~azzar1/unity/add-show-desktop-key

« back to all changes in this revision

Viewing changes to www/php/phpBB3/search.php

Add an XHTMLUnauthorizedView which redirects unauthenticated users to the
login page if a page raises an Unauthorized. Alter UserSettingsView to raise
one in the right cases, for testing.

Show diffs side-by-side

added added

removed removed

Lines of Context:
 
1
<?php
 
2
/**
 
3
*
 
4
* @package phpBB3
 
5
* @version $Id: search.php,v 1.212 2007/10/05 14:30:06 acydburn Exp $
 
6
* @copyright (c) 2005 phpBB Group
 
7
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 
8
*
 
9
*/
 
10
 
 
11
/**
 
12
* @ignore
 
13
*/
 
14
define('IN_PHPBB', true);
 
15
$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
 
16
$phpEx = substr(strrchr(__FILE__, '.'), 1);
 
17
include($phpbb_root_path . 'common.' . $phpEx);
 
18
 
 
19
// Start session management
 
20
$user->session_begin();
 
21
$auth->acl($user->data);
 
22
$user->setup('search');
 
23
 
 
24
// Define initial vars
 
25
$mode                   = request_var('mode', '');
 
26
$search_id              = request_var('search_id', '');
 
27
$start                  = max(request_var('start', 0), 0);
 
28
$post_id                = request_var('p', 0);
 
29
$topic_id               = request_var('t', 0);
 
30
$view                   = request_var('view', '');
 
31
 
 
32
$submit                 = request_var('submit', false);
 
33
$keywords               = utf8_normalize_nfc(request_var('keywords', '', true));
 
34
$add_keywords   = utf8_normalize_nfc(request_var('add_keywords', '', true));
 
35
$author                 = request_var('author', '', true);
 
36
$author_id              = request_var('author_id', 0);
 
37
$show_results   = ($topic_id) ? 'posts' : request_var('sr', 'posts');
 
38
$show_results   = ($show_results == 'posts') ? 'posts' : 'topics';
 
39
$search_terms   = request_var('terms', 'all');
 
40
$search_fields  = request_var('sf', 'all');
 
41
$search_child   = request_var('sc', true);
 
42
 
 
43
$sort_days              = request_var('st', 0);
 
44
$sort_key               = request_var('sk', 't');
 
45
$sort_dir               = request_var('sd', 'd');
 
46
 
 
47
$return_chars   = request_var('ch', ($topic_id) ? -1 : 300);
 
48
$search_forum   = request_var('fid', array(0));
 
49
 
 
50
// Is user able to search? Has search been disabled?
 
51
if (!$auth->acl_get('u_search') || !$auth->acl_getf_global('f_search') || !$config['load_search'])
 
52
{
 
53
        $template->assign_var('S_NO_SEARCH', true);
 
54
        trigger_error('NO_SEARCH');
 
55
}
 
56
 
 
57
// Check search load limit
 
58
if ($user->load && $config['limit_search_load'] && ($user->load > doubleval($config['limit_search_load'])))
 
59
{
 
60
        $template->assign_var('S_NO_SEARCH', true);
 
61
        trigger_error('NO_SEARCH_TIME');
 
62
}
 
63
 
 
64
// Check flood limit ... if applicable
 
65
$interval = ($user->data['user_id'] == ANONYMOUS) ? $config['search_anonymous_interval'] : $config['search_interval'];
 
66
if ($interval && !$auth->acl_get('u_ignoreflood'))
 
67
{
 
68
        if ($user->data['user_last_search'] > time() - $interval)
 
69
        {
 
70
                $template->assign_var('S_NO_SEARCH', true);
 
71
                trigger_error('NO_SEARCH_TIME');
 
72
        }
 
73
}
 
74
 
 
75
// Define some vars
 
76
$limit_days             = array(0 => $user->lang['ALL_RESULTS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
 
77
$sort_by_text   = array('a' => $user->lang['SORT_AUTHOR'], 't' => $user->lang['SORT_TIME'], 'f' => $user->lang['SORT_FORUM'], 'i' => $user->lang['SORT_TOPIC_TITLE'], 's' => $user->lang['SORT_POST_SUBJECT']);
 
78
 
 
79
$s_limit_days = $s_sort_key = $s_sort_dir = $u_sort_param = '';
 
80
gen_sort_selects($limit_days, $sort_by_text, $sort_days, $sort_key, $sort_dir, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param);
 
81
 
 
82
if ($keywords || $author || $author_id || $search_id || $submit)
 
83
{
 
84
        // clear arrays
 
85
        $id_ary = array();
 
86
 
 
87
        // egosearch is an author search
 
88
        if ($search_id == 'egosearch')
 
89
        {
 
90
                $author_id = $user->data['user_id'];
 
91
                
 
92
                if ($user->data['user_id'] == ANONYMOUS)
 
93
                {
 
94
                        login_box('', $user->lang['LOGIN_EXPLAIN_EGOSEARCH']);
 
95
                }
 
96
        }
 
97
 
 
98
        // If we are looking for authors get their ids
 
99
        $author_id_ary = array();
 
100
        if ($author_id)
 
101
        {
 
102
                $author_id_ary[] = $author_id;
 
103
        }
 
104
        else if ($author)
 
105
        {
 
106
                if ((strpos($author, '*') !== false) && (utf8_strlen(str_replace(array('*', '%'), '', $author)) < $config['min_search_author_chars']))
 
107
                {
 
108
                        trigger_error(sprintf($user->lang['TOO_FEW_AUTHOR_CHARS'], $config['min_search_author_chars']));
 
109
                }
 
110
 
 
111
                $sql_where = (strpos($author, '*') !== false) ? ' username_clean ' . $db->sql_like_expression(str_replace('*', $db->any_char, utf8_clean_string($author))) : " username_clean = '" . $db->sql_escape(utf8_clean_string($author)) . "'";
 
112
 
 
113
                $sql = 'SELECT user_id
 
114
                        FROM ' . USERS_TABLE . "
 
115
                        WHERE $sql_where
 
116
                                AND user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ')';
 
117
                $result = $db->sql_query_limit($sql, 100);
 
118
 
 
119
                while ($row = $db->sql_fetchrow($result))
 
120
                {
 
121
                        $author_id_ary[] = (int) $row['user_id'];
 
122
                }
 
123
                $db->sql_freeresult($result);
 
124
 
 
125
                if (!sizeof($author_id_ary))
 
126
                {
 
127
                        trigger_error('NO_SEARCH_RESULTS');
 
128
                }
 
129
        }
 
130
 
 
131
        // if we search in an existing search result just add the additional keywords. But we need to use "all search terms"-mode
 
132
        // so we can keep the old keywords in their old mode, but add the new ones as required words
 
133
        if ($add_keywords)
 
134
        {
 
135
                if ($search_terms == 'all')
 
136
                {
 
137
                        $keywords .= ' ' . $add_keywords;
 
138
                }
 
139
                else
 
140
                {
 
141
                        $search_terms = 'all';
 
142
                        $keywords = implode(' |', explode(' ', preg_replace('#\s+#u', ' ', $keywords))) . ' ' .$add_keywords;
 
143
                }
 
144
        }
 
145
 
 
146
        // Which forums should not be searched? Author searches are also carried out in unindexed forums
 
147
        if (empty($keywords) && sizeof($author_id_ary))
 
148
        {
 
149
                $ex_fid_ary = array_keys($auth->acl_getf('!f_read', true));
 
150
        }
 
151
        else
 
152
        {
 
153
                $ex_fid_ary = array_unique(array_merge(array_keys($auth->acl_getf('!f_read', true)), array_keys($auth->acl_getf('!f_search', true))));
 
