| [ Index ] |
PHP Cross Reference of MyBB 1.8.38 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11 define("IN_MYBB", 1); 12 define("IGNORE_CLEAN_VARS", "sid"); 13 define('THIS_SCRIPT', 'search.php'); 14 15 $templatelist = "search,forumdisplay_thread_gotounread,search_results_threads_thread,search_results_threads,search_results_posts,search_results_posts_post,search_results_icon,search_forumlist_forum,search_forumlist"; 16 $templatelist .= ",multipage,multipage_breadcrumb,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,multipage_start"; 17 $templatelist .= ",search_results_posts_inlinecheck,search_results_posts_nocheck,search_results_threads_inlinecheck,search_results_threads_nocheck,search_results_inlinemodcol,search_results_inlinemodcol_empty,search_results_posts_inlinemoderation_custom_tool"; 18 $templatelist .= ",search_results_posts_inlinemoderation_custom,search_results_posts_inlinemoderation,search_results_threads_inlinemoderation_custom_tool,search_results_threads_inlinemoderation_custom,search_results_threads_inlinemoderation"; 19 $templatelist .= ",forumdisplay_thread_attachment_count,search_threads_inlinemoderation_selectall,search_posts_inlinemoderation_selectall,post_prefixselect_prefix,post_prefixselect_multiple,search_orderarrow"; 20 $templatelist .= ",search_results_posts_forumlink,search_results_threads_forumlink,forumdisplay_thread_multipage_more,forumdisplay_thread_multipage_page,forumdisplay_thread_multipage,search_moderator_options"; 21 22 require_once "./global.php"; 23 require_once MYBB_ROOT."inc/functions_post.php"; 24 require_once MYBB_ROOT."inc/functions_search.php"; 25 require_once MYBB_ROOT."inc/class_parser.php"; 26 $parser = new postParser; 27 28 // Load global language phrases 29 $lang->load("search"); 30 31 add_breadcrumb($lang->nav_search, "search.php"); 32 33 $mybb->input['action'] = $mybb->get_input('action'); 34 switch($mybb->input['action']) 35 { 36 case "results": 37 add_breadcrumb($lang->nav_results); 38 break; 39 default: 40 break; 41 } 42 43 if($mybb->usergroup['cansearch'] == 0) 44 { 45 error_no_permission(); 46 } 47 48 $now = TIME_NOW; 49 $mybb->input['keywords'] = trim($mybb->get_input('keywords')); 50 51 $limitsql = ""; 52 if((int)$mybb->settings['searchhardlimit'] > 0) 53 { 54 $limitsql = "LIMIT ".(int)$mybb->settings['searchhardlimit']; 55 } 56 57 if($mybb->input['action'] == "results") 58 { 59 $sid = $db->escape_string($mybb->get_input('sid')); 60 $query = $db->simple_select("searchlog", "*", "sid='$sid'"); 61 $search = $db->fetch_array($query); 62 63 if(!$search) 64 { 65 error($lang->error_invalidsearch); 66 } 67 68 $plugins->run_hooks("search_results_start"); 69 70 // Decide on our sorting fields and sorting order. 71 $order = my_strtolower(htmlspecialchars_uni($mybb->get_input('order'))); 72 $sortby = my_strtolower(htmlspecialchars_uni($mybb->get_input('sortby'))); 73 74 switch($sortby) 75 { 76 case "replies": 77 $sortfield = "t.replies"; 78 break; 79 case "views": 80 $sortfield = "t.views"; 81 break; 82 case "subject": 83 if($search['resulttype'] == "threads") 84 { 85 $sortfield = "t.subject"; 86 } 87 else 88 { 89 $sortfield = "p.subject"; 90 } 91 break; 92 case "forum": 93 $sortfield = "f.name"; 94 break; 95 case "starter": 96 if($search['resulttype'] == "threads") 97 { 98 $sortfield = "t.username"; 99 } 100 else 101 { 102 $sortfield = "p.username"; 103 } 104 break; 105 case "lastpost": 106 default: 107 if(isset($search['resulttype']) && $search['resulttype'] == "threads") 108 { 109 $sortfield = "t.lastpost"; 110 $sortby = "lastpost"; 111 } 112 else 113 { 114 $sortfield = "p.dateline"; 115 $sortby = "dateline"; 116 } 117 break; 118 } 119 120 if($order != "asc") 121 { 122 $order = "desc"; 123 $oppsortnext = "asc"; 124 $oppsort = $lang->asc; 125 } 126 else 127 { 128 $oppsortnext = "desc"; 129 $oppsort = $lang->desc; 130 } 131 132 if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1) 133 { 134 $mybb->settings['threadsperpage'] = 20; 135 } 136 137 // Work out pagination, which page we're at, as well as the limits. 138 $perpage = $mybb->settings['threadsperpage']; 139 $page = $mybb->get_input('page'); 140 if($page > 0) 141 { 142 $start = ($page-1) * $perpage; 143 } 144 else 145 { 146 $start = 0; 147 $page = 1; 148 } 149 $end = $start + $perpage; 150 $lower = $start+1; 151 $upper = $end; 152 153 // Work out if we have terms to highlight 154 $highlight = ""; 155 if(!empty($search['keywords'])) 156 { 157 if($mybb->seo_support == true) 158 { 159 $highlight = "?highlight=".urlencode($search['keywords']); 160 } 161 else 162 { 163 $highlight = "&highlight=".urlencode($search['keywords']); 164 } 165 } 166 167 $sorturl = "search.php?action=results&sid={$sid}"; 168 $thread_url = ""; 169 $post_url = ""; 170 171 $orderarrow = array('replies' => '', 'views' => '', 'subject' => '', 'forum' => '', 'starter' => '', 'lastpost' => '', 'dateline' => ''); 172 173 eval("\$orderarrow['$sortby'] = \"".$templates->get("search_orderarrow")."\";"); 174 175 // Read some caches we will be using 176 $forumcache = $cache->read("forums"); 177 $icon_cache = $cache->read("posticons"); 178 179 $threads = array(); 180 181 if($mybb->user['uid'] == 0) 182 { 183 // Build a forum cache. 184 $query = $db->query(" 185 SELECT fid 186 FROM ".TABLE_PREFIX."forums 187 WHERE active != 0 188 ORDER BY pid, disporder 189 "); 190 191 if(isset($mybb->cookies['mybb']['forumread'])) 192 { 193 $forumsread = my_unserialize($mybb->cookies['mybb']['forumread'], false); 194 } 195 else 196 { 197 $forumsread = array(); 198 } 199 } 200 else 201 { 202 // Build a forum cache. 203 $query = $db->query(" 204 SELECT f.fid, fr.dateline AS lastread 205 FROM ".TABLE_PREFIX."forums f 206 LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}') 207 WHERE f.active != 0 208 ORDER BY pid, disporder 209 "); 210 } 211 212 while($forum = $db->fetch_array($query)) 213 { 214 if($mybb->user['uid'] == 0) 215 { 216 if(!empty($forumsread[$forum['fid']])) 217 { 218 $forum['lastread'] = $forumsread[$forum['fid']]; 219 } 220 } 221 222 if(isset($forum['lastread'])) 223 { 224 $readforums[$forum['fid']] = $forum['lastread']; 225 } 226 else 227 { 228 $readforums[$forum['fid']] = ''; 229 } 230 } 231 $fpermissions = forum_permissions(); 232 233 // Inline Mod Column for moderators 234 $inlinemodcol = $inlinecookie = $inline_edit_js = ''; 235 $is_mod = $is_supermod = $show_inline_moderation = false; 236 if($mybb->usergroup['issupermod']) 237 { 238 $is_supermod = true; 239 } 240 if($is_supermod || is_moderator()) 241 { 242 $inlinecookie = "inlinemod_search".$sid; 243 $inlinecount = 0; 244 $is_mod = true; 245 $return_url = 'search.php?'