| [ Index ] |
PHP Cross Reference of MyBB |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.6 4 * Copyright 2010 MyBB Group, All Rights Reserved 5 * 6 * Website: http://mybb.com 7 * License: http://mybb.com/about/license 8 * 9 * $Id$ 10 */ 11 12 define("IN_MYBB", 1); 13 define("IGNORE_CLEAN_VARS", "sid"); 14 define('THIS_SCRIPT', 'search.php'); 15 16 $templatelist = "search,forumdisplay_thread_gotounread,search_results_threads_thread,search_results_threads,search_results_posts,search_results_posts_post"; 17 $templatelist .= ",multipage_nextpage,multipage_page_current,multipage_page,multipage_start,multipage_end,multipage,forumdisplay_thread_multipage_more,forumdisplay_thread_multipage_page,forumdisplay_thread_multipage"; 18 $templatelist .= ",search_results_posts_inlinecheck,search_results_posts_nocheck,search_results_threads_inlinecheck,search_results_threads_nocheck,search_results_inlinemodcol,search_results_posts_inlinemoderation_custom_tool"; 19 $templatelist .= ",search_results_posts_inlinemoderation_custom,search_results_posts_inlinemoderation,search_results_threads_inlinemoderation_custom_tool,search_results_threads_inlinemoderation_custom,search_results_threads_inlinemoderation,search_orderarrow,search_moderator_options"; 20 $templatelist .= ",forumdisplay_thread_attachment_count,forumdisplay_threadlist_inlineedit_js,search_threads_inlinemoderation_selectall,search_posts_inlinemoderation_selectall,multipage_prevpage"; 21 22 require_once "./global.php"; 23 24 require_once MYBB_ROOT."inc/functions_post.php"; 25 require_once MYBB_ROOT."inc/functions_search.php"; 26 require_once MYBB_ROOT."inc/class_parser.php"; 27 $parser = new postParser; 28 29 // Load global language phrases 30 $lang->load("search"); 31 32 add_breadcrumb($lang->nav_search, "search.php"); 33 34 switch($mybb->input['action']) 35 { 36 case "results": 37 add_breadcrumb($lang->nav_results); 38 break; 39 default: 40 break; 41 } 42 43 if($mybb->usergroup['cansearch'] == 0) 44 { 45 error_no_permission(); 46 } 47 48 $now = TIME_NOW; 49 $mybb->input['keywords'] = trim($mybb->input['keywords']); 50 51 $limitsql = ""; 52 if(intval($mybb->settings['searchhardlimit']) > 0) 53 { 54 $limitsql = "LIMIT ".intval($mybb->settings['searchhardlimit']); 55 } 56 57 if($mybb->input['action'] == "results") 58 { 59 $sid = $db->escape_string($mybb->input['sid']); 60 $query = $db->simple_select("searchlog", "*", "sid='$sid'"); 61 $search = $db->fetch_array($query); 62 63 if(!$search['sid']) 64 { 65 error($lang->error_invalidsearch); 66 } 67 68 $plugins->run_hooks("search_results_start"); 69 70 // Decide on our sorting fields and sorting order. 71 $order = my_strtolower(htmlspecialchars_uni($mybb->input['order'])); 72 $sortby = my_strtolower(htmlspecialchars_uni($mybb->input['sortby'])); 73 74 switch($sortby) 75 { 76 case "replies": 77 $sortfield = "t.replies"; 78 break; 79 case "views": 80 $sortfield = "t.views"; 81 break; 82 case "subject": 83 if($search['resulttype'] == "threads") 84 { 85 $sortfield = "t.subject"; 86 } 87 else 88 { 89 $sortfield = "p.subject"; 90 } 91 break; 92 case "forum": 93 $sortfield = "t.fid"; 94 break; 95 case "starter": 96 if($search['resulttype'] == "threads") 97 { 98 $sortfield = "t.username"; 99 } 100 else 101 { 102 $sortfield = "p.username"; 103 } 104 break; 105 case "lastpost": 106 default: 107 if($search['resulttype'] == "threads") 108 { 109 $sortfield = "t.lastpost"; 110 $sortby = "lastpost"; 111 } 112 else 113 { 114 $sortfield = "p.dateline"; 115 $sortby = "dateline"; 116 } 117 break; 118 } 119 120 if($order != "asc") 121 { 122 $order = "desc"; 123 $oppsortnext = "asc"; 124 $oppsort = $lang->asc; 125 } 126 else 127 { 128 $oppsortnext = "desc"; 129 $oppsort = $lang->desc; 130 } 131 132 if(!$mybb->settings['threadsperpage']) 133 { 134 $mybb->settings['threadsperpage'] = 20; 135 } 136 137 // Work out pagination, which page we're at, as well as the limits. 138 $perpage = $mybb->settings['threadsperpage']; 139 $page = intval($mybb->input['page']); 140 if($page > 0) 141 { 142 $start = ($page-1) * $perpage; 143 } 144 else 145 { 146 $start = 0; 147 $page = 1; 148 } 149 $end = $start + $perpage; 150 $lower = $start+1; 151 $upper = $end; 152 153 // Work out if we have terms to highlight 154 $highlight = ""; 155 if($search['keywords']) 156 { 157 if($mybb->settings['seourls'] == "yes" || ($mybb->settings['seourls'] == "auto" && $_SERVER['SEO_SUPPORT'] == 1)) 158 { 159 $highlight = "?highlight=".urlencode($search['keywords']); 160 } 161 else 162 { 163 $highlight = "&highlight=".urlencode($search['keywords']); 164 } 165 } 166 167 $sorturl = "search.php?action=results&sid={$sid}"; 168 $thread_url = ""; 169 $post_url = ""; 170 171 eval("\$orderarrow['$sortby'] = \"".$templates->get("search_orderarrow")."\";"); 172 173 // Read some caches we will be using 174 $forumcache = $cache->read("forums"); 175 $icon_cache = $cache->read("posticons"); 176 177 $threads = array(); 178 179 if($mybb->user['uid'] == 0) 180 { 181 // Build a forum cache. 182 $query = $db->query(" 183 SELECT fid 184 FROM ".TABLE_PREFIX."forums 185 WHERE active != 0 186 ORDER BY pid, disporder 187 "); 188 189 $forumsread = my_unserialize($mybb->cookies['mybb']['forumread']); 190 } 191 else 192 { 193 // Build a forum cache. 194 $query = $db->query(" 195 SELECT f.fid, fr.dateline AS lastread 196 FROM ".TABLE_PREFIX."forums f 197 LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}') 198 WHERE f.active != 0 199 ORDER BY pid, disporder 200 "); 201 } 202 203 while($forum = $db->fetch_array($query)) 204 { 205 if($mybb->user['uid'] == 0) 206 { 207 if($forumsread[$forum['fid']]) 208 { 209 $forum['lastread'] = $forumsread[$forum['fid']]; 210 } 211 } 212 $readforums[$forum['fid']] = $forum['lastread']; 213 } 214 $fpermissions = forum_permissions(); 215 216 // Inline Mod Column for moderators 217 $inlinemodcol = $inlinecookie = ''; 218 $is_mod = $is_supermod = false; 219 if($mybb->usergroup['issupermod']) 220 { 221 $is_supermod = true; 222 } 223 if($is_supermod || is_moderator()) 224 { 225 eval("\$inlinemodcol = \"".