mod/search.php

   1 <?php
   2 require_once("include/bbcode.php");
   3 require_once('include/security.php');
   4 require_once('include/conversation.php');
   5 require_once('mod/dirfind.php');
   6
   7 function search_saved_searches() {
   8
   9         $o = '';
  10
  11         if(! feature_enabled(local_user(),'savedsearch'))
  12                 return $o;
  13
  14         $r = q("SELECT `id`,`term` FROM `search` WHERE `uid` = %d",
  15                 intval(local_user())
  16         );
  17
  18         if(count($r)) {
  19                 $saved = array();
  20                 foreach($r as $rr) {
  21                         $saved[] = array(
  22                                 'id'            => $rr['id'],
  23                                 'term'          => $rr['term'],
  24                                 'encodedterm'   => urlencode($rr['term']),
  25                                 'delete'        => t('Remove term'),
  26                                 'selected'      => ($search==$rr['term']),
  27                         );
  28                 }
  29
  30
  31                 $tpl = get_markup_template("saved_searches_aside.tpl");
  32
  33                 $o .= replace_macros($tpl, array(
  34                         '$title'        => t('Saved Searches'),
  35                         '$add'          => '',
  36                         '$searchbox'    => '',
  37                         '$saved'        => $saved,
  38                 ));
  39         }
  40
  41         return $o;
  42
  43 }
  44
  45
  46 function search_init(&$a) {
  47
  48         $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : '');
  49
  50         if(local_user()) {
  51                 if(x($_GET,'save') && $search) {
  52                         $r = q("SELECT * FROM `search` WHERE `uid` = %d AND `term` = '%s' LIMIT 1",
  53                                 intval(local_user()),
  54                                 dbesc($search)
  55                         );
  56                         if(! count($r)) {
  57                                 q("INSERT INTO `search` (`uid`,`term`) VALUES ( %d, '%s')",
  58                                         intval(local_user()),
  59                                         dbesc($search)
  60                                 );
  61                         }
  62                 }
  63                 if(x($_GET,'remove') && $search) {
  64                         q("delete from `search` where `uid` = %d and `term` = '%s' limit 1",
  65                                 intval(local_user()),
  66                                 dbesc($search)
  67                         );
  68                 }
  69
  70                 $a->page['aside'] .= search_saved_searches();
  71
  72         }
  73         else {
  74                 unset($_SESSION['theme']);
  75                 unset($_SESSION['mobile-theme']);
  76         }
  77
  78
  79
  80 }
  81
  82
  83
  84 function search_post(&$a) {
  85         if(x($_POST,'search'))
  86                 $a->data['search'] = $_POST['search'];
  87 }
  88
  89
  90 function search_content(&$a) {
  91
  92         if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
  93                 notice( t('Public access denied.') . EOL);
  94                 return;
  95         }
  96
  97         if(get_config('system','local_search') AND !local_user()) {
  98                 http_status_exit(403,
  99                                 array("title" => t("Public access denied."),
 100                                         "description" => t("Only logged in users are permitted to perform a search.")));
 101                 killme();
 102                 //notice(t('Public access denied.').EOL);
 103                 //return;
 104         }
 105
 106         if (get_config('system','permit_crawling') AND !local_user()) {
 107                 // Default values:
 108                 // 10 requests are "free", after the 11th only a call per minute is allowed
 109
 110                 $free_crawls = intval(get_config('system','free_crawls'));
 111                 if ($free_crawls == 0)
 112                         $free_crawls = 10;
 113
 114                 $crawl_permit_period = intval(get_config('system','crawl_permit_period'));
 115                 if ($crawl_permit_period == 0)
 116                         $crawl_permit_period = 10;
 117
 118                 $remote = $_SERVER["REMOTE_ADDR"];
 119                 $result = Cache::get("remote_search:".$remote);
 120                 if (!is_null($result)) {
 121                         $resultdata = json_decode($result);
 122                         if (($resultdata->time > (time() - $crawl_permit_period)) AND ($resultdata->accesses > $free_crawls)) {
 123                                 http_status_exit(429,
 124                                                 array("title" => t("Too Many Requests"),
 125                                                         "description" => t("Only one search per minute is permitted for not logged in users.")));
 126                                 killme();
 127                         }
 128                         Cache::set("remote_search:".$remote, json_encode(array("time" => time(), "accesses" => $resultdata->accesses + 1)), CACHE_HOUR);
 129                 } else
 130                         Cache::set("remote_search:".$remote, json_encode(array("time" => time(), "accesses" => 1)), CACHE_HOUR);
 131         }
 132
 133         nav_set_selected('search');
 134
 135
 136         $o = '<h3>' . t('Search') . '</h3>';
 137
 138         if(x($a->data,'search'))
 139                 $search = notags(trim($a->data['search']));
 140         else
 141                 $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : '');
 142
 143         $tag = false;
 144         if(x($_GET,'tag')) {
 145                 $tag = true;
 146                 $search = ((x($_GET,'tag')) ? notags(trim(rawurldecode($_GET['tag']))) : '');
 147         }
 148
 149
 150         $o .= search($search,'search-box','/search',((local_user()) ? true : false), false);
 151
 152         if(strpos($search,'#') === 0) {
 153                 $tag = true;
 154                 $search = substr($search,1);
 155         }
 156         if(strpos($search,'@') === 0) {
 157                 return dirfind_content($a);
 158         }
 159         if(strpos($search,'!') === 0) {
 160                 return dirfind_content($a);
 161         }
 162
 163         if(x($_GET,'search-option'))
 164                 switch($_GET['search-option']) {
 165                         case 'fulltext':
 166                                 break;
 167                         case 'tags':
 168                                 $tag = true;
 169                                 break;
 170                         case 'contacts':
 171                                 return dirfind_content($a, "@");
 172                                 break;
 173                         case 'forums':
 174                                 return dirfind_content($a, "!");
 175                                 break;
 176                 }
 177
 178         if(! $search)
 179                 return $o;
 180
 181         if (get_config('system','only_tag_search'))
 182                 $tag = true;
 183
 184         // Here is the way permissions work in the search module...