154
        }
 
155
 
 
156
        $not_in_fid = (sizeof($ex_fid_ary)) ? 'WHERE ' . $db->sql_in_set('f.forum_id', $ex_fid_ary, true) . " OR (f.forum_password <> '' AND fa.user_id <> " . (int) $user->data['user_id'] . ')' : "";
 
157
 
 
158
        $sql = 'SELECT f.forum_id, f.forum_name, f.parent_id, f.forum_type, f.right_id, f.forum_password, fa.user_id
 
159
                FROM ' . FORUMS_TABLE . ' f
 
160
                LEFT JOIN ' . FORUMS_ACCESS_TABLE . " fa ON (fa.forum_id = f.forum_id
 
161
                        AND fa.session_id = '" . $db->sql_escape($user->session_id) . "')
 
162
                $not_in_fid
 
163
                ORDER BY f.left_id";
 
164
        $result = $db->sql_query($sql);
 
165
 
 
166
        $right_id = 0;
 
167
        $reset_search_forum = true;
 
168
        while ($row = $db->sql_fetchrow($result))
 
169
        {
 
170
                if ($row['forum_password'] && $row['user_id'] != $user->data['user_id'])
 
171
                {
 
172
                        $ex_fid_ary[] = (int) $row['forum_id'];
 
173
                        continue;
 
174
                }
 
175
 
 
176
                if (sizeof($search_forum))
 
177
                {
 
178
                        if ($search_child)
 
179
                        {
 
180
                                if (in_array($row['forum_id'], $search_forum) && $row['right_id'] > $right_id)
 
181
                                {
 
182
                                        $right_id = (int) $row['right_id'];
 
183
                                }
 
184
                                else if ($row['right_id'] < $right_id)
 
185
                                {
 
186
                                        continue;
 
187
                                }
 
188
                        }
 
189
 
 
190
                        if (!in_array($row['forum_id'], $search_forum))
 
191
                        {
 
192
                                $ex_fid_ary[] = (int) $row['forum_id'];
 
193
                                $reset_search_forum = false;
 
194
                        }
 
195
                }
 
196
        }
 
197
        $db->sql_freeresult($result);
 
198
 
 
199
        // find out in which forums the user is allowed to view approved posts
 
200
        if ($auth->acl_get('m_approve'))
 
201
        {
 
202
                $m_approve_fid_ary = array(-1);
 
203
                $m_approve_fid_sql = '';
 
204
        }
 
205
        else if ($auth->acl_getf_global('m_approve'))
 
206
        {
 
207
                $m_approve_fid_ary = array_diff(array_keys($auth->acl_getf('!m_approve', true)), $ex_fid_ary);
 
208
                $m_approve_fid_sql = ' AND (p.post_approved = 1' . ((sizeof($m_approve_fid_ary)) ? ' OR ' . $db->sql_in_set('p.forum_id', $m_approve_fid_ary, true) : '') . ')';
 
209
        }
 
210
        else
 
211
        {
 
212
                $m_approve_fid_ary = array();
 
213
                $m_approve_fid_sql = ' AND p.post_approved = 1';
 
214
        }
 
215
 
 
216
        if ($reset_search_forum)
 
217
        {
 
218
                $search_forum = array();
 
219
        }
 
220
 
 
221
        // Select which method we'll use to obtain the post_id or topic_id information
 
222
        $search_type = basename($config['search_type']);
 
223
 
 
224
        if (!file_exists($phpbb_root_path . 'includes/search/' . $search_type . '.' . $phpEx))
 
225
        {
 
226
                trigger_error('NO_SUCH_SEARCH_MODULE');
 
227
        }
 
228
 
 
229
        require("{$phpbb_root_path}includes/search/$search_type.$phpEx");
 
230
 
 
231
        // We do some additional checks in the module to ensure it can actually be utilised
 
232
        $error = false;
 
233
        $search = new $search_type($error);
 
234
 
 
235
        if ($error)
 
236
        {
 
237
                trigger_error($error);
 
238
        }
 
239
 
 
240
        // let the search module split up the keywords
 
241
        if ($keywords)
 
242
        {
 
243
                $correct_query = $search->split_keywords($keywords, $search_terms);
 
244
                if (!$correct_query || (empty($search->search_query) && !sizeof($author_id_ary) && !$search_id))
 
245
                {
 
246
                        $ignored = (sizeof($search->common_words)) ? sprintf($user->lang['IGNORED_TERMS_EXPLAIN'], implode(' ', $search->common_words)) . '<br />' : '';
 
247
                        trigger_error($ignored . sprintf($user->lang['NO_KEYWORDS'], $search->word_length['min'], $search->word_length['max']));
 
248
                }
 
249
        }
 
250
 
 
251
        if (!$keywords && sizeof($author_id_ary))
 
252
        {
 
253
                // if it is an author search we want to show topics by default
 
254
                $show_results = ($topic_id) ? 'posts' : request_var('sr', ($search_id == 'egosearch') ? 'topics' : 'posts');
 
255
                $show_results = ($show_results == 'posts') ? 'posts' : 'topics';
 
256
        }
 
257
 
 
258
        // define some variables needed for retrieving post_id/topic_id information
 
259
        $sort_by_sql = array('a' => 'u.username_clean', 't' => (($show_results == 'posts') ? 'p.post_time' : 't.topic_last_post_time'), 'f' => 'f.forum_id', 'i' => 't.topic_title', 's' => (($show_results == 'posts') ? 'p.post_subject' : 't.topic_title'));
 
260
 
 
261
        // pre-made searches
 
262
        $sql = $field = $l_search_title = '';
 
263
        if ($search_id)
 
264
        {
 
265
                switch ($search_id)
 
266
                {
 
267
                        // Oh holy Bob, bring us some activity...
 
268
                        case 'active_topics':
 
269
                                $l_search_title = $user->lang['SEARCH_ACTIVE_TOPICS'];
 
270
                                $show_results = 'topics';
 
271
                                $sort_key = 't';
 
272
                                $sort_dir = 'd';
 
273
                                $sort_days = request_var('st', 7);
 
274
                                $sort_by_sql['t'] = 't.topic_last_post_time';
 
275
 
 
276
                                gen_sort_selects($limit_days, $sort_by_text, $sort_days, $sort_key, $sort_dir, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param);
 
277
                                $s_sort_key = $s_sort_dir = '';
 
278
 
 
279
                                $last_post_time_sql = ($sort_days) ? ' AND t.topic_last_post_time > ' . (time() - ($sort_days * 24 * 3600)) : '';
 
280
 
 
281
                                $sql = 'SELECT t.topic_last_post_time, t.topic_id
 
282
                                        FROM ' . TOPICS_TABLE . " t
 
283
                                        WHERE t.topic_moved_id = 0
 
284
                                                $last_post_time_sql
 
285
                                                " . str_replace(array('p.', 'post_'), array('t.', 'topic_'), $m_approve_fid_sql) . '
 
286
                                                ' . ((sizeof($ex_fid_ary)) ? ' AND ' . $db->sql_in_set('t.forum_id', $ex_fid_ary, true) : '') . '
 
287
                                        ORDER BY t.topic_last_post_time DESC';
 
288
                                $field = 'topic_id';
 
289
                        break;
 
290
 
 
291
                        case 'unanswered':
 
292
                                $l_search_title = $user->lang['SEARCH_UNANSWERED'];
 
293
                                $show_results = request_var('sr', 'topics');
 
294
                                $show_results = ($show_results == 'posts') ? 'posts' : 'topics';
 
295
                                $sort_by_sql['t'] = ($show_results == 'posts') ? 'p.post_time' : 't.topic_last_post_time';
 
