From c9471df00d964a230451b3714b9502e5abf91830 Mon Sep 17 00:00:00 2001
From: Savetheinternet (Search is case-insensitive but not based on keywords.) (Search is case-insensitive, and based on keywords. To match exact phrases, use "quotes".)
(Search is case-insensitive but not based on keywords.)
' . + '(Search is case-insensitive, and based on keywords. To match exact phrases, use "quotes".)
' . ''; if(isset($_POST['search']) && !empty($_POST['search'])) { $phrase = $_POST['search']; $_body = ''; + // Remove SQL wildcard + $phrase = str_replace('%', '%%', $phrase); + + // Use asterisk as wildcard to suit convention + $phrase = str_replace('*', '%', $phrase); + + // wat "this is a test" "niggers and jews" hello world + + $like = ''; + + $match = Array(); + + // Find exact phrases + if(preg_match_all('/"(.+?)"/', $phrase, $m)) { + foreach($m[1] as &$quote) { + $phrase = str_replace("\"{$quote}\"", '', $phrase); + $match[] = $pdo->quote($quote); + } + } + + $words = explode(' ', $phrase); + foreach($words as &$word) { + if(empty($word)) + continue; + $match[] = $pdo->quote($word); + } + + $like = ''; + foreach($match as &$phrase) { + if(!empty($like)) + $like .= ' AND '; + $phrase = preg_replace('/^\'(.+)\'$/', '\'%$1%\'', $phrase); + $like .= '`body` LIKE ' . $phrase; + } + + $like = str_replace('%', '%%', $like); + $boards = listBoards(); foreach($boards as &$_b) { openBoard($_b['uri']); - $query = prepare(sprintf("SELECT * FROM `posts_%s` WHERE `body` LIKE :query ORDER BY `time` DESC LIMIT :limit", $board['uri'])); - $query->bindValue(':query', "%{$phrase}%"); + $query = prepare(sprintf("SELECT * FROM `posts_%s` WHERE " . $like . " ORDER BY `time` DESC LIMIT :limit", $board['uri'])); $query->bindValue(':limit', $config['mod']['search_results'], PDO::PARAM_INT); $query->execute() or error(db_error($query));