function forum_search($forum_search, $page, $sort_by, $sort_dir)
{
if (!($db = db::get())) {
return false;
}
if (!is_numeric($page)) {
return false;
}
$offset = calculate_page_offset($page, 10);
$sort_by_array = array('FORUM_NAME', 'FORUM_DESC', 'LAST_VISIT');
$sort_dir_array = array('ASC', 'DESC');
if (!in_array($sort_by, $sort_by_array)) {
$sort_by = 'LAST_VISIT';
}
if (!in_array($sort_dir, $sort_dir_array)) {
$sort_dir = 'DESC';
}
if (($uid = session::get_value('UID')) === false) {
return false;
}
if (strlen(trim($forum_search)) == 0) {
return false;
}
$forums_array = array();
$forum_search_array = explode(";", $forum_search);
$forum_search_array = array_map('forum_search_array_clean', $forum_search_array);
$forum_search_webtag = implode("%' OR FORUMS.WEBTAG LIKE '%", $forum_search_array);
$forum_search_svalue = implode("%' OR FORUM_SETTINGS.SVALUE LIKE '%", $forum_search_array);
$sql = "SELECT SQL_CALC_FOUND_ROWS CONCAT(FORUMS.DATABASE_NAME, '`.`', FORUMS.WEBTAG, '_') AS PREFIX, ";
$sql .= "FORUM_SETTINGS_NAME.SVALUE AS FORUM_NAME, FORUM_SETTINGS_DESC.SVALUE AS FORUM_DESC, ";
$sql .= "FORUMS.FID, FORUMS.WEBTAG, FORUMS.ACCESS_LEVEL, USER_FORUM.INTEREST FROM FORUMS ";
$sql .= "LEFT JOIN FORUM_SETTINGS FORUM_SETTINGS ON (FORUM_SETTINGS.FID = FORUMS.FID) ";
$sql .= "LEFT JOIN FORUM_SETTINGS FORUM_SETTINGS_NAME ON (FORUM_SETTINGS_NAME.FID = FORUMS.FID AND FORUM_SETTINGS_NAME.SNAME = 'forum_name') ";
$sql .= "LEFT JOIN FORUM_SETTINGS FORUM_SETTINGS_DESC ON (FORUM_SETTINGS_DESC.FID = FORUMS.FID AND FORUM_SETTINGS_DESC.SNAME = 'forum_desc') ";
$sql .= "LEFT JOIN USER_FORUM ON (USER_FORUM.FID = FORUMS.FID AND USER_FORUM.UID = '{$uid}') ";
$sql .= "WHERE FORUMS.ACCESS_LEVEL > -1 AND (FORUMS.WEBTAG LIKE ";
$sql .= "'%{$forum_search_webtag}%' OR FORUM_SETTINGS.SVALUE LIKE ";
$sql .= "'%{$forum_search_svalue}%') GROUP BY FORUMS.FID ";
$sql .= "ORDER BY {$sort_by} {$sort_dir} LIMIT {$offset}, 10";
if (!($result_forums = $db->query($sql))) {
return false;
}
// Fetch the number of total results
$sql = "SELECT FOUND_ROWS() AS ROW_COUNT";
if (!($result_count = $db->query($sql))) {
return false;
}
list($forums_count) = $result_count->fetch_row();
if ($result->num_rows == 0 && $forums_count > 0 && $page > 1) {
return forum_search($forum_search, $page - 1, $sort_by, $sort_dir);
}
while ($forum_data = $result_forums->fetch_assoc()) {
$forum_fid = $forum_data['FID'];
// Check the forum name is set. If it isn't set it to 'A Beehive Forum'
if (!isset($forum_data['FORUM_NAME']) || strlen(trim($forum_data['FORUM_NAME'])) < 1) {
$forum_data['FORUM_NAME'] = "A Beehive Forum";
}
// Check the forum description is set.
if (!isset($forum_data['FORUM_DESC']) || strlen(trim($forum_data['FORUM_DESC'])) < 1) {
$forum_data['FORUM_DESC'] = "";
}
// Check the LAST_VISIT column to make sure its OK.
if (!isset($forum_data['LAST_VISIT']) || is_null($forum_data['LAST_VISIT'])) {
$forum_data['LAST_VISIT'] = 0;
}
// Unread cut-off stamp.
