10h30/ultimatemember
1
0
Fork 0
mirror of https://github.com/10h30/ultimatemember.git synced 2026-06-05 15:09:37 +09:00
Code Issues Packages Projects Releases Wiki Activity

- reviewed #1442;

Browse Source
This commit is contained in:
Mykyta Synelnikov
2024-04-09 13:55:39 +03:00
parent 9cd7d8a4f5
commit 7e240edb6d
10 changed files with 139 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files
includes/admin/templates/directory/search.php
+6 -6
View File
@@ -43,11 +43,11 @@ $_um_search_filters = get_post_meta( $post_id, '_um_search_filters', true
array(
'id' => '_um_search_exclude_fields',
'type' => 'multi_selects',
'label' => __( 'Choose fields to exclude from search', 'ultimate-member' ),
'label' => __( 'Exclude fields from search', 'ultimate-member' ),
'value' => $_um_search_exclude_fields,
'conditional' => array( '_um_search', '=', 1 ),
'options' => UM()->member_directory()->filter_fields,
'add_text' => __( 'Add New Custom Field to Exclude', 'ultimate-member' ),
'options' => UM()->member_directory()->searching_fields,
'add_text' => __( 'Add New', 'ultimate-member' ),
'show_default_number' => 0,
'sorting' => true,
'tooltip' => __( 'Choose fields to exclude them from search. This option will delete all included fields.', 'ultimate-member' ),
@@ -55,11 +55,11 @@ $_um_search_filters = get_post_meta( $post_id, '_um_search_filters', true
array(
'id' => '_um_search_include_fields',
'type' => 'multi_selects',
'label' => __( 'Choose fields to only include in the search', 'ultimate-member' ),
'label' => __( 'Fields to search by', 'ultimate-member' ),
'value' => $_um_search_include_fields,
'conditional' => array( '_um_search', '=', 1 ),
'options' => UM()->member_directory()->filter_fields,
'add_text' => __( 'Add New Custom Field to Include', 'ultimate-member' ),
'options' => UM()->member_directory()->searching_fields,
'add_text' => __( 'Add New', 'ultimate-member' ),
'show_default_number' => 0,
'sorting' => true,
'tooltip' => __( 'Choose fields to only include them in the search. This option will delete all excluded fields.', 'ultimate-member' ),
includes/core/class-member-directory-meta.php
+26 -20
View File
@@ -706,13 +706,29 @@ if ( ! class_exists( 'um\core\Member_Directory_Meta' ) ) {
// phpcs:enable WordPress.Security.NonceVerification -- verified via `UM()->check_ajax_nonce();`.
if ( ! empty( $search_line ) ) {
$searches = array();
foreach ( $this->core_search_fields as $field ) {
$field = esc_sql( $field );
// phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared -- $field is pre-escaped.
$searches[] = $wpdb->prepare( "u.{$field} LIKE %s", '%' . $wpdb->esc_like( $search_line ) . '%' );
$exclude_fields = get_post_meta( $directory_id, '_um_search_exclude_fields', true );
$include_fields = get_post_meta( $directory_id, '_um_search_include_fields', true );
$core_search = $this->get_core_search_fields();
if ( ! empty( $include_fields ) ) {
$core_search = array_intersect( $core_search, $include_fields );
}
if ( ! empty( $exclude_fields ) ) {
$core_search = array_diff( $core_search, $exclude_fields );
}
if ( ! empty( $core_search ) ) {
foreach ( $core_search as $field ) {
$field = esc_sql( $field );
// phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared -- $field is pre-escaped.
$searches[] = $wpdb->prepare( "u.{$field} LIKE %s", '%' . $wpdb->esc_like( $search_line ) . '%' );
}
}
$core_search = implode( ' OR ', $searches );
if ( ! empty( $core_search ) ) {
$core_search = ' OR ' . $core_search;
}
$this->joins[] = "LEFT JOIN {$wpdb->prefix}um_metadata umm_search ON umm_search.user_id = u.ID";
@@ -720,27 +736,17 @@ if ( ! class_exists( 'um\core\Member_Directory_Meta' ) ) {
$search_like_string = apply_filters( 'um_member_directory_meta_search_like_type', '%' . $wpdb->esc_like( $search_line ) . '%', $search_line );
$directory_id = $this->get_directory_by_hash( sanitize_key( $_POST['directory_id'] ) );
$exclude_fields = get_post_meta( $directory_id, '_um_search_exclude_fields', true );
$include_fields = get_post_meta( $directory_id, '_um_search_include_fields', true );
$custom_fields_sql = '';
if ( ! empty( $exclude_fields ) ) {
$custom_fields_sql = 'AND umm_search.um_key NOT IN (';
foreach ( $exclude_fields as $exclude_field ) {
$custom_fields_sql .= "'" . $exclude_field . "',";
}
$custom_fields_sql = rtrim( $custom_fields_sql, ',' );
$custom_fields_sql .= ') ';
$custom_fields_sql = " AND umm_search.um_key NOT IN ('" . implode( "','", $exclude_fields ) . "') ";
}
if ( ! empty( $include_fields ) ) {
$custom_fields_sql = 'AND umm_search.um_key IN (';
foreach ( $include_fields as $include_field ) {
$custom_fields_sql .= "'" . $include_field . "',";
}
$custom_fields_sql = rtrim( $custom_fields_sql, ',' );
$custom_fields_sql .= ') ';
$custom_fields_sql = " AND umm_search.um_key IN ('" . implode( "','", $include_fields ) . "') ";
}
// phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared -- $core_search and $additional_search are pre-prepared.
