| [ Index ] |
PHP Cross Reference of MyBB 1.6.5 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.6 4 * Copyright 2010 MyBB Group, All Rights Reserved 5 * 6 * Website: http://mybb.com 7 * License: http://mybb.com/about/license 8 * 9 * $Id: search.php 5442 2011-04-16 09:09:38Z jammerx2 $ 10 */ 11 12 13 define("IN_MYBB", 1); 14 define("IGNORE_CLEAN_VARS", "sid"); 15 define('THIS_SCRIPT', 'search.php'); 16 17 $templatelist = "search,forumdisplay_thread_gotounread,search_results_threads_thread,search_results_threads,search_results_posts,search_results_posts_post"; 18 $templatelist .= ",multipage_nextpage,multipage_page_current,multipage_page,multipage_start,multipage_end,multipage,forumdisplay_thread_multipage_more,forumdisplay_thread_multipage_page,forumdisplay_thread_multipage"; 19 $templatelist .= ",search_results_posts_inlinecheck,search_results_posts_nocheck,search_results_threads_inlinecheck,search_results_threads_nocheck,search_results_inlinemodcol,search_results_posts_inlinemoderation_custom_tool,search_results_posts_inlinemoderation_custom,search_results_posts_inlinemoderation,search_results_threads_inlinemoderation_custom_tool,search_results_threads_inlinemoderation_custom,search_results_threads_inlinemoderation,search_orderarrow,search_moderator_options"; 20 $templatelist .= ",forumdisplay_thread_attachment_count,forumdisplay_threadlist_inlineedit_js,search_threads_inlinemoderation_selectall"; 21 require_once "./global.php"; 22 require_once MYBB_ROOT."inc/functions_post.php"; 23 require_once MYBB_ROOT."inc/functions_search.php"; 24 require_once MYBB_ROOT."inc/class_parser.php"; 25 $parser = new postParser; 26 27 // Load global language phrases 28 $lang->load("search"); 29 30 add_breadcrumb($lang->nav_search, "search.php"); 31 32 switch($mybb->input['action']) 33 { 34 case "results": 35 add_breadcrumb($lang->nav_results); 36 break; 37 default: 38 break; 39 } 40 41 if($mybb->usergroup['cansearch'] == 0) 42 { 43 error_no_permission(); 44 } 45 46 $now = TIME_NOW; 47 $mybb->input['keywords'] = trim($mybb->input['keywords']); 48 49 $limitsql = ""; 50 if(intval($mybb->settings['searchhardlimit']) > 0) 51 { 52 $limitsql = "ORDER BY t.dateline DESC LIMIT ".intval($mybb->settings['searchhardlimit']); 53 } 54 55 if($mybb->input['action'] == "results") 56 { 57 $sid = $db->escape_string($mybb->input['sid']); 58 $query = $db->simple_select("searchlog", "*", "sid='$sid'"); 59 $search = $db->fetch_array($query); 60 61 if(!$search['sid']) 62 { 63 error($lang->error_invalidsearch); 64 } 65 66 $plugins->run_hooks("search_results_start"); 67 68 // Decide on our sorting fields and sorting order. 69 $order = my_strtolower(htmlspecialchars($mybb->input['order'])); 70 $sortby = my_strtolower(htmlspecialchars($mybb->input['sortby'])); 71 72 switch($sortby) 73 { 74 case "replies": 75 $sortfield = "t.replies"; 76 break; 77 case "views": 78 $sortfield = "t.views"; 79 break; 80 case "subject": 81 if($search['resulttype'] == "threads") 82 { 83 $sortfield = "t.subject"; 84 } 85 else 86 { 87 $sortfield = "p.subject"; 88 } 89 break; 90 case "forum": 91 $sortfield = "t.fid"; 92 break; 93 case "starter": 94 if($search['resulttype'] == "threads") 95 { 96 $sortfield = "t.username"; 97 } 98 else 99 { 100 $sortfield = "p.username"; 101 } 102 break; 103 case "lastpost": 104 default: 105 if($search['resulttype'] == "threads") 106 { 107 $sortfield = "t.lastpost"; 108 $sortby = "lastpost"; 109 } 110 else 111 { 112 $sortfield = "p.dateline"; 113 $sortby = "dateline"; 114 } 115 break; 116 } 117 118 if($order != "asc") 119 { 120 $order = "desc"; 121 $oppsortnext = "asc"; 122 $oppsort = $lang->asc; 123 } 124 else 125 { 126 $oppsortnext = "desc"; 127 $oppsort = $lang->desc; 128 } 129 130 if(!$mybb->settings['threadsperpage']) 131 { 132 $mybb->settings['threadsperpage'] = 20; 133 } 134 135 // Work out pagination, which page we're at, as well as the limits. 136 $perpage = $mybb->settings['threadsperpage']; 137 $page = intval($mybb->input['page']); 138 if($page > 0) 139 { 140 $start = ($page-1) * $perpage; 141 } 142 else 143 { 144 $start = 0; 145 $page = 1; 146 } 147 $end = $start + $perpage; 148 $lower = $start+1; 149 $upper = $end; 150 151 // Work out if we have terms to highlight 152 $highlight = ""; 153 if($search['keywords']) 154 { 155 if($mybb->settings['seourls'] == "yes" || ($mybb->settings['seourls'] == "auto" && $_SERVER['SEO_SUPPORT'] == 1)) 156 { 157 $highlight = "?highlight=".urlencode($search['keywords']); 158 } 159 else 160 { 161 $highlight = "&highlight=".urlencode($search['keywords']); 162 } 163 } 164 165 $sorturl = "search.php?action=results&sid={$sid}"; 166 $thread_url = ""; 167 $post_url = ""; 168 169 eval("\$orderarrow['$sortby'] = \"".$templates->get("search_orderarrow")."\";"); 170 171 // Read some caches we will be using 172 $forumcache = $cache->read("forums"); 173 $icon_cache = $cache->read("posticons"); 174 175 $threads = array(); 176 177 if($mybb->user['uid'] == 0) 178 { 179 // Build a forum cache. 180 $query = $db->query(" 181 SELECT fid 182 FROM ".TABLE_PREFIX."forums 183 WHERE active != 0 184 ORDER BY pid, disporder 185 "); 186 187 $forumsread = unserialize($mybb->cookies['mybb']['forumread']); 188 } 189 else 190 { 191 // Build a forum cache. 192 $query = $db->query(" 193 SELECT f.fid, fr.dateline AS lastread 194 FROM ".TABLE_PREFIX."forums f 195 LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}') 196 WHERE f.active != 0 197 ORDER BY pid, disporder 198 "); 199 } 200 while($forum = $db->fetch_array($query)) 201 { 202 if($mybb->user['uid'] == 0) 203 { 204 if($forumsread[$forum['fid']]) 205 { 206 $forum['lastread'] = $forumsread[$forum['fid']]; 207 } 208 } 209 $readforums[$forum['fid']] = $forum['lastread']; 210 } 211 $fpermissions = forum_permissions(); 212 213 // Inline Mod Column for moderators 214 $inlinemodcol = $inlinecookie = ''; 215 $is_mod = $is_supermod = false; 216 if($mybb->usergroup['issupermod']) 217 { 218 $is_supermod = true; 219 } 220 if($is_supermod || is_moderator()) 221 { 222 eval("\$inlinemodcol = \"".