"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "Upload/search.php" between
mybb_1822.zip and mybb_1823.zip

About: MyBB is a multilingual, standards-compliant and free forum (discussion board) software.

search.php  (mybb_1822):search.php  (mybb_1823)
skipping to change at line 238 skipping to change at line 238
$inlinecount = 0; $inlinecount = 0;
$is_mod = true; $is_mod = true;
$return_url = 'search.php?'.htmlspecialchars_uni($_SERVER['QUERY_ STRING']); $return_url = 'search.php?'.htmlspecialchars_uni($_SERVER['QUERY_ STRING']);
} }
// Show search results as 'threads' // Show search results as 'threads'
if($search['resulttype'] == "threads") if($search['resulttype'] == "threads")
{ {
$threadcount = 0; $threadcount = 0;
// Moderators can view unapproved threads // Moderators can view unapproved threads and deleted threads fro
$query = $db->simple_select("moderators", "fid, canviewunapprove, m forums they moderate
canviewdeleted", "(id='{$mybb->user['uid']}' AND isgroup='0') OR (id='{$mybb->u $unapproved_where_t = get_visible_where('t');
ser['usergroup']}' AND isgroup='1')");
if($mybb->usergroup['issupermod'] == 1)
{
// Super moderators (and admins)
$unapproved_where = "t.visible>=-1";
}
elseif($db->num_rows($query))
{
// Normal moderators
$unapprove_forums = array();
$deleted_forums = array();
$unapproved_where = '(t.visible = 1';
while($moderator = $db->fetch_array($query))
{
if($moderator['canviewunapprove'] == 1)
{
$unapprove_forums[] = $moderator['fid'];
}
if($moderator['canviewdeleted'] == 1)
{
$deleted_forums[] = $moderator['fid'];
}
}
if(!empty($unapprove_forums))
{
$unapproved_where .= " OR (t.visible = 0 AND t.fi
d IN(".implode(',', $unapprove_forums)."))";
}
if(!empty($deleted_forums))
{
$unapproved_where .= " OR (t.visible = -1 AND t.f
id IN(".implode(',', $deleted_forums)."))";
}
$unapproved_where .= ')';
}
else
{
// Normal users
$unapproved_where = 't.visible>0';
}
// If we have saved WHERE conditions, execute them // If we have saved WHERE conditions, execute them
if($search['querycache'] != "") if($search['querycache'] != "")
{ {
$where_conditions = $search['querycache']; $where_conditions = $search['querycache'];
$query = $db->simple_select("threads t", "t.tid", $where_ conditions. " AND {$unapproved_where} AND t.closed NOT LIKE 'moved|%' ORDER BY t .lastpost DESC {$limitsql}"); $query = $db->simple_select("threads t", "t.tid", $where_ conditions. " AND ({$unapproved_where_t}) AND t.closed NOT LIKE 'moved|%' ORDER BY t.lastpost DESC {$limitsql}");
while($thread = $db->fetch_array($query)) while($thread = $db->fetch_array($query))
{ {
$threads[$thread['tid']] = $thread['tid']; $threads[$thread['tid']] = $thread['tid'];
$threadcount++; $threadcount++;
} }
// Build our list of threads. // Build our list of threads.
if($threadcount > 0) if($threadcount > 0)
{ {
$search['threads'] = implode(",", $threads); $search['threads'] = implode(",", $threads);
} }
skipping to change at line 306 skipping to change at line 267
else else
{ {
error($lang->error_nosearchresults); error($lang->error_nosearchresults);
} }
$where_conditions = "t.tid IN (".$search['threads'].")"; $where_conditions = "t.tid IN (".$search['threads'].")";
} }
// This search doesn't use a query cache, results stored in searc h table. // This search doesn't use a query cache, results stored in searc h table.
