/** * Perform a thread and post search under MySQL or MySQLi using boolean fulltext capabilities * * @param array Array of search data * @return array Array of search data with results mixed in */ function perform_search_mysql_ft($search) { global $mybb, $db, $lang; $keywords = clean_keywords_ft($search['keywords']); if (!$keywords && !$search['author']) { error($lang->error_nosearchterms); } // Attempt to determine minimum word length from MySQL for fulltext searches $query = $db->query("SHOW VARIABLES LIKE 'ft_min_word_len';"); $min_length = $db->fetch_field($query, 'Value'); if (is_numeric($min_length)) { $mybb->settings['minsearchword'] = $min_length; } else { $mybb->settings['minsearchword'] = 4; } if ($keywords) { $keywords_exp = explode("\"", $keywords); $inquote = false; foreach ($keywords_exp as $phrase) { if (!$inquote) { $split_words = preg_split("#\\s{1,}#", $phrase, -1); foreach ($split_words as $word) { $word = str_replace(array("+", "-", "*"), '', $word); if (!$word) { continue; } if (my_strlen($word) < $mybb->settings['minsearchword']) { $all_too_short = true; } else { $all_too_short = false; break; } } } else { $phrase = str_replace(array("+", "-", "*"), '', $phrase); if (my_strlen($phrase) < $mybb->settings['minsearchword']) { $all_too_short = true; } else { $all_too_short = false; break; } } $inquote = !$inquote; } // Show the minimum search term error only if all search terms are too short if ($all_too_short == true) { $lang->error_minsearchlength = $lang->sprintf($lang->error_minsearchlength, $mybb->settings['minsearchword']); error($lang->error_minsearchlength); } $message_lookin = "AND MATCH(message) AGAINST('" . $db->escape_string($keywords) . "' IN BOOLEAN MODE)"; $subject_lookin = "AND MATCH(subject) AGAINST('" . $db->escape_string($keywords) . "' IN BOOLEAN MODE)"; } $post_usersql = ''; $thread_usersql = ''; if ($search['author']) { $userids = array(); if ($search['matchusername']) { $query = $db->simple_select("users", "uid", "username='******'author']) . "'"); } else { $search['author'] = my_strtolower($search['author']); $query = $db->simple_select("users", "uid", "LOWER(username) LIKE '%" . $db->escape_string_like($db->escape_string($search['author'])) . "%'"); } while ($user = $db->fetch_array($query)) { $userids[] = $user['uid']; } if (count($userids) < 1) { error($lang->error_nosearchresults); } else { $userids = implode(',', $userids); $post_usersql = " AND p.uid IN (" . $userids . ")"; $thread_usersql = " AND t.uid IN (" . $userids . ")"; } } $datecut = ''; if ($search['postdate']) { if ($search['pddir'] == 0) { $datecut = "<="; } else { $datecut = ">="; } $now = TIME_NOW; $datelimit = $now - 86400 * $search['postdate']; $datecut .= "'{$datelimit}'"; $post_datecut = " AND p.dateline {$datecut}"; $thread_datecut = " AND t.dateline {$datecut}"; } $thread_replycut = ''; if ($search['numreplies'] != '' && $search['findthreadst']) { if (intval($search['findthreadst']) == 1) { $thread_replycut = " AND t.replies >= '" . intval($search['numreplies']) . "'"; } else { $thread_replycut = " AND t.replies <= '" . intval($search['numreplies']) . "'"; } } $forumin = ''; $fidlist = array(); $searchin = array(); if ($search['forums'] != "all") { if (!is_array($search['forums'])) { $search['forums'] = array(intval($search['forums'])); } foreach ($search['forums'] as $forum) { $forum = intval($forum); if (!