Vergleich inc/functions_search.php - 1.8.6 - 1.8.21

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 125	Zeile 125
$pwverified = 1; if($forum['password'] != '') {	$pwverified = 1; if($forum['password'] != '') {
if($mybb->cookies['forumpass'][$forum['fid']] !== md5($mybb->user['uid'].$forum['password']))	if(!isset($mybb->cookies['forumpass'][$forum['fid']]) \|\| !my_hash_equals($mybb->cookies['forumpass'][$forum['fid']], md5($mybb->user['uid'].$forum['password'])))
{ $pwverified = 0; }	{ $pwverified = 0; }
Zeile 229	Zeile 229
*/ function clean_keywords($keywords) {	*/ function clean_keywords($keywords) {
	global $db;
$keywords = my_strtolower($keywords);	$keywords = my_strtolower($keywords);
$keywords = str_replace("%", "\\%", $keywords);	$keywords = $db->escape_string_like($keywords);
$keywords = preg_replace("#\{2,}#s", "", $keywords); $keywords = str_replace("*", "%", $keywords);	$keywords = preg_replace("#\{2,}#s", "", $keywords); $keywords = str_replace("*", "%", $keywords);
$keywords = preg_replace("#([\[\]\\|\.\,:'])#s", " ", $keywords);
$keywords = preg_replace("#\s+#s", " ", $keywords);	$keywords = preg_replace("#\s+#s", " ", $keywords);
	$keywords = str_replace('\\"', '"', $keywords);
// Search for "and" or "or" and remove if it's at the beginning $keywords = trim($keywords);	// Search for "and" or "or" and remove if it's at the beginning $keywords = trim($keywords);
Zeile 270	Zeile 272
// Separate braces for further processing $keywords = preg_replace("#((\+\|-\|<\|>\|~)?$\|$)#s", " $1 ", $keywords); $keywords = preg_replace("#\s+#s", " ", $keywords);	// Separate braces for further processing $keywords = preg_replace("#((\+\|-\|<\|>\|~)?$\|$)#s", " $1 ", $keywords); $keywords = preg_replace("#\s+#s", " ", $keywords);
	global $mybb; $min_word_length = (int) $mybb->settings['minsearchword']; if($min_word_length <= 0) { $min_word_length = 3; } $min_word_length -= 1; // Replaces less than 3 characters $keywords = preg_replace("/(\b.{1,{$min_word_length}})(\s)\|(\b.{1,{$min_word_length}}$)/", '$2', $keywords); // Collapse multiple spaces $keywords = preg_replace('/(\s)+/', '$1', $keywords); $keywords = trim($keywords);
$words = array(array());	$words = array(array());
Zeile 349	Zeile 366
} // Valid operators for opening braces elseif($word == '+(' \|\| $word == '-(' \|\| $word == '<(' \|\| $word == '>(' \|\| $word == '~(' \|\| $word == '(')	} // Valid operators for opening braces elseif($word == '+(' \|\| $word == '-(' \|\| $word == '<(' \|\| $word == '>(' \|\| $word == '~(' \|\| $word == '(')
{	{
if(strlen($word) == 2) { $boolean[$depth] = substr($word, 0, 1);	if(strlen($word) == 2) { $boolean[$depth] = substr($word, 0, 1);
Zeile 369	Zeile 386
case '<': case '~': $word = substr($word, 1);	case '<': case '~': $word = substr($word, 1);
break;	break;
default: $operator = $boolean[$depth]; break;	default: $operator = $boolean[$depth]; break;
Zeile 390	Zeile 407
} } $inquote = !$inquote;	} } $inquote = !$inquote;
}	}
// Close mismatching braces while($depth > 0) {	// Close mismatching braces while($depth > 0) {
Zeile 471	Zeile 488
{ // If we're not in a double quoted section if(!$inquote)	{ // If we're not in a double quoted section if(!$inquote)
{	{
// Expand out based on search operators (and, or) $matches = preg_split("#\s{1,}(and\|or)\s{1,}#", $phrase, -1, PREG_SPLIT_DELIM_CAPTURE); $count_matches = count($matches);	// Expand out based on search operators (and, or) $matches = preg_split("#\s{1,}(and\|or)\s{1,}#", $phrase, -1, PREG_SPLIT_DELIM_CAPTURE); $count_matches = count($matches);
Zeile 480	Zeile 497
{ $word = trim($matches[$i]); if(empty($word))	{ $word = trim($matches[$i]); if(empty($word))
{	{
continue; } // If this word is a search operator set the boolean	continue; } // If this word is a search operator set the boolean
Zeile 491	Zeile 508
if($search['subject'] && $search['message'] && $subject_lookin == " AND (") { // We're looking for anything, check for a subject lookin	if($search['subject'] && $search['message'] && $subject_lookin == " AND (") { // We're looking for anything, check for a subject lookin
continue; }	continue; }
elseif($search['subject'] && !$search['message'] && $subject_lookin == " AND (") { // Just in a subject?	elseif($search['subject'] && !$search['message'] && $subject_lookin == " AND (") { // Just in a subject?
