$charset = $CONFIG['charset'] == 'language file' ? $GLOBALS['lang_charset'] : $CONFIG['charset'];
$sort_array = array('na' => 'filename ASC , pid ASC', 'nd' => 'filename DESC , pid ASC', 'ta' => 'title ASC , pid ASC', 'td' => 'title DESC , pid ASC', 'da' => 'pid ASC', 'dd' => 'pid DESC', 'pa' => 'position ASC , pid ASC', 'pd' => 'position DESC , pid ASC');
$sort_code = isset($USER['sort']) ? $USER['sort'] : $CONFIG['default_sort_order'];
$sort_order = isset($sort_array[$sort_code]) ? $sort_array[$sort_code] : $sort_array[$CONFIG['default_sort_order']];
$allowed = array('title', 'caption', 'keywords', 'filename', 'pic_raw_ip', 'pic_hdr_ip', 'user1', 'user2', 'user3', 'user4');
global $cpg_udb;
// Use actual column name for search by owner name
if ($cpg_udb->can_join_tables && $USER['search']['params']['owner_name']) {
$USER['search']['params'][$cpg_udb->field['username']] = true;
$allowed[] = $cpg_udb->field['username'];
}
$mb_charset = stristr($multibyte_charset, $charset);
$search_string = str_replace('"', '"', $search_string);
$search_string = str_replace('\'', '"', $search_string);
$search_string = preg_replace('/&.*;/i', '', $search_string);
$search_string = Inspekt::getEscaped($search_string);
if (!$mb_charset) {
$search_string = preg_replace('/[^0-9a-z %]/i', '', $search_string);
}
if (!isset($USER['search']['params'])) {
$USER['search']['params']['title'] = $USER['search']['params']['caption'] = $USER['search']['params']['keywords'] = $USER['search']['params']['filename'] = 1;
}
//if (isset($_GET['album']) && $_GET['album'] == 'search') {
// $_POST = $USER['search'];
//}
if ($superCage->get->keyExists('album') && $superCage->get->getAlpha('album') == 'search') {
$search_params = $USER['search'];
} else {
//put all original $_POST vars in $search_params, don't know if this could be used???
$search_params = $superCage->post->_source;
}
/**
* Strip whitespaces from the beginning and end of each keyword
*
* @param string $keywords
*/
function cpg_trim_keywords(&$keywords)
{
global $CONFIG;
$keywords_new = array();
$keywords = explode($CONFIG['keyword_separator'], trim(html_entity_decode($keywords)));
foreach ($keywords as $word) {
if (trim($word)) {
$keywords_new[] = trim(Inspekt::getEscaped($word));
}
}
$keywords = implode($CONFIG['keyword_separator'], $keywords_new);
}
$remove = $superCage->get->getEscaped('remove');
} elseif ($superCage->post->keyExists('remove')) {
$remove = $superCage->post->getEscaped('remove');
}
$query = "SELECT pid, keywords FROM {$CONFIG['TABLE_PICTURES']} WHERE CONCAT('{$keysep}', keywords, '{$keysep}') LIKE '%{$keysep}{$remove}{$keysep}%'";
$result = cpg_db_query($query);
while (list($id, $keywords) = mysql_fetch_row($result)) {
$array_new = array();
$array_old = explode($keysep, trim(html_entity_decode($keywords)));
foreach ($array_old as $word) {
// convert old to new if it's the same word
if (utf_strtolower(Inspekt::getEscaped($word)) == utf_strtolower($remove)) {
$word = '';
}
// rebuild array to reprocess it
$array_new[] = Inspekt::getEscaped(trim($word));
}
$keywords = implode($keysep, $array_new);
$newquerys[] = "UPDATE {$CONFIG['TABLE_PICTURES']} SET keywords = '{$keywords}' WHERE pid = {$id}";
}
$newquerys[] = "UPDATE {$CONFIG['TABLE_PICTURES']} SET keywords = TRIM(REPLACE(keywords, '{$keysep}{$keysep}', '{$keysep}'))";
$newquerys[] = "UPDATE {$CONFIG['TABLE_PICTURES']} SET keywords = '' WHERE keywords = '{$keysep}'";
foreach ($newquerys as $query) {
$result = cpg_db_query($query);
}
header("Location: keywordmgr.php?page=display");
break;
}
endtable();
echo "<input type=\"hidden\" name=\"form_token\" value=\"{$form_token}\" />\n<input type=\"hidden\" name=\"timestamp\" value=\"{$timestamp}\" /></form>";
if ($CONFIG['clickable_keyword_search'] != 0) {
/**
* Returns the value escaped with mysql_real_escape_string.
*
* @param mixed $value
* @return string
*
* @tag filter
*/
function getEscaped($key)
{
if (!$this->keyExists($key)) {
return false;
}
return Inspekt::getEscaped($this->_getValue($key));
}
