authenticate("U_Groups,U_TimeOffset,U_Display,U_TimeFormat,U_LastSearch,U_SearchSession,U_LastOn"); $Username = $user['U_Username']; isset($user['U_TimeOffset']) && $toffset = $user['U_TimeOffset']; !isset($user['U_TimeFormat']) && $user['U_TimeFormat'] = $theme['timeformat']; if (!$newerval) { $newerval = 1; } // Make sure the daterange is valid if this is a new search if ($fromsearch) { $rangeseconds = 0; if (!$newerval && !$olderval){ $newerval = $config['rangevalue']; if ($config['rangetype'] == "days") { $newertype = "d"; } else if ($config['rangetype'] == "weeks") { $newertype = "w"; } else if ($config['rangetype'] == "months") { $newertype = "m"; } else if ($config['rangetype'] == "years") { $newertype = "y"; } } if ($config['rangetype'] == "days") { $rangeseconds = $config['rangevalue'] * 86400; } if ($config['rangetype'] == "weeks") { $rangeseconds = ($config['rangevalue'] * 7) * 86400; } if ($config['rangetype'] == "months") { $rangeseconds = ($config['rangevalue'] * 31) * 86400; } if ($config['rangetype'] == "years") { $rangeseconds = ($config['rangevalue'] * 365) * 86400; } $newer = ""; if ($newerval && $newertype) { if ($newertype == "d") { $newer = $newerval * 86400; } if ($newertype == "w") { $newer = ($newerval * 7) * 86400; } if ($newertype == "m") { $newer = ($newerval * 31) * 86400; } if ($newertype == "y") { $newer = ($newerval * 365) * 86400; } } $older = ""; if ($olderval && $oldertype) { if ($oldertype == "d") { $older = $olderval * 86400; } if ($oldertype == "w") { $older = ($olderval * 7) * 86400; } if ($oldertype == "m") { $older = ($olderval * 31) * 86400; } if ($oldertype == "y") { $older = ($olderval * 365) * 86400; } } $invalidrange = 0; if ($newer && !$older) { if ($newer > $rangeseconds) { $invalidrange = 1; } } if ($newer && $older) { if (($newer - $older) > $rangeseconds) { $invalidrange = 1; } } $resetnewer = ""; if ($older && !$newer) { $resetnewer = $older + $rangeseconds; } if ($invalidrange) { if ($config['rangevalue'] == 1) { $config['rangetype'] = preg_replace("/s$/","",$config['rangetype']); } $html->not_right($ubbt_lang['MAX_RANGE'] . " {$config['rangevalue']} {$config['rangetype']}.",$Cat); } } // If this user is logged in we get their last search from the db if ($user['U_Groups']) { $lastsearch = $user['U_LastSearch']; } else { if (!isset($config['guestsearch']) || !$config['guestsearch']) { //$html->not_right($ubbt_lang['NO_SEARCH'],$Cat); } $lastsearch = get_input("lastsearch","cookie"); } // Need to see what their last visit was so we can provide links to unread posts // when viewing active topics if (isset($_SESSION['forumvisit']['lastonline'])) { $unread = $_SESSION['forumvisit']['lastonline']; } else { if ($user['U_LastOn']) { $unread = $user['U_LastOn']; } else { $unread = $html->get_date(); } } $mode = $user['U_Display']; if (!$mode) { $mode = $theme['postlist']; } $linker = "show$mode"; if (!$Limit) { $Limit = 25;} if ($Limit > 99) { $Limit = '99'; } if (!$Searchpage) { $Searchpage = 1; } // Searchkey is saved in a cookie for guests if ($user['U_SearchSession']) { $oldkey = addslashes($user['U_SearchSession']); } else { $oldkey = addslashes(get_input("searchkey","cookie")); } // If this is a new search, execute this if ($fromsearch) { // Generate a search session key $rightnow = time(); list($usec, $sec) = explode(' ', microtime()); srand((float) $sec + ((float) $usec * 100000)); $random = rand(); $session = md5("$rightnow$random"); // Can they make another search yet? // Admins and moderators can bypass this setting $diff = $rightnow - $lastsearch; if ($diff < $config['timesearch']) { if ($user['U_Status'] != "Administrator" && $user['U_Status'] != "Moderator") { $html->not_right($ubbt_lang['TIMELIMIT'],$Cat); } } // Update their last search time if ($user['U_Groups']) { $session = addslashes($session); $query = " UPDATE {$config['tbprefix']}Users SET U_LastSearch='$rightnow', U_SearchSession='$session' WHERE U_Number='{$user['U_Number']}' "; $dbh->do_query($query,__LINE__,__FILE__); } else { $html->ubbt_setcookie("lastsearch",$rightnow); $html->ubbt_setcookie("searchkey",$session); } // Delete the old search results or any older than a day $timestamp = $rightnow - 86400; $query = " DELETE FROM {$config['tbprefix']}SearchResults WHERE S_Session='$oldkey' OR S_SearchTime < $timestamp "; $dbh->do_query($query,__LINE__,__FILE__); // ------------------------------------------------------ // Escape any % signs as these are special SQL characters $Words = str_replace("%","\%",$Words); $Words = str_replace("*","\*",$Words); $printwords = htmlspecialchars($Words); // --------------------------- // URL Encode the Search stuff $URLWords = rawurlencode($Words); // ---------------------------------------------------------------- // Calculate the timestamp we are going to be using as our baseline $newertime = ""; $oldertime = ""; if ($daterange) { if (($newerval && $newertype) || $resetnewer) { $days = 0; if ($newertype == "d") { $days = $newerval; } if ($newertype == "w") { $days = $newerval * 7; } if ($newertype == "m") { $days = $newerval * 31; } if ($newertype == "y") { $days = $newerval * 365; } $time = $html -> get_date(); $time = $time - ($days * 86400); if ($resetnewer) { $time = $time - $resetnewer; } if ($topic) { $newertime = "AND B_Last_Post > '$time'"; } else { $newertime = "AND B_Posted > '$time'"; } } if ($olderval && $oldertype) { $days = 0; if ($oldertype == "d") { $days = $olderval; } if ($oldertype == "w") { $days = $olderval * 7; } if ($oldertype == "m") { $days = $olderval * 31; } if ($oldertype == "y") { $days = $olderval * 365; } $time = $html -> get_date(); $time = $time - ($days * 86400); $oldertime = "AND B_Posted < '$time'"; } } // ------------------------------------------------------------------------- // If we are searching for all posts by a user we need to know their usernumber $usersearch = ""; $user_name_search = ""; if ($Name) { $Name = addslashes($Name); $userwhere = "U_Number = '$Name'"; if (!$fromprof) { $userwhere = "U_Username = '$Name'"; } $query = " SELECT U_Username,U_Number FROM {$config['tbprefix']}Users WHERE $userwhere "; $sth = $dbh -> do_query($query,__LINE__,__FILE__); list($printname,$Name) = $dbh -> fetch_array($sth); $printwords .= " $printname"; $usersearch = "AND B_PosterId = '$Name'"; $user_name_search = $printname; } if (!$user['U_Groups']) { $user['U_Groups'] = "-4-"; } // -------------------------------------------------------------- // Let's make sure they are supposed to be looking at this board $Grouparray = split("-",$user['U_Groups']); $gsize = sizeof($Grouparray); $groupquery = "("; $g = 0; for ($i=0; $i<=$gsize;$i++) { if (!isset($Grouparray[$i])) { continue; } if (!preg_match("/[0-9]/",$Grouparray[$i])) { continue; }; $g++; if ($g > 1) { $groupquery .= " OR "; } $groupquery .= "Bo_Read_Perm LIKE '%-$Grouparray[$i]-%'"; } $groupquery .= ")"; // ------------------------------------------------------ // Now we need to figure out what forums we are searching $catin = ""; $boardin = ""; $allforums = ""; $forumlist = ""; $Forum = split(",",$Forum); for($i=0;$i do_query($query,__LINE__,__FILE__); $boardin = ""; while(list($key,$btitle,$bread,$bcat,$bo_active) = $dbh -> fetch_array($sth)) { $boardarray[$key]['title'] = $btitle; $boardarray[$key]['readperm'] = $bread; $boardarray[$key]['cat'] = $bcat; $key = addslashes($key); if ($bo_active) { $boardin .= "'$key',"; } } $boardin = preg_replace("/,$/","",$boardin); $Cat = preg_replace("/[^\d,]/","",$Cat); if ($Cat) { $pattern = ","; $replace = " OR Bo_Cat = "; $thiscat = str_replace($pattern,$replace,$Cat); $catonly = "AND (Bo_Cat = $thiscat )"; } // ---------------------------------------------------- // A very clumsy hack to specify entire phrase searches $matches[] = ""; $newphrase[] = ""; $excluded = ""; preg_match_all("/(\")(.*?)