Файл: vsime.com/search/inc/act_topics.php
Строк: 108
<?
$title .= ' - Поиск по форуму';
ex_head();
if(!isset($moderate_forum))$skp = " `sk` = '0' AND";else $skp=NULL;
$case = my_esc(@$_GET['case']);
switch($case):
case 'user':
if (isset($_POST['nick']) && isset($_POST['submited'])) {
$nick = $_POST['nick'];
$nick = search_str($nick);
$nick = $nick[1];
$ank = profile(my_esc($nick));
if($ank['id']) {
header("Location:?act=topics&case=user&user_id=$ank[id]");
exit();
}
else $error[]="Пользователь не найден";
}
if (isset($_GET['user_id'])) {
$ank = profile(intval($_GET['user_id']));
if (!$ank['id']) {
$error[]="Пользователь не найден";
unset($ank);
}
}
echo "<div class='main'>n";
echo "Поиск тем ";
echo (@$ank['id']?profile_icon($ank['id']).profile_nick($ank['id'], 1)." <a href='?act=topics&case=user'>".imgsd('delete_grey.png')."</a>":"конкретного пользователя")."n";
echo "</div>n";
if (@$ank['id']) {
$count_results = mysqli_result("SELECT COUNT(*) FROM `forum` WHERE `id_comm` = '0' AND `type` = 'topic' AND `id_user` = '$ank[id]'");
$count_pages = count_pages($count_results);
$page = page();
$start = start_pages();
if (!$count_results) {
list_empty("Поиск не дал результатов");
}
$query_db = mysqli_query($dbi, "SELECT * FROM `forum` WHERE `id_comm` = '0' AND `type` = 'topic' AND `id_user` = '$ank[id]' ORDER BY `time` DESC LIMIT $start, $config[rop]");
while ($post = mysqli_fetch_array($query_db)) {
$count_komm = mysqli_result("SELECT COUNT(*) FROM `forum_komm` WHERE$skp `id_comm` = '0' AND `id_topic` = '$post[id]'");
echo "<div class='list'>n";
echo "<img src='/i/site/topic".($post['pos']>0?"_up":NULL).".png' /> <a href='/forum/?act=topic&id=$post[id]'>".hsc($post['name'])."</a> ($count_komm)<br />n";
if ($count_komm > 0) {
$last_komm = mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `forum_komm` WHERE$skp `id_comm` = '0' AND `id_topic` = '$post[id]' ORDER BY `time` DESC LIMIT 1"));
$creator_last_komm = profile($last_komm['id_user']);
echo profile_nick($creator_last_komm['id'], 0, 0)." (".vremja($last_komm['time']).")n";
}
echo "</div>n";
}
pages_show("?act=topics&case=user&user_id=$ank[id]&"); // Вывод страниц
}
show_errors();
echo "<form method='POST' action='?act=topics&case=user'>n";
echo "<input type='text' placeholder='Введите ник...' name='nick' value='' style='width: 80%' /> n";
echo "<input type='submit' name='submited' value='Поиск' />n";
echo "</form>n";
echo "<div class='foot'>n";
echo image_back()."<a href='?act=topics'>Назад</a>n";
echo "</div>n";
break;
default:
$query = NULL;
if (isset($_GET['query']))$query = esc(stripcslashes(hsc(search_str($_GET['query']))));
if (isset($_POST['query']))$query = esc(stripcslashes(hsc(search_str($_POST['query']))));
if (trim($query)) {
$count_results = mysqli_result("SELECT COUNT(*) FROM `forum` WHERE (`name` LIKE '%".my_esc($query)."%' OR `msg` LIKE '%".my_esc($query)."%') AND `type` = 'topic' AND `id_comm` = '0'");
$count_pages = navi :: count_pages($count_results);
$page = navi :: page();
$start = navi :: start_pages();
if (!$count_results) {
list_empty("Поиск не дал результатов");
}
$query_db = mysqli_query($dbi, "SELECT * FROM `forum` WHERE (`name` LIKE '%".my_esc($query)."%' OR `msg` LIKE '%".my_esc($query)."%') AND `type` = 'topic' AND `id_comm` = '0' ORDER BY `id` DESC LIMIT $start, $config[rop]");
while ($post = mysqli_fetch_array($query_db)) {
$creator=profile($post['id_user']);
$count_komm = mysqli_result("SELECT COUNT(*) FROM `forum_komm` WHERE$skp `id_comm` = '0' AND `id_topic` = '$post[id]'");
echo "<div class='list'>n";
echo "<img src='/i/site/topic".($post['pos']>0?"_up":NULL).".png' /> <a href='/forum/?act=topic&id=$post[id]'>".hsc($post['name'])."</a> ($count_komm)<br />n";
echo profile_nick($creator['id'], 0, 0)." ";
if ($count_komm > 0) {
$last_komm = mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `forum_komm` WHERE$skp `id_comm` = '0' AND `id_topic` = '$post[id]' ORDER BY `time` DESC LIMIT 1"));
$creator_last_komm = profile($last_komm['id_user']);
echo "/ ".profile_nick($creator_last_komm['id'], 0, 0)." (".vremja($last_komm['time']).")n";
}
echo "</div>n";
}
navi :: pages_show("?act=topics&query=$query&"); // Вывод страниц
} else {
$show_word = true;
}
echo "<div class=list><form method='POST' action='?act=topics'>n";
if (isset($show_word))echo "Что будем искать?<br />n";
else {
echo "<b>Поиск:</b> «".($query)."»<br />";
}
echo "<input type='text' style='width: 65%; margin: 0px; padding: 4px 0px; vertical-align: middle;line-height: 100%;border: 1px solid #ccc;' name='query' value='' />n";
echo "<input type='submit' name='submited' style='line-height: 19px; margin-top: 0;' value='Найти'/>n";
echo "</div>n";
echo "</form>n";
echo "<div class='foot'>n";
echo image_back()."<a href='?query=$query'>Назад</a>n";
echo "</div>n";
break;
endswitch;
ex_foot();
?>