function display_page($p)
{
$page = $this->db->quick_query('SELECT * FROM %ppages WHERE page_id=%d', $p);
if (!$page) {
return $this->error('The page you are looking for does not exist. It may have been deleted or the URL is incorrect.', 404);
}
$xtpl = new XTemplate('./skins/' . $this->skin . '/page.xtpl');
$this->title($page['page_title']);
$this->meta_description($page['page_meta']);
$sidebar = null;
$content = $this->format($page['page_content'], $page['page_flags']);
if ($page['page_flags'] & POST_HTML && $page['page_flags'] & POST_BBCODE) {
$content = html_entity_decode($content, ENT_COMPAT, 'UTF-8');
}
$xtpl->assign('content', $content);
if ($page['page_flags'] & POST_SIDEBAR) {
$SideBar = new sidebar($this);
$sidebar = $SideBar->build_sidebar();
$xtpl->parse('Page.HasSidebar');
} else {
$xtpl->parse('Page.NoSidebar');
}
$xtpl->assign('sidebar', $sidebar);
$xtpl->parse('Page');
return $xtpl->text('Page');
}
function view_cat($cid)
{
if ($this->settings['friendly_urls']) {
$cid = str_replace('-', ' ', $cid);
$cat = $this->db->quick_query("SELECT * FROM %pblogcats WHERE cat_name='%s'", $cid);
} else {
$cat = $this->db->quick_query('SELECT * FROM %pblogcats WHERE cat_id=%d', $cid);
}
if (!$cat) {
return $this->error('The blog category you are looking for does not exist. It may have been deleted or the URL is incorrect.', 404);
}
$xtpl = new XTemplate('./skins/' . $this->skin . '/cat.xtpl');
$this->title('Category: ' . $cat['cat_name']);
$this->meta_description($cat['cat_description']);
$xtpl->assign('cat_name', htmlspecialchars($cat['cat_name']));
$xtpl->assign('cat_desc', $this->format($cat['cat_description'], POST_BBCODE));
$Posts = null;
$where = null;
if ($this->user['user_level'] > USER_GUEST) {
$where = "pc.pc_cat={$cat['cat_id']} AND post_flags & " . POST_PUBLISHED;
} else {
$where = "pc.pc_cat={$cat['cat_id']} AND post_flags & " . POST_PUBLISHED . " AND !(post_flags & " . POST_MEMBERSONLY . ")";
}
$result = $this->db->dbquery('SELECT p.post_id, p.post_subject, p.post_date, u.user_name
FROM %ppostcats pc
LEFT JOIN %pblogposts p ON p.post_id = pc.pc_post
LEFT JOIN %pusers u ON u.user_id=p.post_user
WHERE ' . $where . ' ORDER BY p.post_date DESC');
while ($post = $this->db->assoc($result)) {
$xtpl->assign('subject', htmlspecialchars($post['post_subject']));
$xtpl->assign('author', htmlspecialchars($post['user_name']));
$xtpl->assign('date', date($this->settings['blog_dateformat'], $post['post_date']));
if ($this->settings['friendly_urls']) {
$post_url = $this->settings['site_address'] . $this->clean_url($post['post_subject']) . "-{$post['post_id']}.html";
} else {
$post_url = "{$this->settings['site_address']}index.php?a=blog&p={$post['post_id']}";
}
$xtpl->assign('post_url', $post_url);
$xtpl->parse('Category.Post');
}
$SideBar = new sidebar($this);
$xtpl->assign('sidebar', $SideBar->build_sidebar());
$xtpl->parse('Category');
return $xtpl->text('Category');
}
function view_post($p)
{
$post = $this->db->quick_query('SELECT p.*, u.* FROM %pblogposts p
LEFT JOIN %pusers u ON u.user_id=p.post_user WHERE post_id=%d', $p);
if (isset($this->get['title'])) {
if ($this->clean_url($post['post_subject']) != $this->get['title']) {
$post = null;
}
}
if (!$post || $post['post_flags'] & POST_MEMBERSONLY && $this->user['user_level'] == USER_GUEST) {
return $this->error('The blog entry you are looking for is not available. It may have been deleted, is restricted from viewing, or the URL is incorrect.', 404);
}
if (!($post['post_flags'] & POST_PUBLISHED)) {
if ($this->user['user_level'] < USER_CONTRIBUTOR) {
return $this->error('The blog entry you are looking for is not available. It may have been deleted, is restricted from viewing, or the URL is incorrect.', 404);
}
}
$this->title($post['post_subject']);
$this->meta_description($post['post_summary']);