296
                                $sort_by_sql['s'] = ($show_results == 'posts') ? 'p.post_subject' : 't.topic_title';
 
297
                                $sql_sort = 'ORDER BY ' . $sort_by_sql[$sort_key] . (($sort_dir == 'a') ? ' ASC' : ' DESC');
 
298
 
 
299
                                $sort_join = ($sort_key == 'f') ? FORUMS_TABLE . ' f, ' : '';
 
300
                                $sql_sort = ($sort_key == 'f') ? ' AND f.forum_id = p.forum_id ' . $sql_sort : $sql_sort;
 
301
 
 
302
                                if ($sort_days)
 
303
                                {
 
304
                                        $last_post_time = 'AND p.post_time > ' . (time() - ($sort_days * 24 * 3600));
 
305
                                }
 
306
                                else
 
307
                                {
 
308
                                        $last_post_time = '';
 
309
                                }
 
310
 
 
311
 
 
312
                                if ($sort_key == 'a')
 
313
                                {
 
314
                                        $sort_join = USERS_TABLE . ' u, ';
 
315
                                        $sql_sort = ' AND u.user_id = p.poster_id ' . $sql_sort;
 
316
                                }
 
317
                                if ($show_results == 'posts')
 
318
                                {
 
319
                                        $sql = "SELECT p.post_id
 
320
                                                FROM $sort_join" . POSTS_TABLE . ' p, ' . TOPICS_TABLE . " t
 
321
                                                WHERE t.topic_replies = 0
 
322
                                                        AND p.topic_id = t.topic_id
 
323
                                                        $last_post_time
 
324
                                                        $m_approve_fid_sql
 
325
                                                        " . ((sizeof($ex_fid_ary)) ? ' AND ' . $db->sql_in_set('p.forum_id', $ex_fid_ary, true) : '') . "
 
326
                                                        $sql_sort";
 
327
                                        $field = 'post_id';
 
328
                                }
 
329
                                else
 
330
                                {
 
331
                                        $sql = 'SELECT DISTINCT ' . $sort_by_sql[$sort_key] . ", p.topic_id
 
332
                                                FROM $sort_join" . POSTS_TABLE . ' p, ' . TOPICS_TABLE . " t
 
333
                                                WHERE t.topic_replies = 0
 
334
                                                        AND t.topic_moved_id = 0
 
335
                                                        AND p.topic_id = t.topic_id
 
336
                                                        $last_post_time
 
337
                                                        $m_approve_fid_sql
 
338
                                                        " . ((sizeof($ex_fid_ary)) ? ' AND ' . $db->sql_in_set('p.forum_id', $ex_fid_ary, true) : '') . "
 
339
                                                $sql_sort";
 
340
                                        $field = 'topic_id';
 
341
                                }
 
342
                        break;
 
343
 
 
344
                        case 'newposts':
 
345
                                $l_search_title = $user->lang['SEARCH_NEW'];
 
346
                                // force sorting
 
347
                                $show_results = (request_var('sr', 'topics') == 'posts') ? 'posts' : 'topics';
 
348
                                $sort_key = 't';
 
349
                                $sort_dir = 'd';
 
350
                                $sort_by_sql['t'] = ($show_results == 'posts') ? 'p.post_time' : 't.topic_last_post_time';
 
351
                                $sql_sort = 'ORDER BY ' . $sort_by_sql[$sort_key] . (($sort_dir == 'a') ? ' ASC' : ' DESC');
 
352
 
 
353
                                gen_sort_selects($limit_days, $sort_by_text, $sort_days, $sort_key, $sort_dir, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param);
 
354
                                $s_sort_key = $s_sort_dir = $u_sort_param = $s_limit_days = '';
 
355
 
 
356
                                if ($show_results == 'posts')
 
357
                                {
 
358
                                        $sql = 'SELECT p.post_id
 
359
                                                FROM ' . POSTS_TABLE . ' p
 
360
                                                WHERE p.post_time > ' . $user->data['user_lastvisit'] . "
 
361
                                                        $m_approve_fid_sql
 
362
                                                        " . ((sizeof($ex_fid_ary)) ? ' AND ' . $db->sql_in_set('p.forum_id', $ex_fid_ary, true) : '') . "
 
363
                                                $sql_sort";
 
364
                                        $field = 'post_id';
 
365
                                }
 
366
                                else
 
367
                                {
 
368
                                        $sql = 'SELECT t.topic_id
 
369
                                                FROM ' . TOPICS_TABLE . ' t
 
370
                                                WHERE t.topic_last_post_time > ' . $user->data['user_lastvisit'] . '
 
371
                                                        AND t.topic_moved_id = 0
 
372
                                                        ' . str_replace(array('p.', 'post_'), array('t.', 'topic_'), $m_approve_fid_sql) . '
 
373
                                                        ' . ((sizeof($ex_fid_ary)) ? 'AND ' . $db->sql_in_set('t.forum_id', $ex_fid_ary, true) : '') . "
 
374
                                                $sql_sort";
 
375
                                        $field = 'topic_id';
 
376
                                }
 
377
                        break;
 
378
 
 
379
                        case 'egosearch':
 
380
                                $l_search_title = $user->lang['SEARCH_SELF'];
 
381
                        break;
 
382
                }
 
383
        }
 
384
 
 
385
        // show_results should not change after this
 
386
        $per_page = ($show_results == 'posts') ? $config['posts_per_page'] : $config['topics_per_page'];
 
387
        $total_match_count = 0;
 
388
 
 
389
        if ($search_id)
 
390
        {
 
391
                if ($sql)
 
392
                {
 
393
                        // only return up to 1000 ids (the last one will be removed later)
 
394
                        $result = $db->sql_query_limit($sql, 1001 - $start, $start);
 
395
 
 
396
                        while ($row = $db->sql_fetchrow($result))
 
397
                        {
 
398
                                $id_ary[] = $row[$field];
 
399
                        }
 
400
                        $db->sql_freeresult($result);
 
401
 
 
402
                        $total_match_count = sizeof($id_ary) + $start;
 
403
                        $id_ary = array_slice($id_ary, 0, $per_page);
 
404
                }
 
405
                else
 
406
                {
 
407
                        $search_id = '';
 
408
                }
 
409
        }
 
410
 
 
411
        // make sure that some arrays are always in the same order
 
412
        sort($ex_fid_ary);
 
413
        sort($m_approve_fid_ary);
 
414
        sort($author_id_ary);
 
415
 
 
416
        if (!empty($search->search_query))
 
417
        {
 
418
                $total_match_count = $search->keyword_search($show_results, $search_fields, $search_terms, $sort_by_sql, $sort_key, $sort_dir, $sort_days, $ex_fid_ary, $m_approve_fid_ary, $topic_id, $author_id_ary, $id_ary, $start, $per_page);
 
419
        }
 
420
        else if (sizeof($author_id_ary))
 
421
        {
 
422
                $firstpost_only = ($search_fields === 'firstpost') ? true : false;
 
423
                $total_match_count = $search->author_search($show_results, $firstpost_only, $sort_by_sql, $sort_key, $sort_dir, $sort_days, $ex_fid_ary, $m_approve_fid_ary, $topic_id, $author_id_ary, $id_ary, $start, $per_page);
 
424
        }
 
425
 
 
426
        // For some searches we need to print out the "no results" page directly to allow re-sorting/refining the search options.
 
