]> git.mxchange.org Git - friendica.git/blob - mod/search.php
search privacy enhancements for those with blocked walls
[friendica.git] / mod / search.php
1 <?php
2
3 function search_saved_searches() {
4
5         $o = '';
6
7         if(! feature_enabled(local_user(),'savedsearch'))
8                 return $o;
9
10         $r = q("select `id`,`term` from `search` WHERE `uid` = %d",
11                 intval(local_user())
12         );
13
14         if(count($r)) {
15                 $saved = array();
16                 foreach($r as $rr) {
17                         $saved[] = array(
18                                 'id'            => $rr['id'],
19                                 'term'                  => $rr['term'],
20                                 'encodedterm'   => urlencode($rr['term']),
21                                 'delete'                => t('Remove term'),
22                                 'selected'              => ($search==$rr['term']),
23                         );
24                 }
25
26                 
27                 $tpl = get_markup_template("saved_searches_aside.tpl");
28
29                 $o .= replace_macros($tpl, array(
30                         '$title'         => t('Saved Searches'),
31                         '$add'           => '',
32                         '$searchbox' => '',
33                         '$saved'         => $saved,
34                 ));
35         }               
36
37         return $o;
38
39 }
40
41
42 function search_init(&$a) {
43
44         $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : '');
45
46         if(local_user()) {
47                 if(x($_GET,'save') && $search) {
48                         $r = q("select * from `search` where `uid` = %d and `term` = '%s' limit 1",
49                                 intval(local_user()),
50                                 dbesc($search)
51                         );
52                         if(! count($r)) {
53                                 q("insert into `search` ( `uid`,`term` ) values ( %d, '%s') ",
54                                         intval(local_user()),
55                                         dbesc($search)
56                                 );
57                         }
58                 }
59                 if(x($_GET,'remove') && $search) {
60                         q("delete from `search` where `uid` = %d and `term` = '%s' limit 1",
61                                 intval(local_user()),
62                                 dbesc($search)
63                         );
64                 }
65
66                 $a->page['aside'] .= search_saved_searches();
67
68         }
69         else {
70                 unset($_SESSION['theme']);
71                 unset($_SESSION['mobile-theme']);
72         }
73
74
75
76 }
77
78
79
80 function search_post(&$a) {
81         if(x($_POST,'search'))
82                 $a->data['search'] = $_POST['search'];
83 }
84
85
86 function search_content(&$a) {
87
88         if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
89                 notice( t('Public access denied.') . EOL);
90                 return;
91         }
92
93         nav_set_selected('search');
94
95         require_once("include/bbcode.php");
96         require_once('include/security.php');
97         require_once('include/conversation.php');
98
99         $o = '<h3>' . t('Search') . '</h3>';
100
101         if(x($a->data,'search'))
102                 $search = notags(trim($a->data['search']));
103         else
104                 $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : '');
105
106         $tag = false;
107         if(x($_GET,'tag')) {
108                 $tag = true;
109                 $search = ((x($_GET,'tag')) ? notags(trim(rawurldecode($_GET['tag']))) : '');
110         }
111
112
113         $o .= search($search,'search-box','/search',((local_user()) ? true : false));
114
115         if(strpos($search,'#') === 0) {
116                 $tag = true;
117                 $search = substr($search,1);
118         }
119         if(strpos($search,'@') === 0) {
120                 require_once('mod/dirfind.php');
121                 return dirfind_content($a);
122         }
123
124         if(! $search)
125                 return $o;
126
127         if (get_config('system','use_fulltext_engine')) {
128                 if($tag)
129                         $sql_extra = sprintf(" AND MATCH (`item`.`tag`) AGAINST ('".'"%s"'."' in boolean mode) ", '#'.dbesc(protect_sprintf($search)));
130                 else
131                         $sql_extra = sprintf(" AND MATCH (`item`.`body`) AGAINST ('".'"%s"'."' in boolean mode) ", dbesc(protect_sprintf($search)));
132         } else {
133                 if($tag)
134                         $sql_extra = sprintf(" AND `item`.`tag` REGEXP '%s' ",  dbesc('\\]' . protect_sprintf(preg_quote($search)) . '\\['));
135                 else
136                         $sql_extra = sprintf(" AND `item`.`body` REGEXP '%s' ", dbesc(protect_sprintf(preg_quote($search))));
137         }
138
139
140
141
142         // Here is the way permissions work in the search module...
143         // Only public posts can be shown
144         // OR your own posts if you are a logged in member
145         // No items will be shown if the member has a blocked profile wall. 
146
147         if( (! get_config('alt_pager', 'global')) && (! get_pconfig(local_user(),'system','alt_pager')) ) {
148                 $r = q("SELECT distinct(`item`.`uri`) as `total`
149                         FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`
150                         WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
151                         AND (( `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' AND `item`.`deny_cid`  = '' AND `item`.`deny_gid`  = '' AND `item`.`private` = 0 AND `user`.`hidewall` = 0) 
152                                 OR ( `item`.`uid` = %d ))
153                         AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
154                         $sql_extra group by `item`.`uri` ", 
155                         intval(local_user())
156                 );
157
158                 if(count($r))
159                         $a->set_pager_total(count($r));
160
161                 if(! count($r)) {
162                         info( t('No results.') . EOL);
163                         return $o;
164                 }
165         }
166
167         $r = q("SELECT distinct(`item`.`uri`), `item`.*, `item`.`id` AS `item_id`, 
168                 `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`,
169                 `contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`, 
170                 `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`,
171                 `user`.`nickname`, `user`.`uid`, `user`.`hidewall`
172                 FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
173                 LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`
174                 WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
175                 AND (( `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' AND `item`.`deny_cid`  = '' AND `item`.`deny_gid`  = '' AND `item`.`private` = 0 AND `user`.`hidewall` = 0 ) 
176                         OR ( `item`.`uid` = %d ))
177                 AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
178                 $sql_extra
179                 group by `item`.`uri`   
180                 ORDER BY `received` DESC LIMIT %d , %d ",
181                 intval(local_user()),
182                 intval($a->pager['start']),
183                 intval($a->pager['itemspage'])
184
185         );
186
187         if(! count($r)) {
188                 info( t('No results.') . EOL);
189                 return $o;
190         }
191
192
193         if($tag) 
194                 $o .= '<h2>Items tagged with: ' . $search . '</h2>';
195         else
196                 $o .= '<h2>Search results for: ' . $search . '</h2>';
197
198         $o .= conversation($a,$r,'search',false);
199
200         if( get_config('alt_pager', 'global') || get_pconfig(local_user(),'system','alt_pager') ) {
201                 $o .= alt_pager($a,count($r));
202         }
203         else {
204                 $o .= paginate($a);
205         }
206
207         return $o;
208 }
209