Файл: soo/forum/search.php
Строк: 87
<?
require'../../config.php';
$align='left';
$title='Поиск по Форуму';
aut();
head();
$soo=trim($_GET['soo']);
$comm = mysql_fetch_array(mysql_query('SELECT * FROM `community_comm` WHERE `id` = '.$soo.' LIMIT 1'));
$uchas = mysql_result(mysql_query("SELECT COUNT(uid) FROM `community_user_incomm` where `uid` = '$user[id]' AND `activate` = 1 AND `cid` = '$soo'"),0);
if($comm['status']==2 or $comm['status']==1 && $uchas){
$soo=trim($_GET['soo']);
$comm = mysql_fetch_array(mysql_query('SELECT * FROM `community_comm` WHERE `id` = '.$soo.' LIMIT 1'));
$admin = mysql_fetch_array(mysql_query("SELECT * FROM `community_user_incomm` WHERE `cid` = '$soo' AND `uid` = '".$user['id']."'"));
if(!isset($user)){
echo '<div class="err">Гостям вход запрещён.</div>';
}else if($soo==0 || $soo<0){
echo '<div class="err">Иди нахуй! Хакер недоношеный!</div>';
}else if($soo!=$comm['id']){
echo '<div class="err">Сообщество не найдено.</div>';
}else if(mysql_result(mysql_query("SELECT COUNT(*) FROM `comm_ban` WHERE `id_user` = '$user[id]' AND `id_comm` = '$soo' AND `time` > '$time'"), 0)!=0){
header('Location: ban.php?id='.$soo);
}else{
if (isset($_POST['search']))$db->sql_query("Insert into comm_forum_s WHERE comm_id = '$soo' set search='".check($_POST['search'])."',time='".$time."'"); // запись в бд, для вывода последних запросов
//$search=NULL;
if (isset($_SESSION['search']))$search=$_SESSION['search'];
if (isset($_POST['search']))$search=$_POST['search'];
$_SESSION['search']=$search;
if (isset($_SESSION['sear']))$sear=$_SESSION['sear'];
if (isset($_POST['sear']))$sear=$_POST['sear'];
$_SESSION['sear']=$sear;
$search=ereg_replace("( ){2,}"," ",$search);
$search=ereg_replace("^( ){1,}|( ){1,}$","",$search);
if (isset($_GET['go']) && $search!='')
{
$search_a=explode(' ', $search);
for($i=0;$i<count($search_a);$i++)
{
$search_a[$i]='#'.preg_quote(esc(trim(stripcslashes(htmlspecialchars($search_a[$i]))))).'#uim';
}
if (empty($user['max'])) $user['max']=10;
$max = $user['max'];
$q_search=str_replace('%','',$search);
$q_search=str_replace(' ','%',$q_search);
if ($sear==0){ // поиск в сообщениях
$k_post=$db->sql_fetchfield($db->sql_query("SELECT COUNT(*) FROM `comm_forum_msg` WHERE comm_id = '$soo' and `msg` like '%".mysql_escape_string($q_search)."%'"),0);
$k_page=k_page($k_post,$max);
$page=page($k_page);
$start=$max*$page-$max;
if ($k_post==0)
{
echo "<b>По вашему запросу ничего не найдено</b>n";
}
$q=$db->sql_query("SELECT * FROM `comm_forum_msg` WHERE comm_id = '$soo' and `msg` like '%".mysql_escape_string($q_search)."%' ORDER BY `id` DESC LIMIT $start, ".$max."");
}else { // в темах
$k_post=$db->sql_fetchfield($db->sql_query("SELECT COUNT(*) FROM `forum_t` WHERE comm_id = '$soo' and `name` like '%".mysql_escape_string($q_search)."%'"),0);
$k_page=k_page($k_post,$max);
$page=page($k_page);
$start=$max*$page-$max;
if ($k_post==0)
{
echo "<b>По вашему запросу ничего не найдено</b>n";
}
$q=$db->sql_query("SELECT * FROM `comm_forum_t` WHERE comm_id = '$soo' and `name` like '%".mysql_escape_string($q_search)."%' ORDER BY `id` DESC LIMIT $start, ".$max."");
}
while ($post = $db->sql_fetchrow($q))
{
$forum=$db->sql_fetchrow($db->sql_query("SELECT * FROM `comm_forum_f` WHERE comm_id = '$soo' and `id` = '$post[f_id]' LIMIT 1"));
$razdel=$db->sql_fetchrow($db->sql_query("SELECT * FROM `comm_forum_r` WHERE comm_id = '$soo' and `id` = '$post[r_id]' LIMIT 1"));
if ($sear==0)$them=$db->sql_fetchrow($db->sql_query("SELECT * FROM `comm_forum_t` WHERE comm_id = '$soo' and `id` = '$post[t_id]' LIMIT 1"));