if (isset($this->post['submit']) || isset($this->post['preview'])) {
if ($this->closed_content($post, COMMENT_BLOG)) {
return $this->error('Sorry, this blog entry is closed for commenting.', 403);
}
if ($post['post_flags'] & POST_MEMBERSONLY && $this->user['user_level'] < USER_MEMBER) {
return $this->error('Sorry, comments are only available to registered users for this post.', 403);
}
if ($post['post_flags'] & POST_RESTRICTED_COMMENTS && $this->user['user_level'] < USER_MEMBER) {
return $this->error('Sorry, comments are only available to registered users for this post.', 403);
}
$result = $this->comments->post_comment(COMMENT_BLOG, $post['post_subject'], $p);
if (is_string($result)) {
return $result;
}
if (isset($this->post['request_uri'])) {
header('Location: ' . $this->post['request_uri']);
}
if ($this->settings['friendly_urls']) {
$link = $this->settings['site_address'] . $this->clean_url($post['post_subject']) . "-{$p}.html&c={$result}#comment-{$result}";
} else {
$link = "{$this->settings['site_address']}index.php?a=blog&p={$p}&c={$result}#comment-{$result}";
}
header('Location: ' . $link);
}
if (isset($this->get['num'])) {
$num = intval($this->get['num']);
} else {
$num = $this->settings['blog_commentsperpage'];
}
if ($num > $this->settings['blog_commentsperpage']) {
$num = $this->settings['blog_commentsperpage'];
}
$min = isset($this->get['min']) ? intval($this->get['min']) : 0;
if (isset($this->get['c'])) {
$cmt = intval($this->get['c']);
// We need to find what page the requested comment is on
$coms = $this->db->quick_query("SELECT COUNT(comment_id) count FROM %pblogcomments WHERE comment_post=%d AND comment_id < %d AND comment_type=%d", $p, $cmt, COMMENT_BLOG);
if ($coms) {
$count = $coms['count'] + 1;
} else {
$count = 0;
}
$min = 0;
// Start at the first page regardless
while ($count > $min + $num) {
$min += $num;
}
}
$xtpl = new XTemplate('./skins/' . $this->skin . '/blog_viewpost.xtpl');
$older = null;
$newer = null;
if ($this->user['user_level'] >= USER_CONTRIBUTOR) {
$next_post = $this->db->quick_query('SELECT post_id, post_subject FROM %pblogposts
WHERE post_date > %d
ORDER BY post_date ASC LIMIT 1', $post['post_date']);
} elseif ($this->user['user_level'] > USER_GUEST) {
$next_post = $this->db->quick_query('SELECT post_id, post_subject FROM %pblogposts
WHERE post_date > %d AND (post_flags & %d)
ORDER BY post_date ASC LIMIT 1', $post['post_date'], POST_PUBLISHED);
} else {
$next_post = $this->db->quick_query('SELECT post_id, post_subject FROM %pblogposts
WHERE post_date > %d AND (post_flags & %d) AND !(post_flags & %d)
ORDER BY post_date ASC LIMIT 1', $post['post_date'], POST_PUBLISHED, POST_MEMBERSONLY);
}
if ($next_post) {
if ($this->settings['friendly_urls']) {
$new_sub_link = $this->settings['site_address'] . $this->clean_url($next_post['post_subject']) . "-{$next_post['post_id']}.html";
} else {
$new_sub_link = "{$this->settings['site_address']}index.php?a=blog&p={$next_post['post_id']}";
}
$new_sub = htmlspecialchars($next_post['post_subject']);
$newer = "<a href=\"{$new_sub_link}\">{$new_sub}</a> »";
}
if ($this->user['user_level'] >= USER_CONTRIBUTOR) {
$prev_post = $this->db->quick_query('SELECT post_id, post_subject FROM %pblogposts
WHERE post_date < %d
ORDER BY post_date DESC LIMIT 1', $post['post_date']);
} elseif ($this->user['user_level'] > USER_GUEST) {
$prev_post = $this->db->quick_query('SELECT post_id, post_subject FROM %pblogposts
WHERE post_date < %d AND (post_flags & %d)
ORDER BY post_date DESC LIMIT 1', $post['post_date'], POST_PUBLISHED);
} else {
$prev_post = $this->db->quick_query('SELECT post_id, post_subject FROM %pblogposts
WHERE post_date < %d AND (post_flags & %d) AND !(post_flags & %d)
ORDER BY post_date DESC LIMIT 1', $post['post_date'], POST_PUBLISHED, POST_MEMBERSONLY);
}
if ($prev_post) {