$templates->get("search_results_inlinemodcol")."\";"); 226 $inlinecookie = "inlinemod_search".$sid; 227 $inlinecount = 0; 228 $is_mod = true; 229 $return_url = 'search.php?'.htmlspecialchars_uni($_SERVER['QUERY_STRING']); 230 } 231 232 // Show search results as 'threads' 233 if($search['resulttype'] == "threads") 234 { 235 $threadcount = 0; 236 237 // Moderators can view unapproved threads 238 $query = $db->simple_select("moderators", "fid", "(id='{$mybb->user['uid']}' AND isgroup='0') OR (id='{$mybb->user['usergroup']}' AND isgroup='1')"); 239 if($mybb->usergroup['issupermod'] == 1) 240 { 241 // Super moderators (and admins) 242 $unapproved_where = "t.visible>-1"; 243 } 244 elseif($db->num_rows($query)) 245 { 246 // Normal moderators 247 $moderated_forums = '0'; 248 while($forum = $db->fetch_array($query)) 249 { 250 $moderated_forums .= ','.$forum['fid']; 251 } 252 $unapproved_where = "(t.visible>0 OR (t.visible=0 AND t.fid IN ({$moderated_forums})))"; 253 } 254 else 255 { 256 // Normal users 257 $unapproved_where = 't.visible>0'; 258 } 259 260 // If we have saved WHERE conditions, execute them 261 if($search['querycache'] != "") 262 { 263 $where_conditions = $search['querycache']; 264 $query = $db->simple_select("threads t", "t.tid", $where_conditions. " AND {$unapproved_where} AND t.closed NOT LIKE 'moved|%' ORDER BY t.lastpost DESC {$limitsql}"); 265 while($thread = $db->fetch_array($query)) 266 { 267 $threads[$thread['tid']] = $thread['tid']; 268 $threadcount++; 269 } 270 // Build our list of threads. 271 if($threadcount > 0) 272 { 273 $search['threads'] = implode(",", $threads); 274 } 275 // No results. 276 else 277 { 278 error($lang->error_nosearchresults); 279 } 280 $where_conditions = "t.tid IN (".$search['threads'].")"; 281 } 282 // This search doesn't use a query cache, results stored in search table. 283 else 284 { 285 $where_conditions = "t.tid IN (".$search['threads'].")"; 286 $query = $db->simple_select("threads t", "COUNT(t.tid) AS resultcount", $where_conditions. " AND {$unapproved_where} AND t.closed NOT LIKE 'moved|%' {$limitsql}"); 287 $count = $db->fetch_array($query); 288 289 if(!$count['resultcount']) 290 { 291 error($lang->error_nosearchresults); 292 } 293 $threadcount = $count['resultcount']; 294 } 295 296 $permsql = ""; 297 $onlyusfids = array(); 298 299 // Check group permissions if we can't view threads not started by us 300 $group_permissions = forum_permissions(); 301 foreach($group_permissions as $fid => $forum_permissions) 302 { 303 if($forum_permissions['canonlyviewownthreads'] == 1) 304 { 305 $onlyusfids[] = $fid; 306 } 307 } 308 if(!empty($onlyusfids)) 309 { 310 $permsql .= "AND ((t.fid IN(".implode(',', $onlyusfids).") AND t.uid='{$mybb->user['uid']}') OR t.fid NOT IN(".implode(',', $onlyusfids)."))"; 311 } 312 313 $unsearchforums = get_unsearchable_forums(); 314 if($unsearchforums) 315 { 316 $permsql .= " AND t.fid NOT IN ($unsearchforums)"; 317 } 318 $inactiveforums = get_inactive_forums(); 319 if($inactiveforums) 320 { 321 $permsql .= " AND t.fid NOT IN ($inactiveforums)"; 322 } 323 324 // Begin selecting matching threads, cache them. 325 $sqlarray = array( 326 'order_by' => $sortfield, 327 'order_dir' => $order, 328 'limit_start' => $start, 329 'limit' => $perpage 330 ); 331 $query = $db->query(" 332 SELECT t.*, u.username AS userusername, p.displaystyle AS threadprefix 333 FROM ".TABLE_PREFIX."threads t 334 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=t.uid) 335 LEFT JOIN ".TABLE_PREFIX."threadprefixes p ON (p.pid=t.prefix) 336 WHERE $where_conditions AND {$unapproved_where} {$permsql} AND t.closed NOT LIKE 'moved|%' 337 ORDER BY $sortfield $order 338 LIMIT $start, $perpage 339 "); 340 $thread_cache = array(); 341 while($thread = $db->fetch_array($query)) 342 { 343 $thread_cache[$thread['tid']] = $thread; 344 } 345 $thread_ids = implode(",", array_keys($thread_cache)); 346 347 if(empty($thread_ids)) 348 { 349 error($lang->error_nosearchresults); 350 } 351 352 // Fetch dot icons if enabled 353 if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] && $thread_cache) 354 { 355 $query = $db->simple_select("posts", "DISTINCT tid,uid", "uid='".$mybb->user['uid']."' AND tid IN(".$thread_ids.")"); 356 while($thread = $db->fetch_array($query)) 357 { 358 $thread_cache[$thread['tid']]['dot_icon'] = 1; 359 } 360 } 361 362 // Fetch the read threads. 363 if($mybb->user['uid'] && $mybb->settings['threadreadcut'] > 0) 364 { 365 $query = $db->simple_select("threadsread", "tid,dateline", "uid='".$mybb->user['uid']."' AND tid IN(".$thread_ids.")"); 366 while($readthread = $db->fetch_array($query)) 367 { 368 $thread_cache[$readthread['tid']]['lastread'] = $readthread['dateline']; 369 } 370 } 371 372 if(!$mybb->settings['maxmultipagelinks']) 373 { 374 $mybb->settings['maxmultipagelinks'] = 5; 375 } 376 377 foreach($thread_cache as $thread) 378 { 379 $bgcolor = alt_trow(); 380 $folder = ''; 381 $prefix = ''; 382 383 // Unapproved colour 384 if(!$thread['visible']) 385 { 386 $bgcolor = 'trow_shaded'; 387 } 388 389 if($thread['userusername']) 390 { 391 $thread['username'] = $thread['userusername']; 392 } 393 $thread['profilelink'] = build_profile_link($thread['username'], $thread['uid']); 394 395 // If this thread has a prefix, insert a space between prefix and subject 396 if($thread['prefix'] != 0) 397 { 398 $thread['threadprefix'] .= ' '; 399 } 400 401 $thread['subject'] = $parser->parse_badwords($thread['subject']); 402 $thread['subject'] = htmlspecialchars_uni($thread['subject']); 403 404 if($icon_cache[$thread['icon']]) 405 { 406 $posticon = $icon_cache[$thread['icon']]; 407 $icon = "<img src=\"".$posticon['path']."\" alt=\"".$posticon['name']."\" />"; 408 } 409 else 410 { 411 $icon = " "; 412 } 413 if($thread['poll']) 414 { 415 $prefix = $lang->poll_prefix; 416 } 417 418 // Determine the folder 419 $folder = ''; 420 $folder_label = ''; 421 if($thread['dot_icon']) 422 { 423 $folder = "dot_"; 424 $folder_label .