| [ Index ] |
PHP Cross Reference of MyBB 1.8.40 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11 define("IN_MYBB", 1); 12 define("IGNORE_CLEAN_VARS", "sid"); 13 define('THIS_SCRIPT', 'search.php'); 14 15 $templatelist = "search,forumdisplay_thread_gotounread,search_results_threads_thread,search_results_threads,search_results_posts,search_results_posts_post,search_results_icon,search_forumlist_forum,search_forumlist"; 16 $templatelist .= ",multipage,multipage_breadcrumb,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,multipage_start"; 17 $templatelist .= ",search_results_posts_inlinecheck,search_results_posts_nocheck,search_results_threads_inlinecheck,search_results_threads_nocheck,search_results_inlinemodcol,search_results_inlinemodcol_empty,search_results_posts_inlinemoderation_custom_tool"; 18 $templatelist .= ",search_results_posts_inlinemoderation_custom,search_results_posts_inlinemoderation,search_results_threads_inlinemoderation_custom_tool,search_results_threads_inlinemoderation_custom,search_results_threads_inlinemoderation"; 19 $templatelist .= ",forumdisplay_thread_attachment_count,search_threads_inlinemoderation_selectall,search_posts_inlinemoderation_selectall,post_prefixselect_prefix,post_prefixselect_multiple,search_orderarrow"; 20 $templatelist .= ",search_results_posts_forumlink,search_results_threads_forumlink,forumdisplay_thread_multipage_more,forumdisplay_thread_multipage_page,forumdisplay_thread_multipage,search_moderator_options"; 21 22 require_once "./global.php"; 23 require_once MYBB_ROOT."inc/functions_post.php"; 24 require_once MYBB_ROOT."inc/functions_search.php"; 25 require_once MYBB_ROOT."inc/class_parser.php"; 26 $parser = new postParser; 27 28 // Load global language phrases 29 $lang->load("search"); 30 31 add_breadcrumb($lang->nav_search, "search.php"); 32 33 $mybb->input['action'] = $mybb->get_input('action'); 34 switch($mybb->input['action']) 35 { 36 case "results": 37 add_breadcrumb($lang->nav_results); 38 break; 39 default: 40 break; 41 } 42 43 if($mybb->usergroup['cansearch'] == 0) 44 { 45 error_no_permission(); 46 } 47 48 $now = TIME_NOW; 49 $mybb->input['keywords'] = trim($mybb->get_input('keywords')); 50 51 $limitsql = ""; 52 if((int)$mybb->settings['searchhardlimit'] > 0) 53 { 54 $limitsql = "LIMIT ".(int)$mybb->settings['searchhardlimit']; 55 } 56 57 if($mybb->input['action'] == "results") 58 { 59 $sid = $db->escape_string($mybb->get_input('sid')); 60 $query = $db->simple_select("searchlog", "*", "sid='$sid'"); 61 $search = $db->fetch_array($query); 62 63 if(!$search) 64 { 65 error($lang->error_invalidsearch); 66 } 67 68 $plugins->run_hooks("search_results_start"); 69 70 // Decide on our sorting fields and sorting order. 71 $order = my_strtolower(htmlspecialchars_uni($mybb->get_input('order'))); 72 $sortby = my_strtolower(htmlspecialchars_uni($mybb->get_input('sortby'))); 73 74 switch($sortby) 75 { 76 case "replies": 77 $sortfield = "t.replies"; 78 break; 79 case "views": 80 $sortfield = "t.views"; 81 break; 82 case "subject": 83 if($search['resulttype'] == "threads") 84 { 85 $sortfield = "t.subject"; 86 } 87 else 88 { 89 $sortfield = "p.subject"; 90 } 91 break; 92 case "forum": 93 $sortfield = "f.name"; 94 break; 95 case "starter": 96 if($search['resulttype'] == "threads") 97 { 98 $sortfield = "t.username"; 99 } 100 else 101 { 102 $sortfield = "p.username"; 103 } 104 break; 105 case "lastpost": 106 default: 107 if(isset($search['resulttype']) && $search['resulttype'] == "threads") 108 { 109 $sortfield = "t.lastpost"; 110 $sortby = "lastpost"; 111 } 112 else 113 { 114 $sortfield = "p.dateline"; 115 $sortby = "dateline"; 116 } 117 break; 118 } 119 120 if($order != "asc") 121 { 122 $order = "desc"; 123 $oppsortnext = "asc"; 124 $oppsort = $lang->asc; 125 } 126 else 127 { 128 $oppsortnext = "desc"; 129 $oppsort = $lang->desc; 130 } 131 132 if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1) 133 { 134 $mybb->settings['threadsperpage'] = 20; 135 } 136 137 // Work out pagination, which page we're at, as well as the limits. 138 $perpage = $mybb->settings['threadsperpage']; 139 $page = $mybb->get_input('page'); 140 if($page > 0) 141 { 142 $start = ($page-1) * $perpage; 143 } 144 else 145 { 146 $start = 0; 147 $page = 1; 148 } 149 $end = $start + $perpage; 150 $lower = $start+1; 151 $upper = $end; 152 153 // Work out if we have terms to highlight 154 $highlight = ""; 155 if(!empty($search['keywords'])) 156 { 157 if($mybb->seo_support == true) 158 { 159 $highlight = "?highlight=".urlencode($search['keywords']); 160 } 161 else 162 { 163 $highlight = "&highlight=".urlencode($search['keywords']); 164 } 165 } 166 167 $sorturl = "search.php?action=results&sid={$sid}"; 168 $thread_url = ""; 169 $post_url = ""; 170 171 $orderarrow = array('replies' => '', 'views' => '', 'subject' => '', 'forum' => '', 'starter' => '', 'lastpost' => '', 'dateline' => ''); 172 173 eval("\$orderarrow['$sortby'] = \"".$templates->get("search_orderarrow")."\";"); 174 175 // Read some caches we will be using 176 $forumcache = $cache->read("forums"); 177 178 $icon_cache = array(); 179 180 if($mybb->settings['allowposticons'] == 1) 181 { 182 $icon_cache = (array)$cache->read("posticons"); 183 } 184 185 $threads = array(); 186 187 if($mybb->user['uid'] == 0) 188 { 189 // Build a forum cache. 190 $query = $db->query(" 191 SELECT fid 192 FROM ".TABLE_PREFIX."forums 193 WHERE active != 0 194 ORDER BY pid, disporder 195 "); 196 197 if(isset($mybb->cookies['mybb']['forumread'])) 198 { 199 $forumsread = my_unserialize($mybb->cookies['mybb']['forumread'], false); 200 } 201 else 202 { 203 $forumsread = array(); 204 } 205 } 206 else 207 { 208 // Build a forum cache. 209 $query = $db->query(" 210 SELECT f.fid, fr.dateline AS lastread 211 FROM ".TABLE_PREFIX."forums f 212 LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}') 213 WHERE f.active != 0 214 ORDER BY pid, disporder 215 "); 216 } 217 218 while($forum = $db->fetch_array($query)) 219 { 220 if($mybb->user['uid'] == 0) 221 { 222 if(!empty($forumsread[$forum['fid']])) 223 { 224 $forum['lastread'] = $forumsread[$forum['fid']]; 225 } 226 } 227 228 if(isset($forum['lastread'])) 229 { 230 $readforums[$forum['fid']] = $forum['lastread']; 231 } 232 else 233 { 234 $readforums[$forum['fid']] = ''; 235 } 236 } 237 $fpermissions = forum_permissions(); 238 239 // Inline Mod Column for moderators 240 $inlinemodcol = $inlinecookie = $inline_edit_js = ''; 241 $is_mod = $is_supermod = $show_inline_moderation = false; 242 if($mybb->usergroup['issupermod']) 243 { 244 $is_supermod = true; 245 } 246 if($is_supermod || is_moderator()) 247 { 248 $inlinecookie = "inlinemod_search".$sid; 249 $inlinecount = 0; 250 $is_mod = true; 251 $return_url = 'search.php?'