
930 lines
44 KiB
Raw Permalink Normal View History

2019-05-18 13:46:03 +08:00
if( ! defined( 'DATALIFEENGINE' ) ) {
die( "Hacking attempt!" );
if( ! $user_group[$member_id['user_group']]['allow_search'] ) {
$lang['search_denied'] = str_replace( '{group}', $user_group[$member_id['user_group']]['group_name'], $lang['search_denied'] );
msgbox( $lang['all_info'], $lang['search_denied'] );
} else {
function strip_data($text) {
$quotes = array ("\x27", "\x22", "\x60", "\t", "\n", "\r", "'", ",", "/", "<EFBFBD>", ";", ":", "@", "~", "[", "]", "{", "}", "=", ")", "(", "*", "&", "^", "%", "$", "<", ">", "?", "!", '"' );
$goodquotes = array ("-", "+", "#" );
$repquotes = array ("\-", "\+", "\#" );
$text = stripslashes( $text );
$text = trim( strip_tags( $text ) );
$text = str_replace( $quotes, '', $text );
$text = str_replace( $goodquotes, $repquotes, $text );
return $text;
$count_result = 0;
$sql_count = "";
$sql_find = "";
$tpl->load_template( 'search.tpl' );
$config['search_number'] = intval($config['search_number']);
if ( $config['search_number'] < 1) $config['search_number'] = 10;
$this_date = date( "Y-m-d H:i:s", $_TIME );
if( intval( $config['no_date'] ) ) $this_date = " AND " . PREFIX . " < '" . $this_date . "'"; else $this_date = "";
if( isset( $_REQUEST['story'] ) ) $story = substr( strip_data( $_REQUEST['story'] ), 0, 90 ); else $story = "";
if( isset( $_REQUEST['search_start'] ) ) $search_start = intval( $_REQUEST['search_start'] ); else $search_start = 0;
if( isset( $_REQUEST['titleonly'] ) ) $titleonly = intval( $_REQUEST['titleonly'] ); else $titleonly = 0;
if( isset( $_REQUEST['searchuser'] ) ) $searchuser = substr( strip_data( $_REQUEST['searchuser'] ), 0, 40 ); else $searchuser = "";
if( isset( $_REQUEST['exactname'] ) ) $exactname = $_REQUEST['exactname']; else $exactname = "";
if( isset( $_REQUEST['all_word_seach'] ) ) $all_word_seach = intval($_REQUEST['all_word_seach']); else $all_word_seach = 0;
if( isset( $_REQUEST['replyless'] ) ) $replyless = intval( $_REQUEST['replyless'] ); else $replyless = 0;
if( isset( $_REQUEST['replylimit'] ) ) $replylimit = intval( $_REQUEST['replylimit'] ); else $replylimit = 0;
if( isset( $_REQUEST['searchdate'] ) ) $searchdate = intval( $_REQUEST['searchdate'] ); else $searchdate = 0;
if( isset( $_REQUEST['beforeafter'] ) ) $beforeafter = strip_data( $_REQUEST['beforeafter'] ); else $beforeafter = "after";
if ($config['full_search']) {if( isset( $_REQUEST['sortby'] ) ) $sortby = strip_data( $_REQUEST['sortby'] ); else $sortby = "";
} else {if( isset( $_REQUEST['sortby'] ) ) $sortby = strip_data( $_REQUEST['sortby'] ); else $sortby = "date";}
if( isset( $_REQUEST['resorder'] ) ) $resorder = strip_data( $_REQUEST['resorder'] ); else $resorder = "desc";
if( isset( $_REQUEST['showposts'] ) ) $showposts = intval( $_REQUEST['showposts'] ); else $showposts = 0;
if( isset( $_REQUEST['result_from'] ) ) $result_from = intval( $_REQUEST['result_from'] ); else $result_from = 1; // <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD>
$full_search = intval( $_REQUEST['full_search'] );
if( !count( $_REQUEST['catlist'] ) ) {
$catlist = array ();
$catlist[] = '0';
} else $catlist = $_REQUEST['catlist'];
$category_list = array();
foreach ( $catlist as $value ) {$category_list[] = intval($value);}
$category_list = $db->safesql( implode( ',', $category_list ) );
$findstory = stripslashes( $story ); // <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
if ($titleonly == 2 AND !empty( $searchuser ) ) $searchuser = "";
if( empty( $story ) AND !empty( $searchuser ) AND $titleonly != 2) $story = "___SEARCH___ALL___";
if( $replyless < 0 or $replyless > 1 ) $replyless = 0; // <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
if( $replylimit < 0 ) $replylimit = 0; // <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
if( $showposts < 0 or $showposts > 1 ) $showposts = 0; // <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>
$listdate = array (0, - 1, 1, 7, 14, 30, 90, 180, 365 ); // <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD>
if( ! (in_array( $searchdate, $listdate )) ) $searchdate = 0;
if( $beforeafter != "after" and $beforeafter != "before" ) $beforeafter = "after"; // <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD>
$listsortby = array ("date", "title", "comm_num", "news_read", "autor", "category", "rating" );
if ($config['full_search']) {if( ! (in_array( $sortby, $listsortby )) ) $sortby = ""; // <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD>
