Vergleich inc/functions_search.php - 1.6.12 - 1.6.17

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 268	Zeile 268
$keywords = str_replace("%", "\\%", $keywords); $keywords = preg_replace("#\{2,}#s", "", $keywords); $keywords = preg_replace("#([\[\]\\|\.\,:])#s", " ", $keywords);	$keywords = str_replace("%", "\\%", $keywords); $keywords = preg_replace("#\{2,}#s", "", $keywords); $keywords = preg_replace("#([\[\]\\|\.\,:])#s", " ", $keywords);
	// Separate braces for further processing $keywords = preg_replace("#((\+\|-\|<\|>\|~)?$\|$)#s", " $1 ", $keywords);
$keywords = preg_replace("#\s+#s", " ", $keywords);	$keywords = preg_replace("#\s+#s", " ", $keywords);
$words = array();	$words = array(array());

if(my_strpos($keywords, "\"") !== false)	// Fulltext search syntax validation: http://dev.mysql.com/doc/refman/5.6/en/fulltext-boolean.html // Search for phrases $keywords = explode("\"", $keywords); $boolean = array('+'); // Brace depth $depth = 0; $phrase_operator = '+'; foreach($keywords as $phrase)
{	{
$inquote = false; $keywords = explode("\"", $keywords); foreach($keywords as $phrase)	$phrase = trim($phrase); if($phrase != '')
{	{
if($phrase != '')	if($inquote)
{	{
if($inquote) { $words[] = "\"".trim($phrase)."\"";	if($phrase_operator) { $boolean[$depth] = $phrase_operator; } // Phrases do not need further processing $words[$depth][] = "{$boolean[$depth]}\"{$phrase}\""; $boolean[$depth] = $phrase_operator = '+'; } else { // Split words $split_words = preg_split("#\s{1,}#", $phrase, -1); if(!is_array($split_words)) { continue;
}	}
else { $split_words = preg_split("#\s{1,}#", $phrase, -1); if(!is_array($split_words)) { continue; } foreach($split_words as $word)	if(!$inquote) { // Save possible operator in front of phrase $last_char = substr($phrase, -1); if($last_char == '+' \|\| $last_char == '-' \|\| $last_char == '<' \|\| $last_char == '>' \|\| $last_char == '~') { $phrase_operator = $last_char; } } foreach($split_words as $word) { $word = trim($word); if($word == "or") { $boolean[$depth] = ''; // Remove "and" operator from previous element $last = array_pop($words[$depth]); if($last) { if(substr($last, 0, 1) == '+') { $last = substr($last, 1); } $words[$depth][] = $last; } } elseif($word == "and") { $boolean[$depth] = "+"; } elseif($word == "not")
{	{
if(!$word)	$boolean[$depth] = "-"; } // Closing braces elseif($word == ")") { // Ignore when no brace was opened if($depth > 0) { $words[$depth-1][] = $boolean[$depth-1].'('.implode(' ', $words[$depth]).')'; --$depth; } } // Valid operators for opening braces elseif($word == '+(' \|\| $word == '-(' \|\| $word == '<(' \|\| $word == '>(' \|\| $word == '~(' \|\| $word == '(') { if(strlen($word) == 2)
{	{
continue;	$boolean[$depth] = substr($word, 0, 1);
}	}
$words[] = trim($word);	$words[++$depth] = array(); $boolean[$depth] = '+'; } else { $operator = substr($word, 0, 1); switch($operator) { // Allowed operators case '-': case '+': case '>': case '<': case '~': $word = substr($word, 1); break; default: $operator = $boolean[$depth]; break; } // Removed operators that are only allowed at the beginning $word = preg_replace("#(-\|\+\|<\|>\|~\|@)#s", '', $word); // Removing wildcards at the beginning http://bugs.mysql.com/bug.php?id=72605 $word = preg_replace("#^\*#s", '', $word); $word = $operator.$word; if(strlen($word) <= 1) { continue; } $words[$depth][] = $word; $boolean[$depth] = '+';
