Vergleich inc/functions_search.php - 1.6.13 - 1.6.17

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 268	Zeile 268
$keywords = str_replace("%", "\\%", $keywords); $keywords = preg_replace("#\{2,}#s", "", $keywords); $keywords = preg_replace("#([\[\]\\|\.\,:])#s", " ", $keywords);	$keywords = str_replace("%", "\\%", $keywords); $keywords = preg_replace("#\{2,}#s", "", $keywords); $keywords = preg_replace("#([\[\]\\|\.\,:])#s", " ", $keywords);
	// Separate braces for further processing $keywords = preg_replace("#((\+\|-\|<\|>\|~)?$\|$)#s", " $1 ", $keywords);
$keywords = preg_replace("#\s+#s", " ", $keywords);	$keywords = preg_replace("#\s+#s", " ", $keywords);
$words = array();	$words = array(array());

if(my_strpos($keywords, "\"") !== false)	// Fulltext search syntax validation: http://dev.mysql.com/doc/refman/5.6/en/fulltext-boolean.html // Search for phrases $keywords = explode("\"", $keywords); $boolean = array('+'); // Brace depth $depth = 0; $phrase_operator = '+'; foreach($keywords as $phrase)
{	{
$inquote = false; $keywords = explode("\"", $keywords); foreach($keywords as $phrase)	$phrase = trim($phrase); if($phrase != '')
{	{
if($phrase != '')	if($inquote)
{	{
if($inquote) { $words[] = "\"".trim($phrase)."\"";	if($phrase_operator) { $boolean[$depth] = $phrase_operator; } // Phrases do not need further processing $words[$depth][] = "{$boolean[$depth]}\"{$phrase}\""; $boolean[$depth] = $phrase_operator = '+'; } else { // Split words $split_words = preg_split("#\s{1,}#", $phrase, -1); if(!is_array($split_words)) { continue;
}	}
else { $split_words = preg_split("#\s{1,}#", $phrase, -1); if(!is_array($split_words)) { continue; } foreach($split_words as $word)	if(!$inquote) { // Save possible operator in front of phrase $last_char = substr($phrase, -1); if($last_char == '+' \|\| $last_char == '-' \|\| $last_char == '<' \|\| $last_char == '>' \|\| $last_char == '~') { $phrase_operator = $last_char; } } foreach($split_words as $word) { $word = trim($word); if($word == "or") { $boolean[$depth] = ''; // Remove "and" operator from previous element $last = array_pop($words[$depth]); if($last) { if(substr($last, 0, 1) == '+') { $last = substr($last, 1); } $words[$depth][] = $last; } } elseif($word == "and") { $boolean[$depth] = "+"; } elseif($word == "not")
{	{
if(!$word)	$boolean[$depth] = "-"; } // Closing braces elseif($word == ")") { // Ignore when no brace was opened if($depth > 0) { $words[$depth-1][] = $boolean[$depth-1].'('.implode(' ', $words[$depth]).')'; --$depth; } } // Valid operators for opening braces elseif($word == '+(' \|\| $word == '-(' \|\| $word == '<(' \|\| $word == '>(' \|\| $word == '~(' \|\| $word == '(') { if(strlen($word) == 2)
{	{
continue;	$boolean[$depth] = substr($word, 0, 1);
}	}
$words[] = trim($word);	$words[++$depth] = array(); $boolean[$depth] = '+'; } else { $operator = substr($word, 0, 1); switch($operator) { // Allowed operators case '-': case '+': case '>': case '<': case '~': $word = substr($word, 1); break; default: $operator = $boolean[$depth]; break; } // Removed operators that are only allowed at the beginning $word = preg_replace("#(-\|\+\|<\|>\|~\|@)#s", '', $word); // Removing wildcards at the beginning http://bugs.mysql.com/bug.php?id=72605 $word = preg_replace("#^\*#s", '', $word); $word = $operator.$word; if(strlen($word) <= 1) { continue; } $words[$depth][] = $word; $boolean[$depth] = '+';
} } }	} } }
$inquote = !$inquote; } } else { $split_words = preg_split("#\s{1,}#", $keywords, -1); if(!is_array($split_words)) { continue; } foreach($split_words as $word) { if(!$word) { continue; } $words[] = trim($word); }	} $inquote = !$inquote; }

} $keywords = ''; foreach($words as $word)	// Close mismatching braces while($depth > 0)
{	{
if($word == "or") { $boolean = ''; } elseif($word == "and") { $boolean = "+"; } elseif($word == "not") { $boolean = "-"; } else { $keywords .= " ".$boolean.$word; $boolean = ''; }	$words[$depth-1][] = $boolean[$depth-1].'('.implode(' ', $words[$depth]).')'; --$depth;
}	}
$keywords = "+".trim($keywords);	$keywords = implode(' ', $words[0]);
