 * @return string sql query to execute
+	 * @return array query+params array
 	 */	
 	function getSearchByIdQuery() {
-		$sql = 'SELECT msg_id '
-			. 'FROM forum, forum_group_list '
-			. 'WHERE msg_id=\''.$this->searchId.'\' '
-			. 'AND forum_group_list.group_forum_id = forum.group_forum_id '
-			. 'AND group_forum_id=\''.$this->forumId.'\'';
+		$qpa = db_construct_qpa () ;
+		$qpa = db_construct_qpa ($qpa,
+					 'SELECT msg_id FROM forum, forum_group_list WHERE msg_id=$1 AND forum_group_list.group_forum_id=forum.group_forum_id AND group_forum_id=$2',
+					 array ($this->searchId,
+						$this->forumId)) ;
 		if (!$this->showNonPublic) {
-			$sql .= ' AND forum_group_list.is_public = 1';
+			$qpa = db_construct_qpa ($qpa,
+						 ' AND forum_group_list.is_public=1') ;
 		}
 
-		return $sql;
+		return $qpa;
 	}
 	
 	/**

Modified: trunk/gforge/common/search/FrsSearchQuery.class.php
===================================================================
--- trunk/gforge/common/search/FrsSearchQuery.class.php	2009-12-11 11:15:40 UTC (rev 8516)
+++ trunk/gforge/common/search/FrsSearchQuery.class.php	2009-12-11 14:00:06 UTC (rev 8517)
@@ -60,75 +60,89 @@
 	}
 	
 	/**
-	 * getQuery - get the sql query built to get the search results
+	 * getQuery - get the query built to get the search results
 	 *
-	 * @return string sql query to execute
+	 * @return array query+params array
 	 */
 	function getQuery() {
 		global $sys_use_fti;
+
+		$qpa = db_construct_qpa () ;
+
 		if ($sys_use_fti) {
 			if(count($this->words)) {
-				$tsquery0 = "headline(frs_package.name, q) AS package_name, headline(frs_release.name, q) as release_name";
-				$tsquery = ", to_tsquery('".$this->getFormattedWords()."') AS q, frs_release_idx r, frs_file_idx f";
-				$tsmatch = "(f.vectors @@ q OR r.vectors @@ q)";
-				$rankCol = "";
-				$tsjoin = 'AND r.release_id = frs_release.release_id AND f.file_id = frs_file.file_id';
-				$orderBy = "ORDER BY frs_package.name, frs_release.name";
-				$phraseOp = $this->getOperator();
+				$qpa = db_construct_qpa () ;
+				$qpa = db_construct_qpa ($qpa,
+							 'SELECT headline(frs_package.name, q) AS package_name, headline(frs_release.name, q) as release_name, frs_release.release_date, frs_release.release_id, users.realname FROM frs_file, frs_release, users, frs_package, to_tsquery($1) AS q, frs_release_idx r, frs_file_idx f WHERE frs_release.released_by = users.user_id AND r.release_id = frs_release.release_id AND f.file_id = frs_file.file_id AND frs_package.package_id = frs_release.package_id AND frs_file.release_id=frs_release.release_id AND frs_package.group_id=$2 ',
+							 array ($this->getFormattedWords(),
+								 $this->groupId)) ;
 			} else {
-				$tsquery0 = "frs_package.name as package_name, frs_release.name as release_name";
-				$tsquery = "";
-				$tsmatch = "";
-				$tsjoin = "";
-				$rankCol = "";
-				$orderBy = "ORDER BY frs_package.name, frs_release.name";
-				$phraseOp = "";
+				$qpa = db_construct_qpa ($qpa,
+							 'SELECT frs_package.name as package_name, frs_release.name as release_name, frs_release.release_date, frs_release.release_id, users.realname FROM frs_file, frs_release, users, frs_package WHERE frs_release.released_by = users.user_id AND frs_package.package_id = frs_release.package_id AND frs_file.release_id=frs_release.release_id AND frs_package.group_id=$1 ',
+							 array ($this->groupId)) ;
 			}
-			$phraseCond = '';
-			if(count($this->phrases)) {
-				$phraseCond .= $phraseOp.'(('.$this->getMatchCond('frs_release.changes', $this->phrases).')'
-					. ' OR ('.$this->getMatchCond('frs_release.notes', $this->phrases).')'
-					. ' OR ('.$this->getMatchCond('frs_release.name', $this->phrases).')'
-					. ' OR ('.$this->getMatchCond('frs_file.filename', $this->phrases).'))';
-			}
-			$sql = 'SELECT '.$tsquery0.', frs_release.release_date, frs_release.release_id, users.realname'
-				. ' FROM frs_file, frs_release, users, frs_package'.$tsquery
-				. ' WHERE frs_release.released_by = users.user_id'
-				. $tsjoin
-				. ' AND frs_package.package_id = frs_release.package_id'
-				. ' AND frs_file.release_id=frs_release.release_id'
-				. ' AND frs_package.group_id='.$this->groupId;
 			if ($this->sections != SEARCH__ALL_SECTIONS) {
-				$sections = $this->sections;
-				$sql .= ' AND frs_package.package_id IN ('.$this->sections.') ';
+				$qpa = db_construct_qpa ($qpa,
+							 'AND frs_package.package_id = ANY ($1) ',
+							 array (db_int_array_to_any_clause ($this->sections))) ;
 			}
-			if(!$this->showNonPublic) {
-				$sql .= ' AND is_public=1';
+			if (!$this->showNonPublic) {
+				$qpa = db_construct_qpa ($qpa,
+							 'AND is_public = 1 ') ;
 			}
+			if (count ($this->words)) {
+				$qpa = db_construct_qpa ($qpa,
+							 'AND (f.vectors @@ q OR r.vectors @@ q) ') ;
+			}
+			if(count($this->phrases)) {
+				$qpa = db_construct_qpa ($qpa,
+							 'AND ((') ;
+				$qpa = $this->addMatchCondition($qpa, 'frs_release.changes');
+				$qpa = db_construct_qpa ($qpa,
+							 ') OR (') ;
+				$qpa = $this->addMatchCondition($qpa, 'frs_release.notes');
+				$qpa = db_construct_qpa ($qpa,
+							 ') OR (') ;
+				$qpa = $this->addMatchCondition($qpa, 'frs_release.name');
+				$qpa = db_construct_qpa ($qpa,
+							 ') OR (') ;
+				$qpa = $this->addMatchCondition($qpa, 'frs_file.filename');
+				$qpa = db_construct_qpa ($qpa,
+							 ')) ') ;
+			}
+			
+			$qpa = db_construct_qpa ($qpa,
+						 ' ORDER BY frs_package.name, frs_release.name') ;
 
