mirror of
https://github.com/phpbb/phpbb.git
synced 2025-05-06 07:35:29 +02:00
- view active topics
- seperated search id (int) from search id (string) for security reasons git-svn-id: file:///svn/phpbb/trunk@5161 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen
parent
2ca7293a68
commit
2e4ea58d28
@ -1956,9 +1956,11 @@ function page_header($page_title = '')
|
||||
'U_SEARCH_SELF' => "{$phpbb_root_path}search.$phpEx$SID&search_id=egosearch",
|
||||
'U_SEARCH_NEW' => "{$phpbb_root_path}search.$phpEx$SID&search_id=newposts",
|
||||
'U_SEARCH_UNANSWERED' => "{$phpbb_root_path}search.$phpEx$SID&search_id=unanswered",
|
||||
'U_SEARCH_ACTIVE_TOPICS'=> "{$phpbb_root_path}search.$phpEx$SID&search_id=active_topics",
|
||||
'U_DELETE_COOKIES' => "{$phpbb_root_path}ucp.$phpEx$SID&mode=delete_cookies",
|
||||
|
||||
'S_USER_LOGGED_IN' => ($user->data['user_id'] != ANONYMOUS) ? true : false,
|
||||
'S_REGISTERED_USER' => $user->data['is_registered'],
|
||||
'S_USER_PM_POPUP' => $user->optionget('popuppm'),
|
||||
'S_USER_LANG' => $user->data['user_lang'],
|
||||
'S_USER_BROWSER' => (isset($user->data['session_browser'])) ? $user->data['session_browser'] : $user->lang['UNKNOWN_BROWSER'],
|
||||
|
||||
@ -333,6 +333,7 @@ $lang += array(
|
||||
'SEARCH' => 'Search',
|
||||
'SEARCHING_FORUMS' => 'Searching forums',
|
||||
'SELECT_DESTINATION_FORUM' => 'Please select a forum for destination',
|
||||
'SEARCH_ACTIVE_TOPICS' => 'View active topics',
|
||||
'SEARCH_FOR' => 'Search for',
|
||||
'SEARCH_NEW' => 'View new posts',
|
||||
'SEARCH_SELF' => 'View your posts',
|
||||
|
||||
@ -27,6 +27,7 @@ $user->setup('search');
|
||||
// Define initial vars
|
||||
$mode = request_var('mode', '');
|
||||
$search_id = request_var('search_id', '');
|
||||
$search_session_id = request_var('search_session_id', 0);
|
||||
$start = request_var('start', 0);
|
||||
$post_id = request_var('p', 0);
|
||||
$view = request_var('view', '');
|
||||
@ -77,7 +78,7 @@ if ($config['search_interval'])
|
||||
}
|
||||
}
|
||||
|
||||
if ($search_keywords || $search_author || $search_id)
|
||||
if ($search_keywords || $search_author || $search_id || $search_session_id)
|
||||
{
|
||||
$post_id_ary = $split_words = $old_split_words = $common_words = array();
|
||||
|
||||
@ -156,6 +157,33 @@ if ($search_keywords || $search_author || $search_id)
|
||||
|
||||
switch ($search_id)
|
||||
{
|
||||
// Oh holy Bob, bring us some activity...