else else
{ {
$where_conditions = "t.tid IN (".$search['threads'].")"; $where_conditions = "t.tid IN (".$search['threads'].")";
$query = $db->simple_select("threads t", "COUNT(t.tid) AS resultcount", $where_conditions. " AND {$unapproved_where} AND t.closed NOT LIK E 'moved|%' {$limitsql}"); $query = $db->simple_select("threads t", "COUNT(t.tid) AS resultcount", $where_conditions. " AND ({$unapproved_where_t}) AND t.closed NOT LIKE 'moved|%' {$limitsql}");
$count = $db->fetch_array($query); $count = $db->fetch_array($query);
if(!$count['resultcount']) if(!$count['resultcount'])
{ {
error($lang->error_nosearchresults); error($lang->error_nosearchresults);
} }
$threadcount = $count['resultcount']; $threadcount = $count['resultcount'];
} }
$permsql = ""; $permsql = "";
skipping to change at line 363 skipping to change at line 324
'order_by' => $sortfield, 'order_by' => $sortfield,
'order_dir' => $order, 'order_dir' => $order,
'limit_start' => $start, 'limit_start' => $start,
'limit' => $perpage 'limit' => $perpage
); );
$query = $db->query(" $query = $db->query("
SELECT t.*, u.username AS userusername SELECT t.*, u.username AS userusername
FROM ".TABLE_PREFIX."threads t FROM ".TABLE_PREFIX."threads t
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=t.uid) LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=t.uid)
LEFT JOIN ".TABLE_PREFIX."forums f ON (t.fid=f.fid) LEFT JOIN ".TABLE_PREFIX."forums f ON (t.fid=f.fid)
WHERE $where_conditions AND {$unapproved_where} {$permsql } AND t.closed NOT LIKE 'moved|%' WHERE $where_conditions AND ({$unapproved_where_t}) {$per msql} AND t.closed NOT LIKE 'moved|%'
ORDER BY $sortfield $order ORDER BY $sortfield $order
LIMIT $start, $perpage LIMIT $start, $perpage
"); ");
$threadprefixes = build_prefixes(); $threadprefixes = build_prefixes();
$thread_cache = array(); $thread_cache = array();
while($thread = $db->fetch_array($query)) while($thread = $db->fetch_array($query))
{ {
$thread['threadprefix'] = ''; $thread['threadprefix'] = '';
if($thread['prefix'] && !empty($threadprefixes[$thread['p refix']])) if($thread['prefix'] && !empty($threadprefixes[$thread['p refix']]))
skipping to change at line 389 skipping to change at line 350
$thread_ids = implode(",", array_keys($thread_cache)); $thread_ids = implode(",", array_keys($thread_cache));
if(empty($thread_ids)) if(empty($thread_ids))
{ {
error($lang->error_nosearchresults); error($lang->error_nosearchresults);
} }
// Fetch dot icons if enabled // Fetch dot icons if enabled
if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] && $t hread_cache) if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] && $t hread_cache)
{ {
$p_unapproved_where = str_replace('t.', '', $unapproved_w $unapproved_where_p = str_replace('t.', '', $unapproved_w
here); here_t);
$query = $db->simple_select("posts", "DISTINCT tid,uid", $query = $db->simple_select("posts", "DISTINCT tid,uid",
"uid='{$mybb->user['uid']}' AND tid IN({$thread_ids}) AND {$p_unapproved_where}" "uid='{$mybb->user['uid']}' AND tid IN({$thread_ids}) AND ({$unapproved_where_p}
); )");
while($thread = $db->fetch_array($query)) while($thread = $db->fetch_array($query))
{ {
$thread_cache[$thread['tid']]['dot_icon'] = 1; $thread_cache[$thread['tid']]['dot_icon'] = 1;
} }
} }
// Fetch the read threads. // Fetch the read threads.