$templates->get("search_results_inlinemodcol")."\";"); 223 $inlinecookie = "inlinemod_search".$sid; 224 $inlinecount = 0; 225 $is_mod = true; 226 $return_url = 'search.php?'.htmlspecialchars_uni($_SERVER['QUERY_STRING']); 227 } 228 229 // Show search results as 'threads' 230 if($search['resulttype'] == "threads") 231 { 232 $threadcount = 0; 233 234 // Moderators can view unapproved threads 235 $query = $db->simple_select("moderators", "fid", "(id='{$mybb->user['uid']}' AND isgroup='0') OR (id='{$mybb->user['usergroup']}' AND isgroup='1')"); 236 if($mybb->usergroup['issupermod'] == 1) 237 { 238 // Super moderators (and admins) 239 $unapproved_where = "t.visible>-1"; 240 } 241 elseif($db->num_rows($query)) 242 { 243 // Normal moderators 244 $moderated_forums = '0'; 245 while($forum = $db->fetch_array($query)) 246 { 247 $moderated_forums .= ','.$forum['fid']; 248 } 249 $unapproved_where = "(t.visible>0 OR (t.visible=0 AND t.fid IN ({$moderated_forums})))"; 250 } 251 else 252 { 253 // Normal users 254 $unapproved_where = 't.visible>0'; 255 } 256 257 // If we have saved WHERE conditions, execute them 258 if($search['querycache'] != "") 259 { 260 $where_conditions = $search['querycache']; 261 $query = $db->simple_select("threads t", "t.tid", $where_conditions. " AND {$unapproved_where} AND t.closed NOT LIKE 'moved|%' {$limitsql}"); 262 while($thread = $db->fetch_array($query)) 263 { 264 $threads[$thread['tid']] = $thread['tid']; 265 $threadcount++; 266 } 267 // Build our list of threads. 268 if($threadcount > 0) 269 { 270 $search['threads'] = implode(",", $threads); 271 } 272 // No results. 273 else 274 { 275 error($lang->error_nosearchresults); 276 } 277 $where_conditions = "t.tid IN (".$search['threads'].")"; 278 } 279 // This search doesn't use a query cache, results stored in search table. 280 else 281 { 282 $where_conditions = "t.tid IN (".$search['threads'].")"; 283 $query = $db->simple_select("threads t", "COUNT(t.tid) AS resultcount", $where_conditions. " AND {$unapproved_where} AND t.closed NOT LIKE 'moved|%' {$limitsql}"); 284 $count = $db->fetch_array($query); 285 286 if(!$count['resultcount']) 287 { 288 error($lang->error_nosearchresults); 289 } 290 $threadcount = $count['resultcount']; 291 } 292 293 $permsql = ""; 294 $onlyusfids = array(); 295 296 // Check group permissions if we can't view threads not started by us 297 $group_permissions = forum_permissions(); 298 foreach($group_permissions as $fid => $forum_permissions) 299 { 300 if($forum_permissions['canonlyviewownthreads'] == 1) 301 { 302 $onlyusfids[] = $fid; 303 } 304 } 305 if(!empty($onlyusfids)) 306 { 307 $permsql .= "AND ((t.fid IN(".implode(',', $onlyusfids).") AND t.uid='{$mybb->user['uid']}') OR t.fid NOT IN(".implode(',', $onlyusfids)."))"; 308 } 309 310 $unsearchforums = get_unsearchable_forums(); 311 if($unsearchforums) 312 { 313 $permsql .= " AND t.fid NOT IN ($unsearchforums)"; 314 } 315 $inactiveforums = get_inactive_forums(); 316 if($inactiveforums) 317 { 318 $permsql .= " AND t.fid NOT IN ($inactiveforums)"; 319 } 320 321 // Begin selecting matching threads, cache them. 322 $sqlarray = array( 323 'order_by' => $sortfield, 324 'order_dir' => $order, 325 'limit_start' => $start, 326 'limit' => $perpage 327 ); 328 $query = $db->query(" 329 SELECT t.*, u.username AS userusername, p.displaystyle AS threadprefix 330 FROM ".TABLE_PREFIX."threads t 331 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=t.uid) 332 LEFT JOIN ".TABLE_PREFIX."threadprefixes p ON (p.pid=t.prefix) 333 WHERE $where_conditions AND {$unapproved_where} {$permsql} AND t.closed NOT LIKE 'moved|%' 334 ORDER BY $sortfield $order 335 LIMIT $start, $perpage 336 "); 337 $thread_cache = array(); 338 while($thread = $db->fetch_array($query)) 339 { 340 $thread_cache[$thread['tid']] = $thread; 341 } 342 $thread_ids = implode(",", array_keys($thread_cache)); 343 344 if(empty($thread_ids)) 345 { 346 error($lang->error_nosearchresults); 347 } 348 349 // Fetch dot icons if enabled 350 if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] && $thread_cache) 351 { 352 $query = $db->simple_select("posts", "DISTINCT tid,uid", "uid='".$mybb->user['uid']."' AND tid IN(".$thread_ids.")"); 353 while($thread = $db->fetch_array($query)) 354 { 355 $thread_cache[$thread['tid']]['dot_icon'] = 1; 356 } 357 } 358 359 // Fetch the read threads. 360 if($mybb->user['uid'] && $mybb->settings['threadreadcut'] > 0) 361 { 362 $query = $db->simple_select("threadsread", "tid,dateline", "uid='".$mybb->user['uid']."' AND tid IN(".$thread_ids.")"); 363 while($readthread = $db->fetch_array($query)) 364 { 365 $thread_cache[$readthread['tid']]['lastread'] = $readthread['dateline']; 366 } 367 } 368 369 foreach($thread_cache as $thread) 370 { 371 $bgcolor = alt_trow(); 372 $folder = ''; 373 $prefix = ''; 374 375 // Unapproved colour 376 if(!$thread['visible']) 377 { 378 $bgcolor = 'trow_shaded'; 379 } 380 381 if($thread['userusername']) 382 { 383 $thread['username'] = $thread['userusername']; 384 } 385 $thread['profilelink'] = build_profile_link($thread['username'], $thread['uid']); 386 387 // If this thread has a prefix, insert a space between prefix and subject 388 if($thread['prefix'] != 0) 389 { 390 $thread['threadprefix'] .= ' '; 391 } 392 393 $thread['subject'] = $parser->parse_badwords($thread['subject']); 394 $thread['subject'] = htmlspecialchars_uni($thread['subject']); 395 396 if($icon_cache[$thread['icon']]) 397 { 398 $posticon = $icon_cache[$thread['icon']]; 399 $icon = "<img src=\"".$posticon['path']."\" alt=\"".$posticon['name']."\" />"; 400 } 401 else 402 { 403 $icon = " "; 404 } 405 if($thread['poll']) 406 { 407 $prefix = $lang->poll_prefix; 408 } 409 410 // Determine the folder 411 $folder = ''; 412 $folder_label = ''; 413 if($thread['dot_icon']) 414 { 415 $folder = "dot_"; 416 $folder_label .