if ($this->settings['friendly_urls']) {
$new_sub_link = $this->settings['site_address'] . $this->clean_url($prev_post['post_subject']) . "-{$prev_post['post_id']}.html";
} else {
$new_sub_link = "{$this->settings['site_address']}index.php?a=blog&p={$prev_post['post_id']}";
}
$new_sub = htmlspecialchars($prev_post['post_subject']);
$older = "« <a href=\"{$new_sub_link}\">{$new_sub}</a>";
}
if ($older || $newer) {
$xtpl->assign('older', $older);
$xtpl->assign('newer', $newer);
$xtpl->parse('BlogPost.NavLinks');
}
$SideBar = new sidebar($this);
$xtpl->assign('sidebar', $SideBar->build_sidebar($post['post_date']));
$xtpl->assign('date', date($this->settings['blog_dateformat'], $post['post_date']));
$subject = htmlspecialchars($post['post_subject']);
$xtpl->assign('subject', $subject);
$xtpl->assign('unpublished', !($post['post_flags'] & POST_PUBLISHED) ? ' <span style="color:yellow"> [UNPUBLISHED ENTRY]</span>' : null);
if (!empty($post['post_image'])) {
$xtpl->assign('image', $this->postimages_dir . $post['post_image']);
$xtpl->parse('BlogPost.Image');
}
$text = str_replace("[more]", "", $post['post_text']);
$text = $this->format($text, $post['post_flags']);
if ($post['post_flags'] & POST_HTML && $post['post_flags'] & POST_BBCODE) {
$text = html_entity_decode($text, ENT_COMPAT, 'UTF-8');
}
if ($this->settings['blog_signature_on'] && !empty($post['user_signature'])) {
$params = POST_BBCODE | POST_EMOTICONS;
$sig = $this->format($post['user_signature'], $params);
$text .= '<br /><span class="signature">.........................<br />' . $sig . '</span>';
}
$xtpl->assign('text', $text);
$xtpl->assign('post_author', htmlspecialchars($post['user_name']));
$xtpl->assign('icon', $this->display_icon($post['user_icon']));
if ($this->settings['friendly_urls']) {
$post_link = $this->settings['site_address'] . $this->clean_url($post['post_subject']) . "-{$post['post_id']}.html";
} else {
$post_link = "{$this->settings['site_address']}index.php?a=blog&p={$post['post_id']}";
}
$post_url = urlencode($post_link);
$xtpl->assign('post_url', $post_url);
$data = base64_encode($post['post_subject']) . ';' . base64_encode($post_link);
$this->generate_social_links($xtpl, $data);
$cat_array = $this->get_cat_list($post['post_id']);
$xtpl->assign('cat_text', $this->generate_category_links($cat_array));
$xtpl->assign('count', $post['post_comment_count']);
$closed = $this->closed_content($post, COMMENT_BLOG);
$xtpl->assign('closed', $closed ? ' [Closed]' : null);
if (!($post['post_flags'] & POST_MEMBERSONLY) || $post['post_flags'] & POST_MEMBERSONLY && $this->user['user_level'] >= USER_MEMBER) {
if ($post['post_comment_count'] > 0) {
$xtpl->assign('comments', $this->comments->list_comments(COMMENT_BLOG, $p, $post['post_subject'], $post['post_user'], $post['post_comment_count'], $min, $num, $post_link));
$xtpl->parse('BlogPost.Comments');
}
if ($this->user['user_level'] >= USER_MEMBER) {
$author = htmlspecialchars($this->user['user_name']);
} else {
$author = isset($this->cookie[$this->settings['cookie_prefix'] . 'comment_author']) ? htmlspecialchars($this->cookie[$this->settings['cookie_prefix'] . 'comment_author']) : 'Anonymous';
}
if ($this->settings['friendly_urls']) {
$action_link = $this->settings['site_address'] . $this->clean_url($post['post_subject']) . "-{$post['post_id']}.html#newcomment";
} else {
$action_link = "{$this->settings['site_address']}index.php?a=blog&p={$post['post_id']}#newcomment";
}
$xtpl->assign('comment_form', $this->comments->generate_comment_form($author, $subject, $action_link, $closed));
}
$mod_controls = null;
if ($this->user['user_level'] == USER_CONTRIBUTOR && $post['post_user'] == $this->user['user_id']) {
$mod_controls = '<div class="mod_controls">[ <a href="index.php?a=blog&s=edit&p=' . $post['post_id'] . '">Edit</a> ] | [ <a href="index.php?a=blog&s=del&p=' . $post['post_id'] . '">Delete</a> ]</div>';