if($mybb->user['uid'] && $mybb->settings['threadreadcut'] > 0) if($mybb->user['uid'] && $mybb->settings['threadreadcut'] > 0)
{ {
$query = $db->simple_select("threadsread", "tid,dateline" , "uid='".$mybb->user['uid']."' AND tid IN(".$thread_ids.")"); $query = $db->simple_select("threadsread", "tid,dateline" , "uid='".$mybb->user['uid']."' AND tid IN(".$thread_ids.")");
skipping to change at line 747 skipping to change at line 708
} }
else // Displaying results as posts else // Displaying results as posts
{ {
if(!$search['posts']) if(!$search['posts'])
{ {
error($lang->error_nosearchresults); error($lang->error_nosearchresults);
} }
$postcount = 0; $postcount = 0;
// Moderators can view unapproved threads // Moderators can view unapproved threads and deleted threads fro
$query = $db->simple_select("moderators", "fid, canviewunapprove, m forums they moderate
canviewdeleted", "(id='{$mybb->user['uid']}' AND isgroup='0') OR (id='{$mybb->u $unapproved_where = get_visible_where();
ser['usergroup']}' AND isgroup='1')");
if($mybb->usergroup['issupermod'] == 1)
{
// Super moderators (and admins)
$unapproved_where = "visible >= -1";
}
elseif($db->num_rows($query))
{
// Normal moderators
$unapprove_forums = array();
$deleted_forums = array();
$unapproved_where = '(visible = 1';
while($moderator = $db->fetch_array($query))
{
if($moderator['canviewunapprove'] == 1)
{
$unapprove_forums[] = $moderator['fid'];
}
if($moderator['canviewdeleted'] == 1)
{
$deleted_forums[] = $moderator['fid'];
}
}
if(!empty($unapprove_forums))
{
$unapproved_where .= " OR (visible = 0 AND fid IN
(".implode(',', $unapprove_forums)."))";
}
if(!empty($deleted_forums))
{
$unapproved_where .= " OR (visible = -1 AND fid I
N(".implode(',', $deleted_forums)."))";
}
$unapproved_where .= ')';
}
else
{
// Normal users
$unapproved_where = 'visible = 1';
}
$post_cache_options = array(); $post_cache_options = array();
if((int)$mybb->settings['searchhardlimit'] > 0) if((int)$mybb->settings['searchhardlimit'] > 0)
{ {
$post_cache_options['limit'] = (int)$mybb->settings['sear chhardlimit']; $post_cache_options['limit'] = (int)$mybb->settings['sear chhardlimit'];
} }
if(strpos($sortfield, 'p.') !== false) if(strpos($sortfield, 'p.') !== false)
{ {
$post_cache_options['order_by'] = str_replace('p.', '', $ sortfield); $post_cache_options['order_by'] = str_replace('p.', '', $ sortfield);
$post_cache_options['order_dir'] = $order; $post_cache_options['order_dir'] = $order;
} }
$tids = array(); $tids = array();
$pids = array(); $pids = array();
// Make sure the posts we're viewing we have permission to view. // Make sure the posts we're viewing we have permission to view.
$query = $db->simple_select("posts", "pid, tid", "pid IN(".$db->e scape_string($search['posts']).") AND {$unapproved_where}", $post_cache_options) ; $query = $db->simple_select("posts", "pid, tid", "pid IN(".$db->e scape_string($search['posts']).") AND ({$unapproved_where})", $post_cache_option s);
while($post = $db->fetch_array($query)) while($post = $db->fetch_array($query))
{ {
$pids[$post['pid']] = $post['tid']; $pids[$post['pid']] = $post['tid'];
$tids[$post['tid']][$post['pid']] = $post['pid']; $tids[$post['tid']][$post['pid']] = $post['pid'];
} }
if(!empty($pids)) if(!empty($pids))
{ {
$temp_pids = array(); $temp_pids = array();
skipping to change at line 843 skipping to change at line 764
if($unsearchforums) if($unsearchforums)
{ {
$permsql .= " OR fid IN ($unsearchforums)"; $permsql .= " OR fid IN ($unsearchforums)";
} }
$inactiveforums = get_inactive_forums(); $inactiveforums = get_inactive_forums();
if($inactiveforums) if($inactiveforums)
{ {
$permsql .= " OR fid IN ($inactiveforums)"; $permsql .= " OR fid IN ($inactiveforums)";
} }
// Check the thread records as well. If we don't have per // Find threads in our list that we don't have permission