} else {if( ! (in_array( $sortby, $listsortby )) ) $sortby = "date";} // <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD>}
$listresorder = array ("desc", "asc" );
$titleonly_sel = array ('0' => '', '1' => '', '2' => '', '3' => '' );
$titleonly_sel[$titleonly] = 'selected="selected"';
$replyless_sel = array ('0' => '', '1' => '' );
$replyless_sel[$replyless] = 'selected="selected"';
$searchdate_sel = array ('0' => '', '-1' => '', '1' => '', '7' => '', '14' => '', '30' => '', '90' => '', '180' => '', '365' => '' );
$searchdate_sel[$searchdate] = 'selected="selected"';
$beforeafter_sel = array ('after' => '', 'before' => '' );
$beforeafter_sel[$beforeafter] = 'selected="selected"';
$sortby_sel = array ('date' => '', 'title' => '', 'comm_num' => '', 'news_read' => '', 'autor' => '', 'category' => '', 'rating' => '' );
$sortby_sel[$sortby] = 'selected="selected"';
$resorder_sel = array ('desc' => '', 'asc' => '' );
$resorder_sel[$resorder] = 'selected="selected"';
$showposts_sel = array ('0' => '', '1' => '' );
$showposts_sel[$showposts] = 'checked="checked"';
if( $exactname == "yes" ) $exactname_sel = 'checked="checked"'; else $exactname_sel = '';
if( $all_word_seach == 1 ) $all_word_seach_sel = 'checked="checked"'; else $all_word_seach_sel = '';
if( $category_list == "" or $category_list == "0" ) {$catselall = "selected=\"selected\"";
} else {
$catselall = "";
$category_list = preg_replace( "/^0\,/", '', $category_list );
$cats = "<select style=\"width:95%;height:200px;\" name=\"catlist[]\" size=\"13\" multiple=\"multiple\">";
$cats .= "<option " . $catselall . " value=\"0\">" . $lang['s_allcat'] . "</option>";
$cats .= CategoryNewsSelection( explode( ',', $category_list ), 0, false );
$cats .= "</select>";
$tpl->copy_template .= <<<HTML
<script type="text/javascript" language="javascript">
<!-- begin
function clearform(frmname){
var frm = document.getElementById(frmname);
for (var i=0;i<frm.length;i++) {
var el=frm.elements[i];
if (el.type=="checkbox" || el.type=="radio") {
if ('showposts') {document.getElementById('rb_showposts_0').checked=1; } else {el.checked=0; }
if ((el.type=="text") || (el.type=="textarea") || (el.type == "password")) { el.value=""; continue; }
if ((el.type=="select-one") || (el.type=="select-multiple")) { el.selectedIndex=0; }
document.getElementById('replylimit').value = 0;
document.getElementById('search_start').value = 0;
document.getElementById('result_from').value = 1;
function list_submit(prm){
var frm = document.getElementById('fullsearch');
if (prm == -1) {
prm=Math.ceil(frm.result_from.value / {$config['search_number']});
} else {
frm.result_from.value=(prm-1) * {$config['search_number']} + 1;
return false;
function full_submit(prm){
function reg_keys(key) {
var code;
if (!key) var key = window.event;
if (key.keyCode) code = key.keyCode;
else if (key.which) code = key.which;
if (code == 13) {
document.onkeydown = reg_keys;
// end -->
$searchtable = <<<HTML
<form name="fullsearch" id="fullsearch" action="{$config['http_home_url']}index.php?do=search" method="post">
<input type="hidden" name="do" id="do" value="search" />
<input type="hidden" name="subaction" id="subaction" value="search" />
<input type="hidden" name="search_start" id="search_start" value="$search_start" />
<input type="hidden" name="full_search" id="full_search" value="$full_search" />
<input type="hidden" name="result_from" id="result_from" value="$result_from" />
if( $full_search ) {
if ($config['full_search']) {
$full_search_option = "<option value=\"\" selected=\"selected\">{$lang['s_fsrelate']}</option><option {$sortby_sel['date']} value=\"date\">{$lang['s_fsdate']}</option>";
$all_word_option = "";
} else {
$full_search_option = "<option {$sortby_sel['date']} value=\"date\" selected=\"selected\">{$lang['s_fsdate']}</option>";
$all_word_option = "<div><label for=\"all_word_seach\"><input type=\"checkbox\" name=\"all_word_seach\" value=\"1\" id=\"all_word_seach\" {$all_word_seach_sel} /><3E><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD></label></div>";
$searchtable .= <<<HTML
<table cellpadding="0" cellspacing="0" width="100%">
<td class="search">
<div align="center">
<table cellpadding="0" cellspacing="2" width="100%">
<tr style="vertical-align: top;">
<td class="search">
<fieldset style="margin:0px">
<table cellpadding="0" cellspacing="3" border="0">
<td class="search">
<div><input type="text" name="story" id="searchinput" value="$findstory" class="textin" style="width:250px" /></div>
