Vergleich search.php - 1.4.2 - 1.4.8

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 1	Zeile 1
<?php /** * MyBB 1.4	<?php /** * MyBB 1.4
* Copyright � 2008 MyBB Group, All Rights Reserved	* Copyright © 2008 MyBB Group, All Rights Reserved
* * Website: http://www.mybboard.net * License: http://www.mybboard.net/about/license *	* * Website: http://www.mybboard.net * License: http://www.mybboard.net/about/license *
* $Id: search.php 4178 2008-09-06 16:39:10Z Tikitiki $	* $Id: search.php 4375 2009-05-26 12:06:03Z Tomm $
*/	*/
Zeile 16	Zeile 16
$templatelist = "search,forumdisplay_thread_gotounread,search_results_threads_thread,search_results_threads,search_results_posts,search_results_posts_post"; $templatelist .= ",multipage_nextpage,multipage_page_current,multipage_page,multipage_start,multipage_end,multipage,forumdisplay_thread_multipage_more,forumdisplay_thread_multipage_page,forumdisplay_thread_multipage";	$templatelist = "search,forumdisplay_thread_gotounread,search_results_threads_thread,search_results_threads,search_results_posts,search_results_posts_post"; $templatelist .= ",multipage_nextpage,multipage_page_current,multipage_page,multipage_start,multipage_end,multipage,forumdisplay_thread_multipage_more,forumdisplay_thread_multipage_page,forumdisplay_thread_multipage";
$templatelist .= ",search_results_posts_inlinecheck,search_results_posts_nocheck,search_results_threads_inlinecheck,search_results_threads_nocheck,search_results_inlinemodcol,search_results_posts_inlinemoderation_custom_tool,search_results_posts_inlinemoderation_custom,search_results_posts_inlinemoderation,search_results_threads_inlinemoderation_custom_tool,search_results_threads_inlinemoderation_custom,search_results_threads_inlinemoderation";	$templatelist .= ",search_results_posts_inlinecheck,search_results_posts_nocheck,search_results_threads_inlinecheck,search_results_threads_nocheck,search_results_inlinemodcol,search_results_posts_inlinemoderation_custom_tool,search_results_posts_inlinemoderation_custom,search_results_posts_inlinemoderation,search_results_threads_inlinemoderation_custom_tool,search_results_threads_inlinemoderation_custom,search_results_threads_inlinemoderation,search_orderarrow";
require_once "./global.php"; require_once MYBB_ROOT."inc/functions_post.php"; require_once MYBB_ROOT."inc/functions_search.php";	require_once "./global.php"; require_once MYBB_ROOT."inc/functions_post.php"; require_once MYBB_ROOT."inc/functions_search.php";
Zeile 43	Zeile 43
} $now = TIME_NOW;	} $now = TIME_NOW;
	$mybb->input['keywords'] = trim($mybb->input['keywords']); $limitsql = ""; if(intval($mybb->settings['searchhardlimit']) > 0) { $limitsql = "LIMIT ".intval($mybb->settings['searchhardlimit']); }
if($mybb->input['action'] == "results") {	if($mybb->input['action'] == "results") {
Zeile 165	Zeile 172
$icon_cache = $cache->read("posticons"); $threads = array();	$icon_cache = $cache->read("posticons"); $threads = array();
$limitsql = ""; if(intval($mybb->settings['searchhardlimit']) > 0) { $limitsql = "LIMIT ".intval($mybb->settings['searchhardlimit']); }
if($mybb->user['uid'] == 0) {	if($mybb->user['uid'] == 0) {
Zeile 183	Zeile 184
"); $forumsread = unserialize($mybb->cookies['mybb']['forumread']);	"); $forumsread = unserialize($mybb->cookies['mybb']['forumread']);
}	}
else { // Build a forum cache.	else { // Build a forum cache.