427
        if (!sizeof($id_ary) && !$search_id)
 
428
        {
 
429
                trigger_error('NO_SEARCH_RESULTS');
 
430
        }
 
431
 
 
432
        $sql_where = '';
 
433
 
 
434
        if (sizeof($id_ary))
 
435
        {
 
436
                $sql_where .= $db->sql_in_set(($show_results == 'posts') ? 'p.post_id' : 't.topic_id', $id_ary);
 
437
                $sql_where .= (sizeof($ex_fid_ary)) ? ' AND (' . $db->sql_in_set('f.forum_id', $ex_fid_ary, true) . ' OR f.forum_id IS NULL)' : '';
 
438
                $sql_where .= ($show_results == 'posts') ? $m_approve_fid_sql : str_replace(array('p.post_approved', 'p.forum_id'), array('t.topic_approved', 't.forum_id'), $m_approve_fid_sql);
 
439
        }
 
440
 
 
441
        if ($show_results == 'posts')
 
442
        {
 
443
                include($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
 
444
        }
 
445
        else
 
446
        {
 
447
                include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
 
448
        }
 
449
 
 
450
        $user->add_lang('viewtopic');
 
451
 
 
452
        // Grab icons
 
453
        $icons = $cache->obtain_icons();
 
454
 
 
455
        // Output header
 
456
        if ($search_id && ($total_match_count > 1000))
 
457
        {
 
458
                // limit the number to 1000 for pre-made searches
 
459
                $total_match_count--;
 
460
                $l_search_matches = sprintf($user->lang['FOUND_MORE_SEARCH_MATCHES'], $total_match_count);
 
461
        }
 
462
        else
 
463
        {
 
464
                $l_search_matches = ($total_match_count == 1) ? sprintf($user->lang['FOUND_SEARCH_MATCH'], $total_match_count) : sprintf($user->lang['FOUND_SEARCH_MATCHES'], $total_match_count);
 
465
        }
 
466
 
 
467
        // define some vars for urls
 
468
        $hilit = implode('|', explode(' ', preg_replace('#\s+#u', ' ', str_replace(array('+', '-', '|', '(', ')', '&quot;'), ' ', $keywords))));
 
469
        $u_hilit = urlencode(htmlspecialchars_decode(str_replace('|', ' ', $hilit)));
 
470
        $u_show_results = ($show_results != 'posts') ? '&amp;sr=' . $show_results : '';
 
471
        $u_search_forum = implode('&amp;fid%5B%5D=', $search_forum);
 
472
 
 
473
        $u_search = append_sid("{$phpbb_root_path}search.$phpEx", $u_sort_param . $u_show_results);
 
474
        $u_search .= ($search_id) ? '&amp;search_id=' . $search_id : '';
 
475
        $u_search .= ($u_hilit) ? '&amp;keywords=' . urlencode(htmlspecialchars_decode($search->search_query)) : '';
 
476
        $u_search .= ($topic_id) ? '&amp;t=' . $topic_id : '';
 
477
        $u_search .= ($author) ? '&amp;author=' . urlencode(htmlspecialchars_decode($author)) : '';
 
478
        $u_search .= ($author_id) ? '&amp;author_id=' . $author_id : '';
 
479
        $u_search .= ($u_search_forum) ? '&amp;fid%5B%5D=' . $u_search_forum : '';
 
480
        $u_search .= (!$search_child) ? '&amp;sc=0' : '';
 
481
        $u_search .= ($search_fields != 'all') ? '&amp;sf=' . $search_fields : '';
 
482
        $u_search .= ($return_chars != 300) ? '&amp;ch=' . $return_chars : '';
 
483
 
 
484
        $template->assign_vars(array(
 
485
                'SEARCH_TITLE'          => $l_search_title,
 
486
                'SEARCH_MATCHES'        => $l_search_matches,
 
487
                'SEARCH_WORDS'          => $search->search_query,
 
488
                'IGNORED_WORDS'         => (sizeof($search->common_words)) ? implode(' ', $search->common_words) : '',
 
489
                'PAGINATION'            => generate_pagination($u_search, $total_match_count, $per_page, $start),
 
490
                'PAGE_NUMBER'           => on_page($total_match_count, $per_page, $start),
 
491
                'TOTAL_MATCHES'         => $total_match_count,
 
492
                'SEARCH_IN_RESULTS'     => ($search_id) ? false : true,
 
493
 
 
494
                'S_SELECT_SORT_DIR'             => $s_sort_dir,
 
495
                'S_SELECT_SORT_KEY'             => $s_sort_key,
 
496
                'S_SELECT_SORT_DAYS'    => $s_limit_days,
 
497
                'S_SEARCH_ACTION'               => $u_search,
 
498
                'S_SHOW_TOPICS'                 => ($show_results == 'posts') ? false : true,
 
499
 
 
500
                'GOTO_PAGE_IMG'         => $user->img('icon_post_target', 'GOTO_PAGE'),
 
501
                'NEWEST_POST_IMG'       => $user->img('icon_topic_newest', 'VIEW_NEWEST_POST'),
 
502
                'REPORTED_IMG'          => $user->img('icon_topic_reported', 'TOPIC_REPORTED'),
 
503
                'UNAPPROVED_IMG'        => $user->img('icon_topic_unapproved', 'TOPIC_UNAPPROVED'),
 
504
                'LAST_POST_IMG'         => $user->img('icon_topic_latest', 'VIEW_LATEST_POST'),
 
505
 
 
506
                'U_SEARCH_WORDS'        => $u_search,
 
507
        ));
 
508
 
 
509
        if ($sql_where)
 
510
        {
 
511
                if ($show_results == 'posts')
 
512
                {
 
513
                        // @todo Joining this query to the one below?
 
514
                        $sql = 'SELECT zebra_id, friend, foe
 
515
                                FROM ' . ZEBRA_TABLE . '
 
516
                                WHERE user_id = ' . $user->data['user_id'];
 
517
                        $result = $db->sql_query($sql);
 
518
 
 
519
                        $zebra = array();
 
520
                        while ($row = $db->sql_fetchrow($result))
 
521
                        {
 
522
                                $zebra[($row['friend']) ? 'friend' : 'foe'][] = $row['zebra_id'];
 
523
                        }
 
524
                        $db->sql_freeresult($result);
 
525
 
 
526
                        $sql = 'SELECT p.*, f.forum_id, f.forum_name, t.*, u.username, u.username_clean, u.user_sig, u.user_sig_bbcode_uid, u.user_colour
 
527
                                FROM ' . POSTS_TABLE . ' p
 
528
                                        LEFT JOIN ' . TOPICS_TABLE . ' t ON (p.topic_id = t.topic_id)
 
529
                                        LEFT JOIN ' . FORUMS_TABLE . ' f ON (p.forum_id = f.forum_id)
 
530
                                        LEFT JOIN ' . USERS_TABLE . " u ON (p.poster_id = u.user_id)
 
531
                                WHERE $sql_where";
 
532
                }
 
533
                else
 
534
                {
 
535
                        $sql_from = TOPICS_TABLE . ' t
 
536
                                LEFT JOIN ' . FORUMS_TABLE . ' f ON (f.forum_id = t.forum_id)
 
537
                                ' . (($sort_key == 'a') ? ' LEFT JOIN ' . USERS_TABLE . ' u ON (u.user_id = t.topic_poster) ' : '');
 
538
                        $sql_select = 't.*, f.forum_id, f.forum_name';
 
539
 
 
540
                        if ($user->data['is_registered'])
 
541
                        {
 
542
                                if ($config['load_db_track'])
 
543
                                {
 
544
                                        $sql_from .= ' LEFT JOIN ' . TOPICS_POSTED_TABLE . ' tp ON (tp.user_id = ' . $user->data['user_id'] . '
 
545
                                                AND t.topic_id = tp.topic_id)';
 
546
                                        $sql_select .= ', tp.topic_posted';
 
