Файл: search/index.php
Строк: 77
<?
require_once("../connect.php");
$title = $title . ' :: Поиск';
$location = 'Ищет файлы';
if (!$u['id']) {
header("Location: /reg.php?err=1");
exit;
}
require('../head.php');
error_reporting(0);
$search=NULL;
if (isset($_SESSION['search']))$search=$_SESSION['search'];
if (isset($_POST['search']))$search=$_POST['search'];
$_SESSION['search']=$search;
$search=preg_replace("#( ){2,}#"," ",$search);
$search=preg_replace("#^( ){1,}|( ){1,}$#","",$search);
if (ereg("{|}|^|%|\$|#|@|!|~|'|"|`|<|>",$search))$err='В тексте присутствуют запрещенные символы';
if (strlen2($search)<3)$err='Нужно ввести более 3 букв';
if (strlen2($search)>30)$err='Нужно ввести менее 30 букв';
if (!isset($err))
{
if (isset($_GET['go']) && $search!=NULL)
{
$search_a=explode(' ', $search);
for($i=0;$i<count($search_a);$i++)
{
$search_a2[$i]='<span class="search_c">'.stripcslashes(htmlspecialchars($search_a[$i])).'</span>';
$search_a[$i]=stripcslashes(htmlspecialchars($search_a[$i]));
}
$q_search=str_replace('%','',$search);
$q_search=str_replace(' ','%',$q_search);
$k_post_users=mysql_result(mysql_query("SELECT COUNT(*) FROM `users` WHERE `login` like '%".mysql_escape_string($q_search)."%' "),0);
/*$k_post_forum=mysql_result(mysql_query("SELECT COUNT(*) FROM `forumlal` WHERE `msg` like '%".mysql_escape_string($q_search)."%'"),0);
$k_post_foto=mysql_result(mysql_query("SELECT COUNT(*) FROM `other` WHERE `name` like '%".mysql_escape_string($q_search)."%'"),0);
$k_post_img=mysql_result(mysql_query("SELECT COUNT(*) FROM `obmennik_files` WHERE `opis` like '%".mysql_escape_string($q_search)."%' AND `type` like '%".mysql_escape_string(image)."%'"),0);
$k_post_video=mysql_result(mysql_query("SELECT COUNT(*) FROM `obmennik_files` WHERE `opis` like '%".mysql_escape_string($q_search)."%' AND `type` like '%".mysql_escape_string(video)."%'"),0);
$k_post_java=mysql_result(mysql_query("SELECT COUNT(*) FROM `obmennik_files` WHERE `opis` like '%".mysql_escape_string($q_search)."%' AND `type` like '%".mysql_escape_string(application)."%'"),0);
$k_post_mp3=mysql_result(mysql_query("SELECT COUNT(*) FROM `obmennik_files` WHERE `opis` like '%".mysql_escape_string($q_search)."%' AND `type` like '%".mysql_escape_string(audio)."%'"),0);*/
$k_post_all=($k_post_users+$k_post_forum+$k_post_foto+$k_post_img+$k_post_video+$k_post_mp3+$k_post_java);
echo "<div class='err'>Вы искали: $search Найдено $k_post_all </div>";
include_once 'inc/users.php';
if ($sea_set['forum']==1)include_once 'inc/forum.php';
if ($sea_set['foto']==1)include_once 'inc/foto.php';
if ($sea_set['img']==1)include_once 'inc/img.php';
if ($sea_set['video']==1)include_once 'inc/video.php';
if ($sea_set['java']==1)include_once 'inc/java.php';
if ($sea_set['muz']==1)include_once 'inc/mp3.php';
}
echo"<div class='div'>";
echo " Поиск";
echo "<form method="post" action="?go" class="search">n";
$search=stripcslashes(htmlspecialchars($search));
echo "<input type="text" name="search" maxlength="64" value="$search" />n";
echo "<input type="submit" value="Искать" />n";
echo "</form>n";
echo'</div>';
}
else
{
echo"<div class='menu123'>$err</div>";
echo"<div class='main123'>";
echo " Поиск";
echo "<form method="post" action="?go" class="search">n";
$search=stripcslashes(htmlspecialchars($search));
echo "<input type="text" name="search" value="$search" maxlength="64" />n";
echo "<input type="submit" value="Искать" />n";
echo "</form>n";
echo'</div>';
}
echo "<div class='menu123'><a href='adm.php'>Админка поиска</a><br /></div>n";
require('../foot.php');
?>