.htmlspecialchars_uni($_SERVER['QUERY_STRING']); 252 } 253 254 // Show search results as 'threads' 255 if(isset($search['resulttype']) && $search['resulttype'] == "threads") 256 { 257 $threadcount = 0; 258 259 // Moderators can view unapproved threads and deleted threads from forums they moderate 260 $unapproved_where_t = get_visible_where('t'); 261 262 // If we have saved WHERE conditions, execute them 263 if($search['querycache'] != "") 264 { 265 $where_conditions = $search['querycache']; 266 $query = $db->simple_select("threads t", "t.tid", $where_conditions. " AND ({$unapproved_where_t}) AND t.closed NOT LIKE 'moved|%' ORDER BY t.lastpost DESC {$limitsql}"); 267 while($thread = $db->fetch_array($query)) 268 { 269 $threads[$thread['tid']] = $thread['tid']; 270 $threadcount++; 271 } 272 // Build our list of threads. 273 if($threadcount > 0) 274 { 275 $search['threads'] = implode(",", $threads); 276 } 277 // No results. 278 else 279 { 280 error($lang->error_nosearchresults); 281 } 282 $where_conditions = "t.tid IN (".$search['threads'].")"; 283 } 284 // This search doesn't use a query cache, results stored in search table. 285 else 286 { 287 $where_conditions = "t.tid IN (".$search['threads'].")"; 288 $query = $db->simple_select("threads t", "COUNT(t.tid) AS resultcount", $where_conditions. " AND ({$unapproved_where_t}) AND t.closed NOT LIKE 'moved|%' {$limitsql}"); 289 $count = $db->fetch_array($query); 290 291 if(!$count['resultcount']) 292 { 293 error($lang->error_nosearchresults); 294 } 295 $threadcount = $count['resultcount']; 296 } 297 298 $permsql = ""; 299 $onlyusfids = array(); 300 301 // Check group permissions if we can't view threads not started by us 302 $group_permissions = forum_permissions(); 303 foreach($group_permissions as $fid => $forum_permissions) 304 { 305 if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) 306 { 307 $onlyusfids[] = $fid; 308 } 309 } 310 if(!empty($onlyusfids)) 311 { 312 $permsql .= "AND ((t.fid IN(".implode(',', $onlyusfids).") AND t.uid='{$mybb->user['uid']}') OR t.fid NOT IN(".implode(',', $onlyusfids)."))"; 313 } 314 315 $unsearchforums = get_unsearchable_forums(); 316 if($unsearchforums) 317 { 318 $permsql .= " AND t.fid NOT IN ($unsearchforums)"; 319 } 320 $inactiveforums = get_inactive_forums(); 321 if($inactiveforums) 322 { 323 $permsql .= " AND t.fid NOT IN ($inactiveforums)"; 324 } 325 326 $pages = ceil($threadcount / $perpage); 327 if($page > $pages) 328 { 329 $start = 0; 330 $page = 1; 331 } 332 333 // Begin selecting matching threads, cache them. 334 $sqlarray = array( 335 'order_by' => $sortfield, 336 'order_dir' => $order, 337 'limit_start' => $start, 338 'limit' => $perpage 339 ); 340 $query = $db->query(" 341 SELECT t.*, u.username AS userusername 342 FROM ".TABLE_PREFIX."threads t 343 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=t.uid) 344 LEFT JOIN ".TABLE_PREFIX."forums f ON (t.fid=f.fid) 345 WHERE $where_conditions AND ({$unapproved_where_t}) {$permsql} AND t.closed NOT LIKE 'moved|%' 346 ORDER BY $sortfield $order 347 LIMIT $start, $perpage 348 "); 349 350 $threadprefixes = build_prefixes(); 351 $thread_cache = array(); 352 while($thread = $db->fetch_array($query)) 353 { 354 $thread['threadprefix'] = ''; 355 if($thread['prefix'] && !empty($threadprefixes[$thread['prefix']])) 356 { 357 $thread['threadprefix'] = $threadprefixes[$thread['prefix']]['displaystyle']; 358 } 359 $thread_cache[$thread['tid']] = $thread; 360 } 361 $thread_ids = implode(",", array_keys($thread_cache)); 362 363 if(empty($thread_ids)) 364 { 365 error($lang->error_nosearchresults); 366 } 367 368 // Fetch dot icons if enabled 369 if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] && $thread_cache) 370 { 371 $unapproved_where_p = str_replace('t.', '', $unapproved_where_t); 372 $query = $db->simple_select("posts", "DISTINCT tid,uid", "uid='{$mybb->user['uid']}' AND tid IN({$thread_ids}) AND ({$unapproved_where_p})"); 373 while($thread = $db->fetch_array($query)) 374 { 375 $thread_cache[$thread['tid']]['dot_icon'] = 1; 376 } 377 } 378 379 // Fetch the read threads. 380 if($mybb->user['uid'] && $mybb->settings['threadreadcut'] > 0) 381 { 382 $query = $db->simple_select("threadsread", "tid,dateline", "uid='".$mybb->user['uid']."' AND tid IN(".$thread_ids.")"); 383 while($readthread = $db->fetch_array($query)) 384 { 385 $thread_cache[$readthread['tid']]['lastread'] = $readthread['dateline']; 386 } 387 } 388 389 if(!$mybb->settings['maxmultipagelinks']) 390 { 391 $mybb->settings['maxmultipagelinks'] = 5; 392 } 393 394 $results = ''; 395 396 $forums_cache = cache_forums(); 397 398 foreach($thread_cache as $thread) 399 { 400 $bgcolor = alt_trow(); 401 $folder = ''; 402 $prefix = ''; 403 404 // Unapproved colour 405 if($thread['visible'] == 0) 406 { 407 $bgcolor = 'trow_shaded'; 408 } 409 elseif($thread['visible'] == -1) 410 { 411 $bgcolor = 'trow_shaded trow_deleted'; 412 } 413 414 if($thread['userusername']) 415 { 416 $thread['username'] = $thread['userusername']; 417 } 418 $thread['username'] = htmlspecialchars_uni($thread['username']); 419 $thread['profilelink'] = build_profile_link($thread['username'], $thread['uid']); 420 421 // If this thread has a prefix, insert a space between prefix and subject 422 if($thread['prefix'] != 0) 423 { 424 $thread['threadprefix'] .= ' '; 425 } 426 427 $thread['subject'] = $parser->parse_badwords($thread['subject']); 428 $thread['subject'] = htmlspecialchars_uni($thread['subject']); 429 430 if(isset($icon_cache[$thread['icon']]) && $forums_cache[$thread['fid']]['allowpicons'] != 0) 431 { 432 $posticon = $icon_cache[$thread['icon']]; 433 $posticon['path'] = str_replace("{theme}", $theme['imgdir'], $posticon['path']); 434 $posticon['path'] = htmlspecialchars_uni($posticon['path']); 435 $posticon['name'] = htmlspecialchars_uni($posticon['name']); 436 eval("\$icon = \"".$templates->get("search_results_icon")."\";"); 437 } 438 else 439 { 440 $icon = " "; 441 } 442 if($thread['poll']) 443 { 444 $prefix = $lang->poll_prefix; 445 } 446 447 // Determine the folder 448 $folder = ''; 449 $folder_label = ''; 450 if(isset($thread['dot_icon'])) 451 { 452 $folder = "dot_"; 453 $folder_label .= $lang->icon_dot; 454 } 455 $gotounread = ''; 456 $isnew = 0; 457 $donenew = 0; 458 $last_read = 0; 459 460 if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid']) 461 { 462 $forum_read = $readforums[$thread['fid']]; 463 464 $read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; 465 if($forum_read == 0 || $forum_read < $read_cutoff) 466 { 467 $forum_read = $read_cutoff; 468 } 469 } 470 else 471 { 472 if(isset($forumsread[$thread['fid']])) 473 { 474 $forum_read = $forumsread[$thread['fid']]; 475 } 476 else 477 { 478 $forum_read = ''; 479 } 480 } 481 482 if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid'] && $thread['lastpost'] > $forum_read) 483 { 484 if(isset($thread['lastread'])) 485 { 486 $last_read = $thread['lastread']; 487 } 488 else 489 { 490 $last_read = $read_cutoff; 491 } 492 } 493 else 494 { 495 $last_read = my_get_array_cookie("threadread", $thread['tid']); 496 } 497 498 if($forum_read > $last_read) 499 { 500 $last_read = $forum_read; 501 } 502 503 if($thread['lastpost'] > $last_read && $last_read) 504 { 505 $folder .