Файл: vsime.com/diary/inc/act_search.php
Строк: 87
<?
$links_hist['name'] = "Дневники / Поиск";
$title .= ' - Поиск'; // заголовок страницы
ex_head();
if(isset($_GET['rating']))$rating=1;
$search_diary = NULL;
$search_diary=NULL;
if (isset($_POST['search_diary']))$search_diary = $_POST['search_diary'];
if (isset($_GET['text']))$search_diary = $_GET['text'];
$_SESSION['search_diary'] = $search_diary;
$search_diary_array = search_str($search_diary);
$search_diary = $search_diary_array[0];
$query_search = $search_diary_array[1];
echo "<div class='grand_h'>n";
echo "<table>n";
echo "<td>".(isset($rating)?"<a href='?act=search&text=$search_diary".(isset($_GET['tag'])?"&tag":NULL)."'>":NULL)."<span class='block_l'>Новые</span>".(isset($rating)?"</a>":NULL)."</td><td>".(!isset($rating)?"<a href='?act=search&text=$search_diary".(isset($_GET['tag'])?"&tag":NULL)."&rating'>":NULL)."<span class='block_l'>Популярные</span>".(!isset($rating)?"</a>":NULL)."</td>n";
echo "</table>n";
echo "</div>n";
$where = array();
$query=mysqli_query($dbi, "SELECT * FROM `diary` WHERE `sk` = '0' AND ".(!isset($_GET['tag'])?"(`name` LIKE '%".my_esc($query_search)."%' OR `text` LIKE '%".my_esc($query_search)."%')":"`tags` LIKE '%".my_esc($query_search)."%'")."");
while ($post = mysqli_fetch_array($query))
{
if(($post['access']=='all' || $post['access']=='friends' && is_friend($ank['id'], $user['id']) || $post['access']=='pass' || $post['access']=='auth' && isset($user)) || isset($moderate_diary))$where[] = $post['id'];
}
if (!count($where))
{
echo "<div class='list_empty'>Ничего не найдено!</div>n";
} elseif ($query_search != NULL) {
$where = implode("' OR `id` = '", $where);
$count_results = mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `diary` WHERE `sk` = '0' AND ".(!isset($_GET['tag'])?"(`name` LIKE '%".my_esc($query_search)."%' OR `text` LIKE '%".my_esc($query_search)."%')":"`tags` LIKE '%".my_esc($query_search)."%'")." AND (`id` = '$where')"));
$count_pages = count_pages($count_results);
$page = page();
$start = start_pages();
$query=mysqli_query($dbi, "SELECT * FROM `diary` WHERE `sk` = '0' AND ".(!isset($_GET['tag'])?"(`name` LIKE '%".my_esc($query_search)."%' OR `text` LIKE '%".my_esc($query_search)."%')":"`tags` LIKE '%".my_esc($query_search)."%'")." AND (`id` = '$where') ORDER BY `".(isset($rating)?'rating` DESC, `time':'time')."` DESC LIMIT $start, $config[rop]");
while ($post = mysqli_fetch_array($query))
{
$ank=profile($post['id_user']);
$count_komms = mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `diary_komm` WHERE `id_diary` = '$post[id]'"));
echo "<div class='list'>n";
echo "<div class='left'>n";
show_avatar($ank['id'], 'small');
echo "</div>n";
echo "<div class='overfl_hid'>n";
if (isset($rating))echo "<span class='right'><img src='/i/site/star.png'/> $post[rating]</span>n";
echo profile_icon($ank['id']).profile_nick($ank['id'], 1).profile_medal($ank['id'])."<br />n";
echo "<a href='/diary/?act=diary&id=$post[id]'>".($post['name']!=NULL?hsc($post['name']):hsc(str_cut($post['text'], 5, 50)))."</a>n";
echo "<span class='grey right'>".vremja($post['time'])."</span><br/>n";
echo hsc(str_cut($post['text'], 20, 200))."".(hsc(str_cut($post['text'], 20, 200))!=$post['text']?" <a href='/diary/?act=diary&id=$post[id]&'>подробнее →</a>":null)."<br/>n";
echo "<a href='/diary/?act=diary&id=$post[id]#komms'>Обсудить".($count_komms!=0?" ($count_komms)":null)."</a><br/>n";
echo "</div>n";
echo "<div class='clear'></div>n";
echo "</div>n";
}
pages_show("?act=search&text=$search_diary&".(isset($_GET['tag'])?"tag&":NULL)."".(isset($rating)?'rating&':null)); // Вывод страниц
} elseif (isset($_POST['search_diary']))
{
echo "<div class='list_list'>Ничего не найдено!</div>n";
}
echo "<form method='POST' class='search' action='?act=search".(isset($_GET['tag'])?"&tag":NULL)."'>n";
echo "<input type='text' placeholder='Введите пару слов для поиска...' name='search_diary' value='".input_value($search_diary)."' style='width: 80%' /> n";
echo "<input type='submit' value='Поиск' />n";
echo "</form>n";
echo "<div class='foot'>n";
echo image_back()." <a href='/diary'>Дневники</a>n";
echo "</div>n";
ex_foot();
?>