$unread_cutoff_datetime = forum_get_unread_cutoff_datetime();
// Get available folders for queries below
$folders = folder_get_available_by_forum($forum_fid);
// Get any unread messages
if ($unread_cutoff_datetime !== false) {
$sql = "SELECT SUM(THREAD.LENGTH) - SUM(COALESCE(USER_THREAD.LAST_READ, 0)) AS UNREAD_MESSAGES ";
$sql .= "FROM `{$forum_data['PREFIX']}THREAD` THREAD LEFT JOIN `{$forum_data['PREFIX']}USER_THREAD` USER_THREAD ";
$sql .= "ON (USER_THREAD.TID = THREAD.TID AND USER_THREAD.UID = '{$uid}') WHERE THREAD.FID IN ({$folders}) ";
$sql .= "AND (THREAD.MODIFIED > CAST('{$unread_cutoff_datetime}' AS DATETIME)) ";
if (!($result_unread_count = $db->query($sql))) {
return false;
}
list($unread_messages) = $result_unread_count->fetch_row();
$forum_data['UNREAD_MESSAGES'] = $unread_messages;
} else {
$forum_data['UNREAD_MESSAGES'] = 0;
}
// Total number of messages
$sql = "SELECT SUM(THREAD.LENGTH) AS NUM_MESSAGES FROM `{$forum_data['PREFIX']}THREAD` THREAD ";
$sql .= "WHERE THREAD.FID IN ({$folders}) ";
if (!($result_messages_count = $db->query($sql))) {
return false;
}
$num_messages_data = $result_messages_count->fetch_assoc();
if (!isset($num_messages_data['NUM_MESSAGES']) || is_null($num_messages_data['NUM_MESSAGES'])) {
$forum_data['NUM_MESSAGES'] = 0;
} else {
$forum_data['NUM_MESSAGES'] = $num_messages_data['NUM_MESSAGES'];
}
// Get unread to me message count
$sql = "SELECT COUNT(POST.PID) AS UNREAD_TO_ME ";
$sql .= "FROM `{$forum_data['PREFIX']}THREAD` THREAD ";
$sql .= "LEFT JOIN `{$forum_data['PREFIX']}POST` POST ";
$sql .= "ON (POST.TID = THREAD.TID) WHERE THREAD.FID IN ({$folders}) ";
$sql .= "AND POST.TO_UID = '{$uid}' AND POST.VIEWED IS NULL ";
if (!($result_unread_to_me = $db->query($sql))) {
return false;
}
$forum_unread_post_data = $result_unread_to_me->fetch_assoc();
if (!isset($forum_unread_post_data['UNREAD_TO_ME']) || is_null($forum_unread_post_data['UNREAD_TO_ME'])) {
$forum_data['UNREAD_TO_ME'] = 0;
} else {
$forum_data['UNREAD_TO_ME'] = $forum_unread_post_data['UNREAD_TO_ME'];
}
// Sometimes the USER_THREAD table might have a higher count that the thread
// length due to table corruption. I've only seen this on the SF provided
// webspace but none the less we do this check here anyway.
if ($forum_data['NUM_MESSAGES'] < 0) {
$forum_data['NUM_MESSAGES'] = 0;
}
if ($forum_data['UNREAD_MESSAGES'] < 0) {
$forum_data['UNREAD_MESSAGES'] = 0;
}
if ($forum_data['UNREAD_TO_ME'] < 0) {
$forum_data['UNREAD_TO_ME'] = 0;
}
$forums_array[] = $forum_data;
}
return array('forums_array' => $forums_array, 'forums_count' => $forums_count);
}
// Breadcrumbs
if (api_is_in_gradebook()) {
$interbreadcrumb[] = array('url' => api_get_path(WEB_CODE_PATH) . 'gradebook/index.php?' . api_get_cidreq(), 'name' => get_lang('ToolGradebook'));
}
$groupId = api_get_group_id();
if ($origin == 'group') {
$group_properties = GroupManager::get_group_properties($groupId);
$interbreadcrumb[] = array('url' => '../group/group.php?' . api_get_cidreq(), 'name' => get_lang('Groups'));
$interbreadcrumb[] = array('url' => '../group/group_space.php?' . api_get_cidreq(), 'name' => get_lang('GroupSpace') . ' (' . $group_properties['name'] . ')');
$interbreadcrumb[] = array('url' => 'viewforum.php?origin=' . $origin . '&forum=' . intval($_GET['forum']) . '&' . api_get_cidreq(), 'name' => prepare4display($current_forum['forum_title']));
$interbreadcrumb[] = array('url' => 'forumsearch.php?' . api_get_cidreq(), 'name' => get_lang('ForumSearch'));
} else {
$interbreadcrumb[] = array('url' => 'index.php?' . api_get_cidreq(), 'name' => $nameTools);
$nameTools = get_lang('ForumSearch');
}
// Display the header.
if ($origin == 'learnpath') {
Display::display_reduced_header();
} else {
Display::display_header($nameTools);
}
// Tool introduction
Display::display_introduction_section(TOOL_FORUM);
// Tracking
Event::event_access_tool(TOOL_FORUM);
// Forum search
forum_search();
// Footer
if ($origin != 'learnpath') {
Display::display_footer();
}
function forum_search($forum_search, $offset)
{
if (!($db_forum_search = db_connect())) {
return false;
}
if (!is_numeric($offset)) {
return false;
}
if (($uid = bh_session_get_value('UID')) === false) {
return false;
}
$lang = load_language_file();
// Array to hold our forums in.
