Revision 1420
Added by Dietmar almost 14 years ago
| search.php | ||
|---|---|---|
| 1 |
<?php |
|
| 2 |
/** |
|
| 3 |
* |
|
| 4 |
* @category frontend |
|
| 5 |
* @package search |
|
| 6 |
* @author WebsiteBaker Project |
|
| 7 |
* @copyright 2004-2009, Ryan Djurovich |
|
| 8 |
* @copyright 2009-2011, Website Baker Org. e.V. |
|
| 9 |
* @link http://www.websitebaker2.org/ |
|
| 10 |
* @license http://www.gnu.org/licenses/gpl.html |
|
| 11 |
* @platform WebsiteBaker 2.8.x |
|
| 12 |
* @requirements PHP 5.2.2 and higher |
|
| 13 |
* @version $Id$ |
|
| 14 |
* @filesource $HeadURL$ |
|
| 15 |
* @lastmodified $Date$ |
|
| 16 |
* |
|
| 17 |
*/ |
|
| 18 |
|
|
| 19 |
if(!defined('WB_URL')) {
|
|
| 20 |
header('Location: index.php');
|
|
| 21 |
exit(0); |
|
| 22 |
} |
|
| 23 |
|
|
| 24 |
// Check if search is enabled |
|
| 25 |
if(SHOW_SEARCH != true) {
|
|
| 26 |
echo $TEXT['SEARCH'].' '.$TEXT['DISABLED']; |
|
| 27 |
return; |
|
| 28 |
} |
|
| 29 |
|
|
| 30 |
// Include the WB functions file |
|
| 31 |
require_once(WB_PATH.'/framework/functions.php'); |
|
| 32 |
|
|
| 33 |
// Get search settings |
|
| 34 |
$table=TABLE_PREFIX.'search'; |
|
| 35 |
$query = $database->query("SELECT value FROM $table WHERE name = 'header' LIMIT 1");
|
|
| 36 |
$fetch_header = $query->fetchRow(); |
|
| 37 |
$query = $database->query("SELECT value FROM $table WHERE name = 'footer' LIMIT 1");
|
|
| 38 |
$fetch_footer = $query->fetchRow(); |
|
| 39 |
$query = $database->query("SELECT value FROM $table WHERE name = 'results_header' LIMIT 1");
|
|
| 40 |
$fetch_results_header = $query->fetchRow(); |
|
| 41 |
$query = $database->query("SELECT value FROM $table WHERE name = 'results_footer' LIMIT 1");
|
|
| 42 |
$fetch_results_footer = $query->fetchRow(); |
|
| 43 |
$query = $database->query("SELECT value FROM $table WHERE name = 'results_loop' LIMIT 1");
|
|
| 44 |
$fetch_results_loop = $query->fetchRow(); |
|
| 45 |
$query = $database->query("SELECT value FROM $table WHERE name = 'no_results' LIMIT 1");
|
|
| 46 |
$fetch_no_results = $query->fetchRow(); |
|
| 47 |
$query = $database->query("SELECT value FROM $table WHERE name = 'module_order' LIMIT 1");
|
|
| 48 |
if($query->numRows() > 0) { $res = $query->fetchRow(); } else { $res['value']='faqbaker,manual,wysiwyg'; }
|
|
| 49 |
$search_module_order = $res['value']; |
|
| 50 |
$query = $database->query("SELECT value FROM $table WHERE name = 'max_excerpt' LIMIT 1");
|
|
| 51 |
if($query->numRows() > 0) { $res = $query->fetchRow(); } else { $res['value'] = '15'; }
|
|
| 52 |
$search_max_excerpt = (int)($res['value']); |
|
| 53 |
if(!is_numeric($search_max_excerpt)) { $search_max_excerpt = 15; }
|
|
| 54 |
$query = $database->query("SELECT value FROM $table WHERE name = 'cfg_show_description' LIMIT 1");
|
|
| 55 |
if($query->numRows() > 0) { $res = $query->fetchRow(); } else { $res['value'] = 'true'; }
|
|
| 56 |
if($res['value'] == 'false') { $cfg_show_description = false; } else { $cfg_show_description = true; }
|
|
| 57 |
$query = $database->query("SELECT value FROM $table WHERE name = 'cfg_search_description' LIMIT 1");
|
|
| 58 |
if($query->numRows() > 0) { $res = $query->fetchRow(); } else { $res['value'] = 'true'; }
|
|
| 59 |
if($res['value'] == 'false') { $cfg_search_description = false; } else { $cfg_search_description = true; }
|
|
| 60 |
$query = $database->query("SELECT value FROM $table WHERE name = 'cfg_search_keywords' LIMIT 1");
|
|
| 61 |
if($query->numRows() > 0) { $res = $query->fetchRow(); } else { $res['value'] = 'true'; }
|
|
| 62 |
if($res['value'] == 'false') { $cfg_search_keywords = false; } else { $cfg_search_keywords = true; }
|
|
| 63 |
$query = $database->query("SELECT value FROM $table WHERE name = 'cfg_enable_old_search' LIMIT 1");
|
|
| 64 |
if($query->numRows() > 0) { $res = $query->fetchRow(); } else { $res['value'] = 'true'; }
|
|
| 65 |
if($res['value'] == 'false') { $cfg_enable_old_search = false; } else { $cfg_enable_old_search = true; }
|
|
| 66 |
$query = $database->query("SELECT value FROM $table WHERE name = 'cfg_enable_flush' LIMIT 1");
|
|
| 67 |
if($query->numRows() > 0) { $res = $query->fetchRow(); } else { $res['value'] = 'false'; }
|
|
| 68 |
if($res['value'] == 'false') { $cfg_enable_flush = false; } else { $cfg_enable_flush = true; }
|
|
| 69 |
$query = $database->query("SELECT value FROM $table WHERE name = 'time_limit' LIMIT 1"); // time-limit per module
|
|
| 70 |
if($query->numRows() > 0) { $res = $query->fetchRow(); } else { $res['value'] = '0'; }
|
|
| 71 |
$search_time_limit = (int)($res['value']); |
|
| 72 |
if($search_time_limit < 1) $search_time_limit = 0; |
|
| 73 |
|
|
| 74 |
// search-module-extension: get helper-functions |
|
| 75 |
require_once(WB_PATH.'/search/search_modext.php'); |
|
| 76 |
// search-module-extension: Get "search.php" for each module, if present |
|
| 77 |
// looks in modules/module/ and modules/module_searchext/ |
|
| 78 |
$search_funcs = array();$search_funcs['__before'] = array();$search_funcs['__after'] = array(); |
|
| 79 |
$query = $database->query("SELECT DISTINCT directory FROM ".TABLE_PREFIX."addons WHERE type = 'module' AND directory NOT LIKE '%_searchext'");
|
|
| 80 |
if($query->numRows() > 0) {
|
|
| 81 |
while($module = $query->fetchRow()) {
|
|
| 82 |
$file = WB_PATH.'/modules/'.$module['directory'].'/search.php'; |
|
| 83 |
if(!file_exists($file)) {
|
|
| 84 |
$file = WB_PATH.'/modules/'.$module['directory'].'_searchext/search.php'; |
|
| 85 |
if(!file_exists($file)) {
|
|
| 86 |
$file=''; |
|
| 87 |
} |
|
| 88 |
} |
|
| 89 |
if($file!='') {
|
|
| 90 |
include_once($file); |
|
| 91 |
if(function_exists($module['directory']."_search")) {
|
|
| 92 |
$search_funcs[$module['directory']] = $module['directory']."_search"; |
|
| 93 |
} |
|
| 94 |
if(function_exists($module['directory']."_search_before")) {
|
|
| 95 |
$search_funcs['__before'][] = $module['directory']."_search_before"; |
|
| 96 |
} |
|
| 97 |
if(function_exists($module['directory']."_search_after")) {
|
|
| 98 |
$search_funcs['__after'][] = $module['directory']."_search_after"; |
|
| 99 |
} |
|
| 100 |
} |
|
| 101 |
} |
|
| 102 |
} |
|
| 103 |
|
|
| 104 |
// Get list of usernames and display names |
|
| 105 |
$query = $database->query("SELECT user_id,username,display_name FROM ".TABLE_PREFIX."users");
|
|
| 106 |
$users = array('0' => array('display_name' => $TEXT['UNKNOWN'], 'username' => strtolower($TEXT['UNKNOWN'])));
|
|
| 107 |
if($query->numRows() > 0) {
|
|
| 108 |
while($user = $query->fetchRow()) {
|
|
| 109 |
$users[$user['user_id']] = array('display_name' => $user['display_name'], 'username' => $user['username']);
|
|
| 110 |
} |
|
| 111 |
} |
|
| 112 |
|
|
| 113 |
// Get search language, used for special umlaut handling (DE: ß=ss, ...) |
|
| 114 |
$search_lang = ''; |
|
| 115 |
if(isset($_REQUEST['search_lang'])) {
|
|
| 116 |
$search_lang = $_REQUEST['search_lang']; |
|
| 117 |
if(!preg_match('~^[A-Z]{2}$~', $search_lang))
|
|
| 118 |
$search_lang = LANGUAGE; |
|
| 119 |
} else {
|
|
| 120 |
$search_lang = LANGUAGE; |
|
| 121 |
} |
|
| 122 |
|
|
| 123 |
// Get the path to search into. Normally left blank |
|
| 124 |
// ATTN: since wb2.7.1 the path is evaluated as SQL: LIKE "/path%" - which will find "/path.php", "/path/info.php", ...; But not "/de/path.php" |
|
| 125 |
// Add a '%' in front of each path to get SQL: LIKE "%/path%" |
|
| 126 |
/* possible values: |
|
| 127 |
* - a single path: "/en/" - search only pages whose link contains 'path' ("/en/machinery/bender-x09")
|
|
| 128 |
* - a single path not to search into: "-/help" - search all, exclude /help... |
|
| 129 |
* - a bunch of alternative pathes: "/en/,%/machinery/,/docs/" - alternatives paths, seperated by comma |
|
| 130 |
* - a bunch of paths to exclude: "-/about,%/info,/jp/,/light" - search all, exclude these. |
|
| 131 |
* These different styles can't be mixed. |
|
| 132 |
*/ |
|
| 133 |
// ATTN: in wb2.7.0 "/en/" matched all links with "/en/" somewhere in the link: "/info/en/intro.php", "/en/info.php", ... |
|
| 134 |
// since wb2.7.1 "/en/" matches only links _starting_ with "/en/": "/en/intro/info.php" |
|
| 135 |
// use "%/en/" (or "%/en/, %/info", ...) to get the old behavior |
|
| 136 |
$search_path_SQL = ''; |
|
| 137 |
$search_path = ''; |
|
| 138 |
if(isset($_REQUEST['search_path'])) {
|
|
| 139 |
$search_path = addslashes(htmlspecialchars(strip_tags($wb->strip_slashes($_REQUEST['search_path'])), ENT_QUOTES)); |
|
| 140 |
if(!preg_match('~^%?[-a-zA-Z0-9_,/ ]+$~', $search_path))
|
|
| 141 |
$search_path = ''; |
|
| 142 |
if($search_path != '') {
|
|
| 143 |
$search_path_SQL = 'AND ( '; |
|
| 144 |
$not = ''; |
|
| 145 |
$op = 'OR'; |
|
| 146 |
if($search_path[0] == '-') {
|
|
| 147 |
$not = 'NOT'; |
|
| 148 |
$op = 'AND'; |
|
| 149 |