.htmlspecialchars_uni($_SERVER['QUERY_STRING']); 246 } 247 248 // Show search results as 'threads' 249 if(isset($search['resulttype']) && $search['resulttype'] == "threads") 250 { 251 $threadcount = 0; 252 253 // Moderators can view unapproved threads and deleted threads from forums they moderate 254 $unapproved_where_t = get_visible_where('t'); 255 256 // If we have saved WHERE conditions, execute them 257 if($search['querycache'] != "") 258 { 259 $where_conditions = $search['querycache']; 260 $query = $db->simple_select("threads t", "t.tid", $where_conditions. " AND ({$unapproved_where_t}) AND t.closed NOT LIKE 'moved|%' ORDER BY t.lastpost DESC {$limitsql}"); 261 while($thread = $db->fetch_array($query)) 262 { 263 $threads[$thread['tid']] = $thread['tid']; 264 $threadcount++; 265 } 266 // Build our list of threads. 267 if($threadcount > 0) 268 { 269 $search['threads'] = implode(",", $threads); 270 } 271 // No results. 272 else 273 { 274 error($lang->error_nosearchresults); 275 } 276 $where_conditions = "t.tid IN (".$search['threads'].")"; 277 } 278 // This search doesn't use a query cache, results stored in search table. 279 else 280 { 281 $where_conditions = "t.tid IN (".$search['threads'].")"; 282 $query = $db->simple_select("threads t", "COUNT(t.tid) AS resultcount", $where_conditions. " AND ({$unapproved_where_t}) AND t.closed NOT LIKE 'moved|%' {$limitsql}"); 283 $count = $db->fetch_array($query); 284 285 if(!$count['resultcount']) 286 { 287 error($lang->error_nosearchresults); 288 } 289 $threadcount = $count['resultcount']; 290 } 291 292 $permsql = ""; 293 $onlyusfids = array(); 294 295 // Check group permissions if we can't view threads not started by us 296 $group_permissions = forum_permissions(); 297 foreach($group_permissions as $fid => $forum_permissions) 298 { 299 if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) 300 { 301 $onlyusfids[] = $fid; 302 } 303 } 304 if(!empty($onlyusfids)) 305 { 306 $permsql .= "AND ((t.fid IN(".implode(',', $onlyusfids).") AND t.uid='{$mybb->user['uid']}') OR t.fid NOT IN(".implode(',', $onlyusfids)."))"; 307 } 308 309 $unsearchforums = get_unsearchable_forums(); 310 if($unsearchforums) 311 { 312 $permsql .= " AND t.fid NOT IN ($unsearchforums)"; 313 } 314 $inactiveforums = get_inactive_forums(); 315 if($inactiveforums) 316 { 317 $permsql .= " AND t.fid NOT IN ($inactiveforums)"; 318 } 319 320 $pages = ceil($threadcount / $perpage); 321 if($page > $pages) 322 { 323 $start = 0; 324 $page = 1; 325 } 326 327 // Begin selecting matching threads, cache them. 328 $sqlarray = array( 329 'order_by' => $sortfield, 330 'order_dir' => $order, 331 'limit_start' => $start, 332 'limit' => $perpage 333 ); 334 $query = $db->query(" 335 SELECT t.*, u.username AS userusername 336 FROM ".TABLE_PREFIX."threads t 337 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=t.uid) 338 LEFT JOIN ".TABLE_PREFIX."forums f ON (t.fid=f.fid) 339 WHERE $where_conditions AND ({$unapproved_where_t}) {$permsql} AND t.closed NOT LIKE 'moved|%' 340 ORDER BY $sortfield $order 341 LIMIT $start, $perpage 342 "); 343 344 $threadprefixes = build_prefixes(); 345 $thread_cache = array(); 346 while($thread = $db->fetch_array($query)) 347 { 348 $thread['threadprefix'] = ''; 349 if($thread['prefix'] && !empty($threadprefixes[$thread['prefix']])) 350 { 351 $thread['threadprefix'] = $threadprefixes[$thread['prefix']]['displaystyle']; 352 } 353 $thread_cache[$thread['tid']] = $thread; 354 } 355 $thread_ids = implode(",", array_keys($thread_cache)); 356 357 if(empty($thread_ids)) 358 { 359 error($lang->error_nosearchresults); 360 } 361 362 // Fetch dot icons if enabled 363 if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] && $thread_cache) 364 { 365 $unapproved_where_p = str_replace('t.', '', $unapproved_where_t); 366 $query = $db->simple_select("posts", "DISTINCT tid,uid", "uid='{$mybb->user['uid']}' AND tid IN({$thread_ids}) AND ({$unapproved_where_p})"); 367 while($thread = $db->fetch_array($query)) 368 { 369 $thread_cache[$thread['tid']]['dot_icon'] = 1; 370 } 371 } 372 373 // Fetch the read threads. 374 if($mybb->user['uid'] && $mybb->settings['threadreadcut'] > 0) 375 { 376 $query = $db->simple_select("threadsread", "tid,dateline", "uid='".$mybb->user['uid']."' AND tid IN(".$thread_ids.")"); 377 while($readthread = $db->fetch_array($query)) 378 { 379 $thread_cache[$readthread['tid']]['lastread'] = $readthread['dateline']; 380 } 381 } 382 383 if(!$mybb->settings['maxmultipagelinks']) 384 { 385 $mybb->settings['maxmultipagelinks'] = 5; 386 } 387 388 $results = ''; 389 390 foreach($thread_cache as $thread) 391 { 392 $bgcolor = alt_trow(); 393 $folder = ''; 394 $prefix = ''; 395 396 // Unapproved colour 397 if($thread['visible'] == 0) 398 { 399 $bgcolor = 'trow_shaded'; 400 } 401 elseif($thread['visible'] == -1) 402 { 403 $bgcolor = 'trow_shaded trow_deleted'; 404 } 405 406 if($thread['userusername']) 407 { 408 $thread['username'] = $thread['userusername']; 409 } 410 $thread['username'] = htmlspecialchars_uni($thread['username']); 411 $thread['profilelink'] = build_profile_link($thread['username'], $thread['uid']); 412 413 // If this thread has a prefix, insert a space between prefix and subject 414 if($thread['prefix'] != 0) 415 { 416 $thread['threadprefix'] .= ' '; 417 } 418 419 $thread['subject'] = $parser->parse_badwords($thread['subject']); 420 $thread['subject'] = htmlspecialchars_uni($thread['subject']); 421 422 if(isset($icon_cache[$thread['icon']])) 423 { 424 $posticon = $icon_cache[$thread['icon']]; 425 $posticon['path'] = str_replace("{theme}", $theme['imgdir'], $posticon['path']); 426 $posticon['path'] = htmlspecialchars_uni($posticon['path']); 427 $posticon['name'] = htmlspecialchars_uni($posticon['name']); 428 eval("\$icon = \"".$templates->get("search_results_icon")."\";"); 429 } 430 else 431 { 432 $icon = " "; 433 } 434 if($thread['poll']) 435 { 436 $prefix = $lang->poll_prefix; 437 } 438 439 // Determine the folder 440 $folder = ''; 441 $folder_label = ''; 442 if(isset($thread['dot_icon'])) 443 { 444 $folder = "dot_"; 445 $folder_label .= $lang->icon_dot; 446 } 447 $gotounread = ''; 448 $isnew = 0; 449 $donenew = 0; 450 $last_read = 0; 451 452 if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid']) 453 { 454 $forum_read = $readforums[$thread['fid']]; 455 456 $read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; 457 if($forum_read == 0 || $forum_read < $read_cutoff) 458 { 459 $forum_read = $read_cutoff; 460 } 461 } 462 else 463 { 464 if(isset($forumsread[$thread['fid']])) 465 { 466 $forum_read = $forumsread[$thread['fid']]; 467 } 468 else 469 { 470 $forum_read = ''; 471 } 472 } 473 474 if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid'] && $thread['lastpost'] > $forum_read) 475 { 476 if(isset($thread['lastread'])) 477 { 478 $last_read = $thread['lastread']; 479 } 480 else 481 { 482 $last_read = $read_cutoff; 483 } 484 } 485 else 486 { 487 $last_read = my_get_array_cookie("threadread", $thread['tid']); 488 } 489 490 if($forum_read > $last_read) 491 { 492 $last_read = $forum_read; 493 } 494 495 if($thread['lastpost'] > $last_read && $last_read) 496 { 497 $folder .