$searchin[$forum]) { switch ($db->type) { case "pgsql": case "sqlite3": case "sqlite2": $query = $db->query("\n\t\t\t\t\t\t\tSELECT f.fid \n\t\t\t\t\t\t\tFROM " . TABLE_PREFIX . "forums f \n\t\t\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "forumpermissions p ON (f.fid=p.fid AND p.gid='" . $mybb->user['usergroup'] . "') \n\t\t\t\t\t\t\tWHERE INSTR(','||parentlist||',',',{$forum},') > 0 AND active!=0 AND (ISNULL(p.fid) OR p.cansearch=1)\n\t\t\t\t\t\t"); break; default: $query = $db->query("\n\t\t\t\t\t\t\tSELECT f.fid \n\t\t\t\t\t\t\tFROM " . TABLE_PREFIX . "forums f \n\t\t\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "forumpermissions p ON (f.fid=p.fid AND p.gid='" . $mybb->user['usergroup'] . "') \n\t\t\t\t\t\t\tWHERE INSTR(CONCAT(',',parentlist,','),',{$forum},') > 0 AND active!=0 AND (ISNULL(p.fid) OR p.cansearch=1)\n\t\t\t\t\t\t"); } while ($sforum = $db->fetch_array($query)) { $fidlist[] = $sforum['fid']; } } } if (count($fidlist) == 1) { $forumin .= " AND t.fid='{$forum}' "; $searchin[$fid] = 1; } else { if (count($fidlist) > 1) { $forumin = " AND t.fid IN (" . implode(',', $fidlist) . ")"; } } } $unsearchforums = get_unsearchable_forums(); if ($unsearchforums) { $permsql = " AND t.fid NOT IN ({$unsearchforums})"; } $inactiveforums = get_inactive_forums(); if ($inactiveforums) { $permsql .= " AND t.fid NOT IN ({$inactiveforums})"; } // Searching a specific thread? if ($search['tid']) { $tidsql = " AND t.tid='" . intval($search['tid']) . "'"; } $limitsql = ''; if (intval($mybb->settings['searchhardlimit']) > 0) { $limitsql = "LIMIT " . intval($mybb->settings['searchhardlimit']); } // Searching both posts and thread titles $threads = array(); $posts = array(); $firstposts = array(); if ($search['postthread'] == 1) { // No need to search subjects when looking for results within a specific thread if (!$search['tid']) { $query = $db->query("\n\t\t\t\tSELECT t.tid, t.firstpost\n\t\t\t\tFROM " . TABLE_PREFIX . "threads t\n\t\t\t\tWHERE 1=1 {$thread_datecut} {$thread_replycut} {$forumin} {$thread_usersql} {$permsql} AND t.visible>=0 AND t.closed NOT LIKE 'moved|%' {$subject_lookin}\n\t\t\t\t{$limitsql}\n\t\t\t"); while ($thread = $db->fetch_array($query)) { $threads[$thread['tid']] = $thread['tid']; if ($thread['firstpost']) { $posts[$thread['tid']] = $thread['firstpost']; } } } $query = $db->query("\n\t\t\tSELECT p.pid, p.tid\n\t\t\tFROM " . TABLE_PREFIX . "posts p\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid=p.tid)\n\t\t\tWHERE 1=1 {$post_datecut} {$thread_replycut} {$forumin} {$post_usersql} {$permsql} {$tidsql} AND p.visible>=0 AND t.visible>=0 AND t.closed NOT LIKE 'moved|%' {$message_lookin}\n\t\t\t{$limitsql}\n\t\t"); while ($post = $db->fetch_array($query)) { $posts[$post['pid']] = $post['pid']; $threads[$post['tid']] = $post['tid']; } if (count($posts) < 1 && count($threads) < 1) { error($lang->error_nosearchresults); } $threads = implode(',', $threads); $posts = implode(',', $posts); } else { $query = $db->query("\n\t\t\tSELECT t.tid, t.firstpost\n\t\t\tFROM " . TABLE_PREFIX . "threads t\n\t\t\tWHERE 1=1 {$thread_datecut} {$thread_replycut} {$forumin} {$thread_usersql} {$permsql} AND t.visible>=0 {$subject_lookin}\n\t\t\t{$limitsql}\n\t\t"); while ($thread = $db->fetch_array($query)) { $threads[$thread['tid']] = $thread['tid']; if ($thread['firstpost']) { $firstposts[$thread['tid']] = $thread['firstpost']; } } if (count($threads) < 1) { error($lang->error_nosearchresults); } $threads = implode(',', $threads); $firstposts = implode(',', $firstposts); if ($firstposts) { $query = $db->simple_select("posts", "pid", "pid IN ({$firstposts}) AND visible >= '0' {$limitsql}"); while ($post = $db->fetch_array($query)) { $posts[$post['pid']] = $post['pid']; } $posts = implode(',', $posts); } } return array("threads" => $threads, "posts" => $posts, "querycache" => ''); }