547
                                }
 
548
 
 
549
                                if ($config['load_db_lastread'])
 
550
                                {
 
551
                                        $sql_from .= ' LEFT JOIN ' . TOPICS_TRACK_TABLE . ' tt ON (tt.user_id = ' . $user->data['user_id'] . '
 
552
                                                        AND t.topic_id = tt.topic_id)
 
553
                                                LEFT JOIN ' . FORUMS_TRACK_TABLE . ' ft ON (ft.user_id = ' . $user->data['user_id'] . '
 
554
                                                        AND ft.forum_id = f.forum_id)';
 
555
                                        $sql_select .= ', tt.mark_time, ft.mark_time as f_mark_time';
 
556
                                }
 
557
                        }
 
558
 
 
559
                        if ($config['load_anon_lastread'] || ($user->data['is_registered'] && !$config['load_db_lastread']))
 
560
                        {
 
561
                                $tracking_topics = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? ((STRIP) ? stripslashes($_COOKIE[$config['cookie_name'] . '_track']) : $_COOKIE[$config['cookie_name'] . '_track']) : '';
 
562
                                $tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array();
 
563
                        }
 
564
 
 
565
                        $sql = "SELECT $sql_select
 
566
                                FROM $sql_from
 
567
                                WHERE $sql_where";
 
568
                }
 
569
                $sql .= ' ORDER BY ' . $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'DESC' : 'ASC');
 
570
                $result = $db->sql_query($sql);
 
571
                $result_topic_id = 0;
 
572
 
 
573
                $rowset = array();
 
574
 
 
575
                if ($show_results == 'topics')
 
576
                {
 
577
                        $forums = $rowset = $shadow_topic_list = array();
 
578
                        while ($row = $db->sql_fetchrow($result))
 
579
                        {
 
580
                                if ($row['topic_status'] == ITEM_MOVED)
 
581
                                {
 
582
                                        $shadow_topic_list[$row['topic_moved_id']] = $row['topic_id'];
 
583
                                }
 
584
 
 
585
                                $rowset[$row['topic_id']] = $row;
 
586
 
 
587
                                if (!isset($forums[$row['forum_id']]) && $user->data['is_registered'] && $config['load_db_lastread'])
 
588
                                {
 
589
                                        $forums[$row['forum_id']]['mark_time'] = $row['f_mark_time'];
 
590
                                }
 
591
                                $forums[$row['forum_id']]['topic_list'][] = $row['topic_id'];
 
592
                                $forums[$row['forum_id']]['rowset'][$row['topic_id']] = &$rowset[$row['topic_id']];
 
593
                        }
 
594
                        $db->sql_freeresult($result);
 
595
 
 
596
                        // If we have some shadow topics, update the rowset to reflect their topic information
 
597
                        if (sizeof($shadow_topic_list))
 
598
                        {
 
599
                                $sql = 'SELECT *
 
600
                                        FROM ' . TOPICS_TABLE . '
 
601
                                        WHERE ' . $db->sql_in_set('topic_id', array_keys($shadow_topic_list));
 
602
                                $result = $db->sql_query($sql);
 
603
                        
 
604
                                while ($row = $db->sql_fetchrow($result))
 
605
                                {
 
606
                                        $orig_topic_id = $shadow_topic_list[$row['topic_id']];
 
607
                        
 
608
                                        // We want to retain some values
 
609
                                        $row = array_merge($row, array(
 
610
                                                'topic_moved_id'        => $rowset[$orig_topic_id]['topic_moved_id'],
 
611
                                                'topic_status'          => $rowset[$orig_topic_id]['topic_status'],
 
612
                                                'forum_name'            => $rowset[$orig_topic_id]['forum_name'])
 
613
                                        );
 
614
                        
 
615
                                        $rowset[$orig_topic_id] = $row;
 
616
                                }
 
617
                                $db->sql_freeresult($result);
 
618
                        }
 
619
                        unset($shadow_topic_list);
 
620
 
 
621
                        foreach ($forums as $forum_id => $forum)
 
622
                        {
 
623
                                if ($user->data['is_registered'] && $config['load_db_lastread'])
 
624
                                {
 
625
                                        $topic_tracking_info[$forum_id] = get_topic_tracking($forum_id, $forum['topic_list'], $forum['rowset'], array($forum_id => $forum['mark_time']), ($forum_id) ? false : $forum['topic_list']);
 
626
                                }
 
627
                                else if ($config['load_anon_lastread'] || $user->data['is_registered'])
 
628
                                {
 
629
                                        $topic_tracking_info[$forum_id] = get_complete_topic_tracking($forum_id, $forum['topic_list'], ($forum_id) ? false : $forum['topic_list']);
 
630
                
 
631
                                        if (!$user->data['is_registered'])
 
632
                                        {
 
633
                                                $user->data['user_lastmark'] = (isset($tracking_topics['l'])) ? (int) (base_convert($tracking_topics['l'], 36, 10) + $config['board_startdate']) : 0;
 
634
                                        }
 
635
                                }
 
636
                        }
 
637
                        unset($forums);
 
638
                }
 
639
                else
 
640
                {
 
641
                        $bbcode_bitfield = $text_only_message = '';
 
642
                        $attach_list = array();
 
643
 
 
644
                        while ($row = $db->sql_fetchrow($result))
 
645
                        {
 
646
                                // We pre-process some variables here for later usage
 
647
                                $row['post_text'] = censor_text($row['post_text']);
 
648
 
 
649
                                $text_only_message = $row['post_text'];
 
650
                                // make list items visible as such
 
651
                                if ($row['bbcode_uid'])
 
652
                                {
 
653
                                        $text_only_message = str_replace('[*:' . $row['bbcode_uid'] . ']', '&sdot;&nbsp;', $text_only_message);
 
654
                                        // no BBCode in text only message
 
655
                                        strip_bbcode($text_only_message, $row['bbcode_uid']);
 
656
                                }
 
657
 
 
658
                                if ($return_chars == -1 || utf8_strlen($text_only_message) < ($return_chars + 3))
 
659
                                {
 
660
                                        $row['display_text_only'] = false;
 
661
                                        $bbcode_bitfield = $bbcode_bitfield | base64_decode($row['bbcode_bitfield']);
 
662
 
 
663
                                        // Does this post have an attachment? If so, add it to the list
 
664
                                        if ($row['post_attachment'] && $config['allow_attachments'])
 
665
                                        {
 
666
                                                $attach_list[$row['forum_id']][] = $row['post_id'];
 
667
                                        }
 
668
                                }
 
669
                                else
 
670
                                {
 
671
                                        $row['post_text'] = $text_only_message;
 
672
                                        $row['display_text_only'] = true;
 
673
                                }
 
674
 
 
675
                                $rowset[] = $row;
 
676
                        }
 
677
                        $db->sql_freeresult($result);
 
678
 
 
679
                        unset($text_only_message);
 
680
 
 
681
                        // Instantiate BBCode if needed
 
682
                        if ($bbcode_bitfield !== '')
 
683
                        {
 
684
                                include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx);
 
685
                                $bbcode = new bbcode(base64_encode($bbcode_bitfield));
 
686
                        }
 
687
 
 
688
                        // Pull attachment data
 
689
                        if (sizeof($attach_list))
 
690
                        {
 
691
                                $use_attach_list = $attach_list;
 
692
                                $attach_list = array();
 
693
 
 
694
                                foreach ($use_attach_list as $forum_id => $_list)
 
695
                                {
 
696
                                        if ($auth->acl_get('u_download') && $auth->acl_get('f_download', $forum_id))
 
697
                                        {
 
698
                                                $attach_list = array_merge($attach_list, $_list);
 
