Add full text index & search for document contents (related to #440)

client_documents.php

@@ -1,12 +1,13 @@
 <?php
 
+// Sort by
 if(!empty($_GET['sb'])){
   $sb = mysqli_real_escape_string($mysqli,$_GET['sb']);
 }else{
   $sb = "document_name";
 }
 
-# Tag from GET
+// Tag from GET
 if (isset($_GET['tag'])) {
     $tag = intval($_GET['tag']);
     # Avoid doubling up
@@ -16,6 +17,14 @@ else {
     $tag = '';
 }
 
+// Search query SQL snippet
+if(!empty($q)){
+  $query_snippet = "AND (MATCH(document_content_raw) AGAINST ('$q'))";
+}
+else{
+  $query_snippet = ""; // empty
+}
+
 //Rebuild URL
 $url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
 
@@ -26,15 +35,15 @@ $sql_no_tag = "SELECT SQL_CALC_FOUND_ROWS * FROM documents
   WHERE document_client_id = $client_id
   AND documents.company_id = $session_company_id
   AND document_template = 0
-  AND (document_name LIKE '%$q%' OR document_content LIKE '%$q%')
+  $query_snippet
   ORDER BY $sb $o LIMIT $record_from, $record_to";
 
 $sql_with_tag = "SELECT SQL_CALC_FOUND_ROWS * FROM documents
   LEFT JOIN documents_tagged ON documents.document_id = documents_tagged.document_id
   WHERE document_client_id = $client_id
-  AND document_template = 0
   AND documents.company_id = $session_company_id
-  AND (document_name LIKE '%$q%' OR document_content LIKE '%$q%')
+  AND document_template = 0
+  $query_snippet
   AND documents_tagged.tag_id LIKE '%$tag%'
   ORDER BY $sb $o LIMIT $record_from, $record_to";
 

database_updates.php

@@ -19,24 +19,43 @@ if(LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION){
 
   if(CURRENT_DATABASE_VERSION == '0.0.1'){
     // Insert queries here required to update to DB version 0.0.2
-    // mysqli_query($mysqli, "ALTER TABLE .....");
+
     mysqli_query($mysqli, "ALTER TABLE `settings` ADD `config_module_enable_itdoc` TINYINT(1) DEFAULT 1 AFTER `config_backup_path`");
     mysqli_query($mysqli, "ALTER TABLE `settings` ADD `config_module_enable_ticketing` TINYINT(1) DEFAULT 1 AFTER `config_module_enable_itdoc`");
     mysqli_query($mysqli, "ALTER TABLE `settings` ADD `config_module_enable_accounting` TINYINT(1) DEFAULT 1 AFTER `config_module_enable_ticketing`");
   
-    // Then, update the database to the next sequential version
-    //mysqli_query($mysqli, "UPDATE settings SET config_current_database_version = '0.0.2' WHERE company_id = '1'");
-
+    // Update the database to the next sequential version
     mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '0.0.2'"); 
   }
 
   if(CURRENT_DATABASE_VERSION == '0.0.2'){
     // Insert queries here required to update to DB version 0.0.3
+
+    // Add document content raw column & index
+    mysqli_query($mysqli, "ALTER TABLE `documents` ADD `document_content_raw` LONGTEXT NOT NULL AFTER `document_content`, ADD FULLTEXT `document_content_raw` (`document_content_raw`)");
+
+    // Populate content raw column with existing document data
+    $documents_sql = mysqli_query($mysqli, "SELECT * FROM `documents`");
+    while($row = mysqli_fetch_array($documents_sql)){
+      $id = $row['document_id'];
+      $name = $row['document_name'];
+      $content = $row['document_content'];
+      $content_raw = trim(mysqli_real_escape_string($mysqli, strip_tags($name . " " . str_replace("<", " <", $content))));
+
+      mysqli_query($mysqli, "UPDATE `documents` SET `document_content_raw` = '$content_raw' WHERE `document_id` = '$id'");
+    }
+
+    // Then, update the database to the next sequential version
+    mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '0.0.3'");
+  }
+
+  if(CURRENT_DATABASE_VERSION == '0.0.3'){
+    // Insert queries here required to update to DB version 0.0.4
     // mysqli_query($mysqli, "ALTER TABLE .....");
 
 
     // Then, update the database to the next sequential version
-    //mysqli_query($mysqli, "UPDATE settings SET config_current_database_version = '0.0.3' WHERE company_id = '1'");
+    //mysqli_query($mysqli, "UPDATE settings SET config_current_database_version = '0.0.3'");
 
   }
 

database_version.php

@@ -5,4 +5,4 @@
  * It is used in conjunction with database_updates.php
  */
 
-DEFINE("LATEST_DATABASE_VERSION", "0.0.2");
+DEFINE("LATEST_DATABASE_VERSION", "0.0.3");

db.sql

@@ -397,6 +397,7 @@ CREATE TABLE `documents` (
   `document_id` int(11) NOT NULL AUTO_INCREMENT,
   `document_name` varchar(200) NOT NULL,
   `document_content` longtext NOT NULL,
+  `document_content_raw` longtext NOT NULL,
   `document_created_at` datetime NOT NULL,
   `document_updated_at` datetime DEFAULT NULL,
   `document_archived_at` datetime DEFAULT NULL,
@@ -409,6 +410,11 @@ CREATE TABLE `documents` (
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
 /*!40101 SET character_set_client = @saved_cs_client */;
 