$forums_array = array();
if (strlen(trim($forum_search)) > 0) {
$forum_search_array = explode(";", $forum_search);
$forum_search_array = array_map('forum_search_array_clean', $forum_search_array);
$forum_search_webtag = implode("%' OR FORUMS.WEBTAG LIKE '%", $forum_search_array);
$forum_search_svalue = implode("%' OR FORUM_SETTINGS.SVALUE LIKE '%", $forum_search_array);
$sql = "SELECT SQL_CALC_FOUND_ROWS CONCAT(FORUMS.DATABASE_NAME, '.', FORUMS.WEBTAG, '_') AS PREFIX, ";
$sql .= "FORUMS.FID, FORUMS.ACCESS_LEVEL, USER_FORUM.INTEREST FROM FORUM_SETTINGS ";
$sql .= "LEFT JOIN USER_FORUM ON (USER_FORUM.FID = FORUM_SETTINGS.FID ";
$sql .= "AND USER_FORUM.UID = '{$uid}') LEFT JOIN FORUMS ON (FORUMS.FID = FORUM_SETTINGS.FID) ";
$sql .= "WHERE FORUMS.ACCESS_LEVEL > -1 AND (FORUMS.WEBTAG LIKE ";
$sql .= "'%{$forum_search_webtag}%' OR FORUM_SETTINGS.SVALUE LIKE ";
$sql .= "'%{$forum_search_svalue}%') GROUP BY FORUMS.FID ";
$sql .= "LIMIT {$offset}, 10";
if (!($result_forums = db_query($sql, $db_forum_search))) {
return false;
}
// Fetch the number of total results
$sql = "SELECT FOUND_ROWS() AS ROW_COUNT";
if (!($result_count = db_query($sql, $db_forum_search))) {
return false;
}
list($forums_count) = db_fetch_array($result_count, DB_RESULT_NUM);
if (db_num_rows($result_forums) > 0) {
while ($forum_data = db_fetch_array($result_forums)) {
$forum_fid = $forum_data['FID'];
$forum_settings = forum_get_settings_by_fid($forum_fid);
foreach ($forum_settings as $key => $value) {
if (!isset($forum_data[strtoupper($key)])) {
$forum_data[strtoupper($key)] = $value;
}
}
// Check the forum name is set. If it isn't set it to 'A Beehive Forum'
if (!isset($forum_data['FORUM_NAME']) || strlen(trim($forum_data['FORUM_NAME'])) < 1) {
$forum_data['FORUM_NAME'] = "A Beehive Forum";
}
// Check the forum description variable is set.
if (!isset($forum_data['FORUM_DESC'])) {
$forum_data['FORUM_DESC'] = "";
}
// Unread cut-off stamp.
$unread_cutoff_stamp = forum_process_unread_cutoff($forum_settings);
// Get available folders for queries below
$folders = folder_get_available_by_forum($forum_fid);
// User relationship constants
$user_ignored = USER_IGNORED;
$user_ignored_completely = USER_IGNORED_COMPLETELY;
// Get any unread messages
if (is_numeric($unread_cutoff_stamp) && $unread_cutoff_stamp !== false) {
$sql = "SELECT SUM(THREAD.LENGTH) - SUM(COALESCE(USER_THREAD.LAST_READ, 0)) ";
$sql .= "AS UNREAD_MESSAGES FROM {$forum_data['PREFIX']}THREAD THREAD ";
$sql .= "LEFT JOIN {$forum_data['PREFIX']}USER_THREAD USER_THREAD ";
$sql .= "ON (USER_THREAD.TID = THREAD.TID AND USER_THREAD.UID = '{$uid}') ";
$sql .= "WHERE THREAD.FID IN ({$folders}) ";
$sql .= "AND (THREAD.MODIFIED > FROM_UNIXTIME(UNIX_TIMESTAMP(NOW()) - ";
$sql .= "{$unread_cutoff_stamp}) OR {$unread_cutoff_stamp} = 0) ";
if (!($result_unread_count = db_query($sql, $db_forum_search))) {
return false;
}
list($unread_messages) = db_fetch_array($result_unread_count, DB_RESULT_NUM);
$forum_data['UNREAD_MESSAGES'] = $unread_messages;
} else {
$forum_data['UNREAD_MESSAGES'] = 0;
}
// Total number of messages
$sql = "SELECT SUM(THREAD.LENGTH) AS NUM_MESSAGES ";
$sql .= "FROM {$forum_data['PREFIX']}THREAD THREAD ";
$sql .= "WHERE THREAD.FID IN ({$folders}) ";
if (!($result_messages_count = db_query($sql, $db_forum_search))) {
return false;
}
$num_messages_data = db_fetch_array($result_messages_count);
if (!isset($num_messages_data['NUM_MESSAGES']) || is_null($num_messages_data['NUM_MESSAGES'])) {
$forum_data['NUM_MESSAGES'] = 0;
} else {
$forum_data['NUM_MESSAGES'] = $num_messages_data['NUM_MESSAGES'];
}
// Get unread to me message count
$sql = "SELECT COUNT(POST.PID) AS UNREAD_TO_ME ";
$sql .= "FROM {$forum_data['PREFIX']}THREAD THREAD ";
$sql .= "LEFT JOIN {$forum_data['PREFIX']}POST POST ";
$sql .= "ON (POST.TID = THREAD.TID) WHERE THREAD.FID IN ({$folders}) ";
$sql .= "AND POST.TO_UID = '{$uid}' AND POST.VIEWED IS NULL ";
if (!($result_unread_to_me = db_query($sql, $db_forum_search))) {
return false;
}
$post_count_data = db_fetch_array($result_unread_to_me);
if (!isset($post_count_data['UNREAD_TO_ME']) || is_null($post_count_data['UNREAD_TO_ME'])) {
$forum_data['UNREAD_TO_ME'] = 0;
} else {
$forum_data['UNREAD_TO_ME'] = $post_count_data['UNREAD_TO_ME'];
}
// Sometimes the USER_THREAD table might have a higher count that the thread
// length due to table corruption. I've only seen this on the SF provided
// webspace but none the less we do this check here anyway.