699
                                        }
 
700
                                }
 
701
                        }
 
702
 
 
703
                        if (sizeof($attach_list))
 
704
                        {
 
705
                                $sql = 'SELECT *
 
706
                                        FROM ' . ATTACHMENTS_TABLE . '
 
707
                                        WHERE ' . $db->sql_in_set('post_msg_id', $attach_list) . '
 
708
                                                AND in_message = 0
 
709
                                        ORDER BY filetime DESC, post_msg_id ASC';
 
710
                                $result = $db->sql_query($sql);
 
711
                
 
712
                                while ($row = $db->sql_fetchrow($result))
 
713
                                {
 
714
                                        $attachments[$row['post_msg_id']][] = $row;
 
715
                                }
 
716
                                $db->sql_freeresult($result);
 
717
                        }
 
718
                }
 
719
 
 
720
                if ($hilit)
 
721
                {
 
722
                        // Remove bad highlights
 
723
                        $hilit_array = array_filter(explode('|', $hilit), 'strlen');
 
724
                        foreach ($hilit_array as $key => $value)
 
725
                        {
 
726
                                $hilit_array[$key] = str_replace('\*', '\w*?', preg_quote($value, '#'));
 
727
                                $hilit_array[$key] = preg_replace('#(^|\s)\\\\w\*\?(\s|$)#', '$1\w+?$2', $hilit_array[$key]);
 
728
                        }
 
729
                        $hilit = implode('|', $hilit_array);
 
730
                }
 
731
 
 
732
                foreach ($rowset as $row)
 
733
                {
 
734
                        $forum_id = $row['forum_id'];
 
735
                        $result_topic_id = $row['topic_id'];
 
736
                        $topic_title = censor_text($row['topic_title']);
 
737
 
 
738
                        // we need to select a forum id for this global topic
 
739
                        if (!$forum_id)
 
740
                        {
 
741
                                if (!isset($g_forum_id))
 
742
                                {
 
743
                                        // Get a list of forums the user cannot read
 
744
                                        $forum_ary = array_unique(array_keys($auth->acl_getf('!f_read', true)));
 
745
        
 
746
                                        // Determine first forum the user is able to read (must not be a category)
 
747
                                        $sql = 'SELECT forum_id
 
748
                                                FROM ' . FORUMS_TABLE . '
 
749
                                                WHERE forum_type = ' . FORUM_POST;
 
750
                
 
751
                                        if (sizeof($forum_ary))
 
752
                                        {
 
753
                                                $sql .= ' AND ' . $db->sql_in_set('forum_id', $forum_ary, true);
 
754
                                        }
 
755
 
 
756
                                        $result = $db->sql_query_limit($sql, 1);
 
757
                                        $g_forum_id = (int) $db->sql_fetchfield('forum_id');
 
758
                                }
 
759
                                $u_forum_id = $g_forum_id;
 
760
                        }
 
761
                        else
 
762
                        {
 
763
                                $u_forum_id = $forum_id;
 
764
                        }
 
765
 
 
766
                        $view_topic_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$u_forum_id&amp;t=$result_topic_id" . (($u_hilit) ? "&amp;hilit=$u_hilit" : ''));
 
767
 
 
768
                        $replies = ($auth->acl_get('m_approve', $forum_id)) ? $row['topic_replies_real'] : $row['topic_replies'];
 
769
 
 
770
                        if ($show_results == 'topics')
 
771
                        {
 
772
                                $folder_img = $folder_alt = $topic_type = '';
 
773
                                topic_status($row, $replies, (isset($topic_tracking_info[$forum_id][$row['topic_id']]) && $row['topic_last_post_time'] > $topic_tracking_info[$forum_id][$row['topic_id']]) ? true : false, $folder_img, $folder_alt, $topic_type);
 
774
 
 
775
                                $unread_topic = (isset($topic_tracking_info[$forum_id][$row['topic_id']]) && $row['topic_last_post_time'] > $topic_tracking_info[$forum_id][$row['topic_id']]) ? true : false;
 
776
 
 
777
                                $topic_unapproved = (!$row['topic_approved'] && $auth->acl_get('m_approve', $forum_id)) ? true : false;
 
778
                                $posts_unapproved = ($row['topic_approved'] && $row['topic_replies'] < $row['topic_replies_real'] && $auth->acl_get('m_approve', $forum_id)) ? true : false;
 
779
                                $u_mcp_queue = ($topic_unapproved || $posts_unapproved) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&amp;mode=' . (($topic_unapproved) ? 'approve_details' : 'unapproved_posts') . "&amp;t=$result_topic_id", true, $user->session_id) : '';
 
780
 
 
781
                                $row['topic_title'] = preg_replace('#(?!<.*)(?<!\w)(' . $hilit . ')(?!\w|[^<>]*(?:</s(?:cript|tyle))?>)#is', '<span class="posthilit">$1</span>', $row['topic_title']);
 
782
 
 
783
                                $tpl_ary = array(
 
784
                                        'TOPIC_AUTHOR'                          => get_username_string('username', $row['topic_poster'], $row['topic_first_poster_name'], $row['topic_first_poster_colour']),
 
785
                                        'TOPIC_AUTHOR_COLOUR'           => get_username_string('colour', $row['topic_poster'], $row['topic_first_poster_name'], $row['topic_first_poster_colour']),
 
786
                                        'TOPIC_AUTHOR_FULL'                     => get_username_string('full', $row['topic_poster'], $row['topic_first_poster_name'], $row['topic_first_poster_colour']),
 
787
                                        'FIRST_POST_TIME'                       => $user->format_date($row['topic_time']),
 
788
                                        'LAST_POST_SUBJECT'                     => $row['topic_last_post_subject'],
 
789
                                        'LAST_POST_TIME'                        => $user->format_date($row['topic_last_post_time']),
 
790
                                        'LAST_VIEW_TIME'                        => $user->format_date($row['topic_last_view_time']),
 
791
                                        'LAST_POST_AUTHOR'                      => get_username_string('username', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']),
 
792
                                        'LAST_POST_AUTHOR_COLOUR'       => get_username_string('colour', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']),
 
793
                                        'LAST_POST_AUTHOR_FULL'         => get_username_string('full', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']),
 
794
 
 
795
                                        'PAGINATION'            => topic_generate_pagination($replies, $view_topic_url),
 
796
                                        'TOPIC_TYPE'            => $topic_type,
 
797
 
 
798
                                        'TOPIC_FOLDER_IMG'              => $user->img($folder_img, $folder_alt),
 
799
                                        'TOPIC_FOLDER_IMG_SRC'  => $user->img($folder_img, $folder_alt, false, '', 'src'),
 
800
                                        'TOPIC_ICON_IMG'                => (!empty($icons[$row['icon_id']])) ? $icons[$row['icon_id']]['img'] : '',
 
801
                                        'TOPIC_ICON_IMG_WIDTH'  => (!empty($icons[$row['icon_id']])) ? $icons[$row['icon_id']]['width'] : '',
 
802
                                        'TOPIC_ICON_IMG_HEIGHT' => (!empty($icons[$row['icon_id']])) ? $icons[$row['icon_id']]['height'] : '',
 
803
                                        'ATTACH_ICON_IMG'               => ($auth->acl_get('u_download') && $auth->acl_get('f_download', $forum_id) && $row['topic_attachment']) ? $user->img('icon_topic_attach', $user->lang['TOTAL_ATTACHMENTS']) : '',
 
804
                                        'UNAPPROVED_IMG'                => ($topic_unapproved || $posts_unapproved) ? $user->img('icon_topic_unapproved', ($topic_unapproved) ? 'TOPIC_UNAPPROVED' : 'POSTS_UNAPPROVED') : '',
 
