Vergleich search.php - 1.8.6 - 1.8.7

Zeile 166	Zeile 166
$sorturl = "search.php?action=results&sid={$sid}"; $thread_url = ""; $post_url = "";	$sorturl = "search.php?action=results&sid={$sid}"; $thread_url = ""; $post_url = "";
$orderarrow = array('replies' => '', 'views' => '', 'subject' => '', 'forum' => '', 'starter' => '', 'lastpost' => '', 'dateline' => '');	$orderarrow = array('replies' => '', 'views' => '', 'subject' => '', 'forum' => '', 'starter' => '', 'lastpost' => '', 'dateline' => '');
eval("\$orderarrow['$sortby'] = \"".$templates->get("search_orderarrow")."\";");	eval("\$orderarrow['$sortby'] = \"".$templates->get("search_orderarrow")."\";");

// Read some caches we will be using $forumcache = $cache->read("forums"); $icon_cache = $cache->read("posticons"); $threads = array();	// Read some caches we will be using $forumcache = $cache->read("forums"); $icon_cache = $cache->read("posticons"); $threads = array();

if($mybb->user['uid'] == 0) { // Build a forum cache.	if($mybb->user['uid'] == 0) { // Build a forum cache.
Zeile 184	Zeile 184
SELECT fid FROM ".TABLE_PREFIX."forums WHERE active != 0	SELECT fid FROM ".TABLE_PREFIX."forums WHERE active != 0
ORDER BY pid, disporder ");	ORDER BY pid, disporder ");
$forumsread = my_unserialize($mybb->cookies['mybb']['forumread']); } else	$forumsread = my_unserialize($mybb->cookies['mybb']['forumread']); } else
Zeile 234	Zeile 234
if($search['resulttype'] == "threads") { $threadcount = 0;	if($search['resulttype'] == "threads") { $threadcount = 0;

