"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "Upload/inc/functions_search.php" between
mybb_1822.zip and mybb_1823.zip

About: MyBB is a multilingual, standards-compliant and free forum (discussion board) software.

functions_search.php  (mybb_1822):functions_search.php  (mybb_1823)
skipping to change at line 57 skipping to change at line 57
if($selitem == $forum['fid']) if($selitem == $forum['fid'])
{ {
$optionselected = "selected"; $optionselected = "selected";
$selecteddone = "1"; $selecteddone = "1";
} }
else else
{ {
$optionselected = ''; $optionselected = '';
$selecteddone = "0"; $selecteddone = "0";
} }
if($forum['password'] != '') if(forum_password_validated($forum, true)
{ )
if($mybb->cookies['forumpass'][$f
orum['fid']] === md5($mybb->user['uid'].$forum['password']))
{
$pwverified = 1;
}
else
{
$pwverified = 0;
}
}
if(empty($forum['password']) || $pwverifi
ed == 1)
{ {
eval("\$forumlistbits .= \"".$tem plates->get("search_forumlist_forum")."\";"); eval("\$forumlistbits .= \"".$tem plates->get("search_forumlist_forum")."\";");
} }
if(!empty($pforumcache[$forum['fid']])) if(!empty($pforumcache[$forum['fid']]))
{ {
$newdepth = $depth."  & nbsp; "; $newdepth = $depth."  & nbsp; ";
$forumlistbits .= make_searchable _forums($forum['fid'], $selitem, 0, $newdepth); $forumlistbits .= make_searchable _forums($forum['fid'], $selitem, 0, $newdepth);
} }
} }
} }
skipping to change at line 125 skipping to change at line 114
{ {
if($permissioncache[$forum['fid']]) if($permissioncache[$forum['fid']])
{ {
$perms = $permissioncache[$forum['fid']]; $perms = $permissioncache[$forum['fid']];
} }
else else
{ {
$perms = $mybb->usergroup; $perms = $mybb->usergroup;
} }
$pwverified = 1;
if($forum['password'] != '')
{
if(!isset($mybb->cookies['forumpass'][$forum['fid']]) ||
!my_hash_equals($mybb->cookies['forumpass'][$forum['fid']], md5($mybb->user['uid
'].$forum['password'])))
{
$pwverified = 0;
}
}
$parents = explode(",", $forum['parentlist']); $parents = explode(",", $forum['parentlist']);
if(is_array($parents)) if(is_array($parents))
{ {
foreach($parents as $parent) foreach($parents as $parent)
{ {
if($forum_cache[$parent]['active'] == 0) if($forum_cache[$parent]['active'] == 0)
{ {
$forum['active'] = 0; $forum['active'] = 0;
} }
} }
} }
if($perms['canview'] != 1 || $perms['cansearch'] != 1 || $pwverif ied == 0 || $forum['active'] == 0) if($perms['canview'] != 1 || $perms['cansearch'] != 1 || !forum_p assword_validated($forum, true) || $forum['active'] == 0)
{ {
if($unsearchableforums) if($unsearchableforums)
{ {
$unsearchableforums .= ","; $unsearchableforums .= ",";
} }
$unsearchableforums .= "'{$forum['fid']}'"; $unsearchableforums .= "'{$forum['fid']}'";
} }
} }
$unsearchable = $unsearchableforums; $unsearchable = $unsearchableforums;
skipping to change at line 174 skipping to change at line 154
if($pass_protected_forums) if($pass_protected_forums)
{ {
$unsearchable .= implode(",", $pass_protected_forums); $unsearchable .= implode(",", $pass_protected_forums);
} }
return $unsearchable; return $unsearchable;
} }
/** /**
* Build query condition for threads/posts the user is allowed to see.