} else {
if ($this->user['user_level'] == USER_ADMIN) {
$mod_controls = '<div class="mod_controls">[ <a href="index.php?a=blog&s=edit&p=' . $post['post_id'] . '">Edit</a> ] | [ <a href="index.php?a=blog&s=del&p=' . $post['post_id'] . '">Delete</a> ]</div>';
}
}
$xtpl->assign('mod_controls', $mod_controls);
$xtpl->parse('BlogPost');
return $xtpl->text('BlogPost');
}
function forgot_password()
{
if (!isset($this->post['submit'])) {
$xtpl = new XTemplate('./skins/' . $this->skin . '/register.xtpl');
$SideBar = new sidebar($this);
$xtpl->assign('sidebar', $SideBar->build_sidebar());
$xtpl->assign('token', $this->generate_token());
$xtpl->assign('action_url', "{$this->settings['site_address']}index.php?a=register&s=forgotpassword");
$xtpl->parse('LostPassword');
return $xtpl->text('LostPassword');
} else {
if (!$this->is_valid_token()) {
return $this->message('Lost Password Recovery', 'Session security token has expired. Please return to the homepage and try again.');
}
$target = $this->db->quick_query("SELECT user_id, user_name, user_password, user_joined, user_email\n\t\t\t\tFROM %pusers WHERE user_name='%s' AND user_id != %d LIMIT 1", $this->post['user_name'], USER_GUEST);
if (!isset($target['user_id'])) {
return $this->message('Lost Password Recovery', 'No such user exists at this site.');
}
$headers = "From: {$this->settings['site_name']} <{$this->settings['email_sys']}>\r\n" . "X-Mailer: PHP/" . phpversion();
$subject = 'Lost Password Recovery';
$message = "{$target['user_name']}:\n\n";
$message .= "Someone has requested a password recovery for your account at {$this->settings['site_name']}.\n";
$message .= "If you do not want to recover a lost password, please ignore or delete this email.\n\n";
$message .= "Go to the below URL to continue with the password recovery:\n";
$message .= "{$this->settings['site_address']}index.php?a=register&s=resetpassword&e=" . md5($target['user_email'] . $target['user_name'] . $target['user_password'] . $target['user_joined']) . "\n\n";
$message .= "Requested from IP: {$this->ip}";
mail($target['user_email'], '[' . $this->settings['site_name'] . '] ' . str_replace('\\n', '\\n', $subject), $message, $headers);
return $this->message('Lost Password Recovery', "Lost password recovery request for user {$this->post['user_name']} has been emailed to the registered address with instructions.");
}
}
function execute()
{
if ($this->user['user_level'] == USER_GUEST) {
return $this->error('Access Denied: You do not have permission to perform that action.', 403);
}
$errors = array();
$email = $this->user['user_email'];
$sig = $this->user['user_signature'];
$url = $this->user['user_url'];
$stylesheet = $this->user['user_stylesheet'];
$gravatar = null;
if ($this->is_email($this->user['user_icon'])) {
$gravatar = $this->user['user_icon'];
}
if (isset($this->post['user_email'])) {
$email = $this->post['user_email'];
}
if (isset($this->post['user_sig'])) {
$sig = $this->post['user_sig'];
}
if (isset($this->post['user_url'])) {
$url = $this->post['user_url'];
}
if (isset($this->post['user_stylesheet'])) {
$stylesheet = $this->post['user_stylesheet'];
}
if (isset($this->post['submit'])) {
if (isset($this->post['user_email']) && !empty($this->post['user_email'])) {
if (!$this->is_email($this->post['user_email'])) {
array_push($errors, 'You did not enter a valid email address.');
}
}
if (isset($this->post['user_gravatar']) && !empty($this->post['user_gravatar'])) {
if (!$this->is_email($this->post['user_gravatar'])) {
array_push($errors, 'You did not specify a valid Gravatar email address.');
}
}
if (isset($this->post['user_password']) && isset($this->post['user_pass_confirm'])) {
if ($this->post['user_password'] != $this->post['user_pass_confirm']) {
array_push($errors, 'Entered passwords do not match.');
