Файл: vsime.com/search/inc/act_diaries.php
Строк: 64
<?
$title .= ' - Поиск записей';
ex_head();
$query = NULL;
if (isset($_GET['query']))$query = esc(stripcslashes(hsc(search_str($_GET['query']))));
if (isset($_POST['query']))$query = esc(stripcslashes(hsc(search_str($_POST['query']))));
if (trim($query)) {
$where = array();
$query_db = mysqli_query($dbi, "SELECT * FROM `diary` WHERE `sk` = '0' AND (`name` LIKE '%".my_esc($query)."%' OR `text` LIKE '%".my_esc($query)."%')");
while ($post = mysqli_fetch_array($query_db)) {
if(($post['access']=='all' || $post['access']=='friends' && is_friend($post['id_user'], $user['id']) || $post['access']=='pass' || $post['access']=='auth' && isset($user)) || isset($moderate_diary))$where[] = $post['id'];
}
if (!count($where)) {
list_empty("Поиск не дал результатов");
} else {
$where = implode("' OR `id` = '", $where);
$count_results = mysqli_result("SELECT COUNT(*) FROM `diary` WHERE `sk` = '0' AND (`name` LIKE '%".my_esc($query)."%' OR `text` LIKE '%".my_esc($query)."%') AND (`id` = '$where')");
$count_pages = navi :: count_pages($count_results);
$page = navi :: page();
$start = navi :: start_pages();
$query_db = mysqli_query($dbi, "SELECT * FROM `diary` WHERE `sk` = '0' AND (`name` LIKE '%".my_esc($query)."%' OR `text` LIKE '%".my_esc($query)."%') AND (`id` = '$where') ORDER BY `id` DESC LIMIT $start, $config[rop]");
while ($post = mysqli_fetch_array($query_db)) {
$ank = profile($post['id_user']);
$count_komms = mysqli_result("SELECT COUNT(*) FROM `diary_komm` WHERE `id_diary` = '$post[id]'");
echo "<div class='list'>n";
echo "<div class='left'>n";
show_avatar($ank['id'], 'small');
echo "</div>n";
echo "<div class='overfl_hid'>n";
echo "<span class='grey right'>".vremja($post['time'])."</span>n";
echo profile_icon($ank['id']).profile_nick($ank['id'], 1).profile_medal($ank['id'])."<br />n";
echo "<a href='/diary/?act=diary&id=$post[id]'>".($post['name']!=NULL?hsc($post['name']):hsc(str_cut($post['text'], 5, 50)))."</a>n";
echo hsc(str_cut($post['text'], 20, 200))."".(hsc(str_cut($post['text'], 20, 200))!=$post['text']?" <a href='/diary/?act=diary&id=$post[id]&'>подробнее ></a>":null)."<br/>n";
echo "<a href='/diary/?act=diary&id=$post[id]#komms'>Обсудить".($count_komms!=0?" ($count_komms)":null)."</a><br/>n";
echo "</div>n";
echo "<div class='clear'></div>n";
echo "</div>n";
}
navi :: pages_show("?act=diaries&query=$query&"); // Вывод страниц
}
} else {
$show_word = true;
}
echo "<div class=list><form method='POST' action='?act=diaries'>n";
if (isset($show_word))echo "Что будем искать?<br />n";
else {
echo "<b>Поиск:</b> «".($query)."»<br />";
}
echo "<input type='text' style='width: 65%; margin: 0px; padding: 4px 0px; vertical-align: middle;line-height: 100%;border: 1px solid #ccc;' name='query' value='' />n";
echo "<input type='submit' name='submited' style='line-height: 19px; margin-top: 0;' value='Найти'/>n";
echo "</div>n";
echo "</form>n";
echo "<div class='foot'>n";
echo image_back()."<a href='?query=$query'>Назад</a>n";
echo "</div>n";
ex_foot();
?>