$paths = explode(',', substr($search_path, 1) );
|
|
| 150 |
} else {
|
|
| 151 |
$paths = explode(',',$search_path);
|
|
| 152 |
} |
|
| 153 |
$i=0; |
|
| 154 |
foreach($paths as $p) {
|
|
| 155 |
if($i++ > 0) {
|
|
| 156 |
$search_path_SQL .= ' $op'; |
|
| 157 |
} |
|
| 158 |
$search_path_SQL .= " link $not LIKE '".$p."%'"; |
|
| 159 |
} |
|
| 160 |
$search_path_SQL .= ' )'; |
|
| 161 |
} |
|
| 162 |
} |
|
| 163 |
|
|
| 164 |
// use page_languages? |
|
| 165 |
if(PAGE_LANGUAGES) {
|
|
| 166 |
$table = TABLE_PREFIX."pages"; |
|
| 167 |
$search_language_SQL_t = "AND $table.`language` = '".LANGUAGE."'"; |
|
| 168 |
$search_language_SQL = "AND `language` = '".LANGUAGE."'"; |
|
| 169 |
} else {
|
|
| 170 |
$search_language_SQL_t = ''; |
|
| 171 |
$search_language_SQL = ''; |
|
| 172 |
} |
|
| 173 |
|
|
| 174 |
// Get the search type |
|
| 175 |
$match = ''; |
|
| 176 |
if(isset($_REQUEST['match'])) {
|
|
| 177 |
if($_REQUEST['match']=='any') $match = 'any'; |
|
| 178 |
elseif($_REQUEST['match']=='all') $match = 'all'; |
|
| 179 |
elseif($_REQUEST['match']=='exact') $match = 'exact'; |
|
| 180 |
else $match = 'all'; |
|
| 181 |
} else {
|
|
| 182 |
$match = 'all'; |
|
| 183 |
} |
|
| 184 |
|
|
| 185 |
// Get search string |
|
| 186 |
$search_normal_string = ''; |
|
| 187 |
$search_entities_string = ''; // for SQL's LIKE |
|
| 188 |
$search_display_string = ''; // for displaying |
|
| 189 |
$search_url_string = ''; // for $_GET -- ATTN: unquoted! Will become urldecoded later |
|
| 190 |
$string = ''; |
|
| 191 |
if(isset($_REQUEST['string'])) |
|
| 192 |
{
|
|
| 193 |
if($match!='exact') // $string will be cleaned below |
|
| 194 |
{
|
|
| 195 |
$string=str_replace(',', '', $_REQUEST['string']);
|
|
| 196 |
} else {
|
|
| 197 |
$string=$_REQUEST['string']; |
|
| 198 |
} |
|
| 199 |
// redo possible magic quotes |
|
| 200 |
$string = $wb->strip_slashes($string); |
|
| 201 |
$string = preg_replace('/[ \r\n\t]+/', ' ', $string);
|
|
| 202 |
$string = trim($string); |
|
| 203 |
// remove some bad chars |
|
| 204 |
$string = str_replace ( array('[[',']]'),'', $string);
|
|
| 205 |
$string = preg_replace('/(^|\s+)[|.]+(?=\s+|$)/', '', $string);
|
|
| 206 |
$search_display_string = htmlspecialchars($string); |
|
| 207 |
$search_entities_string = addslashes(umlauts_to_entities(htmlspecialchars($string))); |
|
| 208 |
// mySQL needs four backslashes to match one in LIKE comparisons) |
|
| 209 |
$search_entities_string = str_replace('\\\\', '\\\\\\\\', $search_entities_string);
|
|
| 210 |
// convert string to utf-8 |
|
| 211 |
$string = entities_to_umlauts($string, 'UTF-8'); |
|
| 212 |
$search_url_string = $string; |
|
| 213 |
$string = preg_quote($string); |
|
| 214 |
// quote ' " and / -we need quoted / for regex |
|
| 215 |
$search_normal_string = str_replace(array('\'','"','/'), array('\\\'','\"','\/'), $string);
|
|
| 216 |
} |
|
| 217 |
// make arrays from the search_..._strings above |
|
| 218 |
if($match == 'exact') |
|
| 219 |
$search_url_array[] = $search_url_string; |
|
| 220 |
else |
|
| 221 |
$search_url_array = explode(' ', $search_url_string);
|
|
| 222 |
$search_normal_array = array(); |
|
| 223 |
$search_entities_array = array(); |
|
| 224 |
if($match == 'exact') {
|
|
| 225 |
$search_normal_array[]=$search_normal_string; |
|
| 226 |
$search_entities_array[]=$search_entities_string; |
|
| 227 |
} else {
|
|
| 228 |
$exploded_string = explode(' ', $search_normal_string);
|
|
| 229 |
// Make sure there is no blank values in the array |
|
| 230 |
foreach($exploded_string AS $each_exploded_string) {
|
|
| 231 |
if($each_exploded_string != '') {
|
|
| 232 |
$search_normal_array[] = $each_exploded_string; |
|
| 233 |
} |
|
| 234 |
} |
|
| 235 |
$exploded_string = explode(' ', $search_entities_string);
|
|
| 236 |
// Make sure there is no blank values in the array |
|
| 237 |
foreach($exploded_string AS $each_exploded_string) {
|
|
| 238 |
if($each_exploded_string != '') {
|
|
| 239 |
$search_entities_array[] = $each_exploded_string; |
|
| 240 |
} |
|
| 241 |
} |
|
| 242 |
} |
|
| 243 |
// make an extra copy of search_normal_array for use in regex |
|
| 244 |
require(WB_PATH.'/search/search_convert.php'); |
|
| 245 |
$search_words = array(); |
|
| 246 |
foreach($search_normal_array AS $str) {
|
|
| 247 |
$str = str_replace($string_ul_umlaut, $string_ul_regex, $str); |
|
| 248 |
$search_words[] = $str; |
|
| 249 |
} |
|
| 250 |
|
|
| 251 |
// Work-out what to do (match all words, any words, or do exact match), and do relevant with query settings |
|
| 252 |
$all_checked = ''; |
|
| 253 |
$any_checked = ''; |
|
| 254 |
$exact_checked = ''; |
|
| 255 |
if ($match == 'any') {
|
|
| 256 |
$any_checked = ' checked="checked"'; |
|
| 257 |
$logical_operator = ' OR'; |
|
| 258 |
} elseif($match == 'all') {
|
|
| 259 |
$all_checked = ' checked="checked"'; |
|
| 260 |
$logical_operator = ' AND'; |
|
| 261 |
} else {
|
|
| 262 |
$exact_checked = ' checked="checked"'; |
|
| 263 |
} |
|
| 264 |
|
|
| 265 |
// Replace vars in search settings with values |
|
| 266 |
$vars = array('[SEARCH_STRING]', '[WB_URL]', '[PAGE_EXTENSION]', '[TEXT_RESULTS_FOR]');
|
|
| 267 |
$values = array($search_display_string, WB_URL, PAGE_EXTENSION, $TEXT['RESULTS_FOR']); |
|
| 268 |
$search_footer = str_replace($vars, $values, ($fetch_footer['value'])); |
|
| 269 |
$search_results_header = str_replace($vars, $values, ($fetch_results_header['value'])); |
|
| 270 |
$search_results_footer = str_replace($vars, $values, ($fetch_results_footer['value'])); |
|
| 271 |
|
|
| 272 |
// Do extra vars/values replacement |
|
| 273 |
$vars = array('[SEARCH_STRING]', '[WB_URL]', '[PAGE_EXTENSION]', '[TEXT_SEARCH]', '[TEXT_ALL_WORDS]', '[TEXT_ANY_WORDS]', '[TEXT_EXACT_MATCH]', '[TEXT_MATCH]', '[TEXT_MATCHING]', '[ALL_CHECKED]', '[ANY_CHECKED]', '[EXACT_CHECKED]', '[REFERRER_ID]', '[SEARCH_PATH]');
|
|
| 274 |
$values = array($search_display_string, WB_URL, PAGE_EXTENSION, $TEXT['SEARCH'], $TEXT['ALL_WORDS'], $TEXT['ANY_WORDS'], $TEXT['EXACT_MATCH'], $TEXT['MATCH'], $TEXT['MATCHING'], $all_checked, $any_checked, $exact_checked, REFERRER_ID, $search_path); |
|
| 275 |
$search_header = str_replace($vars, $values, ($fetch_header['value'])); |
|
| 276 |
$vars = array('[TEXT_NO_RESULTS]');
|
|
| 277 |
$values = array($TEXT['NO_RESULTS']); |
|
| 278 |
$search_no_results = str_replace($vars, $values, ($fetch_no_results['value'])); |
|
| 279 |
|
|
| 280 |
/* |
|
| 281 |
* Start of output |
|
| 282 |
*/ |
|
| 283 |
|
|
| 284 |
// Show search header |
|
| 285 |
echo $search_header; |
|
| 286 |
// Show search results_header |
|
| 287 |
echo $search_results_header; |
|
| 288 |
|
|
| 289 |
// Work-out if the user has already entered their details or not |
|
| 290 |
if($search_normal_string != '') {
|
|
| 291 |
|
|
| 292 |
// Get modules |
|
| 293 |
$table = TABLE_PREFIX."sections"; |
|
| 294 |
$get_modules = $database->query("SELECT DISTINCT module FROM $table WHERE module != '' ");
|
|
| 295 |
$modules = array(); |
|
| 296 |
if($get_modules->numRows() > 0) {
|
|
| 297 |
while($module = $get_modules->fetchRow()) {
|
|
| 298 |
$modules[] = $module['module']; |
|
| 299 |
} |
|
| 300 |
} |
|
| 301 |
// sort module search-order |
|
| 302 |
// get the modules from $search_module_order first ... |
|
| 303 |
$sorted_modules = array(); |
|
| 304 |
$m = count($modules); |
|
| 305 |
$search_modules = explode(',', $search_module_order);
|
|
| 306 |
foreach($search_modules AS $item) {
|
|
| 307 |
$item = trim($item); |
|
| 308 |
for($i=0; $i < $m; $i++) {
|
|
| 309 |
if(isset($modules[$i]) && $modules[$i] == $item) {
|
|
| 310 |
$sorted_modules[] = $modules[$i]; |
|
| 311 |
unset($modules[$i]); |
|
| 312 |
break; |
|
| 313 |
} |
|
| 314 |
} |
|
| 315 |
} |
|
| 316 |
// ... then add the rest |
|
| 317 |
foreach($modules AS $item) {
|
|
| 318 |
$sorted_modules[] = $item; |
|
| 319 |
} |
|
| 320 |
|
|
| 321 |
|
|
| 322 |
// Use the module's search-extensions. |
|
| 323 |
// This is somewhat slower than the orginial method. |
|
| 324 |
|
|
| 325 |
// call $search_funcs['__before'] first |
|
| 326 |
$search_func_vars = array( |
|
| 327 |
'database' => $database, // database-handle |
|
| 328 |
'page_id' => 0, |
|
| 329 |
'section_id' => 0, |
|
| 330 |
'page_title' => '', |
|
| 331 |
'page_menu_title' => '', |
|
| 332 |
'page_description' => '', |
|
| 333 |
'page_keywords' => '', |
|
| 334 |
'page_link' => '', |
|
| 335 |
'page_modified_when' => 0, |
|
| 336 |
'page_modified_by' => 0, |
|
| 337 |
'users' => $users, // array of known user-id/user-name |
|
| 338 |
'search_words' => $search_words, // array of strings, prepared for regex |
|
| 339 |
'search_match' => $match, // match-type |
|
| 340 |
'search_url_array' => $search_url_array, // array of strings from the original search-string. ATTN: strings are not quoted! |