// Moderators can view unapproved threads	// Moderators can view unapproved threads
$query = $db->simple_select("moderators", "fid", "(id='{$mybb->user['uid']}' AND isgroup='0') OR (id='{$mybb->user['usergroup']}' AND isgroup='1')");	$query = $db->simple_select("moderators", "fid, canviewunapprove, canviewdeleted", "(id='{$mybb->user['uid']}' AND isgroup='0') OR (id='{$mybb->user['usergroup']}' AND isgroup='1')");
if($mybb->usergroup['issupermod'] == 1)	if($mybb->usergroup['issupermod'] == 1)
{	{
// Super moderators (and admins) $unapproved_where = "t.visible>=-1"; } elseif($db->num_rows($query)) { // Normal moderators	// Super moderators (and admins) $unapproved_where = "t.visible>=-1"; } elseif($db->num_rows($query)) { // Normal moderators
$moderated_forums = '0'; while($forum = $db->fetch_array($query))	$unapprove_forums = array(); $deleted_forums = array(); $unapproved_where = '(t.visible = 1'; while($moderator = $db->fetch_array($query)) { if($moderator['canviewunapprove'] == 1) { $unapprove_forums[] = $moderator['fid']; } if($moderator['canviewdeleted'] == 1) { $deleted_forums[] = $moderator['fid']; } } if(!empty($unapprove_forums)) { $unapproved_where .= " OR (t.visible = 0 AND t.fid IN(".implode(',', $unapprove_forums)."))"; } if(!empty($deleted_forums))
{	{
$moderated_forums .= ','.$forum['fid'];	$unapproved_where .= " OR (t.visible = -1 AND t.fid IN(".implode(',', $deleted_forums)."))";
}	}
$unapproved_where = "(t.visible>0 OR (t.visible IN (-1,0) AND t.fid IN ({$moderated_forums})))";	$unapproved_where .= ')';
} else {	} else {
Zeile 522	Zeile 541
{ $thread['posts'] += $thread['unapprovedposts']; }	{ $thread['posts'] += $thread['unapprovedposts']; }
	if(is_moderator($thread['fid'], "canviewdeleted")) { $thread['posts'] += $thread['deletedposts']; }
if($thread['posts'] > $mybb->settings['postsperpage']) { $thread['pages'] = $thread['posts'] / $mybb->settings['postsperpage'];	if($thread['posts'] > $mybb->settings['postsperpage']) { $thread['pages'] = $thread['posts'] / $mybb->settings['postsperpage'];
Zeile 559	Zeile 583
if($lastposteruid == 0) { $lastposterlink = $lastposter;	if($lastposteruid == 0) { $lastposterlink = $lastposter;
} else	} else
{ $lastposterlink = build_profile_link($lastposter, $lastposteruid); }	{ $lastposterlink = build_profile_link($lastposter, $lastposteruid); }
Zeile 676	Zeile 700
$plugins->run_hooks("search_results_end"); eval("\$searchresults = \"".$templates->get("search_results_threads")."\";");	$plugins->run_hooks("search_results_end"); eval("\$searchresults = \"".$templates->get("search_results_threads")."\";");
output_page($searchresults); }	output_page($searchresults); }
else // Displaying results as posts { if(!$search['posts']) { error($lang->error_nosearchresults);	else // Displaying results as posts { if(!$search['posts']) { error($lang->error_nosearchresults);
} $postcount = 0;	} $postcount = 0;
// Moderators can view unapproved threads	// Moderators can view unapproved threads
$query = $db->simple_select("moderators", "fid", "(id='{$mybb->user['uid']}' AND isgroup='0') OR (id='{$mybb->user['usergroup']}' AND isgroup='1')");	$query = $db->simple_select("moderators", "fid, canviewunapprove, canviewdeleted", "(id='{$mybb->user['uid']}' AND isgroup='0') OR (id='{$mybb->user['usergroup']}' AND isgroup='1')");
if($mybb->usergroup['issupermod'] == 1) { // Super moderators (and admins)	if($mybb->usergroup['issupermod'] == 1) { // Super moderators (and admins)
$p_unapproved_where = "visible >= -1"; $t_unapproved_where = "visible < -1";	$unapproved_where = "visible >= -1";
} elseif($db->num_rows($query)) { // Normal moderators	} elseif($db->num_rows($query)) { // Normal moderators
$moderated_forums = '0'; while($forum = $db->fetch_array($query))	$unapprove_forums = array(); $deleted_forums = array(); $unapproved_where = '(visible = 1'; while($moderator = $db->fetch_array($query)) { if($moderator['canviewunapprove'] == 1) { $unapprove_forums[] = $moderator['fid']; } if($moderator['canviewdeleted'] == 1) { $deleted_forums[] = $moderator['fid']; } } if(!empty($unapprove_forums)) { $unapproved_where .= " OR (visible = 0 AND fid IN(".implode(',', $unapprove_forums)."))"; } if(!empty($deleted_forums))
{	{
$moderated_forums .= ','.$forum['fid']; $test_moderated_forums[$forum['fid']] = $forum['fid'];	$unapproved_where .= " OR (visible = -1 AND fid IN(".implode(',', $deleted_forums)."))";
}	}
$p_unapproved_where = "(visible>0 OR (visible IN (-1,0) AND fid IN ({$moderated_forums})))"; $t_unapproved_where = "(visible<0 AND (visible <1 OR fid NOT IN ({$moderated_forums})))";	$unapproved_where .= ')';
} else { // Normal users	} else { // Normal users
$p_unapproved_where = 'visible=1'; $t_unapproved_where = 'visible < 1';	$unapproved_where = 'visible = 1';
} $post_cache_options = array();	} $post_cache_options = array();
Zeile 729	Zeile 769
$tids = array(); $pids = array(); // Make sure the posts we're viewing we have permission to view.	$tids = array(); $pids = array(); // Make sure the posts we're viewing we have permission to view.
$query = $db->simple_select("posts", "pid, tid", "pid IN(".$db->escape_string($search['posts']).") AND {$p_unapproved_where}", $post_cache_options); while($post = $db->fetch_array($query)) {	$query = $db->simple_select("posts", "pid, tid", "pid IN(".$db->escape_string($search['posts']).") AND {$unapproved_where}", $post_cache_options); while($post = $db->fetch_array($query)) {
$pids[$post['pid']] = $post['tid']; $tids[$post['tid']][$post['pid']] = $post['pid']; }	$pids[$post['pid']] = $post['tid']; $tids[$post['tid']][$post['pid']] = $post['pid']; }
Zeile 768	Zeile 808
} // Check the thread records as well. If we don't have permissions, remove them from the listing.	} // Check the thread records as well. If we don't have permissions, remove them from the listing.
$query = $db->simple_select("threads", "tid", "tid IN(".$db->escape_string(implode(',', $pids)).") AND ({$t_unapproved_where}{$permsql} OR closed LIKE 'moved\|%')");	$query = $db->simple_select("threads", "tid", "tid IN(".$db->escape_string(implode(',', $pids)).") AND ({$unapproved_where}{$permsql} OR closed LIKE 'moved\|%')");
while($thread = $db->fetch_array($query)) {	while($thread = $db->fetch_array($query)) {
if(array_key_exists($thread['tid'], $tids) != false)	if(array_key_exists($thread['tid'], $tids) != true)
{ $temp_pids = $tids[$thread['tid']]; foreach($temp_pids as $pid)	{ $temp_pids = $tids[$thread['tid']]; foreach($temp_pids as $pid)
Zeile 796	Zeile 836
$search['posts'] = implode(',', array_keys($pids)); $tids = implode(",", array_keys($tids));	$search['posts'] = implode(',', array_keys($pids)); $tids = implode(",", array_keys($tids));