<td class="search">
<select class="textin" name="titleonly" id="titleonly">
<option {$titleonly_sel['0']} value="0">{$lang['s_ncom']}</option>
<option {$titleonly_sel['1']} value="1">{$lang['s_ncom1']}</option>
<option {$titleonly_sel['2']} value="2">{$lang['s_static']}</option>
<option {$titleonly_sel['3']} value="3">{$lang['s_tnews']}</option>
<td class="search" valign="top">
<fieldset style="margin:0px">
<table cellpadding="0" cellspacing="3" border="0">
<td class="search">
<div id="userfield"><input type="text" name="searchuser" id="searchuser" value="$searchuser" class="textin" style="width:250px" /><br /><label for="exactname"><input type="checkbox" name="exactname" value="yes" id="exactname" {$exactname_sel} />{$lang['s_fgname']}</label>
<tr style="vertical-align: top;">
<td width="50%" class="search">
<fieldset style="margin:0px">
<div style="padding:3px">
<select class="textin" name="replyless" id="replyless" style="width:200px">
<option {$replyless_sel['0']} value="0">{$lang['s_fmin']}</option>
<option {$replyless_sel['1']} value="1">{$lang['s_fmax']}</option>
<input type="text" name="replylimit" id="replylimit" size="5" value="$replylimit" class="textin" /> {$lang['s_wcomm']}
<fieldset style="padding-top:10px">
<div style="padding:3px">
<select name="searchdate" id="searchdate" class="textin" style="width:200px">
<option {$searchdate_sel['0']} value="0">{$lang['s_tall']}</option>
<option {$searchdate_sel['-1']} value="-1">{$lang['s_tlast']}</option>
<option {$searchdate_sel['1']} value="1">{$lang['s_tday']}</option>
<option {$searchdate_sel['7']} value="7">{$lang['s_tweek']}</option>
<option {$searchdate_sel['14']} value="14">{$lang['s_ttweek']}</option>
<option {$searchdate_sel['30']} value="30">{$lang['s_tmoth']}</option>
<option {$searchdate_sel['90']} value="90">{$lang['s_tfmoth']}</option>
<option {$searchdate_sel['180']} value="180">{$lang['s_tsmoth']}</option>
<option {$searchdate_sel['365']} value="365">{$lang['s_tyear']}</option>
<select name="beforeafter" id="beforeafter" class="textin">
<option {$beforeafter_sel['after']} value="after">{$lang['s_fnew']}</option>
<option {$beforeafter_sel['before']} value="before">{$lang['s_falt']}</option>
<fieldset style="padding-top:10px">
<div style="padding:3px">
<select name="sortby" id="sortby" class="textin" style="width:200px">
<option {$sortby_sel['title']} value="title" >{$lang['s_fstitle']}</option>
<option {$sortby_sel['comm_num']} value="comm_num" >{$lang['s_fscnum']}</option>
<option {$sortby_sel['news_read']} value="news_read" >{$lang['s_fsnnum']}</option>
<option {$sortby_sel['autor']} value="autor" >{$lang['s_fsaut']}</option>
<option {$sortby_sel['category']} value="category" >{$lang['s_fscat']}</option>
<option {$sortby_sel['rating']} value="rating" >{$lang['s_fsrate']}</option>
<select name="resorder" id="resorder" class="textin">
<option {$resorder_sel['desc']} value="desc">{$lang['s_fsdesc']}</option>
<option {$resorder_sel['asc']} value="asc">{$lang['s_fsasc']}</option>
<fieldset style="padding-top:10px">
<table cellpadding="0" cellspacing="3" border="0">
<tr align="left" valign="middle">
<td align="left" class="search">{$lang['s_vwie']}&nbsp;&nbsp;
<label for="rb_showposts_0"><input type="radio" name="showposts" value="0" id="rb_showposts_0" {$showposts_sel['0']} />{$lang['s_vnews']}</label>
<label for="rb_showposts_1"><input type="radio" name="showposts" value="1" id="rb_showposts_1" {$showposts_sel['1']} />{$lang['s_vtitle']}</label>
<td width="50%" class="search" valign="top">
<fieldset style="margin:0px">
<div style="padding:3px">
<td class="search" colspan="2">
<div style="margin-top:6px">
<input type="button" class="bbcodes" style="margin:0px 20px 0 0px;" name="dosearch" id="dosearch" value="{$lang['s_fstart']}" onclick="javascript:list_submit(-1); return false;" />
<input type="button" class="bbcodes" style="margin:0px 20px 0 20px;" name="doclear" id="doclear" value="{$lang['s_fstop']}" onclick="javascript:clearform('fullsearch'); return false;" />
<input type="reset" class="bbcodes" style="margin:0px 20px 0 20px;" name="doreset" id="doreset" value="{$lang['s_freset']}" />
} else {
if ( $smartphone_detected ) {$link_full_search = "";
} else {$link_full_search = "<input type=\"button\" class=\"bbcodes\" name=\"dofullsearch\" id=\"dofullsearch\" value=\"{$lang['s_ffullstart']}\" onclick=\"javascript:full_submit(1); return false;\" />";}
$searchtable .= <<<HTML