 185         // Only public posts can be shown
 186         // OR your own posts if you are a logged in member
 187         // No items will be shown if the member has a blocked profile wall.
 188
 189         if($tag) {
 190                 logger("Start tag search for '".$search."'", LOGGER_DEBUG);
 191
 192                 $r = q("SELECT STRAIGHT_JOIN `item`.`uri`, `item`.*, `item`.`id` AS `item_id`,
 193                                 `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`,
 194                                 `contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
 195                                 `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
 196                         FROM `term`
 197                                 INNER JOIN `item` ON `item`.`id`=`term`.`oid`
 198                                 INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id` AND NOT `contact`.`blocked` AND NOT `contact`.`pending`
 199                         WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated`
 200                                 AND (`term`.`uid` = 0 OR (`term`.`uid` = %d AND NOT `term`.`global`)) AND `term`.`otype` = %d AND `term`.`type` = %d AND `term`.`term` = '%s'
 201                         ORDER BY term.created DESC LIMIT %d , %d ",
 202                                 intval(local_user()), intval(TERM_OBJ_POST), intval(TERM_HASHTAG), dbesc(protect_sprintf($search)),
 203                                 intval($a->pager['start']), intval($a->pager['itemspage']));
 204         } else {
 205                 logger("Start fulltext search for '".$search."'", LOGGER_DEBUG);
 206
 207                 if (get_config('system','use_fulltext_engine')) {
 208                         $sql_extra = sprintf(" AND MATCH (`item`.`body`, `item`.`title`) AGAINST ('%s' in boolean mode) ", dbesc(protect_sprintf($search)));
 209                 } else {
 210                         $sql_extra = sprintf(" AND `item`.`body` REGEXP '%s' ", dbesc(protect_sprintf(preg_quote($search))));
 211                 }
 212
 213                 $r = q("SELECT STRAIGHT_JOIN `item`.`uri`, `item`.*, `item`.`id` AS `item_id`,
 214                                 `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`,
 215                                 `contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
 216                                 `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
 217                         FROM `item`
 218                                 INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id` AND NOT `contact`.`blocked` AND NOT `contact`.`pending`
 219                         WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated`
 220                                 AND (`item`.`uid` = 0 OR (`item`.`uid` = %s AND (`item`.`private` OR NOT `item`.`network` IN ('%s', '%s', '%s'))))
 221                                 $sql_extra
 222                         GROUP BY `item`.`uri` ORDER BY `item`.`id` DESC LIMIT %d , %d ",
 223                                 intval(local_user()), dbesc(NETWORK_DFRN), dbesc(NETWORK_OSTATUS), dbesc(NETWORK_DIASPORA),
 224                                 intval($a->pager['start']), intval($a->pager['itemspage']));
 225         }
 226
 227         if(! count($r)) {
 228                 info( t('No results.') . EOL);
 229                 return $o;
 230         }
 231
 232
 233         if($tag)
 234                 $title = sprintf( t('Items tagged with: %s'), $search);
 235         else
 236                 $title = sprintf( t('Search results for: %s'), $search);
 237
 238         $o .= replace_macros(get_markup_template("section_title.tpl"),array(
 239                 '$title' => $title
 240         ));
 241
 242         logger("Start Conversation for '".$search."'", LOGGER_DEBUG);
 243         $o .= conversation($a,$r,'search',false);
 244
 245         $o .= alt_pager($a,count($r));
 246
 247         logger("Done '".$search."'", LOGGER_DEBUG);
 248
 249         return $o;
 250 }
 251