= "new"; 498 $new_class = "subject_new"; 499 $folder_label .= $lang->icon_new; 500 $thread['newpostlink'] = get_thread_link($thread['tid'], 0, "newpost").$highlight; 501 eval("\$gotounread = \"".$templates->get("forumdisplay_thread_gotounread")."\";"); 502 $unreadpost = 1; 503 } 504 else 505 { 506 $new_class = 'subject_old'; 507 $folder_label .= $lang->icon_no_new; 508 } 509 510 if($thread['replies'] >= $mybb->settings['hottopic'] || $thread['views'] >= $mybb->settings['hottopicviews']) 511 { 512 $folder .= "hot"; 513 $folder_label .= $lang->icon_hot; 514 } 515 if($thread['closed'] == 1) 516 { 517 $folder .= "close"; 518 $folder_label .= $lang->icon_close; 519 } 520 $folder .= "folder"; 521 522 if(!$mybb->settings['postsperpage'] || (int)$mybb->settings['postsperpage'] < 1) 523 { 524 $mybb->settings['postsperpage'] = 20; 525 } 526 527 $thread['pages'] = 0; 528 $thread['multipage'] = ''; 529 $threadpages = ''; 530 $morelink = ''; 531 $thread['posts'] = $thread['replies'] + 1; 532 if(is_moderator($thread['fid'], "canviewdeleted") == true || is_moderator($thread['fid'], "canviewunapprove") == true) 533 { 534 if(is_moderator($thread['fid'], "canviewdeleted") == true) 535 { 536 $thread['posts'] += $thread['deletedposts']; 537 } 538 if(is_moderator($thread['fid'], "canviewunapprove") == true) 539 { 540 $thread['posts'] += $thread['unapprovedposts']; 541 } 542 } 543 elseif($group_permissions[$thread['fid']]['canviewdeletionnotice'] != 0) 544 { 545 $thread['posts'] += $thread['deletedposts']; 546 } 547 548 if($thread['posts'] > $mybb->settings['postsperpage']) 549 { 550 $thread['pages'] = $thread['posts'] / $mybb->settings['postsperpage']; 551 $thread['pages'] = ceil($thread['pages']); 552 if($thread['pages'] > $mybb->settings['maxmultipagelinks']) 553 { 554 $pagesstop = $mybb->settings['maxmultipagelinks'] - 1; 555 $page_link = get_thread_link($thread['tid'], $thread['pages']).$highlight; 556 eval("\$morelink = \"".$templates->get("forumdisplay_thread_multipage_more")."\";"); 557 } 558 else 559 { 560 $pagesstop = $thread['pages']; 561 } 562 for($i = 1; $i <= $pagesstop; ++$i) 563 { 564 $page_link = get_thread_link($thread['tid'], $i).$highlight; 565 eval("\$threadpages .= \"".$templates->get("forumdisplay_thread_multipage_page")."\";"); 566 } 567 eval("\$thread['multipage'] = \"".$templates->get("forumdisplay_thread_multipage")."\";"); 568 } 569 else 570 { 571 $threadpages = ''; 572 $morelink = ''; 573 $thread['multipage'] = ''; 574 } 575 $lastpostdate = my_date('relative', $thread['lastpost']); 576 $thread['lastpostlink'] = get_thread_link($thread['tid'], 0, "lastpost"); 577 $lastposteruid = $thread['lastposteruid']; 578 if(!$lastposteruid && !$thread['lastposter']) 579 { 580 $lastposter = htmlspecialchars_uni($lang->guest); 581 } 582 else 583 { 584 $lastposter = htmlspecialchars_uni($thread['lastposter']); 585 } 586 $thread_link = get_thread_link($thread['tid']); 587 588 // Don't link to guest's profiles (they have no profile). 589 if($lastposteruid == 0) 590 { 591 $lastposterlink = $lastposter; 592 } 593 else 594 { 595 $lastposterlink = build_profile_link($lastposter, $lastposteruid); 596 } 597 598 $thread['replies'] = my_number_format($thread['replies']); 599 $thread['views'] = my_number_format($thread['views']); 600 601 $thread['forumlink'] = ''; 602 if($forumcache[$thread['fid']]) 603 { 604 $thread['forumlink_link'] = get_forum_link($thread['fid']); 605 $thread['forumlink_name'] = $forumcache[$thread['fid']]['name']; 606 eval("\$thread['forumlink'] = \"".$templates->get("search_results_threads_forumlink")."\";"); 607 } 608 609 // If this user is the author of the thread and it is not closed or they are a moderator, they can edit 610 if(($thread['uid'] == $mybb->user['uid'] && $thread['closed'] != 1 && $mybb->user['uid'] != 0 && $fpermissions[$thread['fid']]['caneditposts'] == 1) || is_moderator($thread['fid'], "caneditposts")) 611 { 612 $inline_edit_class = "subject_editable"; 613 } 614 else 615 { 616 $inline_edit_class = ""; 617 } 618 619 // If this thread has 1 or more attachments show the papperclip 620 if($mybb->settings['enableattachments'] == 1 && $thread['attachmentcount'] > 0) 621 { 622 if($thread['attachmentcount'] > 1) 623 { 624 $attachment_count = $lang->sprintf($lang->attachment_count_multiple, $thread['attachmentcount']); 625 } 626 else 627 { 628 $attachment_count = $lang->attachment_count; 629 } 630 631 eval("\$attachment_count = \"".$templates->get("forumdisplay_thread_attachment_count")."\";"); 632 } 633 else 634 { 635 $attachment_count = ''; 636 } 637 638 $inline_edit_tid = $thread['tid']; 639 640 // Inline thread moderation 641 $inline_mod_checkbox = ''; 642 if($is_supermod || is_moderator($thread['fid'])) 643 { 644 if(isset($mybb->cookies[$inlinecookie]) && my_strpos($mybb->cookies[$inlinecookie], "|{$thread['tid']}|") !== false) 645 { 646 $inlinecheck = "checked=\"checked\""; 647 ++$inlinecount; 648 } 649 else 650 { 651 $inlinecheck = ''; 652 } 653 654 // If this user is allowed to use the inline moderation tools for at least one thread, include the necessary scripts 655 $show_inline_moderation = true; 656 657 eval("\$inline_mod_checkbox = \"".$templates->get("search_results_threads_inlinecheck")."\";"); 658 } 659 elseif($is_mod) 660 { 661 eval("\$inline_mod_checkbox = \"".$templates->get("search_results_threads_nocheck")."\";"); 662 } 663 664 $plugins->run_hooks("search_results_thread"); 665 eval("\$results .= \"".$templates->get("search_results_threads_thread")."\";"); 666 } 667 if(!$results) 668 { 669 error($lang->error_nosearchresults); 670 } 671 $multipage = multipage($threadcount, $perpage, $page, "search.php?action=results&sid=$sid&sortby=$sortby&order=$order&uid=".$mybb->get_input('uid', MyBB::INPUT_INT)); 672 if($upper > $threadcount) 673 { 674 $upper = $threadcount; 675 } 676 677 $selectall = ''; 678 $inlinemod = ''; 679 680 // Inline Thread Moderation Options 681 if($show_inline_moderation) 682 { 683 eval("\$inlinemodcol = \"".$templates->get("search_results_inlinemodcol")."\";"); 684 685 // If user has moderation tools available, prepare the Select All feature 686 $lang->page_selected = $lang->sprintf($lang->page_selected, count($thread_cache)); 687 $lang->all_selected = $lang->sprintf($lang->all_selected, (int)$threadcount); 688 $lang->select_all = $lang->sprintf($lang->select_all, (int)$threadcount); 689 eval("\$selectall = \"".