$datecut = TIME_NOW - 86400 * $days; $where_sql = "t.lastpost >='" . $datecut . "'"; if ($mybb->input['fid']) { $where_sql .= " AND t.fid='" . intval($mybb->input['fid']) . "'"; } else { if ($mybb->input['fids']) { $fids = explode(',', $mybb->input['fids']); foreach ($fids as $key => $fid) { $fids[$key] = intval($fid); } if (!empty($fids)) { $where_sql .= " AND t.fid IN (" . implode(',', $fids) . ")"; } } } $unsearchforums = get_unsearchable_forums(); if ($unsearchforums) { $where_sql .= " AND t.fid NOT IN ({$unsearchforums})"; } $inactiveforums = get_inactive_forums(); if ($inactiveforums) { $where_sql .= " AND t.fid NOT IN ({$inactiveforums})"; } $sid = md5(uniqid(microtime(), 1)); $searcharray = array("sid" => $db->escape_string($sid), "uid" => $mybb->user['uid'], "dateline" => TIME_NOW, "ipaddress" => $db->escape_string($session->ipaddress), "threads" => '', "posts" => '', "resulttype" => "threads", "querycache" => $db->escape_string($where_sql), "keywords" => ''); $plugins->run_hooks("search_do_search_process"); $db->insert_query("searchlog", $searcharray); redirect("search.php?action=results&sid=" . $sid, $lang->redirect_searchresults); } elseif ($mybb->input['action'] == "do_search" && $mybb->request_method == "post") { $plugins->run_hooks("search_do_search_start"); // Check if search flood checking is enabled and user is not admin
function recentthread_list_threads($return = false) { global $mybb, $db, $templates, $recentthreadtable, $recentthreads, $settings, $canviewrecentthreads, $cache, $theme; // First check permissions if (!recentthread_can_view()) { return; } require_once MYBB_ROOT . "inc/functions_search.php"; $threadlimit = (int) $mybb->settings['recentthread_threadcount']; if (!$threadlimit) { $threadlimit = 15; } $onlyusfids = array(); // Check group permissions if we can't view threads not started by us $group_permissions = forum_permissions(); foreach ($group_permissions as $fid => $forum_permissions) { if ($forum_permissions['canonlyviewownthreads'] == 1) { $onlyusfids[] = $fid; } } if (!empty($onlyusfids)) { $where .= "AND ((t.fid IN(" . implode(',', $onlyusfids) . ") AND t.uid='{$mybb->user['uid']}') OR t.fid NOT IN(" . implode(',', $onlyusfids) . "))"; } $approved = 0; // Moderators can view unapproved threads if ($mybb->usergroup['canmodcp'] == 1) { $approved = -1; } $unsearchableforums = get_unsearchable_forums(); $unviewableforums = get_unviewable_forums(); if ($unsearchableforums && $unviewableforums) { $forumarray = explode(",", $unsearchableforums . "," . $unviewableforums); $newarray = array_unique($forumarray); $unsearchableforumssql = " AND t.fid NOT IN(" . implode(",", $newarray) . ") "; } // Take into account any ignored forums if ($mybb->settings['recentthread_forumskip']) { $ignoreforums = " AND t.fid NOT IN(" . $mybb->settings['recentthread_forumskip'] . ") "; } $forums = $cache->read("forums"); $query = $db->query("\n\t\t\tSELECT t.