From 0a37428f5e92cd6ce28cdbb563edaa2918b23c9d Mon Sep 17 00:00:00 2001
From: Kirk Mayo <textagroup@gmail.com>
Date: Mon, 12 Jan 2015 16:55:50 +1300
Subject: [PATCH] BUG: AuthorID is still referenced and some of the SQL filters
 have the incorrect syntax

---
 code/BlogTree.php | 22 ++++++++++++++++------
 1 file changed, 16 insertions(+), 6 deletions(-)

diff --git a/code/BlogTree.php b/code/BlogTree.php
index e5310ad..664e3c1 100644
--- a/code/BlogTree.php
+++ b/code/BlogTree.php
@@ -270,19 +270,29 @@ class BlogTree_Controller extends Page_Controller {
 		} else {
 			$filter = '';
 		}
+
+		// AuthorID has been removed from BlogEntry check for it incase it is an upgrade
+		$hasAuthorID = BlogEntry::get()->first()->hasDatabaseField('AuthorID');
+
 		// allow filtering by author field and some blogs have an authorID field which
 		// may allow filtering by id
-		if(isset($_GET['author']) && isset($_GET['authorID'])) {
+		if($hasAuthorID == true && isset($_GET['author']) && isset($_GET['authorID'])) {
 			$author = Convert::raw2sql($_GET['author']);
 			$id = Convert::raw2sql($_GET['authorID']);
 			
-			$filter .= " \"BlogEntry\".\"Author\" LIKE '". $author . "' OR \"BlogEntry\".\"AuthorID\" = '". $id ."'";
+			$filter .=  (empty($filter)) ?
+				" \"BlogEntry\".\"Author\" LIKE '". $author . "' OR \"BlogEntry\".\"AuthorID\" = '". $id ."'"
+				: " AND \"BlogEntry\".\"Author\" LIKE '". $author . "' OR \"BlogEntry\".\"AuthorID\" = '". $id ."'";
 		}
 		else if(isset($_GET['author'])) {
-			$filter .=  " \"BlogEntry\".\"Author\" LIKE '". Convert::raw2sql($_GET['author']) . "'";
+			$filter .=  (empty($filter)) ?
+				" \"BlogEntry\".\"Author\" LIKE '". Convert::raw2sql($_GET['author']) . "'"
+				: " AND \"BlogEntry\".\"Author\" LIKE '". Convert::raw2sql($_GET['author']) . "'";
 		}
-		else if(isset($_GET['authorID'])) {
-			$filter .=  " \"BlogEntry\".\"AuthorID\" = '". Convert::raw2sql($_GET['authorID']). "'";
+		else if($hasAuthorID == true && isset($_GET['authorID'])) {
+			$filter .=  (empty($filter)) ?
+				" \"BlogEntry\".\"AuthorID\" = '%". Convert::raw2sql($_GET['authorID']). "%'"
+				: " AND \"BlogEntry\".\"AuthorID\" = '". Convert::raw2sql($_GET['authorID']). "'";
 		}
 
 		$date = $this->SelectedDate();
@@ -369,7 +379,7 @@ class BlogTree_Controller extends Page_Controller {
 			return $hasAuthor
 				? $this->request->getVar('author')
 				: null;
-		} elseif($this->request->getVar('authorID')) {
+		} elseif($this->request->getVar('authorID') && BlogEntry::get()->first()->hasDatabaseField('AuthorID')) {
 			$hasAuthor = BlogEntry::get()->filter('AuthorID', $this->request->getVar('authorID'))->Count();
 			if($hasAuthor) {
 				$member = Member::get()->byId($this->request->getVar('authorID'));