diff -U 3 -H -d -r -N -- Desktop/aur/web/html/rpc.php workspace/aur/web/html/rpc.php --- Desktop/aur/web/html/rpc.php 2008-03-23 09:16:29.000000000 +0100 +++ workspace/aur/web/html/rpc.php 2008-05-24 06:27:14.000000000 +0200 @@ -26,6 +26,21 @@ echo '
'; echo 'If you need jsonp type callback specification, you can provide an additional variable callback.
'; echo 'Example URL:
   http://aur-url/rpc.php?type=search&arg=foobar&callback=jsonp1192244621103'; + echo '
'; + echo 'When searching you can also specify what fields to get by passing the variable "fields".
'; + echo 'The list of valid fields is:
'; + echo '- ID: This is an ID of the package that you can use to make an info call.
'; + echo '- Name: Name of the package.
'; + echo '- Version: Version of the package.
'; + echo '- Description: Description of the package.
'; + echo '- URL: URL to the official page of the package.
'; + echo '- URLPath: URL to the tar.gz containing the PKGBUILD.
'; + echo '- License: Type of license of the package.
'; + echo '- NumVotes: Number of votes the package got from aur users.
'; + echo '- OutOfDate: Specifies if the packages has been flagged out of date.
'; + echo 'You have to separe fields with a comma character ",".
'; + echo 'Example URL:
   http://aur-url/rpc.php?type=search&arg=foobar&fields=Name,Version,Description
'; + echo 'The default fields are: Name,ID
'; echo ''; } } diff -U 3 -H -d -r -N -- Desktop/aur/web/lib/aurjson.class.php workspace/aur/web/lib/aurjson.class.php --- Desktop/aur/web/lib/aurjson.class.php 2008-03-23 09:16:29.000000000 +0100 +++ workspace/aur/web/lib/aurjson.class.php 2008-05-24 05:56:10.000000000 +0200 @@ -22,6 +22,8 @@ class AurJSON { private $dbh = false; private $exposed_methods = array('search','info'); + private $exposed_fields = array('ID','Name','Version','Description','URL','URLPath','License','NumVotes','OutOfDate'); + private $working_fields = array('Name', 'ID'); /** * Handles post data, and routes the request. @@ -41,6 +43,10 @@ // do the routing if ( in_array($http_data['type'], $this->exposed_methods) ) { + // First we check if the user specified custom fields and process the information + if ( $http_data['fields'] && $this->parse_request_fields($http_data['fields']) !== FALSE ) + return $this->json_error('No valid fields specified'); + // ugh. this works. I hate you php. $json = call_user_func_array(array(&$this,$http_data['type']),$http_data['arg']); // allow rpc callback for XDomainAjax @@ -57,6 +63,28 @@ } /** + * Updates the fields that we are going to return in the searches. + * + * @param $user_fields The $_GET['fields'] contents + * @return nothing. + **/ + private function parse_request_fields($user_fields) { + $fields = split($user_fields, ','); + for ( $i = 0; $i < count($fields); $i++ ) { + $field = $fields[i]; + if ( $field == '' || !in_array($field, $this->exposed_fields) ) { + array_splice($fields, $i, 1); + $i--; + continue; + } + } + if ( !count($fields) ) + return TRUE; + + $this->working_fields = $fields; + return FALSE; + } + /** * Returns a JSON formatted error string. * * @param $msg The error string to return @@ -82,20 +110,23 @@ * @return mixed Returns an array of package matches. **/ private function search($keyword_string) { + // First we set the field list in a string. + $fields_string = implode(',', $this->working_fields); $keyword_string = mysql_real_escape_string($keyword_string, $this->dbh); $query = sprintf( - "SELECT Name,ID FROM Packages WHERE ( Name LIKE '%%%s%%' OR Description LIKE '%%%s%%' ) AND DummyPkg=0", - $keyword_string, $keyword_string ); + "SELECT %s FROM Packages WHERE ( Name LIKE '%%%s%%' OR Description LIKE '%%%s%%' ) AND DummyPkg=0", + $fields_string, $keyword_string, $keyword_string ); $result = db_query($query, $this->dbh); if ( $result && (mysql_num_rows($result) > 0) ) { $search_data = array(); while ( $row = mysql_fetch_assoc($result) ) { - $elem = array( - 'Name' => $row['Name'], - 'ID' => $row['ID'] ); - array_push($search_data,$elem); + $elem = array(); + foreach ( $this->working_fields as $field ) + $elem[$field] = $row[$field]; + + $search_data[] = $elem; } mysql_free_result($result); return $this->json_results('search',$search_data);