function pm_search_execute($search_string, &$error) { if (!($db = db::get())) { return false; } if (($uid = session::get_value('UID')) === false) { return false; } $sql = "DELETE QUICK FROM PM_SEARCH_RESULTS WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } if (!check_search_frequency()) { $error = SEARCH_FREQUENCY_TOO_GREAT; return false; } $search_keywords_array = search_extract_keywords($search_string); if ($search_keywords_array['filtered_count'] == 0) { $error = SEARCH_NO_MATCHES; return false; } $search_string_checked = $db->escape(implode(' ', $search_keywords_array['keywords_array'])); $pm_max_user_messages = abs(forum_get_setting('pm_max_user_messages', null, 100)); $limit = $pm_max_user_messages > 1000 ? 1000 : $pm_max_user_messages; $pm_inbox_items = PM_INBOX_ITEMS; $pm_sent_items = PM_SENT_ITEMS; $pm_outbox_items = PM_OUTBOX_ITEMS; $pm_saved_out = PM_SAVED_OUT; $pm_saved_in = PM_SAVED_IN; $pm_draft_items = PM_DRAFT_ITEMS; $sql = "INSERT INTO PM_SEARCH_RESULTS (UID, MID, TYPE, FROM_UID, TO_UID, "; $sql .= "SUBJECT, RECIPIENTS, CREATED) SELECT {$uid}, PM.MID, PM.TYPE, "; $sql .= "PM.FROM_UID, PM.TO_UID, PM.SUBJECT, PM.RECIPIENTS, PM.CREATED "; $sql .= "FROM PM LEFT JOIN PM_CONTENT ON (PM_CONTENT.MID = PM.MID) "; $sql .= "WHERE (((PM.TYPE & {$pm_inbox_items} > 0) AND PM.TO_UID = '{$uid}') "; $sql .= "OR ((PM.TYPE & {$pm_sent_items} > 0) AND PM.FROM_UID = '{$uid}' AND PM.SMID = 0) "; $sql .= "OR ((PM.TYPE & {$pm_outbox_items} > 0) AND PM.FROM_UID = '{$uid}') "; $sql .= "OR ((PM.TYPE = {$pm_saved_out} AND PM.FROM_UID = '{$uid}') OR "; $sql .= "((PM.TYPE & {$pm_saved_in} > 0) AND PM.TO_UID = '{$uid}') OR "; $sql .= "((PM.TYPE & {$pm_draft_items} > 0) AND PM.FROM_UID = '{$uid}'))) "; $sql .= "AND (MATCH(PM_CONTENT.CONTENT) AGAINST('{$search_string_checked}' IN BOOLEAN MODE) "; $sql .= "OR (MATCH(PM.SUBJECT) AGAINST('{$search_string_checked}' IN BOOLEAN MODE))) "; $sql .= "ORDER BY CREATED LIMIT {$limit}"; if (!$db->query($sql)) { return false; } if ($db->affected_rows > 0) { return true; } $error = SEARCH_NO_MATCHES; return false; }
function pm_search_execute($search_string, &$error) { if (!($db = db::get())) { return false; } if (!isset($_SESSION['UID']) || !is_numeric($_SESSION['UID'])) { return false; } $sql = "DELETE QUICK FROM PM_SEARCH_RESULTS WHERE UID = '{$_SESSION['UID']}'"; if (!$db->query($sql)) { return false; } if (!check_search_frequency()) { $error = SEARCH_FREQUENCY_TOO_GREAT; return false; } $search_keywords_array = search_extract_keywords($search_string); if ($search_keywords_array['filtered_count'] == 0) { $error = SEARCH_NO_MATCHES; return false; } $search_string_checked = $db->escape(implode(' ', $search_keywords_array['keywords_array'])); $pm_max_user_messages = abs(forum_get_setting('pm_max_user_messages', null, 100)); $limit = $pm_max_user_messages > 1000 ? 1000 : $pm_max_user_messages; $sql = "INSERT INTO PM_SEARCH_RESULTS (UID, MID, RELEVANCE) SELECT '{$_SESSION['UID']}', PM.MID, "; $sql .= "MATCH(PM_CONTENT.CONTENT, PM.SUBJECT) AGAINST('{$search_string_checked}' IN BOOLEAN MODE) AS RELEVANCE "; $sql .= "FROM PM INNER JOIN PM_TYPE ON (PM_TYPE.MID = PM.MID AND PM_TYPE.UID = {$_SESSION['UID']})"; $sql .= "LEFT JOIN PM_CONTENT ON (PM_CONTENT.MID = PM.MID) WHERE MATCH(PM_CONTENT.CONTENT, PM.SUBJECT) "; $sql .= "AGAINST('{$search_string_checked}' IN BOOLEAN MODE) GROUP BY PM.MID LIMIT {$limit}"; if (!$db->query($sql)) { return false; } if ($db->affected_rows > 0) { return true; } $error = SEARCH_NO_MATCHES; return false; }
