Vergleich search.php - 1.8.22 - 1.8.33

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 188	Zeile 188
ORDER BY pid, disporder ");	ORDER BY pid, disporder ");
$forumsread = my_unserialize($mybb->cookies['mybb']['forumread']);	if(isset($mybb->cookies['mybb']['forumread'])) { $forumsread = my_unserialize($mybb->cookies['mybb']['forumread'], false); } else { $forumsread = array(); }
} else {	} else {
Zeile 206	Zeile 213
{ if($mybb->user['uid'] == 0) {	{ if($mybb->user['uid'] == 0) {
if($forumsread[$forum['fid']])	if(!empty($forumsread[$forum['fid']]))
{ $forum['lastread'] = $forumsread[$forum['fid']];	{ $forum['lastread'] = $forumsread[$forum['fid']];
}	} } if(isset($forum['lastread'])) { $readforums[$forum['fid']] = $forum['lastread']; } else { $readforums[$forum['fid']] = '';
}	}
$readforums[$forum['fid']] = $forum['lastread'];
} $fpermissions = forum_permissions(); // Inline Mod Column for moderators	} $fpermissions = forum_permissions(); // Inline Mod Column for moderators
$inlinemodcol = $inlinecookie = '';	$inlinemodcol = $inlinecookie = $inline_edit_js = '';
$is_mod = $is_supermod = $show_inline_moderation = false; if($mybb->usergroup['issupermod']) { $is_supermod = true;	$is_mod = $is_supermod = $show_inline_moderation = false; if($mybb->usergroup['issupermod']) { $is_supermod = true;
}	}
if($is_supermod \|\| is_moderator()) { $inlinecookie = "inlinemod_search".$sid;	if($is_supermod \|\| is_moderator()) { $inlinecookie = "inlinemod_search".$sid;
Zeile 235	Zeile 250
{ $threadcount = 0;	{ $threadcount = 0;
// Moderators can view unapproved threads $query = $db->simple_select("moderators", "fid, canviewunapprove, canviewdeleted", "(id='{$mybb->user['uid']}' AND isgroup='0') OR (id='{$mybb->user['usergroup']}' AND isgroup='1')"); if($mybb->usergroup['issupermod'] == 1) { // Super moderators (and admins) $unapproved_where = "t.visible>=-1"; } elseif($db->num_rows($query)) { // Normal moderators $unapprove_forums = array(); $deleted_forums = array(); $unapproved_where = '(t.visible = 1'; while($moderator = $db->fetch_array($query)) { if($moderator['canviewunapprove'] == 1) { $unapprove_forums[] = $moderator['fid']; } if($moderator['canviewdeleted'] == 1) { $deleted_forums[] = $moderator['fid']; } } if(!empty($unapprove_forums)) { $unapproved_where .= " OR (t.visible = 0 AND t.fid IN(".implode(',', $unapprove_forums)."))"; } if(!empty($deleted_forums)) { $unapproved_where .= " OR (t.visible = -1 AND t.fid IN(".implode(',', $deleted_forums)."))"; } $unapproved_where .= ')'; } else { // Normal users $unapproved_where = 't.visible>0'; }	// Moderators can view unapproved threads and deleted threads from forums they moderate $unapproved_where_t = get_visible_where('t');
// If we have saved WHERE conditions, execute them if($search['querycache'] != "") { $where_conditions = $search['querycache'];	// If we have saved WHERE conditions, execute them if($search['querycache'] != "") { $where_conditions = $search['querycache'];
$query = $db->simple_select("threads t", "t.tid", $where_conditions. " AND {$unapproved_where} AND t.closed NOT LIKE 'moved\|%' ORDER BY t.lastpost DESC {$limitsql}");	$query = $db->simple_select("threads t", "t.tid", $where_conditions. " AND ({$unapproved_where_t}) AND t.closed NOT LIKE 'moved\|%' ORDER BY t.lastpost DESC {$limitsql}");
while($thread = $db->fetch_array($query)) { $threads[$thread['tid']] = $thread['tid'];	while($thread = $db->fetch_array($query)) { $threads[$thread['tid']] = $thread['tid'];
Zeile 303	Zeile 279
else { $where_conditions = "t.tid IN (".$search['threads'].")";	else { $where_conditions = "t.tid IN (".$search['threads'].")";
$query = $db->simple_select("threads t", "COUNT(t.tid) AS resultcount", $where_conditions. " AND {$unapproved_where} AND t.closed NOT LIKE 'moved\|%' {$limitsql}");	$query = $db->simple_select("threads t", "COUNT(t.tid) AS resultcount", $where_conditions. " AND ({$unapproved_where_t}) AND t.closed NOT LIKE 'moved\|%' {$limitsql}");
$count = $db->fetch_array($query); if(!$count['resultcount'])	$count = $db->fetch_array($query); if(!$count['resultcount'])
Zeile 360	Zeile 336
FROM ".TABLE_PREFIX."threads t LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=t.uid) LEFT JOIN ".TABLE_PREFIX."forums f ON (t.fid=f.fid)	FROM ".TABLE_PREFIX."threads t LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=t.uid) LEFT JOIN ".TABLE_PREFIX."forums f ON (t.fid=f.fid)
WHERE $where_conditions AND {$unapproved_where} {$permsql} AND t.closed NOT LIKE 'moved\|%'	WHERE $where_conditions AND ({$unapproved_where_t}) {$permsql} AND t.closed NOT LIKE 'moved\|%'
ORDER BY $sortfield $order LIMIT $start, $perpage ");	ORDER BY $sortfield $order LIMIT $start, $perpage ");
Zeile 386	Zeile 362