= $lang->icon_dot; 417 } 418 $gotounread = ''; 419 $isnew = 0; 420 $donenew = 0; 421 $last_read = 0; 422 423 if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid']) 424 { 425 $forum_read = $readforums[$thread['fid']]; 426 427 $read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; 428 if($forum_read == 0 || $forum_read < $read_cutoff) 429 { 430 $forum_read = $read_cutoff; 431 } 432 } 433 else 434 { 435 $forum_read = $forumsread[$thread['fid']]; 436 } 437 438 if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid'] && $thread['lastpost'] > $forum_read) 439 { 440 if($thread['lastread']) 441 { 442 $last_read = $thread['lastread']; 443 } 444 else 445 { 446 $last_read = $read_cutoff; 447 } 448 } 449 else 450 { 451 $last_read = my_get_array_cookie("threadread", $thread['tid']); 452 } 453 454 if($forum_read > $last_read) 455 { 456 $last_read = $forum_read; 457 } 458 459 if($thread['lastpost'] > $last_read && $last_read) 460 { 461 $folder .= "new"; 462 $new_class = "subject_new"; 463 $folder_label .= $lang->icon_new; 464 $thread['newpostlink'] = get_thread_link($thread['tid'], 0, "newpost").$highlight; 465 eval("\$gotounread = \"".$templates->get("forumdisplay_thread_gotounread")."\";"); 466 $unreadpost = 1; 467 } 468 else 469 { 470 $new_class = 'subject_old'; 471 $folder_label .= $lang->icon_no_new; 472 } 473 474 if($thread['replies'] >= $mybb->settings['hottopic'] || $thread['views'] >= $mybb->settings['hottopicviews']) 475 { 476 $folder .= "hot"; 477 $folder_label .= $lang->icon_hot; 478 } 479 if($thread['closed'] == 1) 480 { 481 $folder .= "lock"; 482 $folder_label .= $lang->icon_lock; 483 } 484 $folder .= "folder"; 485 486 if(!$mybb->settings['postsperpage']) 487 { 488 $mybb->settings['postperpage'] = 20; 489 } 490 491 $thread['pages'] = 0; 492 $thread['multipage'] = ''; 493 $threadpages = ''; 494 $morelink = ''; 495 $thread['posts'] = $thread['replies'] + 1; 496 if(is_moderator($thread['fid'])) 497 { 498 $thread['posts'] += $thread['unapprovedposts']; 499 } 500 if($thread['posts'] > $mybb->settings['postsperpage']) 501 { 502 $thread['pages'] = $thread['posts'] / $mybb->settings['postsperpage']; 503 $thread['pages'] = ceil($thread['pages']); 504 if($thread['pages'] > 4) 505 { 506 $pagesstop = 4; 507 $page_link = get_thread_link($thread['tid'], $thread['pages']).$highlight; 508 eval("\$morelink = \"".$templates->get("forumdisplay_thread_multipage_more")."\";"); 509 } 510 else 511 { 512 $pagesstop = $thread['pages']; 513 } 514 for($i = 1; $i <= $pagesstop; ++$i) 515 { 516 $page_link = get_thread_link($thread['tid'], $i).$highlight; 517 eval("\$threadpages .= \"".$templates->get("forumdisplay_thread_multipage_page")."\";"); 518 } 519 eval("\$thread['multipage'] = \"".$templates->get("forumdisplay_thread_multipage")."\";"); 520 } 521 else 522 { 523 $threadpages = ''; 524 $morelink = ''; 525 $thread['multipage'] = ''; 526 } 527 $lastpostdate = my_date($mybb->settings['dateformat'], $thread['lastpost']); 528 $lastposttime = my_date($mybb->settings['timeformat'], $thread['lastpost']); 529 $lastposter = $thread['lastposter']; 530 $thread['lastpostlink'] = get_thread_link($thread['tid'], 0, "lastpost"); 531 $lastposteruid = $thread['lastposteruid']; 532 $thread_link = get_thread_link($thread['tid']); 533 534 // Don't link to guest's profiles (they have no profile). 535 if($lastposteruid == 0) 536 { 537 $lastposterlink = $lastposter; 538 } 539 else 540 { 541 $lastposterlink = build_profile_link($lastposter, $lastposteruid); 542 } 543 544 $thread['replies'] = my_number_format($thread['replies']); 545 $thread['views'] = my_number_format($thread['views']); 546 547 if($forumcache[$thread['fid']]) 548 { 549 $thread['forumlink'] = "<a href=\"".get_forum_link($thread['fid'])."\">".$forumcache[$thread['fid']]['name']."</a>"; 550 } 551 else 552 { 553 $thread['forumlink'] = ""; 554 } 555 556 // If this user is the author of the thread and it is not closed or they are a moderator, they can edit 557 if(($thread['uid'] == $mybb->user['uid'] && $thread['closed'] != 1 && $mybb->user['uid'] != 0 && $fpermissions[$thread['fid']]['caneditposts'] == 1) || is_moderator($thread['fid'], "caneditposts")) 558 { 559 $inline_edit_class = "subject_editable"; 560 } 561 else 562 { 563 $inline_edit_class = ""; 564 } 565 $load_inline_edit_js = 1; 566 567 // If this thread has 1 or more attachments show the papperclip 568 if($thread['attachmentcount'] > 0) 569 { 570 if($thread['attachmentcount'] > 1) 571 { 572 $attachment_count = $lang->sprintf($lang->attachment_count_multiple, $thread['attachmentcount']); 573 } 574 else 575 { 576 $attachment_count = $lang->attachment_count; 577 } 578 579 eval("\$attachment_count = \"".$templates->get("forumdisplay_thread_attachment_count")."\";"); 580 } 581 else 582 { 583 $attachment_count = ''; 584 } 585 586 $inline_edit_tid = $thread['tid']; 587 588 // Inline thread moderation 589 $inline_mod_checkbox = ''; 590 if($is_supermod || is_moderator($thread['fid'])) 591 { 592 eval("\$inline_mod_checkbox = \"".$templates->get("search_results_threads_inlinecheck")."\";"); 593 } 594 elseif($is_mod) 595 { 596 eval("\$inline_mod_checkbox = \"".$templates->get("search_results_threads_nocheck")."\";"); 597 } 598 599 $plugins->run_hooks("search_results_thread"); 600 eval("\$results .= \"".$templates->get("search_results_threads_thread")."\";"); 601 } 602 if(!$results) 603 { 604 error($lang->error_nosearchresults); 605 } 606 else 607 { 608 if($load_inline_edit_js == 1) 609 { 610 eval("\$inline_edit_js = \"".$templates->get("forumdisplay_threadlist_inlineedit_js")."\";"); 611 } 612 } 613 $multipage = multipage($threadcount, $perpage, $page, "search.php?action=results&sid=$sid&sortby=$sortby&order=$order&uid=".