} } }	} } }
$inquote = !$inquote; } } else { $split_words = preg_split("#\s{1,}#", $keywords, -1); if(!is_array($split_words)) { continue; } foreach($split_words as $word) { if(!$word) { continue; } $words[] = trim($word); }	} $inquote = !$inquote; }

} $keywords = ''; foreach($words as $word)	// Close mismatching braces while($depth > 0)
{	{
if($word == "or") { $boolean = ''; } elseif($word == "and") { $boolean = "+"; } elseif($word == "not") { $boolean = "-"; } else { $keywords .= " ".$boolean.$word; $boolean = ''; }	$words[$depth-1][] = $boolean[$depth-1].'('.implode(' ', $words[$depth]).')'; --$depth;
}	}
$keywords = "+".trim($keywords);	$keywords = implode(' ', $words[0]);
return $keywords; }	return $keywords; }
Zeile 389	Zeile 447
if($search['message'] == 1) { $message_lookin = " {$string} (";	if($search['message'] == 1) { $message_lookin = " {$string} (";
} // Expand the string by double quotes $keywords_exp = explode("\"", $keywords); $inquote = false; foreach($keywords_exp as $phrase) { // If we're not in a double quoted section if(!$inquote) { // Expand out based on search operators (and, or) $matches = preg_split("#\s{1,}(and\|or)\s{1,}#", $phrase, -1, PREG_SPLIT_DELIM_CAPTURE); $count_matches = count($matches); for($i=0; $i < $count_matches; ++$i) { $word = trim($matches[$i]); if(empty($word)) { continue; }	} // Expand the string by double quotes $keywords_exp = explode("\"", $keywords); $inquote = false; foreach($keywords_exp as $phrase) { // If we're not in a double quoted section if(!$inquote) { // Expand out based on search operators (and, or) $matches = preg_split("#\s{1,}(and\|or)\s{1,}#", $phrase, -1, PREG_SPLIT_DELIM_CAPTURE); $count_matches = count($matches); for($i=0; $i < $count_matches; ++$i) { $word = trim($matches[$i]); if(empty($word)) { continue; }
// If this word is a search operator set the boolean if($i % 2 && ($word == "and" \|\| $word == "or")) { if($i <= 1) { if($search['subject'] && $search['message'] && $subject_lookin == " AND (")	// If this word is a search operator set the boolean if($i % 2 && ($word == "and" \|\| $word == "or")) { if($i <= 1) { if($search['subject'] && $search['message'] && $subject_lookin == " AND (")
{	{
// We're looking for anything, check for a subject lookin continue; } elseif($search['subject'] && !$search['message'] && $subject_lookin == " AND (") { // Just in a subject?	// We're looking for anything, check for a subject lookin continue; } elseif($search['subject'] && !$search['message'] && $subject_lookin == " AND (") { // Just in a subject?
continue;	continue;
} elseif(!$search['subject'] && $search['message'] && $message_lookin == " {$string} (") {	} elseif(!$search['subject'] && $search['message'] && $message_lookin == " {$string} (") {
Zeile 479	Zeile 537
if($search['subject'] && $search['message'] && $subject_lookin == " AND (") { // We're looking for anything, check for a subject lookin	if($search['subject'] && $search['message'] && $subject_lookin == " AND (") { // We're looking for anything, check for a subject lookin
$error = true; }	$error = true; }
elseif($search['subject'] && !$search['message'] && $subject_lookin == " AND (") { // Just in a subject?	elseif($search['subject'] && !$search['message'] && $subject_lookin == " AND (") { // Just in a subject?
