X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fsearch.php;h=bb33fb11d2f8c754c313a52dcba6c7565809d746;hb=3538dc15cc98cc8bba378357e6802ef48b378e0e;hp=e0a8506b68546224b0c222157a20dc852242ec23;hpb=9133a2384aecd61f8ee59b380d82dc2d58660703;p=friendica.git diff --git a/mod/search.php b/mod/search.php index e0a8506b68..bb33fb11d2 100644 --- a/mod/search.php +++ b/mod/search.php @@ -9,6 +9,15 @@ function search_post(&$a) { function search_content(&$a) { + if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) { + notice( t('Public access denied.') . EOL); + return; + } + + require_once("include/bbcode.php"); + require_once('include/security.php'); + require_once('include/conversation.php'); + if(x($_SESSION,'theme')) unset($_SESSION['theme']); @@ -26,15 +35,9 @@ function search_content(&$a) { if(! $search) return $o; - require_once("include/bbcode.php"); - require_once('include/security.php'); - - $sql_extra = " - AND `item`.`allow_cid` = '' - AND `item`.`allow_gid` = '' - AND `item`.`deny_cid` = '' - AND `item`.`deny_gid` = '' - "; + // Here is the way permissions work in the search module... + // Only public wall posts can be shown + // OR your own posts if you are a logged in member $s_bool = "AND MATCH (`item`.`body`) AGAINST ( '%s' IN BOOLEAN MODE )"; $s_regx = "AND `item`.`body` REGEXP '%s' "; @@ -47,10 +50,10 @@ function search_content(&$a) { $r = q("SELECT COUNT(*) AS `total` FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 - AND ( `wall` = 1 OR `contact`.`uid` = %d ) + AND (( `wall` = 1 AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' ) + OR `item`.`uid` = %d ) AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 - $search_alg - $sql_extra ", + $search_alg ", intval(local_user()), dbesc($search) ); @@ -59,29 +62,28 @@ function search_content(&$a) { $a->set_pager_total($r[0]['total']); if(! $r[0]['total']) { - notice( t('No results.') . EOL); + info( t('No results.') . EOL); return $o; } $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, - `contact`.`network`, `contact`.`thumb`, `contact`.`self`, + `contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`, `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`, `user`.`nickname` FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` LEFT JOIN `user` ON `user`.`uid` = `item`.`uid` WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 - AND ( `wall` = 1 OR `contact`.`uid` = %d ) + AND (( `wall` = 1 AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' ) + OR `item`.`uid` = %d ) AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 $search_alg - $sql_extra ORDER BY `parent` DESC ", intval(local_user()), dbesc($search) ); - require_once('include/conversation.php'); $o .= conversation($a,$r,'search',false);