$mybb->input['uid']); 614 if($upper > $threadcount) 615 { 616 $upper = $threadcount; 617 } 618 619 // Inline Thread Moderation Options 620 if($is_mod) 621 { 622 // If user has moderation tools available, prepare the Select All feature 623 $lang->page_selected = $lang->sprintf($lang->page_selected, count($thread_cache)); 624 $lang->all_selected = $lang->sprintf($lang->all_selected, intval($threadcount)); 625 $lang->select_all = $lang->sprintf($lang->select_all, intval($threadcount)); 626 eval("\$selectall = \"".$templates->get("search_threads_inlinemoderation_selectall")."\";"); 627 628 $customthreadtools = ''; 629 switch($db->type) 630 { 631 case "pgsql": 632 case "sqlite": 633 $query = $db->simple_select("modtools", "tid, name", "type='t' AND (','||forums||',' LIKE '%,-1,%' OR forums='')"); 634 break; 635 default: 636 $query = $db->simple_select("modtools", "tid, name", "type='t' AND (CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='')"); 637 } 638 639 while($tool = $db->fetch_array($query)) 640 { 641 eval("\$customthreadtools .= \"".$templates->get("search_results_threads_inlinemoderation_custom_tool")."\";"); 642 } 643 // Build inline moderation dropdown 644 if(!empty($customthreadtools)) 645 { 646 eval("\$customthreadtools = \"".$templates->get("search_results_threads_inlinemoderation_custom")."\";"); 647 } 648 eval("\$inlinemod = \"".$templates->get("search_results_threads_inlinemoderation")."\";"); 649 } 650 651 $plugins->run_hooks("search_results_end"); 652 653 eval("\$searchresults = \"".$templates->get("search_results_threads")."\";"); 654 output_page($searchresults); 655 } 656 else // Displaying results as posts 657 { 658 if(!$search['posts']) 659 { 660 error($lang->error_nosearchresults); 661 } 662 663 $postcount = 0; 664 665 // Moderators can view unapproved threads 666 $query = $db->simple_select("moderators", "fid", "(id='{$mybb->user['uid']}' AND isgroup='0') OR (id='{$mybb->user['usergroup']}' AND isgroup='1')"); 667 if($mybb->usergroup['issupermod'] == 1) 668 { 669 // Super moderators (and admins) 670 $p_unapproved_where = "visible >= 0"; 671 $t_unapproved_where = "visible < 0"; 672 } 673 elseif($db->num_rows($query)) 674 { 675 // Normal moderators 676 $moderated_forums = '0'; 677 while($forum = $db->fetch_array($query)) 678 { 679 $moderated_forums .= ','.$forum['fid']; 680 $test_moderated_forums[$forum['fid']] = $forum['fid']; 681 } 682 $p_unapproved_where = "visible >= 0"; 683 $t_unapproved_where = "visible < 0 AND fid NOT IN ({$moderated_forums})"; 684 } 685 else 686 { 687 // Normal users 688 $p_unapproved_where = 'visible=1'; 689 $t_unapproved_where = 'visible < 1'; 690 } 691 692 $post_cache_options = array(); 693 if(intval($mybb->settings['searchhardlimit']) > 0) 694 { 695 $post_cache_options['limit'] = intval($mybb->settings['searchhardlimit']); 696 } 697 698 if(strpos($sortfield, 'p.') !== false) 699 { 700 $post_cache_options['order_by'] = str_replace('p.', '', $sortfield); 701 $post_cache_options['order_dir'] = $order; 702 } 703 704 $tids = array(); 705 $pids = array(); 706 // Make sure the posts we're viewing we have permission to view. 707 $query = $db->simple_select("posts", "pid, tid", "pid IN(".$db->escape_string($search['posts']).") AND {$p_unapproved_where}", $post_cache_options); 708 while($post = $db->fetch_array($query)) 709 { 710 $pids[$post['pid']] = $post['tid']; 711 $tids[$post['tid']][$post['pid']] = $post['pid']; 712 } 713 714 if(!empty($pids)) 715 { 716 $temp_pids = array(); 717 718 // Check the thread records as well. If we don't have permissions, remove them from the listing. 719 $query = $db->simple_select("threads", "tid", "tid IN(".$db->escape_string(implode(',', $pids)).") AND ({$t_unapproved_where} OR closed LIKE 'moved|%')"); 720 while($thread = $db->fetch_array($query)) 721 { 722 if(array_key_exists($thread['tid'], $tids) != false) 723 { 724 $temp_pids = $tids[$thread['tid']]; 725 foreach($temp_pids as $pid) 726 { 727 unset($pids[$pid]); 728 unset($tids[$thread['tid']]); 729 } 730 } 731 } 732 unset($temp_pids); 733 } 734 735 // Declare our post count 736 $postcount = count($pids); 737 738 if(!$postcount) 739 { 740 error($lang->error_nosearchresults); 741 } 742 743 // And now we have our sanatized post list 744 $search['posts'] = implode(',', array_keys($pids)); 745 746 $tids = implode(",", array_keys($tids)); 747 748 // Read threads 749 if($mybb->user['uid'] && $mybb->settings['threadreadcut'] > 0) 750 { 751 $query = $db->simple_select("threadsread", "tid, dateline", "uid='".$mybb->user['uid']."' AND tid IN(".$db->escape_string($tids).")"); 752 while($readthread = $db->fetch_array($query)) 753 { 754 $readthreads[$readthread['tid']] = $readthread['dateline']; 755 } 756 } 757 758 $dot_icon = array(); 759 if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] != 0) 760 { 761 $query = $db->simple_select("posts", "DISTINCT tid,uid", "uid='".$mybb->user['uid']."' AND tid IN(".$db->escape_string($tids).")"); 762 while($post = $db->fetch_array($query)) 763 { 764 $dot_icon[$post['tid']] = true; 765 } 766 } 767 768 $query = $db->query(" 769 SELECT p.*, u.username AS userusername, t.subject AS thread_subject, t.replies AS thread_replies, t.views AS thread_views, t.lastpost AS thread_lastpost, t.closed AS thread_closed, t.uid as thread_uid 770 FROM ".TABLE_PREFIX."posts p 771 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) 772 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid) 773 WHERE p.pid IN (".$db->escape_string($search['posts']).") 774 ORDER BY $sortfield $order 775 LIMIT $start, $perpage 776 "); 777 while($post = $db->fetch_array($query)) 778 { 779 $bgcolor = alt_trow(); 780 if(!$post['visible']) 781 { 782 $bgcolor = 'trow_shaded'; 783 } 784 if($post['userusername']) 785 { 786 $post['username'] = $post['userusername']; 787 } 788 $post['profilelink'] = build_profile_link($post['username'], $post['uid']); 789 $post['subject'] = $parser->parse_badwords($post['subject']); 790 $post['thread_subject'] = $parser->parse_badwords($post['thread_subject']); 791 $post['thread_subject'] = htmlspecialchars_uni($post['thread_subject']); 792 793 if($icon_cache[$post['icon']]) 794 { 795 $posticon = $icon_cache[$post['icon']]; 796 $icon = "<img src=\"".