path: root/mod/search.php


     
<?php

function search_saved_searches() {

	if(! feature_enabled(local_user(),'savedsearch'))
		return '';

	$o = '';

	$r = q("select `tid`,`term` from `term` WHERE `uid` = %d and type = %d",
		intval(local_user()),
		intval(TERM_SAVEDSEARCH)
	);

	if(count($r)) {
		$o .= '<div id="saved-search-list" class="widget">';
		$o .= '<h3>' . t('Saved Searches') . '</h3>' . "\r\n";
		$o .= '<ul id="saved-search-ul">' . "\r\n";
		foreach($r as $rr) {
			$o .= '<li class="saved-search-li clear"><a href="search/?f=&remove=1&search=' . rawurlencode($rr['term']) . '" title="' . t('Remove term') . '" onclick="return confirmDelete();"><i class="icon-remove drop-icons"></i></a> <a href="search/?f=&search=' . $rr['term'] . '" class="savedsearchterm" >' . htmlspecialchars($rr['term']) . '</a></li>' . "\r\n";
		}
		$o .= '</ul><div class="clear"></div></div>' . "\r\n";
	}		

	return $o;

}


function search_init(&$a) {

	$search = ((x($_GET,'search')) ? trim(rawurldecode($_GET['search'])) : '');

	if(local_user()) {
		if(x($_GET,'save') && $search) {
			$r = q("select `tid` from `term` where `uid` = %d and `type` = %d and `term` = '%s' limit 1",
				intval(local_user()),
				intval(TERM_SAVEDSEARCH),
				dbesc($search)
			);
			if(! count($r)) {
				q("insert into `term` ( `uid`,`type`,`term` ) values ( %d, %d, '%s') ",
					intval(local_user()),
					intval(TERM_SAVEDSEARCH),
					dbesc($search)
				);
			}
		}
		if(x($_GET,'remove') && $search) {
			q("delete from `term` where `uid` = %d and `type` = %d and `term` = '%s' limit 1",
				intval(local_user()),
				intval(TERM_SAVEDSEARCH),
				dbesc($search)
			);
		}

		$a->page['aside'] .= search_saved_searches();

	}
	else {
		unset($_SESSION['theme']);
		unset($_SESSION['mobile_theme']);
	}


}


function search_post(&$a) {
	if(x($_POST,'search'))
		$a->data['search'] = $_POST['search'];
}


function search_content(&$a,$update = 0, $load = false) {

	if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
		notice( t('Public access denied.') . EOL);
		return;
	}

	nav_set_selected('search');

	require_once("include/bbcode.php");
	require_once('include/security.php');
	require_once('include/conversation.php');
	require_once('include/items.php');


	$observer = $a->get_observer();

	$o = '<div id="live-search"></div>' . "\r\n";

	$o .= '<h3>' . t('Search') . '</h3>';

	if(x($a->data,'search'))
		$search = trim($a->data['search']);
	else
		$search = ((x($_GET,'search')) ? trim(rawurldecode($_GET['search'])) : '');

	$tag = false;
	if(x($_GET,'tag')) {
		$tag = true;
		$search = ((x($_GET,'tag')) ? trim(rawurldecode($_GET['tag'])) : '');
	}

	$o .= search($search,'search-box','/search',((local_user()) ? true : false));

	if(strpos($search,'#') === 0) {
		$tag = true;
		$search = substr($search,1);
	}
	if(strpos($search,'@') === 0) {
		$search = substr($search,1);
		goaway(z_root() . '/directory' . '?f=1&search=' . $search);
	}

	// look for a naked webbie
	if(strpos($search,'@') !== false) {
		goaway(z_root() . '/directory' . '?f=1&search=' . $search);
	}

	if(! $search)
		return $o;

	if($tag) {
		$sql_extra = sprintf(" AND `item`.`id` IN (select `oid` from term where otype = %d and type = %d and term = '%s') ",
			intval(TERM_OBJ_POST),
			intval(TERM_HASHTAG),
			dbesc(protect_sprintf($search))
		);
	}
	else {
		if (get_config('system','use_fulltext_engine'))
			$sql_extra = sprintf(" AND MATCH (`item`.`body`) AGAINST ('".'"%s"'."' in boolean mode) ", dbesc(protect_sprintf($search)));
		else
			$sql_extra = sprintf(" AND `item`.`body` REGEXP '%s' ", dbesc(protect_sprintf(preg_quote($search))));
	}

	// Here is the way permissions work in the search module...
	// Only public posts can be shown
	// OR your own posts if you are a logged in member
	// No items will be shown if the member has a blocked profile wall. 


	if((! $update) && (! $load)) {

		// This is ugly, but we can't pass the profile_uid through the session to the ajax updater,
		// because browser prefetching might change it on us. We have to deliver it with the page.

