| [ Index ] |
PHP Cross Reference of MyBB 1.8.36 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11 define("IN_MYBB", 1); 12 define("IGNORE_CLEAN_VARS", "sid"); 13 define('THIS_SCRIPT', 'search.php'); 14 15 $templatelist = "search,forumdisplay_thread_gotounread,search_results_threads_thread,search_results_threads,search_results_posts,search_results_posts_post,search_results_icon,search_forumlist_forum,search_forumlist"; 16 $templatelist .= ",multipage,multipage_breadcrumb,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,multipage_start"; 17 $templatelist .= ",search_results_posts_inlinecheck,search_results_posts_nocheck,search_results_threads_inlinecheck,search_results_threads_nocheck,search_results_inlinemodcol,search_results_inlinemodcol_empty,search_results_posts_inlinemoderation_custom_tool"; 18 $templatelist .= ",search_results_posts_inlinemoderation_custom,search_results_posts_inlinemoderation,search_results_threads_inlinemoderation_custom_tool,search_results_threads_inlinemoderation_custom,search_results_threads_inlinemoderation"; 19 $templatelist .= ",forumdisplay_thread_attachment_count,search_threads_inlinemoderation_selectall,search_posts_inlinemoderation_selectall,post_prefixselect_prefix,post_prefixselect_multiple,search_orderarrow"; 20 $templatelist .= ",search_results_posts_forumlink,search_results_threads_forumlink,forumdisplay_thread_multipage_more,forumdisplay_thread_multipage_page,forumdisplay_thread_multipage,search_moderator_options"; 21 22 require_once "./global.php"; 23 require_once MYBB_ROOT."inc/functions_post.php"; 24 require_once MYBB_ROOT."inc/functions_search.php"; 25 require_once MYBB_ROOT."inc/class_parser.php"; 26 $parser = new postParser; 27 28 // Load global language phrases 29 $lang->load("search"); 30 31 add_breadcrumb($lang->nav_search, "search.php"); 32 33 $mybb->input['action'] = $mybb->get_input('action'); 34 switch($mybb->input['action']) 35 { 36 case "results": 37 add_breadcrumb($lang->nav_results); 38 break; 39 default: 40 break; 41 } 42 43 if($mybb->usergroup['cansearch'] == 0) 44 { 45 error_no_permission(); 46 } 47 48 $now = TIME_NOW; 49 $mybb->input['keywords'] = trim($mybb->get_input('keywords')); 50 51 $limitsql = ""; 52 if((int)$mybb->settings['searchhardlimit'] > 0) 53 { 54 $limitsql = "LIMIT ".(int)$mybb->settings['searchhardlimit']; 55 } 56 57 if($mybb->input['action'] == "results") 58 { 59 $sid = $db->escape_string($mybb->get_input('sid')); 60 $query = $db->simple_select("searchlog", "*", "sid='$sid'"); 61 $search = $db->fetch_array($query); 62 63 if(empty($search['sid'])) 64 { 65 error($lang->error_invalidsearch); 66 } 67 68 $plugins->run_hooks("search_results_start"); 69 70 // Decide on our sorting fields and sorting order. 71 $order = my_strtolower(htmlspecialchars_uni($mybb->get_input('order'))); 72 $sortby = my_strtolower(htmlspecialchars_uni($mybb->get_input('sortby'))); 73 74 switch($sortby) 75 { 76 case "replies": 77 $sortfield = "t.replies"; 78 break; 79 case "views": 80 $sortfield = "t.views"; 81 break; 82 case "subject": 83 if($search['resulttype'] == "threads") 84 { 85 $sortfield = "t.subject"; 86 } 87 else 88 { 89 $sortfield = "p.subject"; 90 } 91 break; 92 case "forum": 93 $sortfield = "f.name"; 94 break; 95 case "starter": 96 if($search['resulttype'] == "threads") 97 { 98 $sortfield = "t.username"; 99 } 100 else 101 { 102 $sortfield = "p.username"; 103 } 104 break; 105 case "lastpost": 106 default: 107 if(isset($search['resulttype']) && $search['resulttype'] == "threads") 108 { 109 $sortfield = "t.lastpost"; 110 $sortby = "lastpost"; 111 } 112 else 113 { 114 $sortfield = "p.dateline"; 115 $sortby = "dateline"; 116 } 117 break; 118 } 119 120 if($order != "asc") 121 { 122 $order = "desc"; 123 $oppsortnext = "asc"; 124 $oppsort = $lang->asc; 125 } 126 else 127 { 128 $oppsortnext = "desc"; 129 $oppsort = $lang->desc; 130 } 131 132 if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1) 133 { 134 $mybb->settings['threadsperpage'] = 20; 135 } 136 137 // Work out pagination, which page we're at, as well as the limits. 138 $perpage = $mybb->settings['threadsperpage']; 139 $page = $mybb->get_input('page'); 140 if($page > 0) 141 { 142 $start = ($page-1) * $perpage; 143 } 144 else 145 { 146 $start = 0; 147 $page = 1; 148 } 149 $end = $start + $perpage; 150 $lower = $start+1; 151 $upper = $end; 152 153 // Work out if we have terms to highlight 154 $highlight = ""; 155 if(!empty($search['keywords'])) 156 { 157 if($mybb->seo_support == true) 158 { 159 $highlight = "?highlight=".urlencode($search['keywords']); 160 } 161 else 162 { 163 $highlight = "&highlight=".urlencode($search['keywords']); 164 } 165 } 166 167 $sorturl = "search.php?action=results&sid={$sid}"; 168 $thread_url = ""; 169 $post_url = ""; 170 171 $orderarrow = array('replies' => '', 'views' => '', 'subject' => '', 'forum' => '', 'starter' => '', 'lastpost' => '', 'dateline' => ''); 172 173 eval("\$orderarrow['$sortby'] = \"".$templates->get("search_orderarrow")."\";"); 174 175 // Read some caches we will be using 176 $forumcache = $cache->read("forums"); 177 $icon_cache = $cache->read("posticons"); 178 179 $threads = array(); 180 181 if($mybb->user['uid'] == 0) 182 { 183 // Build a forum cache. 184 $query = $db->query(" 185 SELECT fid 186 FROM ".TABLE_PREFIX."forums 187 WHERE active != 0 188 ORDER BY pid, disporder 189 "); 190 191 if(isset($mybb->cookies['mybb']['forumread'])) 192 { 193 $forumsread = my_unserialize($mybb->cookies['mybb']['forumread'], false); 194 } 195 else 196 { 197 $forumsread = array(); 198 } 199 } 200 else 201 { 202 // Build a forum cache. 203 $query = $db->query(" 204 SELECT f.fid, fr.dateline AS lastread 205 FROM ".TABLE_PREFIX."forums f 206 LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}') 207 WHERE f.active != 0 208 ORDER BY pid, disporder 209 "); 210 } 211 212 while($forum = $db->fetch_array($query)) 213 { 214 if($mybb->user['uid'] == 0) 215 { 216 if(!empty($forumsread[$forum['fid']])) 217 { 218 $forum['lastread'] = $forumsread[$forum['fid']]; 219 } 220 } 221 222 if(isset($forum['lastread'])) 223 { 224 $readforums[$forum['fid']] = $forum['lastread']; 225 } 226 else 227 { 228 $readforums[$forum['fid']] = ''; 229 } 230 } 231 $fpermissions = forum_permissions(); 232 233 // Inline Mod Column for moderators 234 $inlinemodcol = $inlinecookie = $inline_edit_js = ''; 235 $is_mod = $is_supermod = $show_inline_moderation = false; 236 if($mybb->usergroup['issupermod']) 237 { 238 $is_supermod = true; 239 } 240 if($is_supermod || is_moderator()) 241 { 242 $inlinecookie = "inlinemod_search".$sid; 243 $inlinecount = 0; 244 $is_mod = true; 245 $return_url = 'search.php?'