PC World 2005 April

home *** CD-ROM | disk | FTP | other *** search

/ PC World 2005 April / PCWorld_2005-04_cd.bin / akce / web / phpnuke / PHP-Nuke-7.5.exe / html / modules / Search / index.php

Wrap

PHP Script | 2004-08-21 | 23KB | 471 lines

<?php /************************************************************************/ /* PHP-NUKE: Web Portal System */ /* =========================== */ /* */ /* Copyright (c) 2002 by Francisco Burzi */ /* http://phpnuke.org */ /* */ /* This program is free software. You can redistribute it and/or modify */ /* it under the terms of the GNU General Public License as published by */ /* the Free Software Foundation; either version 2 of the License. */ /************************************************************************/ /* Additional security & Abstraction layer conversion */ /* 2003 chatserv */ /* http://www.nukefixes.com -- http://www.nukeresources.com */ /************************************************************************/ if (!eregi("modules.php", $_SERVER['PHP_SELF'])) { die ("You can't access this file directly..."); } require_once("mainfile.php"); $module_name = basename(dirname(__FILE__)); get_lang($module_name); global $admin, $prefix, $db, $module_name, $articlecomm, $multilingual; if ($multilingual == 1) { $queryalang = "AND (s.alanguage='$currentlang' OR s.alanguage='')"; /* stories */ $queryrlang = "AND rlanguage='$currentlang' "; /* reviews */ } else { $queryalang = ""; $queryrlang = ""; $queryslang = ""; } switch($op) { case "comments": break; default: $ThemeSel = get_theme(); $offset=10; if (!isset($min)) $min=0; if (!isset($max)) $max=$min+$offset; $query = stripslashes(check_html($query, nohtml)); $pagetitle = "- "._SEARCH.""; include("header.php"); $topic = intval($topic); if ($topic>0) { $row = $db->sql_fetchrow($db->sql_query("SELECT topicimage, topictext from ".$prefix."_topics where topicid='$topic'")); $topicimage = stripslashes($row['topicimage']); $topictext = stripslashes(check_html($row['topictext'], "nohtml")); if (file_exists("themes/$ThemeSel/images/topics/$topicimage")) { $topicimage = "themes/$ThemeSel/images/topics/$topicimage"; } else { $topicimage = "$tipath/$topicimage"; } } else { $topictext = ""._ALLTOPICS.""; if (file_exists("themes/$ThemeSel/images/topics/AllTopics.gif")) { $topicimage = "themes/$ThemeSel/images/topics/AllTopics.gif"; } else { $topicimage = "$tipath/AllTopics.gif"; } } if (file_exists("themes/$ThemeSel/images/topics/AllTopics.gif")) { $alltop = "themes/$ThemeSel/images/topics/AllTopics.gif"; } else { $alltop = "$tipath/AllTopics.gif"; } OpenTable(); if ($type == "users") { echo "<center>"._SEARCHUSERS."</center> "; } elseif ($type == "reviews") { echo "<center>"._SEARCHREVIEWS."</center> "; } elseif ($type == "comments" AND isset($sid)) { $res = $db->sql_query("select title from ".$prefix."_stories where sid='$sid'"); list($st_title) = $db->sql_fetchrow($res); $st_title = stripslashes(check_html($st_title, "nohtml")); $instory = "AND sid='$sid'"; echo "<center>"._SEARCHINSTORY." $st_title</center> "; } else { echo "<center>"._SEARCHIN." $topictext</center> "; } echo "<table width=\"100%\" border=\"0\"><TR><TD>"; if (($type == "users") OR ($type == "reviews")) { echo "<img src=\"$alltop\" align=\"right\" border=\"0\" alt=\"\">"; } else { echo "<img src=\"$topicimage\" align=\"right\" border=\"0\" alt=\"$topictext\">"; } echo "<form action=\"modules.php?name=$module_name\" method=\"POST\">" ."<input size=\"25\" type=\"text\" name=\"query\" value=\"$query\"> " ."