// Fetch dot icons if enabled if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] && $thread_cache) {	// Fetch dot icons if enabled if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] && $thread_cache) {
$p_unapproved_where = str_replace('t.', '', $unapproved_where); $query = $db->simple_select("posts", "DISTINCT tid,uid", "uid='{$mybb->user['uid']}' AND tid IN({$thread_ids}) AND {$p_unapproved_where}");	$unapproved_where_p = str_replace('t.', '', $unapproved_where_t); $query = $db->simple_select("posts", "DISTINCT tid,uid", "uid='{$mybb->user['uid']}' AND tid IN({$thread_ids}) AND ({$unapproved_where_p})");
while($thread = $db->fetch_array($query)) { $thread_cache[$thread['tid']]['dot_icon'] = 1;	while($thread = $db->fetch_array($query)) { $thread_cache[$thread['tid']]['dot_icon'] = 1;
Zeile 485	Zeile 461
} else {	} else {
$forum_read = $forumsread[$thread['fid']];	if(isset($forumsread[$thread['fid']])) { $forum_read = $forumsread[$thread['fid']]; } else { $forum_read = ''; }
} if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid'] && $thread['lastpost'] > $forum_read)	} if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid'] && $thread['lastpost'] > $forum_read)
Zeile 690	Zeile 673
{ $upper = $threadcount; }	{ $upper = $threadcount; }
	$selectall = ''; $inlinemod = '';
// Inline Thread Moderation Options if($show_inline_moderation) { eval("\$inlinemodcol = \"".$templates->get("search_results_inlinemodcol")."\";");	// Inline Thread Moderation Options if($show_inline_moderation) { eval("\$inlinemodcol = \"".$templates->get("search_results_inlinemodcol")."\";");

// If user has moderation tools available, prepare the Select All feature $lang->page_selected = $lang->sprintf($lang->page_selected, count($thread_cache)); $lang->all_selected = $lang->sprintf($lang->all_selected, (int)$threadcount); $lang->select_all = $lang->sprintf($lang->select_all, (int)$threadcount); eval("\$selectall = \"".$templates->get("search_threads_inlinemoderation_selectall")."\";");	// If user has moderation tools available, prepare the Select All feature $lang->page_selected = $lang->sprintf($lang->page_selected, count($thread_cache)); $lang->all_selected = $lang->sprintf($lang->all_selected, (int)$threadcount); $lang->select_all = $lang->sprintf($lang->select_all, (int)$threadcount); eval("\$selectall = \"".$templates->get("search_threads_inlinemoderation_selectall")."\";");

$customthreadtools = ''; switch($db->type) {	$customthreadtools = ''; switch($db->type) {
Zeile 728	Zeile 714
elseif($is_mod) { eval("\$inlinemodcol = \"".$templates->get("search_results_inlinemodcol_empty")."\";");	elseif($is_mod) { eval("\$inlinemodcol = \"".$templates->get("search_results_inlinemodcol_empty")."\";");
} $plugins->run_hooks("search_results_end");	} $plugins->run_hooks("search_results_end");
eval("\$searchresults = \"".$templates->get("search_results_threads")."\";"); output_page($searchresults); }	eval("\$searchresults = \"".$templates->get("search_results_threads")."\";"); output_page($searchresults); }
Zeile 739	Zeile 725
{ if(!$search['posts']) {	{ if(!$search['posts']) {
error($lang->error_nosearchresults); } $postcount = 0; // Moderators can view unapproved threads $query = $db->simple_select("moderators", "fid, canviewunapprove, canviewdeleted", "(id='{$mybb->user['uid']}' AND isgroup='0') OR (id='{$mybb->user['usergroup']}' AND isgroup='1')"); if($mybb->usergroup['issupermod'] == 1) { // Super moderators (and admins) $unapproved_where = "visible >= -1"; } elseif($db->num_rows($query)) { // Normal moderators $unapprove_forums = array(); $deleted_forums = array(); $unapproved_where = '(visible = 1'; while($moderator = $db->fetch_array($query)) { if($moderator['canviewunapprove'] == 1) { $unapprove_forums[] = $moderator['fid']; } if($moderator['canviewdeleted'] == 1) { $deleted_forums[] = $moderator['fid']; } } if(!empty($unapprove_forums)) { $unapproved_where .= " OR (visible = 0 AND fid IN(".implode(',', $unapprove_forums)."))"; } if(!empty($deleted_forums)) { $unapproved_where .= " OR (visible = -1 AND fid IN(".implode(',', $deleted_forums)."))"; } $unapproved_where .= ')'; } else { // Normal users $unapproved_where = 'visible = 1';	error($lang->error_nosearchresults);
}	}
	$postcount = 0; // Moderators can view unapproved threads and deleted threads from forums they moderate $unapproved_where = get_visible_where();
$post_cache_options = array(); if((int)$mybb->settings['searchhardlimit'] > 0)	$post_cache_options = array(); if((int)$mybb->settings['searchhardlimit'] > 0)
Zeile 802	Zeile 748
$tids = array(); $pids = array(); // Make sure the posts we're viewing we have permission to view.	$tids = array(); $pids = array(); // Make sure the posts we're viewing we have permission to view.