return $keywords; }	return $keywords; }
Zeile 389	Zeile 447
if($search['message'] == 1) { $message_lookin = " {$string} (";	if($search['message'] == 1) { $message_lookin = " {$string} (";
} // Expand the string by double quotes $keywords_exp = explode("\"", $keywords); $inquote = false; foreach($keywords_exp as $phrase) { // If we're not in a double quoted section if(!$inquote) { // Expand out based on search operators (and, or) $matches = preg_split("#\s{1,}(and\|or)\s{1,}#", $phrase, -1, PREG_SPLIT_DELIM_CAPTURE); $count_matches = count($matches); for($i=0; $i < $count_matches; ++$i) { $word = trim($matches[$i]); if(empty($word)) { continue; } // If this word is a search operator set the boolean	} // Expand the string by double quotes $keywords_exp = explode("\"", $keywords); $inquote = false; foreach($keywords_exp as $phrase) { // If we're not in a double quoted section if(!$inquote) { // Expand out based on search operators (and, or) $matches = preg_split("#\s{1,}(and\|or)\s{1,}#", $phrase, -1, PREG_SPLIT_DELIM_CAPTURE); $count_matches = count($matches); for($i=0; $i < $count_matches; ++$i) { $word = trim($matches[$i]); if(empty($word)) { continue; } // If this word is a search operator set the boolean
if($i % 2 && ($word == "and" \|\| $word == "or")) { if($i <= 1) { if($search['subject'] && $search['message'] && $subject_lookin == " AND (")	if($i % 2 && ($word == "and" \|\| $word == "or")) { if($i <= 1) { if($search['subject'] && $search['message'] && $subject_lookin == " AND (")
{	{
// We're looking for anything, check for a subject lookin continue; } elseif($search['subject'] && !$search['message'] && $subject_lookin == " AND (") { // Just in a subject?	// We're looking for anything, check for a subject lookin continue; } elseif($search['subject'] && !$search['message'] && $subject_lookin == " AND (") { // Just in a subject?
continue; }	continue; }
elseif(!$search['subject'] && $search['message'] && $message_lookin == " {$string} (") { // Just in a message?	elseif(!$search['subject'] && $search['message'] && $message_lookin == " {$string} (") { // Just in a message?
Zeile 513	Zeile 571
} $searchsql .= "{$subject_lookin} {$message_lookin}";	} $searchsql .= "{$subject_lookin} {$message_lookin}";
} else { $keywords = str_replace("\"", '', trim($keywords)); if(my_strlen($keywords) < $mybb->settings['minsearchword']) { $lang->error_minsearchlength = $lang->sprintf($lang->error_minsearchlength, $mybb->settings['minsearchword']); error($lang->error_minsearchlength); }	} else { $keywords = str_replace("\"", '', trim($keywords)); if(my_strlen($keywords) < $mybb->settings['minsearchword']) { $lang->error_minsearchlength = $lang->sprintf($lang->error_minsearchlength, $mybb->settings['minsearchword']); error($lang->error_minsearchlength); }
// If we're looking in both, then find matches in either the subject or the message if($search['subject'] == 1 && $search['message'] == 1) {	// If we're looking in both, then find matches in either the subject or the message if($search['subject'] == 1 && $search['message'] == 1) {
Zeile 548	Zeile 606
$userids = array(); $search['sender'] = my_strtolower($search['sender']);	$userids = array(); $search['sender'] = my_strtolower($search['sender']);
$query = $db->simple_select("users", "uid", "LOWER(username) LIKE '%".$db->escape_string_like($db->escape_string($search['sender']))."%'");	$query = $db->simple_select("users", "uid", "LOWER(username) LIKE '%".$db->escape_string_like($search['sender'])."%'");
while($user = $db->fetch_array($query)) { $userids[] = $user['uid'];	while($user = $db->fetch_array($query)) { $userids[] = $user['uid'];
Zeile 579	Zeile 637
$folderids = implode(',', $search['folder']); if($folderids)	$folderids = implode(',', $search['folder']); if($folderids)
{	{
$searchsql .= " AND folder IN (".$folderids.")"; } }	$searchsql .= " AND folder IN (".$folderids.")"; } }
Zeile 633	Zeile 691
/** * Perform a thread and post search under MySQL or MySQLi	/** * Perform a thread and post search under MySQL or MySQLi
