X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fsearch.php;h=9a70bcac908d179d3512761284bd8dd64b431a17;hb=4af0119b7310e9731e60b11a14fd917580b95715;hp=b3018ae8c75c6342fcdcc6adf59d15c3cd2f0885;hpb=d49f986d1eb6894dd948577288357b6c1755e3d3;p=friendica.git diff --git a/mod/search.php b/mod/search.php index b3018ae8c7..9a70bcac90 100644 --- a/mod/search.php +++ b/mod/search.php @@ -2,47 +2,49 @@ /** * @file mod/search.php */ + use Friendica\App; -use Friendica\Content\Feature; use Friendica\Content\Nav; +use Friendica\Content\Pager; +use Friendica\Content\Text\HTML; use Friendica\Core\Cache; use Friendica\Core\Config; use Friendica\Core\L10n; -use Friendica\Database\DBM; +use Friendica\Core\Logger; +use Friendica\Core\Renderer; +use Friendica\Core\System; +use Friendica\Database\DBA; +use Friendica\Model\Item; +use Friendica\Util\Strings; -require_once "include/bbcode.php"; -require_once 'include/security.php'; -require_once 'include/conversation.php'; require_once 'mod/dirfind.php'; function search_saved_searches() { $o = ''; - - if (! Feature::isEnabled(local_user(),'savedsearch')) - return $o; + $search = (!empty($_GET['search']) ? Strings::escapeTags(trim(rawurldecode($_GET['search']))) : ''); $r = q("SELECT `id`,`term` FROM `search` WHERE `uid` = %d", intval(local_user()) ); - if (DBM::is_result($r)) { + if (DBA::isResult($r)) { $saved = []; foreach ($r as $rr) { $saved[] = [ 'id' => $rr['id'], 'term' => $rr['term'], 'encodedterm' => urlencode($rr['term']), - 'delete' => t('Remove term'), + 'delete' => L10n::t('Remove term'), 'selected' => ($search==$rr['term']), ]; } - $tpl = get_markup_template("saved_searches_aside.tpl"); + $tpl = Renderer::getMarkupTemplate("saved_searches_aside.tpl"); - $o .= replace_macros($tpl, [ - '$title' => t('Saved Searches'), + $o .= Renderer::replaceMacros($tpl, [ + '$title' => L10n::t('Saved Searches'), '$add' => '', '$searchbox' => '', '$saved' => $saved, @@ -56,20 +58,25 @@ function search_saved_searches() { function search_init(App $a) { - $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : ''); + $search = (!empty($_GET['search']) ? Strings::escapeTags(trim(rawurldecode($_GET['search']))) : ''); if (local_user()) { - if (x($_GET,'save') && $search) { + if (!empty($_GET['save']) && $search) { $r = q("SELECT * FROM `search` WHERE `uid` = %d AND `term` = '%s' LIMIT 1", intval(local_user()), - dbesc($search) + DBA::escape($search) ); - if (!DBM::is_result($r)) { - dba::insert('search', ['uid' => local_user(), 'term' => $search]); + if (!DBA::isResult($r)) { + DBA::insert('search', ['uid' => local_user(), 'term' => $search]); } } - if (x($_GET,'remove') && $search) { - dba::delete('search', ['uid' => local_user(), 'term' => $search]); + if (!empty($_GET['remove']) && $search) { + DBA::delete('search', ['uid' => local_user(), 'term' => $search]); + } + + /// @todo Check if there is a case at all that "aside" is prefilled here + if (!isset($a->page['aside'])) { + $a->page['aside'] = ''; } $a->page['aside'] .= search_saved_searches(); @@ -83,14 +90,6 @@ function search_init(App $a) { } - - -function search_post(App $a) { - if (x($_POST,'search')) - $a->data['search'] = $_POST['search']; -} - - function search_content(App $a) { if (Config::get('system','block_public') && !local_user() && !remote_user()) { @@ -99,10 +98,10 @@ function search_content(App $a) { } if (Config::get('system','local_search') && !local_user() && !remote_user()) { - http_status_exit(403, - ["title" => t("Public access denied."), - "description" => t("Only logged in users are permitted to perform a search.")]); - killme(); + System::httpExit(403, + ["title" => L10n::t("Public access denied."), + "description" => L10n::t("Only logged in users are permitted to perform a search.")]); + exit(); //notice(L10n::t('Public access denied.').EOL); //return; } @@ -124,36 +123,32 @@ function search_content(App $a) { if (!is_null($result)) { $resultdata = json_decode($result); if (($resultdata->time > (time() - $crawl_permit_period)) && ($resultdata->accesses > $free_crawls)) { - http_status_exit(429, - ["title" => t("Too Many Requests"), - "description" => t("Only one search per minute is permitted for not logged in users.")]); - killme(); + System::httpExit(429, + ["title" => L10n::t("Too Many Requests"), + "description" => L10n::t("Only one search per minute is permitted for not logged in users.")]); + exit(); } - Cache::set("remote_search:".$remote, json_encode(["time" => time(), "accesses" => $resultdata->accesses + 1]), CACHE_HOUR); + Cache::set("remote_search:".$remote, json_encode(["time" => time(), "accesses" => $resultdata->accesses + 1]), Cache::HOUR); } else - Cache::set("remote_search:".$remote, json_encode(["time" => time(), "accesses" => 1]), CACHE_HOUR); + Cache::set("remote_search:".