|
| 341 |
'results_loop_string' => $fetch_results_loop['value'], |
|
| 342 |
'default_max_excerpt' => $search_max_excerpt, |
|
| 343 |
'time_limit' => $search_time_limit, // time-limit in secs |
|
| 344 |
'search_path' => $search_path // see docu |
|
| 345 |
); |
|
| 346 |
foreach($search_funcs['__before'] as $func) {
|
|
| 347 |
$uf_res = call_user_func($func, $search_func_vars); |
|
| 348 |
} |
|
| 349 |
// now call module-based $search_funcs[] |
|
| 350 |
$seen_pages = array(); // seen pages per module. |
|
| 351 |
$pages_listed = array(); // seen pages. |
|
| 352 |
if($search_max_excerpt!=0) { // skip this search if $search_max_excerpt==0
|
|
| 353 |
foreach($sorted_modules AS $module_name) {
|
|
| 354 |
$start_time = time(); // get start-time to check time-limit; not very accurate, but ok |
|
| 355 |
$seen_pages[$module_name] = array(); |
|
| 356 |
if(!isset($search_funcs[$module_name])) {
|
|
| 357 |
continue; // there is no search_func for this module |
|
| 358 |
} |
|
| 359 |
// get each section for $module_name |
|
| 360 |
$table_s = TABLE_PREFIX."sections"; |
|
| 361 |
$table_p = TABLE_PREFIX."pages"; |
|
| 362 |
$sections_query = $database->query("
|
|
| 363 |
SELECT s.section_id, s.page_id, s.module, s.publ_start, s.publ_end, |
|
| 364 |
p.page_title, p.menu_title, p.link, p.description, p.keywords, p.modified_when, p.modified_by, |
|
| 365 |
p.visibility, p.viewing_groups, p.viewing_users |
|
| 366 |
FROM $table_s AS s INNER JOIN $table_p AS p ON s.page_id = p.page_id |
|
| 367 |
WHERE s.module = '$module_name' AND p.visibility NOT IN ('none','deleted') AND p.searching = '1' $search_path_SQL $search_language_SQL
|
|
| 368 |
ORDER BY s.page_id, s.position ASC |
|
| 369 |
"); |
|
| 370 |
if($sections_query->numRows() > 0) {
|
|
| 371 |
while($res = $sections_query->fetchRow()) {
|
|
| 372 |
// check if time-limit is exceeded for this module |
|
| 373 |
if($search_time_limit > 0 && (time()-$start_time > $search_time_limit)) {
|
|
| 374 |
break; |
|
| 375 |
} |
|
| 376 |
// Only show this section if it is not "out of publication-date" |
|
| 377 |
$now = time(); |
|
| 378 |
if( !( $now<$res['publ_end'] && ($now>$res['publ_start'] || $res['publ_start']==0) || |
|
| 379 |
$now>$res['publ_start'] && $res['publ_end']==0) ) {
|
|
| 380 |
continue; |
|
| 381 |
} |
|
| 382 |
$search_func_vars = array( |
|
| 383 |
'database' => $database, |
|
| 384 |
'page_id' => $res['page_id'], |
|
| 385 |
'section_id' => $res['section_id'], |
|
| 386 |
'page_title' => $res['page_title'], |
|
| 387 |
'page_menu_title' => $res['menu_title'], |
|
| 388 |
'page_description' => ($cfg_show_description?$res['description']:""), |
|
| 389 |
'page_keywords' => $res['keywords'], |
|
| 390 |
'page_link' => $res['link'], |
|
| 391 |
'page_modified_when' => $res['modified_when'], |
|
| 392 |
'page_modified_by' => $res['modified_by'], |
|
| 393 |
'users' => $users, |
|
| 394 |
'search_words' => $search_words, // needed for preg_match |
|
| 395 |
'search_match' => $match, |
|
| 396 |
'search_url_array' => $search_url_array, // needed for url-string only |
|
| 397 |
'results_loop_string' => $fetch_results_loop['value'], |
|
| 398 |
'default_max_excerpt' => $search_max_excerpt, |
|
| 399 |
'enable_flush' => $cfg_enable_flush, |
|
| 400 |
'time_limit' => $search_time_limit // time-limit in secs |
|
| 401 |
); |
|
| 402 |
// Only show this page if we are allowed to see it |
|
| 403 |
if($admin->page_is_visible($res) == false) {
|
|
| 404 |
if($res['visibility'] == 'registered') { // don't show excerpt
|
|
| 405 |
$search_func_vars['default_max_excerpt'] = 0; |
|
| 406 |
$search_func_vars['page_description'] = $TEXT['REGISTERED']; |
|
| 407 |
} else { // private
|
|
| 408 |
continue; |
|
| 409 |
} |
|
| 410 |
} |
|
| 411 |
$uf_res = call_user_func($search_funcs[$module_name], $search_func_vars); |
|
| 412 |
if($uf_res) {
|
|
| 413 |
$pages_listed[$res['page_id']] = true; |
|
| 414 |
$seen_pages[$module_name][$res['page_id']] = true; |
|
| 415 |
} else {
|
|
| 416 |
$seen_pages[$module_name][$res['page_id']] = true; |
|
| 417 |
} |
|
| 418 |
} |
|
| 419 |
} |
|
| 420 |
} |
|
| 421 |
} |
|
| 422 |
// now call $search_funcs['__after'] |
|
| 423 |
$search_func_vars = array( |
|
| 424 |
'database' => $database, // database-handle |
|
| 425 |
'page_id' => 0, |
|
| 426 |
'section_id' => 0, |
|
| 427 |
'page_title' => '', |
|
| 428 |
'page_menu_title' => '', |
|
| 429 |
'page_description' => '', |
|
| 430 |
'page_keywords' => '', |
|
| 431 |
'page_link' => '', |
|
| 432 |
'page_modified_when' => 0, |
|
| 433 |
'page_modified_by' => 0, |
|
| 434 |
'users' => $users, // array of known user-id/user-name |
|
| 435 |
'search_words' => $search_words, // array of strings, prepared for regex |
|
| 436 |
'search_match' => $match, // match-type |
|
| 437 |
'search_url_array' => $search_url_array, // array of strings from the original search-string. ATTN: strings are not quoted! |
|
| 438 |
'results_loop_string' => $fetch_results_loop['value'], |
|
| 439 |
'default_max_excerpt' => $search_max_excerpt, |
|
| 440 |
'time_limit' => $search_time_limit, // time-limit in secs |
|
| 441 |
'search_path' => $search_path // see docu |
|
| 442 |
); |
|
| 443 |
foreach($search_funcs['__after'] as $func) {
|
|
| 444 |
$uf_res = call_user_func($func, $search_func_vars); |
|
| 445 |
} |
|
| 446 |
|
|
| 447 |
|
|
| 448 |
// Search page details only, such as description, keywords, etc, but only of unseen pages. |
|
| 449 |
$max_excerpt_num = 0; // we don't want excerpt here |
|
| 450 |
$divider = "."; |
|
| 451 |
$table = TABLE_PREFIX."pages"; |
|
| 452 |
$query_pages = $database->query("
|
|
| 453 |
SELECT page_id, page_title, menu_title, link, description, keywords, modified_when, modified_by, |
|
| 454 |
visibility, viewing_groups, viewing_users |
|
| 455 |
FROM $table |
|
| 456 |
WHERE visibility NOT IN ('none','deleted') AND searching = '1' $search_path_SQL $search_language_SQL
|
|
| 457 |
"); |
|
| 458 |
if($query_pages->numRows() > 0) {
|
|
| 459 |
while($page = $query_pages->fetchRow()) {
|
|
| 460 |
if (isset($pages_listed[$page['page_id']])) {
|
|
| 461 |
continue; |
|
| 462 |
} |
|
| 463 |
$func_vars = array( |
|
| 464 |
'database' => $database, |
|
| 465 |
'page_id' => $page['page_id'], |
|
| 466 |
'page_title' => $page['page_title'], |
|
| 467 |
'page_menu_title' => $page['menu_title'], |
|
| 468 |
'page_description' => ($cfg_show_description?$page['description']:""), |
|
| 469 |
'page_keywords' => $page['keywords'], |
|
| 470 |
'page_link' => $page['link'], |
|
| 471 |
'page_modified_when' => $page['modified_when'], |
|
| 472 |
'page_modified_by' => $page['modified_by'], |
|
| 473 |
'users' => $users, |
|
| 474 |
'search_words' => $search_words, // needed for preg_match_all |
|
| 475 |
'search_match' => $match, |
|
| 476 |
'search_url_array' => $search_url_array, // needed for url-string only |
|
| 477 |
'results_loop_string' => $fetch_results_loop['value'], |
|
| 478 |
'default_max_excerpt' => $max_excerpt_num, |
|
| 479 |
'enable_flush' => $cfg_enable_flush |
|
| 480 |
); |
|
| 481 |
// Only show this page if we are allowed to see it |
|
| 482 |
if($admin->page_is_visible($page) == false) {
|
|
| 483 |
if($page['visibility'] != 'registered') {
|
|
| 484 |
continue; |
|
| 485 |
} else { // page: registered, user: access denied
|
|
| 486 |
$func_vars['page_description'] = $TEXT['REGISTERED']; |
|
| 487 |
} |
|
| 488 |
} |
|
| 489 |
if($admin->page_is_active($page) == false) {
|
|
| 490 |
continue; |
|
| 491 |
} |
|
| 492 |
$text = $func_vars['page_title'].$divider |
|
| 493 |
.$func_vars['page_menu_title'].$divider |
|
| 494 |
.($cfg_search_description?$func_vars['page_description']:"").$divider |
|
| 495 |
.($cfg_search_keywords?$func_vars['page_keywords']:"").$divider; |
|
| 496 |
$mod_vars = array( |
|
| 497 |
'page_link' => $func_vars['page_link'], |
|
| 498 |
'page_link_target' => "", |
|
| 499 |
'page_title' => $func_vars['page_title'], |
|
| 500 |
'page_description' => $func_vars['page_description'], |
|
| 501 |
'page_modified_when' => $func_vars['page_modified_when'], |
|
| 502 |
'page_modified_by' => $func_vars['page_modified_by'], |
|
| 503 |
'text' => $text, |
|
| 504 |
'max_excerpt_num' => $func_vars['default_max_excerpt'] |
|
| 505 |
); |
|
| 506 |
if(print_excerpt2($mod_vars, $func_vars)) {
|
|
| 507 |
$pages_listed[$page['page_id']] = true; |
|
| 508 |
} |
|
| 509 |
} |
|
| 510 |
} |
|
| 511 |
|
|
| 512 |
// Now use the old method for pages not displayed by the new method above |
|
| 513 |
// in case someone has old modules without search.php. |
|
| 514 |
|
|
| 515 |
// Get modules |
|
| 516 |
$table_search = TABLE_PREFIX."search"; |
|
| 517 |
$table_sections = TABLE_PREFIX."sections"; |
|
| 518 |