		$o .= '<div id="live-search"></div>' . "\r\n";
		$o .= "<script> var profile_uid = " . ((intval(local_user())) ? local_user() : (-1))
			. "; var netargs = '?f='; var profile_page = " . $a->pager['page'] . "; </script>\r\n";

		$a->page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array(
			'$baseurl' => z_root(),
			'$pgtype' => 'search',
			'$uid' => (($a->profile['profile_uid']) ? $a->profile['profile_uid'] : '0'),
			'$gid' => '0',
			'$cid' => '0',
			'$cmin' => '0',
			'$cmax' => '0',
			'$star' => '0',
			'$liked' => '0',
			'$conv' => '0',
			'$spam' => '0',
			'$nouveau' => '0',
			'$wall' => '0',
			'$page' => (($a->pager['page'] != 1) ? $a->pager['page'] : 1),
			'$search' => (($tag) ? urlencode('#') : '') . $search,
			'$order' => '',
			'$file' => '',
			'$cats' => '',
			'$mid' => '',
			'$dend' => '',
			'$dbegin' => ''
		));


	}

	$pub_sql = public_permissions_sql(get_observer_hash());

	if(($update) && ($load)) {
		$itemspage = get_pconfig(local_user(),'system','itemspage');
		$a->set_pager_itemspage(((intval($itemspage)) ? $itemspage : 20));
		$pager_sql = sprintf(" LIMIT %d, %d ",intval($a->pager['start']), intval($a->pager['itemspage']));

		if($load) {
			$r = null;

			if(local_user()) {
				$r = q("SELECT distinct mid, item.id as item_id, item.* from item
					WHERE item_restrict = 0
					AND (( `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' AND `item`.`deny_cid`  = '' AND `item`.`deny_gid`  = '' AND item_private = 0 ) 
					OR ( `item`.`uid` = %d ))
					$sql_extra
					group by mid ORDER BY created DESC $pager_sql ",
					intval(local_user()),
					intval(ABOOK_FLAG_BLOCKED)

				);
			}
			if($r === null) {
               $r = q("SELECT distinct mid, item.id as item_id, item.* from item
                    WHERE item_restrict = 0
                    AND ((( `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' AND `item`.`deny_cid`  = ''
                    AND `item`.`deny_gid`  = '' AND item_private = 0 )
                    and owner_xchan in ( " . stream_perms_xchans(($observer) ? PERMS_NETWORK : PERMS_PUBLIC) . " ))
					$pub_sql )
                    $sql_extra 
                    group by mid ORDER BY created DESC $pager_sql"
                );
			}
		}
		else {
			$r = array();
		}
	}

	if($r) {

//		$parents_str = ids_to_querystr($r,'item_id');

//		$items = q("SELECT `item`.*, `item`.`id` AS `item_id` 
//			FROM `item`
//			WHERE item_restrict = 0 
//			$sql_extra and parent in ( $parents_str ) "
//		);

		xchan_query($r);
		$items = fetch_post_tags($r,true);
//		$items = conv_sort($items,'created');

	} else {
		$items = array();
	}

//logger('mod_search: items ' . count($items));

//	$r = q("SELECT distinct(`item`.`mid`), `item`.*, `item`.`id` AS `item_id`, 
//		`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`,
//		`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`, 
//		`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`,
//		`user`.`nickname`
//		FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
//		LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`
//		WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
//		AND (( `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' AND `item`.`deny_cid`  = '' AND `item`.`deny_gid`  = '' AND `item`.`private` = 0 AND `user`.`hidewall` = 0 ) 
//			OR `item`.`uid` = %d )
//		AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
//		$sql_extra
//		group by `item`.`mid`	
//		ORDER BY `received` DESC LIMIT %d , %d ",
//		intval(local_user()),
//		intval($a->pager['start']),
//		intval($a->pager['itemspage'])

//	);


//	$a = fetch_post_tags($a,true);

//	if(! $items) {//
//		info( t('No results.') . EOL);
//		return $o;
//	}


	if($tag) 
		$o .= '<h2>Items tagged with: ' . htmlspecialchars($search) . '</h2>';
	else
		$o .= '<h2>Search results for: ' . htmlspecialchars($search) . '</h2>';

	$o .= conversation($a,$items,'search',$update,'client');

