Revision 1442
Added by Dietmar over 13 years ago
| search.php | ||
|---|---|---|
| 186 | 186 |
$search_display_string = ''; // for displaying |
| 187 | 187 |
$search_url_string = ''; // for $_GET -- ATTN: unquoted! Will become urldecoded later |
| 188 | 188 |
$string = ''; |
| 189 |
if(isset($_REQUEST['string'])) |
|
| 190 |
{
|
|
| 191 |
if($match!='exact') // $string will be cleaned below |
|
| 192 |
{
|
|
| 189 |
if(isset($_REQUEST['string'])) {
|
|
| 190 |
if($match!='exact') { // $string will be cleaned below
|
|
| 193 | 191 |
$string=str_replace(',', '', $_REQUEST['string']);
|
| 194 | 192 |
} else {
|
| 195 | 193 |
$string=$_REQUEST['string']; |
| 196 | 194 |
} |
| 197 | 195 |
// redo possible magic quotes |
| 198 | 196 |
$string = $wb->strip_slashes($string); |
| 199 |
$string = preg_replace('/[ \r\n\t]+/', ' ', $string);
|
|
| 197 |
$string = preg_replace('/\s+/', ' ', $string);
|
|
| 200 | 198 |
$string = trim($string); |
| 201 | 199 |
// remove some bad chars |
| 202 | 200 |
$string = str_replace ( array('[[',']]'),'', $string);
|
| 203 | 201 |
$string = preg_replace('/(^|\s+)[|.]+(?=\s+|$)/', '', $string);
|
| 204 | 202 |
$search_display_string = htmlspecialchars($string); |
| 205 |
$search_entities_string = addslashes(umlauts_to_entities(htmlspecialchars($string))); |
|
| 206 |
// mySQL needs four backslashes to match one in LIKE comparisons) |
|
| 207 |
$search_entities_string = str_replace('\\\\', '\\\\\\\\', $search_entities_string);
|
|
| 208 | 203 |
// convert string to utf-8 |
| 209 | 204 |
$string = entities_to_umlauts($string, 'UTF-8'); |
| 210 | 205 |
$search_url_string = $string; |
| 206 |
$search_entities_string = addslashes(htmlentities($string, ENT_COMPAT, 'UTF-8')); |
|
| 207 |
// mySQL needs four backslashes to match one in LIKE comparisons) |
|
| 208 |
$search_entities_string = str_replace('\\\\', '\\\\\\\\', $search_entities_string);
|
|
| 211 | 209 |
$string = preg_quote($string); |
| 212 | 210 |
// quote ' " and / -we need quoted / for regex |
| 213 | 211 |
$search_normal_string = str_replace(array('\'','"','/'), array('\\\'','\"','\/'), $string);
|
| ... | ... | |
| 239 | 237 |
} |
| 240 | 238 |
} |
| 241 | 239 |
// make an extra copy of search_normal_array for use in regex |
| 242 |
require(WB_PATH.'/search/search_convert.php'); |
|
| 243 | 240 |
$search_words = array(); |
| 241 |
require_once(WB_PATH.'/search/search_convert.php'); |
|
| 242 |
global $search_table_umlauts_local; |
|
| 243 |
require_once(WB_PATH.'/search/search_convert_ul.php'); |
|
| 244 |
global $search_table_ul_umlauts; |
|
| 244 | 245 |
foreach($search_normal_array AS $str) {
|
| 245 |
$str = str_replace($string_ul_umlaut, $string_ul_regex, $str); |
|
| 246 |
$str = strtr($str, $search_table_umlauts_local); |
|
| 247 |
$str = strtr($str, $search_table_ul_umlauts); |
|
| 246 | 248 |
$search_words[] = $str; |
| 247 | 249 |
} |
| 248 | 250 |
|
| ... | ... | |
| 319 | 321 |
|
| 320 | 322 |
// Use the module's search-extensions. |
| 321 | 323 |
// This is somewhat slower than the orginial method. |
| 322 |
|
|
| 323 | 324 |
// call $search_funcs['__before'] first |
| 324 | 325 |
$search_func_vars = array( |
| 325 | 326 |
'database' => $database, // database-handle |
| ... | ... | |
| 336 | 337 |
'search_words' => $search_words, // array of strings, prepared for regex |
| 337 | 338 |
'search_match' => $match, // match-type |
| 338 | 339 |
'search_url_array' => $search_url_array, // array of strings from the original search-string. ATTN: strings are not quoted! |
| 340 |
'search_entities_array' => $search_entities_array, // entities |
|
| 339 | 341 |
'results_loop_string' => $fetch_results_loop['value'], |
| 340 | 342 |
'default_max_excerpt' => $search_max_excerpt, |
| 341 | 343 |
'time_limit' => $search_time_limit, // time-limit in secs |
| ... | ... | |
| 392 | 394 |
'search_words' => $search_words, // needed for preg_match |
| 393 | 395 |
'search_match' => $match, |
| 394 | 396 |
'search_url_array' => $search_url_array, // needed for url-string only |
| 397 |
'search_entities_array' => $search_entities_array, // entities |
|
| 395 | 398 |
'results_loop_string' => $fetch_results_loop['value'], |
| 396 | 399 |
'default_max_excerpt' => $search_max_excerpt, |
| 397 | 400 |
'enable_flush' => $cfg_enable_flush, |
| ... | ... | |
| 433 | 436 |
'search_words' => $search_words, // array of strings, prepared for regex |
| 434 | 437 |
'search_match' => $match, // match-type |
| 435 | 438 |
'search_url_array' => $search_url_array, // array of strings from the original search-string. ATTN: strings are not quoted! |
| 439 |
'search_entities_array' => $search_entities_array, // entities |
|
| 436 | 440 |
'results_loop_string' => $fetch_results_loop['value'], |
| 437 | 441 |
'default_max_excerpt' => $search_max_excerpt, |
| 438 | 442 |
'time_limit' => $search_time_limit, // time-limit in secs |
| ... | ... | |
| 472 | 476 |
'search_words' => $search_words, // needed for preg_match_all |
| 473 | 477 |
'search_match' => $match, |
| 474 | 478 |
'search_url_array' => $search_url_array, // needed for url-string only |
| 479 |
'search_entities_array' => $search_entities_array, // entities |
|
| 475 | 480 |
'results_loop_string' => $fetch_results_loop['value'], |
| 476 | 481 |
'default_max_excerpt' => $max_excerpt_num, |
| 477 | 482 |
'enable_flush' => $cfg_enable_flush |
| ... | ... | |
| 701 | 706 |
// Show search footer |
| 702 | 707 |
echo $search_footer; |
| 703 | 708 |
|
| 704 |
?> |
|
| 709 |
?> |
|
Also available in: Unified diff
bug fixed in class.database.php methode field_add in call field_exists
update search, pls test, (Tks to Thorn)