$get_modules = $database->query("
|
|
| 519 |
SELECT DISTINCT s.value, s.extra |
|
| 520 |
FROM $table_search AS s INNER JOIN $table_sections AS sec |
|
| 521 |
ON s.value = sec.module |
|
| 522 |
WHERE s.name = 'module' |
|
| 523 |
"); |
|
| 524 |
$modules = array(); |
|
| 525 |
if($get_modules->numRows() > 0) {
|
|
| 526 |
while($module = $get_modules->fetchRow()) {
|
|
| 527 |
$modules[] = $module; // $modules in an array of arrays |
|
| 528 |
} |
|
| 529 |
} |
|
| 530 |
// sort module search-order |
|
| 531 |
// get the modules from $search_module_order first ... |
|
| 532 |
$sorted_modules = array(); |
|
| 533 |
$m = count($modules); |
|
| 534 |
$search_modules = explode(',', $search_module_order);
|
|
| 535 |
foreach($search_modules AS $item) {
|
|
| 536 |
$item = trim($item); |
|
| 537 |
for($i=0; $i < $m; $i++) {
|
|
| 538 |
if(isset($modules[$i]) && $modules[$i]['value'] == $item) {
|
|
| 539 |
$sorted_modules[] = $modules[$i]; |
|
| 540 |
unset($modules[$i]); |
|
| 541 |
break; |
|
| 542 |
} |
|
| 543 |
} |
|
| 544 |
} |
|
| 545 |
// ... then add the rest |
|
| 546 |
foreach($modules AS $item) {
|
|
| 547 |
$sorted_modules[] = $item; |
|
| 548 |
} |
|
| 549 |
|
|
| 550 |
if($cfg_enable_old_search) { // this is the old (wb <= 2.6.7) search-function
|
|
| 551 |
$search_path_SQL = str_replace(' link ', ' '.TABLE_PREFIX.'pages.link ', $search_path_SQL);
|
|
| 552 |
foreach($sorted_modules AS $module) {
|
|
| 553 |
if(isset($seen_pages[$module['value']]) && count($seen_pages[$module['value']])>0) // skip modules handled by new search-func |
|
| 554 |
continue; |
|
| 555 |
$query_start = ''; |
|
| 556 |
$query_body = ''; |
|
| 557 |
$query_end = ''; |
|
| 558 |
$prepared_query = ''; |
|
| 559 |
// Get module name |
|
| 560 |
$module_name = $module['value']; |
|
| 561 |
if(!isset($seen_pages[$module_name])) {
|
|
| 562 |
$seen_pages[$module_name]=array(); |
|
| 563 |
} |
|
| 564 |
// skip module 'code' - it doesn't make sense to search in a code section |
|
| 565 |
if($module_name=="code") |
|
| 566 |
continue; |
|
| 567 |
// Get fields to use for title, link, etc. |
|
| 568 |
$fields = unserialize($module['extra']); |
|
| 569 |
// Get query start |
|
| 570 |
$get_query_start = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'query_start' AND extra = '$module_name' LIMIT 1");
|
|
| 571 |
if($get_query_start->numRows() > 0) {
|
|
| 572 |
// Fetch query start |
|
| 573 |
$fetch_query_start = $get_query_start->fetchRow(); |
|
| 574 |
// Prepare query start for execution by replacing {TP} with the TABLE_PREFIX
|
|
| 575 |
$query_start = str_replace('[TP]', TABLE_PREFIX, ($fetch_query_start['value']));
|
|
| 576 |
} |
|
| 577 |
// Get query end |
|
| 578 |
$get_query_end = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'query_end' AND extra = '$module_name' LIMIT 1");
|
|
| 579 |
if($get_query_end->numRows() > 0) {
|
|
| 580 |
// Fetch query end |
|
| 581 |
$fetch_query_end = $get_query_end->fetchRow(); |
|
| 582 |
// Set query end |
|
| 583 |
$query_end = ($fetch_query_end['value']); |
|
| 584 |
} |
|
| 585 |
// Get query body |
|
| 586 |
$get_query_body = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'query_body' AND extra = '$module_name' LIMIT 1");
|
|
| 587 |
if($get_query_body->numRows() > 0) {
|
|
| 588 |
// Fetch query body |
|
| 589 |
$fetch_query_body = $get_query_body->fetchRow(); |
|
| 590 |
// Prepare query body for execution by replacing {STRING} with the correct one
|
|
| 591 |
$query_body = str_replace(array('[TP]','[O]','[W]'), array(TABLE_PREFIX,'LIKE','%'), ($fetch_query_body['value']));
|
|
| 592 |
// Loop through query body for each string, then combine with start and end |
|
| 593 |
$prepared_query = $query_start." ( ( ( "; |
|
| 594 |
$count = 0; |
|
| 595 |
foreach($search_normal_array AS $string) {
|
|
| 596 |
if($count != 0) {
|
|
| 597 |
$prepared_query .= " ) ".$logical_operator." ( "; |
|
| 598 |
} |
|
| 599 |
$prepared_query .= str_replace('[STRING]', $string, $query_body);
|
|
| 600 |
$count = $count+1; |
|
| 601 |
} |
|
| 602 |
$count=0; |
|
| 603 |
$prepared_query .= ' ) ) OR ( ( '; |
|
| 604 |
foreach($search_entities_array AS $string) {
|
|
| 605 |
if($count != 0) {
|
|
| 606 |
$prepared_query .= " ) ".$logical_operator." ( "; |
|
| 607 |
} |
|
| 608 |
$prepared_query .= str_replace('[STRING]', $string, $query_body);
|
|
| 609 |
$count = $count+1; |
|
| 610 |
} |
|
| 611 |
$prepared_query .= " ) ) ) ".$query_end; |
|
| 612 |
// Execute query |
|
| 613 |
$page_query = $database->query($prepared_query." ".$search_path_SQL." ".$search_language_SQL_t); |
|
| 614 |
if(!$page_query) continue; // on error, skip the rest of the current loop iteration |
|
| 615 |
// Loop through queried items |
|
| 616 |
if($page_query->numRows() > 0) {
|
|
| 617 |
while($page = $page_query->fetchRow()) {
|
|
| 618 |
// Only show this page if it hasn't already been listed |
|
| 619 |
if(isset($seen_pages[$module_name][$page['page_id']]) || isset($pages_listed[$page['page_id']])) {
|
|
| 620 |
continue; |
|
| 621 |
} |
|
| 622 |
|
|
| 623 |
// don't list pages with visibility == none|deleted and check if user is allowed to see the page |
|
| 624 |
$p_table = TABLE_PREFIX."pages"; |
|
| 625 |
$viewquery = $database->query("
|
|
| 626 |
SELECT visibility, viewing_groups, viewing_users |
|
| 627 |
FROM $p_table |
|
| 628 |
WHERE page_id='{$page['page_id']}'
|
|
| 629 |
"); |
|
| 630 |
$visibility = 'none'; $viewing_groups="" ; $viewing_users=""; |
|
| 631 |
if($viewquery->numRows() > 0) {
|
|
| 632 |
if($res = $viewquery->fetchRow()) {
|
|
| 633 |
$visibility = $res['visibility']; |
|
| 634 |
$viewing_groups = $res['viewing_groups']; |
|
| 635 |
$viewing_users = $res['viewing_users']; |
|
| 636 |
if($visibility == 'deleted' || $visibility == 'none') {
|
|
| 637 |
continue; |
|
| 638 |
} |
|
| 639 |
if($visibility == 'private') {
|
|
| 640 |
if($admin->page_is_visible(array( |
|
| 641 |
'page_id'=>$page[$fields['page_id']], |
|
| 642 |
'visibility' =>$visibility, |
|
| 643 |
'viewing_groups'=>$viewing_groups, |
|
| 644 |
'viewing_users'=>$viewing_users |
|
| 645 |
)) == false) {
|
|
| 646 |
continue; |
|
| 647 |
} |
|
| 648 |
} |
|
| 649 |
if($admin->page_is_active(array('page_id'=>$page[$fields['page_id']]))==false) {
|
|
| 650 |
continue; |
|
| 651 |
} |
|
| 652 |
} |
|
| 653 |
} |
|
| 654 |
|
|
| 655 |
// Get page link |
|
| 656 |
$link = page_link($page['link']); |
|
| 657 |
// Add search string for highlighting |
|
| 658 |
if ($match!='exact') {
|
|
| 659 |
$sstring = implode(" ", $search_normal_array);
|
|
| 660 |
$link = $link."?searchresult=1&sstring=".urlencode($sstring); |
|
| 661 |
} else {
|
|
| 662 |
$sstring = str_replace(" ", "_",$search_normal_array[0]);
|
|
| 663 |
$link = $link."?searchresult=2&sstring=".urlencode($sstring); |
|
| 664 |
} |
|
| 665 |
// Set vars to be replaced by values |
|
| 666 |
if(!isset($page['description'])) { $page['description'] = ""; }
|
|
| 667 |
if(!isset($page['modified_when'])) { $page['modified_when'] = 0; }
|
|
| 668 |
if(!isset($page['modified_by'])) { $page['modified_by'] = 0; }
|
|
| 669 |
$vars = array('[LINK]', '[TITLE]', '[DESCRIPTION]', '[USERNAME]','[DISPLAY_NAME]','[DATE]','[TIME]','[TEXT_LAST_UPDATED_BY]','[TEXT_ON]','[EXCERPT]');
|
|
| 670 |
if($page['modified_when'] > 0) {
|
|
| 671 |
$date = gmdate(DATE_FORMAT, $page['modified_when']+TIMEZONE); |
|
| 672 |
$time = gmdate(TIME_FORMAT, $page['modified_when']+TIMEZONE); |
|
| 673 |
} else {
|
|
| 674 |
$date = $TEXT['UNKNOWN'].' '.$TEXT['DATE']; |
|
| 675 |
$time = $TEXT['UNKNOWN'].' '.$TEXT['TIME']; |
|
| 676 |
} |
|
| 677 |
$excerpt=""; |
|
| 678 |
if($cfg_show_description == 0) {
|
|
| 679 |
$page['description'] = ""; |
|
| 680 |
} |
|
| 681 |
$values = array($link, $page['page_title'], $page['description'], $users[$page['modified_by']]['username'], $users[$page['modified_by']]['display_name'], $date, $time, $TEXT['LAST_UPDATED_BY'], strtolower($TEXT['ON']), $excerpt); |
|
| 682 |
// Show loop code with vars replaced by values |
|
| 683 |
echo str_replace($vars, $values, ($fetch_results_loop['value'])); |
|
| 684 |
// Say that this page has been listed |
|
| 685 |
$seen_pages[$module_name][$page['page_id']] = true; |
|
| 686 |
$pages_listed[$page['page_id']] = true; |
|
| 687 |
} |
|
| 688 |
} |
|
| 689 |
} |
|
| 690 |
} |
|
| 691 |
} |
|
| 692 |
|
|
| 693 |
// Say no items found if we should |
|
| 694 |
if(count($pages_listed) == 0) {
|
|
| 695 |
echo $search_no_results; |
|
| 696 |
} |
|
| 697 |
} else {
|
|
| 698 |
echo $search_no_results; |
|
| 699 |
} |
|
| 700 |
|
|
| 701 |
// Show search results_footer |
|
| 702 |
echo $search_results_footer; |
|
| 703 |
// Show search footer |
|
| 704 |
echo $search_footer; |
|
| 705 |
|
|
| 1 |
<?php |
|
| 2 |
/** |
|
| 3 |