-			$sql .= ' AND (  '.$tsmatch.' '.$phraseCond.') '.$orderBy;
 		} else {
-			$sql = 'SELECT frs_package.name as package_name, frs_release.name as release_name, frs_release.release_date, frs_release.release_id, users.realname'
-				. ' FROM frs_file, frs_release, users, frs_package'
-				. ' WHERE frs_release.released_by = users.user_id'
-				. ' AND frs_package.package_id = frs_release.package_id'
-				. ' AND frs_file.release_id=frs_release.release_id'
-				. ' AND frs_package.group_id='.$this->groupId;
-			
+			$qpa = db_construct_qpa ($qpa,
+						 'SELECT frs_package.name as package_name, frs_release.name as release_name, frs_release.release_date, frs_release.release_id, users.realname FROM frs_file, frs_release, users, frs_package WHERE frs_release.released_by = users.user_id AND frs_package.package_id = frs_release.package_id AND frs_file.release_id=frs_release.release_id AND frs_package.group_id = $1 ',
+						 array ($this->groupId)) ;
 			if ($this->sections != SEARCH__ALL_SECTIONS) {
-				$sql .= ' AND frs_package.package_id IN ('.$this->sections.') ';
+				$qpa = db_construct_qpa ($qpa,
+							 'AND frs_package.package_id = ANY ($1) ',
+							 array (db_int_array_to_any_clause ($this->sections))) ;
 			}
-			if(!$this->showNonPublic) {
-				$sql .= ' AND is_public=1';
+			if (!$this->showNonPublic) {
+				$qpa = db_construct_qpa ($qpa,
+							 'AND is_public = 1 ') ;
 			}
-	
-			$sql .= ' AND (('.$this->getIlikeCondition('frs_release.changes', $this->words).')' 
-				. ' OR ('.$this->getIlikeCondition('frs_release.notes', $this->words).')'
-				. ' OR ('.$this->getIlikeCondition('frs_release.name', $this->words).')'
-				. ' OR ('.$this->getIlikeCondition('frs_file.filename', $this->words).'))'
-				. ' ORDER BY frs_package.name, frs_release.name';
+			$qpa = db_construct_qpa ($qpa,
+						 'AND ((') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'frs_release.changes') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ') OR (') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'frs_release.notes') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ') OR (') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'frs_release.name') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ') OR (') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'frs_file.filename') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ')) ORDER BY frs_package.name, frs_release.name') ;
 		}
-		return $sql;
+		return $qpa ;
 	}
 	
 	/**

Modified: trunk/gforge/common/search/NewsSearchQuery.class.php
===================================================================
--- trunk/gforge/common/search/NewsSearchQuery.class.php	2009-12-11 11:15:40 UTC (rev 8516)
+++ trunk/gforge/common/search/NewsSearchQuery.class.php	2009-12-11 14:00:06 UTC (rev 8517)
@@ -48,57 +48,62 @@
 	}
 
 	/**
-	 * getQuery - get the sql query built to get the search results
+	 * getQuery - get the query built to get the search results
 	 *
-	 * @return string sql query to execute
+	 * @return array query+params array
 	 */
 	function getQuery() {
 		global $sys_use_fti;
+		
+		$qpa = db_construct_qpa () ;
+
 		if ($sys_use_fti) {
 			$group_id=$this->groupId;
-			if(count($this->words)) {
-				$tsquery0 = "headline(news_bytes.summary, q) as summary";
+
+			if (count ($this->words)) {
 				$words = $this->getFormattedWords();
-				$tsquery = ", to_tsquery('$words') AS q, news_bytes_idx";
-				$tsmatch = "vectors @@ q";
-				$rankCol = "";
-				$tsjoin = 'AND news_bytes_idx.id = news_bytes.id';
-				$orderBy = "ORDER BY rank(vectors, q) DESC, post_date DESC";
-				$phraseOp = $this->getOperator();
+				$qpa = db_construct_qpa ($qpa,
+							 'SELECT headline(news_bytes.summary, q) as summary, news_bytes.post_date, news_bytes.forum_id, users.realname FROM news_bytes, users, to_tsquery($1) AS q, news_bytes_idx WHERE (news_bytes.group_id=$2 AND news_bytes.is_approved <> 4 AND news_bytes_idx.id = news_bytes.id AND news_bytes.submitted_by=users.user_id) AND (vectors @@ q ',
+							 array ($words,
+								$group_id)) ;
 			} else {
-				$tsquery0 = "summary";
-				$tsquery = "";
-				$tsmatch = "";
-				$tsjoin = "";
-				$rankCol = "";
-				$orderBy = "ORDER BY post_date DESC";
-				$phraseOp = "";
+				$qpa = db_construct_qpa ($qpa,
+							 'SELECT summary, news_bytes.post_date, news_bytes.forum_id, users.realname FROM news_bytes, users WHERE (news_bytes.group_id=$1 AND news_bytes.is_approved <> 4 AND news_bytes.submitted_by=users.user_id) AND (',
+							 array ($group_id)) ;
 			}
-			$phraseCond = '';
-			if(count($this->phrases)) {
-				$phraseCond .= $phraseOp.'('
-					. ' ('.$this->getMatchCond('summary', $this->phrases).')'
-					. ' OR ('.$this->getMatchCond('details', $this->phrases).'))';
+			if (count ($this->phrases)) {
+				if (count ($this->words)) {
+					$qpa = db_construct_qpa ($qpa,
+								 $this->getOperator()) ;
+				}
+				$qpa = db_construct_qpa ($qpa,
+							 ' (') ;
+				$qpa = $this->addMatchCondition ($qpa, 'summary') ;
+				$qpa = db_construct_qpa ($qpa,
+							 ') OR (') ;
+				$qpa = $this->addMatchCondition ($qpa, 'details') ;
+				$qpa = db_construct_qpa ($qpa,
+							 ')') ;
 			}
-			$sql = "SELECT $tsquery0,
-				news_bytes.post_date,
-				news_bytes.forum_id,
-				users.realname
-				FROM news_bytes, users $tsquery
-				WHERE (news_bytes.group_id='$group_id' AND news_bytes.is_approved <> '4'
-				$tsjoin
-				AND news_bytes.submitted_by=users.user_id) AND
-				($tsmatch $phraseCond)
-				$orderBy";
+			if (count ($this->words)) {
+				$qpa = db_construct_qpa ($qpa,
+							 ') ORDER BY rank(vectors, q) DESC, post_date DESC') ;
+			} else {
+				$qpa = db_construct_qpa ($qpa,
+							 ') ORDER BY post_date DESC') ;
+			}
 		} else {
-			$sql = 'SELECT news_bytes.summary, news_bytes.post_date, news_bytes.forum_id, users.realname'
-				. ' FROM news_bytes, users'
-				. ' WHERE (group_id='.$this->groupId.' AND is_approved <> \'4\' AND news_bytes.submitted_by = users.user_id' 
-				. ' AND (('.$this->getIlikeCondition('summary', $this->words).')' 
-				. ' OR ('.$this->getIlikeCondition('details', $this->words).')))'
-				. ' ORDER BY post_date DESC';
+			$qpa = db_construct_qpa ($qpa,
+						 'SELECT news_bytes.summary, news_bytes.post_date, news_bytes.forum_id, users.realname FROM news_bytes, users WHERE (group_id=$1 AND is_approved <> 4 AND news_bytes.submitted_by = users.user_id AND ((',
+						 array ($this->groupId)) ;
+			$qpa = $this->addIlikeCondition ($qpa, 'summary') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ') OR (') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'details') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ') ORDER BY post_date DESC') ;
 		}
-		return $sql;
+		return $qpa ;
 	}
 }
 

Modified: trunk/gforge/common/search/PeopleSearchQuery.class.php
===================================================================
--- trunk/gforge/common/search/PeopleSearchQuery.class.php	2009-12-11 11:15:40 UTC (rev 8516)
+++ trunk/gforge/common/search/PeopleSearchQuery.class.php	2009-12-11 14:00:06 UTC (rev 8517)
@@ -39,52 +39,60 @@
 	}
 
