// All rights reserved. This script is part of PHPWCMS. The PHPWCMS web content management system is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. The GNU General Public License can be found at http://www.gnu.org/copyleft/gpl.html A copy is found in the textfile GPL.txt and important notices to the license from the author is found in LICENSE.txt distributed with these scripts. This script is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. This copyright notice MUST APPEAR in all copies of the script! *************************************************************************************/ // ---------------------------------------------------------------- // obligate check for phpwcms constants if (!defined('PHPWCMS_ROOT')) { die("You Cannot Access This Script Directly, Have a Nice Day."); } // ---------------------------------------------------------------- //search form $CNT_TMP .= headline($crow["acontent_title"], $crow["acontent_subtitle"], $template_default["article"]); $content["search"] = unserialize($crow["acontent_form"]); $s_result_list = ''; $content["search_word"] = ''; $content['highlight'] = array(); $s_list = array(); define('SEARCH_TYPE_AND', empty($content['search']['type']) || $content['search']['type'] == 'OR' ? FALSE : TRUE); if(empty($content['search']["text_html"])) { $content['search']['text_html'] = 0; } $content['search']['search_filenames'] = empty($content['search']["no_filenames"]) ? true : false; // search/list for file/imagenames $content['search']['show_summary'] = empty($content['search']["hide_summary"]) ? true : false; // show search tester text if(!empty($_POST["search_input_field"]) || !empty($_GET['searchwords'])) { $s_run = 0; // check search // remove unsecure replacement tags $content["search_word"] = empty($_POST["search_input_field"]) ? rawurldecode($_GET['searchwords']) : $_POST["search_input_field"]; $content["search_word"] = clean_slweg($content["search_word"]); $content["search_word"] = clean_replacement_tags($content["search_word"]); $content["search_word"] = cleanUpSpecialHtmlEntities($content["search_word"]); // split all search words $content["search_word"] = explode(' ', $content["search_word"]); $content["search_word"] = array_unique($content["search_word"]); $content['search']['highlight_result'] = empty($content["search"]['highlight_result']) ? false : true; $content['search']['wordlimit'] = isset($content["search"]['wordlimit']) && is_intval($content["search"]['wordlimit']) ? intval($content["search"]['wordlimit']) : 35; $content["search"]["result_per_page"] = empty($content["search"]['result_per_page']) ? 15 : $content["search"]['result_per_page']; if($content["search"]["result_per_page"] == -1) { $content["search"]["result_per_page"] = 100000; } if(!isset($content["search"]["show_always"])) $content["search"]["show_always"] = 1; if(!isset($content["search"]["show_top"])) $content["search"]["show_top"] = 1; if(!isset($content["search"]["show_bottom"])) $content["search"]["show_bottom"] = 1; if(!isset($content["search"]["show_next"])) $content["search"]["show_next"] = 1; if(!isset($content["search"]["show_prev"])) $content["search"]["show_prev"] = 1; if(!isset($content["search"]["minchar"])) $content["search"]["minchar"] = 3; if(!isset($content["search"]["start_at"]) || !is_array($content["search"]["start_at"])) { $content["search"]["start_at"] = array(0); } // include neccessary frontend functions, but only once include_once(PHPWCMS_ROOT.'/include/inc_front/content/cnt_functions/cnt13.func.inc.php'); $content["search"]["start_at"] = get_SearchForStructureID($content["search"]["start_at"]); $content['highlight'] = array(); foreach($content["search_word"] as $key => $value) { //$_strlen_value = MB_SAFE ? mb_strlen($value) : strlen($value); $_strlen_value = strlen($value); if($_strlen_value >= $content["search"]["minchar"]) { $value = trim($value); $content["search_word"][$key] = preg_quote($value); $content["search_word"][$key] = str_replace("\\?", '.?', $content["search_word"][$key]); $content["search_word"][$key] = str_replace("\\*", '.