.htmlspecialchars_uni($_SERVER['QUERY_STRING']); 246 } 247 248 // Show search results as 'threads' 249 if(isset($search['resulttype']) && $search['resulttype'] == "threads") 250 { 251 $threadcount = 0; 252 253 // Moderators can view unapproved threads and deleted threads from forums they moderate 254 $unapproved_where_t = get_visible_where('t'); 255 256 // If we have saved WHERE conditions, execute them 257 if($search['querycache'] != "") 258 { 259 $where_conditions = $search['querycache']; 260 $query = $db->simple_select("threads t", "t.tid", $where_conditions. " AND ({$unapproved_where_t}) AND t.closed NOT LIKE 'moved|%' ORDER BY t.lastpost DESC {$limitsql}"); 261 while($thread = $db->fetch_array($query)) 262 { 263 $threads[$thread['tid']] = $thread['tid']; 264 $threadcount++; 265 } 266 // Build our list of threads. 267 if($threadcount > 0) 268 { 269 $search['threads'] = implode(",", $threads); 270 } 271 // No results. 272 else 273 { 274 error($lang->error_nosearchresults); 275 } 276 $where_conditions = "t.tid IN (".$search['threads'].")"; 277 } 278 // This search doesn't use a query cache, results stored in search table. 279 else 280 { 281 $where_conditions = "t.tid IN (".$search['threads'].")"; 282 $query = $db->simple_select("threads t", "COUNT(t.tid) AS resultcount", $where_conditions. " AND ({$unapproved_where_t}) AND t.closed NOT LIKE 'moved|%' {$limitsql}"); 283 $count = $db->fetch_array($query); 284 285 if(!$count['resultcount']) 286 { 287 error($lang->error_nosearchresults); 288 } 289 $threadcount = $count['resultcount']; 290 } 291 292 $permsql = ""; 293 $onlyusfids = array(); 294 295 // Check group permissions if we can't view threads not started by us 296 $group_permissions = forum_permissions(); 297 foreach($group_permissions as $fid => $forum_permissions) 298 { 299 if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) 300 { 301 $onlyusfids[] = $fid; 302 } 303 } 304 if(!empty($onlyusfids)) 305 { 306 $permsql .= "AND ((t.fid IN(".implode(',', $onlyusfids).") AND t.uid='{$mybb->user['uid']}') OR t.fid NOT IN(".implode(',', $onlyusfids)."))"; 307 } 308 309 $unsearchforums = get_unsearchable_forums(); 310 if($unsearchforums) 311 { 312 $permsql .= " AND t.fid NOT IN ($unsearchforums)"; 313 } 314 $inactiveforums = get_inactive_forums(); 315 if($inactiveforums) 316 { 317 $permsql .= " AND t.fid NOT IN ($inactiveforums)"; 318 } 319 320 $pages = ceil($threadcount / $perpage); 321 if($page > $pages) 322 { 323 $start = 0; 324 $page = 1; 325 } 326 327 // Begin selecting matching threads, cache them. 328 $sqlarray = array( 329 'order_by' => $sortfield, 330 'order_dir' => $order, 331 'limit_start' => $start, 332 'limit' => $perpage 333 ); 334 $query = $db->query(" 335 SELECT t.*, u.username AS userusername 336 FROM ".TABLE_PREFIX."threads t 337 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=t.uid) 338 LEFT JOIN ".TABLE_PREFIX."forums f ON (t.fid=f.fid) 339 WHERE $where_conditions AND ({$unapproved_where_t}) {$permsql} AND t.closed NOT LIKE 'moved|%' 340 ORDER BY $sortfield $order 341 LIMIT $start, $perpage 342 "); 343 344 $threadprefixes = build_prefixes(); 345 $thread_cache = array(); 346 while($thread = $db->fetch_array($query)) 347 { 348 $thread['threadprefix'] = ''; 349 if($thread['prefix'] && !empty($threadprefixes[$thread['prefix']])) 350 { 351 $thread['threadprefix'] = $threadprefixes[$thread['prefix']]['displaystyle']; 352 } 353 $thread_cache[$thread['tid']] = $thread; 354 } 355 $thread_ids = implode(",", array_keys($thread_cache)); 356 357 if(empty($thread_ids)) 358 { 359 error($lang->error_nosearchresults); 360 } 361 362 // Fetch dot icons if enabled 363 if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] && $thread_cache) 364 { 365 $unapproved_where_p = str_replace('t.', '', $unapproved_where_t); 366 $query = $db->simple_select("posts", "DISTINCT tid,uid", "uid='{$mybb->user['uid']}' AND tid IN({$thread_ids}) AND ({$unapproved_where_p})"); 367 while($thread = $db->fetch_array($query)) 368 { 369 $thread_cache[$thread['tid']]['dot_icon'] = 1; 370 } 371 } 372 373 // Fetch the read threads. 374 if($mybb->user['uid'] && $mybb->settings['threadreadcut'] > 0) 375 { 376 $query = $db->simple_select("threadsread", "tid,dateline", "uid='".$mybb->user['uid']."' AND tid IN(".$thread_ids.")"); 377 while($readthread = $db->fetch_array($query)) 378 { 379 $thread_cache[$readthread['tid']]['lastread'] = $readthread['dateline']; 380 } 381 } 382 383 if(!$mybb->settings['maxmultipagelinks']) 384 { 385 $mybb->settings['maxmultipagelinks'] = 5; 386 } 387 388 $results = ''; 389 390 foreach($thread_cache as $thread) 391 { 392 $bgcolor = alt_trow(); 393 $folder = ''; 394 $prefix = ''; 395 396 // Unapproved colour 397 if($thread['visible'] == 0) 398 { 399 $bgcolor = 'trow_shaded'; 400 } 401 elseif($thread['visible'] == -1) 402 { 403 $bgcolor = 'trow_shaded trow_deleted'; 404 } 405 406 if($thread['userusername']) 407 { 408 $thread['username'] = $thread['userusername']; 409 } 410 $thread['username'] = htmlspecialchars_uni($thread['username']); 411 $thread['profilelink'] = build_profile_link($thread['username'], $thread['uid']); 412 413 // If this thread has a prefix, insert a space between prefix and subject 414 if($thread['prefix'] != 0) 415 { 416 $thread['threadprefix'] .= ' '; 417 } 418 419 $thread['subject'] = $parser->parse_badwords($thread['subject']); 420 $thread['subject'] = htmlspecialchars_uni($thread['subject']); 421 422 if(isset($icon_cache[$thread['icon']])) 423 { 424 $posticon = $icon_cache[$thread['icon']]; 425 $posticon['path'] = str_replace("{theme}", $theme['imgdir'], $posticon['path']); 426 $posticon['path'] = htmlspecialchars_uni($posticon['path']); 427 $posticon['name'] = htmlspecialchars_uni($posticon['name']); 428 eval("\$icon = \"".$templates->get("search_results_icon")."\";"); 429 } 430 else 431 { 432 $icon = " "; 433 } 434 if($thread['poll']) 435 { 436 $prefix = $lang->poll_prefix; 437 } 438 439 // Determine the folder 440 $folder = ''; 441 $folder_label = ''; 442 if(isset($thread['dot_icon'])) 443 { 444 $folder = "dot_"; 445 $folder_label .= $lang->icon_dot; 446 } 447 $gotounread = ''; 448 $isnew = 0; 449 $donenew = 0; 450 $last_read = 0; 451 452 if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid']) 453 { 454 $forum_read = $readforums[$thread['fid']]; 455 456 $read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; 457 if($forum_read == 0 || $forum_read < $read_cutoff) 458 { 459 $forum_read = $read_cutoff; 460 } 461 } 462 else 463 { 464 if(isset($forumsread[$thread['fid']])) 465 { 466 $forum_read = $forumsread[$thread['fid']]; 467 } 468 else 469 { 470 $forum_read = ''; 471 } 472 } 473 474 if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid'] && $thread['lastpost'] > $forum_read) 475 { 476 if(isset($thread['lastread'])) 477 { 478 $last_read = $thread['lastread']; 479 } 480 else 481 { 482 $last_read = $read_cutoff; 483 } 484 } 485 else 486 { 487 $last_read = my_get_array_cookie("threadread", $thread['tid']); 488 } 489 490 if($forum_read > $last_read) 491 { 492 $last_read = $forum_read; 493 } 494 495 if($thread['lastpost'] > $last_read && $last_read) 496 { 497 $folder .