 	/**
-	 * getQuery - get the sql query built to get the search results
+	 * getQuery - get the query built to get the search results
 	 *
-	 * @return string sql query to execute
+	 * @return array query+params array
 	 */
 	function getQuery() {
 		global $sys_use_fti;
+		
+		$qpa = db_construct_qpa () ;
+
 		if ($sys_use_fti) {
-			if(count($this->words)) {
-				$tsquery0 = ", user_name, headline(realname, q) as realname ";
+			if (count ($this->words)) {
 				$words = $this->getFormattedWords();
-				$tsquery = ", to_tsquery('$words') AS q, users_idx ";
-				$tsmatch = "vectors @@ q";
-				$rankCol = "";
-				$tsjoin = 'AND users_idx.user_id = users.user_id';
-				$orderBy = "ORDER BY rank(vectors, q) DESC, user_name";
-				$phraseOp = $this->getOperator();
+				$qpa = db_construct_qpa ($qpa,
+							 'SELECT users.user_id, user_name, headline(realname, q) as realname FROM users, to_tsquery($1) AS q, users_idx WHERE status=$2 AND users_idx.user_id = users.user_id AND (vectors @@ q ',
+							 array ($words,
+								'A'));
 			} else {
-				$tsquery0 = ", user_name, realname ";
-				$tsquery = "";
-				$tsmatch = "";
-				$tsjoin = "";
-				$rankCol = "";
-				$orderBy = "ORDER BY user_name";
-				$phraseOp = "";
+				$qpa = db_construct_qpa ($qpa,
+							 'SELECT users.user_id, user_name, realname FROM users WHERE status=$1 AND users_idx.user_id = users.user_id AND (',
+							 array ('A'));
 			}
-			$phraseCond = '';
-			if(count($this->phrases)) {
-				$phraseCond .= $phraseOp.'('
-					. ' ('.$this->getMatchCond('user_name', $this->phrases).')'
-					. ' OR ('.$this->getMatchCond('realname', $this->phrases).'))';
+			if (count ($this->phrases)) {
+				if (count ($this->words)) {
+					$qpa = db_construct_qpa ($qpa,
+								 $this->getOperator()) ;
+				}
+				$qpa = db_construct_qpa ($qpa,
+							 '(') ;
+				$qpa = $this->addMatchCondition($qpa, 'user_name');
+				$qpa = db_construct_qpa ($qpa,
+							 ') OR (') ;
+				$qpa = $this->addMatchCondition($qpa, 'realname');
+				$qpa = db_construct_qpa ($qpa,
+							 ')') ;
 			}
-			$sql = 'SELECT users.user_id '.$tsquery0
-				. 'FROM users '.$tsquery
-				. 'WHERE (status=\'A\') '
-				. $tsjoin
-				. " AND ($tsmatch $phraseCond) "
-				. $orderBy;
+			if (count ($this->words)) {
+				$qpa = db_construct_qpa ($qpa,
+							 ') ORDER BY rank(vectors, q) DESC, user_name') ;
+			} else {
+				$qpa = db_construct_qpa ($qpa,
+							 ') ORDER BY user_name') ;
+			}
 		} else {
-			$sql = 'SELECT user_name,user_id,realname ' 
-				. 'FROM users ' 
-				. 'WHERE (('.$this->getIlikeCondition('user_name', $this->words).') ' 
-				. 'OR ('.$this->getIlikeCondition('realname', $this->words).')) ' 
-				. 'AND (status=\'A\') ' 
-				. 'ORDER BY user_name';
+			$qpa = db_construct_qpa ($qpa,
+						 'SELECT user_name,user_id,realname FROM users WHERE ((') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'user_name') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ') OR (') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'realname') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ')) AND status=$1 ORDER BY user_name',
+						 array ('A')) ;
 		}
-		return $sql;
+		return $qpa ;
 	}
 }
 

Modified: trunk/gforge/common/search/ProjectSearchQuery.class.php
===================================================================
--- trunk/gforge/common/search/ProjectSearchQuery.class.php	2009-12-11 11:15:40 UTC (rev 8516)
+++ trunk/gforge/common/search/ProjectSearchQuery.class.php	2009-12-11 14:00:06 UTC (rev 8517)
@@ -39,61 +39,89 @@
 	}
 