Zeile 243	Zeile 244
while($forum = $db->fetch_array($query)) { $moderated_forums .= ','.$forum['fid'];	while($forum = $db->fetch_array($query)) { $moderated_forums .= ','.$forum['fid'];
}	}
$unapproved_where = "(t.visible>0 OR (t.visible=0 AND t.fid IN ({$moderated_forums})))"; } else	$unapproved_where = "(t.visible>0 OR (t.visible=0 AND t.fid IN ({$moderated_forums})))"; } else
Zeile 268	Zeile 269
$search['threads'] = implode(",", $threads); } // No results.	$search['threads'] = implode(",", $threads); } // No results.
else { error($lang->error_nosearchresults);	else { error($lang->error_nosearchresults);
} $where_conditions = "t.tid IN (".$search['threads'].")"; }	} $where_conditions = "t.tid IN (".$search['threads'].")"; }
Zeile 313	Zeile 314
// Fetch dot icons if enabled if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] && $thread_cache) {	// Fetch dot icons if enabled if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] && $thread_cache) {
$query = $db->simple_select("posts", "DISTINCT tid,uid", "uid='".$mybb->user['uid']."' AND tid IN(".$thread_ids.")");	$query = $db->simple_select("posts", "DISTINCT tid,uid", "uid='".$mybb->user['uid']."' AND tid IN(".$thread_ids.")"); // Why are we querying the posts table?
while($post = $db->fetch_array($query)) { $thread_cache[$post['tid']]['dot_icon'] = 1;	while($post = $db->fetch_array($query)) { $thread_cache[$post['tid']]['dot_icon'] = 1;
Zeile 603	Zeile 604
} else // Displaying results as posts {	} else // Displaying results as posts {
$postcount = 0; if($search['querycache'] != "")	if(!$search['posts'])
{	{
$where_conditions = $search['querycache']; } else { if(!$search['posts']) { error($lang->error_nosearchresults); } $where_conditions = "p.pid IN (".$search['posts'].")";	error($lang->error_nosearchresults);
}	}
	$postcount = 0;
// Moderators can view unapproved threads $query = $db->simple_select("moderators", "fid", "uid='{$mybb->user['uid']}'"); if($mybb->usergroup['issupermod'] == 1) { // Super moderators (and admins)	// Moderators can view unapproved threads $query = $db->simple_select("moderators", "fid", "uid='{$mybb->user['uid']}'"); if($mybb->usergroup['issupermod'] == 1) { // Super moderators (and admins)
$unapproved_where = "t.visible>-1 AND p.visible>-1";	$p_unapproved_where = "visible >= 0"; $t_unapproved_where = "visible < 0";
} elseif($db->num_rows($query))	} elseif($db->num_rows($query))
{	{
// Normal moderators $moderated_forums = '0'; while($forum = $db->fetch_array($query)) { $moderated_forums .= ','.$forum['fid'];	// Normal moderators $moderated_forums = '0'; while($forum = $db->fetch_array($query)) { $moderated_forums .= ','.$forum['fid'];
	$test_moderated_forums[$forum['fid']] = $forum['fid'];
}	}
$unapproved_where = "((t.visible>0 AND p.visible>0) OR ((p.visible=0 OR t.visible>-1) AND t.fid IN ({$moderated_forums})))";	$p_unapproved_where = "visible >= 0"; $t_unapproved_where = "visible < 0 AND fid NOT IN ({$moderated_forums})";
} else	} else
{	{
// Normal users	// Normal users
$unapproved_where = 't.visible>0 AND p.visible>0';	$p_unapproved_where = 'visible=1'; $t_unapproved_where = 'visible < 1'; } $post_cache_options = array('LIMIT' => intval($mybb->settings['searchhardlimit'])); if(strpos($sortfield, 'p.') !== false) { $post_cache_options['order_by'] = str_replace('p.', '', $sortfield); $post_cache_options['order_dir'] = $order; } $tids = array(); $pids = array(); // Make sure the posts we're viewing we have permission to view. $query = $db->simple_select("posts", "pid, tid", "pid IN(".$db->escape_string($search['posts']).") AND {$p_unapproved_where}", $post_cache_options); while($post = $db->fetch_array($query)) { $pids[$post['pid']] = $post['tid']; $tids[$post['tid']][$post['pid']] = $post['pid']; } if(!empty($pids)) { $temp_pids = array(); // Check the thread records as well. If we don't have permissions, remove them from the listing. $query = $db->simple_select("threads", "tid", "tid IN(".$db->escape_string(implode(',', $pids)).") AND ({$t_unapproved_where} OR closed LIKE 'moved\|%')"); while($thread = $db->fetch_array($query)) { if(array_key_exists($thread['tid'], $tids) != false) { $temp_pids = $tids[$thread['tid']]; foreach($temp_pids as $pid) { unset($pids[$pid]); unset($tids[$thread['tid']]); } } } unset($temp_pids); } // Declare our post count $postcount = count($pids); if(!$postcount) { error($lang->error_nosearchresults);