<input type="hidden" name="result_from" id="result_from" value="$result_from" />
<table cellpadding="4" cellspacing="0" width="100%">
<td class="search">
<div class="line_center" style="margin:10px;">
<input type="text" name="story" id="searchinput" value="$findstory" class="textin" style="width:250px" /><br /><br />
<input type="button" class="bbcodes" name="dosearch" id="dosearch" value="{$lang['s_fstart']}" onclick="javascript:list_submit(-1); return false;" />
$searchtable .= <<<HTML
$tpl->set( '{searchtable}', $searchtable );
if( $subaction != "search" ) {
$tpl->set_block( "'\[searchmsg\](.*?)\[/searchmsg\]'si", "" );
$tpl->compile( 'content' );
if( $subaction == "search" ) {
if ($config['full_search']) {
$arr = explode( ' ', $story );
$story_maxlen = 0;
$story = array ();
foreach ( $arr as $word ) {
$wordlen = strlen( trim( $word ) );
if( $wordlen > $story_maxlen ) {$story_maxlen = $wordlen;}
$story = implode( " ", $story );
} else {
if ( !$all_word_seach ) $story = preg_replace( "#(\s+|__OR__)#i", '%', $story );
$story_maxlen = strlen( trim( $story ));
if( (empty( $story ) or ($story_maxlen < $config['search_length_min'])) and (empty( $searchuser ) or (strlen( $searchuser ) < $config['search_length_min'])) ) {
msgbox( $lang['all_info'], $lang['search_err_3'] );
$tpl->set( '{searchmsg}', '' );
$tpl->set( '[searchmsg]', "" );
$tpl->set( '[/searchmsg]', "" );
$tpl->compile( 'content' );
} else {
if( $search_start ) {
$search_start = $search_start - 1;
$search_start = $search_start * $config['search_number'];
$allow_cats = $user_group[$member_id['user_group']]['allow_cats'];
$allow_list = explode( ',', $allow_cats );
$stop_list = "";
if( $allow_list[0] == "all" ) {
if( $category_list == "" or $category_list == "0" ) {
} else {
$stop_list = str_replace( ',', '|', $category_list );
} else {
if( $category_list == "" or $category_list == "0" ) {
$stop_list = str_replace( ',', '|', $allow_cats );
} else {
$cats_list = explode( ',', $category_list );
foreach ( $cats_list as $id ) {
if( in_array( $id, $allow_list ) ) $stop_list .= $id . '|';
$stop_list = substr( $stop_list, 0, strlen( $stop_list ) - 1 );
$where_category = "";
if( ! empty( $stop_list ) ) {
if( $config['allow_multi_category'] ) {$where_category = "category regexp '[[:<:]](" . $stop_list . ")[[:>:]]'";
} else {
$stop_list = str_replace( "|", "','", $stop_list );
$where_category = "category IN ('" . $stop_list . "')";
if( $story == "___SEARCH___ALL___" ) $story = '';
$thistime = date( "Y-m-d H:i:s", (time() + $config['date_adjust'] * 60) );
if( $exactname == 'yes' ) $likename = ''; else $likename = '%';
if( $searchdate != '0' ) {
if( $searchdate != '-1' ) {
$qdate = date( "Y-m-d H:i:s", (time() + $config['date_adjust'] * 60 - $searchdate * 86400) );
} else {
if( $is_logged and isset( $_SESSION['member_lasttime'] ) ) $qdate = date( "Y-m-d H:i:s", $_SESSION['member_lasttime'] );
else $qdate = $thistime;
$autor_posts = '';
$autor_comms = '';
$searchuser = $db->safesql($searchuser);
if( ! empty( $searchuser ) ) {
switch ($titleonly) {
case 0 :
$autor_posts = PREFIX . "_post.autor like '$searchuser$likename'";
case 3 :
$autor_posts = PREFIX . "_post.autor like '$searchuser$likename'";
case 1 :
$autor_comms = PREFIX . "_comments.autor like '$searchuser$likename'";
$where_reply = "";
if( ! empty( $replylimit ) ) {
if( $replyless == 0 ) $where_reply = PREFIX . "_post.comm_num >= '" . $replylimit . "'";
else $where_reply = PREFIX . "_post.comm_num <= '" . $replylimit . "'";
if ($config['full_search']) {
$titleonly_where = array ('0' => "MATCH(title,short_story,full_story) AGAINST ('{story}')", // <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
} else {
$titleonly_where = array ('0' => "short_story LIKE '%{story}%' OR full_story LIKE '%{story}%' OR title LIKE '%{story}%'", // <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
if( !empty( $story ) ) {
foreach ( $titleonly_where as $name => $value ) {
$value2 = str_replace( "{story}", $db->safesql($story), $value );
$titleonly_where[$name] = $value2;
if( in_array( $titleonly, array (0, 3 ) ) ) {
$where_posts = "WHERE " . PREFIX . "_post.approve=1" . $this_date;
if( ! empty( $where_category ) ) $where_posts .= " AND " . $where_category;
if ($config['full_search']) {if( ! empty( $story ) ) $where_posts .= " AND " . $titleonly_where[$titleonly];
} else {if( ! empty( $story ) ) $where_posts .= " AND (" . $titleonly_where[$titleonly] . ")";}