missions, remove them from the listing. to view and remove them
$query = $db->simple_select("threads", "tid", "tid IN(".$ $query = $db->simple_select("threads", "tid", "tid IN(".$
db->escape_string(implode(',', $pids)).") AND ({$unapproved_where}{$permsql} OR db->escape_string(implode(',', array_keys($tids))).") AND (NOT ({$unapproved_whe
closed LIKE 'moved|%')"); re}){$permsql} OR closed LIKE 'moved|%')");
while($thread = $db->fetch_array($query)) while($thread = $db->fetch_array($query))
{ {
if(array_key_exists($thread['tid'], $tids) != tru e) if(array_key_exists($thread['tid'], $tids))
{ {
$temp_pids = $tids[$thread['tid']]; $temp_pids = $tids[$thread['tid']];
foreach($temp_pids as $pid) foreach($temp_pids as $pid)
{ {
unset($pids[$pid]); unset($pids[$pid]);
unset($tids[$thread['tid']]); unset($tids[$thread['tid']]);
} }
unset($tids[$thread['tid']]);
} }
} }
unset($temp_pids); unset($temp_pids);
} }
// Declare our post count // Declare our post count
$postcount = count($pids); $postcount = count($pids);
if(!$postcount) if(!$postcount)
{ {
skipping to change at line 886 skipping to change at line 808
$query = $db->simple_select("threadsread", "tid, dateline ", "uid='".$mybb->user['uid']."' AND tid IN(".$db->escape_string($tids).")"); $query = $db->simple_select("threadsread", "tid, dateline ", "uid='".$mybb->user['uid']."' AND tid IN(".$db->escape_string($tids).")");
while($readthread = $db->fetch_array($query)) while($readthread = $db->fetch_array($query))
{ {
$readthreads[$readthread['tid']] = $readthread['d ateline']; $readthreads[$readthread['tid']] = $readthread['d ateline'];
} }
} }
$dot_icon = array(); $dot_icon = array();
if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] != 0) if($mybb->settings['dotfolders'] != 0 && $mybb->user['uid'] != 0)
{ {
$query = $db->simple_select("posts", "DISTINCT tid,uid", "uid='{$mybb->user['uid']}' AND tid IN({$db->escape_string($tids)}) AND {$unappr oved_where}"); $query = $db->simple_select("posts", "DISTINCT tid,uid", "uid='{$mybb->user['uid']}' AND tid IN({$db->escape_string($tids)}) AND ({$unapp roved_where})");
while($post = $db->fetch_array($query)) while($post = $db->fetch_array($query))
{ {
$dot_icon[$post['tid']] = true; $dot_icon[$post['tid']] = true;
} }
} }
$results = ''; $results = '';
$pages = ceil($postcount / $perpage); $pages = ceil($postcount / $perpage);
if($page > $pages) if($page > $pages)
skipping to change at line 947 skipping to change at line 869
$posticon['path'] = htmlspecialchars_uni($postico n['path']); $posticon['path'] = htmlspecialchars_uni($postico n['path']);
$posticon['name'] = htmlspecialchars_uni($postico n['name']); $posticon['name'] = htmlspecialchars_uni($postico n['name']);
eval("\$icon = \"".$templates->get("search_result s_icon")."\";"); eval("\$icon = \"".$templates->get("search_result s_icon")."\";");
} }
else else
{ {
$icon = " "; $icon = " ";
} }
$post['forumlink'] = ''; $post['forumlink'] = '';
if(!empty($forumcache[$thread['fid']])) if(!empty($forumcache[$post['fid']]))
{ {
$post['forumlink_link'] = get_forum_link($post['f id']); $post['forumlink_link'] = get_forum_link($post['f id']);
$post['forumlink_name'] = $forumcache[$post['fid' ]]['name']; $post['forumlink_name'] = $forumcache[$post['fid' ]]['name'];
eval("\$post['forumlink'] = \"".$templates->get(" search_results_posts_forumlink")."\";"); eval("\$post['forumlink'] = \"".$templates->get(" search_results_posts_forumlink")."\";");
} }
// Determine the folder // Determine the folder
$folder = ''; $folder = '';
$folder_label = ''; $folder_label = '';
$gotounread = ''; $gotounread = '';
skipping to change at line 1070 skipping to change at line 992
else else
{ {
$post['subject'] = htmlspecialchars_uni($post['su bject']); $post['subject'] = htmlspecialchars_uni($post['su bject']);
} }