= "new"; 506 $new_class = "subject_new"; 507 $folder_label .= $lang->icon_new; 508 $thread['newpostlink'] = get_thread_link($thread['tid'], 0, "newpost").$highlight; 509 eval("\$gotounread = \"".$templates->get("forumdisplay_thread_gotounread")."\";"); 510 $unreadpost = 1; 511 } 512 else 513 { 514 $new_class = 'subject_old'; 515 $folder_label .= $lang->icon_no_new; 516 } 517 518 if($thread['replies'] >= $mybb->settings['hottopic'] || $thread['views'] >= $mybb->settings['hottopicviews']) 519 { 520 $folder .= "hot"; 521 $folder_label .= $lang->icon_hot; 522 } 523 if($thread['closed'] == 1) 524 { 525 $folder .= "close"; 526 $folder_label .= $lang->icon_close; 527 } 528 $folder .= "folder"; 529 530 if(!$mybb->settings['postsperpage'] || (int)$mybb->settings['postsperpage'] < 1) 531 { 532 $mybb->settings['postsperpage'] = 20; 533 } 534 535 $thread['pages'] = 0; 536 $thread['multipage'] = ''; 537 $threadpages = ''; 538 $morelink = ''; 539 $thread['posts'] = $thread['replies'] + 1; 540 if(is_moderator($thread['fid'], "canviewdeleted") == true || is_moderator($thread['fid'], "canviewunapprove") == true) 541 { 542 if(is_moderator($thread['fid'], "canviewdeleted") == true) 543 { 544 $thread['posts'] += $thread['deletedposts']; 545 } 546 if(is_moderator($thread['fid'], "canviewunapprove") == true) 547 { 548 $thread['posts'] += $thread['unapprovedposts']; 549 } 550 } 551 elseif($group_permissions[$thread['fid']]['canviewdeletionnotice'] != 0) 552 { 553 $thread['posts'] += $thread['deletedposts']; 554 } 555 556 if($thread['posts'] > $mybb->settings['postsperpage']) 557 { 558 $thread['pages'] = $thread['posts'] / $mybb->settings['postsperpage']; 559 $thread['pages'] = ceil($thread['pages']); 560 if($thread['pages'] > $mybb->settings['maxmultipagelinks']) 561 { 562 $pagesstop = $mybb->settings['maxmultipagelinks'] - 1; 563 $page_link = get_thread_link($thread['tid'], $thread['pages']).$highlight; 564 eval("\$morelink = \"".$templates->get("forumdisplay_thread_multipage_more")."\";"); 565 } 566 else 567 { 568 $pagesstop = $thread['pages']; 569 } 570 for($i = 1; $i <= $pagesstop; ++$i) 571 { 572 $page_link = get_thread_link($thread['tid'], $i).$highlight; 573 eval("\$threadpages .= \"".$templates->get("forumdisplay_thread_multipage_page")."\";"); 574 } 575 eval("\$thread['multipage'] = \"".$templates->get("forumdisplay_thread_multipage")."\";"); 576 } 577 else 578 { 579 $threadpages = ''; 580 $morelink = ''; 581 $thread['multipage'] = ''; 582 } 583 $lastpostdate = my_date('relative', $thread['lastpost']); 584 $thread['lastpostlink'] = get_thread_link($thread['tid'], 0, "lastpost"); 585 $lastposteruid = $thread['lastposteruid']; 586 if(!$lastposteruid && !$thread['lastposter']) 587 { 588 $lastposter = htmlspecialchars_uni($lang->guest); 589 } 590 else 591 { 592 $lastposter = htmlspecialchars_uni($thread['lastposter']); 593 } 594 $thread_link = get_thread_link($thread['tid']); 595 596 // Don't link to guest's profiles (they have no profile). 597 if($lastposteruid == 0) 598 { 599 $lastposterlink = $lastposter; 600 } 601 else 602 { 603 $lastposterlink = build_profile_link($lastposter, $lastposteruid); 604 } 605 606 $thread['replies'] = my_number_format($thread['replies']); 607 $thread['views'] = my_number_format($thread['views']); 608 609 $thread['forumlink'] = ''; 610 if($forumcache[$thread['fid']]) 611 { 612 $thread['forumlink_link'] = get_forum_link($thread['fid']); 613 $thread['forumlink_name'] = $forumcache[$thread['fid']]['name']; 614 eval("\$thread['forumlink'] = \"".$templates->get("search_results_threads_forumlink")."\";"); 615 } 616 617 // If this user is the author of the thread and it is not closed or they are a moderator, they can edit 618 if(($thread['uid'] == $mybb->user['uid'] && $thread['closed'] != 1 && $mybb->user['uid'] != 0 && $fpermissions[$thread['fid']]['caneditposts'] == 1) || is_moderator($thread['fid'], "caneditposts")) 619 { 620 $inline_edit_class = "subject_editable"; 621 } 622 else 623 { 624 $inline_edit_class = ""; 625 } 626 627 // If this thread has 1 or more attachments show the papperclip 628 if($mybb->settings['enableattachments'] == 1 && $thread['attachmentcount'] > 0) 629 { 630 if($thread['attachmentcount'] > 1) 631 { 632 $attachment_count = $lang->sprintf($lang->attachment_count_multiple, $thread['attachmentcount']); 633 } 634 else 635 { 636 $attachment_count = $lang->attachment_count; 637 } 638 639 eval("\$attachment_count = \"".$templates->get("forumdisplay_thread_attachment_count")."\";"); 640 } 641 else 642 { 643 $attachment_count = ''; 644 } 645 646 $inline_edit_tid = $thread['tid']; 647 648 // Inline thread moderation 649 $inline_mod_checkbox = ''; 650 if($is_supermod || is_moderator($thread['fid'])) 651 { 652 if(isset($mybb->cookies[$inlinecookie]) && my_strpos($mybb->cookies[$inlinecookie], "|{$thread['tid']}|") !== false) 653 { 654 $inlinecheck = "checked=\"checked\""; 655 ++$inlinecount; 656 } 657 else 658 { 659 $inlinecheck = ''; 660 } 661 662 // If this user is allowed to use the inline moderation tools for at least one thread, include the necessary scripts 663 $show_inline_moderation = true; 664 665 eval("\$inline_mod_checkbox = \"".$templates->get("search_results_threads_inlinecheck")."\";"); 666 } 667 elseif($is_mod) 668 { 669 eval("\$inline_mod_checkbox = \"".$templates->get("search_results_threads_nocheck")."\";"); 670 } 671 672 $plugins->run_hooks("search_results_thread"); 673 eval("\$results .= \"".$templates->get("search_results_threads_thread")."\";"); 674 } 675 if(!$results) 676 { 677 error($lang->error_nosearchresults); 678 } 679 $multipage = multipage($threadcount, $perpage, $page, "search.php?action=results&sid=$sid&sortby=$sortby&order=$order&uid=".$mybb->get_input('uid', MyBB::INPUT_INT)); 680 if($upper > $threadcount) 681 { 682 $upper = $threadcount; 683 } 684 685 $selectall = ''; 686 $inlinemod = ''; 687 688 // Inline Thread Moderation Options 689 if($show_inline_moderation) 690 { 691 eval("\$inlinemodcol = \"".$templates->get("search_results_inlinemodcol")."\";"); 692 693 // If user has moderation tools available, prepare the Select All feature 694 $lang->page_selected = $lang->sprintf($lang->page_selected, count($thread_cache)); 695 $lang->all_selected = $lang->sprintf($lang->all_selected, (int)$threadcount); 696 $lang->select_all = $lang->sprintf($lang->select_all, (int)$threadcount); 697 eval("\$selectall = \"".