$this->where_clauses[] = $wpdb->prepare( "( umm_search.um_value = %s OR umm_search.um_value LIKE %s OR umm_search.um_value LIKE %s OR {$core_search}{$additional_search}) {$custom_fields_sql}", $search_line, $search_like_string, '%' . $wpdb->esc_like( maybe_serialize( (string) $search_line ) ) . '%' );
$this->where_clauses[] = $wpdb->prepare( "( umm_search.um_value = %s OR umm_search.um_value LIKE %s OR umm_search.um_value LIKE %s{$core_search}{$additional_search}){$custom_fields_sql}", $search_line, $search_like_string, '%' . $wpdb->esc_like( maybe_serialize( (string) $search_line ) ) . '%' );
$this->is_search = true;
}
includes/core/class-member-directory.php
+64 -18
View File
@@ -42,6 +42,11 @@ if ( ! class_exists( 'um\core\Member_Directory' ) ) {
*/
var $filter_fields = array();
/**
* @var array
*/
public $searching_fields = array();
/**
* @var array
@@ -122,7 +127,7 @@ if ( ! class_exists( 'um\core\Member_Directory' ) ) {
* Get the WordPress core searching fields in wp_users query.
* @return array
*/
private function get_core_search_fields() {
protected function get_core_search_fields() {
/**
* Filters the WordPress core searching fields in wp_users query for UM Member directory query.
*
@@ -433,6 +438,25 @@ if ( ! class_exists( 'um\core\Member_Directory' ) ) {
$this->filter_supported_fields = apply_filters( 'um_members_directory_custom_field_types_supported_filter', array( 'date', 'time', 'select', 'multiselect', 'radio', 'checkbox', 'rating', 'text', 'textarea', 'number' ) );
$core_search_keys = $this->get_core_search_fields();
$this->searching_fields = array();
if ( ! empty( UM()->builtin()->all_user_fields() ) ) {
foreach ( UM()->builtin()->all_user_fields() as $key => $data ) {
if ( in_array( $key, $core_search_keys, true ) ) {
if ( isset( $data['title'] ) && array_search( $data['title'], $this->searching_fields, true ) !== false ) {
$data['title'] = $data['title'] . ' (' . $key . ')';
}
$title = isset( $data['title'] ) ? $data['title'] : ( isset( $data['label'] ) ? $data['label'] : '' );
if ( empty( $title ) ) {
continue;
}
$this->searching_fields[ $key ] = $title;
}
}
}
if ( ! empty( UM()->builtin()->saved_fields ) ) {
foreach ( UM()->builtin()->saved_fields as $key => $data ) {
@@ -459,6 +483,9 @@ if ( ! class_exists( 'um\core\Member_Directory' ) ) {
ksort( $this->filter_fields );
$this->searching_fields = array_merge( $this->searching_fields, $this->filter_fields );
asort( $this->searching_fields );
$this->filter_types = apply_filters( 'um_members_directory_filter_types', array(
'country' => 'select',
'gender' => 'select',
@@ -1757,38 +1784,57 @@ if ( ! class_exists( 'um\core\Member_Directory' ) ) {
$custom_fields[] = $field_key;
}
} else {
$custom_fields = $include_fields;
foreach ( $include_fields as $field_key ) {
if ( empty( $field_key ) ) {
continue;
}
$data = UM()->fields()->get_field( $field_key );
if ( ! um_can_view_field( $data ) ) {
continue;
}
$custom_fields[] = $field_key;
}
}
$custom_fields = apply_filters( 'um_general_search_custom_fields', $custom_fields );
if ( ! empty( $custom_fields ) ) {
if ( ! empty( $exclude_fields ) ) {
$custom_fields = array_diff( $custom_fields, $exclude_fields );
}
$sql['join'] = preg_replace(
'/(' . $meta_join_for_search . ' ON \( ' . $wpdb->users . '\.ID = ' . $meta_join_for_search . '\.user_id )(\))/im',
"$1 AND " . $meta_join_for_search . ".meta_key IN( '" . implode( "','", $custom_fields ) . "' ) $2",
$sql['join']
);
}
if ( ! empty( $exclude_fields ) ) {
foreach ( $exclude_fields as $field ) {
$sql['join'] = str_replace( ",'" . $field . "'", '', $sql['join'] );
}
}
}
// Add OR instead AND to search in WP core fields user_email, user_login, user_display_name
$search_where = $context->get_search_sql( $search, $this->get_core_search_fields(), 'both' );
$core_search = $this->get_core_search_fields();
if ( ! empty( $include_fields ) ) {
$core_search = array_intersect( $core_search, $include_fields );
}
if ( ! empty( $exclude_fields ) ) {
$core_search = array_diff( $core_search, $exclude_fields );
}
$search_where = preg_replace( '/ AND \((.*?)\)/im', "$1 OR", $search_where );
if ( ! empty( $core_search ) ) {
// Add OR instead AND to search in WP core fields user_email, user_login, user_display_name
$search_where = $context->get_search_sql( $search, $core_search, 'both' );
// str_replace( '/', '\/', wp_slash( $search ) ) means that we add backslashes to special symbols + add backslash to slash(/) symbol for proper regular pattern.
$sql['where'] = preg_replace(
'/(' . $meta_join_for_search . '.meta_value = \'' . str_replace( '/', '\/', wp_slash( $search ) ) . '\')/im',
trim( $search_where ) . " $1",
$sql['where'],
1
);
$search_where = preg_replace( '/ AND \((.*?)\)/im', "$1 OR", $search_where );
// str_replace( '/', '\/', wp_slash( $search ) ) means that we add backslashes to special symbols + add backslash to slash(/) symbol for proper regular pattern.
$sql['where'] = preg_replace(
'/(' . $meta_join_for_search . '.meta_value = \'' . str_replace( '/', '\/', wp_slash( $search ) ) . '\')/im',
trim( $search_where ) . " $1",
$sql['where'],
1
);
}
}
}