api files improvements/fixes and documentation

2 files changed, 9 insertions, 3 deletions

diff --git a/include/api_zot.php b/include/api_zot.php
index a7a377bf4..35025f5f8 100644
--- a/include/api_zot.php
+++ b/include/api_zot.php
@@ -118,7 +118,13 @@
 
 	function api_attach_list($type) {
 		logger('api_user: ' . api_user());
-		json_return_and_die(attach_list_files(api_user(),get_observer_hash(),'','','','created asc'));
+		$hash     = ((array_key_exists('filehash',$_REQUEST)) ? $_REQUEST['filehash'] : '');
+		$filename = ((array_key_exists('filename',$_REQUEST)) ? $_REQUEST['filename'] : '');
+		$filetype = ((array_key_exists('filetype',$_REQUEST)) ? $_REQUEST['filetype'] : '');
+		$start    = ((array_key_exists('start',$_REQUEST))    ? intval($_REQUEST['start'])   : 0);
+		$records  = ((array_key_exists('records',$_REQUEST))  ? intval($_REQUEST['records']) : 0);
+
+		json_return_and_die(attach_list_files(api_user(),get_observer_hash(),$hash,$filename,$filetype,'created asc',$start,$records));
 	}
 
 
diff --git a/include/attach.php b/include/attach.php
index ac0185f5d..504601b55 100644
--- a/include/attach.php
+++ b/include/attach.php
@@ -197,10 +197,10 @@ function attach_list_files($channel_id, $observer, $hash = '', $filename = '', $
 		$sql_extra .= protect_sprintf(" and hash = '" . dbesc($hash) . "' ");
 
 	if($filename)
-		$sql_extra .= protect_sprintf(" and filename like '@" . dbesc($filename) . "@' ");
+		$sql_extra .= protect_sprintf(" and filename like '%" . dbesc($filename) . "%' ");
 
 	if($filetype)
-		$sql_extra .= protect_sprintf(" and filetype like '@" . dbesc($filetype) . "@' ");
+		$sql_extra .= protect_sprintf(" and filetype like '%" . dbesc($filetype) . "%' ");
 
 	if($entries)
 		$limit = " limit " . intval($start) . ", " . intval(entries) . " ";