$query = $db->simple_select("posts", "pid, tid", "pid IN(".$db->escape_string($search['posts']).") AND {$unapproved_where}", $post_cache_options);	$query = $db->simple_select("posts", "pid, tid", "pid IN(".$db->escape_string($search['posts']).") AND ({$unapproved_where})", $post_cache_options);
while($post = $db->fetch_array($query)) { $pids[$post['pid']] = $post['tid'];	while($post = $db->fetch_array($query)) { $pids[$post['pid']] = $post['tid'];
Zeile 822	Zeile 768
if(!empty($forum_permissions['canonlyviewownthreads'])) { $onlyusfids[] = $fid;	if(!empty($forum_permissions['canonlyviewownthreads'])) { $onlyusfids[] = $fid;
}	}
} if($onlyusfids)	} if($onlyusfids)
Zeile 840	Zeile 786
$permsql .= " OR fid IN ($inactiveforums)"; }	$permsql .= " OR fid IN ($inactiveforums)"; }
// Check the thread records as well. If we don't have permissions, remove them from the listing. $query = $db->simple_select("threads", "tid", "tid IN(".$db->escape_string(implode(',', $pids)).") AND ({$unapproved_where}{$permsql} OR closed LIKE 'moved\|%')");	// Find threads in our list that we don't have permission to view and remove them $query = $db->simple_select("threads", "tid", "tid IN(".$db->escape_string(implode(',', array_keys($tids))).") AND (NOT ({$unapproved_where}){$permsql} OR closed LIKE 'moved\|%')");
while($thread = $db->fetch_array($query)) {	while($thread = $db->fetch_array($query)) {
if(array_key_exists($thread['tid'], $tids) != true)	if(array_key_exists($thread['tid'], $tids))
{ $temp_pids = $tids[$thread['tid']]; foreach($temp_pids as $pid)	{ $temp_pids = $tids[$thread['tid']]; foreach($temp_pids as $pid)
Zeile 852	Zeile 798
unset($pids[$pid]); unset($tids[$thread['tid']]); }	unset($pids[$pid]); unset($tids[$thread['tid']]); }
	unset($tids[$thread['tid']]);
} } unset($temp_pids);	} } unset($temp_pids);
Zeile 883	Zeile 830
$dot_icon = array(); if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] != 0) {	$dot_icon = array(); if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] != 0) {
$query = $db->simple_select("posts", "DISTINCT tid,uid", "uid='{$mybb->user['uid']}' AND tid IN({$db->escape_string($tids)}) AND {$unapproved_where}");	$query = $db->simple_select("posts", "DISTINCT tid,uid", "uid='{$mybb->user['uid']}' AND tid IN({$db->escape_string($tids)}) AND ({$unapproved_where})");
while($post = $db->fetch_array($query)) { $dot_icon[$post['tid']] = true;	while($post = $db->fetch_array($query)) { $dot_icon[$post['tid']] = true;
} } $results = '';	} } $results = '';
$pages = ceil($postcount / $perpage); if($page > $pages)	$pages = ceil($postcount / $perpage); if($page > $pages)
{	{
$start = 0; $page = 1; }	$start = 0; $page = 1; }
Zeile 913	Zeile 860
{ $bgcolor = alt_trow(); if($post['visible'] == 0)	{ $bgcolor = alt_trow(); if($post['visible'] == 0)
{	{
$bgcolor = 'trow_shaded'; } elseif($post['visible'] == -1)	$bgcolor = 'trow_shaded'; } elseif($post['visible'] == -1)
Zeile 944	Zeile 891
} $post['forumlink'] = '';	} $post['forumlink'] = '';
if(!empty($forumcache[$thread['fid']]))	if(!empty($forumcache[$post['fid']]))
{ $post['forumlink_link'] = get_forum_link($post['fid']); $post['forumlink_name'] = $forumcache[$post['fid']]['name'];	{ $post['forumlink_link'] = get_forum_link($post['fid']); $post['forumlink_name'] = $forumcache[$post['fid']]['name'];
Zeile 958	Zeile 905
$isnew = 0; $donenew = 0; $last_read = 0;	$isnew = 0; $donenew = 0; $last_read = 0;
$post['thread_lastread'] = $readthreads[$post['tid']];	if(isset($readthreads[$post['tid']])) { $post['thread_lastread'] = $readthreads[$post['tid']]; } else { $post['thread_lastread'] = ''; }
if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid']) {	if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid']) {
Zeile 972	Zeile 927
} else {	} else {
$forum_read = $forumsread[$post['fid']];	if(isset($forumsread[$post['fid']])) { $forum_read = $forumsread[$post['fid']]; } else { $forum_read = ''; }
} if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid'] && $post['thread_lastpost'] > $forum_read)	} if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid'] && $post['thread_lastpost'] > $forum_read)