}	}
$query = $db->query(" SELECT COUNT(p.pid) AS resultcount FROM ".TABLE_PREFIX."posts p LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) WHERE {$where_conditions} AND {$unapproved_where} AND t.closed NOT LIKE 'moved\|%' {$limitsql} "); $count = $db->fetch_array($query); if(!$count['resultcount']) { error($lang->error_nosearchresults); } $postcount = $count['resultcount']; $tids = array(); $query = $db->query(" SELECT p.tid FROM ".TABLE_PREFIX."posts p LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) WHERE {$where_conditions} AND {$unapproved_where} AND t.closed NOT LIKE 'moved\|%' ORDER BY $sortfield $order LIMIT $start, $perpage "); while($post = $db->fetch_array($query)) { $tids[$post['tid']] = $post['tid']; } $tids = implode(",", $tids);	// And now we have our sanatized post list $search['posts'] = implode(',', array_keys($pids)); $tids = implode(",", array_keys($tids));
// Read threads if($mybb->user['uid'] && $mybb->settings['threadreadcut'] > 0) {	// Read threads if($mybb->user['uid'] && $mybb->settings['threadreadcut'] > 0) {
$query = $db->simple_select("threadsread", "tid, dateline", "uid='".$mybb->user['uid']."' AND tid IN(".$tids.")");	$query = $db->simple_select("threadsread", "tid, dateline", "uid='".$mybb->user['uid']."' AND tid IN(".$db->escape_string($tids).")");
while($readthread = $db->fetch_array($query)) { $readthreads[$readthread['tid']] = $readthread['dateline'];	while($readthread = $db->fetch_array($query)) { $readthreads[$readthread['tid']] = $readthread['dateline'];
Zeile 683	Zeile 702
$dot_icon = array(); if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] != 0) {	$dot_icon = array(); if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] != 0) {
$query = $db->simple_select("posts", "DISTINCT tid,uid", "uid='".$mybb->user['uid']."' AND tid IN(".$tids.")");	$query = $db->simple_select("posts", "DISTINCT tid,uid", "uid='".$mybb->user['uid']."' AND tid IN(".$db->escape_string($tids).")");
while($post = $db->fetch_array($query)) { $dot_icon[$post['tid']] = true;	while($post = $db->fetch_array($query)) { $dot_icon[$post['tid']] = true;
Zeile 695	Zeile 714
FROM ".TABLE_PREFIX."posts p LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid)	FROM ".TABLE_PREFIX."posts p LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid)
WHERE $where_conditions AND {$unapproved_where} AND t.closed NOT LIKE 'moved\|%'	WHERE p.pid IN (".$db->escape_string($search['posts']).")
ORDER BY $sortfield $order LIMIT $start, $perpage ");	ORDER BY $sortfield $order LIMIT $start, $perpage ");
Zeile 908	Zeile 927
} elseif($mybb->input['action'] == "findguest") {	} elseif($mybb->input['action'] == "findguest") {
$where_sql = "p.uid='0'";	$where_sql = "uid='0'";
$unsearchforums = get_unsearchable_forums(); if($unsearchforums) {	$unsearchforums = get_unsearchable_forums(); if($unsearchforums) {
$where_sql .= " AND t.fid NOT IN ($unsearchforums)"; } $inactiveforums = get_inactive_forums(); if($inactiveforums) { $where_sql .= " AND t.fid NOT IN ($inactiveforums)"; } $sid = md5(uniqid(microtime(), 1)); $searcharray = array( "sid" => $db->escape_string($sid), "uid" => $mybb->user['uid'], "dateline" => TIME_NOW, "ipaddress" => $db->escape_string($session->ipaddress), "threads" => '', "posts" => '', "resulttype" => "posts", "querycache" => $db->escape_string($where_sql),	$where_sql .= " AND fid NOT IN ($unsearchforums)"; } $inactiveforums = get_inactive_forums(); if($inactiveforums) { $where_sql .= " AND fid NOT IN ($inactiveforums)"; } $options = array( 'LIMIT' => intval($mybb->settings['searchhardlimit']), 'order_by' => 'dateline', 'order_dir' => 'DESC' ); $pids = ''; $comma = ''; $query = $db->simple_select("posts", "pid", "{$where_sql}", $options); while($pid = $db->fetch_field($query, "pid")) { $pids .= $comma.$pid; $comma = ','; } $tids = ''; $comma = ''; $query = $db->simple_select("threads", "tid", $where_sql); while($tid = $db->fetch_field($query, "tid")) { $tids .= $comma.$tid; $comma = ','; } $sid = md5(uniqid(microtime(), 1)); $searcharray = array( "sid" => $db->escape_string($sid), "uid" => $mybb->user['uid'], "dateline" => TIME_NOW, "ipaddress" => $db->escape_string($session->ipaddress), "threads" => $db->escape_string($tids), "posts" => $db->escape_string($pids), "resulttype" => "posts", "querycache" => '',