if( ! empty( $autor_posts ) ) $where_posts .= " AND " . $autor_posts;
$sdate = PREFIX . "";
if( $searchdate != '0' ) {
if( $beforeafter == 'before' ) $where_date = $sdate . " < '" . $qdate . "'";
else $where_date = $sdate . " between '" . $qdate . "' and '" . $thistime . "'";
$where_posts .= " AND " . $where_date;
if( ! empty( $where_reply ) ) $where_posts .= " AND " . $where_reply;
$where = $where_posts;
if ($config['full_search']) if( $titleonly_where[$titleonly] == "" ) $titleonly_where[$titleonly] = "''";
$posts_fields = "SELECT SQL_CALC_FOUND_ROWS id, autor, " . PREFIX . " AS newsdate, " . PREFIX . " AS date, short_story AS story, title, descr, keywords, category, alt_name, comm_num AS comm_in_news, allow_comm, rating, news_read, editdate, tags, '' AS output_comms";
$posts_from = "FROM " . PREFIX . "_post";
$sql_fields = $posts_fields;
$sql_find = "$sql_fields $posts_from $where";
if( $titleonly == 1) {
$where_comms = "WHERE " . PREFIX . "_post.approve=1" . $this_date;
if( ! empty( $where_category ) ) $where_comms .= " AND " . $where_category;
if( ! empty( $story ) ) $where_comms .= " AND (" . $titleonly_where['1'] . ")";
if( ! empty( $autor_comms ) ) $where_comms .= " AND " . $autor_comms;
$sdate = PREFIX . "";
if( $searchdate != '0' ) {
if( $beforeafter == 'before' ) $where_date = $sdate . " < '" . $qdate . "'";
else $where_date = $sdate . " between '" . $qdate . "' and '" . $thistime . "'";
$where_comms .= " AND " . $where_date;
if( ! empty( $where_reply ) ) $where_comms .= " AND " . $where_reply;
$where = $where_comms;
$comms_fields = "SELECT SQL_CALC_FOUND_ROWS " . PREFIX . " AS coms_id, post_id AS id, " . PREFIX . ", " . PREFIX . "_comments.autor AS autor, " . PREFIX . " AS gast_email, " . PREFIX . "_comments.text AS story, ip, is_register, name, " . USERPREFIX . ", news_num, " . USERPREFIX . "_users.comm_num, reg_date, banned, signature, foto, fullname, land, icq, repa, repa_mod, repa_off, " . PREFIX . " AS newsdate, " . PREFIX . "_post.title, " . PREFIX . "_post.category, " . PREFIX . "_post.alt_name, " . PREFIX . "_post.comm_num AS comm_in_news, " . PREFIX . "_post.allow_comm, " . PREFIX . "_post.rating, " . PREFIX . "_post.news_read, '1' AS output_comms";
$comms_from = "FROM " . PREFIX . "_comments LEFT JOIN " . PREFIX . "_post ON " . PREFIX . "_comments.post_id=" . PREFIX . " LEFT JOIN " . USERPREFIX . "_users ON " . PREFIX . "_comments.user_id=" . USERPREFIX . "_users.user_id";
$sql_fields = $comms_fields;
$sql_find = "$sql_fields $comms_from $where";
$order_by = $sortby . " " . $resorder;
if( $titleonly == 6 ) {
$sql_from = "FROM " . PREFIX . "_static";
$sql_fields = "SELECT SQL_NO_CACHE id, name AS static_name, descr AS title, template AS story, grouplevel, date, views";
if ( $titleonly_where[$titleonly] ) $where = "WHERE " . $titleonly_where[$titleonly]; else $where = "";
$sql_find = "$sql_fields $sql_from $where";
$order_by = "id";
// ------ <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD>
$from_num = $search_start + 1;
if ($config['full_search']) {
if( $sortby != "" ) $order_by = "ORDER BY " . $order_by; else $order_by = "";
$sql_request = "$sql_find $order_by LIMIT $search_start,{$config['search_number']}";
} else {
$sql_request = "$sql_find ORDER BY $order_by LIMIT $search_start,{$config['search_number']}";
$sql_result = $db->query( $sql_request );
$found_result = $db->num_rows( $sql_result );
$result_count = $db->super_query( "SELECT FOUND_ROWS() as count" );
$count_result = $result_count['count'];
if( $count_result > ($config['search_number'] * 5) ) $count_result = ($config['search_number'] * 5);
if( ! $found_result ) {
msgbox( $lang['all_info'], $lang[search_err_2] );
$tpl->set( '{searchmsg}', '' );
$tpl->set_block( "'\[searchmsg\](.*?)\[/searchmsg\]'si", "" );
$tpl->compile( 'content' );
} else {
$to_num = $search_start + $found_result;
$searchmsg = "$lang[search_ok] " . $count_result . " $lang[search_ok_1] ($lang[search_ok_2] " . $from_num . " - " . $to_num . ") :";
$tpl->set( '{searchmsg}', $searchmsg );
$tpl->set( '[searchmsg]', "" );
$tpl->set( '[/searchmsg]', "" );
$tpl->compile( 'content' );
$tpl->load_template( 'searchresult.tpl' );
function hilites($search, $txt) {
$r = preg_split( '((>)|(<))', $txt, - 1, PREG_SPLIT_DELIM_CAPTURE );
for($i = 0; $i < count( $r ); $i ++) {
if( $r[$i] == "<" ) {
$i ++;
$r[$i] = preg_replace( "#($search)#i", "<span style='background-color:yellow;'><font color='red'>\\1</font></span>", $r[$i] );
return join( "", $r );
function create_description($txt) {