* * @param array Array of search data * @return array Array of search data with results mixed in	* * @param array Array of search data * @return array Array of search data with results mixed in
*/ function perform_search_mysql($search) {	*/ function perform_search_mysql($search) {
Zeile 691	Zeile 749
} $boolean = $word;	} $boolean = $word;
}	}
// Otherwise check the length of the word as it is a normal search term else {	// Otherwise check the length of the word as it is a normal search term else {
Zeile 746	Zeile 804
{ $keywords = str_replace("\"", '', trim($keywords)); if(my_strlen($keywords) < $mybb->settings['minsearchword'])	{ $keywords = str_replace("\"", '', trim($keywords)); if(my_strlen($keywords) < $mybb->settings['minsearchword'])
{	{
$lang->error_minsearchlength = $lang->sprintf($lang->error_minsearchlength, $mybb->settings['minsearchword']); error($lang->error_minsearchlength); }	$lang->error_minsearchlength = $lang->sprintf($lang->error_minsearchlength, $mybb->settings['minsearchword']); error($lang->error_minsearchlength); }
Zeile 760	Zeile 818
$post_usersql = ''; $thread_usersql = ''; if($search['author'])	$post_usersql = ''; $thread_usersql = ''; if($search['author'])
{	{
$userids = array(); if($search['matchusername']) {	$userids = array(); if($search['matchusername']) {
Zeile 769	Zeile 827
else { $search['author'] = my_strtolower($search['author']);	else { $search['author'] = my_strtolower($search['author']);
$query = $db->simple_select("users", "uid", "LOWER(username) LIKE '%".$db->escape_string_like($db->escape_string($search['author']))."%'");	$query = $db->simple_select("users", "uid", "LOWER(username) LIKE '%".$db->escape_string_like($search['author'])."%'");
} while($user = $db->fetch_array($query)) {	} while($user = $db->fetch_array($query)) {
Zeile 802	Zeile 860
$datecut .= "'$datelimit'"; $post_datecut = " AND p.dateline $datecut"; $thread_datecut = " AND t.dateline $datecut";	$datecut .= "'$datelimit'"; $post_datecut = " AND p.dateline $datecut"; $thread_datecut = " AND t.dateline $datecut";
}	}
$thread_replycut = ''; if($search['numreplies'] != '' && $search['findthreadst']) {	$thread_replycut = ''; if($search['numreplies'] != '' && $search['findthreadst']) {
Zeile 818	Zeile 876
} $thread_prefixcut = '';	} $thread_prefixcut = '';
if($search['threadprefix'] && $search['threadprefix'] != 'any')	$prefixlist = array(); if($search['threadprefix'] && $search['threadprefix'][0] != 'any')
{	{
$thread_prefixcut = " AND t.prefix='".intval($search['threadprefix'])."'";	foreach($search['threadprefix'] as $threadprefix) { $threadprefix = intval($threadprefix); $prefixlist[] = $threadprefix; } } if(count($prefixlist) == 1) { $thread_prefixcut .= " AND t.prefix='$threadprefix' "; } else { if(count($prefixlist) > 1) { $thread_prefixcut = " AND t.prefix IN (".implode(',', $prefixlist).")"; }
} $forumin = '';	} $forumin = '';
Zeile 860	Zeile 934
} if($can_search == 0)	} if($can_search == 0)
{	{
// We can't search this forum... continue; }	// We can't search this forum... continue; }
Zeile 1144	Zeile 1218
else { $search['author'] = my_strtolower($search['author']);	else { $search['author'] = my_strtolower($search['author']);
$query = $db->simple_select("users", "uid", "LOWER(username) LIKE '%".$db->escape_string_like($db->escape_string($search['author']))."%'");	$query = $db->simple_select("users", "uid", "LOWER(username) LIKE '%".$db->escape_string_like($search['author'])."%'");
} while($user = $db->fetch_array($query))	} while($user = $db->fetch_array($query))
Zeile 1195	Zeile 1269
} $thread_prefixcut = '';	} $thread_prefixcut = '';
if($search['threadprefix'] && $search['threadprefix'] != 'any')	$prefixlist = array(); if($search['threadprefix'] && $search['threadprefix'][0] != 'any')
{	{
$thread_prefixcut = " AND t.prefix='".intval($search['threadprefix'])."'";	foreach($search['threadprefix'] as $threadprefix) { $threadprefix = intval($threadprefix); $prefixlist[] = $threadprefix; } } if(count($prefixlist) == 1) { $thread_prefixcut .= " AND t.prefix='$threadprefix' "; } else { if(count($prefixlist) > 1) { $thread_prefixcut = " AND t.prefix IN (".implode(',', $prefixlist).")"; }
} $forumin = '';	} $forumin = '';