if ($forum_data['NUM_MESSAGES'] < 0) {
$forum_data['NUM_MESSAGES'] = 0;
}
if ($forum_data['UNREAD_MESSAGES'] < 0) {
$forum_data['UNREAD_MESSAGES'] = 0;
}
if ($forum_data['UNREAD_TO_ME'] < 0) {
$forum_data['UNREAD_TO_ME'] = 0;
}
// Get Last Visited
$sql = "SELECT UNIX_TIMESTAMP(LAST_VISIT) AS LAST_VISIT FROM USER_FORUM ";
$sql .= "WHERE UID = '{$uid}' AND FID = '{$forum_fid}' ";
$sql .= "AND LAST_VISIT IS NOT NULL AND LAST_VISIT > 0";
if (!($result_last_visit = db_query($sql, $db_forum_search))) {
return false;
}
$user_last_visit_data = db_fetch_array($result_last_visit);
if (!isset($user_last_visit_data['LAST_VISIT']) || is_null($user_last_visit_data['LAST_VISIT'])) {
$forum_data['LAST_VISIT'] = 0;
} else {
$forum_data['LAST_VISIT'] = $user_last_visit_data['LAST_VISIT'];
}
$forums_array[] = $forum_data;
}
} else {
if ($forums_count > 0) {
$offset = floor(($forums_count - 1) / 10) * 10;
return forum_search($forum_search, $offset);
}
}
}
return array('forums_array' => $forums_array, 'forums_count' => $forums_count);
}
$xoopsTpl->append('results', array('forum_name' => $myts->htmlSpecialChars($row['forum_name']), 'forum_link' => $row['forum_link'], 'link' => $row['link'], 'title' => $row['title'], 'poster' => $row['poster'], 'post_time' => formatTimestamp($row['time'], "m")));
}
unset($results);
if(count($next_search)>0){
$items = array();
foreach($next_search as $para => $val){
if(!empty($val)) $items[] = "$para=$val";
}
if(count($items)>0) $paras = implode("&",$items);
unset($next_search);
unset($items);
}
$search_url = XOOPS_URL.'/modules/'.$xoopsModule->getVar('dirname')."/search.php?".$paras;
$next_results = forum_search($queries, $andor, 1, $start + $limit, $uid, $xforum, $sortby, $searchin, $subquery);
$next_count = count($next_results);
$has_next = false;
if (is_array($next_results) && $next_count >0) {
$has_next = true;
}
if (false != $has_next) {
$next = $start + $limit;
$queries = implode(',',$queries);
$search_url_next = $search_url."&start=$next";
$search_next = '<a href="'.htmlspecialchars($search_url_next).'">'._SR_NEXT.'</a>';
$xoopsTpl->assign("search_next", $search_next);
}
if ( $start > 0 ) {
$prev = $start - $limit;
$search_url_prev = $search_url."&start=$prev";
function forum_search($id)
{
global $db;
if ($id) {
$sql = 'SELECT `tID`, `bID`, `comID`, com.userID, `postname`, `adatum`, `comment`, u1.username,
`edits`, `editdatum`, `edituserID`, com.IP, `attachs`, `datum`,
`threadname`, `vonID`, `vonname`, `views`, c.posts, `lastuserID`,
`lastusername`, `lastreplay`, `sticky`, c.closed, `fsurveyID`,
`anhaenge`, `rating`, `ratingvotes`, a.boardparentID,
a.name, a.rightsread, b.rightsread as parentRead, b.name as boardparentname,
u1.sex, u1.signatur, u1.country, comments, money, u1.avatar, u2.username as editfrom, lastklick as online
FROM ' . DB_PRE . 'ecp_forum_comments as com
LEFT JOIN ' . DB_PRE . 'ecp_user as u1 ON (com.userID = u1.ID)
LEFT JOIN ' . DB_PRE . 'ecp_user as u2 ON (com.edituserID = u2.ID)
LEFT JOIN ' . DB_PRE . 'ecp_user_stats ON (com.userID = ' . DB_PRE . 'ecp_user_stats.userID)
LEFT JOIN ' . DB_PRE . 'ecp_online ON (uID = com.userID AND lastklick > ' . (time() - SHOW_USER_ONLINE) . ')
LEFT JOIN ' . DB_PRE . 'ecp_forum_threads AS c ON (tID = threadID)
LEFT JOIN ' . DB_PRE . 'ecp_forum_boards AS a ON (a.boardID = bID)
LEFT JOIN ' . DB_PRE . 'ecp_forum_boards AS b ON (a.boardparentID = b.boardID)