= "new"; 498 $new_class = "subject_new"; 499 $folder_label .= $lang->icon_new; 500 $thread['newpostlink'] = get_thread_link($thread['tid'], 0, "newpost").$highlight; 501 eval("\$gotounread = \"".$templates->get("forumdisplay_thread_gotounread")."\";"); 502 $unreadpost = 1; 503 } 504 else 505 { 506 $new_class = 'subject_old'; 507 $folder_label .= $lang->icon_no_new; 508 } 509 510 if($thread['replies'] >= $mybb->settings['hottopic'] || $thread['views'] >= $mybb->settings['hottopicviews']) 511 { 512 $folder .= "hot"; 513 $folder_label .= $lang->icon_hot; 514 } 515 if($thread['closed'] == 1) 516 { 517 $folder .= "close"; 518 $folder_label .= $lang->icon_close; 519 } 520 $folder .= "folder"; 521 522 if(!$mybb->settings['postsperpage'] || (int)$mybb->settings['postsperpage'] < 1) 523 { 524 $mybb->settings['postsperpage'] = 20; 525 } 526 527 $thread['pages'] = 0; 528 $thread['multipage'] = ''; 529 $threadpages = ''; 530 $morelink = ''; 531 $thread['posts'] = $thread['replies'] + 1; 532 if(is_moderator($thread['fid'], "canviewdeleted") == true || is_moderator($thread['fid'], "canviewunapprove") == true) 533 { 534 if(is_moderator($thread['fid'], "canviewdeleted") == true) 535 { 536 $thread['posts'] += $thread['deletedposts']; 537 } 538 if(is_moderator($thread['fid'], "canviewunapprove") == true) 539 { 540 $thread['posts'] += $thread['unapprovedposts']; 541 } 542 } 543 elseif($group_permissions[$thread['fid']]['canviewdeletionnotice'] != 0) 544 { 545 $thread['posts'] += $thread['deletedposts']; 546 } 547 548 if($thread['posts'] > $mybb->settings['postsperpage']) 549 { 550 $thread['pages'] = $thread['posts'] / $mybb->settings['postsperpage']; 551 $thread['pages'] = ceil($thread['pages']); 552 if($thread['pages'] > $mybb->settings['maxmultipagelinks']) 553 { 554 $pagesstop = $mybb->settings['maxmultipagelinks'] - 1; 555 $page_link = get_thread_link($thread['tid'], $thread['pages']).$highlight; 556 eval("\$morelink = \"".$templates->get("forumdisplay_thread_multipage_more")."\";"); 557 } 558 else 559 { 560 $pagesstop = $thread['pages']; 561 } 562 for($i = 1; $i <= $pagesstop; ++$i) 563 { 564 $page_link = get_thread_link($thread['tid'], $i).$highlight; 565 eval("\$threadpages .= \"".$templates->get("forumdisplay_thread_multipage_page")."\";"); 566 } 567 eval("\$thread['multipage'] = \"".$templates->get("forumdisplay_thread_multipage")."\";"); 568 } 569 else 570 { 571 $threadpages = ''; 572 $morelink = ''; 573 $thread['multipage'] = ''; 574 } 575 $lastpostdate = my_date('relative', $thread['lastpost']); 576 $thread['lastpostlink'] = get_thread_link($thread['tid'], 0, "lastpost"); 577 $lastposteruid = $thread['lastposteruid']; 578 if(!$lastposteruid && !$thread['lastposter']) 579 { 580 $lastposter = htmlspecialchars_uni($lang->guest); 581 } 582 else 583 { 584 $lastposter = htmlspecialchars_uni($thread['lastposter']); 585 } 586 $thread_link = get_thread_link($thread['tid']); 587 588 // Don't link to guest's profiles (they have no profile). 589 if($lastposteruid == 0) 590 { 591 $lastposterlink = $lastposter; 592 } 593 else 594 { 595 $lastposterlink = build_profile_link($lastposter, $lastposteruid); 596 } 597 598 $thread['replies'] = my_number_format($thread['replies']); 599 $thread['views'] = my_number_format($thread['views']); 600 601 $thread['forumlink'] = ''; 602 if($forumcache[$thread['fid']]) 603 { 604 $thread['forumlink_link'] = get_forum_link($thread['fid']); 605 $thread['forumlink_name'] = $forumcache[$thread['fid']]['name']; 606 eval("\$thread['forumlink'] = \"".$templates->get("search_results_threads_forumlink")."\";"); 607 } 608 609 // If this user is the author of the thread and it is not closed or they are a moderator, they can edit 610 if(($thread['uid'] == $mybb->user['uid'] && $thread['closed'] != 1 && $mybb->user['uid'] != 0 && $fpermissions[$thread['fid']]['caneditposts'] == 1) || is_moderator($thread['fid'], "caneditposts")) 611 { 612 $inline_edit_class = "subject_editable"; 613 } 614 else 615 { 616 $inline_edit_class = ""; 617 } 618 619 // If this thread has 1 or more attachments show the papperclip 620 if($mybb->settings['enableattachments'] == 1 && $thread['attachmentcount'] > 0) 621 { 622 if($thread['attachmentcount'] > 1) 623 { 624 $attachment_count = $lang->sprintf($lang->attachment_count_multiple, $thread['attachmentcount']); 625 } 626 else 627 { 628 $attachment_count = $lang->attachment_count; 629 } 630 631 eval("\$attachment_count = \"".$templates->get("forumdisplay_thread_attachment_count")."\";"); 632 } 633 else 634 { 635 $attachment_count = ''; 636 } 637 638 $inline_edit_tid = $thread['tid']; 639 640 // Inline thread moderation 641 $inline_mod_checkbox = ''; 642 if($is_supermod || is_moderator($thread['fid'])) 643 { 644 if(isset($mybb->cookies[$inlinecookie]) && my_strpos($mybb->cookies[$inlinecookie], "|{$thread['tid']}|") !== false) 645 { 646 $inlinecheck = "checked=\"checked\""; 647 ++$inlinecount; 648 } 649 else 650 { 651 $inlinecheck = ''; 652 } 653 654 // If this user is allowed to use the inline moderation tools for at least one thread, include the necessary scripts 655 $show_inline_moderation = true; 656 657 eval("\$inline_mod_checkbox = \"".$templates->get("search_results_threads_inlinecheck")."\";"); 658 } 659 elseif($is_mod) 660 { 661 eval("\$inline_mod_checkbox = \"".$templates->get("search_results_threads_nocheck")."\";"); 662 } 663 664 $plugins->run_hooks("search_results_thread"); 665 eval("\$results .= \"".$templates->get("search_results_threads_thread")."\";"); 666 } 667 if(!$results) 668 { 669 error($lang->error_nosearchresults); 670 } 671 $multipage = multipage($threadcount, $perpage, $page, "search.php?action=results&sid=$sid&sortby=$sortby&order=$order&uid=".$mybb->get_input('uid', MyBB::INPUT_INT)); 672 if($upper > $threadcount) 673 { 674 $upper = $threadcount; 675 } 676 677 $selectall = ''; 678 $inlinemod = ''; 679 680 // Inline Thread Moderation Options 681 if($show_inline_moderation) 682 { 683 eval("\$inlinemodcol = \"".$templates->get("search_results_inlinemodcol")."\";"); 684 685 // If user has moderation tools available, prepare the Select All feature 686 $lang->page_selected = $lang->sprintf($lang->page_selected, count($thread_cache)); 687 $lang->all_selected = $lang->sprintf($lang->all_selected, (int)$threadcount); 688 $lang->select_all = $lang->sprintf($lang->select_all, (int)$threadcount); 689 eval("\$selectall = \"".