 	/**
-	 * getQuery - get the sql query built to get the search results
+	 * getQuery - get the query built to get the search results
 	 *
-	 * @return string sql query to execute
+	 * @return array query+params array
 	 */
 	function getQuery() {
 		global $sys_use_fti, $LUSER;
+
+		$qpa = db_construct_qpa () ;
+
 		if ($sys_use_fti) {
-			if(count($this->words)) {
-				$tsquery0 = "headline(group_name, q) as group_name, " .
-						"unix_group_name, " .
-						"headline(short_description, q) as short_description";
+			if (count ($this->words)) {
 				$words = $this->getFormattedWords();
-				$tsquery = ", to_tsquery('$words') AS q, groups_idx as i ";
-				$tsmatch = "vectors @@ q";
-				$rankCol = "";
-				$tsjoin = 'AND g.group_id = i.group_id';
-				$distinctOn = "rank(vectors, q), group_name";
-				$orderBy = "ORDER BY rank(vectors, q) DESC, group_name";
-				$phraseOp = $this->getOperator();
+				$qpa = db_construct_qpa ($qpa,
+							 'SELECT DISTINCT ON (rank(vectors, q), group_name) type_id, g.group_id, headline(group_name, q) as group_name, unix_group_name, headline(short_description, q) as short_description FROM groups AS g, to_tsquery($1) AS q, groups_idx as i WHERE g.status in ($2, $3) AND (g.is_public=1 ',
+							 array ($words,
+								'A',
+								'H')) ;
+				
+				if (isset ($LUSER)) {
+					$qpa = db_construct_qpa ($qpa,
+								 'OR g.group_id in (SELECT ug.group_id FROM user_group ug WHERE ug.user_id = $1 AND ug.group_id = g.group_id) ',
+								 $LUSER->getID()) ;
+				}
+				$qpa = db_construct_qpa ($qpa,
+							 ') AND (vectors @@ q AND ') ;
 			} else {
-				$tsquery0 = "group_name, unix_group_name, short_description";
-				$tsquery = "";
-				$tsmatch = "";
-				$tsjoin = "";
-				$rankCol = "";
-				$distinctOn = "group_name";
-				$orderBy = "ORDER BY group_name";
-				$phraseOp = "";
+				$qpa = db_construct_qpa ($qpa,
+							 'SELECT DISTINCT ON (group_name) type_id, g.group_id, group_name, unix_group_name, short_description FROM groups AS g WHERE g.status in ($1, $2) AND (g.is_public=1 ',
+							 array ('A',
+								'H')) ;
+				if (isset ($LUSER)) {
+					$qpa = db_construct_qpa ($qpa,
+								 'OR g.group_id in (SELECT ug.group_id FROM user_group ug WHERE ug.user_id = $1 AND ug.group_id = g.group_id) ',
+								 $LUSER->getID()) ;
+				}
+				$qpa = db_construct_qpa ($qpa,
+							 ') AND (') ;
+
 			}
-			$phraseCond = '';
-			if(count($this->phrases)) {
-				$groupNameCond = $this->getMatchCond('group_name', $this->phrases);
-				$groupDescriptionCond = $this->getMatchCond('short_description', $this->phrases);
-				$groupUnixNameCond = $this->getMatchCond('unix_group_name', $this->phrases);
-				$phraseCond = $phraseOp.' (('.$groupNameCond.') OR ('.$groupDescriptionCond.') OR ('.$groupUnixNameCond.'))';
+			if (count($this->phrases)) {
+				$qpa = db_construct_qpa ($qpa,
+							 '(') ;
+				$qpa = $this->addMatchCondition($qpa, 'group_name');
+				$qpa = db_construct_qpa ($qpa,
+							 ') OR (') ;
+				$qpa = $this->addMatchCondition($qpa, 'short_description');
+				$qpa = db_construct_qpa ($qpa,
+							 ') OR (') ;
+				$qpa = $this->addMatchCondition($qpa, 'unix_group_name');
+				$qpa = db_construct_qpa ($qpa,
+							 ') ') ;
 			}
-			$sql = "SELECT DISTINCT ON ($distinctOn) type_id, g.group_id, " .$tsquery0.
-					" FROM groups AS g ".$tsquery.
-					" WHERE g.status in ('A', 'H') AND (g.is_public='1' ";
-			if (isset($LUSER))
-				$sql .= 'OR g.group_id in (SELECT ug.group_id FROM user_group ug WHERE ug.user_id = \''. $LUSER->getID() .'\' AND ug.group_id = g.group_id) ';
-			$sql .= ") AND ($tsmatch $phraseCond) $tsjoin $orderBy";
+			$qpa = db_construct_qpa ($qpa,
+						 ') ') ;
+			if (count ($this->words)) {
+				$qpa = db_construct_qpa ($qpa,
+							 'AND g.group_id = i.group_id ORDER BY rank(vectors, q) DESC, group_name') ;
+			} else {
+				$qpa = db_construct_qpa ($qpa,
+							 'ORDER BY group_name') ;
+			}
 		} else {
-			$groupNameCond = $this->getIlikeCondition('g.group_name', $this->words);
-			$groupDescriptionCond = $this->getIlikeCondition('g.short_description', $this->words);
-			$groupUnixNameCond = $this->getIlikeCondition('g.unix_group_name', $this->words);
-			
-			$sql = 'SELECT g.group_name AS group_name, g.unix_group_name AS unix_group_name, g.type_id AS type_id, g.group_id AS group_id, g.short_description AS short_description '
-				.'FROM groups g '
-				.'WHERE g.status IN (\'A\', \'H\') AND (g.is_public=\'1\' ';
-			if (isset($LUSER))
-				$sql .='OR g.group_id in (SELECT ug.group_id FROM user_group ug WHERE ug.user_id = \''. $LUSER->getID() .'\' AND ug.group_id = g.group_id) ';
-			$sql .=') AND (('.$groupNameCond.') OR ('.$groupDescriptionCond.') OR ('.$groupUnixNameCond.'))';
+			$qpa = db_construct_qpa ($qpa, 
+						 'SELECT g.group_name AS group_name, g.unix_group_name AS unix_group_name, g.type_id AS type_id, g.group_id AS group_id, g.short_description AS short_description FROM groups g WHERE g.status IN ($1, $2) AND (g.is_public=1 ',
+						 array ('A', 'H')) ;
+			if (isset ($LUSER)) {
+				$qpa = db_construct_qpa ($qpa,
+							 'OR g.group_id in (SELECT ug.group_id FROM user_group ug WHERE ug.user_id = $1 AND ug.group_id = g.group_id) ',
+							 $LUSER->getID()) ;
+			}
+			$qpa = db_construct_qpa ($qpa,
+						 ') AND ((') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'g.group_name') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ') OR (') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'g.short_description') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ') OR (') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'g.unix_group_name') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ')) ORDER BY g.group_name') ;
 		}
-		return $sql;
+		return $qpa ;
 	}
 	
 }

Modified: trunk/gforge/common/search/SearchQuery.class.php
===================================================================
--- trunk/gforge/common/search/SearchQuery.class.php	2009-12-11 11:15:40 UTC (rev 8516)
+++ trunk/gforge/common/search/SearchQuery.class.php	2009-12-11 14:00:06 UTC (rev 8517)
@@ -169,9 +169,9 @@
 	function executeQuery() {
 		global $sys_use_fti;
 		if($this->searchId) {
-			$query = $this->getSearchByIdQuery();
+			$qpa = $this->getSearchByIdQuery();
 		} else {
-			$query = $this->getQuery();
+			$qpa = $this->getQuery();
 		}
 
 		if ($sys_use_fti) {
@@ -179,7 +179,7 @@
 					 array ('default'));
 		}
 		$this->result = db_query(
-			$query,
+			$qpa,
 			$this->rowsPerPage + 1,
 			$this->offset,
 			SYS_DB_SEARCH
@@ -190,37 +190,47 @@
 	}
 	
 	/**
-	 * getQuery - returns the sql query built to get the search results
+	 * getQuery - returns the query built to get the search results
 	 * This is an abstract method. It _MUST_ be implemented in children classes.
 	 *
-	 * @return string sql query to execute
+	 * @return array query+params array
 	 */
 	function getQuery() {
 		return;
 	}
 
-	/**
-	 * getIlikeCondition - build the ILIKE condition of the SQL query for a given field name
-	 *
-	 * @param string $fieldName name of the field in the ILIKE condition
-	 * @return string the condition
-	 */
-	function getIlikeCondition($fieldName) {
-		global $sys_database_type;
+	function addMatchCondition($qpa, $fieldName) {
+		if(!count($arr)) {
+			$qpa = db_construct_qpa ($qpa, 'TRUE') ;
+		} else {
+			$regexs = str_replace(' ', "\\\s+", $arr);
+			for ($i = 0; $i < count ($regexs); $i++) {
+				if ($i > 0) {
+					$qpa = db_construct_qpa ($qpa,
+								 $this->operator) ;
+				}
+				$qpa = db_construct_qpa ($qpa,
+							 $fieldName.' ~* $1',
+							 $regexs[$i]) ;
+			}
+		}
+		return $qpa;
+	}
 
+	function addIlikeCondition($qpa, $fieldName) {
 		$wordArgs = array_map ('strtolower',
 				       array_merge($this->words, str_replace(' ', "\\\s+", $this->phrases)));
-		return "lower($fieldName) LIKE '%". implode("%' ".$this->operator." lower(".$fieldName.") LIKE '%", $wordArgs) ."%'";
-	}
 
-	function getMatchCond($fieldName, $arr) {
-		if(!count($arr)) {
-			$result = 'TRUE';
-		} else {
-			$regexs = str_replace(' ', "\\\s+",$arr);
-			$result = $fieldName." ~* '" . implode("' ".$this->operator." ".$fieldName." ~* '", $regexs) ."'";
+		for ($i = 0; $i < count ($wordArgs); $i++) {
+			if ($i > 0) {
+				$qpa = db_construct_qpa ($qpa,
+							 $this->operator) ;
+			}
+			$qpa = db_construct_qpa ($qpa,
+						 'lower ('.$fieldName.' LIKE $1',
+						 $wordArgs[$i]) ;
 		}
-		return $result;
+		return $qpa ;
 	}
 	
 	/**
@@ -306,10 +316,7 @@
 	 */
 	function setSections($sections) {
 		if(is_array($sections)) {
-			//make a comma separated string from the sections array
-			foreach($sections as $key => $section) 
-				$sections[$key] = '\''.$section.'\'';
-			$this->sections = implode(', ', $sections);
+			$this->sections = array_keys ($sections) ;
 		} else {
 			$this->sections = $sections;
 		}