|
||||
case 'active_topics':
|
||||
$show_results = 'topics';
|
||||
|
||||
if (!$sort_days)
|
||||
{
|
||||
$sort_days = 1;
|
||||
gen_sort_selects($limit_days, $sort_by_text, $sort_days, $sort_key, $sort_dir, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param);
|
||||
}
|
||||
|
||||
$last_post_time = (time() - ($sort_days * 24 * 3600));
|
||||
|
||||
$sql = 'SELECT DISTINCT t.topic_id
|
||||
FROM ' . POSTS_TABLE . ' p
|
||||
LEFT JOIN ' . TOPICS_TABLE . " t ON (t.topic_approved = 1 AND p.topic_id = t.topic_id)
|
||||
WHERE p.post_time > $last_post_time
|
||||
$sql_forums
|
||||
ORDER BY t.topic_last_post_time DESC";
|
||||
$result = $db->sql_query_limit($sql, 1000);
|
||||
|
||||
while ($row = $db->sql_fetchrow($result))
|
||||
{
|
||||
$post_id_ary[] = $row['topic_id'];
|
||||
}
|
||||
$db->sql_freeresult($result);
|
||||
break;
|
||||
|
||||
case 'egosearch':
|
||||
break;
|
||||
|
||||
@ -225,13 +253,14 @@ if ($search_keywords || $search_author || $search_id)
|
||||
trigger_error($user->lang['NO_SEARCH_RESULTS']);
|
||||
}
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
default:
|
||||
$search_id = (int) $search_id;
|
||||
|
||||
if ($search_session_id)
|
||||
{
|
||||
$sql = 'SELECT search_array
|
||||
FROM ' . SEARCH_TABLE . "
|
||||
WHERE search_id = $search_id
|
||||
WHERE search_id = $search_session_id
|
||||
AND session_id = '" . $db->sql_escape($user->data['session_id']) . "'";
|
||||
$result = $db->sql_query($sql);
|
||||
|
||||
@ -256,8 +285,8 @@ if ($search_keywords || $search_author || $search_id)
|
||||
}
|
||||
$db->sql_freeresult($result);
|
||||
}
|
||||
}
|
||||
|
||||
// TODO: hook in fulltext_phpbb/mysql
|
||||
|
||||
// Are we looking for words
|
||||
if ($search_keywords)
|
||||
@ -541,8 +570,9 @@ if ($search_keywords || $search_author || $search_id)
|
||||
$db->sql_freeresult($result);
|
||||
}
|
||||
|
||||
$total_match_count = 0;
|
||||
|
||||
if ($post_id_ary)
|
||||
if ($post_id_ary && sizeof($post_id_ary))
|
||||
{
|
||||
// Finish building query (for all combinations) and run it ...
|
||||
$sql = 'SELECT session_id
|
||||
@ -580,10 +610,10 @@ if ($search_keywords || $search_author || $search_id)
|
||||
unset($post_id_ary);
|
||||
|
||||
srand ((double) microtime() * 1000000);
|
||||
$search_id = rand();
|
||||
$search_session_id = rand();
|
||||
|
||||
$sql_ary = array(
|
||||
'search_id' => $search_id,
|
||||
'search_id' => $search_session_id,
|
||||
'session_id' => $user->data['session_id'],
|
||||
'search_time' => $current_time,
|
||||
'search_array' => $data
|
||||
@ -622,13 +652,14 @@ if ($search_keywords || $search_author || $search_id)
|
||||
'SEARCH_MATCHES' => $l_search_matches,
|
||||
'SEARCH_WORDS' => $split_words,
|
||||
'IGNORED_WORDS' => ($ignored_words) ? $ignored_words : '',
|
||||
'PAGINATION' => generate_pagination("search.$phpEx$SID&search_id=$search_id&hilit=$hilit&$u_sort_param", $total_match_count, $per_page, $start),
|
||||
'PAGINATION' => generate_pagination("search.$phpEx$SID&search_session_id=$search_session_id&search_id=$search_id&hilit=$hilit&$u_sort_param", $total_match_count, $per_page, $start),
|
||||
'PAGE_NUMBER' => on_page($total_match_count, $per_page, $start),
|
||||
'TOTAL_MATCHES' => $total_match_count,
|
||||
|
||||
'S_SELECT_SORT_DIR' => $s_sort_dir,
|
||||
'S_SELECT_SORT_KEY' => $s_sort_key,
|
||||
'S_SEARCH_ACTION' => "search.$phpEx$SID&search_id=$search_id",
|
||||
'S_SELECT_SORT_DAYS' => $s_limit_days,
|
||||
'S_SEARCH_ACTION' => "{$phpbb_root_path}search.$phpEx$SID&search_session_id=$search_session_id&search_id=$search_id",
|
||||
'S_SHOW_TOPICS' => ($show_results == 'posts') ? false : true,
|
||||
|
||||
'REPORTED_IMG' => $user->img('icon_reported', 'TOPIC_REPORTED'),
|
||||
@ -644,6 +675,8 @@ if ($search_keywords || $search_author || $search_id)