Zeile 1015	Zeile 977
} if($post['thread_lastpost'] > $last_read && $last_read)	} if($post['thread_lastpost'] > $last_read && $last_read)
{	{
$folder .= "new"; $folder_label .= $lang->icon_new; eval("\$gotounread = \"".$templates->get("forumdisplay_thread_gotounread")."\";");	$folder .= "new"; $folder_label .= $lang->icon_new; eval("\$gotounread = \"".$templates->get("forumdisplay_thread_gotounread")."\";");
Zeile 1056	Zeile 1018
if(my_strlen($post['subject']) > 50) { $post['subject'] = htmlspecialchars_uni(my_substr($post['subject'], 0, 50)."...");	if(my_strlen($post['subject']) > 50) { $post['subject'] = htmlspecialchars_uni(my_substr($post['subject'], 0, 50)."...");
} else	} else
{ $post['subject'] = htmlspecialchars_uni($post['subject']); }	{ $post['subject'] = htmlspecialchars_uni($post['subject']); }
Zeile 1067	Zeile 1029
'allow_mycode' => 1, 'allow_smilies' => 0, 'allow_imgcode' => 0,	'allow_mycode' => 1, 'allow_smilies' => 0, 'allow_imgcode' => 0,
	'me_username' => $post['username'],
'filter_badwords' => 1 );	'filter_badwords' => 1 );
$post['message'] = strip_tags($parser->parse_message($post['message'], $parser_options));	$post['message'] = strip_tags($parser->text_parse_message($post['message'], $parser_options));
if(my_strlen($post['message']) > 200) { $prev = my_substr($post['message'], 0, 200)."...";	if(my_strlen($post['message']) > 200) { $prev = my_substr($post['message'], 0, 200)."...";
Zeile 1118	Zeile 1081
{ $upper = $postcount; }	{ $upper = $postcount; }
	$selectall = ''; $inlinemod = '';
// Inline Post Moderation Options if($show_inline_moderation)	// Inline Post Moderation Options if($show_inline_moderation)
Zeile 1143	Zeile 1109
} while($tool = $db->fetch_array($query))	} while($tool = $db->fetch_array($query))
{	{
eval("\$customposttools .= \"".$templates->get("search_results_posts_inlinemoderation_custom_tool")."\";"); } // Build inline moderation dropdown	eval("\$customposttools .= \"".$templates->get("search_results_posts_inlinemoderation_custom_tool")."\";"); } // Build inline moderation dropdown
Zeile 1152	Zeile 1118
eval("\$customposttools = \"".$templates->get("search_results_posts_inlinemoderation_custom")."\";"); } eval("\$inlinemod = \"".$templates->get("search_results_posts_inlinemoderation")."\";");	eval("\$customposttools = \"".$templates->get("search_results_posts_inlinemoderation_custom")."\";"); } eval("\$inlinemod = \"".$templates->get("search_results_posts_inlinemoderation")."\";");
}	}
elseif($is_mod) { eval("\$inlinemodcol = \"".$templates->get("search_results_inlinemodcol_empty")."\";"); }	elseif($is_mod) { eval("\$inlinemodcol = \"".$templates->get("search_results_inlinemodcol_empty")."\";"); }

$plugins->run_hooks("search_results_end"); eval("\$searchresults = \"".$templates->get("search_results_posts")."\";"); output_page($searchresults);	$plugins->run_hooks("search_results_end"); eval("\$searchresults = \"".$templates->get("search_results_posts")."\";"); output_page($searchresults);
} }	} }
elseif($mybb->input['action'] == "findguest")	elseif($mybb->input['action'] == "findguest")
{	{
$where_sql = "uid='0'"; $unsearchforums = get_unsearchable_forums();	$where_sql = "uid='0'"; $unsearchforums = get_unsearchable_forums();
Zeile 1178	Zeile 1144
{ $where_sql .= " AND fid NOT IN ($inactiveforums)"; }	{ $where_sql .= " AND fid NOT IN ($inactiveforums)"; }
	// Moderators can view unapproved threads and deleted threads from forums they moderate $unapproved_where = get_visible_where(); $where_sql .= " AND ({$unapproved_where})";
$permsql = ""; $onlyusfids = array();	$permsql = ""; $onlyusfids = array();
Zeile 1193	Zeile 1163
} if(!empty($onlyusfids)) {	} if(!empty($onlyusfids)) {