else $them=$db->sql_fetchrow($db->sql_query("SELECT * FROM `comm_forum_t` WHERE comm_id = '$soo' and `id` = '$post[id]' LIMIT 1"));
$ank=$db->sql_fetchrow($db->sql_query("SELECT * FROM `users` WHERE `id` = $post[login] LIMIT 1"));
if($num==1){
$num=0;
}else{
$num=1;}
if ($sear==0){
echo links;
echo '<a href="'.H.user_inf($post['user_id']).'">'.user($post['user_id']).'</a> ('.times($post['time']).')';
echo div;
echo "<a href='razdel_".$post['f_id']."?soo=".$soo."'>$forum[name]</a> > <a href='temes_".$post['r_id']."'>$razdel[name]</a> > <a href='tema_".$post['t_id']."'>$them[name]</a><br />n";
echo esc(preg_replace($search_a, '<span class="search_cit">\0</span>', trim(bbcode(stripcslashes(htmlspecialchars($post['msg']))))))."<br />";
}else{
echo links;
echo "<a href='tema_".$post['id']."?soo=".$soo."'>$post[name]</a> <a href='tema_".$post['id']."_end?soo=".$soo."'>(".$db->sql_fetchfield($db->sql_query("SELECT COUNT(*) FROM `comm_forum_msg` WHERE comm_id = '$soo' and `f_id` = '$forum[id]' AND `r_id` = '$razdel[id]' AND `t_id` = '$post[id]'"),0).")</a>";
echo div;
echo "<a href='razdel_".$post['f_id']."?soo=".$soo."'>$forum[name]</a> > <a href='temes_".$post['r_id']."?soo=".$soo."'>$razdel[name]</a><br />n";;
echo 'Автор: <a href="'.H.user_inf($post['user_id']).'">'.user($post['user_id']).'</a><br />';
$files=$db->sql_fetchfield($db->sql_query("select COUNT(*) from `comm_forum_msg` WHERE comm_id = '$soo' and t_id = '$post[id]' and file != '';"),0);
if ($files>0)echo 'Вложений: <a href="files_'.$post[id].'">'.$files.'</a><br />';
$post = @$db->sql_fetchrow($db->sql_query("select * from `comm_forum_msg` WHERE comm_id = '$soo' and t_id = '".$post['id']."' order by time desc limit 1;"));
echo 'Сообщение: <a href="'.H.user_inf($post['user_id']).'">'.user($post['user_id']).'</a>';
echo '('.times($post['time']).')<br />';
}
}
if ($k_page>1)str("search?go&soo=".$soo."&",$k_page,$page); // Вывод страниц
}
else
echo "Введите текст, который Вы хотите найти<br />n";
echo "<br /><form method="post" action="search?go=1&soo=".$soo."">n";
$search=stripcslashes(htmlspecialchars(esc($search)));
echo "<input type="text" name="search" maxlength="64" value="$search" /><br />n";
if ($ver!='wml'){
echo "Поиск в:<br/>";
if ($sear==1){
echo "<input type="radio" name="sear" value="1"checked />Темах <input type="radio" name="sear" value="0"/>Сообщениях<br />";
}else{
echo "<input type="radio" name="sear" value="1"/>Темах <input type="radio" name="sear" value="0" checked/>Сообщениях<br />";
}
}else{
echo'Поиск в:<br />';
if ($sear==1){
echo'<select name="sear"><option value="1">Темах</option>';
echo'<option value="0">Сообщениях</option>';
echo'</select><br />';
} else {
echo'<select name="sear"><option value="0">Темах</option>';
echo'<option value="1">Сообщениях</option>';
echo'</select><br />';}
}
echo "<br /><input class="ibutton" type="submit" value="Поиск" />n";
echo "</form>n";
echo '<hr /><b>Последние запросы:</b><br/>';
$s=$db->sql_query("SELECT * FROM `comm_forum_s` where comm_id = '$soo' ORDER BY `time` DESC LIMIT 0, 5");
while ($se = $db->sql_fetchrow($s))
{
echo $se['search']."<br />";
if (($se['time']+(3600*24))<$time) $db->sql_query( "delete from comm_forum_s where comm_id = '$soo' and id='".$se['id']."';"); // удаение записей старше 24 часов
}
/*if ($k_page>1){
echo '<br /><dl><dt></dt></dl>';
str("?",$k_page,$page); // Вывод страниц
echo '<br /><dl><dt></dt></dl>';
}*/
echo '<br />';
echo gb.'<a href="./?soo='.$soo.'">Форум</a>'.div;
}}
foot ();
?>