$fastquotes = array ("\x27", "\x22", "\x60", "\t", "\n", "\r" );
$quotes = array ('"', "'" );
$maxchr = 80;
$txt = preg_replace( "/\[hide\](.*?)\[\/hide\]/ims", "", $txt );
$txt = stripslashes( $txt );
$txt = trim( strip_tags( $txt ) );
$txt = str_replace( $fastquotes, ' ', $txt );
$txt = str_replace( $quotes, '', $txt );
$txt = preg_replace( "#\s+#i", ' ', $txt );
$txt = substr( $txt, 0, 300 );
$txt = wordwrap( $txt, $maxchr, " " );
return $txt;
$search_id = $search_start;
while ( $row = $db->get_row( $sql_result ) ) {
$search_id ++;
$attachments[] = $row['id'];
if( $titleonly != 2 ) {
$row['newsdate'] = strtotime( $row['newsdate'] );
$row['date'] = strtotime( $row['date'] );
$row['story'] = stripslashes( $row['story'] );
if( $user_group[$member_id['user_group']]['allow_hide'] ) $row['story'] = str_ireplace( "[hide]", "", str_ireplace( "[/hide]", "", $row['story']) );
else $row['story'] = preg_replace ( "#\[hide\](.+?)\[/hide\]#is", "<div class=\"quote\">" . $lang['news_regus'] . "</div>", $row['story'] );
if ($config['full_search']) $arr = explode( " ", $story ); else $arr = explode( "%", $story );
foreach ( $arr as $word ) {
if( strlen( trim( $word ) ) >= $config['search_length_min'] ) {
$row['story'] = hilites( $word, $row['story'] );
if( $titleonly == 2 ) {
$row['grouplevel'] = explode( ',', $row['grouplevel'] );
if( $row['grouplevel'][0] != "all" and ! in_array( $member_id['user_group'], $row['grouplevel'] ) ) {
$tpl->result['content'] .= $lang['static_denied'];
} else {
$row['story'] = stripslashes( $row['story'] );
$title = stripslashes( strip_tags( $row['title'] ) );
$tpl->load_template( 'static.tpl' );
$static_descr = "<a title=\"" . $title . "\" href=\"" . $config['http_home_url'] . $row['static_name'] . ".html\" >" . $title . "</a>";
$tpl->set( '{description}', $static_descr );
if (strlen( $row['story'] ) > 2000) {
$row['story'] = substr( strip_tags ($row['story']), 0, 2000)." .... ";
$row['story'] .= "( <a href=\"" . $config['http_home_url'] . $row['static_name'] . ".html\" >" . $lang['search_s_go'] . "</a> )";
$tpl->set( '{static}', $row['story'] );
$tpl->set( '{pages}', '' );
if( @date( "Ymd", $row['date'] ) == date( "Ymd", $_TIME ) ) {
$tpl->set( '{date}', $lang['time_heute'] . langdate( ", H:i", $row['date'] ) );
} elseif( @date( "Ymd", $row['date'] ) == date( "Ymd", ($_TIME - 86400) ) ) {
$tpl->set( '{date}', $lang['time_gestern'] . langdate( ", H:i", $row['date'] ) );
} else {
$tpl->set( '{date}', langdate( $config['timestamp_active'], $row['date'] ) );
$tpl->copy_template = preg_replace ( "#\{date=(.+?)\}#ie", "langdate('\\1', '{$row['date']}')", $tpl->copy_template );
$tpl->set( '{views}', $row['views'] );
$tpl->compile( 'content' );
if( $config['files_allow'] == "yes" ) {
if( strpos( $tpl->result['content'], "[file=" ) !== false ) {$tpl->result['content'] = show_file( $tpl->result['content'], $attachments, true );}
if( strpos( $tpl->result['content'], "[torrent=" ) !== false ) {$tpl->result['content'] = show_torrent( $tpl->result['content'], $attachments, true );}
} else {
$tpl->set( '{result-date}', langdate( $config['timestamp_active'], $row['date'] ) );
$tpl->copy_template = preg_replace ( "#\{date=(.+?)\}#ie", "langdate('\\1', '{$row['date']}')", $tpl->copy_template );
$row_title = stripslashes( $row['title'] );
$tpl->set( '{result-title}', $row_title );
$tpl->set( '{result-author}', "<a href=\"" . $config['http_home_url'] . "user/" . urlencode( $row['autor'] ) . "/\">" . $row['autor'] . "</a>" );
$tpl->set( '{result-comments}', $row['comm_in_news'] );
$my_news_id = "<a title=\"" . $row_title . "\" href=\"$PHP_SELF?newsid=" . $row['id'] . "\"><3E> " . $row['id'] . "</a>";
$tpl->set( '{news-id}', $my_news_id );
if( ! $row['category'] ) {
$my_cat = "---";
$my_cat_link = "---";
} else {
$my_cat = array ();
$my_cat_link = array ();
$cat_list = explode( ',', $row['category'] );
if( count( $cat_list ) == 1 ) {
$my_cat[] = $cat_info[$cat_list[0]]['name'];
$my_cat_link = get_categories( $cat_list[0] );
} else {
foreach ( $cat_list as $element ) {
if( $element ) {
$my_cat[] = $cat_info[$element]['name'];
$my_cat_link[] = "<a href=\"" . $config['http_home_url'] . get_url( $element ) . "/\">{$cat_info[$element]['name']}</a>";
}}$my_cat_link = stripslashes( implode( ', ', $my_cat_link ) );
}$my_cat = stripslashes( implode( ', ', $my_cat ) );
$row['category'] = intval( $row['category'] );
if( $row['tags'] ) {
$tpl->set( '[tags]', "" );
$tpl->set( '[/tags]', "" );