<input type=\"submit\" value=\""._SEARCH."\"> "; if (isset($sid)) { echo "<input type='hidden' name='sid' value='$sid'>"; } echo ""; $toplist = $db->sql_query("SELECT topicid, topictext from ".$prefix."_topics order by topictext"); echo "<select name=\"topic\">"; echo "<option value=\"\">"._ALLTOPICS."</option>\n"; while($row2 = $db->sql_fetchrow($toplist)) { $topicid = intval($row2['topicid']); $topics = stripslashes(check_html($row2['topictext'], "nohtml")); if ($topicid==$topic) { $sel = "selected "; } echo "<option $sel value=\"$topicid\">$topics</option>\n"; $sel = ""; } echo "</select>"; /* Category Selection */ $category = intval($category); echo " <select name=\"category\">"; echo "<option value=\"0\">"._ARTICLES."</option>\n"; $result3 = $db->sql_query("SELECT catid, title from ".$prefix."_stories_cat order by title"); while ($row3 = $db->sql_fetchrow($result3)) { $catid = intval($row3['catid']); $title = stripslashes(check_html($row3['title'], "nohtml")); if ($catid==$category) { $sel = "selected "; } echo "<option $sel value=\"$catid\">$title</option>\n"; $sel = ""; } echo "</select>"; /* Authors Selection */ $thing = $db->sql_query("SELECT aid from ".$prefix."_authors order by aid"); echo " <select name=\"author\">"; echo "<option value=\"\">"._ALLAUTHORS."</option>\n"; while($row4 = $db->sql_fetchrow($thing)) { $authors = stripslashes($row4['aid']); if ($authors==$author) { $sel = "selected "; } echo "<option value=\"$authors\">$authors</option>\n"; $sel = ""; } echo "</select>"; /* Date Selection */ ?> <select name="days"> <option <?php echo $days == 0 ? "selected " : ""; ?> value="0"><?php echo _ALL ?></option> <option <?php echo $days == 7 ? "selected " : ""; ?> value="7">1 <?php echo _WEEK ?></option> <option <?php echo $days == 14 ? "selected " : ""; ?> value="14">2 <?php echo _WEEKS ?></option> <option <?php echo $days == 30 ? "selected " : ""; ?> value="30">1 <?php echo _MONTH ?></option> <option <?php echo $days == 60 ? "selected " : ""; ?> value="60">2 <?php echo _MONTHS ?></option> <option <?php echo $days == 90 ? "selected " : ""; ?> value="90">3 <?php echo _MONTHS ?></option> </select> <?php if (($type == "stories") OR ($type == "")) { $sel1 = "checked"; } elseif ($type == "comments") { $sel2 = "checked"; } elseif ($type == "users") { $sel3 = "checked"; } elseif ($type == "reviews") { $sel4 = "checked"; } $num_rev = $db->sql_numrows($db->sql_query("SELECT * from ".$prefix."_reviews")); echo ""._SEARCHON.""; echo "<input type=\"radio\" name=\"type\" value=\"stories\" $sel1> "._SSTORIES.""; if ($articlecomm == 1) { echo "<input type=\"radio\" name=\"type\" value=\"comments\" $sel2> "._SCOMMENTS.""; } echo "<input type=\"radio\" name=\"type\" value=\"users\" $sel3> "._SUSERS.""; if ($num_rev > 0) { echo "<input type=\"radio\" name=\"type\" value=\"reviews\" $sel4> "._REVIEWS.""; } echo "</form></td></tr></table>"; $query = stripslashes(check_html($query, "nohtml")); if ($type=="stories" OR !$type) { if ($category > 0) { $categ = "AND catid='$category' "; } else { $categ = ""; } $q = "select s.sid, s.aid, s.informant, s.title, s.time, s.hometext, s.bodytext, a.url, s.comments, s.topic from ".$prefix."_stories s, ".$prefix."_authors a where s.aid=a.aid $queryalang $categ"; if (isset($query)) $q .= "AND (s.title LIKE '%$query%' OR s.hometext LIKE '%$query%' OR s.bodytext LIKE '%$query%' OR s.notes LIKE '%$query%') "; if ($author != "") $q .= "AND s.aid='$author' "; if ($topic != "") $q .