//	$o .= alt_pager($a,count($r));

	return $o;
}
<?php

function search_saved_searches() {

	if(! feature_enabled(local_user(),'savedsearch'))
		return '';

	$o = '';

	$r = q("select `tid`,`term` from `term` WHERE `uid` = %d and type = %d",
		intval(local_user()),
		intval(TERM_SAVEDSEARCH)
	);

	if(count($r)) {
		$o .= '<div id="saved-search-list" class="widget">';
		$o .= '<h3>' . t('Saved Searches') . '</h3>' . "\r\n";
		$o .= '<ul id="saved-search-ul">' . "\r\n";
		foreach($r as $rr) {
			$o .= '<li class="saved-search-li clear"><a href="search/?f=&remove=1&search=' . rawurlencode($rr['term']) . '" title="' . t('Remove term') . '" onclick="return confirmDelete();"><i class="icon-remove drop-icons"></i></a> <a href="search/?f=&search=' . $rr['term'] . '" class="savedsearchterm" >' . htmlspecialchars($rr['term']) . '</a></li>' . "\r\n";
		}
		$o .= '</ul><div class="clear"></div></div>' . "\r\n";
	}		

	return $o;

}


function search_init(&$a) {

	$search = ((x($_GET,'search')) ? trim(rawurldecode($_GET['search'])) : '');

	if(local_user()) {
		if(x($_GET,'save') && $search) {
			$r = q("select `tid` from `term` where `uid` = %d and `type` = %d and `term` = '%s' limit 1",
				intval(local_user()),
				intval(TERM_SAVEDSEARCH),
				dbesc($search)
			);
			if(! count($r)) {
				q("insert into `term` ( `uid`,`type`,`term` ) values ( %d, %d, '%s') ",
					intval(local_user()),
					intval(TERM_SAVEDSEARCH),
					dbesc($search)
				);
			}
		}
		if(x($_GET,'remove') && $search) {
			q("delete from `term` where `uid` = %d and `type` = %d and `term` = '%s' limit 1",
				intval(local_user()),
				intval(TERM_SAVEDSEARCH),
				dbesc($search)
			);
		}

		$a->page['aside'] .= search_saved_searches();

	}
	else {
		unset($_SESSION['theme']);
		unset($_SESSION['mobile_theme']);
	}


}


function search_post(&$a) {
	if(x($_POST,'search'))
		$a->data['search'] = $_POST['search'];
}


function search_content(&$a,$update = 0, $load = false) {

	if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
		notice( t('Public access denied.') . EOL);
		return;
	}

	nav_set_selected('search');

	require_once("include/bbcode.php");
	require_once('include/security.php');
	require_once('include/conversation.php');
	require_once('include/items.php');


	$observer = $a->get_observer();

	$o = '<div id="live-search"></div>' . "\r\n";

	$o .= '<h3>' . t('Search') . '</h3>';

	if(x($a->data,'search'))
		$search = trim($a->data['search']);
	else
		$search = ((x($_GET,'search')) ? trim(rawurldecode($_GET['search'])) : '');

	$tag = false;
	if(x($_GET,'tag')) {
		$tag = true;
		$search = ((x($_GET,'tag')) ? trim(rawurldecode($_GET['tag'])) : '');
	}

	$o .= search($search,'search-box','/search',((local_user()) ? true : false));

	if(strpos($search,'#') === 0) {
		$tag = true;
		$search = substr($search,1);
	}
	if(strpos($search,'@') === 0) {
		$search = substr($search,1);
		goaway(z_root() . '/directory' . '?f=1&search=' . $search);
	}

	// look for a naked webbie
	if(strpos($search,'@') !== false) {
		goaway(z_root() . '/directory' . '?f=1&search=' . $search);
	}

	if(! $search)
		return $o;

	if($tag) {
		$sql_extra = sprintf(" AND `item`.`id` IN (select `oid` from term where otype = %d and type = %d and term = '%s') ",
			intval(TERM_OBJ_POST),
			intval(TERM_HASHTAG),
			dbesc(protect_sprintf($search))
		);
	}
	else {
		if (get_config('system','use_fulltext_engine'))
			$sql_extra = sprintf(" AND MATCH (`item`.`body`) AGAINST ('".'"%s"'."' in boolean mode) ", dbesc(protect_sprintf($search)));
		else
			$sql_extra = sprintf(" AND `item`.`body` REGEXP '%s' ", dbesc(protect_sprintf(preg_quote($search))));
	}

	// Here is the way permissions work in the search module...
	// Only public posts can be shown
	// OR your own posts if you are a logged in member
	// No items will be shown if the member has a blocked profile wall. 


	if((! $update) && (! $load)) {

		// This is ugly, but we can't pass the profile_uid through the session to the ajax updater,
		// because browser prefetching might change it on us. We have to deliver it with the page.