$tags = array ();
$row['tags'] = explode( ",", $row['tags'] );
foreach ( $row['tags'] as $value ) {
$value = trim( $value );
$tags[] = "<a href=\"" . $config['http_home_url'] . "tags/" . urlencode( $value ) . "/\">" . $value . "</a>";
$tpl->set( '{tags}', implode( ", ", $tags ) );
} else {
$tpl->set_block( "'\\[tags\\](.*?)\\[/tags\\]'si", "" );
$tpl->set( '{tags}', "" );
$tpl->set( '{link-category}', $my_cat_link );
$tpl->set( '{views}', $row['news_read'] );
if( $row['output_comms'] == '1' ) {
if( ! $row['is_register'] ) {
if( $row['gast_email'] != "" ) {$tpl->set( '{result-author}', "<a href=\"mailto:".htmlspecialchars($row['gast_email'], ENT_QUOTES)."\">" . stripslashes( $row['autor'] ) . "</a>" );
} else {$tpl->set( '{result-author}', stripslashes( $row['autor'] ) );}
} else {$tpl->set( '{result-author}', "<a href=\"" . $config['http_home_url'] . "user/" . urlencode( $row['name'] ) . "/\">" . stripslashes( $row['autor'] ) . "</a>" ); }
if( $is_logged and $member_id['user_group'] == '1' ) $tpl->set( '{ip}', "IP: <a onclick=\"return dropdownmenu(this, event, IPMenu('" . $row['ip'] . "', '" . $lang['ip_info'] . "', '" . $lang['ip_tools'] . "', '" . $lang['ip_ban'] . "'), '190px')\" onMouseout=\"delayhidemenu()\" href=\"{$row['ip']}\" target=\"_blank\">{$row['ip']}</a>" );
else $tpl->set( '{ip}', '' );
if( $is_logged and (($member_id['name'] == $row['name'] and $row['is_register'] and $user_group[$member_id['user_group']]['allow_editc']) or $user_group[$member_id['user_group']]['edit_allc']) ) {
$tpl->set( '[com-edit]', "<a onclick=\"return ajax_comm_edit('" . $row['coms_id'] . "', 'news')\" return false; href=\"#\">" );
$tpl->set( '[/com-edit]', "</a>" );
} else $tpl->set_block( "'\\[com-edit\\](.*?)\\[/com-edit\\]'si", "" );
if( $is_logged and (($member_id['name'] == $row['name'] and $row['is_register'] and $user_group[$member_id['user_group']]['allow_delc']) or $member_id['user_group'] == '1' or $user_group[$member_id['user_group']]['del_allc']) ) {
$tpl->set( '[com-del]', "<a href=\"javascript:confirmDelete('" . $config['http_home_url'] . "index.php?do=comments&action=comm_del&id=" . $row['coms_id'] . "&amp;dle_allow_hash=" . $dle_login_hash . "')\">" );
$tpl->set( '[/com-del]', "</a>" );
} else $tpl->set_block( "'\\[com-del\\](.*?)\\[/com-del\\]'si", "" );
$tpl->set_block( "'\\[fast\\](.*?)\\[/fast\\]'si", "" );
$tpl->set( '{mail}', $row['email'] );
$tpl->set( '{comment-id}', '--' );
if( $row['banned'] == 'yes' or $row['name'] == '' or ! $row['is_register'] ) {
$grav_url = '' . md5( stripslashes( $row['email'] ) ) . "?s=100&r=g&d=" . $config['http_home_url'] . 'templates/' . $config['skin'] . '/images/noavatar.png';$tpl->set('{foto}', "<img src=\"" . $grav_url . "\" border=\"0\" style=\"border:1px solid #ccc; max-width:100px\" /><br />");
} else {
if( $row['foto'] ) $tpl->set( '{foto}', "<img src=\"" . $config['http_home_url'] . "uploads/fotos/" . $row['foto'] . "\" border=\"0\" style=\"border:1px solid #ccc; max-width:100px\" />" );
else $grav_url = '' . md5( stripslashes( $row['email'] ) ) . "?s=100&r=g&d=" . $config['http_home_url'] . 'templates/' . $config['skin'] . '/images/noavatar.png';$tpl->set('{foto}', "<img src=\"" . $grav_url . "\" border=\"0\" style=\"border:1px solid #ccc; max-width:100px\" /><br />");
@include (SYSTEM_DIR.'/modules/reputation.php');
if( $row['is_register'] ) $tpl->set( '{registration}', langdate( "d.m.Y", $row['reg_date'] ) );
else $tpl->set( '{registration}', '--' );
if( $row['is_register'] and $row['news_num'] ) $tpl->set( '{news_num}', $row['news_num'] );
else $tpl->set( '{news_num}', '0' );
if( $row['is_register'] and $row['comm_num'] ) $tpl->set( '{comm_num}', $row['comm_num'] );
else $tpl->set( '{comm_num}', '0' );
$tpl->set_block( "'\\[signature\\](.*?)\\[/signature\\]'si", "" );
$tpl->set( '{result-text}', "<div id='comm-id-" . $row['coms_id'] . "'>" . $row['story'] . "</div>" );
} else {
if( $is_logged and (($member_id['name'] == $row['autor'] and $user_group[$member_id['user_group']]['allow_edit']) or $user_group[$member_id['user_group']]['allow_all_edit']) ) {
$tpl->set( '[edit]', "<a href=\"/index.php?do=editnews&id=$row[id]\">" );
$tpl->set( '[/edit]', "</a>" );
} else {$tpl->set_block( "'\\[edit\\](.*?)\\[/edit\\]'si", "" );}
if ($smartphone_detected) {
if (!$config['allow_smart_format']) {$row['story'] = strip_tags( $row['story'], '<p><br><a>' );
} else {
if ( !$config['allow_smart_images'] ) {