= "AND s.topic='$topic' "; if ($days != "" && $days!=0) $q .= "AND TO_DAYS(NOW()) - TO_DAYS(time) <= '$days' "; $q .= " ORDER BY s.time DESC LIMIT $min,$offset"; $t = $topic; $result5 = $db->sql_query($q); $nrows = $db->sql_numrows($result5); $x=0; if ($query != "") { echo " <hr noshade size=\"1\"><center>"._SEARCHRESULTS."</center> "; echo "<table width=\"99%\" cellspacing=\"0\" cellpadding=\"0\" border=\"0\">\n"; if ($nrows>0) { while($row5 = $db->sql_fetchrow($result5)) { $sid = intval($row5['sid']); $aid = stripslashes($row5['aid']); $informant = stripslashes($row5['informant']); $title = stripslashes(check_html($row5['title'], "nohtml")); $time = $row5['time']; $hometext = stripslashes($row5['hometext']); $bodytext = stripslashes($row5['bodytext']); $url = stripslashes($row5['url']); $comments = intval($row5['comments']); $topic = intval($row5['topic']); $row6 = $db->sql_fetchrow($db->sql_query("SELECT topictext from ".$prefix."_topics where topicid='$topic'")); $topictext = stripslashes(check_html($row6['topictext'], "nohtml")); $furl = "modules.php?name=News&file=article&sid=$sid"; $datetime = formatTimestamp($time); $query = stripslashes(check_html($query, "nohtml")); if ($informant == "") { $informant = $anonymous; } else { $informant = "<a href=\"modules.php?name=Your_Account&op=userinfo&username=$informant\">$informant</a>"; } if ($query != "" AND $query != "*") { if (eregi(quotemeta($query),$title)) { $a = 1; } $text = "$hometext$bodytext"; if (eregi(quotemeta($query),$text)) { $a = 2; } if (eregi(quotemeta($query),$text) AND eregi(quotemeta($query),$title)) { $a = 3; } if ($a == 1) { $match = _MATCHTITLE; } elseif ($a == 2) { $match = _MATCHTEXT; } elseif ($a == 3) { $match = _MATCHBOTH; } if (!isset($a)) { $match = ""; } else { $match = "$match "; } } printf("<tr><td><img src=\"images/folders.gif\" border=\"0\" alt=\"\"> <a href=\"%s\">%s</a> "._CONTRIBUTEDBY." $informant "._POSTEDBY." <a href=\"%s\">%s</a>",$furl,$title,$url,$aid,$informant); echo " "._ON." $datetime " ."$match" .""._TOPIC.": <a href=\"modules.php?name=$module_name&query=&topic=$topic\">$topictext</a> "; if ($comments == 0) { echo "("._NOCOMMENTS.")"; } elseif ($comments == 1) { echo "($comments "._UCOMMENT.")"; } elseif ($comments >1) { echo "($comments "._UCOMMENTS.")"; } if (is_admin($admin)) { echo " [ <a href=\"admin.php?op=EditStory&sid=$sid\">"._EDIT."</a> | <a href=\"admin.php?op=RemoveStory&sid=$sid\">"._DELETE."</a> ]"; } echo " </td></tr>\n"; $x++; } echo "</table>"; } else { echo "<tr><td><center>"._NOMATCHES."</center> "; echo "</td></tr></table>"; } $prev=$min-$offset; if ($prev>=0) { print " <center><a href=\"modules.php?name=$module_name&author=$author&topic=$t&min=$prev&query=$query&type=$type&category=$category\">"; print "$min "._PREVMATCHES."</a></center>"; } $next=$min+$offset; if ($x>=9) { print " <center><a href=\"modules.php?name=$module_name&author=$author&topic=$t&min=$max&query=$query&type=$type&category=$category\">"; print ""._NEXTMATCHES."</a></center>"; } } } elseif ($type=="comments") { /* $sid = intval($sid); if (isset($sid)) { $row7 = $db->sql_fetchrow($db->sql_query("SELECT title from ".$prefix."_stories where sid='$sid'")); $st_title = stripslashes(check_html($row7['title'], "nohtml")); $instory = "AND sid='$sid'"; } else { $instory = ""; } */ $result8 = $db->sql_query("SELECT tid, sid, subject, date, name from ".$prefix."_comments where (subject like '%$query%' OR comment like '%$query%') order by date DESC limit $min,$offset"); $nrows = $db->sql_numrows($result8); $x=0; if ($query != "") { echo " <hr noshade size=\"1\"><center>"._SEARCHRESULTS."