* Will return for example:
* - visible = 1 - for normal users
* - visible >= -1 - for admins & super mods
* - (visible = 1 OR (visible = ? AND fid IN ...)) - for forum moderators
*
* @param string $table_alias The alias of the table eg t to use t.visible inste
ad of visible
* @return string the query condition
*/
function get_visible_where($table_alias = null)
{
global $db, $mybb;
$aliasdot = '';
if(!empty($table_alias))
{
$aliasdot = $table_alias.'.';
}
if($mybb->usergroup['issupermod'] == 1)
{
// Super moderators (and admins)
return "{$aliasdot}visible >= -1";
}
elseif(is_moderator())
{
// Normal moderators
$unapprove_forums = array();
$deleted_forums = array();
$unapproved_where = "({$aliasdot}visible = 1";
$moderated_fids = get_moderated_fids($mybb->user['uid']);
if($moderated_fids !== false)
{
foreach($moderated_fids as $fid)
{
if(!is_moderator($fid))
{
// Shouldn't occur.
continue;
}
// Use moderates this forum
$modperms = get_moderator_permissions($fid, $mybb
->user['uid']);
if($modperms['canviewunapprove'] == 1)
{
$unapprove_forums[] = $fid;
}
if($modperms['canviewdeleted'] == 1)
{
$deleted_forums[] = $fid;
}
}
if(!empty($unapprove_forums))
{
$unapproved_where .= " OR ({$aliasdot}visible = 0
AND {$aliasdot}fid IN(".implode(',', $unapprove_forums)."))";
}
if(!empty($deleted_forums))
{
$unapproved_where .= " OR ({$aliasdot}visible = -
1 AND {$aliasdot}fid IN(".implode(',', $deleted_forums)."))";
}
$unapproved_where .= ')';
return $unapproved_where;
}
}
// Normal users
if($mybb->user['uid'] > 0 && $mybb->settings['showownunapproved'] == 1)
{
return "({$aliasdot}visible = 1 OR ({$aliasdot}visible = 0 AND {$
aliasdot}uid = {$mybb->user['uid']}))";
}
return "{$aliasdot}visible = 1";
}
/**
* Build a array list of the forums this user cannot search due to password prot ection * Build a array list of the forums this user cannot search due to password prot ection
* *
* @param array $fids the fids to check (leave blank to check all forums) * @param array $fids the fids to check (leave blank to check all forums)
* @return array return a array list of password protected forums the user canno t search * @return array return a array list of password protected forums the user canno t search
*/ */
function get_password_protected_forums($fids=array()) function get_password_protected_forums($fids=array())
{ {
global $forum_cache, $mybb; global $forum_cache, $mybb;
if(!is_array($fids)) if(!is_array($fids))
skipping to change at line 205 skipping to change at line 265
} }
if(empty($fids)) if(empty($fids))
{ {
$fids = array_keys($forum_cache); $fids = array_keys($forum_cache);
} }
$pass_fids = array(); $pass_fids = array();
foreach($fids as $fid) foreach($fids as $fid)
{ {
if(empty($forum_cache[$fid]['password'])) if(!forum_password_validated($forum_cache[$fid], true))
{
continue;
}
if(md5($mybb->user['uid'].$forum_cache[$fid]['password']) !== $my
bb->cookies['forumpass'][$fid])
{ {
$pass_fids[] = $fid; $pass_fids[] = $fid;
$child_list = get_child_list($fid); $pass_fids = array_merge($pass_fids, get_child_list($fid)
} );
if(is_array($child_list))
{
$pass_fids = array_merge($pass_fids, $child_list);
} }
} }
return array_unique($pass_fids); return array_unique($pass_fids);
} }
/** /**
* Clean search keywords and make them safe for querying * Clean search keywords and make them safe for querying
* *
* @param string $keywords The keywords to be cleaned * @param string $keywords The keywords to be cleaned
* @return string The cleaned keywords * @return string The cleaned keywords
skipping to change at line 285 skipping to change at line 335
global $mybb; global $mybb;
$min_word_length = (int) $mybb->settings['minsearchword']; $min_word_length = (int) $mybb->settings['minsearchword'];
if($min_word_length <= 0) if($min_word_length <= 0)
{ {
$min_word_length = 3; $min_word_length = 3;
} }
$min_word_length -= 1; $min_word_length -= 1;
$word_length_regex = '';
if($min_word_length > 1)
{
$word_length_regex = "{1,{$min_word_length}}";
}
// Replaces less than 3 characters // Replaces less than 3 characters