= $lang->icon_dot; 425 } 426 $gotounread = ''; 427 $isnew = 0; 428 $donenew = 0; 429 $last_read = 0; 430 431 if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid']) 432 { 433 $forum_read = $readforums[$thread['fid']]; 434 435 $read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; 436 if($forum_read == 0 || $forum_read < $read_cutoff) 437 { 438 $forum_read = $read_cutoff; 439 } 440 } 441 else 442 { 443 $forum_read = $forumsread[$thread['fid']]; 444 } 445 446 if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid'] && $thread['lastpost'] > $forum_read) 447 { 448 if($thread['lastread']) 449 { 450 $last_read = $thread['lastread']; 451 } 452 else 453 { 454 $last_read = $read_cutoff; 455 } 456 } 457 else 458 { 459 $last_read = my_get_array_cookie("threadread", $thread['tid']); 460 } 461 462 if($forum_read > $last_read) 463 { 464 $last_read = $forum_read; 465 } 466 467 if($thread['lastpost'] > $last_read && $last_read) 468 { 469 $folder .= "new"; 470 $new_class = "subject_new"; 471 $folder_label .= $lang->icon_new; 472 $thread['newpostlink'] = get_thread_link($thread['tid'], 0, "newpost").$highlight; 473 eval("\$gotounread = \"".$templates->get("forumdisplay_thread_gotounread")."\";"); 474 $unreadpost = 1; 475 } 476 else 477 { 478 $new_class = 'subject_old'; 479 $folder_label .= $lang->icon_no_new; 480 } 481 482 if($thread['replies'] >= $mybb->settings['hottopic'] || $thread['views'] >= $mybb->settings['hottopicviews']) 483 { 484 $folder .= "hot"; 485 $folder_label .= $lang->icon_hot; 486 } 487 if($thread['closed'] == 1) 488 { 489 $folder .= "lock"; 490 $folder_label .= $lang->icon_lock; 491 } 492 $folder .= "folder"; 493 494 if(!$mybb->settings['postsperpage']) 495 { 496 $mybb->settings['postperpage'] = 20; 497 } 498 499 $thread['pages'] = 0; 500 $thread['multipage'] = ''; 501 $threadpages = ''; 502 $morelink = ''; 503 $thread['posts'] = $thread['replies'] + 1; 504 if(is_moderator($thread['fid'])) 505 { 506 $thread['posts'] += $thread['unapprovedposts']; 507 } 508 if($thread['posts'] > $mybb->settings['postsperpage']) 509 { 510 $thread['pages'] = $thread['posts'] / $mybb->settings['postsperpage']; 511 $thread['pages'] = ceil($thread['pages']); 512 if($thread['pages'] > $mybb->settings['maxmultipagelinks']) 513 { 514 $pagesstop = $mybb->settings['maxmultipagelinks'] - 1; 515 $page_link = get_thread_link($thread['tid'], $thread['pages']).$highlight; 516 eval("\$morelink = \"".$templates->get("forumdisplay_thread_multipage_more")."\";"); 517 } 518 else 519 { 520 $pagesstop = $thread['pages']; 521 } 522 for($i = 1; $i <= $pagesstop; ++$i) 523 { 524 $page_link = get_thread_link($thread['tid'], $i).$highlight; 525 eval("\$threadpages .= \"".$templates->get("forumdisplay_thread_multipage_page")."\";"); 526 } 527 eval("\$thread['multipage'] = \"".$templates->get("forumdisplay_thread_multipage")."\";"); 528 } 529 else 530 { 531 $threadpages = ''; 532 $morelink = ''; 533 $thread['multipage'] = ''; 534 } 535 $lastpostdate = my_date($mybb->settings['dateformat'], $thread['lastpost']); 536 $lastposttime = my_date($mybb->settings['timeformat'], $thread['lastpost']); 537 $lastposter = $thread['lastposter']; 538 $thread['lastpostlink'] = get_thread_link($thread['tid'], 0, "lastpost"); 539 $lastposteruid = $thread['lastposteruid']; 540 $thread_link = get_thread_link($thread['tid']); 541 542 // Don't link to guest's profiles (they have no profile). 543 if($lastposteruid == 0) 544 { 545 $lastposterlink = $lastposter; 546 } 547 else 548 { 549 $lastposterlink = build_profile_link($lastposter, $lastposteruid); 550 } 551 552 $thread['replies'] = my_number_format($thread['replies']); 553 $thread['views'] = my_number_format($thread['views']); 554 555 if($forumcache[$thread['fid']]) 556 { 557 $thread['forumlink'] = "<a href=\"".get_forum_link($thread['fid'])."\">".$forumcache[$thread['fid']]['name']."</a>"; 558 } 559 else 560 { 561 $thread['forumlink'] = ""; 562 } 563 564 // If this user is the author of the thread and it is not closed or they are a moderator, they can edit 565 if(($thread['uid'] == $mybb->user['uid'] && $thread['closed'] != 1 && $mybb->user['uid'] != 0 && $fpermissions[$thread['fid']]['caneditposts'] == 1) || is_moderator($thread['fid'], "caneditposts")) 566 { 567 $inline_edit_class = "subject_editable"; 568 } 569 else 570 { 571 $inline_edit_class = ""; 572 } 573 $load_inline_edit_js = 1; 574 575 // If this thread has 1 or more attachments show the papperclip 576 if($thread['attachmentcount'] > 0) 577 { 578 if($thread['attachmentcount'] > 1) 579 { 580 $attachment_count = $lang->sprintf($lang->attachment_count_multiple, $thread['attachmentcount']); 581 } 582 else 583 { 584 $attachment_count = $lang->attachment_count; 585 } 586 587 eval("\$attachment_count = \"".$templates->get("forumdisplay_thread_attachment_count")."\";"); 588 } 589 else 590 { 591 $attachment_count = ''; 592 } 593 594 $inline_edit_tid = $thread['tid']; 595 596 // Inline thread moderation 597 $inline_mod_checkbox = ''; 598 if($is_supermod || is_moderator($thread['fid'])) 599 { 600 eval("\$inline_mod_checkbox = \"".$templates->get("search_results_threads_inlinecheck")."\";"); 601 } 602 elseif($is_mod) 603 { 604 eval("\$inline_mod_checkbox = \"".$templates->get("search_results_threads_nocheck")."\";"); 605 } 606 607 $plugins->run_hooks("search_results_thread"); 608 eval("\$results .= \"".$templates->get("search_results_threads_thread")."\";"); 609 } 610 if(!$results) 611 { 612 error($lang->error_nosearchresults); 613 } 614 else 615 { 616 if($load_inline_edit_js == 1) 617 { 618 eval("\$inline_edit_js = \"".$templates->get("forumdisplay_threadlist_inlineedit_js")."\";"); 619 } 620 } 621 $multipage = multipage($threadcount, $perpage, $page, "search.php?action=results&sid=$sid&sortby=$sortby&order=$order&uid=".