kashire
/
lainchan
4
0
Форк 0
Код Проблеми 0 Запити на злиття 0 Релізи 26 Вікі Активність
The version of vichan running on lainchan.org
Ви не можете вибрати більше 25 тем Теми мають розпочинатися з літери або цифри, можуть містити дефіси (-) і не повинні перевищувати 35 символів.
2782 Коміти
3 Гілки
120MB
Дерево: f8ab67011c
Гілки Теги
${ item.name }
Створити гілку ${ searchTerm }
з 'f8ab67011c'
${ noResults }
lainchan/search.php

171 рядки
5.2KB
Неформатований Звинувачення Історія 

  1. <?php

  2. 	require 'inc/functions.php';

  3. 	

  4. 	if (!$config['search']['enable']) {

  5. 		die(_("Post search is disabled"));

  6. 	}

  7. 

  8. 	$queries_per_minutes = $config['search']['queries_per_minutes'];

  9. 	$queries_per_minutes_all = $config['search']['queries_per_minutes_all'];

  10. 	$search_limit = $config['search']['search_limit'];

  11. 	

  12. 	$boards = $config['search']['boards'];

  13. 	

  14. 	$body = Element('search_form.html', Array('boards' => $boards, 'board' => isset($_GET['board']) ? $_GET['board'] : false, 'search' => isset($_GET['search']) ? str_replace('"', '&quot;', utf8tohtml($_GET['search'])) : false));

  15. 	

  16. 	if(isset($_GET['search']) && !empty($_GET['search']) && isset($_GET['board']) && in_array($_GET['board'], $boards)) {		

  17. 		$phrase = $_GET['search'];

  18. 		$_body = '';

  19. 		

  20. 		$query = prepare("SELECT COUNT(*) FROM ``search_queries`` WHERE `ip` = :ip AND `time` > :time");

  21. 		$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);

  22. 		$query->bindValue(':time', time() - ($queries_per_minutes[1] * 60));

  23. 		$query->execute() or error(db_error($query));

  24. 		if($query->fetchColumn() > $queries_per_minutes[0])

  25. 			error(_('Wait a while before searching again, please.'));

  26. 		

  27. 		$query = prepare("SELECT COUNT(*) FROM ``search_queries`` WHERE `time` > :time");

  28. 		$query->bindValue(':time', time() - ($queries_per_minutes_all[1] * 60));

  29. 		$query->execute() or error(db_error($query));

  30. 		if($query->fetchColumn() > $queries_per_minutes_all[0])

  31. 			error(_('Wait a while before searching again, please.'));

  32. 			

  33. 		

  34. 		$query = prepare("INSERT INTO ``search_queries`` VALUES (:ip, :time, :query)");

  35. 		$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);

  36. 		$query->bindValue(':time', time());

  37. 		$query->bindValue(':query', $phrase);

  38. 		$query->execute() or error(db_error($query));

  39. 		

  40. 		_syslog(LOG_NOTICE, 'Searched /' . $_GET['board'] . '/ for "' . $phrase . '"');

  41. 

  42. 		// Cleanup search queries table

  43. 		$query = prepare("DELETE FROM ``search_queries`` WHERE `time` <= :time");

  44. 		$query->bindValue(':time', time() - ($queries_per_minutes_all[1] * 60));

  45.                 $query->execute() or error(db_error($query));

  46. 		

  47. 		openBoard($_GET['board']);

  48. 		

  49. 		$filters = Array();

  50. 		

  51. 		function search_filters($m) {

  52. 			global $filters;

  53. 			$name = $m[2];

  54. 			$value = isset($m[4]) ? $m[4] : $m[3];

  55. 			

  56. 			if(!in_array($name, array('id', 'thread', 'subject', 'name'))) {

  57. 				// unknown filter

  58. 				return $m[0];

  59. 			}

  60. 			

  61. 			$filters[$name] = $value;

  62. 			

  63. 			return $m[1];

  64. 		}

  65. 		

  66. 		$phrase = trim(preg_replace_callback('/(^|\s)(\w+):("(.*)?"|[^\s]*)/', 'search_filters', $phrase));

  67. 		