(\")/is",$Words,$matches); for ($i=0; $i < count($matches['0']); $i++) { $newphrase[$i] = preg_replace("/ +/","_UBBT_PHRASE_",$matches[0][$i]); $Words = str_replace($matches[0][$i],$newphrase[$i],$Words); } $Words = str_replace('"',"",$Words); $keyarray = preg_split("/ +/",$Words); $andquery = ""; $notquery = ""; $orquery = ""; $andconcat = ""; $notconcat = ""; $orconcat = ""; for ($i=0;$inot_right($ubbt_lang['NO_WORDS'],$Cat); } else { $html->not_right($ubbt_lang['SHORT'],$Cat); } } // Are we only showing active topics? $istopic = ""; if ($topic) { $istopic = "AND B_Topic='1'"; } $query = " SELECT B_Number FROM {$config['tbprefix']}Posts WHERE B_Approved = 'yes' AND B_Status <> 'M' AND B_Board IN ($boardin) $istopic $usersearch $newertime $oldertime "; $orextra = ""; if ($andquery) { $query = $query . "\n AND ($andquery)"; $orextra = "(1) OR "; } if ($notquery) { $query = $query . "\n AND ($notquery)"; $orextra = "(1) OR "; } if ($orquery) { $query = $query . "\n AND ( $orextra $orquery)"; } if ($topic) { $query = $query."\nORDER BY B_Last_Post DESC\nLIMIT {$config['searchresults']}"; } else { $query = $query."\nORDER BY B_Posted DESC\nLIMIT {$config['searchresults']}"; } // Setup a string to hold the excluded words, if there are any $excluded = preg_replace("/(\s,|,)$/","",$excluded); // ------------------------------------------------------------------ // Now execute the query if we actually have some words to search for if ($excluded && (!$andquery && !$notquery && !$orquery)) { $sth = array(); $rows = 0; } elseif (!$boardin) { $sth = array(); $rows = 0; } else { $sth = $dbh -> do_query($query,__LINE__,__FILE__); $rows = $dbh -> total_rows($sth); } // If no rows, give them an error if (!$rows) { $html -> not_right("{$ubbt_lang['NO_MATCH']} $excluded",$Cat,1); } else { $results = array(); while(list($result)=$dbh->fetch_array($sth)) { $results[] = $result; } $results_q = addslashes(serialize($results)); if (!$Words) { $Words = $user_name_search; } $query = " INSERT INTO {$config['tbprefix']}SearchResults (S_Session,S_SearchWords,S_ExcludedWords,S_SearchResults,S_SearchTime,S_BodyPrev,S_Limit) VALUES ('$session','" .addslashes($Words) ."','" .addslashes($excluded) ."','" .addslashes(serialize($results)). "',$rightnow,'$bodyprev','" .addslashes($Limit)."') "; $dbh->do_query($query,__LINE__,__FILE__); } } // Otherwise we are retrieving a stored search result set else { $query = " SELECT S_SearchWords,S_ExcludedWords,S_SearchResults,S_BodyPrev,S_Limit FROM {$config['tbprefix']}SearchResults WHERE S_Session='$oldkey' "; $sth = $dbh->do_query($query,__LINE__,__FILE__); list($Words,$excluded,$results,$bodyprev,$Limit) = $dbh->fetch_array($sth); $results = unserialize($results); $printwords = htmlspecialchars($Words); $query = " SELECT Bo_Keyword,Bo_Title,Bo_Read_Perm,Bo_Cat,Bo_Active FROM {$config['tbprefix']}Boards "; $sth = $dbh -> do_query($query,__LINE__,__FILE__); $boardin = ""; while(list($key,$btitle,$bread,$bcat,$bo_active) = $dbh -> fetch_array($sth)) { $boardarray[$key]['title'] = $btitle; $boardarray[$key]['readperm'] = $bread; $boardarray[$key]['cat'] = $bcat; } } if ($excluded) { $excluded = "({$ubbt_lang['EXCLUDED']} $excluded)"; } $prevpage = $Searchpage - 1; if ($prevpage >= 1) { $prevlinkstart = ""; $prevlinkstop = ""; } $nextpage = $Searchpage + 1; if (sizeof($results) > ($Searchpage * $Limit)) { $nextlinkstart = ""; $nextlinkstop = ""; } $color = "lighttable"; $resultsize = 0; // Format a string that contains what result set we are showing if ($Searchpage > 1) { $s = (($Searchpage -1) * $Limit) + 1; $e = ($s + $Limit) - 1; } else { $s = 1; $e = ($s + $Limit) - 1; } if ($e > sizeof($results)) { $e = sizeof($results); } $string1 = "$s - $e"; $currentresults = sprintf($ubbt_lang['RESULTS'],$string1,sizeof($results)); // Build our inlist for our result set we're displaying $startkey = $s - 1; $endkey = $e - 1; $inlist = ""; for($i=0;$i<=sizeof($results);$i++) { if ($i < $startkey) { continue; } if ($i > $endkey) { break; } $inlist .= "'$results[$i]',"; } // Do the query to actually grab the info we need now $inlist = preg_replace("/,$/","",$inlist); if (!