Zeile 533	Zeile 550
} // In the middle of a quote (phrase) else	} // In the middle of a quote (phrase) else
{	{
$phrase = str_replace(array("+", "-", "*"), '', trim($phrase)); if(my_strlen($phrase) < $mybb->settings['minsearchword'])	$phrase = str_replace(array("+", "-", "*"), '', trim($phrase)); if(my_strlen($phrase) < $mybb->settings['minsearchword'])
{	{
$lang->error_minsearchlength = $lang->sprintf($lang->error_minsearchlength, $mybb->settings['minsearchword']); error($lang->error_minsearchlength); }	$lang->error_minsearchlength = $lang->sprintf($lang->error_minsearchlength, $mybb->settings['minsearchword']); error($lang->error_minsearchlength); }
Zeile 554	Zeile 571
if($search['subject'] && $search['message'] && $subject_lookin == " AND (") { // We're looking for anything, check for a subject lookin	if($search['subject'] && $search['message'] && $subject_lookin == " AND (") { // We're looking for anything, check for a subject lookin
$error = true; }	$error = true; }
elseif($search['subject'] && !$search['message'] && $subject_lookin == " AND (")	elseif($search['subject'] && !$search['message'] && $subject_lookin == " AND (")
{	{
// Just in a subject?	// Just in a subject?
$error = true;	$error = true;
} elseif(!$search['subject'] && $search['message'] && $message_lookin == " {$string} (") { // Just in a message? $error = true;	} elseif(!$search['subject'] && $search['message'] && $message_lookin == " {$string} (") { // Just in a message? $error = true;
}	}
if($error == true) { // There are no search keywords to look for $lang->error_minsearchlength = $lang->sprintf($lang->error_minsearchlength, $mybb->settings['minsearchword']); error($lang->error_minsearchlength);	if($error == true) { // There are no search keywords to look for $lang->error_minsearchlength = $lang->sprintf($lang->error_minsearchlength, $mybb->settings['minsearchword']); error($lang->error_minsearchlength);
} $inquote = !$inquote; }	} $inquote = !$inquote; }
if($search['subject'] == 1)	if($search['subject'] == 1)
{	{
$subject_lookin .= ")";	$subject_lookin .= ")";
}	}
if($search['message'] == 1) { $message_lookin .= ")";	if($search['message'] == 1) { $message_lookin .= ")";
Zeile 593	Zeile 610
{ $keywords = str_replace("\"", '', trim($keywords)); if(my_strlen($keywords) < $mybb->settings['minsearchword'])	{ $keywords = str_replace("\"", '', trim($keywords)); if(my_strlen($keywords) < $mybb->settings['minsearchword'])
{	{
$lang->error_minsearchlength = $lang->sprintf($lang->error_minsearchlength, $mybb->settings['minsearchword']); error($lang->error_minsearchlength); }	$lang->error_minsearchlength = $lang->sprintf($lang->error_minsearchlength, $mybb->settings['minsearchword']); error($lang->error_minsearchlength); }
Zeile 653	Zeile 670
if(!is_array($search['folder'])) { $search['folder'] = array($search['folder']);	if(!is_array($search['folder'])) { $search['folder'] = array($search['folder']);
}	}
if(!empty($search['folder']))	if(!empty($search['folder']))
{	{
$folderids = array();	$folderids = array();

$search['folder'] = array_map("intval", $search['folder']); $folderids = implode(',', $search['folder']);	$search['folder'] = array_map("intval", $search['folder']); $folderids = implode(',', $search['folder']);
Zeile 673	Zeile 690
{ $searchsql .= " AND ("; if($search['status']['new'])	{ $searchsql .= " AND ("; if($search['status']['new'])
{	{
$statussql[] = " status='0' "; } if($search['status']['replied'])	$statussql[] = " status='0' "; } if($search['status']['replied'])
Zeile 696	Zeile 713
$statussql = implode("OR", $statussql); $searchsql .= $statussql.")"; }	$statussql = implode("OR", $statussql); $searchsql .= $statussql.")"; }
	$limitsql = ""; if((int)$mybb->settings['searchhardlimit'] > 0) { $limitsql = " LIMIT ".(int)$mybb->settings['searchhardlimit']; } $searchsql .= $limitsql;