$where_sql .= " AND fid NOT IN(".implode(',', $onlyusfids).")"; } $options = array( 'order_by' => 'dateline', 'order_dir' => 'desc' ); // Do we have a hard search limit? if($mybb->settings['searchhardlimit'] > 0) { $options['limit'] = (int)$mybb->settings['searchhardlimit']; } $pids = ''; $comma = ''; $query = $db->simple_select("posts", "pid", "{$where_sql}", $options); while($pid = $db->fetch_field($query, "pid")) { $pids .= $comma.$pid; $comma = ','; } $tids = ''; $comma = ''; $query = $db->simple_select("threads", "tid", $where_sql); while($tid = $db->fetch_field($query, "tid")) { $tids .= $comma.$tid; $comma = ','; } $sid = md5(uniqid(microtime(), true)); $searcharray = array( "sid" => $db->escape_string($sid), "uid" => $mybb->user['uid'], "dateline" => TIME_NOW, "ipaddress" => $db->escape_binary($session->packedip), "threads" => $db->escape_string($tids), "posts" => $db->escape_string($pids), "resulttype" => "posts", "querycache" => '', "keywords" => '' ); $plugins->run_hooks("search_do_search_process"); $db->insert_query("searchlog", $searcharray); redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); } elseif($mybb->input['action'] == "finduser") { $where_sql = "uid='".$mybb->get_input('uid', MyBB::INPUT_INT)."'"; $unsearchforums = get_unsearchable_forums(); if($unsearchforums) { $where_sql .= " AND fid NOT IN ($unsearchforums)"; } $inactiveforums = get_inactive_forums(); if($inactiveforums) { $where_sql .= " AND fid NOT IN ($inactiveforums)"; } $permsql = ""; $onlyusfids = array(); // Check group permissions if we can't view threads not started by us $group_permissions = forum_permissions(); foreach($group_permissions as $fid => $forum_permissions) { if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) { $onlyusfids[] = $fid; } } if(!empty($onlyusfids)) { $where_sql .= "AND ((fid IN(".implode(',', $onlyusfids).") AND uid='{$mybb->user['uid']}') OR fid NOT IN(".implode(',', $onlyusfids)."))"; }	$where_sql .= " AND fid NOT IN(".implode(',', $onlyusfids).")"; }
$options = array(	$options = array(
'order_by' => 'dateline', 'order_dir' => 'desc'	'order_by' => 'dateline DESC, pid DESC',
); // Do we have a hard search limit? if($mybb->settings['searchhardlimit'] > 0) { $options['limit'] = (int)$mybb->settings['searchhardlimit'];	); // Do we have a hard search limit? if($mybb->settings['searchhardlimit'] > 0) { $options['limit'] = (int)$mybb->settings['searchhardlimit'];
}	}
$pids = ''; $comma = ''; $query = $db->simple_select("posts", "pid", "{$where_sql}", $options); while($pid = $db->fetch_field($query, "pid")) {	$pids = ''; $comma = ''; $query = $db->simple_select("posts", "pid", "{$where_sql}", $options); while($pid = $db->fetch_field($query, "pid")) {
$pids .= $comma.$pid; $comma = ',';	$pids .= $comma.$pid; $comma = ',';
} $tids = '';	} $tids = '';
Zeile 1298	Zeile 1190
$query = $db->simple_select("threads", "tid", $where_sql); while($tid = $db->fetch_field($query, "tid")) {	$query = $db->simple_select("threads", "tid", $where_sql); while($tid = $db->fetch_field($query, "tid")) {
$tids .= $comma.$tid; $comma = ',';	$tids .= $comma.$tid; $comma = ',';
} $sid = md5(uniqid(microtime(), true));	} $sid = md5(uniqid(microtime(), true));
Zeile 1318	Zeile 1210
$db->insert_query("searchlog", $searcharray); redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); }	$db->insert_query("searchlog", $searcharray); redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); }
elseif($mybb->input['action'] == "finduserthreads")	elseif($mybb->input['action'] == "finduser")
{ $where_sql = "uid='".$mybb->get_input('uid', MyBB::INPUT_INT)."'";	{ $where_sql = "uid='".$mybb->get_input('uid', MyBB::INPUT_INT)."'";
Zeile 1332	Zeile 1224
{ $where_sql .= " AND fid NOT IN ($inactiveforums)"; }	{ $where_sql .= " AND fid NOT IN ($inactiveforums)"; }
	// Moderators can view unapproved threads and deleted threads from forums they moderate $unapproved_where = get_visible_where(); $where_sql .= " AND ({$unapproved_where})";
$permsql = "";	$permsql = "";