// Read threads if($mybb->user['uid'] && $mybb->settings['threadreadcut'] > 0)	// Read threads if($mybb->user['uid'] && $mybb->settings['threadreadcut'] > 0)
{	{
$query = $db->simple_select("threadsread", "tid, dateline", "uid='".$mybb->user['uid']."' AND tid IN(".$db->escape_string($tids).")"); while($readthread = $db->fetch_array($query))	$query = $db->simple_select("threadsread", "tid, dateline", "uid='".$mybb->user['uid']."' AND tid IN(".$db->escape_string($tids).")"); while($readthread = $db->fetch_array($query))
{	{
$readthreads[$readthread['tid']] = $readthread['dateline'];	$readthreads[$readthread['tid']] = $readthread['dateline'];
}	}
} $dot_icon = array(); if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] != 0) {	} $dot_icon = array(); if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] != 0) {
$query = $db->simple_select("posts", "DISTINCT tid,uid", "uid='{$mybb->user['uid']}' AND tid IN({$db->escape_string($tids)}) AND {$p_unapproved_where}");	$query = $db->simple_select("posts", "DISTINCT tid,uid", "uid='{$mybb->user['uid']}' AND tid IN({$db->escape_string($tids)}) AND {$unapproved_where}");
while($post = $db->fetch_array($query)) { $dot_icon[$post['tid']] = true;	while($post = $db->fetch_array($query)) { $dot_icon[$post['tid']] = true;
Zeile 818	Zeile 858
} $results = '';	} $results = '';

$query = $db->query(" SELECT p.*, u.username AS userusername, t.subject AS thread_subject, t.replies AS thread_replies, t.views AS thread_views, t.lastpost AS thread_lastpost, t.closed AS thread_closed, t.uid as thread_uid FROM ".TABLE_PREFIX."posts p	$query = $db->query(" SELECT p.*, u.username AS userusername, t.subject AS thread_subject, t.replies AS thread_replies, t.views AS thread_views, t.lastpost AS thread_lastpost, t.closed AS thread_closed, t.uid as thread_uid FROM ".TABLE_PREFIX."posts p
Zeile 859	Zeile 899
else { $icon = " ";	else { $icon = " ";
}	}
if(!empty($forumcache[$thread['fid']])) { $post['forumlink'] = "<a href=\"".get_forum_link($post['fid'])."\">".$forumcache[$post['fid']]['name']."</a>"; } else	if(!empty($forumcache[$thread['fid']])) { $post['forumlink'] = "<a href=\"".get_forum_link($post['fid'])."\">".$forumcache[$post['fid']]['name']."</a>"; } else
{	{
$post['forumlink'] = ""; } // Determine the folder	$post['forumlink'] = ""; } // Determine the folder
Zeile 881	Zeile 921
if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid']) { $forum_read = $readforums[$post['fid']];	if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid']) { $forum_read = $readforums[$post['fid']];