$templates->get("search_threads_inlinemoderation_selectall")."\";"); 698 699 $customthreadtools = ''; 700 switch($db->type) 701 { 702 case "pgsql": 703 case "sqlite": 704 $query = $db->simple_select("modtools", "tid, name", "type='t' AND (','||forums||',' LIKE '%,-1,%' OR forums='')"); 705 break; 706 default: 707 $query = $db->simple_select("modtools", "tid, name", "type='t' AND (CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='')"); 708 } 709 710 while($tool = $db->fetch_array($query)) 711 { 712 $tool['name'] = htmlspecialchars_uni($tool['name']); 713 eval("\$customthreadtools .= \"".$templates->get("search_results_threads_inlinemoderation_custom_tool")."\";"); 714 } 715 // Build inline moderation dropdown 716 if(!empty($customthreadtools)) 717 { 718 eval("\$customthreadtools = \"".$templates->get("search_results_threads_inlinemoderation_custom")."\";"); 719 } 720 eval("\$inlinemod = \"".$templates->get("search_results_threads_inlinemoderation")."\";"); 721 } 722 elseif($is_mod) 723 { 724 eval("\$inlinemodcol = \"".$templates->get("search_results_inlinemodcol_empty")."\";"); 725 } 726 727 $plugins->run_hooks("search_results_end"); 728 729 eval("\$searchresults = \"".$templates->get("search_results_threads")."\";"); 730 output_page($searchresults); 731 } 732 else // Displaying results as posts 733 { 734 if(empty($search['posts'])) 735 { 736 error($lang->error_nosearchresults); 737 } 738 739 $postcount = 0; 740 741 // Moderators can view unapproved threads and deleted threads from forums they moderate 742 $unapproved_where = get_visible_where(); 743 744 $post_cache_options = array(); 745 if((int)$mybb->settings['searchhardlimit'] > 0) 746 { 747 $post_cache_options['limit'] = (int)$mybb->settings['searchhardlimit']; 748 } 749 750 if(strpos($sortfield, 'p.') !== false) 751 { 752 $post_cache_options['order_by'] = str_replace('p.', '', $sortfield); 753 $post_cache_options['order_dir'] = $order; 754 } 755 756 $tids = array(); 757 $pids = array(); 758 // Make sure the posts we're viewing we have permission to view. 759 $query = $db->simple_select("posts", "pid, tid", "pid IN(".$db->escape_string($search['posts']).") AND ({$unapproved_where})", $post_cache_options); 760 while($post = $db->fetch_array($query)) 761 { 762 $pids[$post['pid']] = $post['tid']; 763 $tids[$post['tid']][$post['pid']] = $post['pid']; 764 } 765 766 if(!empty($pids)) 767 { 768 $temp_pids = array(); 769 770 $group_permissions = forum_permissions(); 771 $permsql = ''; 772 $onlyusfids = array(); 773 774 foreach($group_permissions as $fid => $forum_permissions) 775 { 776 if(!empty($forum_permissions['canonlyviewownthreads'])) 777 { 778 $onlyusfids[] = $fid; 779 } 780 } 781 782 if($onlyusfids) 783 { 784 $permsql .= " OR (fid IN(".implode(',', $onlyusfids).") AND uid!={$mybb->user['uid']})"; 785 } 786 $unsearchforums = get_unsearchable_forums(); 787 if($unsearchforums) 788 { 789 $permsql .= " OR fid IN ($unsearchforums)"; 790 } 791 $inactiveforums = get_inactive_forums(); 792 if($inactiveforums) 793 { 794 $permsql .= " OR fid IN ($inactiveforums)"; 795 } 796 797 // Find threads in our list that we don't have permission to view and remove them 798 $query = $db->simple_select("threads", "tid", "tid IN(".$db->escape_string(implode(',', array_keys($tids))).") AND (NOT ({$unapproved_where}){$permsql} OR closed LIKE 'moved|%')"); 799 while($thread = $db->fetch_array($query)) 800 { 801 if(array_key_exists($thread['tid'], $tids)) 802 { 803 $temp_pids = $tids[$thread['tid']]; 804 foreach($temp_pids as $pid) 805 { 806 unset($pids[$pid]); 807 unset($tids[$thread['tid']]); 808 } 809 unset($tids[$thread['tid']]); 810 } 811 } 812 unset($temp_pids); 813 } 814 815 // Declare our post count 816 $postcount = count($pids); 817 818 if(!$postcount) 819 { 820 error($lang->error_nosearchresults); 821 } 822 823 // And now we have our sanatized post list 824 $search['posts'] = implode(',', array_keys($pids)); 825 826 $tids = implode(",", array_keys($tids)); 827 828 // Read threads 829 if($mybb->user['uid'] && $mybb->settings['threadreadcut'] > 0) 830 { 831 $query = $db->simple_select("threadsread", "tid, dateline", "uid='".$mybb->user['uid']."' AND tid IN(".$db->escape_string($tids).")"); 832 while($readthread = $db->fetch_array($query)) 833 { 834 $readthreads[$readthread['tid']] = $readthread['dateline']; 835 } 836 } 837 838 $dot_icon = array(); 839 if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] != 0) 840 { 841 $query = $db->simple_select("posts", "DISTINCT tid,uid", "uid='{$mybb->user['uid']}' AND tid IN({$db->escape_string($tids)}) AND ({$unapproved_where})"); 842 while($post = $db->fetch_array($query)) 843 { 844 $dot_icon[$post['tid']] = true; 845 } 846 } 847 848 $results = ''; 849 850 $pages = ceil($postcount / $perpage); 851 if($page > $pages) 852 { 853 $start = 0; 854 $page = 1; 855 } 856 857 $forums_cache = cache_forums(); 858 859 $query = $db->query(" 860 SELECT p.*, u.username AS userusername, t.subject AS thread_subject, t.replies AS thread_replies, t.views AS thread_views, t.lastpost AS thread_lastpost, t.closed AS thread_closed, t.uid as thread_uid 861 FROM ".TABLE_PREFIX."posts p 862 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) 863 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid) 864 LEFT JOIN ".TABLE_PREFIX."forums f ON (t.fid=f.fid) 865 WHERE p.pid IN (".$db->escape_string($search['posts']).") 866 ORDER BY $sortfield $order 867 LIMIT $start, $perpage 868 "); 869 while($post = $db->fetch_array($query)) 870 { 871 $bgcolor = alt_trow(); 872 if($post['visible'] == 0) 873 { 874 $bgcolor = 'trow_shaded'; 875 } 876 elseif($post['visible'] == -1) 877 { 878 $bgcolor = 'trow_shaded trow_deleted'; 879 } 880 if($post['userusername']) 881 { 882 $post['username'] = $post['userusername']; 883 } 884 $post['username'] = htmlspecialchars_uni($post['username']); 885 $post['profilelink'] = build_profile_link($post['username'], $post['uid']); 886 $post['subject'] = $parser->parse_badwords($post['subject']); 887 $post['thread_subject'] = $parser->parse_badwords($post['thread_subject']); 888 $post['thread_subject'] = htmlspecialchars_uni($post['thread_subject']); 889 890 if(isset($icon_cache[$post['icon']]) && $forums_cache[$post['fid']]['allowpicons'] != 0) 891 { 892 $posticon = $icon_cache[$post['icon']]; 893 $posticon['path'] = str_replace("{theme}", $theme['imgdir'], $posticon['path']); 894 $posticon['path'] = htmlspecialchars_uni($posticon['path']); 895 $posticon['name'] = htmlspecialchars_uni($posticon['name']); 896 eval("\$icon = \"".$templates->get("search_results_icon")."