$posticon['path']."\" alt=\"".$posticon['name']."\" />"; 797 } 798 else 799 { 800 $icon = " "; 801 } 802 803 if($forumcache[$thread['fid']]) 804 { 805 $post['forumlink'] = "<a href=\"".get_forum_link($post['fid'])."\">".$forumcache[$post['fid']]['name']."</a>"; 806 } 807 else 808 { 809 $post['forumlink'] = ""; 810 } 811 // Determine the folder 812 $folder = ''; 813 $folder_label = ''; 814 $gotounread = ''; 815 $isnew = 0; 816 $donenew = 0; 817 $last_read = 0; 818 $post['thread_lastread'] = $readthreads[$post['tid']]; 819 if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid'] && $post['thread_lastpost'] > $forumread) 820 { 821 $cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; 822 if($post['thread_lastpost'] > $cutoff) 823 { 824 if($post['thread_lastread']) 825 { 826 $last_read = $post['thread_lastread']; 827 } 828 else 829 { 830 $last_read = 1; 831 } 832 } 833 } 834 835 if($dot_icon[$post['tid']]) 836 { 837 $folder = "dot_"; 838 $folder_label .= $lang->icon_dot; 839 } 840 841 if(!$last_read) 842 { 843 $readcookie = $threadread = my_get_array_cookie("threadread", $post['tid']); 844 if($readcookie > $forumread) 845 { 846 $last_read = $readcookie; 847 } 848 elseif($forumread > $mybb->user['lastvisit']) 849 { 850 $last_read = $forumread; 851 } 852 else 853 { 854 $last_read = $mybb->user['lastvisit']; 855 } 856 } 857 858 if($post['thread_lastpost'] > $last_read && $last_read) 859 { 860 $folder .= "new"; 861 $folder_label .= $lang->icon_new; 862 eval("\$gotounread = \"".$templates->get("forumdisplay_thread_gotounread")."\";"); 863 $unreadpost = 1; 864 } 865 else 866 { 867 $folder_label .= $lang->icon_no_new; 868 } 869 870 if($post['thread_replies'] >= $mybb->settings['hottopic'] || $post['thread_views'] >= $mybb->settings['hottopicviews']) 871 { 872 $folder .= "hot"; 873 $folder_label .= $lang->icon_hot; 874 } 875 if($thread['thread_closed'] == 1) 876 { 877 $folder .= "lock"; 878 $folder_label .= $lang->icon_lock; 879 } 880 $folder .= "folder"; 881 882 $post['thread_replies'] = my_number_format($post['thread_replies']); 883 $post['thread_views'] = my_number_format($post['thread_views']); 884 885 if($forumcache[$post['fid']]) 886 { 887 $post['forumlink'] = "<a href=\"".get_forum_link($post['fid'])."\">".$forumcache[$post['fid']]['name']."</a>"; 888 } 889 else 890 { 891 $post['forumlink'] = ""; 892 } 893 894 if(!$post['subject']) 895 { 896 $post['subject'] = $post['message']; 897 } 898 if(my_strlen($post['subject']) > 50) 899 { 900 $post['subject'] = htmlspecialchars_uni(my_substr($post['subject'], 0, 50)."..."); 901 } 902 else 903 { 904 $post['subject'] = htmlspecialchars_uni($post['subject']); 905 } 906 // What we do here is parse the post using our post parser, then strip the tags from it 907 $parser_options = array( 908 'allow_html' => 0, 909 'allow_mycode' => 1, 910 'allow_smilies' => 0, 911 'allow_imgcode' => 0, 912 'filter_badwords' => 1 913 ); 914 $post['message'] = strip_tags($parser->parse_message($post['message'], $parser_options)); 915 if(my_strlen($post['message']) > 200) 916 { 917 $prev = my_substr($post['message'], 0, 200)."..."; 918 } 919 else 920 { 921 $prev = $post['message']; 922 } 923 $posted = my_date($mybb->settings['dateformat'], $post['dateline']).", ".my_date($mybb->settings['timeformat'], $post['dateline']); 924 925 $thread_url = get_thread_link($post['tid']); 926 $post_url = get_post_link($post['pid'], $post['tid']); 927 928 // Inline post moderation 929 $inline_mod_checkbox = ''; 930 if($is_supermod || is_moderator($post['fid'])) 931 { 932 eval("\$inline_mod_checkbox = \"".$templates->get("search_results_posts_inlinecheck")."\";"); 933 } 934 elseif($is_mod) 935 { 936 eval("\$inline_mod_checkbox = \"".$templates->get("search_results_posts_nocheck")."\";"); 937 } 938 939 $plugins->run_hooks("search_results_post"); 940 eval("\$results .= \"".$templates->get("search_results_posts_post")."\";"); 941 } 942 if(!$results) 943 { 944 error($lang->error_nosearchresults); 945 } 946 $multipage = multipage($postcount, $perpage, $page, "search.php?action=results&sid=".htmlspecialchars_uni($mybb->input['sid'])."&sortby=$sortby&order=$order&uid=".$mybb->input['uid']); 947 if($upper > $postcount) 948 { 949 $upper = $postcount; 950 } 951 952 // Inline Post Moderation Options 953 if($is_mod) 954 { 955 // If user has moderation tools available, prepare the Select All feature 956 $num_results = $db->num_rows($query); 957 $lang->page_selected = $lang->sprintf($lang->page_selected, intval($num_results)); 958 $lang->select_all = $lang->sprintf($lang->select_all, intval($postcount)); 959 $lang->all_selected = $lang->sprintf($lang->page_selected, intval($postcount)); 960 eval("\$selectall = \"".$templates->get("search_posts_inlinemoderation_selectall")."\";"); 961 962 $customthreadtools = $customposttools = ''; 963 switch($db->type) 964 { 965 case "pgsql": 966 case "sqlite": 967 $query = $db->simple_select("modtools", "tid, name, type", "type='p' AND (','||forums||',' LIKE '%,-1,%' OR forums='')"); 968 break; 969 default: 970 $query = $db->simple_select("modtools", "tid, name, type", "type='p' AND (CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='')"); 971 } 972 973 while($tool = $db->fetch_array($query)) 974 { 975 eval("\$customposttools .= \"".$templates->get("search_results_posts_inlinemoderation_custom_tool")."\";"); 976 } 977 // Build inline moderation dropdown 978 if(!empty($customposttools)) 979 { 980 eval("\$customposttools = \"".$templates->get("search_results_posts_inlinemoderation_custom")."\";"); 981 } 982 eval("\$inlinemod = \"".$templates->get("search_results_posts_inlinemoderation")."