Zeile 513	Zeile 571
} $searchsql .= "{$subject_lookin} {$message_lookin}";	} $searchsql .= "{$subject_lookin} {$message_lookin}";
} else { $keywords = str_replace("\"", '', trim($keywords)); if(my_strlen($keywords) < $mybb->settings['minsearchword']) { $lang->error_minsearchlength = $lang->sprintf($lang->error_minsearchlength, $mybb->settings['minsearchword']); error($lang->error_minsearchlength); }	} else { $keywords = str_replace("\"", '', trim($keywords)); if(my_strlen($keywords) < $mybb->settings['minsearchword']) { $lang->error_minsearchlength = $lang->sprintf($lang->error_minsearchlength, $mybb->settings['minsearchword']); error($lang->error_minsearchlength); }
// If we're looking in both, then find matches in either the subject or the message if($search['subject'] == 1 && $search['message'] == 1)	// If we're looking in both, then find matches in either the subject or the message if($search['subject'] == 1 && $search['message'] == 1)
Zeile 548	Zeile 606
$userids = array(); $search['sender'] = my_strtolower($search['sender']);	$userids = array(); $search['sender'] = my_strtolower($search['sender']);
$query = $db->simple_select("users", "uid", "LOWER(username) LIKE '%".$db->escape_string_like($db->escape_string($search['sender']))."%'");	$query = $db->simple_select("users", "uid", "LOWER(username) LIKE '%".$db->escape_string_like($search['sender'])."%'");
while($user = $db->fetch_array($query))	while($user = $db->fetch_array($query))
{	{
$userids[] = $user['uid'];	$userids[] = $user['uid'];
}	}
if(count($userids) < 1)	if(count($userids) < 1)
{	{
error($lang->error_nosearchresults);	error($lang->error_nosearchresults);
}	}
else { $userids = implode(',', $userids); $searchsql .= " AND fromid IN (".$userids.")";	else { $userids = implode(',', $userids); $searchsql .= " AND fromid IN (".$userids.")";
} }	} }
if(!is_array($search['folder'])) { $search['folder'] = array($search['folder']);	if(!is_array($search['folder'])) { $search['folder'] = array($search['folder']);
Zeile 592	Zeile 650
$statussql[] = " status='0' "; } if($search['status']['replied'])	$statussql[] = " status='0' "; } if($search['status']['replied'])
{	{
$statussql[] = " status='3' "; } if($search['status']['forwarded'])	$statussql[] = " status='3' "; } if($search['status']['forwarded'])
Zeile 633	Zeile 691
/** * Perform a thread and post search under MySQL or MySQLi	/** * Perform a thread and post search under MySQL or MySQLi
*	*
* @param array Array of search data * @return array Array of search data with results mixed in */	* @param array Array of search data * @return array Array of search data with results mixed in */
Zeile 645	Zeile 703
if(!$keywords && !$search['author']) { error($lang->error_nosearchterms);	if(!$keywords && !$search['author']) { error($lang->error_nosearchterms);
}	}
if($mybb->settings['minsearchword'] < 1)	if($mybb->settings['minsearchword'] < 1)
{	{
$mybb->settings['minsearchword'] = 3; }	$mybb->settings['minsearchword'] = 3; }
Zeile 656	Zeile 714
{ // Complex search $keywords = " {$keywords} ";	{ // Complex search $keywords = " {$keywords} ";
if(preg_match("# and\|or #", $keywords))	if(preg_match("#\s(and\|or)\s#", $keywords))
{ $subject_lookin = " AND ("; $message_lookin = " AND (";	{ $subject_lookin = " AND ("; $message_lookin = " AND (";
Zeile 664	Zeile 722
// Expand the string by double quotes $keywords_exp = explode("\"", $keywords); $inquote = false;	// Expand the string by double quotes $keywords_exp = explode("\"", $keywords); $inquote = false;
	$boolean = '';
foreach($keywords_exp as $phrase) {	foreach($keywords_exp as $phrase) {
Zeile 707	Zeile 766
{ $message_lookin .= " $boolean LOWER(p.message) LIKE '%{$word}%'"; }	{ $message_lookin .= " $boolean LOWER(p.message) LIKE '%{$word}%'"; }