</center> "; echo "<table width=\"99%\" cellspacing=\"0\" cellpadding=\"0\" border=\"0\">\n"; if ($nrows>0) { while($row8 = $db->sql_fetchrow($result8)) { $tid = intval($row8['tid']); $sid = intval($row8['sid']); $subject = stripslashes(check_html($row8['subject'], "nohtml")); $date = $row8['date']; $name = stripslashes($row8['name']); $row_res = $db->sql_fetchrow($db->sql_query("SELECT title from ".$prefix."_stories where sid='$sid'")); $title = stripslashes(check_html($row_res['title'], "nohtml")); $reply = $db->sql_numrows($db->sql_query("SELECT * from ".$prefix."_comments where pid='$tid'")); $furl = "modules.php?name=News&file=article&thold=-1&mode=flat&order=1&sid=$sid#$tid"; if(!$name) { $name = "$anonymous"; } else { $name = "<a href=\"modules.php?name=Your_Account&op=userinfo&username=$name\">$name</a>"; } $datetime = formatTimestamp($date); echo "<tr><td><img src=\"images/folders.gif\" border=\"0\" alt=\"\"> <a href=\"$furl\">$subject</a> "._POSTEDBY." $name" ." "._ON." $datetime " .""._ATTACHART.": $title "; if ($reply == 1) { echo "($reply "._SREPLY.")"; if (is_admin($admin)) { echo " [ <a href=\"admin.php?op=RemoveComment&tid=$tid&sid=$sid\">"._DELETE."</a> ]"; } echo " </td></tr>\n"; } else { echo "($reply "._SREPLIES.")"; if (is_admin($admin)) { echo " [ <a href=\"admin.php?op=RemoveComment&tid=$tid&sid=$sid\">"._DELETE."</a> ]"; } echo " </td></tr>\n"; } $x++; } echo "</table>"; } else { echo "<tr><td><center>"._NOMATCHES."</center> "; echo "</td></tr></table>"; } $prev=$min-$offset; if ($prev>=0) { print " <center><a href=\"modules.php?name=$module_name&author=$author&topic=$topic&min=$prev&query=$query&type=$type\">"; print "$min "._PREVMATCHES."</a></center>"; } $next=$min+$offset; if ($x>=9) { print " <center><a href=\"modules.php?name=$module_name&author=$author&topic=$topic&min=$max&query=$query&type=$type\">"; print ""._NEXTMATCHES."</a></center>"; } } } elseif ($type=="reviews") { $res_n = $db->sql_query("SELECT id, title, text, reviewer, score from ".$prefix."_reviews where (title like '%$query%' OR text like '%$query%') $queryrlang order by date DESC limit $min,$offset"); $nrows = $db->sql_numrows($res_n); $x=0; if ($query != "") { echo " <hr noshade size=\"1\"><center>"._SEARCHRESULTS."</center> "; echo "<table width=\"99%\" cellspacing=\"0\" cellpadding=\"0\" border=\"0\">\n"; if ($nrows>0) { while($rown = $db->sql_fetchrow($res_n)) { $id = intval($rown['id']); $title = stripslashes(check_html($rown['title'], "nohtml")); $text = stripslashes($rown['text']); $reviewer = stripslashes($rown['reviewer']); $furl = "modules.php?name=Reviews&op=showcontent&id=$id"; $pages = count(explode( "", $text )); echo "<tr><td><img src=\"images/folders.gif\" border=\"0\" alt=\"\"> <a href=\"$furl\">$title</a> " .""._POSTEDBY." $reviewer " .""._REVIEWSCORE.": $score/10 "; if ($pages == 1) { echo "($pages "._PAGE.")"; } else { echo "($pages "._PAGES.")"; } if (is_admin($admin)) { echo " [ <a href=\"modules.php?name=Reviews&op=mod_review&id=$id\">"._EDIT."</a> | <a href=\"modules.php?name=Reviews.php&op=del_review&id_del=$id\">"._DELETE."</a> ]"; } print " </td></tr>\n"; $x++; } echo "</table>"; } else { echo "<tr><td><center>"._NOMATCHES."</center> "; echo "</td></tr></table>"; } $prev=$min-$offset; if ($prev>=0) { print " <center><a href=\"modules.php?name=$module_name&author=$author&topic=$t&min=$prev&query=$query&type=$type\">"; print "$min "._PREVMATCHES."