* |
|
| 4 |
* @category frontend |
|
| 5 |
* @package search |
|
| 6 |
* @author WebsiteBaker Project |
|
| 7 |
* @copyright 2004-2009, Ryan Djurovich |
|
| 8 |
* @copyright 2009-2011, Website Baker Org. e.V. |
|
| 9 |
* @link http://www.websitebaker2.org/ |
|
| 10 |
* @license http://www.gnu.org/licenses/gpl.html |
|
| 11 |
* @platform WebsiteBaker 2.8.x |
|
| 12 |
* @requirements PHP 5.2.2 and higher |
|
| 13 |
* @version $Id$ |
|
| 14 |
* @filesource $HeadURL$ |
|
| 15 |
* @lastmodified $Date$ |
|
| 16 |
* |
|
| 17 |
*/ |
|
| 18 |
|
|
| 19 |
// Must include code to stop this file being access directly |
|
| 20 |
if(defined('WB_PATH') == false) { die("Cannot access this file directly"); }
|
|
| 21 |
|
|
| 22 |
// Check if search is enabled |
|
| 23 |
if(SHOW_SEARCH != true) {
|
|
| 24 |
echo $TEXT['SEARCH'].' '.$TEXT['DISABLED']; |
|
| 25 |
return; |
|
| 26 |
} |
|
| 27 |
|
|
| 28 |
// Include the WB functions file |
|
| 29 |
require_once(WB_PATH.'/framework/functions.php'); |
|
| 30 |
|
|
| 31 |
// Get search settings |
|
| 32 |
$table=TABLE_PREFIX.'search'; |
|
| 33 |
$query = $database->query("SELECT value FROM $table WHERE name = 'header' LIMIT 1");
|
|
| 34 |
$fetch_header = $query->fetchRow(); |
|
| 35 |
$query = $database->query("SELECT value FROM $table WHERE name = 'footer' LIMIT 1");
|
|
| 36 |
$fetch_footer = $query->fetchRow(); |
|
| 37 |
$query = $database->query("SELECT value FROM $table WHERE name = 'results_header' LIMIT 1");
|
|
| 38 |
$fetch_results_header = $query->fetchRow(); |
|
| 39 |
$query = $database->query("SELECT value FROM $table WHERE name = 'results_footer' LIMIT 1");
|
|
| 40 |
$fetch_results_footer = $query->fetchRow(); |
|
| 41 |
$query = $database->query("SELECT value FROM $table WHERE name = 'results_loop' LIMIT 1");
|
|
| 42 |
$fetch_results_loop = $query->fetchRow(); |
|
| 43 |
$query = $database->query("SELECT value FROM $table WHERE name = 'no_results' LIMIT 1");
|
|
| 44 |
$fetch_no_results = $query->fetchRow(); |
|
| 45 |
$query = $database->query("SELECT value FROM $table WHERE name = 'module_order' LIMIT 1");
|
|
| 46 |
if($query->numRows() > 0) { $res = $query->fetchRow(); } else { $res['value']='faqbaker,manual,wysiwyg'; }
|
|
| 47 |
$search_module_order = $res['value']; |
|
| 48 |
$query = $database->query("SELECT value FROM $table WHERE name = 'max_excerpt' LIMIT 1");
|
|
| 49 |
if($query->numRows() > 0) { $res = $query->fetchRow(); } else { $res['value'] = '15'; }
|
|
| 50 |
$search_max_excerpt = (int)($res['value']); |
|
| 51 |
if(!is_numeric($search_max_excerpt)) { $search_max_excerpt = 15; }
|
|
| 52 |
$query = $database->query("SELECT value FROM $table WHERE name = 'cfg_show_description' LIMIT 1");
|
|
| 53 |
if($query->numRows() > 0) { $res = $query->fetchRow(); } else { $res['value'] = 'true'; }
|
|
| 54 |
if($res['value'] == 'false') { $cfg_show_description = false; } else { $cfg_show_description = true; }
|
|
| 55 |
$query = $database->query("SELECT value FROM $table WHERE name = 'cfg_search_description' LIMIT 1");
|
|
| 56 |
if($query->numRows() > 0) { $res = $query->fetchRow(); } else { $res['value'] = 'true'; }
|
|
| 57 |
if($res['value'] == 'false') { $cfg_search_description = false; } else { $cfg_search_description = true; }
|
|
| 58 |
$query = $database->query("SELECT value FROM $table WHERE name = 'cfg_search_keywords' LIMIT 1");
|
|
| 59 |
if($query->numRows() > 0) { $res = $query->fetchRow(); } else { $res['value'] = 'true'; }
|
|
| 60 |
if($res['value'] == 'false') { $cfg_search_keywords = false; } else { $cfg_search_keywords = true; }
|
|
| 61 |
$query = $database->query("SELECT value FROM $table WHERE name = 'cfg_enable_old_search' LIMIT 1");
|
|
| 62 |
if($query->numRows() > 0) { $res = $query->fetchRow(); } else { $res['value'] = 'true'; }
|
|
| 63 |
if($res['value'] == 'false') { $cfg_enable_old_search = false; } else { $cfg_enable_old_search = true; }
|
|
| 64 |
$query = $database->query("SELECT value FROM $table WHERE name = 'cfg_enable_flush' LIMIT 1");
|
|
| 65 |
if($query->numRows() > 0) { $res = $query->fetchRow(); } else { $res['value'] = 'false'; }
|
|
| 66 |
if($res['value'] == 'false') { $cfg_enable_flush = false; } else { $cfg_enable_flush = true; }
|
|
| 67 |
$query = $database->query("SELECT value FROM $table WHERE name = 'time_limit' LIMIT 1"); // time-limit per module
|
|
| 68 |
if($query->numRows() > 0) { $res = $query->fetchRow(); } else { $res['value'] = '0'; }
|
|
| 69 |
$search_time_limit = (int)($res['value']); |
|
| 70 |
if($search_time_limit < 1) $search_time_limit = 0; |
|
| 71 |
|
|
| 72 |
// search-module-extension: get helper-functions |
|
| 73 |
require_once(WB_PATH.'/search/search_modext.php'); |
|
| 74 |
// search-module-extension: Get "search.php" for each module, if present |
|
| 75 |
// looks in modules/module/ and modules/module_searchext/ |
|
| 76 |
$search_funcs = array();$search_funcs['__before'] = array();$search_funcs['__after'] = array(); |
|
| 77 |
$query = $database->query("SELECT DISTINCT directory FROM ".TABLE_PREFIX."addons WHERE type = 'module' AND directory NOT LIKE '%_searchext'");
|
|
| 78 |
if($query->numRows() > 0) {
|
|
| 79 |
while($module = $query->fetchRow()) {
|
|
| 80 |
$file = WB_PATH.'/modules/'.$module['directory'].'/search.php'; |
|
| 81 |
if(!file_exists($file)) {
|
|
| 82 |
$file = WB_PATH.'/modules/'.$module['directory'].'_searchext/search.php'; |
|
| 83 |
if(!file_exists($file)) {
|
|
| 84 |
$file=''; |
|
| 85 |
} |
|
| 86 |
} |
|
| 87 |
if($file!='') {
|
|
| 88 |
include_once($file); |
|
| 89 |
if(function_exists($module['directory']."_search")) {
|
|
| 90 |
$search_funcs[$module['directory']] = $module['directory']."_search"; |
|
| 91 |
} |
|
| 92 |
if(function_exists($module['directory']."_search_before")) {
|
|
| 93 |
$search_funcs['__before'][] = $module['directory']."_search_before"; |
|
| 94 |
} |
|
| 95 |
if(function_exists($module['directory']."_search_after")) {
|
|
| 96 |
$search_funcs['__after'][] = $module['directory']."_search_after"; |
|
| 97 |
} |
|
| 98 |
} |
|
| 99 |
} |
|
| 100 |
} |
|
| 101 |
|
|
| 102 |
// Get list of usernames and display names |
|
| 103 |
$query = $database->query("SELECT user_id,username,display_name FROM ".TABLE_PREFIX."users");
|
|
| 104 |
$users = array('0' => array('display_name' => $TEXT['UNKNOWN'], 'username' => strtolower($TEXT['UNKNOWN'])));
|
|
| 105 |
if($query->numRows() > 0) {
|
|
| 106 |
while($user = $query->fetchRow()) {
|
|
| 107 |
$users[$user['user_id']] = array('display_name' => $user['display_name'], 'username' => $user['username']);
|
|
| 108 |
} |
|
| 109 |
} |
|
| 110 |
|
|
| 111 |
// Get search language, used for special umlaut handling (DE: ß=ss, ...) |
|
| 112 |
$search_lang = ''; |
|
| 113 |
if(isset($_REQUEST['search_lang'])) {
|
|
| 114 |
$search_lang = $_REQUEST['search_lang']; |
|
| 115 |
if(!preg_match('~^[A-Z]{2}$~', $search_lang))
|
|
| 116 |
$search_lang = LANGUAGE; |
|
| 117 |
} else {
|
|
| 118 |
$search_lang = LANGUAGE; |
|
| 119 |
} |
|
| 120 |
|
|
| 121 |
// Get the path to search into. Normally left blank |
|
| 122 |
// ATTN: since wb2.7.1 the path is evaluated as SQL: LIKE "/path%" - which will find "/path.php", "/path/info.php", ...; But not "/de/path.php" |
|
| 123 |
// Add a '%' in front of each path to get SQL: LIKE "%/path%" |
|
| 124 |
/* possible values: |
|
| 125 |
* - a single path: "/en/" - search only pages whose link contains 'path' ("/en/machinery/bender-x09")
|
|
| 126 |
* - a single path not to search into: "-/help" - search all, exclude /help... |
|
| 127 |
* - a bunch of alternative pathes: "/en/,%/machinery/,/docs/" - alternatives paths, seperated by comma |
|
| 128 |
* - a bunch of paths to exclude: "-/about,%/info,/jp/,/light" - search all, exclude these. |
|
| 129 |
* These different styles can't be mixed. |
|
| 130 |
*/ |
|
| 131 |
// ATTN: in wb2.7.0 "/en/" matched all links with "/en/" somewhere in the link: "/info/en/intro.php", "/en/info.php", ... |
|
| 132 |
// since wb2.7.1 "/en/" matches only links _starting_ with "/en/": "/en/intro/info.php" |
|
| 133 |
// use "%/en/" (or "%/en/, %/info", ...) to get the old behavior |
|
| 134 |
$search_path_SQL = ''; |
|
| 135 |
$search_path = ''; |
|
| 136 |
if(isset($_REQUEST['search_path'])) {
|
|
| 137 |
$search_path = addslashes(htmlspecialchars(strip_tags($wb->strip_slashes($_REQUEST['search_path'])), ENT_QUOTES)); |
|
| 138 |
if(!preg_match('~^%?[-a-zA-Z0-9_,/ ]+$~', $search_path))
|
|
| 139 |
$search_path = ''; |
|
| 140 |
if($search_path != '') {
|
|
| 141 |
$search_path_SQL = 'AND ( '; |
|
| 142 |
$not = ''; |
|
| 143 |
$op = 'OR'; |
|
| 144 |
if($search_path[0] == '-') {
|
|
| 145 |
$not = 'NOT'; |
|
| 146 |
$op = 'AND'; |
|
| 147 |
$paths = explode(',', substr($search_path, 1) );
|
|
| 148 |
} else {
|
|