|
||||
// within an existing search result set
|
||||
$sort_by_sql = array('a' => (($show_results == 'posts') ? 'u.username' : 't.topic_poster'), 't' => (($show_results == 'posts') ? 'p.post_time' : 't.topic_last_post_time'), 'f' => 'f.forum_id', 'i' => 't.topic_title', 's' => (($show_results == 'posts') ? 'pt.post_subject' : 't.topic_title'));
|
||||
|
||||
if ($sql_where)
|
||||
{
|
||||
if ($show_results == 'posts')
|
||||
{
|
||||
// Not joining this query to the one below at present ... may do in future
|
||||
@ -655,14 +688,7 @@ if ($search_keywords || $search_author || $search_id)
|
||||
$zebra = array();
|
||||
while ($row = $db->sql_fetchrow($result))
|
||||
{
|
||||
if ($row['friend'])
|
||||
{
|
||||
$zebra['friend'][] = $row['zebra_id'];
|
||||
}
|
||||
else
|
||||
{
|
||||
$zebra['foe'][] = $row['zebra_id'];
|
||||
}
|
||||
$zebra[($row['friend']) ? 'friend' : 'foe'][] = $row['zebra_id'];
|
||||
}
|
||||
$db->sql_freeresult($result);
|
||||
|
||||
@ -734,7 +760,7 @@ if ($search_keywords || $search_author || $search_id)
|
||||
$template->assign_block_vars('searchresults', array(
|
||||
'S_IGNORE_POST' => true,
|
||||
|
||||
'L_IGNORE_POST' => sprintf($user->lang['POST_BY_FOE'], $row['username'], "<a href=\"search.$phpEx$SID&search_id=$search_id&$u_sort_param&p=" . $row['post_id'] . '&view=show#' . $row['post_id'] . '">', '</a>'))
|
||||
'L_IGNORE_POST' => sprintf($user->lang['POST_BY_FOE'], $row['username'], "<a href=\"search.$phpEx$SID&search_session_id=$search_session_id&$u_sort_param&p=" . $row['post_id'] . '&view=show#' . $row['post_id'] . '">', '</a>'))
|
||||
);
|
||||
|
||||
continue;
|
||||
@ -746,7 +772,6 @@ if ($search_keywords || $search_author || $search_id)
|
||||
}
|
||||
|
||||
$row['post_text'] = censor_text($row['post_text']);
|
||||
|
||||
decode_message($row['post_text'], $row['bbcode_uid']);
|
||||
|
||||
if ($return_chars)
|
||||
@ -754,17 +779,24 @@ if ($search_keywords || $search_author || $search_id)
|
||||
$row['post_text'] = (strlen($row['post_text']) < $return_chars + 3) ? $row['post_text'] : substr($row['post_text'], 0, $return_chars) . '...';
|
||||
}
|
||||
|
||||
if ($hilit)
|
||||
{
|
||||
// This was shamelessly 'borrowed' from volker at multiartstudio dot de
|
||||
// via php.net's annotated manual
|
||||
$row['post_text'] = str_replace('\"', '"', substr(preg_replace('#(\>(((?>([^><]+|(?R)))*)\<))#se', "preg_replace('#\b(" . $hilit . ")\b#i', '<span class=\"posthilit\">\\\\1</span>', '\\0')", '>' . $row['post_text'] . '<'), 1, -1));
|
||||
$row['post_text'] = str_replace('\"', '"', substr(preg_replace('#(\>(((?>([^><]+|(?R)))*)\<))#se', "preg_replace('#\b(" . str_replace('\\', '\\\\', $hilit) . ")\b#i', '<span class=\"posthilit\">\\\\1</span>', '\\0')", '>' . $row['post_text'] . '<'), 1, -1));
|
||||
}
|
||||
|
||||
$row['post_text'] = smiley_text($row['post_text']);
|
||||
|
||||
// Replace naughty words such as farty pants
|
||||
$row['post_subject'] = censor_text($row['post_subject']);
|
||||
$row['post_text'] = str_replace("\n", '<br />', censor_text($row['post_text']));
|
||||
|
||||
$tpl_ary = array(
|
||||
'POSTER_NAME' => ($row['poster_id'] == ANONYMOUS) ? ((!empty($row['post_username'])) ? $row['post_username'] : $user->lang['GUEST']) : $row['username'],
|
||||
'POST_SUBJECT' => censor_text($row['post_subject']),
|
||||
'POST_DATE' => (!empty($row['post_time'])) ? $user->format_date($row['post_time']) : '',
|
||||
'MESSAGE' => (!empty($row['post_text'])) ? str_replace("\n", '<br />', $row['post_text']) : ''
|
||||
'MESSAGE' => $row['post_text']
|
||||
);
|
||||
}
|
||||
|
||||
@ -782,7 +814,13 @@ if ($search_keywords || $search_author || $search_id)
|
||||
));
|
||||
}
|
||||
$db->sql_freeresult($result);
|
||||
|