*, u.username AS userusername, u.usergroup, u.displaygroup, u.avatar as threadavatar, u.avatardimensions as threaddimensions, lp.usergroup AS lastusergroup, lp.avatar as lastavatar, lp.avatardimensions as lastdimensions, lp.displaygroup as lastdisplaygroup\n\t\t\tFROM " . TABLE_PREFIX . "threads t\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=t.uid)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "users lp ON (t.lastposteruid=lp.uid)\n\t\t\tWHERE 1=1 {$where} AND t.visible > {$approved} {$unsearchableforumssql} {$ignoreforums}\n\t\t\tORDER BY t.lastpost DESC\n\t\t\tLIMIT {$threadlimit}\n\t\t"); while ($thread = $db->fetch_array($query)) { $trow = alt_trow(); $thread['forum'] = $forums[$thread['fid']]['name']; $threadlink = get_thread_link($thread['tid'], "", "newpost"); $lastpostlink = get_thread_link($thread['tid'], "", "lastpost"); $lastpostdate = my_date($mybb->settings['dateformat'], $thread['lastpost']); $lastposttime = my_date($mybb->settings['timeformat'], $thread['lastpost']); $lastposttimeago = my_date("relative", $thread['lastpost']); $lastposter = $thread['lastposter']; $lastposteruid = $thread['lastposteruid']; $thread['author'] = build_profile_link(format_name($thread['userusername'], $thread['usergroup'], $thread['displaygroup']), $thread['uid']); // Don't link to guest's profiles (they have no profile). if ($lastposteruid == 0) { $lastposterlink = $lastposter; } else { $lastposterlink = build_profile_link(format_name($lastposter, $thread['lastusergroup'], $thread['lastdisplaygroup']), $lastposteruid); } if ($mybb->settings['recentthread_threadavatar']) { $threadavatar = format_avatar($thread['threadavatar'], $thread['threaddimensions']); $avatarurl = $threadavatar['image']; $dimensions = $threadavatar['width_height']; eval("\$posteravatar = \"" . $templates->get("recentthread_avatar") . "\";"); } if ($mybb->settings['recentthread_lastavatar']) { $lastposteravatar = format_avatar($thread['lastavatar'], $thread['lastdimensions']); $avatarurl = $lastposteravatar['image']; $dimensions = $lastposteravatar['width_height']; eval("\$lastavatar = \"" . $templates->get("recentthread_avatar") . "\";"); } // Now check the length of subjects $length = (int) $mybb->settings['recentthread_subject_length']; if (strlen($thread['subject']) > $length && $length != 0) { // Figure out if we need to split it up. $title = my_substr($thread['subject'], 0, $length); if ($mybb->settings['recentthread_subject_breaker']) { $words = explode(" ", $title); $count = count($words) - 1; $currenttitle = ""; for ($x = 0; $x < $count; $x++) { $currenttitle .= $words[$x] . " "; } $thread['subject'] = $currenttitle . " ..."; } if (!$mybb->settings['recentthread_subject_breaker']) { $thread['subject'] = $title . "..."; } } // Moderator stuff baby! if (is_moderator($thread['fid'])) { $ismod = TRUE; // fetch the inline mod column } else { $ismod = FALSE; } if (is_moderator($thread['fid'], "caneditposts") || $fpermissions['caneditposts'] == 1) { $can_edit_titles = 1; } else { $can_edit_titles = 0; } $inline_edit_class = ''; if ($thread['uid'] == $mybb->user['uid'] && $thread['closed'] != 1 && $mybb->user['uid'] != 0 && $can_edit_titles == 1 || $ismod == true) { $inline_edit_class = "subject_editable"; } eval("\$recentthreads .= \"" . $templates->get("recentthread_thread") . "\";"); unset($posteravatar); unset($lastavatar); } eval("\$recentthreadtable = \"" . $templates->get("recentthread") . "\";"); if ($return) { return $recentthreadtable; } }