  68. 		if(!preg_match('/[^*^\s]/', $phrase) && empty($filters)) {

  69. 			_syslog(LOG_WARNING, 'Query too broad.');

  70. 			$body .= '<p class="unimportant" style="text-align:center">(Query too broad.)</p>';

  71. 			echo Element('page.html', Array(

  72. 				'config'=>$config,

  73. 				'title'=>'Search',

  74. 				'body'=>$body,

  75. 			));

  76. 			exit;

  77. 		}

  78. 		

  79. 		// Escape escape character

  80. 		$phrase = str_replace('!', '!!', $phrase);

  81. 		

  82. 		// Remove SQL wildcard

  83. 		$phrase = str_replace('%', '!%', $phrase);

  84. 		

  85. 		// Use asterisk as wildcard to suit convention

  86. 		$phrase = str_replace('*', '%', $phrase);

  87. 		

  88. 		// Remove `, it's used by table prefix magic

  89. 		$phrase = str_replace('`', '!`', $phrase);

  90. 

  91. 		$like = '';

  92. 		$match = Array();

  93. 		

  94. 		// Find exact phrases

  95. 		if(preg_match_all('/"(.+?)"/', $phrase, $m)) {

  96. 			foreach($m[1] as &$quote) {

  97. 				$phrase = str_replace("\"{$quote}\"", '', $phrase);

  98. 				$match[] = $pdo->quote($quote);

  99. 			}

  100. 		}

  101. 		

  102. 		$words = explode(' ', $phrase);

  103. 		foreach($words as &$word) {

  104. 			if(empty($word))

  105. 				continue;

  106. 			$match[] = $pdo->quote($word);

  107. 		}

  108. 		

  109. 		$like = '';

  110. 		foreach($match as &$phrase) {

  111. 			if(!empty($like))

  112. 				$like .= ' AND ';

  113. 			$phrase = preg_replace('/^\'(.+)\'$/', '\'%$1%\'', $phrase);

  114. 			$like .= '`body` LIKE ' . $phrase . ' ESCAPE \'!\'';

  115. 		}

  116. 		

  117. 		foreach($filters as $name => $value) {

  118. 			if(!empty($like))

  119. 				$like .= ' AND ';

  120. 			$like .= '`' . $name . '` = '. $pdo->quote($value);

  121. 		}

  122. 		

  123. 		$like = str_replace('%', '%%', $like);

  124. 			

  125. 		$query = prepare(sprintf("SELECT * FROM ``posts_%s`` WHERE " . $like . " ORDER BY `time` DESC LIMIT :limit", $board['uri']));

  126. 		$query->bindValue(':limit', $search_limit, PDO::PARAM_INT);

  127. 		$query->execute() or error(db_error($query));

  128. 		

  129. 		if($query->rowCount() == $search_limit) {

  130. 			_syslog(LOG_WARNING, 'Query too broad.');

  131. 			$body .= '<p class="unimportant" style="text-align:center">('._('Query too broad.').')</p>';

  132. 			echo Element('page.html', Array(

  133. 				'config'=>$config,

  134. 				'title'=>'Search',

  135. 				'body'=>$body,

  136. 			));

  137. 			exit;

  138. 		}

  139. 

  140. 		$temp = '';

  141. 		while($post = $query->fetch()) {

  142. 			if(!$post['thread']) {

  143. 				$po = new Thread($post);

  144. 			} else {

  145. 				$po = new Post($post);

  146. 			}

  147. 			$temp .= $po->build(true) . '<hr/>';

  148. 		}

  149. 		

  150. 		if(!empty($temp))

  151. 			$_body .= '<fieldset><legend>' .

  152. 					sprintf(ngettext('%d result in', '%d results in', $query->rowCount()), 

  153. 					$query->rowCount()) . ' <a href="/' .

  154. 					sprintf($config['board_path'], $board['uri']) . $config['file_index'] .

  155. 			'">' .

  156. 			sprintf($config['board_abbreviation'], $board['uri']) . ' - ' . $board['title'] .

  157. 			'</a></legend>' . $temp . '</fieldset>';

  158. 		

  159. 		$body .= '<hr/>';

  160. 		if(!empty($_body))

  161. 			$body .= $_body;

  162. 		else

  163. 			$body .= '<p style="text-align:center" class="unimportant">('._('No results.').')</p>';

  164. 	}

  165. 		

  166. 	echo Element('page.html', Array(

  167. 		'config'=>$config,

  168. 		'title'=>_('Search'),

  169. 		'body'=>'' . $body

  170. 	));