$keywords = preg_replace("/(\b.{1,{$min_word_length}})(\s)|(\b.{1,{$min_w ord_length}}$)/", '$2', $keywords); $keywords = preg_replace("/(\b.{$word_length_regex})(\s)|(\b.{$word_lengt h_regex}$)/u", '$2', $keywords);
// Collapse multiple spaces // Collapse multiple spaces
$keywords = preg_replace('/(\s)+/', '$1', $keywords); $keywords = preg_replace('/(\s)+/', '$1', $keywords);
$keywords = trim($keywords); $keywords = trim($keywords);
$words = array(array()); $words = array(array());
// Fulltext search syntax validation: http://dev.mysql.com/doc/refman/5.6 /en/fulltext-boolean.html // Fulltext search syntax validation: http://dev.mysql.com/doc/refman/5.6 /en/fulltext-boolean.html
// Search for phrases // Search for phrases
$keywords = explode("\"", $keywords); $keywords = explode("\"", $keywords);
$boolean = array('+'); $boolean = array('+');
skipping to change at line 1261 skipping to change at line 1317
if($unsearchforums) if($unsearchforums)
{ {
$permsql .= " AND t.fid NOT IN ($unsearchforums)"; $permsql .= " AND t.fid NOT IN ($unsearchforums)";
} }
$inactiveforums = get_inactive_forums(); $inactiveforums = get_inactive_forums();
if($inactiveforums) if($inactiveforums)
{ {
$permsql .= " AND t.fid NOT IN ($inactiveforums)"; $permsql .= " AND t.fid NOT IN ($inactiveforums)";
} }
$visiblesql = $post_visiblesql = $plain_post_visiblesql = ""; $visiblesql = $post_visiblesql = $plain_post_visiblesql = $unapproved_whe re_t = $unapproved_where_p = "";
if(isset($search['visible'])) if(isset($search['visible']))
{ {
if($search['visible'] == 1) if($search['visible'] == 1)
{ {
$visiblesql = " AND t.visible = '1'"; $visiblesql = " AND t.visible = '1'";
if($search['postthread'] == 1) if($search['postthread'] == 1)
{ {
$post_visiblesql = " AND p.visible = '1'"; $post_visiblesql = " AND p.visible = '1'";
$plain_post_visiblesql = " AND visible = '1'"; $plain_post_visiblesql = " AND visible = '1'";
skipping to change at line 1296 skipping to change at line 1352
$visiblesql = " AND t.visible == '0'"; $visiblesql = " AND t.visible == '0'";
if($search['postthread'] == 1) if($search['postthread'] == 1)
{ {
$post_visiblesql = " AND p.visible == '0'"; $post_visiblesql = " AND p.visible == '0'";
$plain_post_visiblesql = " AND visible == '0'"; $plain_post_visiblesql = " AND visible == '0'";
} }
} }
} }
// Moderators can view unapproved threads and deleted threads from forums
they moderate
$unapproved_where_t = get_visible_where('t');
$unapproved_where_p = get_visible_where('p');
// Searching a specific thread? // Searching a specific thread?
$tidsql = ''; $tidsql = '';
if(!empty($search['tid'])) if(!empty($search['tid']))
{ {
$tidsql = " AND t.tid='".(int)$search['tid']."'"; $tidsql = " AND t.tid='".(int)$search['tid']."'";
} }
$limitsql = ''; $limitsql = '';
if((int)$mybb->settings['searchhardlimit'] > 0) if((int)$mybb->settings['searchhardlimit'] > 0)
{ {
skipping to change at line 1321 skipping to change at line 1381
$posts = array(); $posts = array();
$firstposts = array(); $firstposts = array();
if($search['postthread'] == 1) if($search['postthread'] == 1)
{ {
// No need to search subjects when looking for results within a s pecific thread // No need to search subjects when looking for results within a s pecific thread
if(empty($search['tid'])) if(empty($search['tid']))
{ {
$query = $db->query(" $query = $db->query("
SELECT t.tid, t.firstpost SELECT t.tid, t.firstpost
FROM ".TABLE_PREFIX."threads t FROM ".TABLE_PREFIX."threads t
WHERE 1=1 {$thread_datecut} {$thread_replycut} {$ thread_prefixcut} {$forumin} {$thread_usersql} {$permsql} {$visiblesql} AND t.cl osed NOT LIKE 'moved|%' {$subject_lookin} WHERE 1=1 {$thread_datecut} {$thread_replycut} {$ thread_prefixcut} {$forumin} {$thread_usersql} {$permsql} {$visiblesql} AND ({$u napproved_where_t}) AND t.closed NOT LIKE 'moved|%' {$subject_lookin}
{$limitsql} {$limitsql}
"); ");
while($thread = $db->fetch_array($query)) while($thread = $db->fetch_array($query))
{ {
$threads[$thread['tid']] = $thread['tid']; $threads[$thread['tid']] = $thread['tid'];
if($thread['firstpost']) if($thread['firstpost'])