// Run the search $pms = array();	// Run the search $pms = array();
Zeile 703	Zeile 727
while($pm = $db->fetch_array($query)) { $pms[$pm['pmid']] = $pm['pmid'];	while($pm = $db->fetch_array($query)) { $pms[$pm['pmid']] = $pm['pmid'];
}	}
if(count($pms) < 1) { error($lang->error_nosearchresults); } $pms = implode(',', $pms);	if(count($pms) < 1) { error($lang->error_nosearchresults); } $pms = implode(',', $pms);

return array( "querycache" => $pms	return array( "querycache" => $pms
); }	); }
/** * Perform a help document search under MySQL or MySQLi *	/** * Perform a help document search under MySQL or MySQLi *
Zeile 791	Zeile 815
if(empty($word)) { continue;	if(empty($word)) { continue;
}	}
// If this word is a search operator set the boolean if($i % 2 && ($word == "and" \|\| $word == "or")) {	// If this word is a search operator set the boolean if($i % 2 && ($word == "and" \|\| $word == "or")) {
Zeile 871	Zeile 895
{ // Just in a document? $error = true;	{ // Just in a document? $error = true;
} if($error == true) { // There are no search keywords to look for $lang->error_minsearchlength = $lang->sprintf($lang->error_minsearchlength, $mybb->settings['minsearchword']); error($lang->error_minsearchlength); }	} if($error == true) { // There are no search keywords to look for $lang->error_minsearchlength = $lang->sprintf($lang->error_minsearchlength, $mybb->settings['minsearchword']); error($lang->error_minsearchlength); }
$inquote = !$inquote;	$inquote = !$inquote;
}	}
if($search['name'] == 1) { $name_lookin .= ")"; } if($search['document'] == 1)	if($search['name'] == 1) { $name_lookin .= ")"; } if($search['document'] == 1)
{	{
$document_lookin .= ")"; }	$document_lookin .= ")"; }
Zeile 935	Zeile 959
if(count($helpdocs) < 1) { error($lang->error_nosearchresults);	if(count($helpdocs) < 1) { error($lang->error_nosearchresults);
}	}
$helpdocs = implode(',', $helpdocs); return array(	$helpdocs = implode(',', $helpdocs); return array(
Zeile 954	Zeile 978
global $mybb, $db, $lang, $cache; $keywords = clean_keywords($search['keywords']);	global $mybb, $db, $lang, $cache; $keywords = clean_keywords($search['keywords']);
if(!$keywords && !$search['author']) { error($lang->error_nosearchterms); }
if($mybb->settings['minsearchword'] < 1) {	if($mybb->settings['minsearchword'] < 1) {
Zeile 1092	Zeile 1112
if($search['matchusername']) { $user = get_user_by_username($search['author']);	if($search['matchusername']) { $user = get_user_by_username($search['author']);
$userids[] = $user['uid'];	if($user) { $userids[] = $user['uid']; }
} else {	} else {
Zeile 1128	Zeile 1151
if($search['postdate']) { if($search['pddir'] == 0)	if($search['postdate']) { if($search['pddir'] == 0)
{	{
$datecut = "<=";	$datecut = "<=";
}	}
else { $datecut = ">=";	else { $datecut = ">=";
Zeile 1140	Zeile 1163
$datecut .= "'$datelimit'"; $post_datecut = " AND p.dateline $datecut"; $thread_datecut = " AND t.dateline $datecut";	$datecut .= "'$datelimit'"; $post_datecut = " AND p.dateline $datecut"; $thread_datecut = " AND t.dateline $datecut";
}	}
$thread_replycut = ''; if($search['numreplies'] != '' && $search['findthreadst']) { if((int)$search['findthreadst'] == 1) { $thread_replycut = " AND t.replies >= '".(int)$search['numreplies']."'";	$thread_replycut = ''; if($search['numreplies'] != '' && $search['findthreadst']) { if((int)$search['findthreadst'] == 1) { $thread_replycut = " AND t.replies >= '".(int)$search['numreplies']."'";
}	}
else { $thread_replycut = " AND t.replies <= '".(int)$search['numreplies']."'";	else { $thread_replycut = " AND t.replies <= '".(int)$search['numreplies']."'";
} }	} }
$thread_prefixcut = ''; $prefixlist = array(); if($search['threadprefix'] && $search['threadprefix'][0] != 'any')	$thread_prefixcut = ''; $prefixlist = array(); if($search['threadprefix'] && $search['threadprefix'][0] != 'any')