Modified: trunk/gforge/common/search/SkillSearchQuery.class.php
===================================================================
--- trunk/gforge/common/search/SkillSearchQuery.class.php	2009-12-11 11:15:40 UTC (rev 8516)
+++ trunk/gforge/common/search/SkillSearchQuery.class.php	2009-12-11 14:00:06 UTC (rev 8517)
@@ -39,56 +39,66 @@
 	}
 
 	/**
-	 * getQuery - get the sql query built to get the search results
+	 * getQuery - get the query built to get the search results
 	 *
-	 * @return string sql query to execute
+	 * @return array query+params array
 	 */
 	function getQuery() {
 		global $sys_use_fti;
+
+		$qpa = db_construct_qpa () ;
+
 		if ($sys_use_fti) {
 			if(count($this->words)) {
 				$words = $this->getFormattedWords();
-				$tsquery0 = "headline(skills_data.title, q) as title, headline(skills_data.keywords, q) as keywords ";
-				$tsquery = ", to_tsquery('$words') AS q, skills_data_idx";
-				$tsmatch = "vectors @@ q";
-				$rankCol = "";
-				$tsjoin = 'AND skills_data.skills_data_id = skills_data_idx.skills_data_id ';
-				$orderBy = "ORDER BY rank(vectors, q) DESC, finish DESC";
-				$phraseOp = $this->getOperator();
+				$qpa = db_construct_qpa ($qpa,
+							 'SELECT skills_data.skills_data_id, skills_data.type, skills_data.start, skills_data.finish, headline(skills_data.title, q) as title, headline(skills_data.keywords, q) as keywords FROM skills_data, users, skills_data_types, to_tsquery($1) AS q, skills_data_idx WHERE (vectors @@ q ',
+							 array ($words)) ;
 			} else {
-				$tsquery0 = "title, keywords ";
-				$tsquery = "";
-				$tsmatch = "";
-				$tsjoin = "";
-				$rankCol = "";
-				$orderBy = "ORDER BY finish DESC";
-				$phraseOp = "";
+				$qpa = db_construct_qpa ($qpa,
+							 'SELECT skills_data.skills_data_id, skills_data.type, skills_data.start, skills_data.finish, FROM skills_data, users, skills_data_types  WHERE (vectors @@ q ') ;
 			}
-			$phraseCond = '';
-			if(count($this->phrases)) {
-				$phraseCond .= $phraseOp.'('
-					. ' ('.$this->getMatchCond('skills_data.title', $this->phrases).')'
-					. ' OR ('.$this->getMatchCond('skills_data.keywords', $this->phrases).'))';
+
+			if (count ($this->phrases)) {
+				if (count ($this->words)) {
+					$qpa = db_construct_qpa ($qpa,
+								 $this->getOperator()) ;
+				}
+				$qpa = db_construct_qpa ($qpa,
+							 ' ((') ;
+				$qpa = $this->addMatchCondition ($qpa, 'skills_data.title') ;
+				$qpa = db_construct_qpa ($qpa,
+							 ') OR (') ;
+				$qpa = $this->addMatchCondition ($qpa, 'skills_data.keywords') ;
+				$qpa = db_construct_qpa ($qpa,
+							 '))') ;
 			}
-			$sql = 'SELECT skills_data.skills_data_id, skills_data.type, '
-				. 'skills_data.start, skills_data.finish, '.$tsquery0
-				. 'FROM skills_data, users, skills_data_types '
-				. $tsquery
-				. ' WHERE (vectors @@ q '.$phraseCond.') '
-				. $tsjoin
-				. 'AND (skills_data.user_id=users.user_id) '
-				. 'AND (skills_data.type=skills_data_types.type_id) '
-				. $orderBy;
+			$qpa = db_construct_qpa ($qpa,
+						 ')') ;
+			if (count ($this->words)) {
+				$qpa = db_construct_qpa ($qpa,
+							 'AND skills_data.skills_data_id = skills_data_idx.skills_data_id ') ;
+			}
+			$qpa = db_construct_qpa ($qpa,
+						 'AND (skills_data.user_id=users.user_id) AND (skills_data.type=skills_data_types.type_id) ') ;
+			if (count ($this->words)) {
+				$qpa = db_construct_qpa ($qpa,
+							 'ORDER BY rank(vectors, q) DESC, finish DESC') ;
+			} else {
+				$qpa = db_construct_qpa ($qpa,
+							 'ORDER BY finish DESC') ;
+			}
 		} else {
-			$sql = 'SELECT * '
-				. 'FROM skills_data, users, skills_data_types '
-				. 'WHERE (('.$this->getIlikeCondition('skills_data.title', $this->words).') '
-				. 'OR ('.$this->getIlikeCondition('skills_data.keywords', $this->words).')) '
-				. 'AND (skills_data.user_id=users.user_id) '
-				. 'AND (skills_data.type=skills_data_types.type_id) '
-				. 'ORDER BY finish DESC';
+			$qpa = db_construct_qpa ($qpa,
+						 'SELECT * FROM skills_data, users, skills_data_types WHERE ((') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'skills_data.title') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ') OR (') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'skills_data.keywords') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ')) AND (skills_data.user_id=users.user_id) AND (skills_data.type=skills_data_types.type_id) ORDER BY finish DESC') ;
 		}
-		return $sql;
+		return $qpa ;
 	}
 }
 

Modified: trunk/gforge/common/search/TasksSearchQuery.class.php
===================================================================
--- trunk/gforge/common/search/TasksSearchQuery.class.php	2009-12-11 11:15:40 UTC (rev 8516)
+++ trunk/gforge/common/search/TasksSearchQuery.class.php	2009-12-11 14:00:06 UTC (rev 8517)
@@ -61,71 +61,85 @@
 	}
 