$mybb->input['uid']); 622 if($upper > $threadcount) 623 { 624 $upper = $threadcount; 625 } 626 627 // Inline Thread Moderation Options 628 if($is_mod) 629 { 630 // If user has moderation tools available, prepare the Select All feature 631 $lang->page_selected = $lang->sprintf($lang->page_selected, count($thread_cache)); 632 $lang->all_selected = $lang->sprintf($lang->all_selected, intval($threadcount)); 633 $lang->select_all = $lang->sprintf($lang->select_all, intval($threadcount)); 634 eval("\$selectall = \"".$templates->get("search_threads_inlinemoderation_selectall")."\";"); 635 636 $customthreadtools = ''; 637 switch($db->type) 638 { 639 case "pgsql": 640 case "sqlite": 641 $query = $db->simple_select("modtools", "tid, name", "type='t' AND (','||forums||',' LIKE '%,-1,%' OR forums='')"); 642 break; 643 default: 644 $query = $db->simple_select("modtools", "tid, name", "type='t' AND (CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='')"); 645 } 646 647 while($tool = $db->fetch_array($query)) 648 { 649 eval("\$customthreadtools .= \"".$templates->get("search_results_threads_inlinemoderation_custom_tool")."\";"); 650 } 651 // Build inline moderation dropdown 652 if(!empty($customthreadtools)) 653 { 654 eval("\$customthreadtools = \"".$templates->get("search_results_threads_inlinemoderation_custom")."\";"); 655 } 656 eval("\$inlinemod = \"".$templates->get("search_results_threads_inlinemoderation")."\";"); 657 } 658 659 $plugins->run_hooks("search_results_end"); 660 661 eval("\$searchresults = \"".$templates->get("search_results_threads")."\";"); 662 output_page($searchresults); 663 } 664 else // Displaying results as posts 665 { 666 if(!$search['posts']) 667 { 668 error($lang->error_nosearchresults); 669 } 670 671 $postcount = 0; 672 673 // Moderators can view unapproved threads 674 $query = $db->simple_select("moderators", "fid", "(id='{$mybb->user['uid']}' AND isgroup='0') OR (id='{$mybb->user['usergroup']}' AND isgroup='1')"); 675 if($mybb->usergroup['issupermod'] == 1) 676 { 677 // Super moderators (and admins) 678 $p_unapproved_where = "visible >= 0"; 679 $t_unapproved_where = "visible < 0"; 680 } 681 elseif($db->num_rows($query)) 682 { 683 // Normal moderators 684 $moderated_forums = '0'; 685 while($forum = $db->fetch_array($query)) 686 { 687 $moderated_forums .= ','.$forum['fid']; 688 $test_moderated_forums[$forum['fid']] = $forum['fid']; 689 } 690 $p_unapproved_where = "visible >= 0"; 691 $t_unapproved_where = "visible < 0 AND fid NOT IN ({$moderated_forums})"; 692 } 693 else 694 { 695 // Normal users 696 $p_unapproved_where = 'visible=1'; 697 $t_unapproved_where = 'visible < 1'; 698 } 699 700 $post_cache_options = array(); 701 if(intval($mybb->settings['searchhardlimit']) > 0) 702 { 703 $post_cache_options['limit'] = intval($mybb->settings['searchhardlimit']); 704 } 705 706 if(strpos($sortfield, 'p.') !== false) 707 { 708 $post_cache_options['order_by'] = str_replace('p.', '', $sortfield); 709 $post_cache_options['order_dir'] = $order; 710 } 711 712 $tids = array(); 713 $pids = array(); 714 // Make sure the posts we're viewing we have permission to view. 715 $query = $db->simple_select("posts", "pid, tid", "pid IN(".$db->escape_string($search['posts']).") AND {$p_unapproved_where}", $post_cache_options); 716 while($post = $db->fetch_array($query)) 717 { 718 $pids[$post['pid']] = $post['tid']; 719 $tids[$post['tid']][$post['pid']] = $post['pid']; 720 } 721 722 if(!empty($pids)) 723 { 724 $temp_pids = array(); 725 726 // Check the thread records as well. If we don't have permissions, remove them from the listing. 727 $query = $db->simple_select("threads", "tid", "tid IN(".$db->escape_string(implode(',', $pids)).") AND ({$t_unapproved_where} OR closed LIKE 'moved|%')"); 728 while($thread = $db->fetch_array($query)) 729 { 730 if(array_key_exists($thread['tid'], $tids) != false) 731 { 732 $temp_pids = $tids[$thread['tid']]; 733 foreach($temp_pids as $pid) 734 { 735 unset($pids[$pid]); 736 unset($tids[$thread['tid']]); 737 } 738 } 739 } 740 unset($temp_pids); 741 } 742 743 // Declare our post count 744 $postcount = count($pids); 745 746 if(!$postcount) 747 { 748 error($lang->error_nosearchresults); 749 } 750 751 // And now we have our sanatized post list 752 $search['posts'] = implode(',', array_keys($pids)); 753 754 $tids = implode(",", array_keys($tids)); 755 756 // Read threads 757 if($mybb->user['uid'] && $mybb->settings['threadreadcut'] > 0) 758 { 759 $query = $db->simple_select("threadsread", "tid, dateline", "uid='".$mybb->user['uid']."' AND tid IN(".$db->escape_string($tids).")"); 760 while($readthread = $db->fetch_array($query)) 761 { 762 $readthreads[$readthread['tid']] = $readthread['dateline']; 763 } 764 } 765 766 $dot_icon = array(); 767 if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] != 0) 768 { 769 $query = $db->simple_select("posts", "DISTINCT tid,uid", "uid='".$mybb->user['uid']."' AND tid IN(".$db->escape_string($tids).")"); 770 while($post = $db->fetch_array($query)) 771 { 772 $dot_icon[$post['tid']] = true; 773 } 774 } 775 776 $query = $db->query(" 777 SELECT p.*, u.username AS userusername, t.subject AS thread_subject, t.replies AS thread_replies, t.views AS thread_views, t.lastpost AS thread_lastpost, t.closed AS thread_closed, t.uid as thread_uid 778 FROM ".TABLE_PREFIX."posts p 779 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) 780 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid) 781 WHERE p.pid IN (".$db->escape_string($search['posts']).") 782 ORDER BY $sortfield $order 783 LIMIT $start, $perpage 784 "); 785 while($post = $db->fetch_array($query)) 786 { 787 $bgcolor = alt_trow(); 788 if(!$post['visible']) 789 { 790 $bgcolor = 'trow_shaded'; 791 } 792 if($post['userusername']) 793 { 794 $post['username'] = $post['userusername']; 795 } 796 $post['profilelink'] = build_profile_link($post['username'], $post['uid']); 797 $post['subject'] = $parser->parse_badwords($post['subject']); 798 $post['thread_subject'] = $parser->parse_badwords($post['thread_subject']); 799 $post['thread_subject'] = htmlspecialchars_uni($post['thread_subject']); 800 801 if($icon_cache[$post['icon']]) 802 { 803 $posticon = $icon_cache[$post['icon']]; 804 $icon = "<img src=\"".