// What we do here is parse the post using our post parse r, then strip the tags from it // What we do here is parse the post using our post parse r, then strip the tags from it
$parser_options = array( $parser_options = array(
'allow_html' => 0, 'allow_html' => 0,
'allow_mycode' => 1, 'allow_mycode' => 1,
'allow_smilies' => 0, 'allow_smilies' => 0,
'allow_imgcode' => 0, 'allow_imgcode' => 0,
'me_username' => $post['username'],
'filter_badwords' => 1 'filter_badwords' => 1
); );
$post['message'] = strip_tags($parser->parse_message($pos t['message'], $parser_options)); $post['message'] = strip_tags($parser->text_parse_message ($post['message'], $parser_options));
if(my_strlen($post['message']) > 200) if(my_strlen($post['message']) > 200)
{ {
$prev = my_substr($post['message'], 0, 200)."..." ; $prev = my_substr($post['message'], 0, 200)."..." ;
} }
else else
{ {
$prev = $post['message']; $prev = $post['message'];
} }
$posted = my_date('relative', $post['dateline']); $posted = my_date('relative', $post['dateline']);
skipping to change at line 1182 skipping to change at line 1105
if($unsearchforums) if($unsearchforums)
{ {
$where_sql .= " AND fid NOT IN ($unsearchforums)"; $where_sql .= " AND fid NOT IN ($unsearchforums)";
} }
$inactiveforums = get_inactive_forums(); $inactiveforums = get_inactive_forums();
if($inactiveforums) if($inactiveforums)
{ {
$where_sql .= " AND fid NOT IN ($inactiveforums)"; $where_sql .= " AND fid NOT IN ($inactiveforums)";
} }
// Moderators can view unapproved threads and deleted threads from forums
they moderate
$unapproved_where = get_visible_where();
$where_sql .= " AND ({$unapproved_where})";
$permsql = ""; $permsql = "";
$onlyusfids = array(); $onlyusfids = array();
// Check group permissions if we can't view threads not started by us // Check group permissions if we can't view threads not started by us
$group_permissions = forum_permissions(); $group_permissions = forum_permissions();
foreach($group_permissions as $fid => $forum_permissions) foreach($group_permissions as $fid => $forum_permissions)
{ {
if(isset($forum_permissions['canonlyviewownthreads']) && $forum_p ermissions['canonlyviewownthreads'] == 1) if(isset($forum_permissions['canonlyviewownthreads']) && $forum_p ermissions['canonlyviewownthreads'] == 1)
{ {
$onlyusfids[] = $fid; $onlyusfids[] = $fid;
skipping to change at line 1259 skipping to change at line 1186
if($unsearchforums) if($unsearchforums)
{ {
$where_sql .= " AND fid NOT IN ($unsearchforums)"; $where_sql .= " AND fid NOT IN ($unsearchforums)";
} }
$inactiveforums = get_inactive_forums(); $inactiveforums = get_inactive_forums();
if($inactiveforums) if($inactiveforums)
{ {
$where_sql .= " AND fid NOT IN ($inactiveforums)"; $where_sql .= " AND fid NOT IN ($inactiveforums)";
} }
// Moderators can view unapproved threads and deleted threads from forums
they moderate
$unapproved_where = get_visible_where();
$where_sql .= " AND ({$unapproved_where})";
$permsql = ""; $permsql = "";
$onlyusfids = array(); $onlyusfids = array();
// Check group permissions if we can't view threads not started by us // Check group permissions if we can't view threads not started by us
$group_permissions = forum_permissions(); $group_permissions = forum_permissions();
foreach($group_permissions as $fid => $forum_permissions) foreach($group_permissions as $fid => $forum_permissions)
{ {
if(isset($forum_permissions['canonlyviewownthreads']) && $forum_p ermissions['canonlyviewownthreads'] == 1) if(isset($forum_permissions['canonlyviewownthreads']) && $forum_p ermissions['canonlyviewownthreads'] == 1)
{ {
$onlyusfids[] = $fid; $onlyusfids[] = $fid;
skipping to change at line 1336 skipping to change at line 1267
if($unsearchforums) if($unsearchforums)
{ {
$where_sql .= " AND fid NOT IN ($unsearchforums)"; $where_sql .= " AND fid NOT IN ($unsearchforums)";
