X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fmsearch.php;h=14dfd1ef7c1646caf7bfde3bd5f2b269360f196b;hb=631095eefdd8cc9698190c60a26322a35b57fc1b;hp=d3477b0d59127e490c2bc683c70cdd839fc26473;hpb=a6fb3568f989f72164b435baafc63a174397b542;p=friendica.git

diff --git a/mod/msearch.php b/mod/msearch.php
index d3477b0d59..14dfd1ef7c 100644
--- a/mod/msearch.php
+++ b/mod/msearch.php
@@ -1,48 +1,87 @@
 <?php
+/**
+ * @copyright Copyright (C) 2020, Friendica
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ *
+ */
 
 use Friendica\App;
-use Friendica\Core\System;
 use Friendica\Database\DBA;
+use Friendica\DI;
 
-function msearch_post(App $a) {
+function msearch_post(App $a)
+{
+	$search = $_POST['s'] ?? '';
+	$perpage  = intval(($_POST['n'] ?? 0) ?: 80);
+	$page     = intval(($_POST['p'] ?? 0) ?: 1);
+	$startrec = ($page - 1) * $perpage;
 
-	$perpage = (($_POST['n']) ? $_POST['n'] : 80);
-	$page = (($_POST['p']) ? intval($_POST['p'] - 1) : 0);
-	$startrec = (($page+1) * $perpage) - $perpage;
+	$total = 0;
+	$results = [];
+
+	if (!strlen($search)) {
+		$output = ['total' => 0, 'items_page' => $perpage, 'page' => $page, 'results' => $results];
+		echo json_encode($output);
+		exit();
+	}
 
-	$search = $_POST['s'];
-	if(! strlen($search))
-		killme();
+	$total = 0;
 
-	$r = q("SELECT COUNT(*) AS `total` FROM `profile` LEFT JOIN `user` ON `user`.`uid` = `profile`.`uid` WHERE `is-default` = 1 AND `user`.`hidewall` = 0 AND MATCH `pub_keywords` AGAINST ('%s') ",
-		DBA::escape($search)
+	$count_stmt = DBA::p(
+		"SELECT COUNT(*) AS `total`
+			FROM `profile`
+		  	JOIN `user` ON `user`.`uid` = `profile`.`uid`
+			WHERE `profile`.`net-publish`
+		  	AND MATCH(`pub_keywords`) AGAINST (?)",
+		$search
 	);
+	if (DBA::isResult($count_stmt)) {
+		$row = DBA::fetch($count_stmt);
+		$total = $row['total'];
+	}
 
-	if (DBA::isResult($r))
-		$total = $r[0]['total'];
-
-	$results = [];
+	DBA::close($count_stmt);
 
-	$r = q("SELECT `pub_keywords`, `username`, `nickname`, `user`.`uid` FROM `user` LEFT JOIN `profile` ON `user`.`uid` = `profile`.`uid` WHERE `is-default` = 1 AND `user`.`hidewall` = 0 AND MATCH `pub_keywords` AGAINST ('%s') LIMIT %d , %d ",
-		DBA::escape($search),
-		intval($startrec),
-		intval($perpage)
+	$search_stmt = DBA::p(
+		"SELECT `pub_keywords`, `username`, `nickname`, `user`.`uid`
+			FROM `user`
+			JOIN `profile` ON `user`.`uid` = `profile`.`uid`
+			WHERE `profile`.`net-publish`
+			AND MATCH(`pub_keywords`) AGAINST (?)
+			LIMIT ?, ?",
+		$search,
+		$startrec,
+		$perpage
 	);
 
-	if (DBA::isResult($r)) {
-		foreach($r as $rr)
-			$results[] = [
-				'name' => $rr['name'],
-				'url' => System::baseUrl() . '/profile/' . $rr['nickname'],
-				'photo' => System::baseUrl() . '/photo/avatar/' . $rr['uid'] . '.jpg',
-				'tags' => str_replace([',','  '],[' ',' '],$rr['pub_keywords'])
-			];
+	while ($search_result = DBA::fetch($search_stmt)) {
+		$results[] = [
+			'name'  => $search_result['name'],
+			'url'   => DI::baseUrl() . '/profile/' . $search_result['nickname'],
+			'photo' => DI::baseUrl() . '/photo/avatar/' . $search_result['uid'] . '.jpg',
+			'tags'  => str_replace([',', '  '], [' ', ' '], $search_result['pub_keywords'])
+		];
 	}
 
-	$output = ['total' => $total, 'items_page' => $perpage, 'page' => $page + 1, 'results' => $results];
+	DBA::close($search_stmt);
 
-	echo json_encode($output);
+	$output = ['total' => $total, 'items_page' => $perpage, 'page' => $page, 'results' => $results];
 
-	killme();
+	echo json_encode($output);
 
+	exit();
 }