$templates->get("search_threads_inlinemoderation_selectall")."\";"); 690 691 $customthreadtools = ''; 692 switch($db->type) 693 { 694 case "pgsql": 695 case "sqlite": 696 $query = $db->simple_select("modtools", "tid, name", "type='t' AND (','||forums||',' LIKE '%,-1,%' OR forums='')"); 697 break; 698 default: 699 $query = $db->simple_select("modtools", "tid, name", "type='t' AND (CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='')"); 700 } 701 702 while($tool = $db->fetch_array($query)) 703 { 704 $tool['name'] = htmlspecialchars_uni($tool['name']); 705 eval("\$customthreadtools .= \"".$templates->get("search_results_threads_inlinemoderation_custom_tool")."\";"); 706 } 707 // Build inline moderation dropdown 708 if(!empty($customthreadtools)) 709 { 710 eval("\$customthreadtools = \"".$templates->get("search_results_threads_inlinemoderation_custom")."\";"); 711 } 712 eval("\$inlinemod = \"".$templates->get("search_results_threads_inlinemoderation")."\";"); 713 } 714 elseif($is_mod) 715 { 716 eval("\$inlinemodcol = \"".$templates->get("search_results_inlinemodcol_empty")."\";"); 717 } 718 719 $plugins->run_hooks("search_results_end"); 720 721 eval("\$searchresults = \"".$templates->get("search_results_threads")."\";"); 722 output_page($searchresults); 723 } 724 else // Displaying results as posts 725 { 726 if(empty($search['posts'])) 727 { 728 error($lang->error_nosearchresults); 729 } 730 731 $postcount = 0; 732 733 // Moderators can view unapproved threads and deleted threads from forums they moderate 734 $unapproved_where = get_visible_where(); 735 736 $post_cache_options = array(); 737 if((int)$mybb->settings['searchhardlimit'] > 0) 738 { 739 $post_cache_options['limit'] = (int)$mybb->settings['searchhardlimit']; 740 } 741 742 if(strpos($sortfield, 'p.') !== false) 743 { 744 $post_cache_options['order_by'] = str_replace('p.', '', $sortfield); 745 $post_cache_options['order_dir'] = $order; 746 } 747 748 $tids = array(); 749 $pids = array(); 750 // Make sure the posts we're viewing we have permission to view. 751 $query = $db->simple_select("posts", "pid, tid", "pid IN(".$db->escape_string($search['posts']).") AND ({$unapproved_where})", $post_cache_options); 752 while($post = $db->fetch_array($query)) 753 { 754 $pids[$post['pid']] = $post['tid']; 755 $tids[$post['tid']][$post['pid']] = $post['pid']; 756 } 757 758 if(!empty($pids)) 759 { 760 $temp_pids = array(); 761 762 $group_permissions = forum_permissions(); 763 $permsql = ''; 764 $onlyusfids = array(); 765 766 foreach($group_permissions as $fid => $forum_permissions) 767 { 768 if(!empty($forum_permissions['canonlyviewownthreads'])) 769 { 770 $onlyusfids[] = $fid; 771 } 772 } 773 774 if($onlyusfids) 775 { 776 $permsql .= " OR (fid IN(".implode(',', $onlyusfids).") AND uid!={$mybb->user['uid']})"; 777 } 778 $unsearchforums = get_unsearchable_forums(); 779 if($unsearchforums) 780 { 781 $permsql .= " OR fid IN ($unsearchforums)"; 782 } 783 $inactiveforums = get_inactive_forums(); 784 if($inactiveforums) 785 { 786 $permsql .= " OR fid IN ($inactiveforums)"; 787 } 788 789 // Find threads in our list that we don't have permission to view and remove them 790 $query = $db->simple_select("threads", "tid", "tid IN(".$db->escape_string(implode(',', array_keys($tids))).") AND (NOT ({$unapproved_where}){$permsql} OR closed LIKE 'moved|%')"); 791 while($thread = $db->fetch_array($query)) 792 { 793 if(array_key_exists($thread['tid'], $tids)) 794 { 795 $temp_pids = $tids[$thread['tid']]; 796 foreach($temp_pids as $pid) 797 { 798 unset($pids[$pid]); 799 unset($tids[$thread['tid']]); 800 } 801 unset($tids[$thread['tid']]); 802 } 803 } 804 unset($temp_pids); 805 } 806 807 // Declare our post count 808 $postcount = count($pids); 809 810 if(!$postcount) 811 { 812 error($lang->error_nosearchresults); 813 } 814 815 // And now we have our sanatized post list 816 $search['posts'] = implode(',', array_keys($pids)); 817 818 $tids = implode(",", array_keys($tids)); 819 820 // Read threads 821 if($mybb->user['uid'] && $mybb->settings['threadreadcut'] > 0) 822 { 823 $query = $db->simple_select("threadsread", "tid, dateline", "uid='".$mybb->user['uid']."' AND tid IN(".$db->escape_string($tids).")"); 824 while($readthread = $db->fetch_array($query)) 825 { 826 $readthreads[$readthread['tid']] = $readthread['dateline']; 827 } 828 } 829 830 $dot_icon = array(); 831 if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] != 0) 832 { 833 $query = $db->simple_select("posts", "DISTINCT tid,uid", "uid='{$mybb->user['uid']}' AND tid IN({$db->escape_string($tids)}) AND ({$unapproved_where})"); 834 while($post = $db->fetch_array($query)) 835 { 836 $dot_icon[$post['tid']] = true; 837 } 838 } 839 840 $results = ''; 841 842 $pages = ceil($postcount / $perpage); 843 if($page > $pages) 844 { 845 $start = 0; 846 $page = 1; 847 } 848 849 $query = $db->query(" 850 SELECT p.*, u.username AS userusername, t.subject AS thread_subject, t.replies AS thread_replies, t.views AS thread_views, t.lastpost AS thread_lastpost, t.closed AS thread_closed, t.uid as thread_uid 851 FROM ".TABLE_PREFIX."posts p 852 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) 853 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid) 854 LEFT JOIN ".TABLE_PREFIX."forums f ON (t.fid=f.fid) 855 WHERE p.pid IN (".$db->escape_string($search['posts']).") 856 ORDER BY $sortfield $order 857 LIMIT $start, $perpage 858 "); 859 while($post = $db->fetch_array($query)) 860 { 861 $bgcolor = alt_trow(); 862 if($post['visible'] == 0) 863 { 864 $bgcolor = 'trow_shaded'; 865 } 866 elseif($post['visible'] == -1) 867 { 868 $bgcolor = 'trow_shaded trow_deleted'; 869 } 870 if($post['userusername']) 871 { 872 $post['username'] = $post['userusername']; 873 } 874 $post['username'] = htmlspecialchars_uni($post['username']); 875 $post['profilelink'] = build_profile_link($post['username'], $post['uid']); 876 $post['subject'] = $parser->parse_badwords($post['subject']); 877 $post['thread_subject'] = $parser->parse_badwords($post['thread_subject']); 878 $post['thread_subject'] = htmlspecialchars_uni($post['thread_subject']); 879 880 if(isset($icon_cache[$post['icon']])) 881 { 882 $posticon = $icon_cache[$post['icon']]; 883 $posticon['path'] = str_replace("{theme}", $theme['imgdir'], $posticon['path']); 884 $posticon['path'] = htmlspecialchars_uni($posticon['path']); 885 $posticon['name'] = htmlspecialchars_uni($posticon['name']); 886 eval("\$icon = \"".$templates->get("search_results_icon")."\";"); 887 } 888 else 889 { 890 $icon = " "; 891 } 892 893 $post['forumlink'] = ''; 894 if(!empty($forumcache[$post['fid']])) 895 { 896 $post['forumlink_link'] = get_forum_link($post['fid']); 897 $post['forumlink_name'] = $forumcache[$post['fid']]['name']; 898 eval("\$post['forumlink'] = \"".