$onlyusfids = array(); // Check group permissions if we can't view threads not started by us $group_permissions = forum_permissions(); foreach($group_permissions as $fid => $forum_permissions) { if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) { $onlyusfids[] = $fid; } } if(!empty($onlyusfids)) { $where_sql .= "AND ((fid IN(".implode(',', $onlyusfids).") AND uid='{$mybb->user['uid']}') OR fid NOT IN(".implode(',', $onlyusfids)."))"; } $tids = ''; $comma = ''; $query = $db->simple_select("threads", "tid", $where_sql); while($tid = $db->fetch_field($query, "tid")) { $tids .= $comma.$tid; $comma = ','; }	$onlyusfids = array(); // Check group permissions if we can't view threads not started by us $group_permissions = forum_permissions(); foreach($group_permissions as $fid => $forum_permissions) { if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) { $onlyusfids[] = $fid; } } if(!empty($onlyusfids)) { $where_sql .= "AND ((fid IN(".implode(',', $onlyusfids).") AND uid='{$mybb->user['uid']}') OR fid NOT IN(".implode(',', $onlyusfids)."))"; } $options = array( 'order_by' => 'dateline DESC, pid DESC', ); // Do we have a hard search limit? if($mybb->settings['searchhardlimit'] > 0) { $options['limit'] = (int)$mybb->settings['searchhardlimit']; } $pids = ''; $comma = ''; $query = $db->simple_select("posts", "pid", "{$where_sql}", $options); while($pid = $db->fetch_field($query, "pid")) { $pids .= $comma.$pid; $comma = ','; } $tids = ''; $comma = ''; $query = $db->simple_select("threads", "tid", $where_sql); while($tid = $db->fetch_field($query, "tid")) { $tids .= $comma.$tid; $comma = ','; } $sid = md5(uniqid(microtime(), true)); $searcharray = array( "sid" => $db->escape_string($sid), "uid" => $mybb->user['uid'], "dateline" => TIME_NOW, "ipaddress" => $db->escape_binary($session->packedip), "threads" => $db->escape_string($tids), "posts" => $db->escape_string($pids), "resulttype" => "posts", "querycache" => '', "keywords" => '' ); $plugins->run_hooks("search_do_search_process"); $db->insert_query("searchlog", $searcharray); redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); } elseif($mybb->input['action'] == "finduserthreads") { $where_sql = "uid='".$mybb->get_input('uid', MyBB::INPUT_INT)."'"; $unsearchforums = get_unsearchable_forums(); if($unsearchforums) { $where_sql .= " AND fid NOT IN ($unsearchforums)"; } $inactiveforums = get_inactive_forums(); if($inactiveforums) { $where_sql .= " AND fid NOT IN ($inactiveforums)"; } // Moderators can view unapproved threads and deleted threads from forums they moderate $unapproved_where = get_visible_where(); $where_sql .= " AND ({$unapproved_where})"; $permsql = ""; $onlyusfids = array(); // Check group permissions if we can't view threads not started by us $group_permissions = forum_permissions(); foreach($group_permissions as $fid => $forum_permissions) { if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) { $onlyusfids[] = $fid; } } if(!empty($onlyusfids)) { $where_sql .= "AND ((fid IN(".implode(',', $onlyusfids).") AND uid='{$mybb->user['uid']}') OR fid NOT IN(".implode(',', $onlyusfids)."))"; } $tids = ''; $comma = ''; $query = $db->simple_select("threads", "tid", $where_sql); while($tid = $db->fetch_field($query, "tid")) { $tids .= $comma.$tid; $comma = ','; }
$sid = md5(uniqid(microtime(), true)); $searcharray = array( "sid" => $db->escape_string($sid),	$sid = md5(uniqid(microtime(), true)); $searcharray = array( "sid" => $db->escape_string($sid),
Zeile 1376	Zeile 1352
redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); } elseif($mybb->input['action'] == "getnew")	redirect("search.php?action=results&sid=".$sid, $lang->redirect_searchresults); } elseif($mybb->input['action'] == "getnew")
{ $where_sql = "lastpost >= '".(int)$mybb->user['lastvisit']."'"; if($mybb->get_input('fid', MyBB::INPUT_INT)) { $where_sql .= " AND fid='".$mybb->get_input('fid', MyBB::INPUT_INT)."'"; } else if($mybb->get_input('fids')) { $fids = explode(',', $mybb->get_input('fids')); foreach($fids as $key => $fid) { $fids[$key] = (int)$fid; } if(!empty($fids)) { $where_sql .= " AND fid IN (".implode(',', $fids).")"; } } $unsearchforums = get_unsearchable_forums(); if($unsearchforums) { $where_sql .= " AND fid NOT IN ($unsearchforums)"; } $inactiveforums = get_inactive_forums(); if($inactiveforums) { $where_sql .