aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--boot.php14
-rw-r--r--mod/network.php21
-rw-r--r--mod/search.php31
-rw-r--r--view/saved_searches_aside.tpl2
4 files changed, 39 insertions, 29 deletions
diff --git a/boot.php b/boot.php
index e50941f8b..55f18432a 100644
--- a/boot.php
+++ b/boot.php
@@ -199,12 +199,14 @@ define ( 'NOTIFY_SYSTEM', 0x8000 );
* Tag/term types
*/
-define ( 'TERM_UNKNOWN', 0 );
-define ( 'TERM_HASHTAG', 1 );
-define ( 'TERM_MENTION', 2 );
-define ( 'TERM_CATEGORY', 3 );
-define ( 'TERM_PCATEGORY', 4 );
-define ( 'TERM_FILE', 5 );
+define ( 'TERM_UNKNOWN', 0 );
+define ( 'TERM_HASHTAG', 1 );
+define ( 'TERM_MENTION', 2 );
+define ( 'TERM_CATEGORY', 3 );
+define ( 'TERM_PCATEGORY', 4 );
+define ( 'TERM_FILE', 5 );
+define ( 'TERM_SAVEDSEARCH', 6 );
+
define ( 'TERM_OBJ_POST', 1 );
define ( 'TERM_OBJ_PHOTO', 2 );
diff --git a/mod/network.php b/mod/network.php
index 21a43f9cb..bb37ea6dc 100644
--- a/mod/network.php
+++ b/mod/network.php
@@ -68,23 +68,26 @@ function network_init(&$a) {
if(! x($a->page,'aside'))
$a->page['aside'] = '';
- $search = ((x($_GET,'search')) ? escape_tags($_GET['search']) : '');
+ $search = ((x($_GET,'search')) ? $_GET['search'] : '');
if(x($_GET,'save')) {
- $r = q("select * from `search` where `uid` = %d and `term` = '%s' limit 1",
+ $r = q("select * from `term` where `uid` = %d and `type` = %d and `term` = '%s' limit 1",
intval(local_user()),
+ intval(TERM_SAVEDSEARCH),
dbesc($search)
);
if(! count($r)) {
- q("insert into `search` ( `uid`,`term` ) values ( %d, '%s') ",
+ q("insert into `term` ( `uid`,`type`,`term` ) values ( %d, %d, '%s') ",
intval(local_user()),
+ intval(TERM_SAVEDSEARCH),
dbesc($search)
);
}
}
if(x($_GET,'remove')) {
- q("delete from `search` where `uid` = %d and `term` = '%s' limit 1",
+ q("delete from `term` where `uid` = %d and `type` = %d and `term` = '%s' limit 1",
intval(local_user()),
+ intval(TERM_SAVEDSEARCH),
dbesc($search)
);
}
@@ -114,7 +117,7 @@ function network_init(&$a) {
// search terms header
if(x($_GET,'search')) {
- $a->page['content'] .= '<h2>' . t('Search Results For:') . ' ' . $search . '</h2>';
+ $a->page['content'] .= '<h2>' . t('Search Results For:') . ' ' . htmlspecialchars($search) . '</h2>';
}
$a->page['aside'] .= group_side('network','network',true,$group_id);
@@ -141,8 +144,9 @@ function saved_searches($search) {
$o = '';
- $r = q("select `id`,`term` from `search` WHERE `uid` = %d",
- intval(local_user())
+ $r = q("select `tid`,`term` from `term` WHERE `uid` = %d and `type` = %d ",
+ intval(local_user()),
+ intval(TERM_SAVEDSEARCH)
);
$saved = array();
@@ -150,8 +154,9 @@ function saved_searches($search) {
if(count($r)) {
foreach($r as $rr) {
$saved[] = array(
- 'id' => $rr['id'],
+ 'id' => $rr['tid'],
'term' => $rr['term'],
+ 'displayterm' => htmlspecialchars($rr['term']),
'encodedterm' => urlencode($rr['term']),
'delete' => t('Remove term'),
'selected' => ($search==$rr['term']),
diff --git a/mod/search.php b/mod/search.php
index ec7e2ec3a..e9e20b227 100644
--- a/mod/search.php
+++ b/mod/search.php
@@ -4,8 +4,9 @@ function search_saved_searches() {
$o = '';
- $r = q("select `id`,`term` from `search` WHERE `uid` = %d",
- intval(local_user())
+ $r = q("select `tid`,`term` from `term` WHERE `uid` = %d and type = %d",
+ intval(local_user()),
+ intval(TERM_SAVEDSEARCH)
);
if(count($r)) {
@@ -13,7 +14,7 @@ function search_saved_searches() {
$o .= '<h3>' . t('Saved Searches') . '</h3>' . "\r\n";
$o .= '<ul id="saved-search-ul">' . "\r\n";
foreach($r as $rr) {