$templates->get("search_threads_inlinemoderation_selectall")."\";"); 690 691 $customthreadtools = ''; 692 switch($db->type) 693 { 694 case "pgsql": 695 case "sqlite": 696 $query = $db->simple_select("modtools", "tid, name", "type='t' AND (','||forums||',' LIKE '%,-1,%' OR forums='')"); 697 break; 698 default: 699 $query = $db->simple_select("modtools", "tid, name", "type='t' AND (CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='')"); 700 } 701 702 while($tool = $db->fetch_array($query)) 703 { 704 $tool['name'] = htmlspecialchars_uni($tool['name']); 705 eval("\$customthreadtools .= \"".$templates->get("search_results_threads_inlinemoderation_custom_tool")."\";"); 706 } 707 // Build inline moderation dropdown 708 if(!empty($customthreadtools)) 709 { 710 eval("\$customthreadtools = \"".$templates->get("search_results_threads_inlinemoderation_custom")."\";"); 711 } 712 eval("\$inlinemod = \"".$templates->get("search_results_threads_inlinemoderation")."\";"); 713 } 714 elseif($is_mod) 715 { 716 eval("\$inlinemodcol = \"".$templates->get("search_results_inlinemodcol_empty")."\";"); 717 } 718 719 $plugins->run_hooks("search_results_end"); 720 721 eval("\$searchresults = \"".$templates->get("search_results_threads")."\";"); 722 output_page($searchresults); 723 } 724 else // Displaying results as posts 725 { 726 if(empty($search['posts'])) 727 { 728 error($lang->error_nosearchresults); 729 } 730 731 $postcount = 0; 732 733 // Moderators can view unapproved threads and deleted threads from forums they moderate 734 $unapproved_where = get_visible_where(); 735 736 $post_cache_options = array(); 737 if((int)$mybb->settings['searchhardlimit'] > 0) 738 { 739 $post_cache_options['limit'] = (int)$mybb->settings['searchhardlimit']; 740 } 741 742 if(strpos($sortfield, 'p.') !== false) 743 { 744 $post_cache_options['order_by'] = str_replace('p.', '', $sortfield); 745 $post_cache_options['order_dir'] = $order; 746 } 747 748 $tids = array(); 749 $pids = array(); 750 // Make sure the posts we're viewing we have permission to view. 751 $query = $db->simple_select("posts", "pid, tid", "pid IN(".$db->escape_string($search['posts']).") AND ({$unapproved_where})", $post_cache_options); 752 while($post = $db->fetch_array($query)) 753 { 754 $pids[$post['pid']] = $post['tid']; 755 $tids[$post['tid']][$post['pid']] = $post['pid']; 756 } 757 758 if(!empty($pids)) 759 { 760 $temp_pids = array(); 761 762 $group_permissions = forum_permissions(); 763 $permsql = ''; 764 $onlyusfids = array(); 765 766 foreach($group_permissions as $fid => $forum_permissions) 767 { 768 if(!empty($forum_permissions['canonlyviewownthreads'])) 769 { 770 $onlyusfids[] = $fid; 771 } 772 } 773 774 if($onlyusfids) 775 { 776 $permsql .= " OR (fid IN(".implode(',', $onlyusfids).") AND uid!={$mybb->user['uid']})"; 777 } 778 $unsearchforums = get_unsearchable_forums(); 779 if($unsearchforums) 780 { 781 $permsql .= " OR fid IN ($unsearchforums)"; 782 } 783 $inactiveforums = get_inactive_forums(); 784 if($inactiveforums) 785 { 786 $permsql .= " OR fid IN ($inactiveforums)"; 787 } 788 789 // Find threads in our list that we don't have permission to view and remove them 790 $query = $db->simple_select("threads", "tid", "tid IN(".$db->escape_string(implode(',', array_keys($tids))).") AND (NOT ({$unapproved_where}){$permsql} OR closed LIKE 'moved|%')"); 791 while($thread = $db->fetch_array($query)) 792 { 793 if(array_key_exists($thread['tid'], $tids)) 794 { 795 $temp_pids = $tids[$thread['tid']]; 796 foreach($temp_pids as $pid) 797 { 798 unset($pids[$pid]); 799 unset($tids[$thread['tid']]); 800 } 801 unset($tids[$thread['tid']]); 802 } 803 } 804 unset($temp_pids); 805 } 806 807 // Declare our post count 808 $postcount = count($pids); 809 810 if(!$postcount) 811 { 812 error($lang->error_nosearchresults); 813 } 814 815 // And now we have our sanatized post list 816 $search['posts'] = implode(',', array_keys($pids)); 817 818 $tids = implode(",", array_keys($tids)); 819 820 // Read threads 821 if($mybb->user['uid'] && $mybb->settings['threadreadcut'] > 0) 822 { 823 $query = $db->simple_select("threadsread", "tid, dateline", "uid='".$mybb->user['uid']."' AND tid IN(".$db->escape_string($tids).")"); 824 while($readthread = $db->fetch_array($query)) 825 { 826 $readthreads[$readthread['tid']] = $readthread['dateline']; 827 } 828 } 829 830 $dot_icon = array(); 831 if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] != 0) 832 { 833 $query = $db->simple_select("posts", "DISTINCT tid,uid", "uid='{$mybb->user['uid']}' AND tid IN({$db->escape_string($tids)}) AND ({$unapproved_where})"); 834 while($post = $db->fetch_array($query)) 835 { 836 $dot_icon[$post['tid']] = true; 837 } 838 } 839 840 $results = ''; 841 842 $pages = ceil($postcount / $perpage); 843 if($page > $pages) 844 { 845 $start = 0; 846 $page = 1; 847 } 848 849 $query = $db->query(" 850 SELECT p.*, u.username AS userusername, t.subject AS thread_subject, t.replies AS thread_replies, t.views AS thread_views, t.lastpost AS thread_lastpost, t.closed AS thread_closed, t.uid as thread_uid 851 FROM ".TABLE_PREFIX."posts p 852 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) 853 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid) 854 LEFT JOIN ".TABLE_PREFIX."forums f ON (t.fid=f.fid) 855 WHERE p.pid IN (".$db->escape_string($search['posts']).") 856 ORDER BY $sortfield $order 857 LIMIT $start, $perpage 858 "); 859 while($post = $db->fetch_array($query)) 860 { 861 $bgcolor = alt_trow(); 862 if($post['visible'] == 0) 863 { 864 $bgcolor = 'trow_shaded'; 865 } 866 elseif($post['visible'] == -1) 867 { 868 $bgcolor = 'trow_shaded trow_deleted'; 869 } 870 if($post['userusername']) 871 { 872 $post['username'] = $post['userusername']; 873 } 874 $post['username'] = htmlspecialchars_uni($post['username']); 875 $post['profilelink'] = build_profile_link($post['username'], $post['uid']); 876 $post['subject'] = $parser->parse_badwords($post['subject']); 877 $post['thread_subject'] = $parser->parse_badwords($post['thread_subject']); 878 $post['thread_subject'] = htmlspecialchars_uni($post['thread_subject']); 879 880 if(isset($icon_cache[$post['icon']])) 881 { 882 $posticon = $icon_cache[$post['icon']]; 883 $posticon['path'] = str_replace("{theme}", $theme['imgdir'], $posticon['path']); 884 $posticon['path'] = htmlspecialchars_uni($posticon['path']); 885 $posticon['name'] = htmlspecialchars_uni($posticon['name']); 886 eval("\$icon = \"".$templates->get("search_results_icon")."\";"); 887 } 888 else 889 { 890 $icon = " "; 891 } 892 893 $post['forumlink'] = ''; 894 if(!empty($forumcache[$post['fid']])) 895 { 896 $post['forumlink_link'] = get_forum_link($post['fid']); 897 $post['forumlink_name'] = $forumcache[$post['fid']]['name']; 898 eval("\$post['forumlink'] = \"".