	$boolean = 'AND';
} } }	} } }
Zeile 725	Zeile 785
{ $message_lookin .= " $boolean LOWER(p.message) LIKE '%{$phrase}%'"; }	{ $message_lookin .= " $boolean LOWER(p.message) LIKE '%{$phrase}%'"; }
	$boolean = 'AND';
} if($subject_lookin == " AND (")	} if($subject_lookin == " AND (")
Zeile 766	Zeile 827
else { $search['author'] = my_strtolower($search['author']);	else { $search['author'] = my_strtolower($search['author']);
$query = $db->simple_select("users", "uid", "LOWER(username) LIKE '%".$db->escape_string_like($db->escape_string($search['author']))."%'");	$query = $db->simple_select("users", "uid", "LOWER(username) LIKE '%".$db->escape_string_like($search['author'])."%'");
} while($user = $db->fetch_array($query)) {	} while($user = $db->fetch_array($query)) {
Zeile 815	Zeile 876
} $thread_prefixcut = '';	} $thread_prefixcut = '';
if($search['threadprefix'] && $search['threadprefix'] != 'any')	$prefixlist = array(); if($search['threadprefix'] && $search['threadprefix'][0] != 'any')
{	{
$thread_prefixcut = " AND t.prefix='".intval($search['threadprefix'])."'";	foreach($search['threadprefix'] as $threadprefix) { $threadprefix = intval($threadprefix); $prefixlist[] = $threadprefix; } } if(count($prefixlist) == 1) { $thread_prefixcut .= " AND t.prefix='$threadprefix' "; } else { if(count($prefixlist) > 1) { $thread_prefixcut = " AND t.prefix IN (".implode(',', $prefixlist).")"; }
} $forumin = '';	} $forumin = '';
Zeile 1141	Zeile 1218
else { $search['author'] = my_strtolower($search['author']);	else { $search['author'] = my_strtolower($search['author']);
$query = $db->simple_select("users", "uid", "LOWER(username) LIKE '%".$db->escape_string_like($db->escape_string($search['author']))."%'");	$query = $db->simple_select("users", "uid", "LOWER(username) LIKE '%".$db->escape_string_like($search['author'])."%'");
} while($user = $db->fetch_array($query))	} while($user = $db->fetch_array($query))
Zeile 1192	Zeile 1269
} $thread_prefixcut = '';	} $thread_prefixcut = '';
if($search['threadprefix'] && $search['threadprefix'] != 'any')	$prefixlist = array(); if($search['threadprefix'] && $search['threadprefix'][0] != 'any')
{	{
$thread_prefixcut = " AND t.prefix='".intval($search['threadprefix'])."'";	foreach($search['threadprefix'] as $threadprefix) { $threadprefix = intval($threadprefix); $prefixlist[] = $threadprefix; } } if(count($prefixlist) == 1) { $thread_prefixcut .= " AND t.prefix='$threadprefix' "; } else { if(count($prefixlist) > 1) { $thread_prefixcut = " AND t.prefix IN (".implode(',', $prefixlist).")"; }
} $forumin = '';	} $forumin = '';
Zeile 1225	Zeile 1318
SELECT f.fid FROM ".TABLE_PREFIX."forums f LEFT JOIN ".TABLE_PREFIX."forumpermissions p ON (f.fid=p.fid AND p.gid IN (".$user_groups."))	SELECT f.fid FROM ".TABLE_PREFIX."forums f LEFT JOIN ".TABLE_PREFIX."forumpermissions p ON (f.fid=p.fid AND p.gid IN (".$user_groups."))
WHERE INSTR(','\|\|parentlist\|\|',',',$forum,') > 0 AND active!=0 AND (ISNULL(p.fid) OR p.cansearch=1)	WHERE INSTR(','\|\|parentlist\|\|',',',$forum,') > 0 AND active!=0 AND ((p.fid) IS NULL OR p.cansearch=1)
"); break; default:	"); break; default:
Zeile 1233	Zeile 1326
SELECT f.fid FROM ".TABLE_PREFIX."forums f LEFT JOIN ".TABLE_PREFIX."forumpermissions p ON (f.fid=p.fid AND p.gid IN (".$user_groups."))	SELECT f.fid FROM ".TABLE_PREFIX."forums f LEFT JOIN ".TABLE_PREFIX."forumpermissions p ON (f.fid=p.fid AND p.gid IN (".$user_groups."))
WHERE INSTR(CONCAT(',',parentlist,','),',$forum,') > 0 AND active!=0 AND (ISNULL(p.fid) OR p.cansearch=1)	WHERE INSTR(CONCAT(',',parentlist,','),',$forum,') > 0 AND active!=0 AND ((p.fid) IS NULL OR p.cansearch=1)
"); } while($sforum = $db->fetch_array($query))	"); } while($sforum = $db->fetch_array($query))