A lightweight forum engine written in PHP. Repository is now obsolete and read-only. http://www.pioder.pl/uforum.html
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

292 lines
8.3 KiB

  1. <?php
  2. /**
  3. * @package uForum
  4. * @file search.php
  5. * @version $Id$
  6. * @copyright 2007-2010 (c) PioDer <pioder@wp.pl>
  7. * @link http://www.pioder.pl/
  8. * @license see LICENSE.txt
  9. **/
  10. define('IN_uF', true);
  11. //include files
  12. require('./config.php');
  13. require('./includes/constants.php');
  14. require('./includes/db.php');
  15. require('./includes/errors.php');
  16. //connect to database
  17. DataBase::db_connect();
  18. require('./includes/sessions.php');
  19. require('./includes/classes/class_user.php');
  20. require('./common.php');
  21. require('./includes/misc_functions.php');
  22. require('./includes/classes/class_forum.php');
  23. require('./includes/classes/class_topic.php');
  24. require('./includes/classes/secure.php');
  25. $default_lang = DefaultLang();
  26. require('./lngs/'.$default_lang.'/main.php');
  27. $start = TimeGeneration();
  28. $default_skin = ViewSkinName();
  29. SessDelInvalid();
  30. SessRegister();
  31. SessDeleteOld();
  32. if (!isset($_GET['content']))
  33. {
  34. header('Location: search.php?content=posts');
  35. }
  36. //
  37. //generate output pages
  38. //
  39. if ($_SESSION['uid']>0)
  40. {
  41. $limiter = $userdata['limit_ftid'];
  42. }
  43. else
  44. {
  45. $limiter = $forum_config['limit_ftid'];
  46. }
  47. if ($_GET['content'] == 'userposts' || $_GET['content'] == 'lastposts')
  48. {
  49. if (isset($_GET['page'])&&($_GET['page']!=1))
  50. {
  51. if (!is_numeric($_GET['page']))
  52. {
  53. die('Hacking attempt');
  54. }
  55. $value = ($_GET['page']-1)*$limiter;
  56. $limit = 'LIMIT '.$value . ', '.$limiter;
  57. $page = $_GET['page'];
  58. }
  59. else
  60. {
  61. $limit = 'LIMIT 0, '.$limiter;
  62. $page=1;
  63. }
  64. }
  65. else
  66. {
  67. if (isset($_POST['page'])&&($_POST['page']!=1))
  68. {
  69. if (!is_numeric($_POST['page']))
  70. {
  71. die('Hacking attempt');
  72. }
  73. $value = ($_POST['page']-1)*$limiter;
  74. $limit = 'LIMIT '.$value . ', '.$limiter;
  75. $page = $_POST['page'];
  76. }
  77. else
  78. {
  79. $limit = 'LIMIT 0, '.$limiter;
  80. $page=1;
  81. }
  82. }
  83. //
  84. //end generating pages
  85. //
  86. if ((isset($_POST['keywords'])) || ($_GET['content']=='lastposts') || ($_GET['content']=='userposts'))
  87. {
  88. $errors = true;
  89. switch($_GET['content'])
  90. {
  91. case 'lastposts':
  92. {
  93. if ($_SESSION['uid']>0)
  94. {
  95. $time = $_SERVER['REQUEST_TIME']-129600;
  96. $sql = "SELECT COUNT(`t_id`) as `cnt` FROM ".TOPICS_TABLE." WHERE lastpost_time>$time";
  97. $count = DataBase::fetch(DataBase::sql_query($sql,GENERAL,'Could not obtain count amout of topics'));
  98. $count = $count['cnt'];
  99. $count = ceil($count / $limiter);
  100. if ($count==0)
  101. {
  102. $count +=1;
  103. }
  104. if(isset($_GET['page']) && ($_GET['page']>$count))
  105. {
  106. message_forum($lng['invalidpage'],'index.php');
  107. }
  108. $sql = "SELECT ".TOPICS_TABLE.".*, ".USERS_TABLE.".*, ".TOPICS_TABLE.".posts AS posts