$templates->get("search_results_posts_forumlink")."\";"); 899 } 900 901 // Determine the folder 902 $folder = ''; 903 $folder_label = ''; 904 $gotounread = ''; 905 $isnew = 0; 906 $donenew = 0; 907 $last_read = 0; 908 909 if(isset($readthreads[$post['tid']])) 910 { 911 $post['thread_lastread'] = $readthreads[$post['tid']]; 912 } 913 else 914 { 915 $post['thread_lastread'] = ''; 916 } 917 918 if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid']) 919 { 920 $forum_read = $readforums[$post['fid']]; 921 922 $read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; 923 if($forum_read == 0 || $forum_read < $read_cutoff) 924 { 925 $forum_read = $read_cutoff; 926 } 927 } 928 else 929 { 930 if(isset($forumsread[$post['fid']])) 931 { 932 $forum_read = $forumsread[$post['fid']]; 933 } 934 else 935 { 936 $forum_read = ''; 937 } 938 } 939 940 if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid'] && $post['thread_lastpost'] > $forum_read) 941 { 942 $cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; 943 if($post['thread_lastpost'] > $cutoff) 944 { 945 if($post['thread_lastread']) 946 { 947 $last_read = $post['thread_lastread']; 948 } 949 else 950 { 951 $last_read = 1; 952 } 953 } 954 } 955 956 if(isset($dot_icon[$post['tid']])) 957 { 958 $folder = "dot_"; 959 $folder_label .= $lang->icon_dot; 960 } 961 962 if(!$last_read) 963 { 964 $readcookie = $threadread = my_get_array_cookie("threadread", $post['tid']); 965 if($readcookie > $forum_read) 966 { 967 $last_read = $readcookie; 968 } 969 elseif($forum_read > $mybb->user['lastvisit']) 970 { 971 $last_read = $forum_read; 972 } 973 else 974 { 975 $last_read = $mybb->user['lastvisit']; 976 } 977 } 978 979 if($post['thread_lastpost'] > $last_read && $last_read) 980 { 981 $folder .= "new"; 982 $folder_label .= $lang->icon_new; 983 $thread['newpostlink'] = get_thread_link($post['tid'], 0, "newpost"); 984 eval("\$gotounread = \"".$templates->get("forumdisplay_thread_gotounread")."\";"); 985 $unreadpost = 1; 986 } 987 else 988 { 989 $folder_label .= $lang->icon_no_new; 990 } 991 992 if($post['thread_replies'] >= $mybb->settings['hottopic'] || $post['thread_views'] >= $mybb->settings['hottopicviews']) 993 { 994 $folder .= "hot"; 995 $folder_label .= $lang->icon_hot; 996 } 997 if($post['thread_closed'] == 1) 998 { 999 $folder .= "close"; 1000 $folder_label .= $lang->icon_close; 1001 } 1002 $folder .= "folder"; 1003 1004 $post['thread_replies'] = my_number_format($post['thread_replies']); 1005 $post['thread_views'] = my_number_format($post['thread_views']); 1006 1007 $post['forumlink'] = ''; 1008 if($forumcache[$post['fid']]) 1009 { 1010 $post['forumlink_link'] = get_forum_link($post['fid']); 1011 $post['forumlink_name'] = $forumcache[$post['fid']]['name']; 1012 eval("\$post['forumlink'] = \"".$templates->get("search_results_posts_forumlink")."\";"); 1013 } 1014 1015 if(!$post['subject']) 1016 { 1017 $post['subject'] = $post['message']; 1018 } 1019 if(my_strlen($post['subject']) > 50) 1020 { 1021 $post['subject'] = htmlspecialchars_uni(my_substr($post['subject'], 0, 50)."..."); 1022 } 1023 else 1024 { 1025 $post['subject'] = htmlspecialchars_uni($post['subject']); 1026 } 1027 // What we do here is parse the post using our post parser, then strip the tags from it 1028 $parser_options = array( 1029 'allow_html' => 0, 1030 'allow_mycode' => 1, 1031 'allow_smilies' => 0, 1032 'allow_imgcode' => 0, 1033 'me_username' => $post['username'], 1034 'filter_badwords' => 1 1035 ); 1036 $post['message'] = strip_tags($parser->text_parse_message($post['message'], $parser_options)); 1037 if(my_strlen($post['message']) > 200) 1038 { 1039 $prev = my_substr($post['message'], 0, 200)."..."; 1040 } 1041 else 1042 { 1043 $prev = $post['message']; 1044 } 1045 $posted = my_date('relative', $post['dateline']); 1046 1047 $thread_url = get_thread_link($post['tid']); 1048 $post_url = get_post_link($post['pid'], $post['tid']); 1049 1050 // Inline post moderation 1051 $inline_mod_checkbox = ''; 1052 if($is_supermod || is_moderator($post['fid'])) 1053 { 1054 if(isset($mybb->cookies[$inlinecookie]) && my_strpos($mybb->cookies[$inlinecookie], "|{$post['pid']}|") !== false) 1055 { 1056 $inlinecheck = "checked=\"checked\""; 1057 ++$inlinecount; 1058 } 1059 else 1060 { 1061 $inlinecheck = ''; 1062 } 1063 1064 $show_inline_moderation = true; 1065 1066 eval("\$inline_mod_checkbox = \"".$templates->get("search_results_posts_inlinecheck")."\";"); 1067 } 1068 elseif($is_mod) 1069 { 1070 eval("\$inline_mod_checkbox = \"".$templates->get("search_results_posts_nocheck")."\";"); 1071 } 1072 1073 $plugins->run_hooks("search_results_post"); 1074 eval("\$results .= \"".$templates->get("search_results_posts_post")."\";"); 1075 } 1076 if(!$results) 1077 { 1078 error($lang->error_nosearchresults); 1079 } 1080 $multipage = multipage($postcount, $perpage, $page, "search.php?action=results&sid=".htmlspecialchars_uni($mybb->get_input('sid'))."&sortby=$sortby&order=$order&uid=".$mybb->get_input('uid', MyBB::INPUT_INT)); 1081 if($upper > $postcount) 1082 { 1083 $upper = $postcount; 1084 } 1085 1086 $selectall = ''; 1087 $inlinemod = ''; 1088 1089 // Inline Post Moderation Options 1090 if($show_inline_moderation) 1091 { 1092 eval("\$inlinemodcol = \"".$templates->get("search_results_inlinemodcol")."\";"); 1093 1094 // If user has moderation tools available, prepare the Select All feature 1095 $num_results = $db->num_rows($query); 1096 $lang->page_selected = $lang->sprintf($lang->page_selected, (int)$num_results); 1097 $lang->select_all = $lang->sprintf($lang->select_all, (int)$postcount); 1098 $lang->all_selected = $lang->sprintf($lang->all_selected, (int)$postcount); 1099 eval("\$selectall = \"".$templates->get("search_posts_inlinemoderation_selectall")."\";"); 1100 1101 $customthreadtools = $customposttools = ''; 1102 switch($db->type) 1103 { 1104 case "pgsql": 1105 case "sqlite": 1106 $query = $db->simple_select("modtools", "tid, name, type", "type='p' AND (','||forums||',' LIKE '%,-1,%' OR forums='')"); 1107 break; 1108 default: 1109 $query = $db->simple_select("modtools", "tid, name, type", "type='p' AND (CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='')"); 1110 } 1111 1112 while($tool = $db->fetch_array($query)) 1113 { 1114 eval("\$customposttools .= \"".$templates->get("search_results_posts_inlinemoderation_custom_tool")."\";"); 1115 } 1116 // Build inline moderation dropdown 1117 if(!empty($customposttools)) 1118 { 1119 eval("\$customposttools = \"".$templates->get("search_results_posts_inlinemoderation_custom")."\";"); 1120 } 1121 eval("\$inlinemod = \"".$templates->get("search_results_posts_inlinemoderation")."\";"); 1122 } 1123 elseif($is_mod) 1124 { 1125 eval("\$inlinemodcol = \"".