}
}
if (!$this->is_valid_token()) {
array_push($errors, 'The security validation token used to verify you are making this change is either invalid or expired. Please try again.');
}
}
$icon = null;
$old_icon = $this->user['user_icon'];
if (!isset($this->post['user_gravatar']) || empty($this->post['user_gravatar'])) {
if (isset($this->files['user_icon']) && $this->files['user_icon']['error'] == UPLOAD_ERR_OK) {
$fname = $this->files['user_icon']['tmp_name'];
$system = explode('.', $this->files['user_icon']['name']);
$ext = strtolower(end($system));
if (!preg_match('/jpg|jpeg|png|gif/', $ext)) {
array_push($errors, 'Invalid icon file type ' . $ext . '. Valid file types are jpg, png and gif.');
} else {
$icon = $this->user['user_name'] . '.' . $ext;
$new_fname = $this->icon_dir . $this->user['user_name'] . '.' . $ext;
if (!move_uploaded_file($fname, $new_fname)) {
array_push($errors, 'Post icon failed to upload!');
} else {
$this->createthumb($new_fname, $new_fname, $ext, $this->settings['blog_icon_width'], $this->settings['blog_icon_height']);
if ($old_icon != 'Anonymous.png') {
@unlink($this->icon_dir . $old_icon);
}
}
}
} else {
$icon = $old_icon;
}
} else {
if ($this->is_email($this->post['user_gravatar'])) {
$icon = $this->post['user_gravatar'];
if ($old_icon != 'Anonymous.png') {
@unlink($this->icon_dir . $old_icon);
}
} else {
$icon = $old_icon;
}
}
if ($this->settings['friendly_urls']) {
$action_link = $this->settings['site_address'] . 'profile';
} else {
$action_link = "{$this->settings['site_address']}index.php?a=profile";
}
if (!isset($this->post['submit']) || count($errors) != 0) {
$xtpl = new XTemplate('./skins/' . $this->skin . '/profile.xtpl');
if (count($errors) > 0) {
$xtpl->assign('errors', implode($errors, "<br />\n"));
$xtpl->parse('Profile.Errors');
}
$xtpl->assign('token', $this->generate_token());
$xtpl->assign('action_link', $action_link);
$xtpl->assign('name', htmlspecialchars($this->user['user_name']));
$xtpl->assign('email', htmlspecialchars($email));
$xtpl->assign('sig', htmlspecialchars($sig));
$xtpl->assign('url', htmlspecialchars($url));
$xtpl->assign('icon', $this->display_icon($icon));
$xtpl->assign('gravatar', htmlspecialchars($gravatar));
$xtpl->assign('skin', $this->select_input('user_skin', $this->skin, $this->get_skins()));
$params = POST_BBCODE | POST_EMOTICONS;
$xtpl->assign('sigdisplay', $this->format($sig, $params));
$xtpl->assign('date', date($this->settings['blog_dateformat'], $this->user['user_joined']));
$level = $this->user['user_level'];
$comments = $this->db->quick_query('SELECT COUNT(comment_id) count FROM %pblogcomments');
$posts = $this->db->quick_query('SELECT COUNT(comment_id) count FROM %pblogcomments WHERE comment_user=%d', $this->user['user_id']);
$xtpl->assign('count', intval($posts['count']));
if ($comments['count'] > 0) {
$xtpl->assign('percent', floor($posts['count'] / $comments['count'] * 100));
} else {
$xtpl->assign('percent', 0);
}
if ($level == USER_CONTRIBUTOR || $level == USER_ADMIN) {
$blogposts = $this->db->quick_query('SELECT COUNT(post_id) count FROM %pblogposts');
$blogpostcount = $this->db->quick_query('SELECT COUNT(post_id) count FROM %pblogposts WHERE post_user=%d', $this->user['user_id']);
$xtpl->assign('blogcount', intval($blogpostcount['count']));
if ($blogposts['count'] > 0) {
$xtpl->assign('blogpercent', floor($blogpostcount['count'] / $blogposts['count'] * 100));
} else {
$xtpl->assign('blogpercent', 0);
}
$xtpl->parse('Profile.Contributor');
}
$xtpl->assign('width', $this->settings['blog_icon_width']);
$xtpl->assign('height', $this->settings['blog_icon_height']);
if ($this->user['user_level'] > USER_MEMBER) {
$xtpl->assign('stylesheet', htmlspecialchars($stylesheet));
$xtpl->parse('Profile.Stylesheet');
}
$SideBar = new sidebar($this);