| 149 |
$paths = explode(',',$search_path);
|
|
| 150 |
} |
|
| 151 |
$i=0; |
|
| 152 |
foreach($paths as $p) {
|
|
| 153 |
if($i++ > 0) {
|
|
| 154 |
$search_path_SQL .= ' $op'; |
|
| 155 |
} |
|
| 156 |
$search_path_SQL .= " link $not LIKE '".$p."%'"; |
|
| 157 |
} |
|
| 158 |
$search_path_SQL .= ' )'; |
|
| 159 |
} |
|
| 160 |
} |
|
| 161 |
|
|
| 162 |
// use page_languages? |
|
| 163 |
if(PAGE_LANGUAGES) {
|
|
| 164 |
$table = TABLE_PREFIX."pages"; |
|
| 165 |
$search_language_SQL_t = "AND $table.`language` = '".LANGUAGE."'"; |
|
| 166 |
$search_language_SQL = "AND `language` = '".LANGUAGE."'"; |
|
| 167 |
} else {
|
|
| 168 |
$search_language_SQL_t = ''; |
|
| 169 |
$search_language_SQL = ''; |
|
| 170 |
} |
|
| 171 |
|
|
| 172 |
// Get the search type |
|
| 173 |
$match = ''; |
|
| 174 |
if(isset($_REQUEST['match'])) {
|
|
| 175 |
if($_REQUEST['match']=='any') $match = 'any'; |
|
| 176 |
elseif($_REQUEST['match']=='all') $match = 'all'; |
|
| 177 |
elseif($_REQUEST['match']=='exact') $match = 'exact'; |
|
| 178 |
else $match = 'all'; |
|
| 179 |
} else {
|
|
| 180 |
$match = 'all'; |
|
| 181 |
} |
|
| 182 |
|
|
| 183 |
// Get search string |
|
| 184 |
$search_normal_string = ''; |
|
| 185 |
$search_entities_string = ''; // for SQL's LIKE |
|
| 186 |
$search_display_string = ''; // for displaying |
|
| 187 |
$search_url_string = ''; // for $_GET -- ATTN: unquoted! Will become urldecoded later |
|
| 188 |
$string = ''; |
|
| 189 |
if(isset($_REQUEST['string'])) |
|
| 190 |
{
|
|
| 191 |
if($match!='exact') // $string will be cleaned below |
|
| 192 |
{
|
|
| 193 |
$string=str_replace(',', '', $_REQUEST['string']);
|
|
| 194 |
} else {
|
|
| 195 |
$string=$_REQUEST['string']; |
|
| 196 |
} |
|
| 197 |
// redo possible magic quotes |
|
| 198 |
$string = $wb->strip_slashes($string); |
|
| 199 |
$string = preg_replace('/[ \r\n\t]+/', ' ', $string);
|
|
| 200 |
$string = trim($string); |
|
| 201 |
// remove some bad chars |
|
| 202 |
$string = str_replace ( array('[[',']]'),'', $string);
|
|
| 203 |
$string = preg_replace('/(^|\s+)[|.]+(?=\s+|$)/', '', $string);
|
|
| 204 |
$search_display_string = htmlspecialchars($string); |
|
| 205 |
$search_entities_string = addslashes(umlauts_to_entities(htmlspecialchars($string))); |
|
| 206 |
// mySQL needs four backslashes to match one in LIKE comparisons) |
|
| 207 |
$search_entities_string = str_replace('\\\\', '\\\\\\\\', $search_entities_string);
|
|
| 208 |
// convert string to utf-8 |
|
| 209 |
$string = entities_to_umlauts($string, 'UTF-8'); |
|
| 210 |
$search_url_string = $string; |
|
| 211 |
$string = preg_quote($string); |
|
| 212 |
// quote ' " and / -we need quoted / for regex |
|
| 213 |
$search_normal_string = str_replace(array('\'','"','/'), array('\\\'','\"','\/'), $string);
|
|
| 214 |
} |
|
| 215 |
// make arrays from the search_..._strings above |
|
| 216 |
if($match == 'exact') |
|
| 217 |
$search_url_array[] = $search_url_string; |
|
| 218 |
else |
|
| 219 |
$search_url_array = explode(' ', $search_url_string);
|
|
| 220 |
$search_normal_array = array(); |
|
| 221 |
$search_entities_array = array(); |
|
| 222 |
if($match == 'exact') {
|
|
| 223 |
$search_normal_array[]=$search_normal_string; |
|
| 224 |
$search_entities_array[]=$search_entities_string; |
|
| 225 |
} else {
|
|
| 226 |
$exploded_string = explode(' ', $search_normal_string);
|
|
| 227 |
// Make sure there is no blank values in the array |
|
| 228 |
foreach($exploded_string AS $each_exploded_string) {
|
|
| 229 |
if($each_exploded_string != '') {
|
|
| 230 |
$search_normal_array[] = $each_exploded_string; |
|
| 231 |
} |
|
| 232 |
} |
|
| 233 |
$exploded_string = explode(' ', $search_entities_string);
|
|
| 234 |
// Make sure there is no blank values in the array |
|
| 235 |
foreach($exploded_string AS $each_exploded_string) {
|
|
| 236 |
if($each_exploded_string != '') {
|
|
| 237 |
$search_entities_array[] = $each_exploded_string; |
|
| 238 |
} |
|
| 239 |
} |
|
| 240 |
} |
|
| 241 |
// make an extra copy of search_normal_array for use in regex |
|
| 242 |
require(WB_PATH.'/search/search_convert.php'); |
|
| 243 |
$search_words = array(); |
|
| 244 |
foreach($search_normal_array AS $str) {
|
|
| 245 |
$str = str_replace($string_ul_umlaut, $string_ul_regex, $str); |
|
| 246 |
$search_words[] = $str; |
|
| 247 |
} |
|
| 248 |
|
|
| 249 |
// Work-out what to do (match all words, any words, or do exact match), and do relevant with query settings |
|
| 250 |
$all_checked = ''; |
|
| 251 |
$any_checked = ''; |
|
| 252 |
$exact_checked = ''; |
|
| 253 |
if ($match == 'any') {
|
|
| 254 |
$any_checked = ' checked="checked"'; |
|
| 255 |
$logical_operator = ' OR'; |
|
| 256 |
} elseif($match == 'all') {
|
|
| 257 |
$all_checked = ' checked="checked"'; |
|
| 258 |
$logical_operator = ' AND'; |
|
| 259 |
} else {
|
|
| 260 |
$exact_checked = ' checked="checked"'; |
|
| 261 |
} |
|
| 262 |
|
|
| 263 |
// Replace vars in search settings with values |
|
| 264 |
$vars = array('[SEARCH_STRING]', '[WB_URL]', '[PAGE_EXTENSION]', '[TEXT_RESULTS_FOR]');
|
|
| 265 |
$values = array($search_display_string, WB_URL, PAGE_EXTENSION, $TEXT['RESULTS_FOR']); |
|
| 266 |
$search_footer = str_replace($vars, $values, ($fetch_footer['value'])); |
|
| 267 |
$search_results_header = str_replace($vars, $values, ($fetch_results_header['value'])); |
|
| 268 |
$search_results_footer = str_replace($vars, $values, ($fetch_results_footer['value'])); |
|
| 269 |
|
|
| 270 |
// Do extra vars/values replacement |
|
| 271 |
$vars = array('[SEARCH_STRING]', '[WB_URL]', '[PAGE_EXTENSION]', '[TEXT_SEARCH]', '[TEXT_ALL_WORDS]', '[TEXT_ANY_WORDS]', '[TEXT_EXACT_MATCH]', '[TEXT_MATCH]', '[TEXT_MATCHING]', '[ALL_CHECKED]', '[ANY_CHECKED]', '[EXACT_CHECKED]', '[REFERRER_ID]', '[SEARCH_PATH]');
|
|
| 272 |
$values = array($search_display_string, WB_URL, PAGE_EXTENSION, $TEXT['SEARCH'], $TEXT['ALL_WORDS'], $TEXT['ANY_WORDS'], $TEXT['EXACT_MATCH'], $TEXT['MATCH'], $TEXT['MATCHING'], $all_checked, $any_checked, $exact_checked, REFERRER_ID, $search_path); |
|
| 273 |
$search_header = str_replace($vars, $values, ($fetch_header['value'])); |
|
| 274 |
$vars = array('[TEXT_NO_RESULTS]');
|
|
| 275 |
$values = array($TEXT['NO_RESULTS']); |
|
| 276 |
$search_no_results = str_replace($vars, $values, ($fetch_no_results['value'])); |
|
| 277 |
|
|
| 278 |
/* |
|
| 279 |
* Start of output |
|
| 280 |
*/ |
|
| 281 |
|
|
| 282 |
// Show search header |
|
| 283 |
echo $search_header; |
|
| 284 |
// Show search results_header |
|
| 285 |
echo $search_results_header; |
|
| 286 |
|
|
| 287 |
// Work-out if the user has already entered their details or not |
|
| 288 |
if($search_normal_string != '') {
|
|
| 289 |
|
|
| 290 |
// Get modules |
|
| 291 |
$table = TABLE_PREFIX."sections"; |
|
| 292 |
$get_modules = $database->query("SELECT DISTINCT module FROM $table WHERE module != '' ");
|
|
| 293 |
$modules = array(); |
|
| 294 |
if($get_modules->numRows() > 0) {
|
|
| 295 |
while($module = $get_modules->fetchRow()) {
|
|
| 296 |
$modules[] = $module['module']; |
|
| 297 |
} |
|
| 298 |
} |
|
| 299 |
// sort module search-order |
|
| 300 |
// get the modules from $search_module_order first ... |
|
| 301 |
$sorted_modules = array(); |
|
| 302 |
$m = count($modules); |
|
| 303 |
$search_modules = explode(',', $search_module_order);
|
|
| 304 |
foreach($search_modules AS $item) {
|
|
| 305 |
$item = trim($item); |
|
| 306 |
for($i=0; $i < $m; $i++) {
|
|
| 307 |
if(isset($modules[$i]) && $modules[$i] == $item) {
|
|
| 308 |
$sorted_modules[] = $modules[$i]; |
|
| 309 |
unset($modules[$i]); |
|
| 310 |
break; |
|
| 311 |
} |
|
| 312 |
} |
|
| 313 |
} |
|
| 314 |
// ... then add the rest |
|
| 315 |
foreach($modules AS $item) {
|
|
| 316 |
$sorted_modules[] = $item; |
|
| 317 |
} |
|
| 318 |
|
|
| 319 |
|
|
| 320 |
// Use the module's search-extensions. |
|
| 321 |
// This is somewhat slower than the orginial method. |
|
| 322 |
|
|
| 323 |
// call $search_funcs['__before'] first |
|
| 324 |
$search_func_vars = array( |
|
| 325 |
'database' => $database, // database-handle |
|
| 326 |
'page_id' => 0, |
|
| 327 |
'section_id' => 0, |
|
| 328 |
'page_title' => '', |
|
| 329 |
'page_menu_title' => '', |
|
| 330 |
'page_description' => '', |
|
| 331 |
'page_keywords' => '', |
|
| 332 |
'page_link' => '', |
|
| 333 |
'page_modified_when' => 0, |
|
| 334 |
'page_modified_by' => 0, |
|
| 335 |
'users' => $users, // array of known user-id/user-name |
|
| 336 |
'search_words' => $search_words, // array of strings, prepared for regex |
|
| 337 |
'search_match' => $match, // match-type |
|
| 338 |
'search_url_array' => $search_url_array, // array of strings from the original search-string. ATTN: strings are not quoted! |
|
| 339 |