</a></center>"; } $next=$min+$offset; if ($x>=9) { print " <center><a href=\"modules.php?name=$module_name&author=$author&topic=$t&min=$max&query=$query&type=$type\">"; print ""._NEXTMATCHES."</a></center>"; } } } elseif ($type=="users") { $res_n3 = $db->sql_query("SELECT user_id, username, name from ".$user_prefix."_users where (username like '%$query%' OR name like '%$query%' OR bio like '%$query%') order by username ASC limit $min,$offset"); $nrows = $db->sql_numrows($res_n3); $x=0; if ($query != "") { echo " <hr noshade size=\"1\"><center>"._SEARCHRESULTS."</center> "; echo "<table width=\"99%\" cellspacing=\"0\" cellpadding=\"0\" border=\"0\">\n"; if ($nrows>0) { while($rown3 = $db->sql_fetchrow($res_n3)) { $uid = intval($rown3['user_id']); $uname = stripslashes($rown3['username']); $name = stripslashes($rown3['name']); $furl = "modules.php?name=Your_Account&op=userinfo&username=$uname"; if ($name=="") { $name = ""._NONAME.""; } echo "<tr><td><img src=\"images/folders.gif\" border=\"0\" alt=\"\"> <a href=\"$furl\">$uname</a> ($name)"; if (is_admin($admin)) { echo " [ <a href=\"admin.php?chng_uid=$uid&op=modifyUser\">"._EDIT."</a> | <a href=\"admin.php?op=delUser&chng_uid=$uid\">"._DELETE."</a> ]"; } echo "</td></tr>\n"; $x++; } echo "</table>"; } else { echo "<tr><td><center>"._NOMATCHES."</center> "; echo "</td></tr></table>"; } $prev=$min-$offset; if ($prev>=0) { print " <center><a href=\"modules.php?name=$module_name&author=$author&topic=$t&min=$prev&query=$query&type=$type\">"; print "$min "._PREVMATCHES."</a></center>"; } $next=$min+$offset; if ($x>=9) { print " <center><a href=\"modules.php?name=$module_name&author=$author&topic=$t&min=$max&query=$query&type=$type\">"; print ""._NEXTMATCHES."</a></center>"; } } } CloseTable(); if (isset($query) AND $query != "") { echo " "; if (is_active("Downloads")) { $dcnt = $db->sql_numrows($db->sql_query("SELECT * from ".$prefix."_downloads_downloads WHERE title LIKE '%$query%' OR description LIKE '%$query%'")); $mod1 = "<li> <a href=\"modules.php?name=Downloads&d_op=search&query=$query\">"._DOWNLOADS."</a> ($dcnt "._SEARCHRESULTS.")"; } if (is_active("Web_Links")) { $lcnt = $db->sql_numrows($db->sql_query("SELECT * from ".$prefix."_links_links WHERE title LIKE '%$query%' OR description LIKE '%$query%'")); $mod2 = "<li> <a href=\"modules.php?name=Web_Links&l_op=search&query=$query\">"._WEBLINKS."</a> ($lcnt "._SEARCHRESULTS.")"; } if (is_active("Encyclopedia")) { $ecnt1 = $db->sql_query("SELECT eid from ".$prefix."_encyclopedia WHERE active='1'"); $ecnt = 0; while($row_e = $db->sql_fetchrow($ecnt1)) { $eid = intval($row_e['eid']); $ecnt2 = $db->sql_numrows($db->sql_query("select * from ".$prefix."_encyclopedia WHERE title LIKE '%$query%' OR description LIKE '%$query%' AND eid='$eid'")); $ecnt3 = $db->sql_numrows($db->sql_query("select * from ".$prefix."_encyclopedia_text WHERE title LIKE '%$query%' OR text LIKE '%$query%' AND eid='$eid'")); $ecnt = $ecnt+$ecnt2+$ecnt3; } $mod3 = "<li> <a href=\"modules.php?name=Encyclopedia&file=search&query=$query\">"._ENCYCLOPEDIA."</a> ($ecnt "._SEARCHRESULTS.")"; } OpenTable(); echo ""._FINDMORE." " .""._DIDNOTFIND." " .""._SEARCH." \"$query\" "._ON.": " ."<ul>" ."$mod1" ."$mod2" ."$mod3" ."<li> <a href=\"http://www.google.com/search?q=$query\" target=\"new\">Google</a>" ."<li> <a href=\"http://groups.google.com/groups?q=$query\" target=\"new\">Google Groups</a>" ."</ul>"; CloseTable(); } include("footer.php"); break; } ?>