function search_execute($search_arguments, &$error) { if (!isset($_SESSION['UID']) || !is_numeric($_SESSION['UID'])) { return false; } // If the user has performed a search within the last x minutes bail out if (!check_search_frequency()) { $error = SEARCH_FREQUENCY_TOO_GREAT; return false; } // Database connection. if (!($db = db::get())) { return false; } // Ensure the date_from argument is set if (!isset($search_arguments['date_from']) || !is_numeric($search_arguments['date_from'])) { $search_arguments['date_from'] = SEARCH_FROM_ONE_MONTH_AGO; } // Ensure the date_to argument is set. if (!isset($search_arguments['date_to']) || !is_numeric($search_arguments['date_to'])) { $search_arguments['date_to'] = SEARCH_TO_TODAY; } // Ensure the sort_by argument is set. if (!isset($search_arguments['sort_by']) || !is_numeric($search_arguments['sort_by'])) { $search_arguments['sort_by'] = SEARCH_SORT_CREATED; } // Ensure the sort_dir argument is set. if (!isset($search_arguments['sort_dir']) || !is_numeric($search_arguments['sort_dir'])) { $search_arguments['sort_dir'] = SEARCH_SORT_DESC; } // Check the sort_dir is valid if (!in_array($search_arguments['sort_dir'], array(SEARCH_SORT_ASC, SEARCH_SORT_DESC))) { $search_arguments['sort_dir'] = SEARCH_SORT_DESC; } // Get available folders $folders_array = folder_get_available_array(); // Check the selected folder is valid if (!isset($search_arguments['fid']) || !in_array($search_arguments['fid'], $folders_array)) { $search_arguments['fid'] = implode(',', $folders_array); } // Username based search. if (isset($search_arguments['username']) && strlen(trim($search_arguments['username'])) > 0) { // Make sure the uid_array key is an empty array. $search_arguments['user_uid_array'] = array(); // Username argument is a comma separated list. $search_arguments['username_array'] = preg_split('/,\\s*/u', trim($search_arguments['username'], ', ')); // Iterate over the provided usernames foreach ($search_arguments['username_array'] as $username) { // Check the username is valid. if (!($user = user_get_by_logon(trim($username)))) { $error = SEARCH_USER_NOT_FOUND; return false; } // Add the user UID to the uid_array $search_arguments['user_uid_array'][] = $user['UID']; } } // Each user can only store one search result so we should // clean up their previous search if applicable. $sql = "DELETE QUICK FROM SEARCH_RESULTS WHERE UID = '{$_SESSION['UID']}'"; if (!$db->query($sql)) { return false; } // Execute search via Swiftsearch, unless we're searching for a tag. if (!isset($search_arguments['search_tag']) && forum_get_setting('sphinx_search_enabled', 'Y')) { return sphinx_search_execute($search_arguments, $error); } // Execute the search with MySQL Fulltext return search_mysql_execute($search_arguments, $error); }