$remote, json_encode(["time" => time(), "accesses" => 1]), Cache::HOUR); } Nav::setSelected('search'); - $search = ''; - if (x($a->data,'search')) - $search = notags(trim($a->data['search'])); - else - $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : ''); + $search = (!empty($_REQUEST['search']) ? Strings::escapeTags(trim(rawurldecode($_REQUEST['search']))) : ''); $tag = false; - if (x($_GET,'tag')) { + if (!empty($_GET['tag'])) { $tag = true; - $search = ((x($_GET,'tag')) ? notags(trim(rawurldecode($_GET['tag']))) : ''); + $search = (!empty($_GET['tag']) ? '#' . Strings::escapeTags(trim(rawurldecode($_GET['tag']))) : ''); } // contruct a wrapper for the search header - $o .= replace_macros(get_markup_template("content_wrapper.tpl"),[ + $o = Renderer::replaceMacros(Renderer::getMarkupTemplate("content_wrapper.tpl"),[ 'name' => "search-header", - '$title' => t("Search"), + '$title' => L10n::t("Search"), '$title_size' => 3, - '$content' => search($search,'search-box','search',((local_user()) ? true : false), false) + '$content' => HTML::search($search,'search-box','search', false) ]); if (strpos($search,'#') === 0) { @@ -167,7 +162,7 @@ function search_content(App $a) { return dirfind_content($a); } - if (x($_GET,'search-option')) + if (!empty($_GET['search-option'])) switch($_GET['search-option']) { case 'fulltext': break; @@ -182,7 +177,7 @@ function search_content(App $a) { break; } - if (! $search) + if (!$search) return $o; if (Config::get('system','only_tag_search')) @@ -193,55 +188,65 @@ function search_content(App $a) { // OR your own posts if you are a logged in member // No items will be shown if the member has a blocked profile wall. + $pager = new Pager($a->query_string); + if ($tag) { - logger("Start tag search for '".$search."'", LOGGER_DEBUG); - - $r = q("SELECT %s - FROM `term` - STRAIGHT_JOIN `item` ON `item`.`id`=`term`.`oid` %s - WHERE %s AND (`term`.`uid` = 0 OR (`term`.`uid` = %d AND NOT `term`.`global`)) AND `term`.`otype` = %d AND `term`.`type` = %d AND `term`.`term` = '%s' - ORDER BY term.created DESC LIMIT %d , %d ", - item_fieldlists(), item_joins(), item_condition(), - intval(local_user()), - intval(TERM_OBJ_POST), intval(TERM_HASHTAG), dbesc(protect_sprintf($search)), - intval($a->pager['start']), intval($a->pager['itemspage'])); + Logger::log("Start tag search for '".$search."'", Logger::DEBUG); + + $condition = ["(`uid` = 0 OR (`uid` = ? AND NOT `global`)) + AND `otype` = ? AND `type` = ? AND `term` = ?", + local_user(), TERM_OBJ_POST, TERM_HASHTAG, $search]; + $params = ['order' => ['created' => true], + 'limit' => [$pager->getStart(), $pager->getItemsPerPage()]]; + $terms = DBA::select('term', ['oid'], $condition, $params); + + $itemids = []; + while ($term = DBA::fetch($terms)) { + $itemids[] = $term['oid']; + } + DBA::close($terms); + + if (!empty($itemids)) { + $params = ['order' => ['id' => true]]; + $items = Item::selectForUser(local_user(), [], ['id' => $itemids], $params); + $r = Item::inArray($items); + } else { + $r = []; + } } else { - logger("Start fulltext search for '".$search."'", LOGGER_DEBUG); - - $sql_extra = sprintf(" AND `item`.`body` REGEXP '%s' ", dbesc(protect_sprintf(preg_quote($search)))); - - $r = q("SELECT %s - FROM `item` %s - WHERE %s AND (`item`.`uid` = 0 OR (`item`.`uid` = %s AND NOT `item`.`global`)) - $sql_extra - GROUP BY `item`.`uri`, `item`.`id` ORDER BY `item`.`id` DESC LIMIT %d , %d", - item_fieldlists(), item_joins(), item_condition(), - intval(local_user()), - intval($a->pager['start']), intval($a->pager['itemspage'])); + Logger::log("Start fulltext search for '".$search."'", Logger::DEBUG); + + $condition = ["(`uid` = 0 OR (`uid` = ? AND NOT `global`)) + AND `body` LIKE CONCAT('%',?,'%')", + local_user(), $search]; + $params = ['order' => ['id' => true], + 'limit' => [$pager->getStart(), $pager->getItemsPerPage()]]; + $items = Item::selectForUser(local_user(), [], $condition, $params); + $r = Item::inArray($items); } - if (! DBM::is_result($r)) { + if (!DBA::isResult($r)) { info(L10n::t('No results.') . EOL); return $o; } - if ($tag) - $title = sprintf( t('Items tagged with: %s'), $search); - else - $title = sprintf( t('Results for: %s'), $search); + if ($tag) { + $title = L10n::t('Items tagged with: %s', $search); + } else { + $title = L10n::t('Results for: %s', $search); + } - $o .= replace_macros(get_markup_template("section_title.tpl"),[ + $o .= Renderer::replaceMacros(Renderer::getMarkupTemplate("section_title.tpl"),[ '$title' => $title ]); - logger("Start Conversation for '".$search."'", LOGGER_DEBUG); - $o .= conversation($a,$r,'search',false); + Logger::log("Start Conversation for '".$search."'", Logger::DEBUG); + $o .= conversation($a, $r, $pager, 'search', false, false, 'commented', local_user()); - $o .= alt_pager($a,count($r)); + $o .= $pager->renderMinimal(count($r)); - logger("Done '".$search."'", LOGGER_DEBUG); + Logger::log("Done '".$search."'", Logger::DEBUG); return $o; } -