Revision 1442
Added by Dietmar over 13 years ago
search.php | ||
---|---|---|
186 | 186 |
$search_display_string = ''; // for displaying |
187 | 187 |
$search_url_string = ''; // for $_GET -- ATTN: unquoted! Will become urldecoded later |
188 | 188 |
$string = ''; |
189 |
if(isset($_REQUEST['string'])) |
|
190 |
{ |
|
191 |
if($match!='exact') // $string will be cleaned below |
|
192 |
{ |
|
189 |
if(isset($_REQUEST['string'])) { |
|
190 |
if($match!='exact') { // $string will be cleaned below |
|
193 | 191 |
$string=str_replace(',', '', $_REQUEST['string']); |
194 | 192 |
} else { |
195 | 193 |
$string=$_REQUEST['string']; |
196 | 194 |
} |
197 | 195 |
// redo possible magic quotes |
198 | 196 |
$string = $wb->strip_slashes($string); |
199 |
$string = preg_replace('/[ \r\n\t]+/', ' ', $string);
|
|
197 |
$string = preg_replace('/\s+/', ' ', $string);
|
|
200 | 198 |
$string = trim($string); |
201 | 199 |
// remove some bad chars |
202 | 200 |
$string = str_replace ( array('[[',']]'),'', $string); |
203 | 201 |
$string = preg_replace('/(^|\s+)[|.]+(?=\s+|$)/', '', $string); |
204 | 202 |
$search_display_string = htmlspecialchars($string); |
205 |
$search_entities_string = addslashes(umlauts_to_entities(htmlspecialchars($string))); |
|
206 |
// mySQL needs four backslashes to match one in LIKE comparisons) |
|
207 |
$search_entities_string = str_replace('\\\\', '\\\\\\\\', $search_entities_string); |
|
208 | 203 |
// convert string to utf-8 |
209 | 204 |
$string = entities_to_umlauts($string, 'UTF-8'); |
210 | 205 |
$search_url_string = $string; |
206 |
$search_entities_string = addslashes(htmlentities($string, ENT_COMPAT, 'UTF-8')); |
|
207 |
// mySQL needs four backslashes to match one in LIKE comparisons) |
|
208 |
$search_entities_string = str_replace('\\\\', '\\\\\\\\', $search_entities_string); |
|
211 | 209 |
$string = preg_quote($string); |
212 | 210 |
// quote ' " and / -we need quoted / for regex |
213 | 211 |
$search_normal_string = str_replace(array('\'','"','/'), array('\\\'','\"','\/'), $string); |
... | ... | |
239 | 237 |
} |
240 | 238 |
} |
241 | 239 |
// make an extra copy of search_normal_array for use in regex |
242 |
require(WB_PATH.'/search/search_convert.php'); |
|
243 | 240 |
$search_words = array(); |
241 |
require_once(WB_PATH.'/search/search_convert.php'); |
|
242 |
global $search_table_umlauts_local; |
|
243 |
require_once(WB_PATH.'/search/search_convert_ul.php'); |
|
244 |
global $search_table_ul_umlauts; |
|
244 | 245 |
foreach($search_normal_array AS $str) { |
245 |
$str = str_replace($string_ul_umlaut, $string_ul_regex, $str); |
|
246 |
$str = strtr($str, $search_table_umlauts_local); |
|
247 |
$str = strtr($str, $search_table_ul_umlauts); |
|
246 | 248 |
$search_words[] = $str; |
247 | 249 |
} |
248 | 250 |
|
... | ... | |
319 | 321 |
|
320 | 322 |
// Use the module's search-extensions. |
321 | 323 |
// This is somewhat slower than the orginial method. |
322 |
|
|
323 | 324 |
// call $search_funcs['__before'] first |
324 | 325 |
$search_func_vars = array( |
325 | 326 |
'database' => $database, // database-handle |
... | ... | |
336 | 337 |
'search_words' => $search_words, // array of strings, prepared for regex |
337 | 338 |
'search_match' => $match, // match-type |
338 | 339 |
'search_url_array' => $search_url_array, // array of strings from the original search-string. ATTN: strings are not quoted! |
340 |
'search_entities_array' => $search_entities_array, // entities |
|
339 | 341 |
'results_loop_string' => $fetch_results_loop['value'], |
340 | 342 |
'default_max_excerpt' => $search_max_excerpt, |
341 | 343 |
'time_limit' => $search_time_limit, // time-limit in secs |
... | ... | |
392 | 394 |
'search_words' => $search_words, // needed for preg_match |
393 | 395 |
'search_match' => $match, |
394 | 396 |
'search_url_array' => $search_url_array, // needed for url-string only |
397 |
'search_entities_array' => $search_entities_array, // entities |
|
395 | 398 |
'results_loop_string' => $fetch_results_loop['value'], |
396 | 399 |
'default_max_excerpt' => $search_max_excerpt, |
397 | 400 |
'enable_flush' => $cfg_enable_flush, |
... | ... | |
433 | 436 |
'search_words' => $search_words, // array of strings, prepared for regex |
434 | 437 |
'search_match' => $match, // match-type |
435 | 438 |
'search_url_array' => $search_url_array, // array of strings from the original search-string. ATTN: strings are not quoted! |
439 |
'search_entities_array' => $search_entities_array, // entities |
|
436 | 440 |
'results_loop_string' => $fetch_results_loop['value'], |
437 | 441 |
'default_max_excerpt' => $search_max_excerpt, |
438 | 442 |
'time_limit' => $search_time_limit, // time-limit in secs |
... | ... | |
472 | 476 |
'search_words' => $search_words, // needed for preg_match_all |
473 | 477 |
'search_match' => $match, |
474 | 478 |
'search_url_array' => $search_url_array, // needed for url-string only |
479 |
'search_entities_array' => $search_entities_array, // entities |
|
475 | 480 |
'results_loop_string' => $fetch_results_loop['value'], |
476 | 481 |
'default_max_excerpt' => $max_excerpt_num, |
477 | 482 |
'enable_flush' => $cfg_enable_flush |
... | ... | |
701 | 706 |
// Show search footer |
702 | 707 |
echo $search_footer; |
703 | 708 |
|
704 |
?> |
|
709 |
?> |
Also available in: Unified diff
bug fixed in class.database.php methode field_add in call field_exists
update search, pls test, (Tks to Thorn)