$posticon['path']."\" alt=\"".$posticon['name']."\" />"; 805 } 806 else 807 { 808 $icon = " "; 809 } 810 811 if($forumcache[$thread['fid']]) 812 { 813 $post['forumlink'] = "<a href=\"".get_forum_link($post['fid'])."\">".$forumcache[$post['fid']]['name']."</a>"; 814 } 815 else 816 { 817 $post['forumlink'] = ""; 818 } 819 // Determine the folder 820 $folder = ''; 821 $folder_label = ''; 822 $gotounread = ''; 823 $isnew = 0; 824 $donenew = 0; 825 $last_read = 0; 826 $post['thread_lastread'] = $readthreads[$post['tid']]; 827 828 if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid']) 829 { 830 $forum_read = $readforums[$post['fid']]; 831 832 $read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; 833 if($forum_read == 0 || $forum_read < $read_cutoff) 834 { 835 $forum_read = $read_cutoff; 836 } 837 } 838 else 839 { 840 $forum_read = $forumsread[$post['fid']]; 841 } 842 843 if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid'] && $post['thread_lastpost'] > $forum_read) 844 { 845 $cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; 846 if($post['thread_lastpost'] > $cutoff) 847 { 848 if($post['thread_lastread']) 849 { 850 $last_read = $post['thread_lastread']; 851 } 852 else 853 { 854 $last_read = 1; 855 } 856 } 857 } 858 859 if($dot_icon[$post['tid']]) 860 { 861 $folder = "dot_"; 862 $folder_label .= $lang->icon_dot; 863 } 864 865 if(!$last_read) 866 { 867 $readcookie = $threadread = my_get_array_cookie("threadread", $post['tid']); 868 if($readcookie > $forum_read) 869 { 870 $last_read = $readcookie; 871 } 872 elseif($forum_read > $mybb->user['lastvisit']) 873 { 874 $last_read = $forum_read; 875 } 876 else 877 { 878 $last_read = $mybb->user['lastvisit']; 879 } 880 } 881 882 if($post['thread_lastpost'] > $last_read && $last_read) 883 { 884 $folder .= "new"; 885 $folder_label .= $lang->icon_new; 886 eval("\$gotounread = \"".$templates->get("forumdisplay_thread_gotounread")."\";"); 887 $unreadpost = 1; 888 } 889 else 890 { 891 $folder_label .= $lang->icon_no_new; 892 } 893 894 if($post['thread_replies'] >= $mybb->settings['hottopic'] || $post['thread_views'] >= $mybb->settings['hottopicviews']) 895 { 896 $folder .= "hot"; 897 $folder_label .= $lang->icon_hot; 898 } 899 if($post['thread_closed'] == 1) 900 { 901 $folder .= "lock"; 902 $folder_label .= $lang->icon_lock; 903 } 904 $folder .= "folder"; 905 906 $post['thread_replies'] = my_number_format($post['thread_replies']); 907 $post['thread_views'] = my_number_format($post['thread_views']); 908 909 if($forumcache[$post['fid']]) 910 { 911 $post['forumlink'] = "<a href=\"".get_forum_link($post['fid'])."\">".$forumcache[$post['fid']]['name']."</a>"; 912 } 913 else 914 { 915 $post['forumlink'] = ""; 916 } 917 918 if(!$post['subject']) 919 { 920 $post['subject'] = $post['message']; 921 } 922 if(my_strlen($post['subject']) > 50) 923 { 924 $post['subject'] = htmlspecialchars_uni(my_substr($post['subject'], 0, 50)."..."); 925 } 926 else 927 { 928 $post['subject'] = htmlspecialchars_uni($post['subject']); 929 } 930 // What we do here is parse the post using our post parser, then strip the tags from it 931 $parser_options = array( 932 'allow_html' => 0, 933 'allow_mycode' => 1, 934 'allow_smilies' => 0, 935 'allow_imgcode' => 0, 936 'filter_badwords' => 1 937 ); 938 $post['message'] = strip_tags($parser->parse_message($post['message'], $parser_options)); 939 if(my_strlen($post['message']) > 200) 940 { 941 $prev = my_substr($post['message'], 0, 200)."..."; 942 } 943 else 944 { 945 $prev = $post['message']; 946 } 947 $posted = my_date($mybb->settings['dateformat'], $post['dateline']).", ".my_date($mybb->settings['timeformat'], $post['dateline']); 948 949 $thread_url = get_thread_link($post['tid']); 950 $post_url = get_post_link($post['pid'], $post['tid']); 951 952 // Inline post moderation 953 $inline_mod_checkbox = ''; 954 if($is_supermod || is_moderator($post['fid'])) 955 { 956 eval("\$inline_mod_checkbox = \"".$templates->get("search_results_posts_inlinecheck")."\";"); 957 } 958 elseif($is_mod) 959 { 960 eval("\$inline_mod_checkbox = \"".$templates->get("search_results_posts_nocheck")."\";"); 961 } 962 963 $plugins->run_hooks("search_results_post"); 964 eval("\$results .= \"".$templates->get("search_results_posts_post")."\";"); 965 } 966 if(!$results) 967 { 968 error($lang->error_nosearchresults); 969 } 970 $multipage = multipage($postcount, $perpage, $page, "search.php?action=results&sid=".htmlspecialchars_uni($mybb->input['sid'])."&sortby=$sortby&order=$order&uid=".$mybb->input['uid']); 971 if($upper > $postcount) 972 { 973 $upper = $postcount; 974 } 975 976 // Inline Post Moderation Options 977 if($is_mod) 978 { 979 // If user has moderation tools available, prepare the Select All feature 980 $num_results = $db->num_rows($query); 981 $lang->page_selected = $lang->sprintf($lang->page_selected, intval($num_results)); 982 $lang->select_all = $lang->sprintf($lang->select_all, intval($postcount)); 983 $lang->all_selected = $lang->sprintf($lang->all_selected, intval($postcount)); 984 eval("\$selectall = \"".$templates->get("search_posts_inlinemoderation_selectall")."\";"); 985 986 $customthreadtools = $customposttools = ''; 987 switch($db->type) 988 { 989 case "pgsql": 990 case "sqlite": 991 $query = $db->simple_select("modtools", "tid, name, type", "type='p' AND (','||forums||',' LIKE '%,-1,%' OR forums='')"); 992 break; 993 default: 994 $query = $db->simple_select("modtools", "tid, name, type", "type='p' AND (CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='')"); 995 } 996 997 while($tool = $db->fetch_array($query)) 998 { 999 eval("\$customposttools .= \"".$templates->get("search_results_posts_inlinemoderation_custom_tool")."\";"); 1000 } 1001 // Build inline moderation dropdown 1002 if(!empty($customposttools)) 1003 { 1004 eval("\$customposttools = \"".