805
 
 
806
                                        'S_TOPIC_GLOBAL'                => (!$forum_id) ? true : false,
 
807
                                        'S_TOPIC_TYPE'                  => $row['topic_type'],
 
808
                                        'S_USER_POSTED'                 => (!empty($row['mark_type'])) ? true : false,
 
809
                                        'S_UNREAD_TOPIC'                => $unread_topic,
 
810
 
 
811
                                        'S_TOPIC_REPORTED'              => (!empty($row['topic_reported']) && $auth->acl_get('m_report', $forum_id)) ? true : false,
 
812
                                        'S_TOPIC_UNAPPROVED'    => $topic_unapproved,
 
813
                                        'S_POSTS_UNAPPROVED'    => $posts_unapproved,
 
814
 
 
815
                                        'U_LAST_POST'                   => $view_topic_url . '&amp;p=' . $row['topic_last_post_id'] . '#p' . $row['topic_last_post_id'],
 
816
                                        'U_LAST_POST_AUTHOR'    => get_username_string('profile', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']),
 
817
                                        'U_TOPIC_AUTHOR'                => get_username_string('profile', $row['topic_poster'], $row['topic_first_poster_name'], $row['topic_first_poster_colour']),
 
818
                                        'U_NEWEST_POST'                 => $view_topic_url . '&amp;view=unread#unread',
 
819
                                        'U_MCP_REPORT'                  => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&amp;mode=reports&amp;t=' . $result_topic_id, true, $user->session_id),
 
820
                                        'U_MCP_QUEUE'                   => $u_mcp_queue,
 
821
                                );
 
822
                        }
 
823
                        else
 
824
                        {
 
825
                                if ((isset($zebra['foe']) && in_array($row['poster_id'], $zebra['foe'])) && (!$view || $view != 'show' || $post_id != $row['post_id']))
 
826
                                {
 
827
                                        $template->assign_block_vars('searchresults', array(
 
828
                                                'S_IGNORE_POST' => true,
 
829
 
 
830
                                                'L_IGNORE_POST' => sprintf($user->lang['POST_BY_FOE'], $row['username'], "<a href=\"$u_search&amp;start=$start&amp;p=" . $row['post_id'] . '&amp;view=show#p' . $row['post_id'] . '">', '</a>'))
 
831
                                        );
 
832
 
 
833
                                        continue;
 
834
                                }
 
835
 
 
836
                                // Replace naughty words such as farty pants
 
837
                                $row['post_subject'] = censor_text($row['post_subject']);
 
838
 
 
839
                                if ($row['display_text_only'])
 
840
                                {
 
841
                                        // now find context for the searched words
 
842
                                        $row['post_text'] = get_context($row['post_text'], array_filter(explode('|', $hilit), 'strlen'), $return_chars);
 
843
                                        $row['post_text'] = bbcode_nl2br($row['post_text']);
 
844
                                }
 
845
                                else
 
846
                                {
 
847
                                        // Second parse bbcode here
 
848
                                        if ($row['bbcode_bitfield'])
 
849
                                        {
 
850
                                                $bbcode->bbcode_second_pass($row['post_text'], $row['bbcode_uid'], $row['bbcode_bitfield']);
 
851
                                        }
 
852
 
 
853
                                        $row['post_text'] = bbcode_nl2br($row['post_text']);
 
854
                                        $row['post_text'] = smiley_text($row['post_text']);
 
855
 
 
856
                                        if (!empty($attachments[$row['post_id']]))
 
857
                                        {
 
858
                                                parse_attachments($forum_id, $row['post_text'], $attachments[$row['post_id']], $update_count);
 
859
                                
 
860
                                                // we only display inline attachments
 
861
                                                unset($attachments[$row['post_id']]);
 
862
                                        }
 
863
                                }
 
864
 
 
865
                                if ($hilit)
 
866
                                {
 
867
                                        // post highlighting
 
868
                                        $row['post_text'] = preg_replace('#(?!<.*)(?<!\w)(' . $hilit . ')(?!\w|[^<>]*(?:</s(?:cript|tyle))?>)#is', '<span class="posthilit">$1</span>', $row['post_text']);
 
869
                                        $row['post_subject'] = preg_replace('#(?!<.*)(?<!\w)(' . $hilit . ')(?!\w|[^<>]*(?:</s(?:cript|tyle))?>)#is', '<span class="posthilit">$1</span>', $row['post_subject']);
 
870
                                }
 
871
 
 
872
                                $tpl_ary = array(
 
873
                                        'POST_AUTHOR_FULL'              => get_username_string('full', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
 
874
                                        'POST_AUTHOR_COLOUR'    => get_username_string('colour', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
 
875
                                        'POST_AUTHOR'                   => get_username_string('username', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
 
876
                                        'U_POST_AUTHOR'                 => get_username_string('profile', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
 
877
                                
 
878
                                        'POST_SUBJECT'          => $row['post_subject'],
 
879
                                        'POST_DATE'                     => (!empty($row['post_time'])) ? $user->format_date($row['post_time']) : '',
 
880
                                        'MESSAGE'                       => $row['post_text']
 
881
                                );
 
882
                        }
 
883
 
 
884
                        $template->assign_block_vars('searchresults', array_merge($tpl_ary, array(
 
885
                                'FORUM_ID'                      => $forum_id,
 
886
                                'TOPIC_ID'                      => $result_topic_id,
 
887
                                'POST_ID'                       => ($show_results == 'posts') ? $row['post_id'] : false,
 
888
 
 
889
                                'FORUM_TITLE'           => $row['forum_name'],
 
890
                                'TOPIC_TITLE'           => $topic_title,
 
891
                                'TOPIC_REPLIES'         => $replies,
 
892
                                'TOPIC_VIEWS'           => $row['topic_views'],
 
893
 
 
894
                                'U_VIEW_TOPIC'          => $view_topic_url,
 
895
                                'U_VIEW_FORUM'          => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id),
 
896
                                'U_VIEW_POST'           => (!empty($row['post_id'])) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&amp;t=" . $row['topic_id'] . '&amp;p=' . $row['post_id'] . (($u_hilit) ? '&amp;hilit=' . $u_hilit : '')) . '#p' . $row['post_id'] : '')
 
897
                        ));
 
898
                }
 
899
 
 
900
                if ($topic_id && ($topic_id == $result_topic_id))
 
901
                {
 
902
                        $template->assign_vars(array(
 
903
                                'SEARCH_TOPIC'          => $topic_title,
 
904
                                'U_SEARCH_TOPIC'        => $view_topic_url
 
905
                        ));
 
906
                }
 
907
        }
 
908
        unset($rowset);
 
909
 
 
910
        page_header(($l_search_title) ? $l_search_title : $user->lang['SEARCH']);
 
911
 
 
912
        $template->set_filenames(array(
 
913
                'body' => 'search_results.html')
 
914
        );
 
915
        make_jumpbox(append_sid("{$phpbb_root_path}viewforum.$phpEx"));
 
916
 
 
917
        page_footer();
 
918
}
 
919
 
 
920
 
 
921
// Search forum
 
922
$s_forums = '';
 
923
$sql = 'SELECT f.forum_id, f.forum_name, f.parent_id, f.forum_type, f.left_id, f.right_id, f.forum_password, fa.user_id
 
924
        FROM ' . FORUMS_TABLE . ' f
 
925
        LEFT JOIN ' . FORUMS_ACCESS_TABLE . " fa ON (fa.forum_id = f.forum_id
 
926
                AND fa.session_id = '" . $db->sql_escape($user->session_id) . "')
 
927
        ORDER BY f.left_id ASC";
 
928
$result = $db->sql_query($sql);
 