WHERE (a.rightsread = "" OR ' . str_replace('access', 'a.rightsread', $_SESSION['access_search']) . ') AND (a.boardparentID = 0 OR b.rightsread = "" OR ' . str_replace('access', 'b.rightsread', $_SESSION['access_search']) . ')
AND com.userID = ' . $id . ' GROUP BY comID';
$db->query($sql);
if ($db->num_rows()) {
if ($db->query(sprintf('INSERT INTO ' . DB_PRE . 'ecp_forum_search
(`userID`, `IP`, `SID`, `datum`, `stichwort`, `suchart`, `fromusername`,
`usersuchart`, `foren`, `alterart`, `altervalue`, `sortart`, `sortorder`, `sqlquery`, viewas) VALUES (
%d, \'%s\', \'%s\', %d, \'%s\', %d, \'%s\', %d, \'%s\', \'%s\', %d, \'%s\', \'%s\', \'%s\', \'%s\' )', @$_SESSION['userID'], strsave($_SERVER['REMOTE_ADDR']), session_id(), time(), '', 1, $db->result(DB_PRE . 'ecp_user', 'username', 'ID =' . $id), 1, '', '=>', 0, 'adatum', 'DESC', strsave($sql), 'comments'))) {
header1('?section=forum&action=searchresults&id=' . $db->last_id());
}
} else {
table(ERROR, FORUM_SEARCH_NO_RESULTS);
unset($_POST['submit']);
forum_search(0);
}
} else {
if (isset($_POST['submit'])) {
$_POST['username'] = str_replace(array('&feld&', '&feld2&'), '', $_POST['username']);
$_POST['stichwort'] = str_replace(array('&feld&', '&feld2&'), '', $_POST['stichwort']);
if ($_POST['stichwort'] == '' and $_POST['username'] == '') {
table(ERROR, NOT_NEED_ALL_INPUTS);
unset($_POST['submit']);
forum_search(0);
} else {
if (strlen($_POST['stichwort']) < 3 and $_POST['username'] == '') {
table(ERROR, FORUM_SEARCH_MIN_3_CHARS);
unset($_POST['submit']);
forum_search(0);
} else {
if (count(@$_POST['foren'])) {
foreach ($_POST['foren'] as $value) {
@($boards .= ' OR a.boardID = ' . (int) $value . ' OR a.boardparentID = ' . (int) $value);
}
$boardids .= ',' . (int) $value;
$boards = '(' . substr($boards, 4) . ') AND ';
}
@($boards .= '(a.rightsread = "" OR ' . str_replace('access', 'a.rightsread', $_SESSION['access_search']) . ') AND (a.boardparentID = 0 OR b.rightsread = "" OR ' . str_replace('access', 'b.rightsread', $_SESSION['access_search']) . ') AND');
$_POST['alterart'] == '>=' ? '' : ($_POST['alterart'] = '<=');
$_POST['sortorder'] == 'DESC' ? '' : ($_POST['sortorder'] = 'ASC');
switch ($_POST['sortart']) {
case 'adatum':
break;
case 'threadname':
break;
case 'posts':
$_POST['sortart'] = 'c.posts';
break;
case 'views':
break;
case 'datum':
break;
case 'name':
break;
case 'rating':
break;
default:
$_POST['sortart'] = 'adatum';
}
if ($_POST['altervalue'] >= 1 and $_POST['suchart'] == 1) {
$addsearch = ' AND adatum ' . $_POST['alterart'] . ' ';
$addsearch .= time() - (int) $_POST['altervalue'] * 86400;
} else {
if ($_POST['altervalue'] >= 1) {
$addsearch = ' AND datum ' . $_POST['alterart'] . ' ';
$addsearch .= time() - (int) $_POST['altervalue'] * 86400;
}
}
if ($_POST['username'] == '') {
if (strpos($_POST['stichwort'], ' AND ')) {
foreach (explode(' AND ', $_POST['stichwort']) as $value) {
@($suchstring .= ' AND &feld& LIKE \'%' . mysql_real_escape_string($value) . '%\'');
}
$suchstring = '(' . substr($suchstring, 5) . ')';
} elseif (strpos($_POST['stichwort'], ' OR ')) {
foreach (explode(' OR ', $_POST['stichwort']) as $value) {
@($suchstring .= ' OR &feld& LIKE \'%' . mysql_real_escape_string($value) . '%\'');
}
$suchstring = '(' . substr($suchstring, 4) . ')';
} else {
foreach (explode(' ', $_POST['stichwort']) as $value) {
if ($value != '') {
@($suchstring .= ' OR &feld& LIKE \'%' . mysql_real_escape_string($value) . '%\'');