{ {
$posts[$thread['tid']] = $thread['firstpo st']; $posts[$thread['tid']] = $thread['firstpo st'];
} }
} }
} }
$query = $db->query(" $query = $db->query("
SELECT p.pid, p.tid SELECT p.pid, p.tid
FROM ".TABLE_PREFIX."posts p FROM ".TABLE_PREFIX."posts p
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
WHERE 1=1 {$post_datecut} {$thread_replycut} {$thread_pre fixcut} {$forumin} {$post_usersql} {$permsql} {$tidsql} {$visiblesql} {$post_vis iblesql} AND t.closed NOT LIKE 'moved|%' {$message_lookin} WHERE 1=1 {$post_datecut} {$thread_replycut} {$thread_pre fixcut} {$forumin} {$post_usersql} {$permsql} {$tidsql} {$visiblesql} {$post_vis iblesql} AND ({$unapproved_where_t}) AND ({$unapproved_where_p}) AND t.closed NO T LIKE 'moved|%' {$message_lookin}
{$limitsql} {$limitsql}
"); ");
while($post = $db->fetch_array($query)) while($post = $db->fetch_array($query))
{ {
$posts[$post['pid']] = $post['pid']; $posts[$post['pid']] = $post['pid'];
$threads[$post['tid']] = $post['tid']; $threads[$post['tid']] = $post['tid'];
} }
if(count($posts) < 1 && count($threads) < 1) if(count($posts) < 1 && count($threads) < 1)
{ {
skipping to change at line 1408 skipping to change at line 1468
* *
* @param array $search Array of search data * @param array $search Array of search data
* @return array Array of search data with results mixed in * @return array Array of search data with results mixed in
*/ */
function perform_search_mysql_ft($search) function perform_search_mysql_ft($search)
{ {
global $mybb, $db, $lang; global $mybb, $db, $lang;
$keywords = clean_keywords_ft($search['keywords']); $keywords = clean_keywords_ft($search['keywords']);
// Attempt to determine minimum word length from MySQL for fulltext searc if($mybb->settings['minsearchword'] < 1)
hes
$query = $db->query("SHOW VARIABLES LIKE 'ft_min_word_len';");
$min_length = $db->fetch_field($query, 'Value');
if(is_numeric($min_length))
{
$mybb->settings['minsearchword'] = $min_length;
}
// Otherwise, could not fetch - default back to MySQL fulltext default se
tting
else
{ {
$mybb->settings['minsearchword'] = 4; $mybb->settings['minsearchword'] = 4;
} }
if($keywords) if($keywords)
{ {
$keywords_exp = explode("\"", $keywords); $keywords_exp = explode("\"", $keywords);
$inquote = false; $inquote = false;
foreach($keywords_exp as $phrase) foreach($keywords_exp as $phrase)
{ {
skipping to change at line 1616 skipping to change at line 1668
if($unsearchforums) if($unsearchforums)
{ {
$permsql .= " AND t.fid NOT IN ($unsearchforums)"; $permsql .= " AND t.fid NOT IN ($unsearchforums)";
} }
$inactiveforums = get_inactive_forums(); $inactiveforums = get_inactive_forums();
if($inactiveforums) if($inactiveforums)
{ {
$permsql .= " AND t.fid NOT IN ($inactiveforums)"; $permsql .= " AND t.fid NOT IN ($inactiveforums)";
} }
$visiblesql = $post_visiblesql = $plain_post_visiblesql = ""; $visiblesql = $post_visiblesql = $plain_post_visiblesql = $unapproved_whe re_t = $unapproved_where_p = "";
if(isset($search['visible'])) if(isset($search['visible']))
{ {
if($search['visible'] == 1) if($search['visible'] == 1)
{ {
$visiblesql = " AND t.visible = '1'"; $visiblesql = " AND t.visible = '1'";
if($search['postthread'] == 1) if($search['postthread'] == 1)
{ {
$post_visiblesql = " AND p.visible = '1'"; $post_visiblesql = " AND p.visible = '1'";
$plain_post_visiblesql = " AND visible = '1'"; $plain_post_visiblesql = " AND visible = '1'";
skipping to change at line 1651 skipping to change at line 1703
$visiblesql = " AND t.visible != '1'"; $visiblesql = " AND t.visible != '1'";
if($search['postthread'] == 1) if($search['postthread'] == 1)
{ {
$post_visiblesql = " AND p.visible != '1'"; $post_visiblesql = " AND p.visible != '1'";
$plain_post_visiblesql = " AND visible != '1'"; $plain_post_visiblesql = " AND visible != '1'";
} }
} }
} }
// Moderators can view unapproved threads and deleted threads from forums
they moderate
$unapproved_where_t = get_visible_where('t');
$unapproved_where_p = get_visible_where('p');
// Searching a specific thread? // Searching a specific thread?