$templates->get("search_results_posts_forumlink")."\";"); 899 } 900 901 // Determine the folder 902 $folder = ''; 903 $folder_label = ''; 904 $gotounread = ''; 905 $isnew = 0; 906 $donenew = 0; 907 $last_read = 0; 908 909 if(isset($readthreads[$post['tid']])) 910 { 911 $post['thread_lastread'] = $readthreads[$post['tid']]; 912 } 913 else 914 { 915 $post['thread_lastread'] = ''; 916 } 917 918 if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid']) 919 { 920 $forum_read = $readforums[$post['fid']]; 921 922 $read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; 923 if($forum_read == 0 || $forum_read < $read_cutoff) 924 { 925 $forum_read = $read_cutoff; 926 } 927 } 928 else 929 { 930 if(isset($forumsread[$post['fid']])) 931 { 932 $forum_read = $forumsread[$post['fid']]; 933 } 934 else 935 { 936 $forum_read = ''; 937 } 938 } 939 940 if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid'] && $post['thread_lastpost'] > $forum_read) 941 { 942 $cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; 943 if($post['thread_lastpost'] > $cutoff) 944 { 945 if($post['thread_lastread']) 946 { 947 $last_read = $post['thread_lastread']; 948 } 949 else 950 { 951 $last_read = 1; 952 } 953 } 954 } 955 956 if(isset($dot_icon[$post['tid']])) 957 { 958 $folder = "dot_"; 959 $folder_label .= $lang->icon_dot; 960 } 961 962 if(!$last_read) 963 { 964 $readcookie = $threadread = my_get_array_cookie("threadread", $post['tid']); 965 if($readcookie > $forum_read) 966 { 967 $last_read = $readcookie; 968 } 969 elseif($forum_read > $mybb->user['lastvisit']) 970 { 971 $last_read = $forum_read; 972 } 973 else 974 { 975 $last_read = $mybb->user['lastvisit']; 976 } 977 } 978 979 if($post['thread_lastpost'] > $last_read && $last_read) 980 { 981 $folder .= "new"; 982 $folder_label .= $lang->icon_new; 983 eval("\$gotounread = \"".$templates->get("forumdisplay_thread_gotounread")."\";"); 984 $unreadpost = 1; 985 } 986 else 987 { 988 $folder_label .= $lang->icon_no_new; 989 } 990 991 if($post['thread_replies'] >= $mybb->settings['hottopic'] || $post['thread_views'] >= $mybb->settings['hottopicviews']) 992 { 993 $folder .= "hot"; 994 $folder_label .= $lang->icon_hot; 995 } 996 if($post['thread_closed'] == 1) 997 { 998 $folder .= "close"; 999 $folder_label .= $lang->icon_close; 1000 } 1001 $folder .= "folder"; 1002 1003 $post['thread_replies'] = my_number_format($post['thread_replies']); 1004 $post['thread_views'] = my_number_format($post['thread_views']); 1005 1006 $post['forumlink'] = ''; 1007 if($forumcache[$post['fid']]) 1008 { 1009 $post['forumlink_link'] = get_forum_link($post['fid']); 1010 $post['forumlink_name'] = $forumcache[$post['fid']]['name']; 1011 eval("\$post['forumlink'] = \"".$templates->get("search_results_posts_forumlink")."\";"); 1012 } 1013 1014 if(!$post['subject']) 1015 { 1016 $post['subject'] = $post['message']; 1017 } 1018 if(my_strlen($post['subject']) > 50) 1019 { 1020 $post['subject'] = htmlspecialchars_uni(my_substr($post['subject'], 0, 50)."..."); 1021 } 1022 else 1023 { 1024 $post['subject'] = htmlspecialchars_uni($post['subject']); 1025 } 1026 // What we do here is parse the post using our post parser, then strip the tags from it 1027 $parser_options = array( 1028 'allow_html' => 0, 1029 'allow_mycode' => 1, 1030 'allow_smilies' => 0, 1031 'allow_imgcode' => 0, 1032 'me_username' => $post['username'], 1033 'filter_badwords' => 1 1034 ); 1035 $post['message'] = strip_tags($parser->text_parse_message($post['message'], $parser_options)); 1036 if(my_strlen($post['message']) > 200) 1037 { 1038 $prev = my_substr($post['message'], 0, 200)."..."; 1039 } 1040 else 1041 { 1042 $prev = $post['message']; 1043 } 1044 $posted = my_date('relative', $post['dateline']); 1045 1046 $thread_url = get_thread_link($post['tid']); 1047 $post_url = get_post_link($post['pid'], $post['tid']); 1048 1049 // Inline post moderation 1050 $inline_mod_checkbox = ''; 1051 if($is_supermod || is_moderator($post['fid'])) 1052 { 1053 if(isset($mybb->cookies[$inlinecookie]) && my_strpos($mybb->cookies[$inlinecookie], "|{$post['pid']}|") !== false) 1054 { 1055 $inlinecheck = "checked=\"checked\""; 1056 ++$inlinecount; 1057 } 1058 else 1059 { 1060 $inlinecheck = ''; 1061 } 1062 1063 $show_inline_moderation = true; 1064 1065 eval("\$inline_mod_checkbox = \"".$templates->get("search_results_posts_inlinecheck")."\";"); 1066 } 1067 elseif($is_mod) 1068 { 1069 eval("\$inline_mod_checkbox = \"".$templates->get("search_results_posts_nocheck")."\";"); 1070 } 1071 1072 $plugins->run_hooks("search_results_post"); 1073 eval("\$results .= \"".$templates->get("search_results_posts_post")."\";"); 1074 } 1075 if(!$results) 1076 { 1077 error($lang->error_nosearchresults); 1078 } 1079 $multipage = multipage($postcount, $perpage, $page, "search.php?action=results&sid=".htmlspecialchars_uni($mybb->get_input('sid'))."&sortby=$sortby&order=$order&uid=".$mybb->get_input('uid', MyBB::INPUT_INT)); 1080 if($upper > $postcount) 1081 { 1082 $upper = $postcount; 1083 } 1084 1085 $selectall = ''; 1086 $inlinemod = ''; 1087 1088 // Inline Post Moderation Options 1089 if($show_inline_moderation) 1090 { 1091 eval("\$inlinemodcol = \"".$templates->get("search_results_inlinemodcol")."\";"); 1092 1093 // If user has moderation tools available, prepare the Select All feature 1094 $num_results = $db->num_rows($query); 1095 $lang->page_selected = $lang->sprintf($lang->page_selected, (int)$num_results); 1096 $lang->select_all = $lang->sprintf($lang->select_all, (int)$postcount); 1097 $lang->all_selected = $lang->sprintf($lang->all_selected, (int)$postcount); 1098 eval("\$selectall = \"".$templates->get("search_posts_inlinemoderation_selectall")."\";"); 1099 1100 $customthreadtools = $customposttools = ''; 1101 switch($db->type) 1102 { 1103 case "pgsql": 1104 case "sqlite": 1105 $query = $db->simple_select("modtools", "tid, name, type", "type='p' AND (','||forums||',' LIKE '%,-1,%' OR forums='')"); 1106 break; 1107 default: 1108 $query = $db->simple_select("modtools", "tid, name, type", "type='p' AND (CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='')"); 1109 } 1110 1111 while($tool = $db->fetch_array($query)) 1112 { 1113 eval("\$customposttools .= \"".$templates->get("search_results_posts_inlinemoderation_custom_tool")."\";"); 1114 } 1115 // Build inline moderation dropdown 1116 if(!empty($customposttools)) 1117 { 1118 eval("\$customposttools = \"".$templates->get("search_results_posts_inlinemoderation_custom")."\";"); 1119 } 1120 eval("\$inlinemod = \"".$templates->get("search_results_posts_inlinemoderation")."\";"); 1121 } 1122 elseif($is_mod) 1123 { 1124 eval("\$inlinemodcol = \"".