"keywords" => '' ); $plugins->run_hooks("search_do_search_process");	"keywords" => '' ); $plugins->run_hooks("search_do_search_process");
Zeile 939	Zeile 982
} elseif($mybb->input['action'] == "finduser") {	} elseif($mybb->input['action'] == "finduser") {
$where_sql = "p.uid='".intval($mybb->input['uid'])."'";	$where_sql = "uid='".intval($mybb->input['uid'])."'";
$unsearchforums = get_unsearchable_forums(); if($unsearchforums)	$unsearchforums = get_unsearchable_forums(); if($unsearchforums)
{ $where_sql .= " AND t.fid NOT IN ($unsearchforums)"; }	{ $where_sql .= " AND fid NOT IN ($unsearchforums)"; }
$inactiveforums = get_inactive_forums(); if($inactiveforums) {	$inactiveforums = get_inactive_forums(); if($inactiveforums) {
$where_sql .= " AND t.fid NOT IN ($inactiveforums)";	$where_sql .= " AND fid NOT IN ($inactiveforums)"; } $options = array( 'LIMIT' => intval($mybb->settings['searchhardlimit']), 'order_by' => 'dateline', 'order_dir' => 'DESC' ); $pids = ''; $comma = ''; $query = $db->simple_select("posts", "pid", "{$where_sql}", $options); while($pid = $db->fetch_field($query, "pid")) { $pids .= $comma.$pid; $comma = ','; } $tids = ''; $comma = ''; $query = $db->simple_select("threads", "tid", $where_sql); while($tid = $db->fetch_field($query, "tid")) { $tids .= $comma.$tid; $comma = ',';
} $sid = md5(uniqid(microtime(), 1));	} $sid = md5(uniqid(microtime(), 1));
Zeile 958	Zeile 1025
"uid" => $mybb->user['uid'], "dateline" => TIME_NOW, "ipaddress" => $db->escape_string($session->ipaddress),	"uid" => $mybb->user['uid'], "dateline" => TIME_NOW, "ipaddress" => $db->escape_string($session->ipaddress),
"threads" => '', "posts" => '',	"threads" => $db->escape_string($tids), "posts" => $db->escape_string($pids),
"resulttype" => "posts",	"resulttype" => "posts",
"querycache" => $db->escape_string($where_sql),	"querycache" => '',
"keywords" => '' ); $plugins->run_hooks("search_do_search_process");	"keywords" => '' ); $plugins->run_hooks("search_do_search_process");
Zeile 1128	Zeile 1195
$conditions = "uid='0' AND ipaddress='".$db->escape_string($session->ipaddress)."'"; } $timecut = TIME_NOW-$mybb->settings['searchfloodtime'];	$conditions = "uid='0' AND ipaddress='".$db->escape_string($session->ipaddress)."'"; } $timecut = TIME_NOW-$mybb->settings['searchfloodtime'];
$query = $db->simple_select("searchlog", "*", "$conditions AND dateline >= '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC"));	$query = $db->simple_select("searchlog", "*", "$conditions AND dateline > '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC"));
$last_search = $db->fetch_array($query); // Users last search was within the flood time, show the error if($last_search['sid'])	$last_search = $db->fetch_array($query); // Users last search was within the flood time, show the error if($last_search['sid'])
Zeile 1251	Zeile 1318
$conditions = "uid='0' AND ipaddress='".$db->escape_string($session->ipaddress)."'"; } $timecut = TIME_NOW-$mybb->settings['searchfloodtime'];	$conditions = "uid='0' AND ipaddress='".$db->escape_string($session->ipaddress)."'"; } $timecut = TIME_NOW-$mybb->settings['searchfloodtime'];
$query = $db->simple_select("searchlog", "*", "$conditions AND dateline >= '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC"));	$query = $db->simple_select("searchlog", "*", "$conditions AND dateline > '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC"));
$last_search = $db->fetch_array($query); // We shouldn't show remaining time if time is 0 or under.	$last_search = $db->fetch_array($query); // We shouldn't show remaining time if time is 0 or under.