$templates->get("search_results_inlinemodcol_empty")."\";"); 1126 } 1127 1128 $plugins->run_hooks("search_results_end"); 1129 1130 eval("\$searchresults = \"".$templates->get("search_results_posts")."\";"); 1131 output_page($searchresults); 1132 } 1133 } 1134 elseif($mybb->input['action'] == "findguest") 1135 { 1136 $where_sql = "uid='0'"; 1137 1138 $unsearchforums = get_unsearchable_forums(); 1139 if($unsearchforums) 1140 { 1141 $where_sql .= " AND fid NOT IN ($unsearchforums)"; 1142 } 1143 $inactiveforums = get_inactive_forums(); 1144 if($inactiveforums) 1145 { 1146 $where_sql .= " AND fid NOT IN ($inactiveforums)"; 1147 } 1148 1149 // Moderators can view unapproved threads and deleted threads from forums they moderate 1150 $unapproved_where = get_visible_where(); 1151 $where_sql .= " AND ({$unapproved_where})"; 1152 1153 $permsql = ""; 1154 $onlyusfids = array(); 1155 1156 // Check group permissions if we can't view threads not started by us 1157 $group_permissions = forum_permissions(); 1158 foreach($group_permissions as $fid => $forum_permissions) 1159 { 1160 if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) 1161 { 1162 $onlyusfids[] = $fid; 1163 } 1164 } 1165 if(!empty($onlyusfids)) 1166 { 1167 $where_sql .= " AND fid NOT IN(".implode(',', $onlyusfids).")"; 1168 } 1169 1170 $options = array( 1171 'order_by' => 'dateline DESC, pid DESC', 1172 ); 1173 1174 // Do we have a hard search limit? 1175 if($mybb->settings['searchhardlimit'] > 0) 1176 { 1177 $options['limit'] = (int)$mybb->settings['searchhardlimit']; 1178 } 1179 1180 $pids = ''; 1181 $comma = ''; 1182 $query = $db->simple_select("posts", "pid", "{$where_sql}", $options); 1183 while($pid = $db->fetch_field($query, "pid")) 1184 { 1185 $pids .= $comma.$pid; 1186 $comma = ','; 1187 } 1188 1189 $tids = ''; 1190 $comma = ''; 1191 $query = $db->simple_select("threads", "tid", $where_sql); 1192 while($tid = $db->fetch_field($query, "tid")) 1193 { 1194 $tids .= $comma.$tid; 1195 $comma = ','; 1196 } 1197 1198 $sid = md5(uniqid(microtime(), true)); 1199 $searcharray = array( 1200 "sid" => $db->escape_string($sid), 1201 "uid" => $mybb->user['uid'], 1202 "dateline" => TIME_NOW, 1203 "ipaddress" => $db->escape_binary($session->packedip), 1204 "threads" => $db->escape_string($tids), 1205 "posts" => $db->escape_string($pids), 1206 "resulttype" => "posts", 1207 "querycache" => '', 1208 "keywords" => '' 1209 ); 1210 $plugins->run_hooks("search_do_search_process"); 1211 $db->insert_query("searchlog", $searcharray); 1212 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1213 } 1214 elseif($mybb->input['action'] == "finduser") 1215 { 1216 $where_sql = "uid='".$mybb->get_input('uid', MyBB::INPUT_INT)."'"; 1217 1218 $unsearchforums = get_unsearchable_forums(); 1219 if($unsearchforums) 1220 { 1221 $where_sql .= " AND fid NOT IN ($unsearchforums)"; 1222 } 1223 $inactiveforums = get_inactive_forums(); 1224 if($inactiveforums) 1225 { 1226 $where_sql .= " AND fid NOT IN ($inactiveforums)"; 1227 } 1228 1229 // Moderators can view unapproved threads and deleted threads from forums they moderate 1230 $unapproved_where = get_visible_where(); 1231 $where_sql .= " AND ({$unapproved_where})"; 1232 1233 $permsql = ""; 1234 $onlyusfids = array(); 1235 1236 // Check group permissions if we can't view threads not started by us 1237 $group_permissions = forum_permissions(); 1238 foreach($group_permissions as $fid => $forum_permissions) 1239 { 1240 if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) 1241 { 1242 $onlyusfids[] = $fid; 1243 } 1244 } 1245 if(!empty($onlyusfids)) 1246 { 1247 $where_sql .= "AND ((fid IN(".implode(',', $onlyusfids).") AND uid='{$mybb->user['uid']}') OR fid NOT IN(".implode(',', $onlyusfids)."))"; 1248 } 1249 1250 $options = array( 1251 'order_by' => 'dateline DESC, pid DESC', 1252 ); 1253 1254 // Do we have a hard search limit? 1255 if($mybb->settings['searchhardlimit'] > 0) 1256 { 1257 $options['limit'] = (int)$mybb->settings['searchhardlimit']; 1258 } 1259 1260 $pids = ''; 1261 $comma = ''; 1262 $query = $db->simple_select("posts", "pid", "{$where_sql}", $options); 1263 while($pid = $db->fetch_field($query, "pid")) 1264 { 1265 $pids .= $comma.$pid; 1266 $comma = ','; 1267 } 1268 1269 $tids = ''; 1270 $comma = ''; 1271 $query = $db->simple_select("threads", "tid", $where_sql); 1272 while($tid = $db->fetch_field($query, "tid")) 1273 { 1274 $tids .= $comma.$tid; 1275 $comma = ','; 1276 } 1277 1278 $sid = md5(uniqid(microtime(), true)); 1279 $searcharray = array( 1280 "sid" => $db->escape_string($sid), 1281 "uid" => $mybb->user['uid'], 1282 "dateline" => TIME_NOW, 1283 "ipaddress" => $db->escape_binary($session->packedip), 1284 "threads" => $db->escape_string($tids), 1285 "posts" => $db->escape_string($pids), 1286 "resulttype" => "posts", 1287 "querycache" => '', 1288 "keywords" => '' 1289 ); 1290 $plugins->run_hooks("search_do_search_process"); 1291 $db->insert_query("searchlog", $searcharray); 1292 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1293 } 1294 elseif($mybb->input['action'] == "finduserthreads") 1295 { 1296 $where_sql = "uid='".$mybb->get_input('uid', MyBB::INPUT_INT)."'"; 1297 1298 $unsearchforums = get_unsearchable_forums(); 1299 if($unsearchforums) 1300 { 1301 $where_sql .= " AND fid NOT IN ($unsearchforums)"; 1302 } 1303 $inactiveforums = get_inactive_forums(); 1304 if($inactiveforums) 1305 { 1306 $where_sql .= " AND fid NOT IN ($inactiveforums)"; 1307 } 1308 1309 // Moderators can view unapproved threads and deleted threads from forums they moderate 1310 $unapproved_where = get_visible_where(); 1311 $where_sql .= " AND ({$unapproved_where})"; 1312 1313 $permsql = ""; 1314 $onlyusfids = array(); 1315 1316 // Check group permissions if we can't view threads not started by us 1317 $group_permissions = forum_permissions(); 1318 foreach($group_permissions as $fid => $forum_permissions) 1319 { 1320 if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) 1321 { 1322 $onlyusfids[] = $fid; 1323 } 1324 } 1325 if(!empty($onlyusfids)) 1326 { 1327 $where_sql .= "AND ((fid IN(".implode(',', $onlyusfids).") AND uid='{$mybb->user['uid']}') OR fid NOT IN(".implode(',', $onlyusfids)."))"; 1328 } 1329 1330 $tids = ''; 1331 $comma = ''; 1332 $query = $db->simple_select("threads", "tid", $where_sql); 1333 while($tid = $db->fetch_field($query, "tid")) 1334 { 1335 $tids .= $comma.