Hello lovely MODX community.
I need help with something.
Unfortunately the guy who worked on the modx backend at our firm has left and now i’m stuck with a request from a client which i don’t know how to tackle. I’m mainly a frontend guy but i know my way around things and i might have a gist of the solution… I just need some support on the actual implementation.
Existing situation
The website is on Revo 2.6.5 and has several contexts, user groups, and a lot of users which are imported through a csv file that also carries extra fields.
Request
A page with a search field connected to a specific and unique extra user field that retrieves other details from the corresponding user. So there should never be more than 1 result anyway.
Example:
The search field queries for “client_code”, an extra field that is unique to every user.
The query would have to find the user corresponding to such “client_code” and:
check if the user is active
check if the user is present in a specific set of user groups
print results such as the user’s fullname, email, extra_field_1, extra_field_2, etc.
Execution
What i had in mind is a 2 snippets systems (something like simplesearch):
[[!searchSnippet &userGroups=ID1,ID2 &tpl=tpl-of-the-search-field &resultsPage=ID]]
The idea is to put here the IDs of the user groups to check upon, a tpl with the search form (for styling and layout purposes) and the ID of the results page (i wouldnt bother with ajax or presenting results on the same page)
[[!resultsSnippet &tpl=tpl-of-the-result]]
This would have to retrieve the results of the query and print values in the tpl like:
[[+client_code]] <-- this is the same value as the initial query
[[+fullname]]
[[+email]]
[[+extra_field_1]]
Member of [name of userGroup the user is in] with code [[+extra_field_2]]
Bonus -> An error message if no user is found among the specified user groups.
The problem now is i have NO IDEA of how to even get started with these snippets.
Has anyone already made something like this or can guide me through?
Maybe there’s already a plugin for this which i don’t know of?
I’m also open to different solution but i tought this was the simplest iteration with the tools and knowledge i have at my disposal.
So where exactly is this unique extra user field “client_code” saved in the database?
As an “Extended Field” (database table “modx_user_attributes” -> column “extended”)?
In a custom database table?
This is crucial to determine how to query your users.
I think you only need 1 snippet (on 1 page).
In the snippet, check if there is a $_GET or $_POST-parameter. Then query the users and if you find one, output the user data.
Extended Fiels are not ideal to query the database. Is there any chance you could use another field for the “client_code”? (Maybe a field like “fax” that is probably empty anyway?)
Group details: i’d like to print the name of whichever group the user is in. Notice that each user will only be in 1 of the groups in the array so i don’t need to account for redundancy or cycle through results. It’ll either be a member of group 10 or 11 (as for the example)
Sorry i was editing the post as i understood that i had to declare the chunk placeholders as properties beforehand.
So the “output to chunk” part is done
Just missing the group name thing.
$properties['groupname'] = $user->getOne('PrimaryGroup')->get('name'); throws me a php error.
The thing is the users of the site are in several groups (even 7-8 of them at a time) but for the purpose of this snippet the query is done with an array of groups that a user is never in at the same time.
So what i’d need to do is:
Search for a user in group 10 or 11.
User is found in group 10 -> print group 10 name.
I suppose i’ll have to do a separate query to parse the actual user id to the members of each group in the array. Am i right?
Because you are querying the database with LIKE' => '%' . $input . '%', it is probably a good idea to check the value of client_code again in the foreach loop, to make sure it matches the search value exactly. (In the current implementation a search string like “client_code” would return all the users.)
if ($extended["client_code"] == $input){
//found correct user
}
Additionally you should also sanitize the search value and you could do some additional checks before you query the database.
$input = $modx->sanitizeString($_POST['userCode']); //sanitize value
if (!preg_match("/^\d{10,}$/",$input)){ //verify the search value
return "search string has to be 10 digits or longer";
}
The double check and sanitation are actually good suggestions
I also changed the query to LIKE' => '%"client_code":"' . $input . '"%' to hit that exact part of the extended field. This also works as a check so that the input is a complete value and not just part of it. I was also hitting unwanted and multiple results if i searched for “city” or any other extra fields, so this also fixes that.