  109. FROM ".TOPICS_TABLE."
  110. LEFT JOIN ".USERS_TABLE." ON ".TOPICS_TABLE.".author = ".USERS_TABLE.".u_id
  111. WHERE lastpost_time>$time
  112. ORDER BY `sticky` DESC, `lastpost_time` DESC $limit";
  113. $errors = false;
  114. $window_title = $lng['showlastposts'];
  115. $navigator_title = '<a href="'.$_SERVER['REQUEST_URI'].'" class="navigator">'.$lng['showlastposts'];
  116. break;
  117. }
  118. else
  119. {
  120. message_forum($lng['youarenotlogd'],'login.php?mode=login');
  121. break;
  122. }
  123. }
  124. case 'userposts':
  125. {
  126. if (isset($_GET['u']))
  127. {
  128. $count = DataBase::fetch(DataBase::sql_query("SELECT COUNT(`t_id`) as `t_id`
  129. FROM ".TOPICS_TABLE." WHERE `author`='".intval($_GET['u'])."'",GENERAL,'Could not obtain count amout of topics'));
  130. $count = $count['t_id'];
  131. $count = ceil($count / $limiter);
  132. if ($count==0)
  133. {
  134. $count +=1;
  135. }
  136. if(isset($_GET['page']) && ($_GET['page']>$count))
  137. {
  138. message_forum($lng['invalidpage'],'index.php');
  139. }
  140. $sql = "SELECT ".TOPICS_TABLE.".*, ".USERS_TABLE.".* FROM ".TOPICS_TABLE." LEFT JOIN ".USERS_TABLE." ON ".TOPICS_TABLE.".author = ".USERS_TABLE.".u_id WHERE `u_id`='".intval($_GET['u'])."' ORDER BY `sticky` DESC, `lastpost_time` DESC $limit;";
  141. $errors = false;
  142. $window_title = $lng['view_user_topics'];
  143. $navigator_title = '<a href="'.$_SERVER['REQUEST_URI'].'" class="navigator">'.$lng['view_user_topics'];
  144. break;
  145. }
  146. else
  147. {
  148. message_forum($lng['no_user'],'index.php');
  149. break;
  150. }
  151. }
  152. case 'posts':
  153. {
  154. if(strlen(trim($_POST['keywords']))>=3)
  155. {
  156. $keyword = explode(' ', strip_tags(addslashes($_POST['keywords'])));
  157. $like_where = ' `text` LIKE \'%'.$keyword[0].'%\'';
  158. for($i=1; $i<count($keyword);$i++)
  159. {
  160. $like_where .=' OR `text` LIKE \'%'.$keyword[$i].'%\'';
  161. }
  162. $sql = "SELECT ".POSTS_TABLE.".t_id, ".POSTS_TABLE.".text
  163. FROM ".TOPICS_TABLE."
  164. LEFT JOIN ".POSTS_TABLE." ON ".POSTS_TABLE.".t_id = ".TOPICS_TABLE.".t_id
  165. WHERE $like_where GROUP BY `t_id`";
  166. $count = DataBase::sql_query($sql,GENERAL,'Could not obtain count amout of topics');
  167. $count = DataBase::num_rows($count);//$count['count'];
  168. $count = ceil($count / $limiter);
  169. if ($count==0)
  170. {
  171. $count +=1;
  172. }
  173. if(isset($_GET['page']) && ($_GET['page']>$count))
  174. {
  175. message_forum($lng['invalidpage'],'index.php');
  176. }
  177. $sql = "SELECT ".TOPICS_TABLE.".*, ".USERS_TABLE.".*, ".POSTS_TABLE.".*, ".TOPICS_TABLE.".posts AS posts