||||
}
|
||||
else
|
||||
{
|
||||
$template->assign_vars(array(
|
||||
'S_NO_SEARCH_RESULTS' => true)
|
||||
);
|
||||
}
|
||||
|
||||
page_header($user->lang['SEARCH']);
|
||||
|
||||
|
||||
@ -81,7 +81,7 @@ function jumpto()
|
||||
<div id="wrapcentre">
|
||||
|
||||
<p class="searchbar">
|
||||
<a style="float: left;" href="{U_SEARCH_UNANSWERED}">{L_SEARCH_UNANSWERED}</a>
|
||||
<span style="float: left;"><a href="{U_SEARCH_UNANSWERED}">{L_SEARCH_UNANSWERED}</a> | <a href="{U_SEARCH_ACTIVE_TOPICS}">{L_SEARCH_ACTIVE_TOPICS}</a></span>
|
||||
<!-- IF S_USER_LOGGED_IN -->
|
||||
<span style="float: right;"><a href="{U_SEARCH_NEW}">{L_SEARCH_NEW}</a> | <a href="{U_SEARCH_SELF}">{L_SEARCH_SELF}</a></span>
|
||||
<!-- ENDIF -->
|
||||
|
||||
@ -9,7 +9,7 @@
|
||||
<td colspan="2"><span class="titles">{SEARCH_MATCHES}</span><br /></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="genmed">{L_SEARCHED_FOR}: <a href="{U_SEARCH_WORDS}"><b>{SEARCH_WORDS}</b></a><!-- IF IGNORED_WORDS --> {L_IGNORED_TERMS}: <b>{IGNORED_WORDS}</b><!-- ENDIF --></td>
|
||||
<td class="genmed"><!-- IF SEARCH_WORDS -->{L_SEARCHED_FOR}: <a href="{U_SEARCH_WORDS}"><b>{SEARCH_WORDS}</b></a><!-- ENDIF --><!-- IF IGNORED_WORDS --> {L_IGNORED_TERMS}: <b>{IGNORED_WORDS}</b><!-- ENDIF --></td>
|
||||
<td align="right"><span class="genmed">{L_SEARCH_IN_RESULTS}: </span><input type="text" name="search_keywords" value="" /> <input class="btnlite" type="submit" name="submit" value="{L_GO}" /></td>
|
||||
</tr>
|
||||
</table>
|
||||
@ -58,9 +58,13 @@
|
||||
</p>
|
||||
</td>
|
||||
</tr>
|
||||
<!-- BEGINELSE -->
|
||||
<tr valign="middle">
|
||||
<td colspan="7" class="row3" align="center">{L_NO_SEARCH_RESULTS}</td>
|
||||
</tr>
|
||||
<!-- END searchresults -->
|
||||
<tr>
|
||||
<td class="cat" colspan="7" valign="middle" align="center"><span class="gensmall">{L_SORT_BY}:</span> {S_SELECT_SORT_KEY} {S_SELECT_SORT_DIR} <input class="btnlite" type="submit" name="sort" value="{L_GO}" /></td>
|
||||
<td class="cat" colspan="7" valign="middle" align="center"><span class="gensmall">{L_DISPLAY_POSTS}:</span> {S_SELECT_SORT_DAYS} <span class="gensmall">{L_SORT_BY}:</span> {S_SELECT_SORT_KEY} {S_SELECT_SORT_DIR} <input class="btnlite" type="submit" value="{L_GO}" name="sort" /></td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
@ -98,6 +102,10 @@
|
||||
<tr>
|
||||
<td class="spacer" colspan="2"><img src="images/spacer.gif" height="1" alt="" /></td>
|
||||
</tr>
|
||||
<!-- BEGINELSE -->
|
||||
<tr valign="middle">
|
||||
<td colspan="2" class="row3" align="center">{L_NO_SEARCH_RESULTS}</td>
|
||||
</tr>
|
||||
<!-- END searchresults -->
|
||||
<tr>
|
||||
<td class="cat" colspan="2" align="center"><span class="gensmall">{L_SORT_BY}:</span> {S_SELECT_SORT_KEY} {S_SELECT_SORT_DIR} <input class="btnlite" type="submit" name="sort" value="{L_GO}" /></td>
|
||||
@ -107,7 +115,7 @@
|
||||
|
||||
</form>
|
||||
|
||||
<div class="nav" style="float:left">{PAGE_NUMBER} [ {TOTAL_MATCHES} ]</div><div class="nav" style="float:right"><!-- IF PAGINATION --><b><a href="javascript:jumpto();">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a> <!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE --> <a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF --></div>
|
||||
<div class="nav" style="float:left"><!-- IF PAGINATION -->{PAGE_NUMBER} [ {TOTAL_MATCHES} ]<!-- ENDIF --> </div><div class="nav" style="float:right"><!-- IF PAGINATION --><b><a href="javascript:jumpto();">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a> <!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE --> <a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF --></div>
|
||||
|
||||
<br clear="all" /><br />
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user