\";"); 897 } 898 else 899 { 900 $icon = " "; 901 } 902 903 $post['forumlink'] = ''; 904 if(!empty($forumcache[$post['fid']])) 905 { 906 $post['forumlink_link'] = get_forum_link($post['fid']); 907 $post['forumlink_name'] = $forumcache[$post['fid']]['name']; 908 eval("\$post['forumlink'] = \"".$templates->get("search_results_posts_forumlink")."\";"); 909 } 910 911 // Determine the folder 912 $folder = ''; 913 $folder_label = ''; 914 $gotounread = ''; 915 $isnew = 0; 916 $donenew = 0; 917 $last_read = 0; 918 919 if(isset($readthreads[$post['tid']])) 920 { 921 $post['thread_lastread'] = $readthreads[$post['tid']]; 922 } 923 else 924 { 925 $post['thread_lastread'] = ''; 926 } 927 928 if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid']) 929 { 930 $forum_read = $readforums[$post['fid']]; 931 932 $read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; 933 if($forum_read == 0 || $forum_read < $read_cutoff) 934 { 935 $forum_read = $read_cutoff; 936 } 937 } 938 else 939 { 940 if(isset($forumsread[$post['fid']])) 941 { 942 $forum_read = $forumsread[$post['fid']]; 943 } 944 else 945 { 946 $forum_read = ''; 947 } 948 } 949 950 if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid'] && $post['thread_lastpost'] > $forum_read) 951 { 952 $cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; 953 if($post['thread_lastpost'] > $cutoff) 954 { 955 if($post['thread_lastread']) 956 { 957 $last_read = $post['thread_lastread']; 958 } 959 else 960 { 961 $last_read = 1; 962 } 963 } 964 } 965 966 if(isset($dot_icon[$post['tid']])) 967 { 968 $folder = "dot_"; 969 $folder_label .= $lang->icon_dot; 970 } 971 972 if(!$last_read) 973 { 974 $readcookie = $threadread = my_get_array_cookie("threadread", $post['tid']); 975 if($readcookie > $forum_read) 976 { 977 $last_read = $readcookie; 978 } 979 elseif($forum_read > $mybb->user['lastvisit']) 980 { 981 $last_read = $forum_read; 982 } 983 else 984 { 985 $last_read = $mybb->user['lastvisit']; 986 } 987 } 988 989 if($post['thread_lastpost'] > $last_read && $last_read) 990 { 991 $folder .= "new"; 992 $folder_label .= $lang->icon_new; 993 $thread['newpostlink'] = get_thread_link($post['tid'], 0, "newpost"); 994 eval("\$gotounread = \"".$templates->get("forumdisplay_thread_gotounread")."\";"); 995 $unreadpost = 1; 996 } 997 else 998 { 999 $folder_label .= $lang->icon_no_new; 1000 } 1001 1002 if($post['thread_replies'] >= $mybb->settings['hottopic'] || $post['thread_views'] >= $mybb->settings['hottopicviews']) 1003 { 1004 $folder .= "hot"; 1005 $folder_label .= $lang->icon_hot; 1006 } 1007 if($post['thread_closed'] == 1) 1008 { 1009 $folder .= "close"; 1010 $folder_label .= $lang->icon_close; 1011 } 1012 $folder .= "folder"; 1013 1014 $post['thread_replies'] = my_number_format($post['thread_replies']); 1015 $post['thread_views'] = my_number_format($post['thread_views']); 1016 1017 $post['forumlink'] = ''; 1018 if($forumcache[$post['fid']]) 1019 { 1020 $post['forumlink_link'] = get_forum_link($post['fid']); 1021 $post['forumlink_name'] = $forumcache[$post['fid']]['name']; 1022 eval("\$post['forumlink'] = \"".$templates->get("search_results_posts_forumlink")."\";"); 1023 } 1024 1025 if(!$post['subject']) 1026 { 1027 $post['subject'] = $post['message']; 1028 } 1029 if(my_strlen($post['subject']) > 50) 1030 { 1031 $post['subject'] = htmlspecialchars_uni(my_substr($post['subject'], 0, 50)."..."); 1032 } 1033 else 1034 { 1035 $post['subject'] = htmlspecialchars_uni($post['subject']); 1036 } 1037 // What we do here is parse the post using our post parser, then strip the tags from it 1038 $parser_options = array( 1039 'allow_html' => 0, 1040 'allow_mycode' => 1, 1041 'allow_smilies' => 0, 1042 'allow_imgcode' => 0, 1043 'me_username' => $post['username'], 1044 'filter_badwords' => 1 1045 ); 1046 $post['message'] = strip_tags($parser->text_parse_message($post['message'], $parser_options)); 1047 if(my_strlen($post['message']) > 200) 1048 { 1049 $prev = my_substr($post['message'], 0, 200)."..."; 1050 } 1051 else 1052 { 1053 $prev = $post['message']; 1054 } 1055 $posted = my_date('relative', $post['dateline']); 1056 1057 $thread_url = get_thread_link($post['tid']); 1058 $post_url = get_post_link($post['pid'], $post['tid']); 1059 1060 // Inline post moderation 1061 $inline_mod_checkbox = ''; 1062 if($is_supermod || is_moderator($post['fid'])) 1063 { 1064 if(isset($mybb->cookies[$inlinecookie]) && my_strpos($mybb->cookies[$inlinecookie], "|{$post['pid']}|") !== false) 1065 { 1066 $inlinecheck = "checked=\"checked\""; 1067 ++$inlinecount; 1068 } 1069 else 1070 { 1071 $inlinecheck = ''; 1072 } 1073 1074 $show_inline_moderation = true; 1075 1076 eval("\$inline_mod_checkbox = \"".$templates->get("search_results_posts_inlinecheck")."\";"); 1077 } 1078 elseif($is_mod) 1079 { 1080 eval("\$inline_mod_checkbox = \"".$templates->get("search_results_posts_nocheck")."\";"); 1081 } 1082 1083 $plugins->run_hooks("search_results_post"); 1084 eval("\$results .= \"".$templates->get("search_results_posts_post")."\";"); 1085 } 1086 if(!$results) 1087 { 1088 error($lang->error_nosearchresults); 1089 } 1090 $multipage = multipage($postcount, $perpage, $page, "search.php?action=results&sid=".htmlspecialchars_uni($mybb->get_input('sid'))."&sortby=$sortby&order=$order&uid=".$mybb->get_input('uid', MyBB::INPUT_INT)); 1091 if($upper > $postcount) 1092 { 1093 $upper = $postcount; 1094 } 1095 1096 $selectall = ''; 1097 $inlinemod = ''; 1098 1099 // Inline Post Moderation Options 1100 if($show_inline_moderation) 1101 { 1102 eval("\$inlinemodcol = \"".$templates->get("search_results_inlinemodcol")."\";"); 1103 1104 // If user has moderation tools available, prepare the Select All feature 1105 $num_results = $db->num_rows($query); 1106 $lang->page_selected = $lang->sprintf($lang->page_selected, (int)$num_results); 1107 $lang->select_all = $lang->sprintf($lang->select_all, (int)$postcount); 1108 $lang->all_selected = $lang->sprintf($lang->all_selected, (int)$postcount); 1109 eval("\$selectall = \"".$templates->get("search_posts_inlinemoderation_selectall")."\";"); 1110 1111 $customthreadtools = $customposttools = ''; 1112 switch($db->type) 1113 { 1114 case "pgsql": 1115 case "sqlite": 1116 $query = $db->simple_select("modtools", "tid, name, type", "type='p' AND (','||forums||',' LIKE '%,-1,%' OR forums='')"); 1117 break; 1118 default: 1119 $query = $db->simple_select("modtools", "tid, name, type", "type='p' AND (CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='')"); 1120 } 1121 1122 while($tool = $db->fetch_array($query)) 1123 { 1124 eval("\$customposttools .= \"".$templates->get("search_results_posts_inlinemoderation_custom_tool")."\";"); 1125 } 1126 // Build inline moderation dropdown 1127 if(!empty($customposttools)) 1128 { 1129 eval("\$customposttools = \"".$templates->get("search_results_posts_inlinemoderation_custom")."\";"); 1130 } 1131 eval("\$inlinemod = \"".