$read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']6060*24; if($forum_read == 0 \|\| $forum_read < $read_cutoff) {	$read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']6060*24; if($forum_read == 0 \|\| $forum_read < $read_cutoff) {
Zeile 923	Zeile 963
$last_read = $readcookie; } elseif($forum_read > $mybb->user['lastvisit'])	$last_read = $readcookie; } elseif($forum_read > $mybb->user['lastvisit'])
{	{
$last_read = $forum_read; } else	$last_read = $forum_read; } else
Zeile 1007	Zeile 1047
if($is_supermod \|\| is_moderator($post['fid'])) { if(isset($mybb->cookies[$inlinecookie]) && my_strpos($mybb->cookies[$inlinecookie], "\|{$post['pid']}\|"))	if($is_supermod \|\| is_moderator($post['fid'])) { if(isset($mybb->cookies[$inlinecookie]) && my_strpos($mybb->cookies[$inlinecookie], "\|{$post['pid']}\|"))
{	{
$inlinecheck = "checked=\"checked\""; ++$inlinecount;	$inlinecheck = "checked=\"checked\""; ++$inlinecount;
}	}
else { $inlinecheck = '';	else { $inlinecheck = '';
Zeile 1028	Zeile 1068
if(!$results) { error($lang->error_nosearchresults);	if(!$results) { error($lang->error_nosearchresults);
}	}
$multipage = multipage($postcount, $perpage, $page, "search.php?action=results&sid=".htmlspecialchars_uni($mybb->get_input('sid'))."&sortby=$sortby&order=$order&uid=".$mybb->get_input('uid', MyBB::INPUT_INT)); if($upper > $postcount) {	$multipage = multipage($postcount, $perpage, $page, "search.php?action=results&sid=".htmlspecialchars_uni($mybb->get_input('sid'))."&sortby=$sortby&order=$order&uid=".$mybb->get_input('uid', MyBB::INPUT_INT)); if($upper > $postcount) {
Zeile 1077	Zeile 1117
elseif($mybb->input['action'] == "findguest") { $where_sql = "uid='0'";	elseif($mybb->input['action'] == "findguest") { $where_sql = "uid='0'";
$unsearchforums = get_unsearchable_forums(); if($unsearchforums) { $where_sql .= " AND fid NOT IN ($unsearchforums)"; } $inactiveforums = get_inactive_forums(); if($inactiveforums) { $where_sql .= " AND fid NOT IN ($inactiveforums)"; } $permsql = ""; $onlyusfids = array(); // Check group permissions if we can't view threads not started by us	$unsearchforums = get_unsearchable_forums(); if($unsearchforums) { $where_sql .= " AND fid NOT IN ($unsearchforums)"; } $inactiveforums = get_inactive_forums(); if($inactiveforums) { $where_sql .= " AND fid NOT IN ($inactiveforums)"; } $permsql = ""; $onlyusfids = array(); // Check group permissions if we can't view threads not started by us
$group_permissions = forum_permissions(); foreach($group_permissions as $fid => $forum_permissions)	$group_permissions = forum_permissions(); foreach($group_permissions as $fid => $forum_permissions)
{	{
if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) { $onlyusfids[] = $fid;	if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) { $onlyusfids[] = $fid;
Zeile 1106	Zeile 1146
$where_sql .= " AND fid NOT IN(".implode(',', $onlyusfids).")"; }	$where_sql .= " AND fid NOT IN(".implode(',', $onlyusfids).")"; }
$options = array( 'order_by' => 'dateline', 'order_dir' => 'desc' ); // Do we have a hard search limit? if($mybb->settings['searchhardlimit'] > 0) { $options['limit'] = (int)$mybb->settings['searchhardlimit']; }	$options = array( 'order_by' => 'dateline', 'order_dir' => 'desc' ); // Do we have a hard search limit? if($mybb->settings['searchhardlimit'] > 0) { $options['limit'] = (int)$mybb->settings['searchhardlimit']; }
$pids = ''; $comma = ''; $query = $db->simple_select("posts", "pid", "{$where_sql}", $options); while($pid = $db->fetch_field($query, "pid"))	$pids = ''; $comma = ''; $query = $db->simple_select("posts", "pid", "{$where_sql}", $options); while($pid = $db->fetch_field($query, "pid"))
{	{
$pids .= $comma.$pid; $comma = ','; }	$pids .= $comma.$pid; $comma = ','; }
Zeile 1133	Zeile 1173
{ $tids .= $comma.$tid; $comma = ',';	{ $tids .= $comma.$tid; $comma = ',';
}	}
$sid = md5(uniqid(microtime(), true)); $searcharray = array( "sid" => $db->escape_string($sid),	$sid = md5(uniqid(microtime(), true)); $searcharray = array( "sid" => $db->escape_string($sid),
Zeile 1197	Zeile 1237
$pids = ''; $comma = ''; $query = $db->simple_select("posts", "pid", "{$where_sql}", $options);	$pids = ''; $comma = ''; $query = $db->simple_select("posts", "pid", "{$where_sql}", $options);
while($pid = $db->fetch_field($query, "pid"))	while($pid = $db->fetch_field($query, "pid"))
{ $pids .= $comma.$pid; $comma = ',';	{ $pids .= $comma.$pid; $comma = ',';
Zeile 1529	Zeile 1569
{ // Fetch thread info $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));	{ // Fetch thread info $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
if(is_moderator($fid)) { $ismod = true; } else { $ismod = false; } if(!$thread \|\| ($thread['visible'] != 1 && $ismod == false && ($thread['visible'] != -1 \|\| $mybb->settings['soft_delete'] != 1 \|\| $mybb->settings['soft_delete_show_own'] != 1 \|\| !$mybb->user['uid'] \|\| $mybb->user['uid'] != $thread['uid'])) \|\| ($thread['visible'] > 1 && $ismod == true))	$ismod = is_moderator($thread['fid']); if(!$thread \|\| ($thread['visible'] != 1 && $ismod == false && ($thread['visible'] != -1 \|\| $mybb->settings['soft_delete'] != 1 \|\| !$mybb->user['uid'] \|\| $mybb->user['uid'] != $thread['uid'])) \|\| ($thread['visible'] > 1 && $ismod == true))
{ error($lang->error_invalidthread); }	{ error($lang->error_invalidthread); }