$xtpl->assign('sidebar', $SideBar->build_sidebar());
$xtpl->parse('Profile');
return $xtpl->text('Profile');
}
$skins = $this->get_skins();
if (in_array($this->post['user_skin'], $this->skins)) {
setcookie($this->settings['cookie_prefix'] . 'skin', $this->post['user_skin'], $this->time + $this->settings['cookie_logintime'], $this->settings['cookie_path'], $this->settings['cookie_domain'], $this->settings['cookie_secure'], true);
$this->skin = $this->post['user_skin'];
}
$url = (!stristr($url, '://') ? 'http://' : null) . $url;
if ($url == 'http://') {
$url = '';
}
$stylesheet = '';
if (isset($this->post['user_stylesheet']) && $this->user['user_level'] > USER_MEMBER) {
$stylesheet = $this->post['user_stylesheet'];
}
$pass = null;
if (!empty($this->post['user_password']) && !empty($this->post['user_pass_confirm'])) {
$newpass = $this->db->escape(hash('sha256', $this->post['user_password']));
$pass = "******";
$action_link = '/';
}
$this->db->dbquery("UPDATE %pusers SET user_email='%s', user_url='%s', user_stylesheet='%s', user_icon='%s', user_signature='%s'{$pass} WHERE user_id=%d", $email, $url, $stylesheet, $icon, $sig, $this->user['user_id']);
return $this->message('Edit Your Profile', 'Your profile has been updated.', 'Continue', $action_link);
}
function execute()
{
if (!isset($this->post['search_word']) || empty($this->post['search_word'])) {
return $this->message('Search', 'You must enter something to search for. I can\'t read your mind.');
}
if (strlen($this->post['search_word']) < 3) {
return $this->message('Search', 'You cannot search on a word smaller than 3 letters.');
}
$search_query = $this->build_word_query($this->post['search_word']);
if ($this->user['user_level'] >= USER_CONTRIBUTOR) {
$result = $this->db->dbquery('SELECT p.post_id, p.post_subject, p.post_summary, p.post_date, p.post_user, u.user_name FROM %pblogposts p
LEFT JOIN %pusers u ON u.user_id=p.post_user
WHERE ' . $search_query . ' ORDER BY p.post_date DESC');
} elseif ($this->user['user_level'] > USER_GUEST) {
$result = $this->db->dbquery('SELECT p.post_id, p.post_subject, p.post_summary, p.post_date, p.post_user, u.user_name FROM %pblogposts p
LEFT JOIN %pusers u ON u.user_id=p.post_user
WHERE ' . $search_query . ' AND (post_flags & %d) ORDER BY p.post_date DESC', POST_PUBLISHED);
} else {
$result = $this->db->dbquery('SELECT p.post_id, p.post_subject, p.post_summary, p.post_date, p.post_user, u.user_name FROM %pblogposts p
LEFT JOIN %pusers u ON u.user_id=p.post_user
WHERE ' . $search_query . ' AND (post_flags & %d) AND !(post_flags & %d) ORDER BY p.post_date DESC', POST_PUBLISHED, POST_MEMBERSONLY);
}
if (!$result) {
return $this->message('Search', "No results matching: {$this->post['search_word']}");
}
$content = null;
$count = 0;
$xtpl = new XTemplate('./skins/' . $this->skin . '/search.xtpl');
while ($item = $this->db->assoc($result)) {
if ($this->settings['friendly_urls']) {
$item_link = $this->clean_url($item['post_subject']) . "-{$item['post_id']}.html";
} else {
$item_link = "index.php?a=blog&p={$item['post_id']}";
}
$xtpl->assign('item_link', $item_link);
$xtpl->assign('date', date($this->settings['blog_dateformat'], $item['post_date']));
$count++;
$xtpl->assign('subject', htmlspecialchars($item['post_subject']));
$xtpl->assign('summary', htmlspecialchars($item['post_summary']));
$xtpl->assign('user_name', htmlspecialchars($item['user_name']));
$xtpl->parse('Search.Result');
}
if ($count == 0) {
$xtpl->assign('content', "No results matching: {$this->post['search_word']}");
}
$xtpl->assign('search_word', htmlspecialchars($this->post['search_word']));
$xtpl->assign('count', $count);
$xtpl->assign('posts', $count > 1 ? 'blog entries' : 'blog entry');
$SideBar = new sidebar($this);
$xtpl->assign('sidebar', $SideBar->build_sidebar());
$xtpl->parse('Search');
return $xtpl->text('Search');
}