$templates->get("search_results_posts_inlinemoderation_custom")."\";"); 1005 } 1006 eval("\$inlinemod = \"".$templates->get("search_results_posts_inlinemoderation")."\";"); 1007 } 1008 1009 $plugins->run_hooks("search_results_end"); 1010 1011 eval("\$searchresults = \"".$templates->get("search_results_posts")."\";"); 1012 output_page($searchresults); 1013 } 1014 } 1015 elseif($mybb->input['action'] == "findguest") 1016 { 1017 $where_sql = "uid='0'"; 1018 1019 $unsearchforums = get_unsearchable_forums(); 1020 if($unsearchforums) 1021 { 1022 $where_sql .= " AND fid NOT IN ($unsearchforums)"; 1023 } 1024 $inactiveforums = get_inactive_forums(); 1025 if($inactiveforums) 1026 { 1027 $where_sql .= " AND fid NOT IN ($inactiveforums)"; 1028 } 1029 1030 $permsql = ""; 1031 $onlyusfids = array(); 1032 1033 // Check group permissions if we can't view threads not started by us 1034 $group_permissions = forum_permissions(); 1035 foreach($group_permissions as $fid => $forum_permissions) 1036 { 1037 if($forum_permissions['canonlyviewownthreads'] == 1) 1038 { 1039 $onlyusfids[] = $fid; 1040 } 1041 } 1042 if(!empty($onlyusfids)) 1043 { 1044 $where_sql .= " AND fid NOT IN(".implode(',', $onlyusfids).")"; 1045 } 1046 1047 $options = array( 1048 'order_by' => 'dateline', 1049 'order_dir' => 'desc' 1050 ); 1051 1052 // Do we have a hard search limit? 1053 if($mybb->settings['searchhardlimit'] > 0) 1054 { 1055 $options['limit'] = intval($mybb->settings['searchhardlimit']); 1056 } 1057 1058 $pids = ''; 1059 $comma = ''; 1060 $query = $db->simple_select("posts", "pid", "{$where_sql}", $options); 1061 while($pid = $db->fetch_field($query, "pid")) 1062 { 1063 $pids .= $comma.$pid; 1064 $comma = ','; 1065 } 1066 1067 $tids = ''; 1068 $comma = ''; 1069 $query = $db->simple_select("threads", "tid", $where_sql); 1070 while($tid = $db->fetch_field($query, "tid")) 1071 { 1072 $tids .= $comma.$tid; 1073 $comma = ','; 1074 } 1075 1076 $sid = md5(uniqid(microtime(), 1)); 1077 $searcharray = array( 1078 "sid" => $db->escape_string($sid), 1079 "uid" => $mybb->user['uid'], 1080 "dateline" => TIME_NOW, 1081 "ipaddress" => $db->escape_string($session->ipaddress), 1082 "threads" => $db->escape_string($tids), 1083 "posts" => $db->escape_string($pids), 1084 "resulttype" => "posts", 1085 "querycache" => '', 1086 "keywords" => '' 1087 ); 1088 $plugins->run_hooks("search_do_search_process"); 1089 $db->insert_query("searchlog", $searcharray); 1090 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1091 } 1092 elseif($mybb->input['action'] == "finduser") 1093 { 1094 $where_sql = "uid='".intval($mybb->input['uid'])."'"; 1095 1096 $unsearchforums = get_unsearchable_forums(); 1097 if($unsearchforums) 1098 { 1099 $where_sql .= " AND fid NOT IN ($unsearchforums)"; 1100 } 1101 $inactiveforums = get_inactive_forums(); 1102 if($inactiveforums) 1103 { 1104 $where_sql .= " AND fid NOT IN ($inactiveforums)"; 1105 } 1106 1107 $permsql = ""; 1108 $onlyusfids = array(); 1109 1110 // Check group permissions if we can't view threads not started by us 1111 $group_permissions = forum_permissions(); 1112 foreach($group_permissions as $fid => $forum_permissions) 1113 { 1114 if($forum_permissions['canonlyviewownthreads'] == 1) 1115 { 1116 $onlyusfids[] = $fid; 1117 } 1118 } 1119 if(!empty($onlyusfids)) 1120 { 1121 $where_sql .= "AND ((fid IN(".implode(',', $onlyusfids).") AND uid='{$mybb->user['uid']}') OR fid NOT IN(".implode(',', $onlyusfids)."))"; 1122 } 1123 1124 $options = array( 1125 'order_by' => 'dateline', 1126 'order_dir' => 'desc' 1127 ); 1128 1129 // Do we have a hard search limit? 1130 if($mybb->settings['searchhardlimit'] > 0) 1131 { 1132 $options['limit'] = intval($mybb->settings['searchhardlimit']); 1133 } 1134 1135 $pids = ''; 1136 $comma = ''; 1137 $query = $db->simple_select("posts", "pid", "{$where_sql}", $options); 1138 while($pid = $db->fetch_field($query, "pid")) 1139 { 1140 $pids .= $comma.$pid; 1141 $comma = ','; 1142 } 1143 1144 $tids = ''; 1145 $comma = ''; 1146 $query = $db->simple_select("threads", "tid", $where_sql); 1147 while($tid = $db->fetch_field($query, "tid")) 1148 { 1149 $tids .= $comma.$tid; 1150 $comma = ','; 1151 } 1152 1153 $sid = md5(uniqid(microtime(), 1)); 1154 $searcharray = array( 1155 "sid" => $db->escape_string($sid), 1156 "uid" => $mybb->user['uid'], 1157 "dateline" => TIME_NOW, 1158 "ipaddress" => $db->escape_string($session->ipaddress), 1159 "threads" => $db->escape_string($tids), 1160 "posts" => $db->escape_string($pids), 1161 "resulttype" => "posts", 1162 "querycache" => '', 1163 "keywords" => '' 1164 ); 1165 $plugins->run_hooks("search_do_search_process"); 1166 $db->insert_query("searchlog", $searcharray); 1167 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1168 } 1169 elseif($mybb->input['action'] == "finduserthreads") 1170 { 1171 $where_sql = "t.uid='".intval($mybb->input['uid'])."'"; 1172 1173 $unsearchforums = get_unsearchable_forums(); 1174 if($unsearchforums) 1175 { 1176 $where_sql .= " AND t.fid NOT IN ($unsearchforums)"; 1177 } 1178 $inactiveforums = get_inactive_forums(); 1179 if($inactiveforums) 1180 { 1181 $where_sql .= " AND t.fid NOT IN ($inactiveforums)"; 1182 } 1183 1184 $permsql = ""; 1185 $onlyusfids = array(); 1186 1187 // Check group permissions if we can't view threads not started by us 1188 $group_permissions = forum_permissions(); 1189 foreach($group_permissions as $fid => $forum_permissions) 1190 { 1191 if($forum_permissions['canonlyviewownthreads'] == 1) 1192 { 1193 $onlyusfids[] = $fid; 1194 } 1195 } 1196 if(!empty($onlyusfids)) 1197 { 1198 $where_sql .