\";"); 983 } 984 985 $plugins->run_hooks("search_results_end"); 986 987 eval("\$searchresults = \"".$templates->get("search_results_posts")."\";"); 988 output_page($searchresults); 989 } 990 } 991 elseif($mybb->input['action'] == "findguest") 992 { 993 $where_sql = "uid='0'"; 994 995 $unsearchforums = get_unsearchable_forums(); 996 if($unsearchforums) 997 { 998 $where_sql .= " AND fid NOT IN ($unsearchforums)"; 999 } 1000 $inactiveforums = get_inactive_forums(); 1001 if($inactiveforums) 1002 { 1003 $where_sql .= " AND fid NOT IN ($inactiveforums)"; 1004 } 1005 1006 $permsql = ""; 1007 $onlyusfids = array(); 1008 1009 // Check group permissions if we can't view threads not started by us 1010 $group_permissions = forum_permissions(); 1011 foreach($group_permissions as $fid => $forum_permissions) 1012 { 1013 if($forum_permissions['canonlyviewownthreads'] == 1) 1014 { 1015 $onlyusfids[] = $fid; 1016 } 1017 } 1018 if(!empty($onlyusfids)) 1019 { 1020 $where_sql .= " AND fid NOT IN(".implode(',', $onlyusfids).")"; 1021 } 1022 1023 $options = array( 1024 'order_by' => 'dateline', 1025 'order_dir' => 'desc' 1026 ); 1027 1028 // Do we have a hard search limit? 1029 if($mybb->settings['searchhardlimit'] > 0) 1030 { 1031 $options['limit'] = intval($mybb->settings['searchhardlimit']); 1032 } 1033 1034 $pids = ''; 1035 $comma = ''; 1036 $query = $db->simple_select("posts", "pid", "{$where_sql}", $options); 1037 while($pid = $db->fetch_field($query, "pid")) 1038 { 1039 $pids .= $comma.$pid; 1040 $comma = ','; 1041 } 1042 1043 $tids = ''; 1044 $comma = ''; 1045 $query = $db->simple_select("threads", "tid", $where_sql); 1046 while($tid = $db->fetch_field($query, "tid")) 1047 { 1048 $tids .= $comma.$tid; 1049 $comma = ','; 1050 } 1051 1052 $sid = md5(uniqid(microtime(), 1)); 1053 $searcharray = array( 1054 "sid" => $db->escape_string($sid), 1055 "uid" => $mybb->user['uid'], 1056 "dateline" => TIME_NOW, 1057 "ipaddress" => $db->escape_string($session->ipaddress), 1058 "threads" => $db->escape_string($tids), 1059 "posts" => $db->escape_string($pids), 1060 "resulttype" => "posts", 1061 "querycache" => '', 1062 "keywords" => '' 1063 ); 1064 $plugins->run_hooks("search_do_search_process"); 1065 $db->insert_query("searchlog", $searcharray); 1066 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1067 } 1068 elseif($mybb->input['action'] == "finduser") 1069 { 1070 $where_sql = "uid='".intval($mybb->input['uid'])."'"; 1071 1072 $unsearchforums = get_unsearchable_forums(); 1073 if($unsearchforums) 1074 { 1075 $where_sql .= " AND fid NOT IN ($unsearchforums)"; 1076 } 1077 $inactiveforums = get_inactive_forums(); 1078 if($inactiveforums) 1079 { 1080 $where_sql .= " AND fid NOT IN ($inactiveforums)"; 1081 } 1082 1083 $permsql = ""; 1084 $onlyusfids = array(); 1085 1086 // Check group permissions if we can't view threads not started by us 1087 $group_permissions = forum_permissions(); 1088 foreach($group_permissions as $fid => $forum_permissions) 1089 { 1090 if($forum_permissions['canonlyviewownthreads'] == 1) 1091 { 1092 $onlyusfids[] = $fid; 1093 } 1094 } 1095 if(!empty($onlyusfids)) 1096 { 1097 $where_sql .= "AND ((fid IN(".implode(',', $onlyusfids).") AND uid='{$mybb->user['uid']}') OR fid NOT IN(".implode(',', $onlyusfids)."))"; 1098 } 1099 1100 $options = array( 1101 'order_by' => 'dateline', 1102 'order_dir' => 'desc' 1103 ); 1104 1105 // Do we have a hard search limit? 1106 if($mybb->settings['searchhardlimit'] > 0) 1107 { 1108 $options['limit'] = intval($mybb->settings['searchhardlimit']); 1109 } 1110 1111 $pids = ''; 1112 $comma = ''; 1113 $query = $db->simple_select("posts", "pid", "{$where_sql}", $options); 1114 while($pid = $db->fetch_field($query, "pid")) 1115 { 1116 $pids .= $comma.$pid; 1117 $comma = ','; 1118 } 1119 1120 $tids = ''; 1121 $comma = ''; 1122 $query = $db->simple_select("threads", "tid", $where_sql); 1123 while($tid = $db->fetch_field($query, "tid")) 1124 { 1125 $tids .= $comma.$tid; 1126 $comma = ','; 1127 } 1128 1129 $sid = md5(uniqid(microtime(), 1)); 1130 $searcharray = array( 1131 "sid" => $db->escape_string($sid), 1132 "uid" => $mybb->user['uid'], 1133 "dateline" => TIME_NOW, 1134 "ipaddress" => $db->escape_string($session->ipaddress), 1135 "threads" => $db->escape_string($tids), 1136 "posts" => $db->escape_string($pids), 1137 "resulttype" => "posts", 1138 "querycache" => '', 1139 "keywords" => '' 1140 ); 1141 $plugins->run_hooks("search_do_search_process"); 1142 $db->insert_query("searchlog", $searcharray); 1143 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1144 } 1145 elseif($mybb->input['action'] == "finduserthreads") 1146 { 1147 $where_sql = "t.uid='".intval($mybb->input['uid'])."'"; 1148 1149 $unsearchforums = get_unsearchable_forums(); 1150 if($unsearchforums) 1151 { 1152 $where_sql .= " AND t.fid NOT IN ($unsearchforums)"; 1153 } 1154 $inactiveforums = get_inactive_forums(); 1155 if($inactiveforums) 1156 { 1157 $where_sql .= " AND t.fid NOT IN ($inactiveforums)"; 1158 } 1159 1160 $permsql = ""; 1161 $onlyusfids = array(); 1162 1163 // Check group permissions if we can't view threads not started by us 1164 $group_permissions = forum_permissions(); 1165 foreach($group_permissions as $fid => $forum_permissions) 1166 { 1167 if($forum_permissions['canonlyviewownthreads'] == 1) 1168 { 1169 $onlyusfids[] = $fid; 1170 } 1171 } 1172 if(!empty($onlyusfids)) 1173 { 1174 $where_sql .= "AND ((t.fid IN(".implode(',', $onlyusfids).") AND t.uid='{$mybb->user['uid']}') OR t.fid NOT IN(".implode(',', $onlyusfids)."))"; 1175 } 1176 1177 $sid = md5(uniqid(microtime(), 1)); 1178 $searcharray = array( 1179 "sid" => $db->escape_string($sid), 1180 "uid" => $mybb->user['uid'], 1181 "dateline" => TIME_NOW, 1182 "ipaddress" => $db->escape_string($session->ipaddress), 1183 "threads" => '', 1184 "posts" => '', 1185 "resulttype" => "threads", 1186 "querycache" => $db->escape_string($where_sql), 1187 "keywords" => '' 1188 ); 1189 $plugins->run_hooks("search_do_search_process"); 1190 $db->insert_query("searchlog", $searcharray); 1191 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1192 } 1193 elseif($mybb->input['action'] == "getnew") 1194 { 1195 1196 $where_sql = "t.lastpost >= '".