}
}
$suchstring = '(' . substr($suchstring, 4) . ')';
}
} else {
if (strpos($_POST['username'], ' AND ')) {
foreach (explode(' AND ', $_POST['stichwort']) as $value) {
@($suchstring .= ' AND (&feld& LIKE \'%' . mysql_real_escape_string($value) . '%\' OR &feld2& LIKE \'%' . mysql_real_escape_string($value) . '%\') ');
}
$suchstring = '(' . substr($suchstring, 5) . ')';
} elseif (strpos($_POST['username'], ' OR ')) {
foreach (explode(' OR ', $_POST['stichwort']) as $value) {
@($suchstring .= ' OR &feld& LIKE \'%' . mysql_real_escape_string($value) . '%\' OR &feld2& LIKE \'%' . mysql_real_escape_string($value) . '%\'');
}
$suchstring = '(' . substr($suchstring, 4) . ')';
} else {
foreach (explode(' ', $_POST['username']) as $value) {
if ($value != '') {
@($suchstring .= ' OR &feld& LIKE \'%' . mysql_real_escape_string($value) . '%\' OR &feld2& LIKE \'%' . mysql_real_escape_string($value) . '%\'');
}
}
$suchstring = '(' . substr($suchstring, 4) . ')';
}
}
if ($_POST['suchart'] == 1 and $_POST['username'] == '' and $_POST['viewas'] == 'comments') {
$suchstring = str_replace('&feld&', 'comment', $suchstring);
$sql = 'SELECT `tID`, `bID`, `comID`, com.userID, `postname`, `adatum`, `comment`, u1.username,
`edits`, `editdatum`, `edituserID`, com.IP, `attachs`, `datum`,
`threadname`, `vonID`, `vonname`, `views`, c.posts, `lastuserID`,
`lastusername`, `lastreplay`, `sticky`, c.closed, `fsurveyID`,
`anhaenge`, `rating`, `ratingvotes`, a.boardparentID,
a.name, a.rightsread, b.rightsread as parentRead, b.name as boardparentname,
u1.sex, u1.signatur, u1.country, comments, money, u1.avatar, u2.username as editfrom, lastklick as online
FROM ' . DB_PRE . 'ecp_forum_comments as com
LEFT JOIN ' . DB_PRE . 'ecp_user as u1 ON (com.userID = u1.ID)
LEFT JOIN ' . DB_PRE . 'ecp_user as u2 ON (com.edituserID = u2.ID)
LEFT JOIN ' . DB_PRE . 'ecp_user_stats ON (com.userID = ' . DB_PRE . 'ecp_user_stats.userID)
LEFT JOIN ' . DB_PRE . 'ecp_online ON (uID = com.userID AND lastklick > ' . (time() - SHOW_USER_ONLINE) . ')
LEFT JOIN ' . DB_PRE . 'ecp_forum_threads AS c ON (tID = threadID)
LEFT JOIN ' . DB_PRE . 'ecp_forum_boards AS a ON (a.boardID = bID)
LEFT JOIN ' . DB_PRE . 'ecp_forum_boards AS b ON (a.boardparentID = b.boardID)
WHERE ' . @$boards . $suchstring . @$addsearch . ' GROUP BY comID';
} elseif ($_POST['suchart'] == 1 and $_POST['username'] == '' and $_POST['viewas'] == 'topic') {
$suchstring = str_replace('&feld&', 'comment', $suchstring);
$sql = 'SELECT `threadID`, `bID`, `datum`, `threadname`, `vonID`, `vonname`, `views`, c.posts, `lastuserID`, u1.username, u2.username as lastuserIDname,
`lastusername`, `lastreplay`, `sticky`, c.closed, `fsurveyID`,
`anhaenge`, `rating`, `ratingvotes`, a.boardparentID,
a.name, a.rightsread, b.rightsread as parentRead, b.name as boardparentname
FROM ' . DB_PRE . 'ecp_forum_comments
LEFT JOIN ' . DB_PRE . 'ecp_forum_threads AS c ON (tID = threadID)
LEFT JOIN ' . DB_PRE . 'ecp_user as u1 ON (vonID = u1.ID)
LEFT JOIN ' . DB_PRE . 'ecp_user as u2 ON (lastuserID = u2.ID)
LEFT JOIN ' . DB_PRE . 'ecp_forum_boards AS a ON (a.boardID = bID)
LEFT JOIN ' . DB_PRE . 'ecp_forum_boards AS b ON (a.boardparentID = b.boardID)
WHERE ' . @$boards . $suchstring . @$addsearch . ' GROUP BY threadID ';
} elseif ($_POST['username'] == '') {
$suchstring = str_replace('&feld&', 'threadname', $suchstring);
