} if (empty($errors)) { ($hook = vBulletinHook::fetch_hook('search_process_postindex')) ? eval($hook) : false; } } } else { // Fulltext ... foreach ($queryWords as $word => $wordtype) { // Need something here to strip odd characters out of words that fulltext is probably not indexing $queryword = preg_replace('#"([^"]+)"#sie', "stripslashes(str_replace('*', ' ', '\\0'))", $word); if ($wordtype != 'NOT') { $display['highlight'][] = htmlspecialchars_uni(preg_replace('#"(.+)"#si', '\\1', $queryword)); } // make sure word is safe to insert into the query $unsafeword = $queryword; $queryword = sanitize_word_for_sql($queryword); if (!$vbulletin->options['allowwildcards']) { # Don't allow wildcard searches so remove any * $queryword = str_replace('*', '', $queryword); } $wordlist = iif($wordlist, "{$wordlist} ", $wordlist); switch ($wordtype) { case 'AND': $wordlist .= "+{$queryword}"; break; case 'OR': $wordlist .= $queryword; break; case 'NOT': $wordlist .= "-{$queryword}"; break;
/** * Set the user filter * * @param string $username. The name of the user. * @param bool $exactname. If we should only look for an exact match * @param enum $groupuser. If we should only search for the group user, the item user, * or the default for the search type. On of the group constants in vB_Search_Core */ public function add_user_filter($username, $exactmatch, $groupuser) { //we don't actually have a username, do nothing. if (!trim($username)) { return; } global $vbphrase; $field = $this->switch_field('user', $groupuser); //todo -- figure out how to handle based on $groupuser/contenttype $intro = $vbphrase['user']; if (!$exactmatch and strlen($username) < 3) { $this->add_error('searchnametooshort'); return array(); } $username = htmlspecialchars_uni($username); if ($exactmatch) { $db = $GLOBALS['vbulletin']->db; $sql_filter = "username = '******'"; } else { $sql_filter = "username LIKE('%" . sanitize_word_for_sql($username) . "%')"; } ($hook = vBulletinHook::fetch_hook('search_add_user_filter')) ? eval($hook) : false; $users = $this->get_user_data($sql_filter); if (count($users)) { $this->add_filter($field, vB_Search_Core::OP_EQ, array_keys($users), true); $this->set_user_display_string($intro, $users); } }