$mybb->user['lastvisit']."'"; 1197 1198 if($mybb->input['fid']) 1199 { 1200 $where_sql .= " AND t.fid='".intval($mybb->input['fid'])."'"; 1201 } 1202 else if($mybb->input['fids']) 1203 { 1204 $fids = explode(',', $mybb->input['fids']); 1205 foreach($fids as $key => $fid) 1206 { 1207 $fids[$key] = intval($fid); 1208 } 1209 1210 if(!empty($fids)) 1211 { 1212 $where_sql .= " AND t.fid IN (".implode(',', $fids).")"; 1213 } 1214 } 1215 1216 $unsearchforums = get_unsearchable_forums(); 1217 if($unsearchforums) 1218 { 1219 $where_sql .= " AND t.fid NOT IN ($unsearchforums)"; 1220 } 1221 $inactiveforums = get_inactive_forums(); 1222 if($inactiveforums) 1223 { 1224 $where_sql .= " AND t.fid NOT IN ($inactiveforums)"; 1225 } 1226 1227 $permsql = ""; 1228 $onlyusfids = array(); 1229 1230 // Check group permissions if we can't view threads not started by us 1231 $group_permissions = forum_permissions(); 1232 foreach($group_permissions as $fid => $forum_permissions) 1233 { 1234 if($forum_permissions['canonlyviewownthreads'] == 1) 1235 { 1236 $onlyusfids[] = $fid; 1237 } 1238 } 1239 if(!empty($onlyusfids)) 1240 { 1241 $where_sql .= "AND ((t.fid IN(".implode(',', $onlyusfids).") AND t.uid='{$mybb->user['uid']}') OR t.fid NOT IN(".implode(',', $onlyusfids)."))"; 1242 } 1243 1244 $sid = md5(uniqid(microtime(), 1)); 1245 $searcharray = array( 1246 "sid" => $db->escape_string($sid), 1247 "uid" => $mybb->user['uid'], 1248 "dateline" => TIME_NOW, 1249 "ipaddress" => $db->escape_string($session->ipaddress), 1250 "threads" => '', 1251 "posts" => '', 1252 "resulttype" => "threads", 1253 "querycache" => $db->escape_string($where_sql), 1254 "keywords" => '' 1255 ); 1256 1257 $plugins->run_hooks("search_do_search_process"); 1258 $db->insert_query("searchlog", $searcharray); 1259 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1260 } 1261 elseif($mybb->input['action'] == "getdaily") 1262 { 1263 if($mybb->input['days'] < 1) 1264 { 1265 $days = 1; 1266 } 1267 else 1268 { 1269 $days = intval($mybb->input['days']); 1270 } 1271 $datecut = TIME_NOW-(86400*$days); 1272 1273 $where_sql = "t.lastpost >='".$datecut."'"; 1274 1275 if($mybb->input['fid']) 1276 { 1277 $where_sql .= " AND t.fid='".intval($mybb->input['fid'])."'"; 1278 } 1279 else if($mybb->input['fids']) 1280 { 1281 $fids = explode(',', $mybb->input['fids']); 1282 foreach($fids as $key => $fid) 1283 { 1284 $fids[$key] = intval($fid); 1285 } 1286 1287 if(!empty($fids)) 1288 { 1289 $where_sql .= " AND t.fid IN (".implode(',', $fids).")"; 1290 } 1291 } 1292 1293 $unsearchforums = get_unsearchable_forums(); 1294 if($unsearchforums) 1295 { 1296 $where_sql .= " AND t.fid NOT IN ($unsearchforums)"; 1297 } 1298 $inactiveforums = get_inactive_forums(); 1299 if($inactiveforums) 1300 { 1301 $where_sql .= " AND t.fid NOT IN ($inactiveforums)"; 1302 } 1303 1304 $permsql = ""; 1305 $onlyusfids = array(); 1306 1307 // Check group permissions if we can't view threads not started by us 1308 $group_permissions = forum_permissions(); 1309 foreach($group_permissions as $fid => $forum_permissions) 1310 { 1311 if($forum_permissions['canonlyviewownthreads'] == 1) 1312 { 1313 $onlyusfids[] = $fid; 1314 } 1315 } 1316 if(!empty($onlyusfids)) 1317 { 1318 $where_sql .= "AND ((t.fid IN(".implode(',', $onlyusfids).") AND t.uid='{$mybb->user['uid']}') OR t.fid NOT IN(".implode(',', $onlyusfids)."))"; 1319 } 1320 1321 $sid = md5(uniqid(microtime(), 1)); 1322 $searcharray = array( 1323 "sid" => $db->escape_string($sid), 1324 "uid" => $mybb->user['uid'], 1325 "dateline" => TIME_NOW, 1326 "ipaddress" => $db->escape_string($session->ipaddress), 1327 "threads" => '', 1328 "posts" => '', 1329 "resulttype" => "threads", 1330 "querycache" => $db->escape_string($where_sql), 1331 "keywords" => '' 1332 ); 1333 1334 $plugins->run_hooks("search_do_search_process"); 1335 $db->insert_query("searchlog", $searcharray); 1336 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1337 } 1338 elseif($mybb->input['action'] == "do_search" && $mybb->request_method == "post") 1339 { 1340 $plugins->run_hooks("search_do_search_start"); 1341 1342 // Check if search flood checking is enabled and user is not admin 1343 if($mybb->settings['searchfloodtime'] > 0 && $mybb->usergroup['cancp'] != 1) 1344 { 1345 // Fetch the time this user last searched 1346 if($mybb->user['uid']) 1347 { 1348 $conditions = "uid='{$mybb->user['uid']}'"; 1349 } 1350 else 1351 { 1352 $conditions = "uid='0' AND ipaddress='".$db->escape_string($session->ipaddress)."'"; 1353 } 1354 $timecut = TIME_NOW-$mybb->settings['searchfloodtime']; 1355 $query = $db->simple_select("searchlog", "*", "$conditions AND dateline > '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC")); 1356 $last_search = $db->fetch_array($query); 1357 // Users last search was within the flood time, show the error 1358 if($last_search['sid']) 1359 { 1360 $remaining_time = $mybb->settings['searchfloodtime']-(TIME_NOW-$last_search['dateline']); 1361 if($remaining_time == 1) 1362 { 1363 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding_1, $mybb->settings['searchfloodtime']); 1364 } 1365 else 1366 { 1367 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time); 1368 } 1369 error($lang->error_searchflooding); 1370 } 1371 } 1372 if($mybb->input['showresults'] == "threads") 1373 { 1374 $resulttype = "threads"; 1375 } 1376 else 1377 { 1378 $resulttype = "posts"; 1379 } 1380 1381 $search_data = array( 1382 "keywords" => $mybb->input['keywords'], 1383 "author" => $mybb->input['author'], 1384 "postthread" => $mybb->input['postthread'], 1385 "matchusername" => $mybb->input['matchusername'], 