+--
+-- Indexes for table `documents`
+--
+ALTER TABLE `documents` ADD FULLTEXT KEY `document_content_raw` (`document_content_raw`);
+
 --
 -- Table structure for table `documents_tagged`
 --

global_search.php

@@ -15,7 +15,7 @@ if(isset($_GET['query'])){
     $sql_contacts = mysqli_query($mysqli,"SELECT * FROM contacts LEFT JOIN clients ON client_id = contact_client_id LEFT JOIN departments ON contact_department_id = department_id WHERE (contact_name LIKE '%$query%' OR contact_title LIKE '%$query%' OR contact_email LIKE '%$query%' OR contact_phone LIKE '%$phone_query%' OR contact_mobile LIKE '%$phone_query%') AND contacts.company_id = $session_company_id ORDER BY contact_id DESC LIMIT 5");
     $sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE (vendor_name LIKE '%$query%' OR vendor_phone LIKE '%$phone_query%') AND company_id = $session_company_id ORDER BY vendor_id DESC LIMIT 5");
     $sql_products = mysqli_query($mysqli,"SELECT * FROM products WHERE product_name LIKE '%$query%' AND company_id = $session_company_id ORDER BY product_id DESC LIMIT 5");
-    $sql_documents = mysqli_query($mysqli, "SELECT * FROM documents LEFT JOIN clients on document_client_id = clients.client_id WHERE document_name LIKE '%$query%' AND documents.company_id = $session_company_id ORDER BY document_id DESC LIMIT 5");
+    $sql_documents = mysqli_query($mysqli, "SELECT * FROM documents LEFT JOIN clients on document_client_id = clients.client_id WHERE MATCH(document_content_raw) AGAINST ('$query') AND documents.company_id = $session_company_id ORDER BY document_id DESC LIMIT 5");
     $sql_tickets = mysqli_query($mysqli, "SELECT * FROM tickets LEFT JOIN clients on tickets.ticket_client_id = clients.client_id WHERE (ticket_subject LIKE '%$query%' OR ticket_number = '$query') AND tickets.company_id = $session_company_id ORDER BY ticket_id DESC LIMIT 5");
     $sql_logins = mysqli_query($mysqli,"SELECT * FROM logins WHERE (login_name LIKE '%$query%' OR login_username LIKE '%$query%') AND company_id = $session_company_id ORDER BY login_id DESC LIMIT 5");
 

pagination_head.php

@@ -34,7 +34,7 @@ if(isset($_GET['o'])){
 
 // Search
 if(isset($_GET['q'])){
-  $q = mysqli_real_escape_string($mysqli,$_GET['q']);
+  $q = mysqli_real_escape_string($mysqli,trim($_GET['q']));
 }else{
   $q = "";
 }

post.php

@@ -6927,11 +6927,13 @@ if(isset($_POST['add_document'])){
     $name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['name'])));
     $tags_ids = $_POST['tags_ids'];
     $content = trim(mysqli_real_escape_string($mysqli,$purifier->purify(html_entity_decode($_POST['content']))));
+    $content_raw = trim(mysqli_real_escape_string($mysqli, strip_tags($_POST['name'] . " " . str_replace("<", " <", $_POST['content']))));
+    // Content Raw is used for FULL INDEX searching. Adding a space before HTML tags to allow spaces between newlines, bulletpoints, etc. for searching.
     $template = intval($_POST['template']);
     $folder = intval($_POST['folder']);
 
     // Document add query
-    $add_document = mysqli_query($mysqli,"INSERT INTO documents SET document_name = '$name', document_content = '$content', document_created_at = NOW(), document_template = $template, document_folder_id = $folder, document_client_id = $client_id, company_id = $session_company_id");
+    $add_document = mysqli_query($mysqli,"INSERT INTO documents SET document_name = '$name', document_content = '$content', document_content_raw = '$content_raw', document_created_at = NOW(), document_template = $template, document_folder_id = $folder, document_client_id = $client_id, company_id = $session_company_id");
     $document_id = $mysqli->insert_id;
 
     // Logging
@@ -6970,11 +6972,13 @@ if(isset($_POST['edit_document'])){
     $name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['name'])));
     $tags_ids = $_POST['tags_ids'];
     $content = trim(mysqli_real_escape_string($mysqli,$purifier->purify(html_entity_decode($_POST['content']))));
+    $content_raw = trim(mysqli_real_escape_string($mysqli, strip_tags($_POST['name'] . " " . str_replace("<", " <", $_POST['content']))));
+    // Content Raw is used for FULL INDEX searching. Adding a space before HTML tags to allow spaces between newlines, bulletpoints, etc. for searching.
     $template = intval($_POST['template']);
     $folder = intval($_POST['folder']);
 
     // Document edit query
-    mysqli_query($mysqli,"UPDATE documents SET document_name = '$name', document_content = '$content', document_updated_at = NOW(), document_template = $template, document_folder_id = $folder WHERE document_id = $document_id AND company_id = $session_company_id");
+    mysqli_query($mysqli,"UPDATE documents SET document_name = '$name', document_content = '$content', document_content_raw = '$content_raw', document_updated_at = NOW(), document_template = $template, document_folder_id = $folder WHERE document_id = $document_id AND company_id = $session_company_id");
 
     //Logging
     mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Note', log_action = 'Modify', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id");