  178. FROM ".TOPICS_TABLE."
  179. LEFT JOIN ".USERS_TABLE." ON ".TOPICS_TABLE.".author = ".USERS_TABLE.".u_id
  180. LEFT JOIN ".POSTS_TABLE." ON ".POSTS_TABLE.".t_id = ".TOPICS_TABLE.".t_id
  181. WHERE $like_where
  182. ORDER BY `sticky` DESC, `lastpost_time` DESC $limit;";
  183. $window_title = $lng['search_results'];
  184. $navigator_title = '<a href="'.$_SERVER['REQUEST_URI'].'" class="navigator">'.$lng['search_results'];
  185. $errors = false;
  186. }
  187. else
  188. {
  189. message_forum($lng['too_short_keywords'],'search.php?content=posts');
  190. }
  191. break;
  192. }
  193. }
  194. if (!$errors)
  195. {
  196. //add skin variables
  197. $skin = array(
  198. 'lposts'=>$lng['posts'],
  199. 'llastposts'=>$lng['lastpost'],
  200. 'lposts'=>$lng['posts'],
  201. 'lauthor'=>$lng['author'],
  202. 'llastpost'=>$lng['lastpost'],
  203. 'ltopicname'=>$lng['ltopicname'],
  204. 'lang'=> $default_lang
  205. );
  206. $skin = array_push_assoc($skin,GenerateHeader($window_title,$navigator_title));
  207. require('./skins/'.$default_skin.'/overall_header.tpl');
  208. require('./skins/'.$default_skin.'/forum_body.tpl');
  209. $query = DataBase::sql_query($sql,GENERAL, 'Could not obtain topics information');
  210. $value = DataBase::num_rows($query);
  211. if ($value>0)
  212. {
  213. $isset_topics = array();
  214. while($record = DataBase::fetch($query))
  215. {
  216. if (!in_array($record['t_id'], $isset_topics))
  217. {
  218. $last_post = explode(':', $record['lastpost']);
  219. $skin = array(
  220. 't_id'=>$record['t_id'],
  221. 'fname'=>($record['sticky']=='1') ? '<b>'.$lng['sticky'].'</b>'.$record['name'] : $record['name'],
  222. 'author'=>Topic::TopicAuthor($record['author']),
  223. 'new_post'=>Topic::LastPostImg(),
  224. 'tposts'=>$record['posts'],
  225. 'lastpost'=>Topic::LastPostInTopic($record['t_id'])
  226. );
  227. require('./skins/'.$default_skin.'/forum_forum_add.tpl');
  228. array_push($isset_topics, $record['t_id']);
  229. }
  230. }
  231. }
  232. else
  233. {
  234. echo '<tr><td width="'.TABLES_WIDTH.'" colspan="10" height="19" class="fitem"><p class="fstandard" align="center">'.$lng['nopost'].'!</p></td></tr>';
  235. }
  236. $skin = array(
  237. 'option_pages' => ListPages($page, $count),
  238. 'lwith' => $lng['with'],
  239. 'lpage' => $lng['page'],
  240. 'lpages' => $count,
  241. );
  242. if ($_GET['content']=='posts')
  243. {
  244. $skin['keywords'] = $_POST['keywords'];
  245. }
  246. require('./skins/'.$default_skin.'/search_end_body.tpl');
  247. }
  248. }
  249. else
  250. {
  251. $skin = array(
  252. 'mainpage'=>$lng['lsearch'],
  253. 'lsubmit'=>$lng['search'],
  254. 'lreset'=>$lng['reset'],
  255. 'insert_keywords'=>$lng['insert_keywords']
  256. );
  257. $window_title = $lng['lsearch'];
  258. $navigator_title = '<a href="'.$_SERVER['REQUEST_URI'].'" class="navigator">'.$lng['lsearch'];
  259. $skin = array_push_assoc($skin,GenerateHeader($window_title,$navigator_title));
  260. require('./skins/'.$default_skin.'/overall_header.tpl');
  261. require('./skins/'.$default_skin.'/search_body.tpl');
  262. }
  263. if ($_SESSION['uid']>0)
  264. {
  265. if(RANK=='2')
  266. {
  267. $skin['pa_link']='<a href="admin/index.php" class="fsmall"><b>'.$lng['pa_link'].'</b></a>';
  268. }
  269. else
  270. {
  271. $skin['pa_link']='';
  272. }
  273. }
  274. else
  275. {
  276. $skin['pa_link']='';
  277. }
  278. $stop = TimeGeneration();
  279. $skin['queries'] = ShowQueries($start, $stop);
  280. require('./skins/'.$default_skin.'/overall_footer.tpl');
  281. ?>