 	/**
-	 * getQuery - get the sql query built to get the search results
+	 * getQuery - get the query built to get the search results
 	 *
-	 * @return string sql query to execute
+	 * @return array query+params array
 	 */
 	function getQuery() {
 		global $sys_use_fti;
+
+		$qpa = db_construct_qpa () ;
+		
 		if ($sys_use_fti) {
-			if(count($this->words)) {
-				$tsquery0 = "headline(project_task.summary, q) AS summary,";
+			if (count ($this->words)) {
 				$words = $this->getFormattedWords();
-				$tsquery = ", to_tsquery('$words') AS q, project_task_idx";
-				$tsmatch = "vectors @@ q";
-				$rankCol = "";
-				$tsjoin = ' AND project_task.project_task_id = project_task_idx.project_task_id';
-				$orderBy = "ORDER BY project_group_list.project_name, rank(vectors, q) DESC, project_task.project_task_id";
-				$phraseOp = $this->getOperator();
+
+				$qpa = db_construct_qpa ($qpa,
+							 'SELECT project_task.project_task_id, project_task.percent_complete, headline(project_task.summary, q) AS summary, project_task.start_date,project_task.end_date,users.firstname||$1||users.lastname AS realname, project_group_list.project_name, project_group_list.group_project_id FROM project_task, users, project_group_list, to_tsquery($2) AS q, project_task_idx WHERE project_task.created_by = users.user_id AND project_task.project_task_id = project_task_idx.project_task_id AND project_task.group_project_id = project_group_list.group_project_id AND project_group_list.group_id=$3 ',
+							 array (' ',
+								$words,
+								$this->groupId)) ;
 			} else {
-				$tsquery0 = "summary, ";
-				$tsquery = "";
-				$tsmatch = "";
-				$tsjoin = "";
-				$rankCol = "";
-				$orderBy = "ORDER BY project_group_list.project_name, project_task.project_task_id";
-				$phraseOp = "";
+				$qpa = db_construct_qpa ($qpa,
+							 'SELECT project_task.project_task_id, project_task.percent_complete, summary, project_task.start_date,project_task.end_date,users.firstname||$1||users.lastname AS realname, project_group_list.project_name, project_group_list.group_project_id  FROM project_task, users, project_group_list WHERE project_task.created_by = users.user_id AND project_task.group_project_id = project_group_list.group_project_id AND project_group_list.group_id = $2 ',
+							 array (' ',
+								$this->groupId)) ;
 			}
-			$phraseCond = '';
-			if(count($this->phrases)) {
-				$phraseCond .= $phraseOp.'('
-					. ' ('.$this->getMatchCond('summary', $this->phrases).')'
-					. ' OR ('.$this->getMatchCond('details', $this->phrases).'))';
-			}
-			$sql = 'SELECT project_task.project_task_id,project_task.percent_complete,'
-			    .  $tsquery0
-				. ' project_task.start_date,project_task.end_date,users.firstname||\' \'||users.lastname AS realname, project_group_list.project_name, project_group_list.group_project_id ' 
-				. ' FROM project_task, users, project_group_list '
-				. $tsquery
-				. ' WHERE project_task.created_by = users.user_id'
-				. $tsjoin
-				. ' AND project_task.group_project_id = project_group_list.group_project_id '
-				. ' AND project_group_list.group_id  ='.$this->groupId.' ';
 			if ($this->sections != SEARCH__ALL_SECTIONS) {
-				$sql .= 'AND project_group_list.group_project_id in ('.$this->sections.') ';
+				$qpa = db_construct_qpa ($qpa,
+							 'AND project_group_list.group_project_id = ANY ($1) ',
+							 db_int_array_to_any_clause ($this->sections)) ;
 			}
 			if (!$this->showNonPublic) {
-				$sql .= 'AND project_group_list.is_public = 1 ';
+				$qpa = db_construct_qpa ($qpa,
+							 'AND project_group_list.is_public = 1 ') ;
 			}
-			$sql .= "AND ($tsmatch $phraseCond) $orderBy";
+			if (count($this->phrases)) {
+				if (count ($this->words)) {
+					$qpa = db_construct_qpa ($qpa,
+								 'AND (vectors @@ q AND (') ;
+				} else {
+					$qpa = db_construct_qpa ($qpa,
+								 'AND ((') ;
+				}
+				$qpa = $this->addMatchCondition($qpa, 'summary');
+				$qpa = db_construct_qpa ($qpa,
+							 ') OR (') ;
+				$qpa = $this->addMatchCondition($qpa, 'details');
+				$qpa = db_construct_qpa ($qpa,
+							 ')) ') ;
+			}
+			if (count ($this->words)) {
+				$qpa = db_construct_qpa ($qpa,
+							 'ORDER BY project_group_list.project_name, rank(vectors, q) DESC, project_task.project_task_id') ;
+			} else {
+				$qpa = db_construct_qpa ($qpa,
+							 'ORDER BY project_group_list.project_name, project_task.project_task_id') ;
+			}
 		} else {
-			$sql = 'SELECT project_task.project_task_id,project_task.summary,project_task.percent_complete,'
-				. ' project_task.start_date,project_task.end_date,users.firstname||\' \'||users.lastname AS realname, project_group_list.project_name, project_group_list.group_project_id ' 
-				. ' FROM project_task, users, project_group_list' 
-				. ' WHERE project_task.created_by = users.user_id'
-				. ' AND project_task.group_project_id = project_group_list.group_project_id '
-				. ' AND project_group_list.group_id  ='.$this->groupId.' ';
+			$qpa = db_construct_qpa ($qpa,
+						 'SELECT project_task.project_task_id, project_task.summary, project_task.percent_complete, project_task.start_date, project_task.end_date, users.firstname||$1||users.lastname AS realname, project_group_list.project_name, project_group_list.group_project_id FROM project_task, users, project_group_list WHERE project_task.created_by = users.user_id AND project_task.group_project_id = project_group_list.group_project_id AND project_group_list.group_id = $2 ',
+						 array (' ',
+							$this->groupId)) ;
 			if ($this->sections != SEARCH__ALL_SECTIONS) {
-				$sql .= 'AND project_group_list.group_project_id in ('.$this->sections.') ';
+				$qpa = db_construct_qpa ($qpa,
+							 'AND project_group_list.group_project_id = ANY ($1) ',
+							 db_int_array_to_any_clause ($this->sections)) ;
 			}
 			if (!$this->showNonPublic) {
-				$sql .= 'AND project_group_list.is_public = 1 ';
+				$qpa = db_construct_qpa ($qpa,
+							 'AND project_group_list.is_public = 1 ') ;
 			}
-			$sql .= 'AND(('.$this->getIlikeCondition('summary', $this->words).')' 
-				. ' OR ('.$this->getIlikeCondition('details', $this->words).'))' 
-				. ' ORDER BY project_group_list.project_name, project_task.project_task_id';
+			$qpa = db_construct_qpa ($qpa,
+						 ' AND ((') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'summary') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ') OR (') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'details') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ') ORDER BY project_group_list.project_name, project_task.project_task_id') ;
 		}
-		return $sql;
+		return $qpa ;
 	}
 	
 	/**

Modified: trunk/gforge/common/search/TrackersSearchQuery.class.php
===================================================================
--- trunk/gforge/common/search/TrackersSearchQuery.class.php	2009-12-11 11:15:40 UTC (rev 8516)
+++ trunk/gforge/common/search/TrackersSearchQuery.class.php	2009-12-11 14:00:06 UTC (rev 8517)
@@ -61,71 +61,90 @@
 	}
 