$inlist) { $html->not_right($ubbt_lang['NO_SEARCH'],$Cat); } // What order do we sort by $sortorder = "ORDER BY t1.B_Number DESC"; if ($topic) { $sortorder = "ORDER BY t1.B_Last_Post DESC"; } $query = " SELECT t1.B_Number,t1.B_Main,t2.U_Username,t2.U_Status,t1.B_Subject,t1.B_Posted,t1.B_Board,t2.U_Color,t1.B_Reged,t1.B_Icon,t1.B_Posterid,t1.B_Status,t1.B_Anonname,t1.B_Body,t1.B_LastPostNum,t1.B_Last_Post FROM {$config['tbprefix']}Posts AS t1, {$config['tbprefix']}Users AS t2 WHERE t1.B_Number IN ($inlist) AND t1.B_Posterid = t2.U_Number $sortorder "; $sth = $dbh->do_query($query,__LINE__,__FILE__); $headerwords = $printwords; if ($topic) { $headerwords = $ubbt_lang['ACTIVE']; } // --------------- // Send the header $html -> send_header("{$ubbt_lang['SEARCH_RES']}: $headerwords $excluded",$Cat,0,$user); $i=0; $linkwords = urlencode($printwords); while(list ($Number,$Main,$Username,$UserStatus,$Subject,$Posted,$ThisForum,$Color,$Reged,$Icon,$posterid,$Open,$AnonName,$Body,$lastpostnum,$Last_Post) = $dbh -> fetch_array($sth)) { // ---------------------------------------------------------------------- // We need to check and see if they have privileges for this forum. if (!$user['U_Groups']) { $user['U_Groups'] = "-4-"; } $Grouparray = split("-",$user['U_Groups']); $gsize = sizeof($Grouparray); $readable = ""; for ($j=0; $j < $gsize; $j++) { if (!$Grouparray[$j]) { continue; } if (strstr($boardarray[$ThisForum]['readperm'],"-$Grouparray[$j]-") ) { $readable = "yes"; break; } } if (!$readable) { continue; } if (!$Icon) { $Icon = "blank.gif"; } if ( ($Open == "C") || ($Open == "M") ) { $Icon = "lock.gif"; } $SearchURLForum = rawurlencode($ThisForum); $searchrow[$i]['Forum'] = $SearchURLForum; $searchrow[$i]['Icon'] = $Icon; $searchrow[$i]['Number'] = $Number; $searchrow[$i]['Main'] = $Main; $searchrow[$i]['goto'] = ""; $searchrow[$i]['gotolast'] = ""; $PostedTime = $html -> convert_time($Posted,$toffset,$user['U_TimeFormat']); $LastPostTime = $html -> convert_time($Last_Post,$toffset,$user['U_TimeFormat']); // -------------------------- // Are we shoing just topics? if ($topic) { // Is there a link to an unread post? if (isset($_SESSION['topicread'][$Main])) { $checkread = $_SESSION['topicread'][$Main]; } else { $checkread = $unread; } if ($Last_Post > $checkread) { $searchrow[$i]['goto'] = << {$ubbt_lang['GOTOUNREAD']} EOF; } // Link for last post $searchrow[$i]['gotolast'] = <<
{$ubbt_lang['LAST_POST']}: $LastPostTime EOF; } $searchrow[$i]['Subject'] = $Subject; $searchrow[$i]['Title'] = $boardarray[$ThisForum]['title']; // ------------------------------------------------------------------ // If we are viewing recent messages we only show from the proper cat if (!$Words) { if ($Cat) { $allcats = ",$Cat,"; if (!strstr($allcats,",{$boardarray[$ThisForum]['cat']},")) { continue; } } } $PUsername = $Username; if ($UserStatus == "Administrator") { if (!$Color) { $PUsername = "$PUsername"; } else { $PUsername = "$PUsername"; } $UserStatus = "\"{$ubbt_lang['USER_ADMIN']}\""; } elseif ($UserStatus == "Moderator") { if (!$Color) { $PUsername = "$PUsername"; } else { $PUsername = "$PUsername"; } $UserStatus = "\"{$ubbt_lang['USER_MOD']}\""; } else { $UserStatus = ""; if ($Color) { $PUsername = "$PUsername"; } } if ($Reged == "y") { $Userlink = "$PUsername $UserStatus"; } else { $Userlink = "$AnonName"; } $searchrow[$i]['Userlink'] = $Userlink; $searchrow[$i]['Posted'] = $PostedTime; $searchrow[$i]['Body'] = ""; if ($bodyprev) { $Body = preg_replace("/<(.*?)>/","",$Body); $Body = substr($Body,0,256); $searchrow[$i]['Body'] = "
 $Body
"; } // ------------------- // alternate the colors $searchrow[$i]['color'] = $color; $color = $html -> switch_colors($color); $i++; } $resultsize = 0; if (isset($searchrow)) { $resultsize = sizeof($searchrow); } $linkwords = urlencode($printwords); // --------------------- // Grab the tablewrapper list($tbopen,$tbclose) = $html -> table_wrapper(); if (!$debug) { include("$thispath/templates/$tempstyle/dosearch.tmpl"); } $dbh -> finish_sth($sth); $html -> send_footer(); ?>