		$o .= '<div id="live-search"></div>' . "\r\n";
		$o .= "<script> var profile_uid = " . ((intval(local_user())) ? local_user() : (-1))
			. "; var netargs = '?f='; var profile_page = " . $a->pager['page'] . "; </script>\r\n";

		$a->page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array(
			'$baseurl' => z_root(),
			'$pgtype' => 'search',
			'$uid' => (($a->profile['profile_uid']) ? $a->profile['profile_uid'] : '0'),
			'$gid' => '0',
			'$cid' => '0',
			'$cmin' => '0',
			'$cmax' => '0',
			'$star' => '0',
			'$liked' => '0',
			'$conv' => '0',
			'$spam' => '0',
			'$nouveau' => '0',
			'$wall' => '0',
			'$page' => (($a->pager['page'] != 1) ? $a->pager['page'] : 1),
			'$search' => (($tag) ? urlencode('#') : '') . $search,
			'$order' => '',
			'$file' => '',
			'$cats' => '',
			'$mid' => '',
			'$dend' => '',
			'$dbegin' => ''
		));


	}

	$pub_sql = public_permissions_sql(get_observer_hash());

	if(($update) && ($load)) {
		$itemspage = get_pconfig(local_user(),'system','itemspage');
		$a->set_pager_itemspage(((intval($itemspage)) ? $itemspage : 20));
		$pager_sql = sprintf(" LIMIT %d, %d ",intval($a->pager['start']), intval($a->pager['itemspage']));

		if($load) {
			$r = null;

			if(local_user()) {
				$r = q("SELECT distinct mid, item.id as item_id, item.* from item
					WHERE item_restrict = 0
					AND (( `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' AND `item`.`deny_cid`  = '' AND `item`.`deny_gid`  = '' AND item_private = 0 ) 
					OR ( `item`.`uid` = %d ))
					$sql_extra
					group by mid ORDER BY created DESC $pager_sql ",
					intval(local_user()),
					intval(ABOOK_FLAG_BLOCKED)

				);
			}
			if($r === null) {
               $r = q("SELECT distinct mid, item.id as item_id, item.* from item
                    WHERE item_restrict = 0
                    AND ((( `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' AND `item`.`deny_cid`  = ''
                    AND `item`.`deny_gid`  = '' AND item_private = 0 )
                    and owner_xchan in ( " . stream_perms_xchans(($observer) ? PERMS_NETWORK : PERMS_PUBLIC) . " ))
					$pub_sql )
                    $sql_extra 
                    group by mid ORDER BY created DESC $pager_sql"
                );
			}
		}
		else {
			$r = array();
		}
	}

	if($r) {

//		$parents_str = ids_to_querystr($r,'item_id');

//		$items = q("SELECT `item`.*, `item`.`id` AS `item_id` 
//			FROM `item`
//			WHERE item_restrict = 0 
//			$sql_extra and parent in ( $parents_str ) "
//		);

		xchan_query($r);
		$items = fetch_post_tags($r,true);
//		$items = conv_sort($items,'created');

	} else {
		$items = array();
	}

//logger('mod_search: items ' . count($items));

//	$r = q("SELECT distinct(`item`.`mid`), `item`.*, `item`.`id` AS `item_id`, 
//		`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`,
//		`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`, 
//		`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`,
//		`user`.`nickname`
//		FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
//		LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`
//		WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
//		AND (( `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' AND `item`.`deny_cid`  = '' AND `item`.`deny_gid`  = '' AND `item`.`private` = 0 AND `user`.`hidewall` = 0 ) 
//			OR `item`.`uid` = %d )
//		AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
//		$sql_extra
//		group by `item`.`mid`	
//		ORDER BY `received` DESC LIMIT %d , %d ",
//		intval(local_user()),
//		intval($a->pager['start']),
//		intval($a->pager['itemspage'])

//	);


//	$a = fetch_post_tags($a,true);

//	if(! $items) {//
//		info( t('No results.') . EOL);
//		return $o;
//	}


	if($tag) 
		$o .= '<h2>Items tagged with: ' . htmlspecialchars($search) . '</h2>';
	else
		$o .= '<h2>Search results for: ' . htmlspecialchars($search) . '</h2>';

	$o .= conversation($a,$items,'search',$update,'client');

//	$o .= alt_pager($a,count($r));

	return $o;
}