'results_loop_string' => $fetch_results_loop['value'], |
|
| 340 |
'default_max_excerpt' => $search_max_excerpt, |
|
| 341 |
'time_limit' => $search_time_limit, // time-limit in secs |
|
| 342 |
'search_path' => $search_path // see docu |
|
| 343 |
); |
|
| 344 |
foreach($search_funcs['__before'] as $func) {
|
|
| 345 |
$uf_res = call_user_func($func, $search_func_vars); |
|
| 346 |
} |
|
| 347 |
// now call module-based $search_funcs[] |
|
| 348 |
$seen_pages = array(); // seen pages per module. |
|
| 349 |
$pages_listed = array(); // seen pages. |
|
| 350 |
if($search_max_excerpt!=0) { // skip this search if $search_max_excerpt==0
|
|
| 351 |
foreach($sorted_modules AS $module_name) {
|
|
| 352 |
$start_time = time(); // get start-time to check time-limit; not very accurate, but ok |
|
| 353 |
$seen_pages[$module_name] = array(); |
|
| 354 |
if(!isset($search_funcs[$module_name])) {
|
|
| 355 |
continue; // there is no search_func for this module |
|
| 356 |
} |
|
| 357 |
// get each section for $module_name |
|
| 358 |
$table_s = TABLE_PREFIX."sections"; |
|
| 359 |
$table_p = TABLE_PREFIX."pages"; |
|
| 360 |
$sections_query = $database->query("
|
|
| 361 |
SELECT s.section_id, s.page_id, s.module, s.publ_start, s.publ_end, |
|
| 362 |
p.page_title, p.menu_title, p.link, p.description, p.keywords, p.modified_when, p.modified_by, |
|
| 363 |
p.visibility, p.viewing_groups, p.viewing_users |
|
| 364 |
FROM $table_s AS s INNER JOIN $table_p AS p ON s.page_id = p.page_id |
|
| 365 |
WHERE s.module = '$module_name' AND p.visibility NOT IN ('none','deleted') AND p.searching = '1' $search_path_SQL $search_language_SQL
|
|
| 366 |
ORDER BY s.page_id, s.position ASC |
|
| 367 |
"); |
|
| 368 |
if($sections_query->numRows() > 0) {
|
|
| 369 |
while($res = $sections_query->fetchRow()) {
|
|
| 370 |
// check if time-limit is exceeded for this module |
|
| 371 |
if($search_time_limit > 0 && (time()-$start_time > $search_time_limit)) {
|
|
| 372 |
break; |
|
| 373 |
} |
|
| 374 |
// Only show this section if it is not "out of publication-date" |
|
| 375 |
$now = time(); |
|
| 376 |
if( !( $now<$res['publ_end'] && ($now>$res['publ_start'] || $res['publ_start']==0) || |
|
| 377 |
$now>$res['publ_start'] && $res['publ_end']==0) ) {
|
|
| 378 |
continue; |
|
| 379 |
} |
|
| 380 |
$search_func_vars = array( |
|
| 381 |
'database' => $database, |
|
| 382 |
'page_id' => $res['page_id'], |
|
| 383 |
'section_id' => $res['section_id'], |
|
| 384 |
'page_title' => $res['page_title'], |
|
| 385 |
'page_menu_title' => $res['menu_title'], |
|
| 386 |
'page_description' => ($cfg_show_description?$res['description']:""), |
|
| 387 |
'page_keywords' => $res['keywords'], |
|
| 388 |
'page_link' => $res['link'], |
|
| 389 |
'page_modified_when' => $res['modified_when'], |
|
| 390 |
'page_modified_by' => $res['modified_by'], |
|
| 391 |
'users' => $users, |
|
| 392 |
'search_words' => $search_words, // needed for preg_match |
|
| 393 |
'search_match' => $match, |
|
| 394 |
'search_url_array' => $search_url_array, // needed for url-string only |
|
| 395 |
'results_loop_string' => $fetch_results_loop['value'], |
|
| 396 |
'default_max_excerpt' => $search_max_excerpt, |
|
| 397 |
'enable_flush' => $cfg_enable_flush, |
|
| 398 |
'time_limit' => $search_time_limit // time-limit in secs |
|
| 399 |
); |
|
| 400 |
// Only show this page if we are allowed to see it |
|
| 401 |
if($admin->page_is_visible($res) == false) {
|
|
| 402 |
if($res['visibility'] == 'registered') { // don't show excerpt
|
|
| 403 |
$search_func_vars['default_max_excerpt'] = 0; |
|
| 404 |
$search_func_vars['page_description'] = $TEXT['REGISTERED']; |
|
| 405 |
} else { // private
|
|
| 406 |
continue; |
|
| 407 |
} |
|
| 408 |
} |
|
| 409 |
$uf_res = call_user_func($search_funcs[$module_name], $search_func_vars); |
|
| 410 |
if($uf_res) {
|
|
| 411 |
$pages_listed[$res['page_id']] = true; |
|
| 412 |
$seen_pages[$module_name][$res['page_id']] = true; |
|
| 413 |
} else {
|
|
| 414 |
$seen_pages[$module_name][$res['page_id']] = true; |
|
| 415 |
} |
|
| 416 |
} |
|
| 417 |
} |
|
| 418 |
} |
|
| 419 |
} |
|
| 420 |
// now call $search_funcs['__after'] |
|
| 421 |
$search_func_vars = array( |
|
| 422 |
'database' => $database, // database-handle |
|
| 423 |
'page_id' => 0, |
|
| 424 |
'section_id' => 0, |
|
| 425 |
'page_title' => '', |
|
| 426 |
'page_menu_title' => '', |
|
| 427 |
'page_description' => '', |
|
| 428 |
'page_keywords' => '', |
|
| 429 |
'page_link' => '', |
|
| 430 |
'page_modified_when' => 0, |
|
| 431 |
'page_modified_by' => 0, |
|
| 432 |
'users' => $users, // array of known user-id/user-name |
|
| 433 |
'search_words' => $search_words, // array of strings, prepared for regex |
|
| 434 |
'search_match' => $match, // match-type |
|
| 435 |
'search_url_array' => $search_url_array, // array of strings from the original search-string. ATTN: strings are not quoted! |
|
| 436 |
'results_loop_string' => $fetch_results_loop['value'], |
|
| 437 |
'default_max_excerpt' => $search_max_excerpt, |
|
| 438 |
'time_limit' => $search_time_limit, // time-limit in secs |
|
| 439 |
'search_path' => $search_path // see docu |
|
| 440 |
); |
|
| 441 |
foreach($search_funcs['__after'] as $func) {
|
|
| 442 |
$uf_res = call_user_func($func, $search_func_vars); |
|
| 443 |
} |
|
| 444 |
|
|
| 445 |
|
|
| 446 |
// Search page details only, such as description, keywords, etc, but only of unseen pages. |
|
| 447 |
$max_excerpt_num = 0; // we don't want excerpt here |
|
| 448 |
$divider = "."; |
|
| 449 |
$table = TABLE_PREFIX."pages"; |
|
| 450 |
$query_pages = $database->query("
|
|
| 451 |
SELECT page_id, page_title, menu_title, link, description, keywords, modified_when, modified_by, |
|
| 452 |
visibility, viewing_groups, viewing_users |
|
| 453 |
FROM $table |
|
| 454 |
WHERE visibility NOT IN ('none','deleted') AND searching = '1' $search_path_SQL $search_language_SQL
|
|
| 455 |
"); |
|
| 456 |
if($query_pages->numRows() > 0) {
|
|
| 457 |
while($page = $query_pages->fetchRow()) {
|
|
| 458 |
if (isset($pages_listed[$page['page_id']])) {
|
|
| 459 |
continue; |
|
| 460 |
} |
|
| 461 |
$func_vars = array( |
|
| 462 |
'database' => $database, |
|
| 463 |
'page_id' => $page['page_id'], |
|
| 464 |
'page_title' => $page['page_title'], |
|
| 465 |
'page_menu_title' => $page['menu_title'], |
|
| 466 |
'page_description' => ($cfg_show_description?$page['description']:""), |
|
| 467 |
'page_keywords' => $page['keywords'], |
|
| 468 |
'page_link' => $page['link'], |
|
| 469 |
'page_modified_when' => $page['modified_when'], |
|
| 470 |
'page_modified_by' => $page['modified_by'], |
|
| 471 |
'users' => $users, |
|
| 472 |
'search_words' => $search_words, // needed for preg_match_all |
|
| 473 |
'search_match' => $match, |
|
| 474 |
'search_url_array' => $search_url_array, // needed for url-string only |
|
| 475 |
'results_loop_string' => $fetch_results_loop['value'], |
|
| 476 |
'default_max_excerpt' => $max_excerpt_num, |
|
| 477 |
'enable_flush' => $cfg_enable_flush |
|
| 478 |
); |
|
| 479 |
// Only show this page if we are allowed to see it |
|
| 480 |
if($admin->page_is_visible($page) == false) {
|
|
| 481 |
if($page['visibility'] != 'registered') {
|
|
| 482 |
continue; |
|
| 483 |
} else { // page: registered, user: access denied
|
|
| 484 |
$func_vars['page_description'] = $TEXT['REGISTERED']; |
|
| 485 |
} |
|
| 486 |
} |
|
| 487 |
if($admin->page_is_active($page) == false) {
|
|
| 488 |
continue; |
|
| 489 |
} |
|
| 490 |
$text = $func_vars['page_title'].$divider |
|
| 491 |
.$func_vars['page_menu_title'].$divider |
|
| 492 |
.($cfg_search_description?$func_vars['page_description']:"").$divider |
|
| 493 |
.($cfg_search_keywords?$func_vars['page_keywords']:"").$divider; |
|
| 494 |
$mod_vars = array( |
|
| 495 |
'page_link' => $func_vars['page_link'], |
|
| 496 |
'page_link_target' => "", |
|
| 497 |
'page_title' => $func_vars['page_title'], |
|
| 498 |
'page_description' => $func_vars['page_description'], |
|
| 499 |
'page_modified_when' => $func_vars['page_modified_when'], |
|
| 500 |
'page_modified_by' => $func_vars['page_modified_by'], |
|
| 501 |
'text' => $text, |
|
| 502 |
'max_excerpt_num' => $func_vars['default_max_excerpt'] |
|
| 503 |
); |
|
| 504 |
if(print_excerpt2($mod_vars, $func_vars)) {
|
|
| 505 |
$pages_listed[$page['page_id']] = true; |
|
| 506 |
} |
|
| 507 |
} |
|
| 508 |
} |
|
| 509 |
|
|
| 510 |
// Now use the old method for pages not displayed by the new method above |
|
| 511 |
// in case someone has old modules without search.php. |
|
| 512 |
|
|
| 513 |
// Get modules |
|
| 514 |
$table_search = TABLE_PREFIX."search"; |
|
| 515 |
$table_sections = TABLE_PREFIX."sections"; |
|
| 516 |
$get_modules = $database->query("
|
|
| 517 |
SELECT DISTINCT s.value, s.extra |
