From: Hypolite Petovan <hypolite@mrpetovan.com>
Date: Mon, 24 Dec 2018 00:45:03 +0000 (-0500)
Subject: Rework mod/msearch
X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=b962fc989a03083d50e55f96bbcf2349ab390bb0;p=friendica.git

Rework mod/msearch

- Remove deprecated q()/killme() calls
- Ensure an output on empty search string
- Fix page number nonsense (-1, +1,...)
---

diff --git a/mod/msearch.php b/mod/msearch.php
index d3477b0d59..64c6ce3cf8 100644
--- a/mod/msearch.php
+++ b/mod/msearch.php
@@ -4,45 +4,64 @@ use Friendica\App;
 use Friendica\Core\System;
 use Friendica\Database\DBA;
 
-function msearch_post(App $a) {
+function msearch_post(App $a)
+{
+	$search = defaults($_POST, 's', '');
+	$perpage  = intval(defaults($_POST, 'n', 80));
+	$page     = intval(defaults($_POST, 'p', 1));
+	$startrec = ($page - 1) * $perpage;
 
-	$perpage = (($_POST['n']) ? $_POST['n'] : 80);
-	$page = (($_POST['p']) ? intval($_POST['p'] - 1) : 0);
-	$startrec = (($page+1) * $perpage) - $perpage;
+	$total = 0;
+	$results = [];
 
-	$search = $_POST['s'];
-	if(! strlen($search))
-		killme();
+	if (!strlen($search)) {
+		$output = ['total' => 0, 'items_page' => $perpage, 'page' => $page, 'results' => $results];
+		echo json_encode($output);
+		exit();
+	}
 
-	$r = q("SELECT COUNT(*) AS `total` FROM `profile` LEFT JOIN `user` ON `user`.`uid` = `profile`.`uid` WHERE `is-default` = 1 AND `user`.`hidewall` = 0 AND MATCH `pub_keywords` AGAINST ('%s') ",
-		DBA::escape($search)
+	$count_stmt = DBA::p(
+		"SELECT COUNT(*) AS `total`
+			FROM `profile`
+		  	JOIN `user` ON `user`.`uid` = `profile`.`uid`
+			WHERE `is-default` = 1
+			AND `user`.`hidewall` = 0
+		  	AND MATCH(`pub_keywords`) AGAINST (?)",
+		$search
 	);
 
-	if (DBA::isResult($r))
-		$total = $r[0]['total'];
+	if (DBA::isResult($count_stmt)) {
+		$row = DBA::fetch($count_stmt);
+		$total = $row['total'];
+	}
 
-	$results = [];
+	DBA::close($count_stmt);
 
-	$r = q("SELECT `pub_keywords`, `username`, `nickname`, `user`.`uid` FROM `user` LEFT JOIN `profile` ON `user`.`uid` = `profile`.`uid` WHERE `is-default` = 1 AND `user`.`hidewall` = 0 AND MATCH `pub_keywords` AGAINST ('%s') LIMIT %d , %d ",
-		DBA::escape($search),
-		intval($startrec),
-		intval($perpage)
+	$search_stmt = DBA::p(
+		"SELECT `pub_keywords`, `username`, `nickname`, `user`.`uid`
+			FROM `user`
+			JOIN `profile` ON `user`.`uid` = `profile`.`uid`
+			WHERE `is-default` = 1
+			AND `user`.`hidewall` = 0
+			AND MATCH(`pub_keywords`) AGAINST (?)
+			LIMIT ?, ?",
+		$search,
+		$startrec,
+		$perpage
 	);
 
-	if (DBA::isResult($r)) {
-		foreach($r as $rr)
-			$results[] = [
-				'name' => $rr['name'],
-				'url' => System::baseUrl() . '/profile/' . $rr['nickname'],
-				'photo' => System::baseUrl() . '/photo/avatar/' . $rr['uid'] . '.jpg',
-				'tags' => str_replace([',','  '],[' ',' '],$rr['pub_keywords'])
-			];
+	while($search_result = DBA::fetch($search_stmt)) {
+		$results[] = [
+			'name'  => $search_result['name'],
+			'url'   => System::baseUrl() . '/profile/' . $search_result['nickname'],
+			'photo' => System::baseUrl() . '/photo/avatar/' . $search_result['uid'] . '.jpg',
+			'tags'  => str_replace([',', '  '], [' ', ' '], $search_result['pub_keywords'])
+		];
 	}
 
-	$output = ['total' => $total, 'items_page' => $perpage, 'page' => $page + 1, 'results' => $results];
+	$output = ['total' => $total, 'items_page' => $perpage, 'page' => $page, 'results' => $results];
 
 	echo json_encode($output);
 
-	killme();
-
+	exit();
 }