if($search['tid']) if($search['tid'])
{ {
$tidsql = " AND t.tid='".(int)$search['tid']."'"; $tidsql = " AND t.tid='".(int)$search['tid']."'";
} }
$limitsql = ''; $limitsql = '';
if((int)$mybb->settings['searchhardlimit'] > 0) if((int)$mybb->settings['searchhardlimit'] > 0)
{ {
$limitsql = "LIMIT ".(int)$mybb->settings['searchhardlimit']; $limitsql = "LIMIT ".(int)$mybb->settings['searchhardlimit'];
skipping to change at line 1675 skipping to change at line 1731
$posts = array(); $posts = array();
$firstposts = array(); $firstposts = array();
if($search['postthread'] == 1) if($search['postthread'] == 1)
{ {
// No need to search subjects when looking for results within a s pecific thread // No need to search subjects when looking for results within a s pecific thread
if(!$search['tid']) if(!$search['tid'])
{ {
$query = $db->query(" $query = $db->query("
SELECT t.tid, t.firstpost SELECT t.tid, t.firstpost
FROM ".TABLE_PREFIX."threads t FROM ".TABLE_PREFIX."threads t
WHERE 1=1 {$thread_datecut} {$thread_replycut} {$ thread_prefixcut} {$forumin} {$thread_usersql} {$permsql} {$visiblesql} AND t.cl osed NOT LIKE 'moved|%' {$subject_lookin} WHERE 1=1 {$thread_datecut} {$thread_replycut} {$ thread_prefixcut} {$forumin} {$thread_usersql} {$permsql} {$visiblesql} AND ({$u napproved_where_t}) AND t.closed NOT LIKE 'moved|%' {$subject_lookin}
{$limitsql} {$limitsql}
"); ");
while($thread = $db->fetch_array($query)) while($thread = $db->fetch_array($query))
{ {
$threads[$thread['tid']] = $thread['tid']; $threads[$thread['tid']] = $thread['tid'];
if($thread['firstpost']) if($thread['firstpost'])
{ {
$posts[$thread['tid']] = $thread['firstpo st']; $posts[$thread['tid']] = $thread['firstpo st'];
} }
} }
} }
$query = $db->query(" $query = $db->query("
SELECT p.pid, p.tid SELECT p.pid, p.tid
FROM ".TABLE_PREFIX."posts p FROM ".TABLE_PREFIX."posts p
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
WHERE 1=1 {$post_datecut} {$thread_replycut} {$thread_pre fixcut} {$forumin} {$post_usersql} {$permsql} {$tidsql} {$post_visiblesql} {$vis iblesql} AND t.closed NOT LIKE 'moved|%' {$message_lookin} WHERE 1=1 {$post_datecut} {$thread_replycut} {$thread_pre fixcut} {$forumin} {$post_usersql} {$permsql} {$tidsql} {$post_visiblesql} {$vis iblesql} AND ({$unapproved_where_t}) AND {$unapproved_where_p} AND t.closed NOT LIKE 'moved|%' {$message_lookin}
{$limitsql} {$limitsql}
"); ");
while($post = $db->fetch_array($query)) while($post = $db->fetch_array($query))
{ {
$posts[$post['pid']] = $post['pid']; $posts[$post['pid']] = $post['pid'];
$threads[$post['tid']] = $post['tid']; $threads[$post['tid']] = $post['tid'];
} }
if(count($posts) < 1 && count($threads) < 1) if(count($posts) < 1 && count($threads) < 1)
{ {
error($lang->error_nosearchresults); error($lang->error_nosearchresults);
 End of changes. 17 change blocks. 
57 lines changed or deleted 115 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)