$templates->get("search_results_inlinemodcol_empty")."\";"); 1125 } 1126 1127 $plugins->run_hooks("search_results_end"); 1128 1129 eval("\$searchresults = \"".$templates->get("search_results_posts")."\";"); 1130 output_page($searchresults); 1131 } 1132 } 1133 elseif($mybb->input['action'] == "findguest") 1134 { 1135 $where_sql = "uid='0'"; 1136 1137 $unsearchforums = get_unsearchable_forums(); 1138 if($unsearchforums) 1139 { 1140 $where_sql .= " AND fid NOT IN ($unsearchforums)"; 1141 } 1142 $inactiveforums = get_inactive_forums(); 1143 if($inactiveforums) 1144 { 1145 $where_sql .= " AND fid NOT IN ($inactiveforums)"; 1146 } 1147 1148 // Moderators can view unapproved threads and deleted threads from forums they moderate 1149 $unapproved_where = get_visible_where(); 1150 $where_sql .= " AND ({$unapproved_where})"; 1151 1152 $permsql = ""; 1153 $onlyusfids = array(); 1154 1155 // Check group permissions if we can't view threads not started by us 1156 $group_permissions = forum_permissions(); 1157 foreach($group_permissions as $fid => $forum_permissions) 1158 { 1159 if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) 1160 { 1161 $onlyusfids[] = $fid; 1162 } 1163 } 1164 if(!empty($onlyusfids)) 1165 { 1166 $where_sql .= " AND fid NOT IN(".implode(',', $onlyusfids).")"; 1167 } 1168 1169 $options = array( 1170 'order_by' => 'dateline DESC, pid DESC', 1171 ); 1172 1173 // Do we have a hard search limit? 1174 if($mybb->settings['searchhardlimit'] > 0) 1175 { 1176 $options['limit'] = (int)$mybb->settings['searchhardlimit']; 1177 } 1178 1179 $pids = ''; 1180 $comma = ''; 1181 $query = $db->simple_select("posts", "pid", "{$where_sql}", $options); 1182 while($pid = $db->fetch_field($query, "pid")) 1183 { 1184 $pids .= $comma.$pid; 1185 $comma = ','; 1186 } 1187 1188 $tids = ''; 1189 $comma = ''; 1190 $query = $db->simple_select("threads", "tid", $where_sql); 1191 while($tid = $db->fetch_field($query, "tid")) 1192 { 1193 $tids .= $comma.$tid; 1194 $comma = ','; 1195 } 1196 1197 $sid = md5(uniqid(microtime(), true)); 1198 $searcharray = array( 1199 "sid" => $db->escape_string($sid), 1200 "uid" => $mybb->user['uid'], 1201 "dateline" => TIME_NOW, 1202 "ipaddress" => $db->escape_binary($session->packedip), 1203 "threads" => $db->escape_string($tids), 1204 "posts" => $db->escape_string($pids), 1205 "resulttype" => "posts", 1206 "querycache" => '', 1207 "keywords" => '' 1208 ); 1209 $plugins->run_hooks("search_do_search_process"); 1210 $db->insert_query("searchlog", $searcharray); 1211 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1212 } 1213 elseif($mybb->input['action'] == "finduser") 1214 { 1215 $where_sql = "uid='".$mybb->get_input('uid', MyBB::INPUT_INT)."'"; 1216 1217 $unsearchforums = get_unsearchable_forums(); 1218 if($unsearchforums) 1219 { 1220 $where_sql .= " AND fid NOT IN ($unsearchforums)"; 1221 } 1222 $inactiveforums = get_inactive_forums(); 1223 if($inactiveforums) 1224 { 1225 $where_sql .= " AND fid NOT IN ($inactiveforums)"; 1226 } 1227 1228 // Moderators can view unapproved threads and deleted threads from forums they moderate 1229 $unapproved_where = get_visible_where(); 1230 $where_sql .= " AND ({$unapproved_where})"; 1231 1232 $permsql = ""; 1233 $onlyusfids = array(); 1234 1235 // Check group permissions if we can't view threads not started by us 1236 $group_permissions = forum_permissions(); 1237 foreach($group_permissions as $fid => $forum_permissions) 1238 { 1239 if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) 1240 { 1241 $onlyusfids[] = $fid; 1242 } 1243 } 1244 if(!empty($onlyusfids)) 1245 { 1246 $where_sql .= "AND ((fid IN(".implode(',', $onlyusfids).") AND uid='{$mybb->user['uid']}') OR fid NOT IN(".implode(',', $onlyusfids)."))"; 1247 } 1248 1249 $options = array( 1250 'order_by' => 'dateline DESC, pid DESC', 1251 ); 1252 1253 // Do we have a hard search limit? 1254 if($mybb->settings['searchhardlimit'] > 0) 1255 { 1256 $options['limit'] = (int)$mybb->settings['searchhardlimit']; 1257 } 1258 1259 $pids = ''; 1260 $comma = ''; 1261 $query = $db->simple_select("posts", "pid", "{$where_sql}", $options); 1262 while($pid = $db->fetch_field($query, "pid")) 1263 { 1264 $pids .= $comma.$pid; 1265 $comma = ','; 1266 } 1267 1268 $tids = ''; 1269 $comma = ''; 1270 $query = $db->simple_select("threads", "tid", $where_sql); 1271 while($tid = $db->fetch_field($query, "tid")) 1272 { 1273 $tids .= $comma.$tid; 1274 $comma = ','; 1275 } 1276 1277 $sid = md5(uniqid(microtime(), true)); 1278 $searcharray = array( 1279 "sid" => $db->escape_string($sid), 1280 "uid" => $mybb->user['uid'], 1281 "dateline" => TIME_NOW, 1282 "ipaddress" => $db->escape_binary($session->packedip), 1283 "threads" => $db->escape_string($tids), 1284 "posts" => $db->escape_string($pids), 1285 "resulttype" => "posts", 1286 "querycache" => '', 1287 "keywords" => '' 1288 ); 1289 $plugins->run_hooks("search_do_search_process"); 1290 $db->insert_query("searchlog", $searcharray); 1291 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1292 } 1293 elseif($mybb->input['action'] == "finduserthreads") 1294 { 1295 $where_sql = "uid='".$mybb->get_input('uid', MyBB::INPUT_INT)."'"; 1296 1297 $unsearchforums = get_unsearchable_forums(); 1298 if($unsearchforums) 1299 { 1300 $where_sql .= " AND fid NOT IN ($unsearchforums)"; 1301 } 1302 $inactiveforums = get_inactive_forums(); 1303 if($inactiveforums) 1304 { 1305 $where_sql .= " AND fid NOT IN ($inactiveforums)"; 1306 } 1307 1308 // Moderators can view unapproved threads and deleted threads from forums they moderate 1309 $unapproved_where = get_visible_where(); 1310 $where_sql .= " AND ({$unapproved_where})"; 1311 1312 $permsql = ""; 1313 $onlyusfids = array(); 1314 1315 // Check group permissions if we can't view threads not started by us 1316 $group_permissions = forum_permissions(); 1317 foreach($group_permissions as $fid => $forum_permissions) 1318 { 1319 if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) 1320 { 1321 $onlyusfids[] = $fid; 1322 } 1323 } 1324 if(!empty($onlyusfids)) 1325 { 1326 $where_sql .= "AND ((fid IN(".implode(',', $onlyusfids).") AND uid='{$mybb->user['uid']}') OR fid NOT IN(".implode(',', $onlyusfids)."))"; 1327 } 1328 1329 $tids = ''; 1330 $comma = ''; 1331 $query = $db->simple_select("threads", "tid", $where_sql); 1332 while($tid = $db->fetch_field($query, "tid")) 1333 { 1334 $tids .= $comma.