$tid; 1336 $comma = ','; 1337 } 1338 1339 $sid = md5(uniqid(microtime(), true)); 1340 $searcharray = array( 1341 "sid" => $db->escape_string($sid), 1342 "uid" => $mybb->user['uid'], 1343 "dateline" => TIME_NOW, 1344 "ipaddress" => $db->escape_binary($session->packedip), 1345 "threads" => $db->escape_string($tids), 1346 "posts" => '', 1347 "resulttype" => "threads", 1348 "querycache" => $db->escape_string($where_sql), 1349 "keywords" => '' 1350 ); 1351 $plugins->run_hooks("search_do_search_process"); 1352 $db->insert_query("searchlog", $searcharray); 1353 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1354 } 1355 elseif($mybb->input['action'] == "getnew") 1356 { 1357 1358 $where_sql = "lastpost >= '".(int)$mybb->user['lastvisit']."'"; 1359 1360 if($mybb->get_input('fid', MyBB::INPUT_INT)) 1361 { 1362 $where_sql .= " AND fid='".$mybb->get_input('fid', MyBB::INPUT_INT)."'"; 1363 } 1364 else if($mybb->get_input('fids')) 1365 { 1366 $fids = explode(',', $mybb->get_input('fids')); 1367 foreach($fids as $key => $fid) 1368 { 1369 $fids[$key] = (int)$fid; 1370 } 1371 1372 if(!empty($fids)) 1373 { 1374 $where_sql .= " AND fid IN (".implode(',', $fids).")"; 1375 } 1376 } 1377 1378 $unsearchforums = get_unsearchable_forums(); 1379 if($unsearchforums) 1380 { 1381 $where_sql .= " AND fid NOT IN ($unsearchforums)"; 1382 } 1383 $inactiveforums = get_inactive_forums(); 1384 if($inactiveforums) 1385 { 1386 $where_sql .= " AND fid NOT IN ($inactiveforums)"; 1387 } 1388 1389 // Moderators can view unapproved threads and deleted threads from forums they moderate 1390 $unapproved_where = get_visible_where(); 1391 $where_sql .= " AND ({$unapproved_where})"; 1392 1393 $permsql = ""; 1394 $onlyusfids = array(); 1395 1396 // Check group permissions if we can't view threads not started by us 1397 $group_permissions = forum_permissions(); 1398 foreach($group_permissions as $fid => $forum_permissions) 1399 { 1400 if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) 1401 { 1402 $onlyusfids[] = $fid; 1403 } 1404 } 1405 if(!empty($onlyusfids)) 1406 { 1407 $where_sql .= "AND ((fid IN(".implode(',', $onlyusfids).") AND uid='{$mybb->user['uid']}') OR fid NOT IN(".implode(',', $onlyusfids)."))"; 1408 } 1409 1410 $tids = ''; 1411 $comma = ''; 1412 $query = $db->simple_select("threads", "tid", $where_sql); 1413 while($tid = $db->fetch_field($query, "tid")) 1414 { 1415 $tids .= $comma.$tid; 1416 $comma = ','; 1417 } 1418 1419 $sid = md5(uniqid(microtime(), true)); 1420 $searcharray = array( 1421 "sid" => $db->escape_string($sid), 1422 "uid" => $mybb->user['uid'], 1423 "dateline" => TIME_NOW, 1424 "ipaddress" => $db->escape_binary($session->packedip), 1425 "threads" => $db->escape_string($tids), 1426 "posts" => '', 1427 "resulttype" => "threads", 1428 "querycache" => $db->escape_string($where_sql), 1429 "keywords" => '' 1430 ); 1431 1432 $plugins->run_hooks("search_do_search_process"); 1433 $db->insert_query("searchlog", $searcharray); 1434 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1435 } 1436 elseif($mybb->input['action'] == "getdaily") 1437 { 1438 if($mybb->get_input('days', MyBB::INPUT_INT) < 1) 1439 { 1440 $days = 1; 1441 } 1442 else 1443 { 1444 $days = $mybb->get_input('days', MyBB::INPUT_INT); 1445 } 1446 $datecut = TIME_NOW-(86400*$days); 1447 1448 $where_sql = "lastpost >='".$datecut."'"; 1449 1450 if($mybb->get_input('fid', MyBB::INPUT_INT)) 1451 { 1452 $where_sql .= " AND fid='".$mybb->get_input('fid', MyBB::INPUT_INT)."'"; 1453 } 1454 else if($mybb->get_input('fids')) 1455 { 1456 $fids = explode(',', $mybb->get_input('fids')); 1457 foreach($fids as $key => $fid) 1458 { 1459 $fids[$key] = (int)$fid; 1460 } 1461 1462 if(!empty($fids)) 1463 { 1464 $where_sql .= " AND fid IN (".implode(',', $fids).")"; 1465 } 1466 } 1467 1468 $unsearchforums = get_unsearchable_forums(); 1469 if($unsearchforums) 1470 { 1471 $where_sql .= " AND fid NOT IN ($unsearchforums)"; 1472 } 1473 $inactiveforums = get_inactive_forums(); 1474 if($inactiveforums) 1475 { 1476 $where_sql .= " AND fid NOT IN ($inactiveforums)"; 1477 } 1478 1479 // Moderators can view unapproved threads and deleted threads from forums they moderate 1480 $unapproved_where = get_visible_where(); 1481 $where_sql .= " AND ({$unapproved_where})"; 1482 1483 $permsql = ""; 1484 $onlyusfids = array(); 1485 1486 // Check group permissions if we can't view threads not started by us 1487 $group_permissions = forum_permissions(); 1488 foreach($group_permissions as $fid => $forum_permissions) 1489 { 1490 if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) 1491 { 1492 $onlyusfids[] = $fid; 1493 } 1494 } 1495 if(!empty($onlyusfids)) 1496 { 1497 $where_sql .= "AND ((fid IN(".implode(',', $onlyusfids).") AND uid='{$mybb->user['uid']}') OR fid NOT IN(".implode(',', $onlyusfids)."))"; 1498 } 1499 1500 $tids = ''; 1501 $comma = ''; 1502 $query = $db->simple_select("threads", "tid", $where_sql); 1503 while($tid = $db->fetch_field($query, "tid")) 1504 { 1505 $tids .= $comma.$tid; 1506 $comma = ','; 1507 } 1508 1509 $sid = md5(uniqid(microtime(), true)); 1510 $searcharray = array( 1511 "sid" => $db->escape_string($sid), 1512 "uid" => $mybb->user['uid'], 1513 "dateline" => TIME_NOW, 1514 "ipaddress" => $db->escape_binary($session->packedip), 1515 "threads" => $db->escape_string($tids), 1516 "posts" => '', 1517 "resulttype" => "threads", 1518 "querycache" => $db->escape_string($where_sql), 1519 "keywords" => '' 1520 ); 1521 1522 $plugins->run_hooks("search_do_search_process"); 1523 $db->insert_query("searchlog", $searcharray); 1524 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1525 } 1526 elseif($mybb->input['action'] == "do_search") 1527 { 1528 $plugins->run_hooks("search_do_search_start"); 1529 1530 // Check if search flood checking is enabled and user is not admin 1531 if($mybb->settings['searchfloodtime'] > 0 && $mybb->usergroup['cancp'] != 1) 1532 { 1533 // Fetch the time this user last searched 1534 if($mybb->user['uid']) 1535 { 1536 $conditions = "uid='{$mybb->user['uid']}'"; 1537 } 1538 else 1539 { 1540 $conditions = "uid='0' AND ipaddress=".