- $o .= '<li class="saved-search-li clear"><a href="search/?f=&remove=1&search=' . $rr['term'] . '" class="icon drophide savedsearchdrop" title="' . t('Remove term') . '" onclick="return confirmDelete();" onmouseover="imgbright(this);" onmouseout="imgdull(this);" ></a> <a href="search/?f=&search=' . $rr['term'] . '" class="savedsearchterm" >' . $rr['term'] . '</a></li>' . "\r\n";
+ $o .= '<li class="saved-search-li clear"><a href="search/?f=&remove=1&search=' . $rr['term'] . '" class="icon drophide savedsearchdrop" title="' . t('Remove term') . '" onclick="return confirmDelete();" onmouseover="imgbright(this);" onmouseout="imgdull(this);" ></a> <a href="search/?f=&search=' . $rr['term'] . '" class="savedsearchterm" >' . htmlspecialchars($rr['term']) . '</a></li>' . "\r\n";
}
$o .= '</ul><div class="clear"></div></div>' . "\r\n";
}
@@ -25,24 +26,27 @@ function search_saved_searches() {
function search_init(&$a) {
- $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : '');
+ $search = ((x($_GET,'search')) ? trim(rawurldecode($_GET['search'])) : '');
if(local_user()) {
if(x($_GET,'save') && $search) {
- $r = q("select * from `search` where `uid` = %d and `term` = '%s' limit 1",
+ $r = q("select `tid` from `term` where `uid` = %d and `type` = %d and `term` = '%s' limit 1",
intval(local_user()),
+ intval(TERM_SAVEDSEARCH),
dbesc($search)
);
if(! count($r)) {
- q("insert into `search` ( `uid`,`term` ) values ( %d, '%s') ",
+ q("insert into `term` ( `uid`,`type`,`term` ) values ( %d, %d, '%s') ",
intval(local_user()),
+ intval(TERM_SAVEDSEARCH),
dbesc($search)
);
}
}
if(x($_GET,'remove') && $search) {
- q("delete from `search` where `uid` = %d and `term` = '%s' limit 1",
+ q("delete from `term` where `uid` = %d and `type` = %d and `term` = '%s' limit 1",
intval(local_user()),
+ intval(TERM_SAVEDSEARCH),
dbesc($search)
);
}
@@ -83,17 +87,16 @@ function search_content(&$a) {
$o .= '<h3>' . t('Search') . '</h3>';
if(x($a->data,'search'))
- $search = notags(trim($a->data['search']));
+ $search = trim($a->data['search']);
else
- $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : '');
+ $search = ((x($_GET,'search')) ? trim(rawurldecode($_GET['search'])) : '');
$tag = false;
if(x($_GET,'tag')) {
$tag = true;
- $search = ((x($_GET,'tag')) ? notags(trim(rawurldecode($_GET['tag']))) : '');
+ $search = ((x($_GET,'tag')) ? trim(rawurldecode($_GET['tag'])) : '');
}
-
$o .= search($search,'search-box','/search',((local_user()) ? true : false));
if(strpos($search,'#') === 0) {
@@ -165,12 +168,12 @@ function search_content(&$a) {
);
-
+ $a = fetch_post_tags($a);
if($tag)
- $o .= '<h2>Items tagged with: ' . $search . '</h2>';
+ $o .= '<h2>Items tagged with: ' . htmlspecialchars($search) . '</h2>';
else
- $o .= '<h2>Search results for: ' . $search . '</h2>';
+ $o .= '<h2>Search results for: ' . htmlspecialchars($search) . '</h2>';
$o .= conversation($a,$r,'search',false);
diff --git a/view/saved_searches_aside.tpl b/view/saved_searches_aside.tpl
index e6a0d6278..a204c48ff 100644
--- a/view/saved_searches_aside.tpl
+++ b/view/saved_searches_aside.tpl
@@ -6,7 +6,7 @@
{{ for $saved as $search }}
<li class="saved-search-li clear">
<a title="$search.delete" onclick="return confirmDelete();" id="drop-saved-search-term-$search.id" class="iconspacer savedsearchdrop " href="network/?f=&amp;remove=1&amp;search=$search.encodedterm"></a>
- <a id="saved-search-term-$search.id" class="savedsearchterm" href="network/?f=&amp;search=$search.encodedterm">$search.term</a>
+ <a id="saved-search-term-$search.id" class="savedsearchterm" href="network/?f=&amp;search=$search.encodedterm">$search.displayterm</a>
</li>
{{ endfor }}
</ul>