|
| 518 |
FROM $table_search AS s INNER JOIN $table_sections AS sec |
|
| 519 |
ON s.value = sec.module |
|
| 520 |
WHERE s.name = 'module' |
|
| 521 |
"); |
|
| 522 |
$modules = array(); |
|
| 523 |
if($get_modules->numRows() > 0) {
|
|
| 524 |
while($module = $get_modules->fetchRow()) {
|
|
| 525 |
$modules[] = $module; // $modules in an array of arrays |
|
| 526 |
} |
|
| 527 |
} |
|
| 528 |
// sort module search-order |
|
| 529 |
// get the modules from $search_module_order first ... |
|
| 530 |
$sorted_modules = array(); |
|
| 531 |
$m = count($modules); |
|
| 532 |
$search_modules = explode(',', $search_module_order);
|
|
| 533 |
foreach($search_modules AS $item) {
|
|
| 534 |
$item = trim($item); |
|
| 535 |
for($i=0; $i < $m; $i++) {
|
|
| 536 |
if(isset($modules[$i]) && $modules[$i]['value'] == $item) {
|
|
| 537 |
$sorted_modules[] = $modules[$i]; |
|
| 538 |
unset($modules[$i]); |
|
| 539 |
break; |
|
| 540 |
} |
|
| 541 |
} |
|
| 542 |
} |
|
| 543 |
// ... then add the rest |
|
| 544 |
foreach($modules AS $item) {
|
|
| 545 |
$sorted_modules[] = $item; |
|
| 546 |
} |
|
| 547 |
|
|
| 548 |
if($cfg_enable_old_search) { // this is the old (wb <= 2.6.7) search-function
|
|
| 549 |
$search_path_SQL = str_replace(' link ', ' '.TABLE_PREFIX.'pages.link ', $search_path_SQL);
|
|
| 550 |
foreach($sorted_modules AS $module) {
|
|
| 551 |
if(isset($seen_pages[$module['value']]) && count($seen_pages[$module['value']])>0) // skip modules handled by new search-func |
|
| 552 |
continue; |
|
| 553 |
$query_start = ''; |
|
| 554 |
$query_body = ''; |
|
| 555 |
$query_end = ''; |
|
| 556 |
$prepared_query = ''; |
|
| 557 |
// Get module name |
|
| 558 |
$module_name = $module['value']; |
|
| 559 |
if(!isset($seen_pages[$module_name])) {
|
|
| 560 |
$seen_pages[$module_name]=array(); |
|
| 561 |
} |
|
| 562 |
// skip module 'code' - it doesn't make sense to search in a code section |
|
| 563 |
if($module_name=="code") |
|
| 564 |
continue; |
|
| 565 |
// Get fields to use for title, link, etc. |
|
| 566 |
$fields = unserialize($module['extra']); |
|
| 567 |
// Get query start |
|
| 568 |
$get_query_start = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'query_start' AND extra = '$module_name' LIMIT 1");
|
|
| 569 |
if($get_query_start->numRows() > 0) {
|
|
| 570 |
// Fetch query start |
|
| 571 |
$fetch_query_start = $get_query_start->fetchRow(); |
|
| 572 |
// Prepare query start for execution by replacing {TP} with the TABLE_PREFIX
|
|
| 573 |
$query_start = str_replace('[TP]', TABLE_PREFIX, ($fetch_query_start['value']));
|
|
| 574 |
} |
|
| 575 |
// Get query end |
|
| 576 |
$get_query_end = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'query_end' AND extra = '$module_name' LIMIT 1");
|
|
| 577 |
if($get_query_end->numRows() > 0) {
|
|
| 578 |
// Fetch query end |
|
| 579 |
$fetch_query_end = $get_query_end->fetchRow(); |
|
| 580 |
// Set query end |
|
| 581 |
$query_end = ($fetch_query_end['value']); |
|
| 582 |
} |
|
| 583 |
// Get query body |
|
| 584 |
$get_query_body = $database->query("SELECT value FROM ".TABLE_PREFIX."search WHERE name = 'query_body' AND extra = '$module_name' LIMIT 1");
|
|
| 585 |
if($get_query_body->numRows() > 0) {
|
|
| 586 |
// Fetch query body |
|
| 587 |
$fetch_query_body = $get_query_body->fetchRow(); |
|
| 588 |
// Prepare query body for execution by replacing {STRING} with the correct one
|
|
| 589 |
$query_body = str_replace(array('[TP]','[O]','[W]'), array(TABLE_PREFIX,'LIKE','%'), ($fetch_query_body['value']));
|
|
| 590 |
// Loop through query body for each string, then combine with start and end |
|
| 591 |
$prepared_query = $query_start." ( ( ( "; |
|
| 592 |
$count = 0; |
|
| 593 |
foreach($search_normal_array AS $string) {
|
|
| 594 |
if($count != 0) {
|
|
| 595 |
$prepared_query .= " ) ".$logical_operator." ( "; |
|
| 596 |
} |
|
| 597 |
$prepared_query .= str_replace('[STRING]', $string, $query_body);
|
|
| 598 |
$count = $count+1; |
|
| 599 |
} |
|
| 600 |
$count=0; |
|
| 601 |
$prepared_query .= ' ) ) OR ( ( '; |
|
| 602 |
foreach($search_entities_array AS $string) {
|
|
| 603 |
if($count != 0) {
|
|
| 604 |
$prepared_query .= " ) ".$logical_operator." ( "; |
|
| 605 |
} |
|
| 606 |
$prepared_query .= str_replace('[STRING]', $string, $query_body);
|
|
| 607 |
$count = $count+1; |
|
| 608 |
} |
|
| 609 |
$prepared_query .= " ) ) ) ".$query_end; |
|
| 610 |
// Execute query |
|
| 611 |
$page_query = $database->query($prepared_query." ".$search_path_SQL." ".$search_language_SQL_t); |
|
| 612 |
if(!$page_query) continue; // on error, skip the rest of the current loop iteration |
|
| 613 |
// Loop through queried items |
|
| 614 |
if($page_query->numRows() > 0) {
|
|
| 615 |
while($page = $page_query->fetchRow()) {
|
|
| 616 |
// Only show this page if it hasn't already been listed |
|
| 617 |
if(isset($seen_pages[$module_name][$page['page_id']]) || isset($pages_listed[$page['page_id']])) {
|
|
| 618 |
continue; |
|
| 619 |
} |
|
| 620 |
|
|
| 621 |
// don't list pages with visibility == none|deleted and check if user is allowed to see the page |
|
| 622 |
$p_table = TABLE_PREFIX."pages"; |
|
| 623 |
$viewquery = $database->query("
|
|
| 624 |
SELECT visibility, viewing_groups, viewing_users |
|
| 625 |
FROM $p_table |
|
| 626 |
WHERE page_id='{$page['page_id']}'
|
|
| 627 |
"); |
|
| 628 |
$visibility = 'none'; $viewing_groups="" ; $viewing_users=""; |
|
| 629 |
if($viewquery->numRows() > 0) {
|
|
| 630 |
if($res = $viewquery->fetchRow()) {
|
|
| 631 |
$visibility = $res['visibility']; |
|
| 632 |
$viewing_groups = $res['viewing_groups']; |
|
| 633 |
$viewing_users = $res['viewing_users']; |
|
| 634 |
if($visibility == 'deleted' || $visibility == 'none') {
|
|
| 635 |
continue; |
|
| 636 |
} |
|
| 637 |
if($visibility == 'private') {
|
|
| 638 |
if($admin->page_is_visible(array( |
|
| 639 |
'page_id'=>$page[$fields['page_id']], |
|
| 640 |
'visibility' =>$visibility, |
|
| 641 |
'viewing_groups'=>$viewing_groups, |
|
| 642 |
'viewing_users'=>$viewing_users |
|
| 643 |
)) == false) {
|
|
| 644 |
continue; |
|
| 645 |
} |
|
| 646 |
} |
|
| 647 |
if($admin->page_is_active(array('page_id'=>$page[$fields['page_id']]))==false) {
|
|
| 648 |
continue; |
|
| 649 |
} |
|
| 650 |
} |
|
| 651 |
} |
|
| 652 |
|
|
| 653 |
// Get page link |
|
| 654 |
$link = page_link($page['link']); |
|
| 655 |
// Add search string for highlighting |
|
| 656 |
if ($match!='exact') {
|
|
| 657 |
$sstring = implode(" ", $search_normal_array);
|
|
| 658 |
$link = $link."?searchresult=1&sstring=".urlencode($sstring); |
|
| 659 |
} else {
|
|
| 660 |
$sstring = str_replace(" ", "_",$search_normal_array[0]);
|
|
| 661 |
$link = $link."?searchresult=2&sstring=".urlencode($sstring); |
|
| 662 |
} |
|
| 663 |
// Set vars to be replaced by values |
|
| 664 |
if(!isset($page['description'])) { $page['description'] = ""; }
|
|
| 665 |
if(!isset($page['modified_when'])) { $page['modified_when'] = 0; }
|
|
| 666 |
if(!isset($page['modified_by'])) { $page['modified_by'] = 0; }
|
|
| 667 |
$vars = array('[LINK]', '[TITLE]', '[DESCRIPTION]', '[USERNAME]','[DISPLAY_NAME]','[DATE]','[TIME]','[TEXT_LAST_UPDATED_BY]','[TEXT_ON]','[EXCERPT]');
|
|
| 668 |
if($page['modified_when'] > 0) {
|
|
| 669 |
$date = gmdate(DATE_FORMAT, $page['modified_when']+TIMEZONE); |
|
| 670 |
$time = gmdate(TIME_FORMAT, $page['modified_when']+TIMEZONE); |
|
| 671 |
} else {
|
|
| 672 |
$date = $TEXT['UNKNOWN'].' '.$TEXT['DATE']; |
|
| 673 |
$time = $TEXT['UNKNOWN'].' '.$TEXT['TIME']; |
|
| 674 |
} |
|
| 675 |
$excerpt=""; |
|
| 676 |
if($cfg_show_description == 0) {
|
|
| 677 |
$page['description'] = ""; |
|
| 678 |
} |
|
| 679 |
$values = array($link, $page['page_title'], $page['description'], $users[$page['modified_by']]['username'], $users[$page['modified_by']]['display_name'], $date, $time, $TEXT['LAST_UPDATED_BY'], strtolower($TEXT['ON']), $excerpt); |
|
| 680 |
// Show loop code with vars replaced by values |
|
| 681 |
echo str_replace($vars, $values, ($fetch_results_loop['value'])); |
|
| 682 |
// Say that this page has been listed |
|
| 683 |
$seen_pages[$module_name][$page['page_id']] = true; |
|
| 684 |
$pages_listed[$page['page_id']] = true; |
|
| 685 |
} |
|
| 686 |
} |
|
| 687 |
} |
|
| 688 |
} |
|
| 689 |
} |
|
| 690 |
|
|
| 691 |
// Say no items found if we should |
|
| 692 |
if(count($pages_listed) == 0) {
|
|
| 693 |
echo $search_no_results; |
|
| 694 |
} |
|
| 695 |
} else {
|
|
| 696 |
echo $search_no_results; |
|
| 697 |
} |
|
| 698 |
|
|
| 699 |
// Show search results_footer |
|
| 700 |
echo $search_results_footer; |
|
| 701 |
// Show search footer |
|
| 702 |
echo $search_footer; |
|
| 703 |
|
|
| 706 | 704 |
?> |
Also available in: Unified diff
YGN Ethical Hacker Group (2.8.2 / 2.9.0)