$db->escape_binary($session->packedip); 1541 } 1542 $timecut = TIME_NOW-$mybb->settings['searchfloodtime']; 1543 $query = $db->simple_select("searchlog", "*", "$conditions AND dateline > '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC")); 1544 $last_search = $db->fetch_array($query); 1545 // Users last search was within the flood time, show the error 1546 if(!empty($last_search['sid'])) 1547 { 1548 $remaining_time = $mybb->settings['searchfloodtime']-(TIME_NOW-$last_search['dateline']); 1549 if($remaining_time == 1) 1550 { 1551 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding_1, $mybb->settings['searchfloodtime']); 1552 } 1553 else 1554 { 1555 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time); 1556 } 1557 error($lang->error_searchflooding); 1558 } 1559 } 1560 if($mybb->get_input('showresults') == "threads") 1561 { 1562 $resulttype = "threads"; 1563 } 1564 else 1565 { 1566 $resulttype = "posts"; 1567 } 1568 1569 if(isset($mybb->input['forums']) && is_array($mybb->input['forums'])) 1570 { 1571 $forums = $mybb->get_input('forums', MyBB::INPUT_ARRAY); 1572 } 1573 else 1574 { 1575 $forums = array($mybb->get_input('forums')); 1576 } 1577 1578 $search_data = array( 1579 "keywords" => $mybb->input['keywords'], 1580 "author" => $mybb->get_input('author'), 1581 "postthread" => $mybb->get_input('postthread', MyBB::INPUT_INT), 1582 "matchusername" => $mybb->get_input('matchusername', MyBB::INPUT_INT), 1583 "postdate" => $mybb->get_input('postdate', MyBB::INPUT_INT), 1584 "pddir" => $mybb->get_input('pddir', MyBB::INPUT_INT), 1585 "forums" => $forums, 1586 "findthreadst" => $mybb->get_input('findthreadst', MyBB::INPUT_INT), 1587 "numreplies" => $mybb->get_input('numreplies', MyBB::INPUT_INT), 1588 "threadprefix" => $mybb->get_input('threadprefix', MyBB::INPUT_ARRAY) 1589 ); 1590 1591 if(is_moderator() && !empty($mybb->input['visible'])) 1592 { 1593 $search_data['visible'] = $mybb->get_input('visible', MyBB::INPUT_INT); 1594 } 1595 1596 if($db->can_search == true) 1597 { 1598 if($mybb->settings['searchtype'] == "fulltext" && $db->supports_fulltext_boolean("posts") && $db->is_fulltext("posts")) 1599 { 1600 $search_results = perform_search_mysql_ft($search_data); 1601 } 1602 else 1603 { 1604 $search_results = perform_search_mysql($search_data); 1605 } 1606 } 1607 else 1608 { 1609 error($lang->error_no_search_support); 1610 } 1611 $sid = md5(uniqid(microtime(), true)); 1612 $searcharray = array( 1613 "sid" => $db->escape_string($sid), 1614 "uid" => $mybb->user['uid'], 1615 "dateline" => $now, 1616 "ipaddress" => $db->escape_binary($session->packedip), 1617 "threads" => $search_results['threads'], 1618 "posts" => $search_results['posts'], 1619 "resulttype" => $resulttype, 1620 "querycache" => $search_results['querycache'], 1621 "keywords" => $db->escape_string($mybb->input['keywords']), 1622 ); 1623 $plugins->run_hooks("search_do_search_process"); 1624 1625 $db->insert_query("searchlog", $searcharray); 1626 1627 if(my_strtolower($mybb->get_input('sortordr')) == "asc" || my_strtolower($mybb->get_input('sortordr') == "desc")) 1628 { 1629 $sortorder = $mybb->get_input('sortordr'); 1630 } 1631 else 1632 { 1633 $sortorder = "desc"; 1634 } 1635 $sortby = htmlspecialchars_uni($mybb->get_input('sortby')); 1636 $plugins->run_hooks("search_do_search_end"); 1637 redirect("search.php?action=results&sid=".$sid."&sortby=".$sortby."&order=".$sortorder, $lang->redirect_searchresults); 1638 } 1639 else if($mybb->input['action'] == "thread") 1640 { 1641 // Fetch thread info 1642 $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); 1643 $ismod = is_moderator($thread['fid']); 1644 1645 if(!$thread || ($thread['visible'] != 1 && $ismod == false && ($thread['visible'] != -1 || $mybb->settings['soft_delete'] != 1 || !$mybb->user['uid'] || $mybb->user['uid'] != $thread['uid'])) || ($thread['visible'] > 1 && $ismod == true)) 1646 { 1647 error($lang->error_invalidthread); 1648 } 1649 1650 // Get forum info 1651 $forum = get_forum($thread['fid']); 1652 if(!$forum) 1653 { 1654 error($lang->error_invalidforum); 1655 } 1656 1657 $forum_permissions = forum_permissions($forum['fid']); 1658 1659 if($forum['open'] == 0 || $forum['type'] != "f") 1660 { 1661 error($lang->error_closedinvalidforum); 1662 } 1663 if($forum_permissions['canview'] == 0 || $forum_permissions['canviewthreads'] != 1 || (isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'])) 1664 { 1665 error_no_permission(); 1666 } 1667 1668 $plugins->run_hooks("search_thread_start"); 1669 1670 // Check if search flood checking is enabled and user is not admin 1671 if($mybb->settings['searchfloodtime'] > 0 && $mybb->usergroup['cancp'] != 1) 1672 { 1673 // Fetch the time this user last searched 1674 if($mybb->user['uid']) 1675 { 1676 $conditions = "uid='{$mybb->user['uid']}'"; 1677 } 1678 else 1679 { 1680 $conditions = "uid='0' AND ipaddress=".$db->escape_binary($session->packedip); 1681 } 1682 $timecut = TIME_NOW-$mybb->settings['searchfloodtime']; 1683 $query = $db->simple_select("searchlog", "*", "$conditions AND dateline > '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC")); 1684 $last_search = $db->fetch_array($query); 1685 1686 if($last_search) 1687 { 1688 // We shouldn't show remaining time if time is 0 or under. 1689 $remaining_time = $mybb->settings['searchfloodtime']-(TIME_NOW-$last_search['dateline']); 1690 // Users last search was within the flood time, show the error. 1691 if($remaining_time > 0) 1692 { 1693 if($remaining_time == 1) 1694 { 1695 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding_1, $mybb->settings['searchfloodtime']); 1696 } 1697 else 1698 { 1699 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time); 1700 } 1701 error($lang->error_searchflooding); 1702 } 1703 } 1704 } 1705 1706 $search_data = array( 1707 "keywords" => $mybb->input['keywords'], 1708 "postthread" => 1, 1709 "tid" => $mybb->get_input('tid', MyBB::INPUT_INT) 1710 ); 1711 1712 if($db->can_search == true) 1713 { 1714 if($mybb->settings['searchtype'] == "fulltext" && $db->supports_fulltext_boolean("posts") && $db->is_fulltext("posts")) 1715 { 1716 $search_results = perform_search_mysql_ft($search_data); 1717 } 1718 else 1719 { 1720 $search_results = perform_search_mysql($search_data); 1721 } 1722 } 1723 else 1724 { 1725 error($lang->error_no_search_support); 1726 } 1727 $sid = md5(uniqid(microtime(), true)); 1728 $searcharray = array( 1729 "sid" => $db->escape_string($sid), 1730 "uid" => $mybb->user['uid'], 1731 "dateline" => $now, 1732 "ipaddress" => $db->escape_binary($session->packedip), 1733 "threads" => $search_results['threads'], 1734 "posts" => $search_results['posts'], 1735 "resulttype" => 'posts', 1736 "querycache" => $search_results['querycache'], 1737 "keywords" => $db->escape_string($mybb->input['keywords']) 1738 ); 1739 $plugins->run_hooks("search_thread_process"); 1740 1741 $db->insert_query("searchlog", $searcharray); 1742 1743 $plugins->run_hooks("search_do_search_end"); 1744 redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); 1745 } 1746 else 1747 { 1748 $plugins->run_hooks("search_start"); 1749 $srchlist = make_searchable_forums(); 1750 $prefixselect = build_prefix_select('all', 'any', 1); 1751 1752 $rowspan = 5; 1753 1754 $moderator_options = ''; 1755 if(is_moderator()) 1756 { 1757 $rowspan += 2; 1758 eval("\$moderator_options = \"".$templates->get("search_moderator_options")."\";"); 1759 } 1760 1761 $plugins->run_hooks("search_end"); 1762 1763 eval("\$search = \"".$templates->get("search")."\";"); 1764 output_page($search); 1765 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| 2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup | Cross-referenced by PHPXref |