} }
$inactiveforums = get_inactive_forums(); $inactiveforums = get_inactive_forums();
if($inactiveforums) if($inactiveforums)
{ {
$where_sql .= " AND fid NOT IN ($inactiveforums)"; $where_sql .= " AND fid NOT IN ($inactiveforums)";
} }
// Moderators can view unapproved threads and deleted threads from forums
they moderate
$unapproved_where = get_visible_where();
$where_sql .= " AND ({$unapproved_where})";
$permsql = ""; $permsql = "";
$onlyusfids = array(); $onlyusfids = array();
// Check group permissions if we can't view threads not started by us // Check group permissions if we can't view threads not started by us
$group_permissions = forum_permissions(); $group_permissions = forum_permissions();
foreach($group_permissions as $fid => $forum_permissions) foreach($group_permissions as $fid => $forum_permissions)
{ {
if(isset($forum_permissions['canonlyviewownthreads']) && $forum_p ermissions['canonlyviewownthreads'] == 1) if(isset($forum_permissions['canonlyviewownthreads']) && $forum_p ermissions['canonlyviewownthreads'] == 1)
{ {
$onlyusfids[] = $fid; $onlyusfids[] = $fid;
skipping to change at line 1412 skipping to change at line 1347
if($unsearchforums) if($unsearchforums)
{ {
$where_sql .= " AND fid NOT IN ($unsearchforums)"; $where_sql .= " AND fid NOT IN ($unsearchforums)";
} }
$inactiveforums = get_inactive_forums(); $inactiveforums = get_inactive_forums();
if($inactiveforums) if($inactiveforums)
{ {
$where_sql .= " AND fid NOT IN ($inactiveforums)"; $where_sql .= " AND fid NOT IN ($inactiveforums)";
} }
// Moderators can view unapproved threads and deleted threads from forums
they moderate
$unapproved_where = get_visible_where();
$where_sql .= " AND ({$unapproved_where})";
$permsql = ""; $permsql = "";
$onlyusfids = array(); $onlyusfids = array();
// Check group permissions if we can't view threads not started by us // Check group permissions if we can't view threads not started by us
$group_permissions = forum_permissions(); $group_permissions = forum_permissions();
foreach($group_permissions as $fid => $forum_permissions) foreach($group_permissions as $fid => $forum_permissions)
{ {
if(isset($forum_permissions['canonlyviewownthreads']) && $forum_p ermissions['canonlyviewownthreads'] == 1) if(isset($forum_permissions['canonlyviewownthreads']) && $forum_p ermissions['canonlyviewownthreads'] == 1)
{ {
$onlyusfids[] = $fid; $onlyusfids[] = $fid;
skipping to change at line 1498 skipping to change at line 1437
if($unsearchforums) if($unsearchforums)
{ {
$where_sql .= " AND fid NOT IN ($unsearchforums)"; $where_sql .= " AND fid NOT IN ($unsearchforums)";
} }
$inactiveforums = get_inactive_forums(); $inactiveforums = get_inactive_forums();
if($inactiveforums) if($inactiveforums)
{ {
$where_sql .= " AND fid NOT IN ($inactiveforums)"; $where_sql .= " AND fid NOT IN ($inactiveforums)";
} }
// Moderators can view unapproved threads and deleted threads from forums
they moderate
$unapproved_where = get_visible_where();
$where_sql .= " AND ({$unapproved_where})";
$permsql = ""; $permsql = "";
$onlyusfids = array(); $onlyusfids = array();
// Check group permissions if we can't view threads not started by us // Check group permissions if we can't view threads not started by us
$group_permissions = forum_permissions(); $group_permissions = forum_permissions();
foreach($group_permissions as $fid => $forum_permissions) foreach($group_permissions as $fid => $forum_permissions)
{ {
if(isset($forum_permissions['canonlyviewownthreads']) && $forum_p ermissions['canonlyviewownthreads'] == 1) if(isset($forum_permissions['canonlyviewownthreads']) && $forum_p ermissions['canonlyviewownthreads'] == 1)
{ {
$onlyusfids[] = $fid; $onlyusfids[] = $fid;
 End of changes. 19 change blocks. 
109 lines changed or deleted 51 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)