$tid; 1335 $comma = ','; 1336 } 1337 1338 $sid = md5(uniqid(microtime(), true)); 1339 $searcharray = array( 1340 "sid" => $db->escape_string($sid), 1341 "uid" => $mybb->user['uid'], 1342 "dateline" => TIME_NOW, 1343 "ipaddress" => $db->escape_binary($session->packedip), 1344 "threads" => $db->escape_string($tids), 1345 "posts" => '', 1346 "resulttype" => "threads", 1347 "querycache" => $db->escape_string($where_sql), 1348 "keywords" => '' 1349 ); 1350 $plugins->run_hooks("search_do_search_process"); 1351 $db->insert_query("searchlog", $searcharray); 1352 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1353 } 1354 elseif($mybb->input['action'] == "getnew") 1355 { 1356 1357 $where_sql = "lastpost >= '".(int)$mybb->user['lastvisit']."'"; 1358 1359 if($mybb->get_input('fid', MyBB::INPUT_INT)) 1360 { 1361 $where_sql .= " AND fid='".$mybb->get_input('fid', MyBB::INPUT_INT)."'"; 1362 } 1363 else if($mybb->get_input('fids')) 1364 { 1365 $fids = explode(',', $mybb->get_input('fids')); 1366 foreach($fids as $key => $fid) 1367 { 1368 $fids[$key] = (int)$fid; 1369 } 1370 1371 if(!empty($fids)) 1372 { 1373 $where_sql .= " AND fid IN (".implode(',', $fids).")"; 1374 } 1375 } 1376 1377 $unsearchforums = get_unsearchable_forums(); 1378 if($unsearchforums) 1379 { 1380 $where_sql .= " AND fid NOT IN ($unsearchforums)"; 1381 } 1382 $inactiveforums = get_inactive_forums(); 1383 if($inactiveforums) 1384 { 1385 $where_sql .= " AND fid NOT IN ($inactiveforums)"; 1386 } 1387 1388 // Moderators can view unapproved threads and deleted threads from forums they moderate 1389 $unapproved_where = get_visible_where(); 1390 $where_sql .= " AND ({$unapproved_where})"; 1391 1392 $permsql = ""; 1393 $onlyusfids = array(); 1394 1395 // Check group permissions if we can't view threads not started by us 1396 $group_permissions = forum_permissions(); 1397 foreach($group_permissions as $fid => $forum_permissions) 1398 { 1399 if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) 1400 { 1401 $onlyusfids[] = $fid; 1402 } 1403 } 1404 if(!empty($onlyusfids)) 1405 { 1406 $where_sql .= "AND ((fid IN(".implode(',', $onlyusfids).") AND uid='{$mybb->user['uid']}') OR fid NOT IN(".implode(',', $onlyusfids)."))"; 1407 } 1408 1409 $tids = ''; 1410 $comma = ''; 1411 $query = $db->simple_select("threads", "tid", $where_sql); 1412 while($tid = $db->fetch_field($query, "tid")) 1413 { 1414 $tids .= $comma.$tid; 1415 $comma = ','; 1416 } 1417 1418 $sid = md5(uniqid(microtime(), true)); 1419 $searcharray = array( 1420 "sid" => $db->escape_string($sid), 1421 "uid" => $mybb->user['uid'], 1422 "dateline" => TIME_NOW, 1423 "ipaddress" => $db->escape_binary($session->packedip), 1424 "threads" => $db->escape_string($tids), 1425 "posts" => '', 1426 "resulttype" => "threads", 1427 "querycache" => $db->escape_string($where_sql), 1428 "keywords" => '' 1429 ); 1430 1431 $plugins->run_hooks("search_do_search_process"); 1432 $db->insert_query("searchlog", $searcharray); 1433 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1434 } 1435 elseif($mybb->input['action'] == "getdaily") 1436 { 1437 if($mybb->get_input('days', MyBB::INPUT_INT) < 1) 1438 { 1439 $days = 1; 1440 } 1441 else 1442 { 1443 $days = $mybb->get_input('days', MyBB::INPUT_INT); 1444 } 1445 $datecut = TIME_NOW-(86400*$days); 1446 1447 $where_sql = "lastpost >='".$datecut."'"; 1448 1449 if($mybb->get_input('fid', MyBB::INPUT_INT)) 1450 { 1451 $where_sql .= " AND fid='".$mybb->get_input('fid', MyBB::INPUT_INT)."'"; 1452 } 1453 else if($mybb->get_input('fids')) 1454 { 1455 $fids = explode(',', $mybb->get_input('fids')); 1456 foreach($fids as $key => $fid) 1457 { 1458 $fids[$key] = (int)$fid; 1459 } 1460 1461 if(!empty($fids)) 1462 { 1463 $where_sql .= " AND fid IN (".implode(',', $fids).")"; 1464 } 1465 } 1466 1467 $unsearchforums = get_unsearchable_forums(); 1468 if($unsearchforums) 1469 { 1470 $where_sql .= " AND fid NOT IN ($unsearchforums)"; 1471 } 1472 $inactiveforums = get_inactive_forums(); 1473 if($inactiveforums) 1474 { 1475 $where_sql .= " AND fid NOT IN ($inactiveforums)"; 1476 } 1477 1478 // Moderators can view unapproved threads and deleted threads from forums they moderate 1479 $unapproved_where = get_visible_where(); 1480 $where_sql .= " AND ({$unapproved_where})"; 1481 1482 $permsql = ""; 1483 $onlyusfids = array(); 1484 1485 // Check group permissions if we can't view threads not started by us 1486 $group_permissions = forum_permissions(); 1487 foreach($group_permissions as $fid => $forum_permissions) 1488 { 1489 if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) 1490 { 1491 $onlyusfids[] = $fid; 1492 } 1493 } 1494 if(!empty($onlyusfids)) 1495 { 1496 $where_sql .= "AND ((fid IN(".implode(',', $onlyusfids).") AND uid='{$mybb->user['uid']}') OR fid NOT IN(".implode(',', $onlyusfids)."))"; 1497 } 1498 1499 $tids = ''; 1500 $comma = ''; 1501 $query = $db->simple_select("threads", "tid", $where_sql); 1502 while($tid = $db->fetch_field($query, "tid")) 1503 { 1504 $tids .= $comma.$tid; 1505 $comma = ','; 1506 } 1507 1508 $sid = md5(uniqid(microtime(), true)); 1509 $searcharray = array( 1510 "sid" => $db->escape_string($sid), 1511 "uid" => $mybb->user['uid'], 1512 "dateline" => TIME_NOW, 1513 "ipaddress" => $db->escape_binary($session->packedip), 1514 "threads" => $db->escape_string($tids), 1515 "posts" => '', 1516 "resulttype" => "threads", 1517 "querycache" => $db->escape_string($where_sql), 1518 "keywords" => '' 1519 ); 1520 1521 $plugins->run_hooks("search_do_search_process"); 1522 $db->insert_query("searchlog", $searcharray); 1523 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1524 } 1525 elseif($mybb->input['action'] == "do_search") 1526 { 1527 $plugins->run_hooks("search_do_search_start"); 1528 1529 // Check if search flood checking is enabled and user is not admin 1530 if($mybb->settings['searchfloodtime'] > 0 && $mybb->usergroup['cancp'] != 1) 1531 { 1532 // Fetch the time this user last searched 1533 if($mybb->user['uid']) 1534 { 1535 $conditions = "uid='{$mybb->user['uid']}'"; 1536 } 1537 else 1538 { 1539 $conditions = "uid='0' AND ipaddress=".