Zeile 1179	Zeile 1202
$forumin = ''; $fidlist = array();	$forumin = ''; $fidlist = array();
$searchin = array(); if(!is_array($search['forums']) \|\| $search['forums'][0] != "all")	if(!empty($search['forums']) && (!is_array($search['forums']) \|\| $search['forums'][0] != "all"))
{ if(!is_array($search['forums'])) { $search['forums'] = array((int)$search['forums']); }	{ if(!is_array($search['forums'])) { $search['forums'] = array((int)$search['forums']); }
// Generate a comma separated list of all groups the user belongs to $user_groups = $mybb->user['usergroup']; if($mybb->user['additionalgroups']) { $user_groups .= ",".$mybb->user['additionalgroups']; // Setup some quick permissions for us $fcache = $cache->read("forumpermissions"); $add_groups = explode(",", $mybb->user['additionalgroups']); } foreach($search['forums'] as $forum)	foreach($search['forums'] as $forum)
{ $forum = (int)$forum;	{ $forum = (int)$forum;
if(empty($searchin[$forum])) { if(isset($add_groups) && is_array($add_groups)) { $can_search = 0; foreach($add_groups as $add_group) { // Check to make sure that we have sufficient permissions to search this forum if(!is_array($fcache[$forum][$add_group]) \|\| $fcache[$forum][$add_group]['cansearch'] == 1 \|\| $mybb->usergroup['cansearch'] == 1) { $can_search = 1; } } if($can_search == 0) { // We can't search this forum... continue; } } switch($db->type) { case "pgsql": $query = $db->simple_select("forums", "DISTINCT fid", "(','\|\|parentlist\|\|',' LIKE ',%{$forum}%,') = true AND active != 0"); break; case "sqlite": $query = $db->simple_select("forums", "DISTINCT fid", "(','\|\|parentlist\|\|',' LIKE ',%{$forum}%,') > 0 AND active != 0"); break; default: $query = $db->simple_select("forums", "DISTINCT fid", "INSTR(CONCAT(',',parentlist,','),',{$forum},') > 0 AND active != 0"); } while($sforum = $db->fetch_array($query))	if($forum > 0) { $fidlist[] = $forum; $child_list = get_child_list($forum); if(is_array($child_list))
{	{
$fidlist[] = $sforum['fid'];	$fidlist = array_merge($fidlist, $child_list);
}	}
} } if(count($fidlist) == 1) { $forumin .= " AND t.fid='$forum' "; $searchin[$forum] = 1;	}
}	}
else	$fidlist = array_unique($fidlist); if(count($fidlist) >= 1)
{	{
if(count($fidlist) > 1) { $forumin = " AND t.fid IN (".implode(',', $fidlist).")"; }	$forumin = " AND t.fid IN (".implode(',', $fidlist).")";
} }	} }
Zeile 1428	Zeile 1404
global $mybb, $db, $lang; $keywords = clean_keywords_ft($search['keywords']);	global $mybb, $db, $lang; $keywords = clean_keywords_ft($search['keywords']);
if(!$keywords && !$search['author']) { error($lang->error_nosearchterms); }
// Attempt to determine minimum word length from MySQL for fulltext searches $query = $db->query("SHOW VARIABLES LIKE 'ft_min_word_len';"); $min_length = $db->fetch_field($query, 'Value');	// Attempt to determine minimum word length from MySQL for fulltext searches $query = $db->query("SHOW VARIABLES LIKE 'ft_min_word_len';"); $min_length = $db->fetch_field($query, 'Value');
Zeile 1506	Zeile 1478
if($search['matchusername']) { $user = get_user_by_username($search['author']);	if($search['matchusername']) { $user = get_user_by_username($search['author']);
$userids[] = $user['uid'];	if($user) { $userids[] = $user['uid']; }
} else {	} else {
switch($db->type) { case 'mysql': case 'mysqli': $field = 'username'; break; default: $field = 'LOWER(username)'; break; } $query = $db->simple_select("users", "uid", "{$field} LIKE '%".$db->escape_string_like($search['author'])."%'");	$query = $db->simple_select("users", "uid", "username LIKE '%".$db->escape_string_like($search['author'])."%'");
while($user = $db->fetch_array($query)) { $userids[] = $user['uid'];	while($user = $db->fetch_array($query)) { $userids[] = $user['uid'];
} }	} }
if(count($userids) < 1)	if(count($userids) < 1)
{	{