= " AND fid NOT IN ($inactiveforums)"; } $permsql = ""; $onlyusfids = array(); // Check group permissions if we can't view threads not started by us $group_permissions = forum_permissions(); foreach($group_permissions as $fid => $forum_permissions) { if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) { $onlyusfids[] = $fid; } } if(!empty($onlyusfids)) { $where_sql .= "AND ((fid IN(".implode(',', $onlyusfids).") AND uid='{$mybb->user['uid']}') OR fid NOT IN(".implode(',', $onlyusfids)."))"; }	{ $where_sql = "lastpost >= '".(int)$mybb->user['lastvisit']."'"; if($mybb->get_input('fid', MyBB::INPUT_INT)) { $where_sql .= " AND fid='".$mybb->get_input('fid', MyBB::INPUT_INT)."'"; } else if($mybb->get_input('fids')) { $fids = explode(',', $mybb->get_input('fids')); foreach($fids as $key => $fid) { $fids[$key] = (int)$fid; } if(!empty($fids)) { $where_sql .= " AND fid IN (".implode(',', $fids).")"; } } $unsearchforums = get_unsearchable_forums(); if($unsearchforums) { $where_sql .= " AND fid NOT IN ($unsearchforums)"; } $inactiveforums = get_inactive_forums(); if($inactiveforums) { $where_sql .= " AND fid NOT IN ($inactiveforums)"; } // Moderators can view unapproved threads and deleted threads from forums they moderate $unapproved_where = get_visible_where(); $where_sql .= " AND ({$unapproved_where})"; $permsql = ""; $onlyusfids = array(); // Check group permissions if we can't view threads not started by us $group_permissions = forum_permissions(); foreach($group_permissions as $fid => $forum_permissions) { if(isset($forum_permissions['canonlyviewownthreads']) && $forum_permissions['canonlyviewownthreads'] == 1) { $onlyusfids[] = $fid; } } if(!empty($onlyusfids)) { $where_sql .= "AND ((fid IN(".implode(',', $onlyusfids).") AND uid='{$mybb->user['uid']}') OR fid NOT IN(".implode(',', $onlyusfids)."))"; }
$tids = ''; $comma = ''; $query = $db->simple_select("threads", "tid", $where_sql); while($tid = $db->fetch_field($query, "tid")) {	$tids = ''; $comma = ''; $query = $db->simple_select("threads", "tid", $where_sql); while($tid = $db->fetch_field($query, "tid")) {
$tids .= $comma.$tid; $comma = ',';	$tids .= $comma.$tid; $comma = ',';
} $sid = md5(uniqid(microtime(), true));	} $sid = md5(uniqid(microtime(), true));
Zeile 1494	Zeile 1474
{ $where_sql .= " AND fid NOT IN ($inactiveforums)"; }	{ $where_sql .= " AND fid NOT IN ($inactiveforums)"; }
	// Moderators can view unapproved threads and deleted threads from forums they moderate $unapproved_where = get_visible_where(); $where_sql .= " AND ({$unapproved_where})";
$permsql = ""; $onlyusfids = array();	$permsql = ""; $onlyusfids = array();

// Check group permissions if we can't view threads not started by us $group_permissions = forum_permissions(); foreach($group_permissions as $fid => $forum_permissions)	// Check group permissions if we can't view threads not started by us $group_permissions = forum_permissions(); foreach($group_permissions as $fid => $forum_permissions)
Zeile 1516	Zeile 1500
$comma = ''; $query = $db->simple_select("threads", "tid", $where_sql); while($tid = $db->fetch_field($query, "tid"))	$comma = ''; $query = $db->simple_select("threads", "tid", $where_sql); while($tid = $db->fetch_field($query, "tid"))
{ $tids .= $comma.$tid; $comma = ',';	{ $tids .= $comma.$tid; $comma = ',';
} $sid = md5(uniqid(microtime(), true));	} $sid = md5(uniqid(microtime(), true));
Zeile 1541	Zeile 1525
elseif($mybb->input['action'] == "do_search") { $plugins->run_hooks("search_do_search_start");	elseif($mybb->input['action'] == "do_search") { $plugins->run_hooks("search_do_search_start");

// Check if search flood checking is enabled and user is not admin if($mybb->settings['searchfloodtime'] > 0 && $mybb->usergroup['cancp'] != 1) { // Fetch the time this user last searched if($mybb->user['uid'])	// Check if search flood checking is enabled and user is not admin if($mybb->settings['searchfloodtime'] > 0 && $mybb->usergroup['cancp'] != 1) { // Fetch the time this user last searched if($mybb->user['uid'])
{	{
$conditions = "uid='{$mybb->user['uid']}'"; } else	$conditions = "uid='{$mybb->user['uid']}'"; } else
Zeile 1558	Zeile 1542