$db->escape_binary($session->packedip); 1540 } 1541 $timecut = TIME_NOW-$mybb->settings['searchfloodtime']; 1542 $query = $db->simple_select("searchlog", "*", "$conditions AND dateline > '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC")); 1543 $last_search = $db->fetch_array($query); 1544 // Users last search was within the flood time, show the error 1545 if(!empty($last_search['sid'])) 1546 { 1547 $remaining_time = $mybb->settings['searchfloodtime']-(TIME_NOW-$last_search['dateline']); 1548 if($remaining_time == 1) 1549 { 1550 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding_1, $mybb->settings['searchfloodtime']); 1551 } 1552 else 1553 { 1554 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time); 1555 } 1556 error($lang->error_searchflooding); 1557 } 1558 } 1559 if($mybb->get_input('showresults') == "threads") 1560 { 1561 $resulttype = "threads"; 1562 } 1563 else 1564 { 1565 $resulttype = "posts"; 1566 } 1567 1568 if(isset($mybb->input['forums']) && is_array($mybb->input['forums'])) 1569 { 1570 $forums = $mybb->get_input('forums', MyBB::INPUT_ARRAY); 1571 } 1572 else 1573 { 1574 $forums = array($mybb->get_input('forums')); 1575 } 1576 1577 $search_data = array( 1578 "keywords" => $mybb->input['keywords'], 1579 "author" => $mybb->get_input('author'), 1580 "postthread" => $mybb->get_input('postthread', MyBB::INPUT_INT), 1581 "matchusername" => $mybb->get_input('matchusername', MyBB::INPUT_INT), 1582 "postdate" => $mybb->get_input('postdate', MyBB::INPUT_INT), 1583 "pddir" => $mybb->get_input('pddir', MyBB::INPUT_INT), 1584 "forums" => $forums, 1585 "findthreadst" => $mybb->get_input('findthreadst', MyBB::INPUT_INT), 1586 "numreplies" => $mybb->get_input('numreplies', MyBB::INPUT_INT), 1587 "threadprefix" => $mybb->get_input('threadprefix', MyBB::INPUT_ARRAY) 1588 ); 1589 1590 if(is_moderator() && !empty($mybb->input['visible'])) 1591 { 1592 $search_data['visible'] = $mybb->get_input('visible', MyBB::INPUT_INT); 1593 } 1594 1595 if($db->can_search == true) 1596 { 1597 if($mybb->settings['searchtype'] == "fulltext" && $db->supports_fulltext_boolean("posts") && $db->is_fulltext("posts")) 1598 { 1599 $search_results = perform_search_mysql_ft($search_data); 1600 } 1601 else 1602 { 1603 $search_results = perform_search_mysql($search_data); 1604 } 1605 } 1606 else 1607 { 1608 error($lang->error_no_search_support); 1609 } 1610 $sid = md5(uniqid(microtime(), true)); 1611 $searcharray = array( 1612 "sid" => $db->escape_string($sid), 1613 "uid" => $mybb->user['uid'], 1614 "dateline" => $now, 1615 "ipaddress" => $db->escape_binary($session->packedip), 1616 "threads" => $search_results['threads'], 1617 "posts" => $search_results['posts'], 1618 "resulttype" => $resulttype, 1619 "querycache" => $search_results['querycache'], 1620 "keywords" => $db->escape_string($mybb->input['keywords']), 1621 ); 1622 $plugins->run_hooks("search_do_search_process"); 1623 1624 $db->insert_query("searchlog", $searcharray); 1625 1626 if(my_strtolower($mybb->get_input('sortordr')) == "asc" || my_strtolower($mybb->get_input('sortordr') == "desc")) 1627 { 1628 $sortorder = $mybb->get_input('sortordr'); 1629 } 1630 else 1631 { 1632 $sortorder = "desc"; 1633 } 1634 $sortby = htmlspecialchars_uni($mybb->get_input('sortby')); 1635 $plugins->run_hooks("search_do_search_end"); 1636 redirect("search.php?action=results&sid=".$sid."&sortby=".$sortby."&order=".$sortorder, $lang->redirect_searchresults); 1637 } 1638 else if($mybb->input['action'] == "thread") 1639 { 1640 // Fetch thread info 1641 $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); 1642 $ismod = is_moderator($thread['fid']); 1643 1644 if(!$thread || ($thread['visible'] != 1 && $ismod == false && ($thread['visible'] != -1 || $mybb->settings['soft_delete'] != 1 || !$mybb->user['uid'] || $mybb->user['uid'] != $thread['uid'])) || ($thread['visible'] > 1 && $ismod == true)) 1645 { 1646 error($lang->error_invalidthread); 1647 } 1648 1649 // Get forum info 1650 $forum = get_forum($thread['fid']); 1651 if(!$forum) 1652 { 1653 error($lang->error_invalidforum); 1654 } 1655 1656 $forum_permissions = forum_permissions($forum['fid']); 1657 1658 if($forum['open'] == 0 || $forum['type'] != "f") 1659 { 1660 error($lang->error_closedinvalidforum); 1661 } 1662 if($forum_permissions['canview'] == 0 || $forum_permissions['canviewthreads'] != 1 || (isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'])) 1663 { 1664 error_no_permission(); 1665 } 1666 1667 $plugins->run_hooks("search_thread_start"); 1668 1669 // Check if search flood checking is enabled and user is not admin 1670 if($mybb->settings['searchfloodtime'] > 0 && $mybb->usergroup['cancp'] != 1) 1671 { 1672 // Fetch the time this user last searched 1673 if($mybb->user['uid']) 1674 { 1675 $conditions = "uid='{$mybb->user['uid']}'"; 1676 } 1677 else 1678 { 1679 $conditions = "uid='0' AND ipaddress=".$db->escape_binary($session->packedip); 1680 } 1681 $timecut = TIME_NOW-$mybb->settings['searchfloodtime']; 1682 $query = $db->simple_select("searchlog", "*", "$conditions AND dateline > '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC")); 1683 $last_search = $db->fetch_array($query); 1684 1685 if($last_search) 1686 { 1687 // We shouldn't show remaining time if time is 0 or under. 1688 $remaining_time = $mybb->settings['searchfloodtime']-(TIME_NOW-$last_search['dateline']); 1689 // Users last search was within the flood time, show the error. 1690 if($remaining_time > 0) 1691 { 1692 if($remaining_time == 1) 1693 { 1694 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding_1, $mybb->settings['searchfloodtime']); 1695 } 1696 else 1697 { 1698 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time); 1699 } 1700 error($lang->error_searchflooding); 1701 } 1702 } 1703 } 1704 1705 $search_data = array( 1706 "keywords" => $mybb->input['keywords'], 1707 "postthread" => 1, 1708 "tid" => $mybb->get_input('tid', MyBB::INPUT_INT) 1709 ); 1710 1711 if($db->can_search == true) 1712 { 1713 if($mybb->settings['searchtype'] == "fulltext" && $db->supports_fulltext_boolean("posts") && $db->is_fulltext("posts")) 1714 { 1715 $search_results = perform_search_mysql_ft($search_data); 1716 } 1717 else 1718 { 1719 $search_results = perform_search_mysql($search_data); 1720 } 1721 } 1722 else 1723 { 1724 error($lang->error_no_search_support); 1725 } 1726 $sid = md5(uniqid(microtime(), true)); 1727 $searcharray = array( 1728 "sid" => $db->escape_string($sid), 1729 "uid" => $mybb->user['uid'], 1730 "dateline" => $now, 1731 "ipaddress" => $db->escape_binary($session->packedip), 1732 "threads" => $search_results['threads'], 1733 "posts" => $search_results['posts'], 1734 "resulttype" => 'posts', 1735 "querycache" => $search_results['querycache'], 1736 "keywords" => $db->escape_string($mybb->input['keywords']) 1737 ); 1738 $plugins->run_hooks("search_thread_process"); 1739 1740 $db->insert_query("searchlog", $searcharray); 1741 1742 $plugins->run_hooks("search_do_search_end"); 1743 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1744 } 1745 else 1746 { 1747 $plugins->run_hooks("search_start"); 1748 $srchlist = make_searchable_forums(); 1749 $prefixselect = build_prefix_select('all', 'any', 1); 1750 1751 $rowspan = 5; 1752 1753 $moderator_options = ''; 1754 if(is_moderator()) 1755 { 1756 $rowspan += 2; 1757 eval("\$moderator_options = \"".$templates->get("search_moderator_options")."\";"); 1758 } 1759 1760 $plugins->run_hooks("search_end"); 1761 1762 eval("\$search = \"".$templates->get("search")."\";"); 1763 output_page($search); 1764 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| 2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup | Cross-referenced by PHPXref |