$sql = 'SELECT `threadID`, `bID`, `datum`, `threadname`, `vonID`, `vonname`, `views`, c.posts, `lastuserID`, u1.username, u2.username as lastuserIDname,
`lastusername`, `lastreplay`, `sticky`, c.closed, `fsurveyID`,
`anhaenge`, `rating`, `ratingvotes`, a.boardparentID,
a.name, a.rightsread, b.rightsread as parentRead, b.name as boardparentname
FROM ' . DB_PRE . 'ecp_forum_threads AS c
LEFT JOIN ' . DB_PRE . 'ecp_user as u1 ON (vonID = u1.ID)
LEFT JOIN ' . DB_PRE . 'ecp_user as u2 ON (lastuserID = u2.ID)
LEFT JOIN ' . DB_PRE . 'ecp_forum_boards AS a ON (a.boardID = bID)
LEFT JOIN ' . DB_PRE . 'ecp_forum_boards AS b ON (a.boardparentID = b.boardID)
WHERE ' . @$boards . $suchstring . @$addsearch . ' GROUP BY threadID';
}
if ($_POST['usersuchart'] == 1 and $_POST['username'] != '') {
$suchstring = str_replace(array('&feld&', '&feld2&'), array('u1.username', 'postname'), $suchstring);
$sql = 'SELECT `tID`, `bID`, `comID`, com.userID, `postname`, `adatum`, `comment`, u1.username,
`edits`, `editdatum`, `edituserID`, com.IP, `attachs`, `datum`,
`threadname`, `vonID`, `vonname`, `views`, c.posts, `lastuserID`,
`lastusername`, `lastreplay`, `sticky`, c.closed, `fsurveyID`,
`anhaenge`, `rating`, `ratingvotes`, a.boardparentID,
a.name, a.rightsread, b.rightsread as parentRead, b.name as boardparentname,
u1.sex, u1.signatur, u1.country, comments, money, u1.avatar, u2.username as editfrom, lastklick as online
FROM ' . DB_PRE . 'ecp_forum_comments as com
LEFT JOIN ' . DB_PRE . 'ecp_user as u1 ON (com.userID = u1.ID)
LEFT JOIN ' . DB_PRE . 'ecp_user as u2 ON (com.edituserID = u2.ID)
LEFT JOIN ' . DB_PRE . 'ecp_user_stats ON (com.userID = ' . DB_PRE . 'ecp_user_stats.userID)
LEFT JOIN ' . DB_PRE . 'ecp_online ON (uID = com.userID AND lastklick > ' . (time() - SHOW_USER_ONLINE) . ')
LEFT JOIN ' . DB_PRE . 'ecp_forum_threads AS c ON (tID = threadID)
LEFT JOIN ' . DB_PRE . 'ecp_forum_boards AS a ON (a.boardID = bID)
LEFT JOIN ' . DB_PRE . 'ecp_forum_boards AS b ON (a.boardparentID = b.boardID)
WHERE ' . @$boards . $suchstring . @$addsearch . ' GROUP BY comID';
} elseif ($_POST['username'] != '') {
$suchstring = str_replace(array('&feld&', '&feld2&'), array('u1.username', 'vonname'), $suchstring);
$sql = 'SELECT `threadID`, `bID`, `datum`, `threadname`, `vonID`, `vonname`, `views`, c.posts, `lastuserID`, u1.username, u2.username as lastuserIDname,
`lastusername`, `lastreplay`, `sticky`, c.closed, `fsurveyID`,
`anhaenge`, `rating`, `ratingvotes`, a.boardparentID,
a.name, a.rightsread, b.rightsread as parentRead, b.name as boardparentname
FROM ' . DB_PRE . 'ecp_forum_threads AS c
LEFT JOIN ' . DB_PRE . 'ecp_user as u1 ON (vonID = u1.ID)
LEFT JOIN ' . DB_PRE . 'ecp_user as u2 ON (lastuserID = u2.ID)
LEFT JOIN ' . DB_PRE . 'ecp_forum_boards AS a ON (a.boardID = bID)
LEFT JOIN ' . DB_PRE . 'ecp_forum_boards AS b ON (a.boardparentID = b.boardID)
WHERE ' . @$boards . $suchstring . @$addsearch . ' GROUP BY threadID';
}
$db->query($sql);
if ($db->num_rows()) {
if ($db->query(sprintf('INSERT INTO ' . DB_PRE . 'ecp_forum_search
(`userID`, `IP`, `SID`, `datum`, `stichwort`, `suchart`, `fromusername`,
`usersuchart`, `foren`, `alterart`, `altervalue`, `sortart`, `sortorder`, `sqlquery`, viewas) VALUES (