929
 
 
930
$right = $cat_right = $padding_inc = 0;
 
931
$padding = $forum_list = $holding = '';
 
932
$pad_store = array('0' => '');
 
933
 
 
934
while ($row = $db->sql_fetchrow($result))
 
935
{
 
936
        if ($row['forum_type'] == FORUM_CAT && ($row['left_id'] + 1 == $row['right_id']))
 
937
        {
 
938
                // Non-postable forum with no subforums, don't display
 
939
                continue;
 
940
        }
 
941
 
 
942
        if ($row['forum_type'] == FORUM_LINK || ($row['forum_password'] && !$row['user_id']))
 
943
        {
 
944
                // if this forum is a link or password protected (user has not entered the password yet) then skip to the next branch
 
945
                continue;
 
946
        }
 
947
 
 
948
        if ($row['left_id'] < $right)
 
949
        {
 
950
                $padding .= '&nbsp; &nbsp;';
 
951
                $pad_store[$row['parent_id']] = $padding;
 
952
        }
 
953
        else if ($row['left_id'] > $right + 1)
 
954
        {
 
955
                if (isset($pad_store[$row['parent_id']]))
 
956
                {
 
957
                        $padding = $pad_store[$row['parent_id']];
 
958
                }
 
959
                else
 
960
                {
 
961
                        continue;
 
962
                }
 
963
        }
 
964
 
 
965
        $right = $row['right_id'];
 
966
 
 
967
        if ($auth->acl_gets('!f_search', '!f_list', $row['forum_id']))
 
968
        {
 
969
                // if the user does not have permissions to search or see this forum skip only this forum/category
 
970
                continue;
 
971
        }
 
972
 
 
973
        $selected = (in_array($row['forum_id'], $search_forum)) ? ' selected="selected"' : '';
 
974
 
 
975
        if ($row['left_id'] > $cat_right)
 
976
        {
 
977
                // make sure we don't forget anything
 
978
                $s_forums .= $holding;
 
979
                $holding = '';
 
980
        }
 
981
 
 
982
        if ($row['right_id'] - $row['left_id'] > 1)
 
983
        {
 
984
                $cat_right = max($cat_right, $row['right_id']);
 
985
 
 
986
                $holding .= '<option value="' . $row['forum_id'] . '"' . $selected . '>' . $padding . $row['forum_name'] . '</option>';
 
987
        }
 
988
        else
 
989
        {
 
990
                $s_forums .= $holding . '<option value="' . $row['forum_id'] . '"' . $selected . '>' . $padding . $row['forum_name'] . '</option>';
 
991
                $holding = '';
 
992
        }
 
993
}
 
994
 
 
995
if ($holding)
 
996
{
 
997
        $s_forums .= $holding;
 
998
}
 
999
 
 
1000
$db->sql_freeresult($result);
 
1001
unset($pad_store);
 
1002
 
 
1003
if (!$s_forums)
 
1004
{
 
1005
        trigger_error('NO_SEARCH');
 
1006
}
 
1007
 
 
1008
// Number of chars returned
 
1009
$s_characters = '<option value="-1">' . $user->lang['ALL_AVAILABLE'] . '</option>';
 
1010
$s_characters .= '<option value="0">0</option>';
 
1011
$s_characters .= '<option value="25">25</option>';
 
1012
$s_characters .= '<option value="50">50</option>';
 
1013
 
 
1014
for ($i = 100; $i <= 1000 ; $i += 100)
 
1015
{
 
1016
        $selected = ($i == 300) ? ' selected="selected"' : '';
 
1017
        $s_characters .= '<option value="' . $i . '"' . $selected . '>' . $i . '</option>';
 
1018
}
 
1019
 
 
1020
$s_hidden_fields = array('t' => $topic_id);
 
1021
 
 
1022
if ($_SID)
 
1023
{
 
1024
        $s_hidden_fields['sid'] = $_SID;
 
1025
}
 
1026
 
 
1027
if (!empty($_EXTRA_URL))
 
1028
{
 
1029
        foreach ($_EXTRA_URL as $url_param)
 
1030
        {
 
1031
                $url_param = explode('=', $url_param, 2);
 
1032
                $s_hidden_fields[$url_param[0]] = $url_param[1];
 
1033
        }
 
1034
}
 
1035
 
 
1036
$template->assign_vars(array(
 
1037
        'S_SEARCH_ACTION'               => "{$phpbb_root_path}search.$phpEx",
 
1038
        'S_HIDDEN_FIELDS'               => build_hidden_fields($s_hidden_fields),
 
1039
        'S_CHARACTER_OPTIONS'   => $s_characters,
 
1040
        'S_FORUM_OPTIONS'               => $s_forums,
 
1041
        'S_SELECT_SORT_DIR'             => $s_sort_dir,
 
1042
        'S_SELECT_SORT_KEY'             => $s_sort_key,
 
1043
        'S_SELECT_SORT_DAYS'    => $s_limit_days,
 
1044
        'S_IN_SEARCH'                   => true,
 
1045
));
 
1046
 
 
1047
// only show recent searches to search administrators
 
1048
if ($auth->acl_get('a_search'))
 
1049
{
 
1050
        // Handle large objects differently for Oracle and MSSQL
 
1051
        switch ($db->sql_layer)
 
1052
        {
 
1053
                case 'oracle':
 
1054
                        $sql = 'SELECT search_time, search_keywords
 
1055
                                FROM ' . SEARCH_RESULTS_TABLE . '
 
1056
                                WHERE dbms_lob.getlength(search_keywords) > 0
 
1057
                                ORDER BY search_time DESC';
 
1058
                break;
 
1059
        
 
1060
                case 'mssql':
 
1061
                case 'mssql_odbc':
 
1062
                        $sql = 'SELECT search_time, search_keywords
 
1063
                                FROM ' . SEARCH_RESULTS_TABLE . '
 
1064
                                WHERE DATALENGTH(search_keywords) > 0
 
1065
                                ORDER BY search_time DESC';
 
1066
                break;
 
1067
        
 
1068
                default:
 
1069
                        $sql = 'SELECT search_time, search_keywords
 
1070
                                FROM ' . SEARCH_RESULTS_TABLE . '
 
1071
                                WHERE search_keywords <> \'\'
 
1072
                                ORDER BY search_time DESC';
 
1073
                break;
 
1074
        }
 
1075
        $result = $db->sql_query_limit($sql, 5);
 
1076
 
 
1077
        while ($row = $db->sql_fetchrow($result))
 
1078
        {
 
1079
                $keywords = $row['search_keywords'];
 
1080
 
 
1081
                $template->assign_block_vars('recentsearch', array(
 
1082
                        'KEYWORDS'      => $keywords,
 
1083
                        'TIME'          => $user->format_date($row['search_time']),
 
1084
 
 
1085
                        'U_KEYWORDS'    => append_sid("{$phpbb_root_path}search.$phpEx", 'keywords=' . urlencode(htmlspecialchars_decode($keywords)))
 
1086
                ));
 
1087
        }
 
1088
        $db->sql_freeresult($result);
 
1089
}
 
1090
 
 
1091
// Output the basic page
 
1092
page_header($user->lang['SEARCH']);
 
1093
 
 
1094
$template->set_filenames(array(
 
1095
        'body' => 'search_body.html')
 
1096
);
 
1097
make_jumpbox(append_sid("{$phpbb_root_path}viewforum.$phpEx"));
 
1098
 
 
1099
page_footer();
 
1100
 
 
1101
?>
 
 
b'\\ No newline at end of file'