 	/**
-	 * getQuery - get the sql query built to get the search results
+	 * getQuery - get the query built to get the search results
 	 *
-	 * @return string sql query to execute
+	 * @return array query+params array
 	 */
 	function getQuery() {
 		global $sys_use_fti;
+		
+		$qpa = db_construct_qpa () ;
+
 		if ($sys_use_fti) {
-			if(count($this->words)) {
-				$tsquery = ", to_tsquery('".$this->getFormattedWords()."') q, artifact_idx, artifact_message_idx ";
+			if (count ($this->words)) {
+				$qpa = db_construct_qpa ($qpa,
+							 'SELECT DISTINCT x.* FROM (SELECT artifact.artifact_id, artifact.group_artifact_id, artifact.summary, artifact.open_date, users.realname, artifact_group_list.name, (rank(artifact_idx.vectors, q)+rank(artifact_message_idx.vectors, q)) AS rank FROM artifact LEFT OUTER JOIN artifact_message USING (artifact_id), users, artifact_group_list, to_tsquery($1) q, artifact_idx, artifact_message_idx WHERE users.user_id = artifact.submitted_by AND artifact_idx.artifact_id = artifact.artifact_id AND artifact_message_idx.id = artifact_message.id AND artifact_message_idx.artifact_id = artifact_message_idx.artifact_id AND artifact_group_list.group_artifact_id = artifact.group_artifact_id AND artifact_group_list.group_id = $2 ',
+							 
+							 array ($this->getFormattedWords(),
+								$this->groupId)) ;
 				$tsmatch = "(artifact_idx.vectors @@ q OR artifact_message_idx.vectors @@ q)";
-				$rankCol = ", (rank(artifact_idx.vectors, q)+rank(artifact_message_idx.vectors, q)) AS rank ";
-				$tsjoin = 'AND artifact_idx.artifact_id = artifact.artifact_id '
-						. 'AND artifact_message_idx.id = artifact_message.id '
-						. 'AND artifact_message_idx.artifact_id = artifact_message_idx.artifact_id ';
-				$orderBy = "ORDER BY RANK DESC";
 				$phraseOp = $this->getOperator();
 			} else {
-				$tsquery = "";
+				$qpa = db_construct_qpa ($qpa,
+							 'SELECT DISTINCT x.* FROM (SELECT artifact.artifact_id, artifact.group_artifact_id, artifact.summary, artifact.open_date, users.realname, artifact_group_list.name FROM artifact LEFT OUTER JOIN artifact_message USING (artifact_id), users, artifact_group_list WHERE users.user_id = artifact.submitted_by AND artifact_group_list.group_artifact_id = artifact.group_artifact_id AND artifact_group_list.group_id = $1 ',
+							 array ($this->groupId)) ;
+
+
 				$tsmatch = "";
-				$tsjoin = "";
-				$rankCol = "";
 				$orderBy = "";
 				$phraseOp = "";
 			}
-			$phraseCond = '';
-			if(count($this->phrases)) {
-				$phraseCond .= $phraseOp.'('
-					. ' ('.$this->getMatchCond('artifact.details', $this->phrases).')'
-					. ' OR ('.$this->getMatchCond('artifact.summary', $this->phrases).')'
-					. ' OR ('.$this->getMatchCond('artifact_message.body', $this->phrases).'))';
+
+			if (count($this->phrases)) {
+				$qpa = db_construct_qpa ($qpa,
+							 'AND ((') ;
+				$qpa = $this->addMatchCondition($qpa, 'artifact.details');
+				$qpa = db_construct_qpa ($qpa,
+							 ') OR (') ;
+				$qpa = $this->addMatchCondition($qpa, 'artifact.summary');
+				$qpa = db_construct_qpa ($qpa,
+							 ') OR (') ;
+				$qpa = $this->addMatchCondition($qpa, 'artifact_message.body');
+				$qpa = db_construct_qpa ($qpa,
+							 ')) ') ;
 			}
-			$sql = 'SELECT artifact.artifact_id, artifact.group_artifact_id, artifact.summary, artifact.open_date, users.realname, artifact_group_list.name '
-				. $rankCol
-				. 'FROM artifact LEFT OUTER JOIN artifact_message USING (artifact_id), users, artifact_group_list '
-				. $tsquery
-				. ' WHERE users.user_id = artifact.submitted_by '
-				. $tsjoin
-				. 'AND artifact_group_list.group_artifact_id = artifact.group_artifact_id '
-				. 'AND artifact_group_list.group_id = '.$this->groupId.' ';
 			if ($this->sections != SEARCH__ALL_SECTIONS) {
-				$sql .= 'AND artifact_group_list.group_artifact_id in ('.$this->sections.') ';
+				$qpa = db_construct_qpa ($qpa,
+							 'AND artifact_group_list.group_artifact_id = ANY ($1) ',
+							 db_int_array_to_any_clause ($this->sections)) ;
 			}
 			if (!$this->showNonPublic) {
-				$sql .= 'AND artifact_group_list.is_public = 1 ';
+				$qpa = db_construct_qpa ($qpa,
+							 'AND artifact_group_list.is_public = 1 ') ;
 			}
-			$sql .= "AND ($tsmatch $phraseCond)";
-			$sql = "SELECT DISTINCT x.* FROM ($sql) x $orderBy";
+			$qpa = db_construct_qpa ($qpa,
+						 ') x') ;
+			if (count ($this->words)) {
+				$qpa = db_construct_qpa ($qpa,
+							 'ORDER BY rank DESC') ;
+			}
 		} else {
-			$sql = 'SELECT DISTINCT artifact.artifact_id, artifact.group_artifact_id, artifact.summary, artifact.open_date, users.realname, artifact_group_list.name '
-				. 'FROM artifact LEFT OUTER JOIN artifact_message USING (artifact_id), users, artifact_group_list '
-				. 'WHERE users.user_id = artifact.submitted_by '
-				. 'AND artifact_group_list.group_artifact_id = artifact.group_artifact_id '
-				. 'AND artifact_group_list.group_id = '.$this->groupId.' ';
+			$qpa = db_construct_qpa ($qpa,
+						 'SELECT DISTINCT artifact.artifact_id, artifact.group_artifact_id, artifact.summary, artifact.open_date, users.realname, artifact_group_list.name FROM artifact LEFT OUTER JOIN artifact_message USING (artifact_id), users, artifact_group_list WHERE users.user_id = artifact.submitted_by AND artifact_group_list.group_artifact_id = artifact.group_artifact_id AND artifact_group_list.group_id = $1',
+						 array ($this->groupId)) ;
 			if ($this->sections != SEARCH__ALL_SECTIONS) {
-				$sql .= 'AND artifact_group_list.group_artifact_id in ('.$this->sections.') ';
+				$qpa = db_construct_qpa ($qpa,
+							 'AND artifact_group_list.group_artifact_id = ANY ($1) ',
+							 db_int_array_to_any_clause ($this->sections)) ;
 			}
 			if (!$this->showNonPublic) {
-				$sql .= 'AND artifact_group_list.is_public = 1 ';
+				$qpa = db_construct_qpa ($qpa,
+							 'AND artifact_group_list.is_public = 1 ') ;
 			}
-			$sql .= 'AND (('.$this->getIlikeCondition('artifact.details', $this->words).') ' 
-				. 'OR ('.$this->getIlikeCondition('artifact.summary', $this->words).') '
-				. 'OR ('.$this->getIlikeCondition('artifact_message.body', $this->words).')) '
-				. 'ORDER BY artifact_group_list.name, artifact.artifact_id';
+
+			$qpa = db_construct_qpa ($qpa,
+						 ' AND ((') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'artifact.details') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ') OR (') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'artifact.summary') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ') OR (') ;
+			$qpa = $this->addIlikeCondition ($qpa, 'artifact.message_body') ;
+			$qpa = db_construct_qpa ($qpa,
+						 ') ORDER BY artifact_group_list.name, artifact.artifact_id') ;
 		}
-		return $sql;
+		return $qpa ;
 	}
 	