1386 "postdate" => $mybb->input['postdate'], 1387 "pddir" => $mybb->input['pddir'], 1388 "forums" => $mybb->input['forums'], 1389 "findthreadst" => $mybb->input['findthreadst'], 1390 "numreplies" => $mybb->input['numreplies'], 1391 "threadprefix" => $mybb->input['threadprefix'] 1392 ); 1393 1394 if(is_moderator() && !empty($mybb->input['visible'])) 1395 { 1396 if($mybb->input['visible'] == 1) 1397 { 1398 $search_data['visible'] = 1; 1399 } 1400 else 1401 { 1402 $search_data['visible'] = 0; 1403 } 1404 } 1405 1406 if($db->can_search == true) 1407 { 1408 if($mybb->settings['searchtype'] == "fulltext" && $db->supports_fulltext_boolean("posts") && $db->is_fulltext("posts")) 1409 { 1410 $search_results = perform_search_mysql_ft($search_data); 1411 } 1412 else 1413 { 1414 $search_results = perform_search_mysql($search_data); 1415 } 1416 } 1417 else 1418 { 1419 error($lang->error_no_search_support); 1420 } 1421 $sid = md5(uniqid(microtime(), 1)); 1422 $searcharray = array( 1423 "sid" => $db->escape_string($sid), 1424 "uid" => $mybb->user['uid'], 1425 "dateline" => $now, 1426 "ipaddress" => $db->escape_string($session->ipaddress), 1427 "threads" => $search_results['threads'], 1428 "posts" => $search_results['posts'], 1429 "resulttype" => $resulttype, 1430 "querycache" => $search_results['querycache'], 1431 "keywords" => $db->escape_string($mybb->input['keywords']), 1432 ); 1433 $plugins->run_hooks("search_do_search_process"); 1434 1435 $db->insert_query("searchlog", $searcharray); 1436 1437 if(my_strtolower($mybb->input['sortordr']) == "asc" || my_strtolower($mybb->input['sortordr'] == "desc")) 1438 { 1439 $sortorder = $mybb->input['sortordr']; 1440 } 1441 else 1442 { 1443 $sortorder = "desc"; 1444 } 1445 $sortby = htmlspecialchars($mybb->input['sortby']); 1446 $plugins->run_hooks("search_do_search_end"); 1447 redirect("search.php?action=results&sid=".$sid."&sortby=".$sortby."&order=".$sortorder, $lang->redirect_searchresults); 1448 } 1449 else if($mybb->input['action'] == "thread") 1450 { 1451 // Fetch thread info 1452 $thread = get_thread($mybb->input['tid']); 1453 if(!$thread['tid'] || (($thread['visible'] == 0 && !is_moderator($thread['fid'])) || $thread['visible'] < 0)) 1454 { 1455 error($lang->error_invalidthread); 1456 } 1457 1458 // Get forum info 1459 $forum = get_forum($thread['fid']); 1460 if(!$forum) 1461 { 1462 error($lang->error_invalidforum); 1463 } 1464 1465 $forum_permissions = forum_permissions($forum['fid']); 1466 1467 if($forum['open'] == 0 || $forum['type'] != "f") 1468 { 1469 error($lang->error_closedinvalidforum); 1470 } 1471 if($forum_permissions['canview'] == 0 || $forum_permissions['canviewthreads'] != 1) 1472 { 1473 error_no_permission(); 1474 } 1475 1476 $plugins->run_hooks("search_thread_start"); 1477 1478 // Check if search flood checking is enabled and user is not admin 1479 if($mybb->settings['searchfloodtime'] > 0 && $mybb->usergroup['cancp'] != 1) 1480 { 1481 // Fetch the time this user last searched 1482 if($mybb->user['uid']) 1483 { 1484 $conditions = "uid='{$mybb->user['uid']}'"; 1485 } 1486 else 1487 { 1488 $conditions = "uid='0' AND ipaddress='".$db->escape_string($session->ipaddress)."'"; 1489 } 1490 $timecut = TIME_NOW-$mybb->settings['searchfloodtime']; 1491 $query = $db->simple_select("searchlog", "*", "$conditions AND dateline > '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC")); 1492 $last_search = $db->fetch_array($query); 1493 1494 // We shouldn't show remaining time if time is 0 or under. 1495 $remaining_time = $mybb->settings['searchfloodtime']-(TIME_NOW-$last_search['dateline']); 1496 // Users last search was within the flood time, show the error. 1497 if($last_search['sid'] && $remaining_time > 0) 1498 { 1499 if($remaining_time == 1) 1500 { 1501 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding_1, $mybb->settings['searchfloodtime']); 1502 } 1503 else 1504 { 1505 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time); 1506 } 1507 error($lang->error_searchflooding); 1508 } 1509 } 1510 1511 $search_data = array( 1512 "keywords" => $mybb->input['keywords'], 1513 "postthread" => 1, 1514 "tid" => $mybb->input['tid'] 1515 ); 1516 1517 if($db->can_search == true) 1518 { 1519 if($mybb->settings['searchtype'] == "fulltext" && $db->supports_fulltext_boolean("posts") && $db->is_fulltext("posts")) 1520 { 1521 $search_results = perform_search_mysql_ft($search_data); 1522 } 1523 else 1524 { 1525 $search_results = perform_search_mysql($search_data); 1526 } 1527 } 1528 else 1529 { 1530 error($lang->error_no_search_support); 1531 } 1532 $sid = md5(uniqid(microtime(), 1)); 1533 $searcharray = array( 1534 "sid" => $db->escape_string($sid), 1535 "uid" => $mybb->user['uid'], 1536 "dateline" => $now, 1537 "ipaddress" => $db->escape_string($session->ipaddress), 1538 "threads" => $search_results['threads'], 1539 "posts" => $search_results['posts'], 1540 "resulttype" => 'posts', 1541 "querycache" => $search_results['querycache'], 1542 "keywords" => $db->escape_string($mybb->input['keywords']) 1543 ); 1544 $plugins->run_hooks("search_thread_process"); 1545 1546 $db->insert_query("searchlog", $searcharray); 1547 1548 $plugins->run_hooks("search_do_search_end"); 1549 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1550 } 1551 else 1552 { 1553 $plugins->run_hooks("search_start"); 1554 $srchlist = make_searchable_forums("", $fid); 1555 $prefixselect = build_prefix_select('all', 'any', 1); 1556 1557 $rowspan = 5; 1558 1559 if(is_moderator()) 1560 { 1561 $rowspan += 2; 1562 eval("\$moderator_options = \"".$templates->get("search_moderator_options")."\";"); 1563 } 1564 1565 $plugins->run_hooks("search_end"); 1566 1567 eval("\$search = \"".$templates->get("search")."\";"); 1568 output_page($search); 1569 } 1570 1571 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Sun Dec 11 14:16:27 2011 | Cross-referenced by PHPXref 0.7.1 |