%d, \'%s\', \'%s\', %d, \'%s\', %d, \'%s\', %d, \'%s\', \'%s\', %d, \'%s\', \'%s\', \'%s\', \'%s\' )', @$_SESSION['userID'], strsave($_SERVER['REMOTE_ADDR']), session_id(), time(), strsave($_POST['stichwort']), (int) $_POST['suchart'], strsave($_POST['username']), (int) $_POST['usersuchart'], strsave(substr(@$boardids, 1)), strsave($_POST['alterart']), (int) $_POST['altervalue'], strsave($_POST['sortart']), strsave($_POST['sortorder']), strsave($sql), $_POST['viewas'] == 'topic' ? 'topic' : 'comments'))) {
header1('?section=forum&action=searchresults&id=' . $db->last_id());
}
} else {
table(ERROR, FORUM_SEARCH_NO_RESULTS);
unset($_POST['submit']);
forum_search(0);
}
}
}
} else {
$tpl = new smarty();
$db->query('SELECT `boardID`, `boardparentID`, `name`, `isforum`
FROM ' . DB_PRE . 'ecp_forum_boards
WHERE rightsread = "" OR ' . str_replace('access', 'rightsread', $_SESSION['access_search']) . '
ORDER BY boardparentID, posi ASC');
$boards = array();
while ($row = $db->fetch_assoc()) {
if ($row['isforum'] == 0 or $row['boardparentID'] == 0) {
$boards[$row['boardID']]['name'] = $row['name'];
$boards[$row['boardID']]['isforum'] = $row['isforum'];
} else {
$boards[$row['boardparentID']]['subs'][$row['boardID']]['name'] = $row['name'];
}
}
$links = '';
foreach ($boards as $key => $value) {
$links .= '<option ' . (@$_GET['boardID'] == $key ? 'selected="selected"' : '') . 'value="' . $key . ($value['isforum'] == 1 ? '' : '_sub') . '">-' . $value['name'] . '</option>';
if (isset($value['subs'])) {
foreach ($value['subs'] as $key1 => $value1) {
$links .= '<option ' . (@$_GET['boardID'] == $key1 ? 'selected="selected"' : '') . 'value="' . $key1 . '">|- ' . $value1['name'] . '</option>';
}
}
}
$tpl->assign('foren', $links);
$tpl->assign('path', '<a href="?section=forum">' . FORUM . '</a> <img src="templates/' . DESIGN . '/images/pfeil_o.gif" alt="" /> ' . SEARCH);
ob_start();
$tpl->display(DESIGN . '/tpl/forum/board_head.html');
$tpl->display(DESIGN . '/tpl/forum/search.html');
echo '</div>';
$content = ob_get_contents();
ob_end_clean();
main_content(FORUM_SEARCH, $content, '', 1);
}
}
}
if (user_set_forum_interest($forum_fid_unignore, FORUM_NOINTEREST)) {
$webtag_search = rawurlencode($webtag_search);
header_redirect("forums.php?webtag={$webtag}&final_uri={$final_uri}&view_type={$view_type}&page={$page}&unignored=true");
exit;
} else {
$error_msg_array[] = gettext("Failed to update forum interest level");
$valid = false;
}
}
}
}
}
if (session::logged_in()) {
if (isset($webtag_search) && strlen($webtag_search) > 0) {
echo "<h1>", gettext("My Forums"), "<img src=\"", html_style_image('separator.png'), "\" alt=\"\" border=\"0\" />", gettext("Search Results"), "</h1>\n";
$forums_array = forum_search($webtag_search, $page, $sort_by, $sort_dir);
if (isset($forums_array['forums_array']) && sizeof($forums_array['forums_array']) < 1) {
html_display_error_msg(gettext("Found: 0 matches"), '70%', 'center');
} else {
echo "<br />\n";
}
echo "<div align=\"center\">\n";
echo "<form accept-charset=\"utf-8\" name=\"prefs\" action=\"forums.php\" method=\"post\" target=\"_self\">\n";
echo " ", form_input_hidden("webtag", htmlentities_array($webtag)), "\n";
echo " ", form_input_hidden("page", htmlentities_array($page)), "\n";
echo " ", form_input_hidden("webtag_search", htmlentities_array($webtag_search)), "\n";
echo " ", form_input_hidden("view_type", htmlentities_array($view_type)), "\n";
echo " ", form_input_hidden("sort_by", htmlentities_array($sort_by)), "\n";
echo " ", form_input_hidden("sort_dir", htmlentities_array($sort_dir)), "\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"70%\">\n";
echo " <tr>\n";