 	/**
@@ -151,22 +170,24 @@
 	}
 	
 	function getSearchByIdQuery() {
-		$sql = 'SELECT DISTINCT artifact.artifact_id, artifact.group_artifact_id, artifact.summary, artifact.open_date, users.realname, artifact_group_list.name '
-			. 'FROM artifact LEFT OUTER JOIN artifact_message USING (artifact_id), users, artifact_group_list '
-			. 'WHERE users.user_id = artifact.submitted_by '
-			. 'AND artifact_group_list.group_artifact_id = artifact.group_artifact_id '
-			. 'AND artifact_group_list.group_id = '.$this->groupId.' ';
+		$qpa = db_construct_qpa () ;
+		$qpa = db_construct_qpa ($qpa,
+					 'SELECT DISTINCT artifact.artifact_id, artifact.group_artifact_id, artifact.summary, artifact.open_date, users.realname, artifact_group_list.name FROM artifact LEFT OUTER JOIN artifact_message USING (artifact_id), users, artifact_group_list WHERE users.user_id = artifact.submitted_by AND artifact_group_list.group_artifact_id = artifact.group_artifact_id AND artifact_group_list.group_id = $1 ',
+					 array ($this->groupId)) ;
 		if ($this->sections != SEARCH__ALL_SECTIONS) {
-			$sql .= 'AND artifact_group_list.group_artifact_id in ('.$this->sections.') ';
+			$qpa = db_construct_qpa ($qpa,
+						 'AND artifact_group_list.group_artifact_id = ANY ($1) ',
+						 db_int_array_to_any_clause ($this->sections)) ;
 		}
 		if (!$this->showNonPublic) {
-			$sql .= 'AND artifact_group_list.is_public = 1 ';
+			$qpa = db_construct_qpa ($qpa,
+						 'AND artifact_group_list.is_public = 1 ') ;
 		}
-		$sql .= 'AND artifact.artifact_id=\''.$this->searchId.'\''
-			. 'ORDER BY artifact_group_list.name, artifact.artifact_id';
+		$qpa = db_construct_qpa ($qpa,
+					 'AND artifact.artifact_id=$1 ORDER BY artifact_group_list.name, artifact.artifact_id',
+					 array ($this->searchId)) ;
 
-
-		return $sql;
+		return $qpa ;
 	}
 }
 

Modified: trunk/gforge/plugins/wiki/common/WikiSearchQuery.class.php
===================================================================
--- trunk/gforge/plugins/wiki/common/WikiSearchQuery.class.php	2009-12-11 11:15:40 UTC (rev 8516)
+++ trunk/gforge/plugins/wiki/common/WikiSearchQuery.class.php	2009-12-11 14:00:06 UTC (rev 8517)
@@ -35,17 +35,20 @@
 	}
 
 	/**
-	 * getQuery - get the sql query built to get the search results
+	 * getQuery - get the query built to get the search results
 	 *
-	 * @return string sql query to execute
+	 * @return array query+params array
 	 */
 	function getQuery() {
 		
 		$pat = '_g'.$this->groupId.'_';
 		$len = strlen($pat)+1;
 		$words = addslashes(join('&', $this->words));
-		$sql = "SELECT plugin_wiki_page.id AS id, 
-					substring(plugin_wiki_page.pagename from $len) AS pagename,
+
+		$qpa = db_construct_qpa () ;
+		$qpa = db_construct_qpa ($qpa,
+					 'SELECT plugin_wiki_page.id AS id, 
+					substring(plugin_wiki_page.pagename from $1) AS pagename,
 					plugin_wiki_page.hits AS hits, 
 					plugin_wiki_page.pagedata as pagedata, 
 					plugin_wiki_version.version AS version,
@@ -59,10 +62,13 @@
 					AND plugin_wiki_page.id=plugin_wiki_recent.id 
 					AND plugin_wiki_page.id=plugin_wiki_version.id 
 					AND latestversion=version 
-					AND substring(plugin_wiki_page.pagename from 0 for $len) = '$pat'
-					AND (idxFTI @@ to_tsquery('$words'))
-				ORDER BY rank(idxFTI, to_tsquery('$words')) DESC";
-	return $sql;
+					AND substring(plugin_wiki_page.pagename from 0 for $1) = $2
+					AND (idxFTI @@ to_tsquery($3))
+				ORDER BY rank(idxFTI, to_tsquery($3)) DESC',
+					 array ($len,
+						$pat,
+						$words)) ;
+		return $qpa ;
 	}
 }
 

Modified: trunk/gforge/plugins/wiki/include/WikiSearchQuery.class.php
===================================================================
--- trunk/gforge/plugins/wiki/include/WikiSearchQuery.class.php	2009-12-11 11:15:40 UTC (rev 8516)
+++ trunk/gforge/plugins/wiki/include/WikiSearchQuery.class.php	2009-12-11 14:00:06 UTC (rev 8517)
@@ -35,15 +35,17 @@
 	}
 
 	/**
-	 * getQuery - get the sql query built to get the search results
+	 * getQuery - get the query built to get the search results
 	 *
-	 * @return string sql query to execute
+	 * @return array query+params array
 	 */
 	function getQuery() {
 		
 		$pat = '_g'.$this->groupId.'_';
 		$len = strlen($pat)+1;
-		$sql = "SELECT plugin_wiki_page.id AS id, 
+		$qpa = db_construct_qpa () ;
+		$qpa = db_construct_qpa ($qpa,
+					 'SELECT plugin_wiki_page.id AS id, 
 substring(plugin_wiki_page.pagename from $len) AS pagename, 
 plugin_wiki_page.hits AS hits, 
 plugin_wiki_page.pagedata as pagedata, 
@@ -58,11 +60,15 @@
 AND plugin_wiki_page.id=plugin_wiki_recent.id 
 AND plugin_wiki_page.id=plugin_wiki_version.id 
 AND latestversion=version 
-AND substring(plugin_wiki_page.pagename from 0 for $len) = '$pat' 
-AND ((".$this->getIlikeCondition('pagename', $this->words).") 
-OR (".$this->getIlikeCondition('content', $this->words)."))";
-//print "SQL: $sql\n";
-		return $sql;
+AND substring(plugin_wiki_page.pagename from 0 for $len) = $1 AND ((',
+					 array ($pat)) ;
+		$qpa = $this->addIlikeCondition ($qpa, 'pagename') ;
+		$qpa = db_construct_qpa ($qpa,
+					 ') OR (') ;
+		$qpa = $this->addIlikeCondition ($qpa, 'content') ;
+		$qpa = db_construct_qpa ($qpa,
+					 '))') ;
+		return $qpa ;
 	}
 }
 

Modified: trunk/gforge/www/trove/TroveCategory.class.php
===================================================================
--- trunk/gforge/www/trove/TroveCategory.class.php	2009-12-11 11:15:40 UTC (rev 8516)
+++ trunk/gforge/www/trove/TroveCategory.class.php	2009-12-11 14:00:06 UTC (rev 8517)
@@ -230,16 +230,17 @@
 		}
 
 		$qpa = db_construct_qpa ($qpa,
-					 ' WHERE trove_agg.trove_cat_id=$1',
+					 ' WHERE trove_agg.trove_cat_id=$1 ',
 					 array ($this->categoryId)) ;
 
 		for($i = 0, $count = sizeof($this->filter); $i < $count; $i++) {
 			$qpa = db_construct_qpa ($qpa,
-						 " AND trove_agg_$i.trove_cat_id=$1 AND trove_agg_$i.group_id=trove_agg.group_id",
+						 "AND trove_agg_$i.trove_cat_id=$1 AND trove_agg_$i.group_id=trove_agg.group_id ",
 						 array ($this->filter[$i])) ;
 		}
 
-		$qpa = db_construct_qpa (' ORDER BY trove_agg.trove_cat_id ASC, trove_agg.ranking ASC') ;
+		$qpa = db_construct_qpa ($qpa,
+					 'ORDER BY trove_agg.trove_cat_id ASC, trove_agg.ranking ASC') ;
 		
 		$result = db_query_qpa ($qpa, TROVE__PROJECTS_PER_PAGE, $offset);
 		return $result;




More information about the Fusionforge-commits mailing list