error($lang->error_nosearchresults); } else	error($lang->error_nosearchresults); } else
Zeile 1537	Zeile 1502
$userids = implode(',', $userids); $post_usersql = " AND p.uid IN (".$userids.")"; $thread_usersql = " AND t.uid IN (".$userids.")";	$userids = implode(',', $userids); $post_usersql = " AND p.uid IN (".$userids.")"; $thread_usersql = " AND t.uid IN (".$userids.")";
} }	} }
$datecut = ''; if($search['postdate']) {	$datecut = ''; if($search['postdate']) {
Zeile 1561	Zeile 1526
if($search['numreplies'] != '' && $search['findthreadst']) { if((int)$search['findthreadst'] == 1)	if($search['numreplies'] != '' && $search['findthreadst']) { if((int)$search['findthreadst'] == 1)
{	{
$thread_replycut = " AND t.replies >= '".(int)$search['numreplies']."'";	$thread_replycut = " AND t.replies >= '".(int)$search['numreplies']."'";
}	}
else { $thread_replycut = " AND t.replies <= '".(int)$search['numreplies']."'";	else { $thread_replycut = " AND t.replies <= '".(int)$search['numreplies']."'";
Zeile 1573	Zeile 1538
$thread_prefixcut = ''; $prefixlist = array(); if($search['threadprefix'] && $search['threadprefix'][0] != 'any')	$thread_prefixcut = ''; $prefixlist = array(); if($search['threadprefix'] && $search['threadprefix'][0] != 'any')
{	{
foreach($search['threadprefix'] as $threadprefix) { $threadprefix = (int)$threadprefix;	foreach($search['threadprefix'] as $threadprefix) { $threadprefix = (int)$threadprefix;
Zeile 1581	Zeile 1546
} } if(count($prefixlist) == 1)	} } if(count($prefixlist) == 1)
{	{
$thread_prefixcut .= " AND t.prefix='$threadprefix' "; } else	$thread_prefixcut .= " AND t.prefix='$threadprefix' "; } else
{	{
if(count($prefixlist) > 1)	if(count($prefixlist) > 1)
{	{
$thread_prefixcut = " AND t.prefix IN (".implode(',', $prefixlist).")"; } }	$thread_prefixcut = " AND t.prefix IN (".implode(',', $prefixlist).")"; } }
Zeile 1595	Zeile 1560
$forumin = ''; $fidlist = array(); $searchin = array();	$forumin = ''; $fidlist = array(); $searchin = array();
if(!is_array($search['forums']) \|\| $search['forums'][0] != "all")	if(!empty($search['forums']) && (!is_array($search['forums']) \|\| $search['forums'][0] != "all"))
{ if(!is_array($search['forums']))	{ if(!is_array($search['forums']))
{	{
$search['forums'] = array((int)$search['forums']);	$search['forums'] = array((int)$search['forums']);
} // Generate a comma separated list of all groups the user belongs to $user_groups = $mybb->user['usergroup']; if($mybb->user['additionalgroups']) { $user_groups .= ",".$mybb->user['additionalgroups']; }	}
foreach($search['forums'] as $forum) { $forum = (int)$forum;	foreach($search['forums'] as $forum) { $forum = (int)$forum;
if(empty($searchin[$forum])) { switch($db->type) { case "pgsql": case "sqlite": $query = $db->query(" SELECT f.fid FROM ".TABLE_PREFIX."forums f LEFT JOIN ".TABLE_PREFIX."forumpermissions p ON (f.fid=p.fid AND p.gid IN (".$user_groups.")) WHERE INSTR(','\|\|parentlist\|\|',',',$forum,') > 0 AND active!=0 AND ((p.fid) IS NULL OR p.cansearch=1) "); break; default: $query = $db->query(" SELECT f.fid FROM ".TABLE_PREFIX."forums f LEFT JOIN ".TABLE_PREFIX."forumpermissions p ON (f.fid=p.fid AND p.gid IN (".$user_groups.")) WHERE INSTR(CONCAT(',',parentlist,','),',$forum,') > 0 AND active!=0 AND ((p.fid) IS NULL OR p.cansearch=1) "); } while($sforum = $db->fetch_array($query))	if($forum > 0) { $fidlist[] = $forum; $child_list = get_child_list($forum); if(is_array($child_list))
{	{
$fidlist[] = $sforum['fid'];	$fidlist = array_merge($fidlist, $child_list);
}	}
} } if(count($fidlist) == 1) { $forumin .= " AND t.fid='$forum' "; $searchin[$forum] = 1;	}
}	}
else	$fidlist = array_unique($fidlist); if(count($fidlist) >= 1)
{	{
if(count($fidlist) > 1) { $forumin = " AND t.fid IN (".implode(',', $fidlist).")"; }	$forumin = " AND t.fid IN (".implode(',', $fidlist).")";
} } $permsql = "";	} } $permsql = "";