/** * Prepare WHERE statement for unread posts search query * */ private function buildSQLWhere() { if ($this->where != '') { return; } // Standard where $this->where .= "t.visible = 1 AND t.closed NOT LIKE 'moved|%'"; // Only one fid theme if ($this->fid) { $this->where .= " AND t.fid = '{$this->fid}'"; } // Exceptions if ($this->getConfig('Exceptions') != '') { $exceptions_list = explode(',', $this->getConfig('Exceptions')); $exceptions_list = array_map('intval', $exceptions_list); if (sizeof($exceptions_list) > 0) { $this->where .= " AND t.fid NOT IN (" . implode(',', $exceptions_list) . ")"; } } // Permissions $onlyusfids = array(); // Check group permissions if we can't view threads not started by us $group_permissions = forum_permissions(); foreach ($group_permissions as $fid => $forum_permissions) { if ($forum_permissions['canonlyviewownthreads'] == 1) { $onlyusfids[] = $fid; } } if (!empty($onlyusfids)) { $this->where .= " AND ((t.fid IN(" . implode(',', $onlyusfids) . ") AND t.uid='{$mybb->user['uid']}') OR t.fid NOT IN(" . implode(',', $onlyusfids) . "))"; } // Unsearchable forums if (!function_exists('get_unsearchable_forums')) { require_once MYBB_ROOT . "inc/functions_search.php"; } global $permissioncache, $unsearchableforums; $permissioncache = $unsearchableforums = false; $unsearchforums = get_unsearchable_forums(); if ($unsearchforums) { $this->where .= " AND t.fid NOT IN ({$unsearchforums})"; } // Inactive forums $inactiveforums = get_inactive_forums(); if ($inactiveforums) { $this->where .= " AND t.fid NOT IN ({$inactiveforums})"; } }
function latestposts() { global $mybb, $lang, $db, $templates, $postslist, $sidebar, $right, $left; $lang->load("latestposts"); $threadlimit = (int) $mybb->settings['latestposts_threadcount']; $where = NULL; if (!$threadlimit) { $threadlimit = 15; } if ($mybb->settings['latestposts_forumskip']) { $where .= " AND t.fid NOT IN(" . $mybb->settings['latestposts_forumskip'] . ") "; } require_once MYBB_ROOT . "inc/functions_search.php"; $unsearchforums = get_unsearchable_forums(); if ($unsearchforums) { $where .= " AND t.fid NOT IN ({$unsearchforums})"; } $inactiveforums = get_inactive_forums(); if ($inactiveforums) { $where .= " AND t.fid NOT IN ({$inactiveforums})"; } $permissions = forum_permissions(); for ($i = 0; $i <= sizeof($permissions); $i++) { if (isset($permissions[$i]['fid']) && ($permissions[$i]['canview'] == 0 || $permissions[$i]['canviewthreads'] == 0)) { $where .= " AND t.fid <> " . $permissions[$i]['fid']; } } $where .= " AND p.visible <> -1"; $query = $db->query("\r\n\t\tSELECT t.*, u.username AS userusername, u.usergroup, u.displaygroup, lp.usergroup AS lastusergroup, lp.displaygroup as lastdisplaygroup, p.visible\r\n\t\tFROM " . TABLE_PREFIX . "threads t\r\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=t.uid)\r\n\t\tLEFT JOIN " . TABLE_PREFIX . "users lp ON (t.lastposteruid=lp.uid)\r\n\t\tLEFT JOIN " . TABLE_PREFIX . "posts p ON (t.tid=p.tid AND replyto = 0)\r\n WHERE 1=1 {$where}\r\n\t\tORDER BY t.lastpost DESC\r\n\t\tLIMIT {$threadlimit}\r\n\t"); while ($thread = $db->fetch_array($query)) { $tid = $thread['tid']; $postname = $thread['subject']; $lastpostlink = get_thread_link($thread['tid'], "", "lastpost"); $lastposttimeago = my_date("relative", $thread['lastpost']); $lastposter = $thread['lastposter']; $lastposteruid = $thread['lastposteruid']; if ($mybb->settings['latestposts_showtime'] == 1) { $lang->latestposttime = $lang->sprintf($lang->latestposttime, $lastposttimeago); } else { $lang->latestposttime = NULL; } if ($lastposteruid == 0) { $lastposterlink = $lastposter; } else { $lastposterlink = build_profile_link(format_name($lastposter, $thread['lastusergroup'], $thread['lastdisplaygroup']), $lastposteruid); } eval("\$postslist .= \"" . $templates->get("index_sidebar_post") . "\";"); } if ($mybb->settings['latestposts_rightorleft'] == "right") { $right = "right"; $left = "left"; } else { $right = "left"; $left = "right"; } eval("\$sidebar = \"" . $templates->get("index_sidebar") . "\";"); }