= "AND ((t.fid IN(".implode(',', $onlyusfids).") AND t.uid='{$mybb->user['uid']}') OR t.fid NOT IN(".implode(',', $onlyusfids)."))"; 1199 } 1200 1201 $sid = md5(uniqid(microtime(), 1)); 1202 $searcharray = array( 1203 "sid" => $db->escape_string($sid), 1204 "uid" => $mybb->user['uid'], 1205 "dateline" => TIME_NOW, 1206 "ipaddress" => $db->escape_string($session->ipaddress), 1207 "threads" => '', 1208 "posts" => '', 1209 "resulttype" => "threads", 1210 "querycache" => $db->escape_string($where_sql), 1211 "keywords" => '' 1212 ); 1213 $plugins->run_hooks("search_do_search_process"); 1214 $db->insert_query("searchlog", $searcharray); 1215 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1216 } 1217 elseif($mybb->input['action'] == "getnew") 1218 { 1219 1220 $where_sql = "t.lastpost >= '".intval($mybb->user['lastvisit'])."'"; 1221 1222 if($mybb->input['fid']) 1223 { 1224 $where_sql .= " AND t.fid='".intval($mybb->input['fid'])."'"; 1225 } 1226 else if($mybb->input['fids']) 1227 { 1228 $fids = explode(',', $mybb->input['fids']); 1229 foreach($fids as $key => $fid) 1230 { 1231 $fids[$key] = intval($fid); 1232 } 1233 1234 if(!empty($fids)) 1235 { 1236 $where_sql .= " AND t.fid IN (".implode(',', $fids).")"; 1237 } 1238 } 1239 1240 $unsearchforums = get_unsearchable_forums(); 1241 if($unsearchforums) 1242 { 1243 $where_sql .= " AND t.fid NOT IN ($unsearchforums)"; 1244 } 1245 $inactiveforums = get_inactive_forums(); 1246 if($inactiveforums) 1247 { 1248 $where_sql .= " AND t.fid NOT IN ($inactiveforums)"; 1249 } 1250 1251 $permsql = ""; 1252 $onlyusfids = array(); 1253 1254 // Check group permissions if we can't view threads not started by us 1255 $group_permissions = forum_permissions(); 1256 foreach($group_permissions as $fid => $forum_permissions) 1257 { 1258 if($forum_permissions['canonlyviewownthreads'] == 1) 1259 { 1260 $onlyusfids[] = $fid; 1261 } 1262 } 1263 if(!empty($onlyusfids)) 1264 { 1265 $where_sql .= "AND ((t.fid IN(".implode(',', $onlyusfids).") AND t.uid='{$mybb->user['uid']}') OR t.fid NOT IN(".implode(',', $onlyusfids)."))"; 1266 } 1267 1268 $sid = md5(uniqid(microtime(), 1)); 1269 $searcharray = array( 1270 "sid" => $db->escape_string($sid), 1271 "uid" => $mybb->user['uid'], 1272 "dateline" => TIME_NOW, 1273 "ipaddress" => $db->escape_string($session->ipaddress), 1274 "threads" => '', 1275 "posts" => '', 1276 "resulttype" => "threads", 1277 "querycache" => $db->escape_string($where_sql), 1278 "keywords" => '' 1279 ); 1280 1281 $plugins->run_hooks("search_do_search_process"); 1282 $db->insert_query("searchlog", $searcharray); 1283 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1284 } 1285 elseif($mybb->input['action'] == "getdaily") 1286 { 1287 if($mybb->input['days'] < 1) 1288 { 1289 $days = 1; 1290 } 1291 else 1292 { 1293 $days = intval($mybb->input['days']); 1294 } 1295 $datecut = TIME_NOW-(86400*$days); 1296 1297 $where_sql = "t.lastpost >='".$datecut."'"; 1298 1299 if($mybb->input['fid']) 1300 { 1301 $where_sql .= " AND t.fid='".intval($mybb->input['fid'])."'"; 1302 } 1303 else if($mybb->input['fids']) 1304 { 1305 $fids = explode(',', $mybb->input['fids']); 1306 foreach($fids as $key => $fid) 1307 { 1308 $fids[$key] = intval($fid); 1309 } 1310 1311 if(!empty($fids)) 1312 { 1313 $where_sql .= " AND t.fid IN (".implode(',', $fids).")"; 1314 } 1315 } 1316 1317 $unsearchforums = get_unsearchable_forums(); 1318 if($unsearchforums) 1319 { 1320 $where_sql .= " AND t.fid NOT IN ($unsearchforums)"; 1321 } 1322 $inactiveforums = get_inactive_forums(); 1323 if($inactiveforums) 1324 { 1325 $where_sql .= " AND t.fid NOT IN ($inactiveforums)"; 1326 } 1327 1328 $permsql = ""; 1329 $onlyusfids = array(); 1330 1331 // Check group permissions if we can't view threads not started by us 1332 $group_permissions = forum_permissions(); 1333 foreach($group_permissions as $fid => $forum_permissions) 1334 { 1335 if($forum_permissions['canonlyviewownthreads'] == 1) 1336 { 1337 $onlyusfids[] = $fid; 1338 } 1339 } 1340 if(!empty($onlyusfids)) 1341 { 1342 $where_sql .= "AND ((t.fid IN(".implode(',', $onlyusfids).") AND t.uid='{$mybb->user['uid']}') OR t.fid NOT IN(".implode(',', $onlyusfids)."))"; 1343 } 1344 1345 $sid = md5(uniqid(microtime(), 1)); 1346 $searcharray = array( 1347 "sid" => $db->escape_string($sid), 1348 "uid" => $mybb->user['uid'], 1349 "dateline" => TIME_NOW, 1350 "ipaddress" => $db->escape_string($session->ipaddress), 1351 "threads" => '', 1352 "posts" => '', 1353 "resulttype" => "threads", 1354 "querycache" => $db->escape_string($where_sql), 1355 "keywords" => '' 1356 ); 1357 1358 $plugins->run_hooks("search_do_search_process"); 1359 $db->insert_query("searchlog", $searcharray); 1360 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1361 } 1362 elseif($mybb->input['action'] == "do_search" && $mybb->request_method == "post") 1363 { 1364 $plugins->run_hooks("search_do_search_start"); 1365 1366 // Check if search flood checking is enabled and user is not admin 1367 if($mybb->settings['searchfloodtime'] > 0 && $mybb->usergroup['cancp'] != 1) 1368 { 1369 // Fetch the time this user last searched 1370 if($mybb->user['uid']) 1371 { 1372 $conditions = "uid='{$mybb->user['uid']}'"; 1373 } 1374 else 1375 { 1376 $conditions = "uid='0' AND ipaddress='".$db->escape_string($session->ipaddress)."'"; 1377 } 1378 $timecut = TIME_NOW-$mybb->settings['searchfloodtime']; 1379 $query = $db->simple_select("searchlog", "*", "$conditions AND dateline > '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC")); 1380 $last_search = $db->fetch_array($query); 1381 // Users last search was within the flood time, show the error 1382 if($last_search['sid']) 1383 { 1384 $remaining_time = $mybb->settings['searchfloodtime']-(TIME_NOW-$last_search['dateline']); 1385 if($remaining_time == 1) 1386 { 1387 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding_1, $mybb->settings['searchfloodtime']); 1388 } 1389 else 1390 { 1391 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time); 1392 } 1393 error($lang->error_searchflooding); 1394 } 1395 } 1396 if($mybb->input['showresults'] == "threads") 1397 { 1398 $resulttype = "threads"; 1399 } 1400 else 1401 { 1402 $resulttype = "posts"; 1403 } 1404 1405 $search_data = array( 1406 "keywords" => $mybb->input['keywords'], 1407 "author" => $mybb->input['author'], 1408 "postthread" => $mybb->input['postthread'], 1409 "matchusername" => $mybb->input['matchusername'], 1410 "postdate" => $mybb->input['postdate'], 1411 "pddir" => $mybb->input['pddir'], 1412 "forums" => $mybb->input['forums'], 1413 "findthreadst" => $mybb->input['findthreadst'], 1414 "numreplies" => $mybb->input['numreplies'], 1415 "threadprefix" => $mybb->input['threadprefix'] 1416 ); 1417 1418 if(is_moderator() && !empty($mybb->input['visible'])) 1419 { 1420 if($mybb->input['visible'] == 1) 1421 { 1422 $search_data['visible'] = 1; 1423 } 1424 else 1425 { 1426 $search_data['visible'] = 0; 1427 } 1428 } 1429 1430 if($db->can_search == true) 1431 { 1432 if($mybb->settings['searchtype'] == "fulltext" && $db->supports_fulltext_boolean("posts") && $db->is_fulltext("posts")) 1433 { 1434 $search_results = perform_search_mysql_ft($search_data); 1435 } 1436 else 1437 { 1438 $search_results = perform_search_mysql($search_data); 1439 } 1440 } 1441 else 1442 { 1443 error($lang->error_no_search_support); 1444 } 1445 $sid = md5(uniqid(microtime(), 1)); 1446 $searcharray = array( 1447 "sid" => $db->escape_string($sid), 1448 "uid" => $mybb->user['uid'], 1449 "dateline" => $now, 1450 "ipaddress" => $db->escape_string($session->ipaddress), 1451 "threads" => $search_results['threads'], 1452 "posts" => $search_results['posts'], 1453 "resulttype" => $resulttype, 1454 "querycache" => $search_results['querycache'], 1455 "keywords" => $db->escape_string($mybb->input['keywords']), 1456 ); 1457 $plugins->run_hooks("search_do_search_process"); 1458 1459 $db->insert_query("searchlog", $searcharray); 1460 1461 if(my_strtolower($mybb->input['sortordr']) == "asc" || my_strtolower($mybb->input['sortordr'] == "desc")) 1462 { 1463 $sortorder = $mybb->input['sortordr']; 1464 } 1465 else 1466 { 1467 $sortorder = "desc"; 1468 } 1469 $sortby = htmlspecialchars_uni($mybb->input['sortby']); 1470 $plugins->run_hooks("search_do_search_end"); 1471 redirect("search.php?action=results&sid=".$sid."&sortby=".$sortby."&order=".$sortorder, $lang->redirect_searchresults); 1472 } 1473 else if($mybb->input['action'] == "thread") 1474 { 1475 // Fetch thread info 1476 $thread = get_thread($mybb->input['tid']); 1477 if(!$thread['tid'] || (($thread['visible'] == 0 && !is_moderator($thread['fid'])) || $thread['visible'] < 0)) 1478 { 1479 error($lang->error_invalidthread); 1480 } 1481 1482 // Get forum info 1483 $forum = get_forum($thread['fid']); 1484 if(!$forum) 1485 { 1486 error($lang->error_invalidforum); 1487 } 1488 1489 $forum_permissions = forum_permissions($forum['fid']); 1490 1491 if($forum['open'] == 0 || $forum['type'] != "f") 1492 { 1493 error($lang->error_closedinvalidforum); 1494 } 1495 if($forum_permissions['canview'] == 0 || $forum_permissions['canviewthreads'] != 1 || (isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'])) 1496 { 1497 error_no_permission(); 1498 } 1499 1500 $plugins->run_hooks("search_thread_start"); 1501 1502 // Check if search flood checking is enabled and user is not admin 1503 if($mybb->settings['searchfloodtime'] > 0 && $mybb->usergroup['cancp'] != 1) 1504 { 1505 // Fetch the time this user last searched 1506 if($mybb->user['uid']) 1507 { 1508 $conditions = "uid='{$mybb->user['uid']}'"; 1509 } 1510 else 1511 { 1512 $conditions = "uid='0' AND ipaddress='".$db->escape_string($session->ipaddress)."'"; 1513 } 1514 $timecut = TIME_NOW-$mybb->settings['searchfloodtime']; 1515 $query = $db->simple_select("searchlog", "*", "$conditions AND dateline > '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC")); 1516 $last_search = $db->fetch_array($query); 1517 1518 // We shouldn't show remaining time if time is 0 or under. 1519 $remaining_time = $mybb->settings['searchfloodtime']-(TIME_NOW-$last_search['dateline']); 1520 // Users last search was within the flood time, show the error. 1521 if($last_search['sid'] && $remaining_time > 0) 1522 { 1523 if($remaining_time == 1) 1524 { 1525 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding_1, $mybb->settings['searchfloodtime']); 1526 } 1527 else 1528 { 1529 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time); 1530 } 1531 error($lang->error_searchflooding); 1532 } 1533 } 1534 1535 $search_data = array( 1536 "keywords" => $mybb->input['keywords'], 1537 "postthread" => 1, 1538 "tid" => $mybb->input['tid'] 1539 ); 1540 1541 if($db->can_search == true) 1542 { 1543 if($mybb->settings['searchtype'] == "fulltext" && $db->supports_fulltext_boolean("posts") && $db->is_fulltext("posts")) 1544 { 1545 $search_results = perform_search_mysql_ft($search_data); 1546 } 1547 else 1548 { 1549 $search_results = perform_search_mysql($search_data); 1550 } 1551 } 1552 else 1553 { 1554 error($lang->error_no_search_support); 1555 } 1556 $sid = md5(uniqid(microtime(), 1)); 1557 $searcharray = array( 1558 "sid" => $db->escape_string($sid), 1559 "uid" => $mybb->user['uid'], 1560 "dateline" => $now, 1561 "ipaddress" => $db->escape_string($session->ipaddress), 1562 "threads" => $search_results['threads'], 1563 "posts" => $search_results['posts'], 1564 "resulttype" => 'posts', 1565 "querycache" => $search_results['querycache'], 1566 "keywords" => $db->escape_string($mybb->input['keywords']) 1567 ); 1568 $plugins->run_hooks("search_thread_process"); 1569 1570 $db->insert_query("searchlog", $searcharray); 1571 1572 $plugins->run_hooks("search_do_search_end"); 1573 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1574 } 1575 else 1576 { 1577 $plugins->run_hooks("search_start"); 1578 $srchlist = make_searchable_forums("", $fid); 1579 $prefixselect = build_prefix_select('all', 'any', 1); 1580 1581 $rowspan = 5; 1582 1583 if(is_moderator()) 1584 { 1585 $rowspan += 2; 1586 eval("\$moderator_options = \"".$templates->get("search_moderator_options")."\";"); 1587 } 1588 1589 $plugins->run_hooks("search_end"); 1590 1591 eval("\$search = \"".$templates->get("search")."\";"); 1592 output_page($search); 1593 } 1594 1595 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Tue Oct 8 19:19:50 2013 | Cross-referenced by PHPXref 0.7.1 |