diff --git a/stormorganization/stormorganization.admin.inc b/stormorganization/stormorganization.admin.inc index 02d57d0..3d12a63 100644 --- a/stormorganization/stormorganization.admin.inc +++ b/stormorganization/stormorganization.admin.inc @@ -256,15 +256,19 @@ function stormorganization_list_filter_reset($form, &$form_state) { function stormorganization_autocomplete($string = '') { $matches = array(); if ($string) { - $s = "SELECT title FROM {node} AS n WHERE n.type='stormorganization' AND LOWER(title) LIKE LOWER('%s%%')"; - $s = stormorganization_access_sql($s); - $s = db_rewrite_sql($s); - - $result = db_query_range($s, $string, 0, 10); - while ($org = db_fetch_object($result)) { - $matches[$org->title] = check_plain($org->title); - } + $query = db_select('node', 'n'); + + $return = $query + ->addTag('node_access') + ->fields('n', array('nid', 'title')) + ->condition('n.type', 'stormorganization') + ->condition('title', '%' . db_like($string) . '%', 'LIKE') + ->range(0, 10); + + foreach($return as $row) { + $matches[$row->title] = check_plain($row->title); } - - drupal_json($matches); } + + drupal_json_output($matches); +} \ No newline at end of file diff --git a/stormperson/stormperson.admin.inc b/stormperson/stormperson.admin.inc index f2abb20..e407482 100644 --- a/stormperson/stormperson.admin.inc +++ b/stormperson/stormperson.admin.inc @@ -188,17 +188,22 @@ function _stormperson_organization_people_js($organization_nid=0) { $people = array(); if ($organization_nid) { - $s = "SELECT n.nid, n.title FROM {node} n INNER JOIN {stormperson} AS spe ON n.vid=spe.vid WHERE n.status=1 AND n.type='stormperson' AND spe.organization_nid=%d ORDER BY n.title"; - $s = stormperson_access_sql($s); - $s = db_rewrite_sql($s); - $r = db_query($s, $organization_nid); - - while ($item = db_fetch_object($r)) { - $nid = $item->nid; - $people[$nid] = $item->title; - } + + $query = db_select('node', 'n') + ->fields('n', array('nid', 'title')) + ->condition('n.status', 1) + ->condition('n.type', 'organization') + ->condition('spe.organization', $organization_nid) + ->join('stormperson', 'spe', 'n.vid = spe.vid'); + + $result = $query->execute(); + + foreach($result as $row) { + $nid = $row->name; + $people[$nid] = $row->title; + } } - print drupal_to_js($people); + print drupal_json_encode($people); exit(); } diff --git a/stormperson/stormperson.module b/stormperson/stormperson.module index 2d53ace..3dd8fcb 100644 --- a/stormperson/stormperson.module +++ b/stormperson/stormperson.module @@ -434,13 +434,21 @@ function stormperson_form(&$node) { function stormperson_validate($node, &$form) { if (!empty($node->user_name)) { - $ass_user = user_load(array('name' => $node->user_name)); + $username = $node->user_name; + $ass_user = user_load($username); if (!empty($ass_user)) { - $result = db_query("SELECT n.nid, n.title FROM {node} n JOIN {stormperson} stp ON (n.nid = stp.nid) WHERE stp.user_uid = %d", $ass_user->uid); - $row = db_fetch_array($result); + $query = db_select('node', 'n'); + + $query->fields('n', array('nid', 'title')) + ->condition('stp.user_uid', $ass_user->uid) + ->join('stormperson', 'stp', 'n.nid = stp.nid'); + + $row = $query->execute()->fetchAssoc(); + if ($row && (empty($form['#node']->user_name) || ($form['#node']->user_name != $node->user_name))) { - form_set_error('user_name', t('This Drupal user is already assigned to a Storm person (!link). The same Drupal user can not be assigned to two Storm people.', array('!link' => l($row['title'], 'node/'. $row['nid'])))); - } + $message = t('This Drupal user is already assigned to a Storm person (!link). The same Drupal user can not be assigned to two Storm people.', array('!link' => l($row['title'], 'node/'. $row['nid']))); + form_set_error('user_name', $message); + } } } } @@ -448,13 +456,21 @@ function stormperson_validate($node, &$form) { function stormperson_user_autocomplete($string = '') { $matches = array(); if ($string) { - $result = db_query_range("SELECT name FROM {users} WHERE name LIKE '%s%%' AND uid NOT IN (SELECT user_uid FROM {stormperson})", $string, 0, 10); - while ($user = db_fetch_object($result)) { - $matches[$user->name] = check_plain($user->name); - } - } + $query = db_select('users', 'u') + ->fields('u', array('name', 'uid')) + ->condition('name', db_like($string) . '%', 'LIKE'); + + $subquery = db_select('stormperson', 'stp'); + $subquery->addField('stp', 'user_uid', 'uid'); - drupal_json($matches); + $query->condition('uid', $subquery, 'NOT IN'); + $result = $query->execute(); + + foreach($result as $row) { + $matches[$row->name] = check_plain($row->name); + } + drupal_json_output($matches); + } } function stormperson_insert($node) { @@ -509,7 +525,8 @@ function stormperson_update($node) { } function _stormperson_beforesave(&$node) { - $ass_user = user_load(array('name' => $node->user_name)); + $username = array('name' => $node->user_name); + $ass_user = user_load($username); $node->user_uid = $ass_user->uid; if (!$node->email) { $node->email = $ass_user->mail; @@ -607,11 +624,15 @@ function _stormperson_user_load(&$account) { } } else { - $a = db_fetch_object(db_query("SELECT nid, organization_nid FROM {stormperson} WHERE user_uid=%d", $account->uid)); + $a = db_select('stormperson','stp'); + $a->fields('stp', array('nid','organization_nid')) + ->condition('user_uid', $account->uid) + ->execute() + ->fetchAssoc(); if ($a) { $loaded_persons[$account->uid] = new stdClass(); - $loaded_persons[$account->uid]->nid = $a->nid; - $loaded_persons[$account->uid]->organization_nid = $a->organization_nid; + $loaded_persons[$account->uid]->nid = $a['nid']; + $loaded_persons[$account->uid]->organization_nid = $a['organization_nid']; $account->stormperson_nid = $loaded_persons[$account->uid]->nid; $account->stormorganization_nid = $loaded_persons[$account->uid]->organization_nid; }