$templates->get("search_results_posts_inlinemoderation")."\";"); 1132 } 1133 elseif($is_mod) 1134 { 1135 eval("\$inlinemodcol = \"".$templates->get("search_results_inlinemodcol_empty")."\";"); 1136 } 1137 1138 $plugins->run_hooks("search_results_end"); 1139 1140 eval("\$searchresults = \"".$templates->get("search_results_posts")."\";"); 1141 output_page($searchresults); 1142 } 1143 } 1144 elseif($mybb->input['action'] == "findguest") 1145 { 1146 $where_sql = "uid='0'"; 1147 1148 $unsearchforums = get_unsearchable_forums(); 1149 if($unsearchforums) 1150 { 1151 $where_sql .= " AND fid NOT IN ($unsearchforums)"; 1152 } 1153 $inactiveforums = get_inactive_forums(); 1154 if($inactiveforums) 1155 { 1156 $where_sql .= " AND fid NOT IN ($inactiveforums)"; 1157 } 1158 1159 // Moderators can view unapproved threads and deleted threads from forums they moderate 1160 $unapproved_where = get_visible_where(); 1161 $where_sql .= " AND ({$unapproved_where})"; 1162 1163 $permsql = ""; 1164 $onlyusfids = array(); 1165 1166 // Check group permissions if we can't view threads not started by us 1167 $group_permissions = forum_permissions(); 1168 foreach($group_permissions as $fid => $forum_permissions) 1169 { 1170 if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) 1171 { 1172 $onlyusfids[] = $fid; 1173 } 1174 } 1175 if(!empty($onlyusfids)) 1176 { 1177 $where_sql .= " AND fid NOT IN(".implode(',', $onlyusfids).")"; 1178 } 1179 1180 $options = array( 1181 'order_by' => 'dateline DESC, pid DESC', 1182 ); 1183 1184 // Do we have a hard search limit? 1185 if($mybb->settings['searchhardlimit'] > 0) 1186 { 1187 $options['limit'] = (int)$mybb->settings['searchhardlimit']; 1188 } 1189 1190 $pids = ''; 1191 $comma = ''; 1192 $query = $db->simple_select("posts", "pid", "{$where_sql}", $options); 1193 while($pid = $db->fetch_field($query, "pid")) 1194 { 1195 $pids .= $comma.$pid; 1196 $comma = ','; 1197 } 1198 1199 $tids = ''; 1200 $comma = ''; 1201 $query = $db->simple_select("threads", "tid", $where_sql); 1202 while($tid = $db->fetch_field($query, "tid")) 1203 { 1204 $tids .= $comma.$tid; 1205 $comma = ','; 1206 } 1207 1208 $sid = md5(uniqid(microtime(), true)); 1209 $searcharray = array( 1210 "sid" => $db->escape_string($sid), 1211 "uid" => $mybb->user['uid'], 1212 "dateline" => TIME_NOW, 1213 "ipaddress" => $db->escape_binary($session->packedip), 1214 "threads" => $db->escape_string($tids), 1215 "posts" => $db->escape_string($pids), 1216 "resulttype" => "posts", 1217 "querycache" => '', 1218 "keywords" => '' 1219 ); 1220 $plugins->run_hooks("search_do_search_process"); 1221 $db->insert_query("searchlog", $searcharray); 1222 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1223 } 1224 elseif($mybb->input['action'] == "finduser") 1225 { 1226 $where_sql = "uid='".$mybb->get_input('uid', MyBB::INPUT_INT)."'"; 1227 1228 $unsearchforums = get_unsearchable_forums(); 1229 if($unsearchforums) 1230 { 1231 $where_sql .= " AND fid NOT IN ($unsearchforums)"; 1232 } 1233 $inactiveforums = get_inactive_forums(); 1234 if($inactiveforums) 1235 { 1236 $where_sql .= " AND fid NOT IN ($inactiveforums)"; 1237 } 1238 1239 // Moderators can view unapproved threads and deleted threads from forums they moderate 1240 $unapproved_where = get_visible_where(); 1241 $where_sql .= " AND ({$unapproved_where})"; 1242 1243 $permsql = ""; 1244 $onlyusfids = array(); 1245 1246 // Check group permissions if we can't view threads not started by us 1247 $group_permissions = forum_permissions(); 1248 foreach($group_permissions as $fid => $forum_permissions) 1249 { 1250 if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) 1251 { 1252 $onlyusfids[] = $fid; 1253 } 1254 } 1255 if(!empty($onlyusfids)) 1256 { 1257 $where_sql .= "AND ((fid IN(".implode(',', $onlyusfids).") AND uid='{$mybb->user['uid']}') OR fid NOT IN(".implode(',', $onlyusfids)."))"; 1258 } 1259 1260 $options = array( 1261 'order_by' => 'dateline DESC, pid DESC', 1262 ); 1263 1264 // Do we have a hard search limit? 1265 if($mybb->settings['searchhardlimit'] > 0) 1266 { 1267 $options['limit'] = (int)$mybb->settings['searchhardlimit']; 1268 } 1269 1270 $pids = ''; 1271 $comma = ''; 1272 $query = $db->simple_select("posts", "pid", "{$where_sql}", $options); 1273 while($pid = $db->fetch_field($query, "pid")) 1274 { 1275 $pids .= $comma.$pid; 1276 $comma = ','; 1277 } 1278 1279 $tids = ''; 1280 $comma = ''; 1281 $query = $db->simple_select("threads", "tid", $where_sql); 1282 while($tid = $db->fetch_field($query, "tid")) 1283 { 1284 $tids .= $comma.$tid; 1285 $comma = ','; 1286 } 1287 1288 $sid = md5(uniqid(microtime(), true)); 1289 $searcharray = array( 1290 "sid" => $db->escape_string($sid), 1291 "uid" => $mybb->user['uid'], 1292 "dateline" => TIME_NOW, 1293 "ipaddress" => $db->escape_binary($session->packedip), 1294 "threads" => $db->escape_string($tids), 1295 "posts" => $db->escape_string($pids), 1296 "resulttype" => "posts", 1297 "querycache" => '', 1298 "keywords" => '' 1299 ); 1300 $plugins->run_hooks("search_do_search_process"); 1301 $db->insert_query("searchlog", $searcharray); 1302 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1303 } 1304 elseif($mybb->input['action'] == "finduserthreads") 1305 { 1306 $where_sql = "uid='".$mybb->get_input('uid', MyBB::INPUT_INT)."'"; 1307 1308 $unsearchforums = get_unsearchable_forums(); 1309 if($unsearchforums) 1310 { 1311 $where_sql .= " AND fid NOT IN ($unsearchforums)"; 1312 } 1313 $inactiveforums = get_inactive_forums(); 1314 if($inactiveforums) 1315 { 1316 $where_sql .= " AND fid NOT IN ($inactiveforums)"; 1317 } 1318 1319 // Moderators can view unapproved threads and deleted threads from forums they moderate 1320 $unapproved_where = get_visible_where(); 1321 $where_sql .= " AND ({$unapproved_where})"; 1322 1323 $permsql = ""; 1324 $onlyusfids = array(); 1325 1326 // Check group permissions if we can't view threads not started by us 1327 $group_permissions = forum_permissions(); 1328 foreach($group_permissions as $fid => $forum_permissions) 1329 { 1330 if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) 1331 { 1332 $onlyusfids[] = $fid; 1333 } 1334 } 1335 if(!empty($onlyusfids)) 1336 { 1337 $where_sql .= "AND ((fid IN(".implode(',', $onlyusfids).") AND uid='{$mybb->user['uid']}') OR fid NOT IN(".implode(',', $onlyusfids)."))"; 1338 } 1339 1340 $tids = ''; 1341 $comma = ''; 1342 $query = $db->simple_select("threads", "tid", $where_sql); 1343 while($tid = $db->fetch_field($query, "tid")) 1344 { 1345 $tids .= $comma.