$query = $db->simple_select("searchlog", "*", "$conditions AND dateline > '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC")); $last_search = $db->fetch_array($query); // Users last search was within the flood time, show the error	$query = $db->simple_select("searchlog", "*", "$conditions AND dateline > '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC")); $last_search = $db->fetch_array($query); // Users last search was within the flood time, show the error
if($last_search['sid'])	if(!empty($last_search['sid']))
{ $remaining_time = $mybb->settings['searchfloodtime']-(TIME_NOW-$last_search['dateline']); if($remaining_time == 1) { $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding_1, $mybb->settings['searchfloodtime']);	{ $remaining_time = $mybb->settings['searchfloodtime']-(TIME_NOW-$last_search['dateline']); if($remaining_time == 1) { $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding_1, $mybb->settings['searchfloodtime']);
}	}
else { $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time); } error($lang->error_searchflooding); }	else { $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time); } error($lang->error_searchflooding); }
}	}
if($mybb->get_input('showresults') == "threads")	if($mybb->get_input('showresults') == "threads")
{	{
$resulttype = "threads"; } else {	$resulttype = "threads"; } else {
$resulttype = "posts";	$resulttype = "posts"; } if(isset($mybb->input['forums']) && is_array($mybb->input['forums'])) { $forums = $mybb->get_input('forums', MyBB::INPUT_ARRAY); } else { $forums = array($mybb->get_input('forums'));
} $search_data = array(	} $search_data = array(
Zeile 1588	Zeile 1581
"matchusername" => $mybb->get_input('matchusername', MyBB::INPUT_INT), "postdate" => $mybb->get_input('postdate', MyBB::INPUT_INT), "pddir" => $mybb->get_input('pddir', MyBB::INPUT_INT),	"matchusername" => $mybb->get_input('matchusername', MyBB::INPUT_INT), "postdate" => $mybb->get_input('postdate', MyBB::INPUT_INT), "pddir" => $mybb->get_input('pddir', MyBB::INPUT_INT),
"forums" => $mybb->input['forums'],	"forums" => $forums,
"findthreadst" => $mybb->get_input('findthreadst', MyBB::INPUT_INT), "numreplies" => $mybb->get_input('numreplies', MyBB::INPUT_INT), "threadprefix" => $mybb->get_input('threadprefix', MyBB::INPUT_ARRAY)	"findthreadst" => $mybb->get_input('findthreadst', MyBB::INPUT_INT), "numreplies" => $mybb->get_input('numreplies', MyBB::INPUT_INT), "threadprefix" => $mybb->get_input('threadprefix', MyBB::INPUT_ARRAY)
Zeile 1608	Zeile 1601
else { $search_results = perform_search_mysql($search_data);	else { $search_results = perform_search_mysql($search_data);
} }	} }
else { error($lang->error_no_search_support);	else { error($lang->error_no_search_support);
Zeile 1689	Zeile 1682
$query = $db->simple_select("searchlog", "*", "$conditions AND dateline > '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC")); $last_search = $db->fetch_array($query);	$query = $db->simple_select("searchlog", "*", "$conditions AND dateline > '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC")); $last_search = $db->fetch_array($query);
// We shouldn't show remaining time if time is 0 or under. $remaining_time = $mybb->settings['searchfloodtime']-(TIME_NOW-$last_search['dateline']); // Users last search was within the flood time, show the error. if($last_search['sid'] && $remaining_time > 0)	if($last_search)
{	{
if($remaining_time == 1) { $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding_1, $mybb->settings['searchfloodtime']); } else	// We shouldn't show remaining time if time is 0 or under. $remaining_time = $mybb->settings['searchfloodtime']-(TIME_NOW-$last_search['dateline']); // Users last search was within the flood time, show the error. if($remaining_time > 0)
{	{
$lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time);	if($remaining_time == 1) { $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding_1, $mybb->settings['searchfloodtime']); } else { $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time); } error($lang->error_searchflooding);
}	}
error($lang->error_searchflooding);
} }	} }