$row['story'] = preg_replace( "#<!--TBegin-->(.+?)<!--TEnd-->#is", "", $row['story'] );
$row['story'] = preg_replace( "#<img(.+?)>#is", "", $row['story'] );
if ( !$config['allow_smart_video'] ) {
$row['story'] = preg_replace( "#<!--dle_video_begin(.+?)<!--dle_video_end-->#is", "", $row['story'] );
$row['story'] = preg_replace( "#<!--dle_audio_begin(.+?)<!--dle_audio_end-->#is", "", $row['story'] );
if ($is_logged){
$fav_arr = explode (',', $member_id['favorites']);
if (!in_array ($row['id'], $fav_arr))
$tpl->set('{favorites}',"<a id=\"fav-id-".$row['id']."\" href=\"$PHP_SELF?do=favorites&amp;doaction=add&amp;id=".$row['id']."\"><img src=\"".$config['http_home_url']."templates/{$config['skin']}/images/add_fav.png\" onclick=\"doFavorites('".$row['id']."', 'plus'); return false;\" alt=\"".$lang['news_addfav']."\" align=\"middle\" border=\"0\" /></a>");
$tpl->set('{favorites}',"<a id=\"fav-id-".$row['id']."\" href=\"$PHP_SELF?do=favorites&amp;doaction=del&amp;id=".$row['id']."\"><img src=\"".$config['http_home_url']."templates/{$config['skin']}/images/del_fav.png\" onclick=\"doFavorites('".$row['id']."', 'minus'); return false;\" alt=\"".$lang['news_minfav']."\" align=\"middle\" border=\"0\" /></a>");
} else $tpl->set('{favorites}',"");
$tpl->set( '{result-text}', "<div id='news-id-" . $row['id'] . "'>" . $row['story'] . "</div>" );
$tpl->set( '{search-id}', $search_id );
if( $showposts == 0 ) {
$tpl->set_block( "'\\[shortresult\\].*?\\[/shortresult\\]'si", "" );
$tpl->set( '[fullresult]', "" );
$tpl->set( '[/fullresult]', "" );
$alt_text = $row_title;
} else {
$tpl->set_block( "'\\[fullresult\\].*?\\[/fullresult\\]'si", "" );
$tpl->set( '[shortresult]', "" );
$tpl->set( '[/shortresult]', "" );
$alt_text = create_description( $row['story'] );
$full_link = $config['http_home_url'] . $row['id'] . "-" . $row['alt_name'] . ".html";
$tpl->set( '[result-link]', "<a href=\"" . $full_link . "\" >" );
$tpl->set( '[/result-link]', "</a>" );
if( $row['output_comms'] == '1' ) {
$tpl->set_block( "'\\[searchposts\\].*?\\[/searchposts\\]'si", "" );
$tpl->set( '[searchcomments]', "<div id='comment-id-{$row['coms_id']}'>" );
$tpl->set( '[/searchcomments]', "</div>" );
} else {
$tpl->set_block( "'\\[searchcomments\\].*?\\[/searchcomments\\]'si", "" );
$tpl->set( '[searchposts]', "" );
$tpl->set( '[/searchposts]', "" );
$tpl->compile( 'content' );
if( $user_group[$member_id['user_group']]['allow_hide'] ) $tpl->result['content'] = preg_replace( "'\[hide\](.*?)\[/hide\]'si", "\\1", $tpl->result['content']);
else $tpl->result['content'] = preg_replace ( "'\[hide\](.*?)\[/hide\]'si", "<div class=\"quote\">" . $lang['news_regus'] . "</div>", $tpl->result['content'] );
if( $config['files_allow'] == "yes" ) {
if( strpos( $tpl->result['content'], "[file=" ) !== false ) {
$tpl->result['content'] = show_file( $tpl->result['content'], $attachments );
if( strpos( $tpl->result['content'], "[torrent=" ) !== false ) {
$tpl->result['content'] = show_torrent( $tpl->result['content'], $attachments );
} // while
$db->free( $sql_result );
if( $found_result > 0 ) {
$tpl->load_template( 'navigation.tpl' );
// Previous link
if( isset( $search_start ) and $search_start != "" and $search_start > 0 ) {
$prev = $search_start / $config['search_number'];
$prev_page = "<a name=\"prevlink\" id=\"prevlink\" onclick=\"javascript:list_submit($prev); return(false)\" href=#>";
$tpl->set_block( "'\[prev-link\](.*?)\[/prev-link\]'si", $prev_page . "\\1</a>" );
} else {
$tpl->set_block( "'\[prev-link\](.*?)\[/prev-link\]'si", "<span>\\1</span>" );
$no_prev = TRUE;
// Pages
if( $config['search_number'] ) {
$pages_count = @ceil( $count_result / $config['search_number'] );
$pages_start_from = 0;
$pages = "";
for($j = 1; $j <= $pages_count; $j ++) {
if( $pages_start_from != $search_start ) {
$pages .= "<a onclick=\"javascript:list_submit($j); return(false)\" href=#>$j</a> ";
} else {
$pages .= " <span>$j</span> ";
$pages_start_from += $config['search_number'];
$tpl->set( '{pages}', $pages );
// Next link
if( $config['search_number'] < $count_result and $to_num < $count_result ) {
$next_page = $to_num / $config['search_number'] + 1;
$next = "<a name=\"nextlink\" id=\"nextlink\" onclick=\"javascript:list_submit($next_page); return(false)\" href=#>";
$tpl->set_block( "'\[next-link\](.*?)\[/next-link\]'si", $next . "\\1</a>" );
} else {
$tpl->set_block( "'\[next-link\](.*?)\[/next-link\]'si", "<span>\\1</span>" );
$no_next = TRUE;
if( ! $no_prev or ! $no_next ) {
$tpl->compile( 'content' );