$tid; 1346 $comma = ','; 1347 } 1348 1349 $sid = md5(uniqid(microtime(), true)); 1350 $searcharray = array( 1351 "sid" => $db->escape_string($sid), 1352 "uid" => $mybb->user['uid'], 1353 "dateline" => TIME_NOW, 1354 "ipaddress" => $db->escape_binary($session->packedip), 1355 "threads" => $db->escape_string($tids), 1356 "posts" => '', 1357 "resulttype" => "threads", 1358 "querycache" => $db->escape_string($where_sql), 1359 "keywords" => '' 1360 ); 1361 $plugins->run_hooks("search_do_search_process"); 1362 $db->insert_query("searchlog", $searcharray); 1363 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1364 } 1365 elseif($mybb->input['action'] == "getnew") 1366 { 1367 1368 $where_sql = "lastpost >= '".(int)$mybb->user['lastvisit']."'"; 1369 1370 if($mybb->get_input('fid', MyBB::INPUT_INT)) 1371 { 1372 $where_sql .= " AND fid='".$mybb->get_input('fid', MyBB::INPUT_INT)."'"; 1373 } 1374 else if($mybb->get_input('fids')) 1375 { 1376 $fids = explode(',', $mybb->get_input('fids')); 1377 foreach($fids as $key => $fid) 1378 { 1379 $fids[$key] = (int)$fid; 1380 } 1381 1382 if(!empty($fids)) 1383 { 1384 $where_sql .= " AND fid IN (".implode(',', $fids).")"; 1385 } 1386 } 1387 1388 $unsearchforums = get_unsearchable_forums(); 1389 if($unsearchforums) 1390 { 1391 $where_sql .= " AND fid NOT IN ($unsearchforums)"; 1392 } 1393 $inactiveforums = get_inactive_forums(); 1394 if($inactiveforums) 1395 { 1396 $where_sql .= " AND fid NOT IN ($inactiveforums)"; 1397 } 1398 1399 // Moderators can view unapproved threads and deleted threads from forums they moderate 1400 $unapproved_where = get_visible_where(); 1401 $where_sql .= " AND ({$unapproved_where})"; 1402 1403 $permsql = ""; 1404 $onlyusfids = array(); 1405 1406 // Check group permissions if we can't view threads not started by us 1407 $group_permissions = forum_permissions(); 1408 foreach($group_permissions as $fid => $forum_permissions) 1409 { 1410 if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) 1411 { 1412 $onlyusfids[] = $fid; 1413 } 1414 } 1415 if(!empty($onlyusfids)) 1416 { 1417 $where_sql .= "AND ((fid IN(".implode(',', $onlyusfids).") AND uid='{$mybb->user['uid']}') OR fid NOT IN(".implode(',', $onlyusfids)."))"; 1418 } 1419 1420 $tids = ''; 1421 $comma = ''; 1422 $query = $db->simple_select("threads", "tid", $where_sql); 1423 while($tid = $db->fetch_field($query, "tid")) 1424 { 1425 $tids .= $comma.$tid; 1426 $comma = ','; 1427 } 1428 1429 $sid = md5(uniqid(microtime(), true)); 1430 $searcharray = array( 1431 "sid" => $db->escape_string($sid), 1432 "uid" => $mybb->user['uid'], 1433 "dateline" => TIME_NOW, 1434 "ipaddress" => $db->escape_binary($session->packedip), 1435 "threads" => $db->escape_string($tids), 1436 "posts" => '', 1437 "resulttype" => "threads", 1438 "querycache" => $db->escape_string($where_sql), 1439 "keywords" => '' 1440 ); 1441 1442 $plugins->run_hooks("search_do_search_process"); 1443 $db->insert_query("searchlog", $searcharray); 1444 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1445 } 1446 elseif($mybb->input['action'] == "getdaily") 1447 { 1448 if($mybb->get_input('days', MyBB::INPUT_INT) < 1) 1449 { 1450 $days = 1; 1451 } 1452 else 1453 { 1454 $days = $mybb->get_input('days', MyBB::INPUT_INT); 1455 } 1456 $datecut = TIME_NOW-(86400*$days); 1457 1458 $where_sql = "lastpost >='".$datecut."'"; 1459 1460 if($mybb->get_input('fid', MyBB::INPUT_INT)) 1461 { 1462 $where_sql .= " AND fid='".$mybb->get_input('fid', MyBB::INPUT_INT)."'"; 1463 } 1464 else if($mybb->get_input('fids')) 1465 { 1466 $fids = explode(',', $mybb->get_input('fids')); 1467 foreach($fids as $key => $fid) 1468 { 1469 $fids[$key] = (int)$fid; 1470 } 1471 1472 if(!empty($fids)) 1473 { 1474 $where_sql .= " AND fid IN (".implode(',', $fids).")"; 1475 } 1476 } 1477 1478 $unsearchforums = get_unsearchable_forums(); 1479 if($unsearchforums) 1480 { 1481 $where_sql .= " AND fid NOT IN ($unsearchforums)"; 1482 } 1483 $inactiveforums = get_inactive_forums(); 1484 if($inactiveforums) 1485 { 1486 $where_sql .= " AND fid NOT IN ($inactiveforums)"; 1487 } 1488 1489 // Moderators can view unapproved threads and deleted threads from forums they moderate 1490 $unapproved_where = get_visible_where(); 1491 $where_sql .= " AND ({$unapproved_where})"; 1492 1493 $permsql = ""; 1494 $onlyusfids = array(); 1495 1496 // Check group permissions if we can't view threads not started by us 1497 $group_permissions = forum_permissions(); 1498 foreach($group_permissions as $fid => $forum_permissions) 1499 { 1500 if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) 1501 { 1502 $onlyusfids[] = $fid; 1503 } 1504 } 1505 if(!empty($onlyusfids)) 1506 { 1507 $where_sql .= "AND ((fid IN(".implode(',', $onlyusfids).") AND uid='{$mybb->user['uid']}') OR fid NOT IN(".implode(',', $onlyusfids)."))"; 1508 } 1509 1510 $tids = ''; 1511 $comma = ''; 1512 $query = $db->simple_select("threads", "tid", $where_sql); 1513 while($tid = $db->fetch_field($query, "tid")) 1514 { 1515 $tids .= $comma.$tid; 1516 $comma = ','; 1517 } 1518 1519 $sid = md5(uniqid(microtime(), true)); 1520 $searcharray = array( 1521 "sid" => $db->escape_string($sid), 1522 "uid" => $mybb->user['uid'], 1523 "dateline" => TIME_NOW, 1524 "ipaddress" => $db->escape_binary($session->packedip), 1525 "threads" => $db->escape_string($tids), 1526 "posts" => '', 1527 "resulttype" => "threads", 1528 "querycache" => $db->escape_string($where_sql), 1529 "keywords" => '' 1530 ); 1531 1532 $plugins->run_hooks("search_do_search_process"); 1533 $db->insert_query("searchlog", $searcharray); 1534 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1535 } 1536 elseif($mybb->input['action'] == "do_search") 1537 { 1538 $plugins->run_hooks("search_do_search_start"); 1539 1540 // Check if search flood checking is enabled and user is not admin 1541 if($mybb->settings['searchfloodtime'] > 0 && $mybb->usergroup['cancp'] != 1) 1542 { 1543 // Fetch the time this user last searched 1544 if($mybb->user['uid']) 1545 { 1546 $conditions = "uid='{$mybb->user['uid']}'"; 1547 } 1548 else 1549 { 1550 $conditions = "uid='0' AND ipaddress=".$db->escape_binary($session->packedip); 1551 } 1552 $timecut = TIME_NOW-$mybb->settings['searchfloodtime']; 1553 $query = $db->simple_select("searchlog", "*", "$conditions AND dateline > '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC")); 1554 $last_search = $db->fetch_array($query); 1555 // Users last search was within the flood time, show the error 1556 if(!empty($last_search['sid'])) 1557 { 1558 $remaining_time = $mybb->settings['searchfloodtime']-(TIME_NOW-$last_search['dateline']); 1559 if($remaining_time == 1) 1560 { 1561 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding_1, $mybb->settings['searchfloodtime']); 1562 } 1563 else 1564 { 1565 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time); 1566 } 1567 error($lang->error_searchflooding); 1568 } 1569 } 1570 if($mybb->get_input('showresults') == "threads") 1571 { 1572 $resulttype = "threads"; 1573 } 1574 else 1575 { 1576 $resulttype = "posts"; 1577 } 1578 1579 if(isset($mybb->input['forums']) && is_array($mybb->input['forums'])) 1580 { 1581 $forums = $mybb->get_input('forums', MyBB::INPUT_ARRAY); 1582 } 1583 else 1584 { 1585 $forums = array($mybb->get_input('forums')); 1586 } 1587 1588 $search_data = array( 1589 "keywords" => $mybb->input['keywords'], 1590 "author" => $mybb->get_input('author'), 1591 "postthread" => $mybb->get_input('postthread', MyBB::INPUT_INT), 1592 "matchusername" => $mybb->get_input('matchusername', MyBB::INPUT_INT), 1593 "postdate" => $mybb->get_input('postdate', MyBB::INPUT_INT), 1594 "pddir" => $mybb->get_input('pddir', MyBB::INPUT_INT), 1595 "forums" => $forums, 1596 "findthreadst" => $mybb->get_input('findthreadst', MyBB::INPUT_INT), 1597 "numreplies" => $mybb->get_input('numreplies', MyBB::INPUT_INT), 1598 "threadprefix" => $mybb->get_input('threadprefix', MyBB::INPUT_ARRAY) 1599 ); 1600 1601 if(is_moderator() && !empty($mybb->input['visible'])) 1602 { 1603 $search_data['visible'] = $mybb->get_input('visible', MyBB::INPUT_INT); 1604 } 1605 1606 if($db->can_search == true) 1607 { 1608 if($mybb->settings['searchtype'] == "fulltext" && $db->supports_fulltext_boolean("posts") && $db->is_fulltext("posts")) 1609 { 1610 $search_results = perform_search_mysql_ft($search_data); 1611 } 1612 else 1613 { 1614 $search_results = perform_search_mysql($search_data); 1615 } 1616 } 1617 else 1618 { 1619 error($lang->error_no_search_support); 1620 } 1621 $sid = md5(uniqid(microtime(), true)); 1622 $searcharray = array( 1623 "sid" => $db->escape_string($sid), 1624 "uid" => $mybb->user['uid'], 1625 "dateline" => $now, 1626 "ipaddress" => $db->escape_binary($session->packedip), 1627 "threads" => $search_results['threads'], 1628 "posts" => $search_results['posts'], 1629 "resulttype" => $resulttype, 1630 "querycache" => $search_results['querycache'], 1631 "keywords" => $db->escape_string($mybb->input['keywords']), 1632 ); 1633 $plugins->run_hooks("search_do_search_process"); 1634 1635 $db->insert_query("searchlog", $searcharray); 1636 1637 if(my_strtolower($mybb->get_input('sortordr')) == "asc" || my_strtolower($mybb->get_input('sortordr') == "desc")) 1638 { 1639 $sortorder = $mybb->get_input('sortordr'); 1640 } 1641 else 1642 { 1643 $sortorder = "desc"; 1644 } 1645 $sortby = htmlspecialchars_uni($mybb->get_input('sortby')); 1646 $plugins->run_hooks("search_do_search_end"); 1647 redirect("search.php?action=results&sid=".$sid."&sortby=".$sortby."&order=".$sortorder, $lang->redirect_searchresults); 1648 } 1649 else if($mybb->input['action'] == "thread") 1650 { 1651 // Fetch thread info 1652 $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); 1653 $ismod = is_moderator($thread['fid']); 1654 1655 if(!$thread || ($thread['visible'] != 1 && $ismod == false && ($thread['visible'] != -1 || $mybb->settings['soft_delete'] != 1 || !$mybb->user['uid'] || $mybb->user['uid'] != $thread['uid'])) || ($thread['visible'] > 1 && $ismod == true)) 1656 { 1657 error($lang->error_invalidthread); 1658 } 1659 1660 // Get forum info 1661 $forum = get_forum($thread['fid']); 1662 if(!$forum) 1663 { 1664 error($lang->error_invalidforum); 1665 } 1666 1667 $forum_permissions = forum_permissions($forum['fid']); 1668 1669 if($forum['open'] == 0 || $forum['type'] != "f") 1670 { 1671 error($lang->error_closedinvalidforum); 1672 } 1673 if($forum_permissions['canview'] == 0 || $forum_permissions['canviewthreads'] != 1 || (isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'])) 1674 { 1675 error_no_permission(); 1676 } 1677 1678 $plugins->run_hooks("search_thread_start"); 1679 1680 // Check if search flood checking is enabled and user is not admin 1681 if($mybb->settings['searchfloodtime'] > 0 && $mybb->usergroup['cancp'] != 1) 1682 { 1683 // Fetch the time this user last searched 1684 if($mybb->user['uid']) 1685 { 1686 $conditions = "uid='{$mybb->user['uid']}'"; 1687 } 1688 else 1689 { 1690 $conditions = "uid='0' AND ipaddress=".$db->escape_binary($session->packedip); 1691 } 1692 $timecut = TIME_NOW-$mybb->settings['searchfloodtime']; 1693 $query = $db->simple_select("searchlog", "*", "$conditions AND dateline > '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC")); 1694 $last_search = $db->fetch_array($query); 1695 1696 if($last_search) 1697 { 1698 // We shouldn't show remaining time if time is 0 or under. 1699 $remaining_time = $mybb->settings['searchfloodtime']-(TIME_NOW-$last_search['dateline']); 1700 // Users last search was within the flood time, show the error. 1701 if($remaining_time > 0) 1702 { 1703 if($remaining_time == 1) 1704 { 1705 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding_1, $mybb->settings['searchfloodtime']); 1706 } 1707 else 1708 { 1709 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time); 1710 } 1711 error($lang->error_searchflooding); 1712 } 1713 } 1714 } 1715 1716 $search_data = array( 1717 "keywords" => $mybb->input['keywords'], 1718 "postthread" => 1, 1719 "tid" => $mybb->get_input('tid', MyBB::INPUT_INT) 1720 ); 1721 1722 if($db->can_search == true) 1723 { 1724 if($mybb->settings['searchtype'] == "fulltext" && $db->supports_fulltext_boolean("posts") && $db->is_fulltext("posts")) 1725 { 1726 $search_results = perform_search_mysql_ft($search_data); 1727 } 1728 else 1729 { 1730 $search_results = perform_search_mysql($search_data); 1731 } 1732 } 1733 else 1734 { 1735 error($lang->error_no_search_support); 1736 } 1737 $sid = md5(uniqid(microtime(), true)); 1738 $searcharray = array( 1739 "sid" => $db->escape_string($sid), 1740 "uid" => $mybb->user['uid'], 1741 "dateline" => $now, 1742 "ipaddress" => $db->escape_binary($session->packedip), 1743 "threads" => $search_results['threads'], 1744 "posts" => $search_results['posts'], 1745 "resulttype" => 'posts', 1746 "querycache" => $search_results['querycache'], 1747 "keywords" => $db->escape_string($mybb->input['keywords']) 1748 ); 1749 $plugins->run_hooks("search_thread_process"); 1750 1751 $db->insert_query("searchlog", $searcharray); 1752 1753 $plugins->run_hooks("search_do_search_end"); 1754 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1755 } 1756 else 1757 { 1758 $plugins->run_hooks("search_start"); 1759 $srchlist = make_searchable_forums(); 1760 $prefixselect = build_prefix_select('all', 'any', 1); 1761 1762 $rowspan = 5; 1763 1764 $moderator_options = ''; 1765 if(is_moderator()) 1766 { 1767 $rowspan += 2; 1768 eval("\$moderator_options = \"".$templates->get("search_moderator_options")."\";"); 1769 } 1770 1771 $plugins->run_hooks("search_end"); 1772 1773 eval("\$search = \"".$templates->get("search")."\";"); 1774 output_page($search); 1775 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| 2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup | Cross-referenced by PHPXref |