*', $content["search_word"][$key]); $content['highlight'][] = $value; } } if(count($content['highlight'])) { $s_result_highlight = implode(' ', $content['highlight']); if(!empty($_POST["search_input_field"])) { // make a redirection to avoid message when using browser back $GLOBALS['_getVar']['searchstart'] = 1; $GLOBALS['_getVar']['searchwords'] = $s_result_highlight; headerRedirect(PHPWCMS_URL.'index.php' . returnGlobalGET_QueryString('rawurlencode')); } $s_result_highlight = rawurlencode($s_result_highlight); $sql = "SELECT article_id, article_cid, article_title, article_username, article_subtitle, "; $sql .= "article_summary, article_keyword, UNIX_TIMESTAMP(article_tstamp) AS article_date "; $sql .= "FROM ".DB_PREPEND."phpwcms_article ar "; $sql .= "LEFT JOIN ".DB_PREPEND."phpwcms_articlecat ac ON "; $sql .= "(ar.article_cid = ac.acat_id OR ar.article_cid = 0)"; $sql .= " WHERE "; // limit to special structure IDs if not all if(count($content["search"]["start_at"])) { $sql .= 'ar.article_cid IN ('.implode(',', $content["search"]["start_at"]).')'; } else { $sql .= "IF(ar.article_cid = 0, " . (empty($GLOBALS['indexpage']['acat_nosearch']) ? 1 : 0) .", 1)"; } $sql .= " AND ac.acat_nosearch != 1 AND ac.acat_aktiv=1 AND ac.acat_public=1 AND "; if(!FEUSER_LOGIN_STATUS) { $sql .= "ac.acat_regonly=0 AND "; } $sql .= "ar.article_public=1 AND ar.article_aktiv=1 AND ar.article_deleted=0 AND ar.article_nosearch!=1 AND "; // enhanced IF statement by kh 2008/12/03 $sql .= "IF((ar.article_begin < NOW() AND ar.article_end > NOW()) OR (ar.article_archive_status=1 AND ac.acat_archive=1), 1, 0) "; $sql .= "GROUP BY ar.article_id"; if($sresult = mysql_query($sql, $db)) { $s_search_words = implode('|', $content["search_word"]); $s_search_words_count = count($content["search_word"]); while($srow = mysql_fetch_assoc($sresult)) { // read article base info for search $s_id = $srow["article_id"]; $s_cid = $srow["article_cid"]; $s_title = $srow["article_title"]; $s_date = $srow["article_date"]; $s_user = $srow["article_username"]; $s_text = $srow["article_subtitle"].' '.$srow["article_summary"]; // read article content for search $csql = "SELECT acontent_title, acontent_subtitle, acontent_text, acontent_html, acontent_files, acontent_type, acontent_form, acontent_image FROM "; $csql .= DB_PREPEND."phpwcms_articlecontent WHERE acontent_aid=".$s_id." "; $csql .= "AND acontent_visible=1 AND acontent_trash=0 AND "; if( !FEUSER_LOGIN_STATUS ) { $csql .= 'acontent_granted=0 AND '; } $csql .= "acontent_type IN (0, 1, 2, 4, 5, 6, 7, 11, 14, 26, 27, 29, 100, 31, 32)"; if($scresult = mysql_query($csql, $db)) { while($scrow = mysql_fetch_row($scresult)) { // always title, subtitle $s_text .= ' '.$scrow[0].' '.$scrow[1]; switch($scrow[5]) { // just no additional search terms case 3: case 8: case 9: case 10: case 12: case 13: case 15: case 16: case 18: case 19: case 20: case 21: case 22: case 23: case 24: case 25: case 28: case 33: case 50: case 51: case 52: case 53: break; // only HTML case 6: case 14: $s_text .= ' '.$scrow[3]; break; // only TEXT case 0: case 4: case 5: case 11: case 32: case 100: $s_text .= ' '.$scrow[2]; break; case 7: // file list, get files listed here $s_text .= ' '.$scrow[2]; if($content['search']['search_filenames']) { $s_files = getFileInformation( explode(':', $scrow[4]) ); if(is_array($s_files) && count($s_files)) { // retrieve file information foreach($s_files as $s_files_value) { $s_text .= ' '.$s_files_value['f_name']; } } } break; // optimize images for search case 1 : $s_text .= ' '.$scrow[2]; if($content['search']['search_filenames'] && $scrow[7]) { $scrow[7] = explode(":", $scrow[7]); $s_text .= ' '.$scrow[1]; } break; case 29: $s_text .= ' '.$scrow[2]; case 2: $scrow[6] = @unserialize($scrow[6]); if(isset($scrow[6]['images']) && is_array($scrow[6]['images']) && count($scrow[6]['images'])) { $s_imgname = ''; foreach($scrow[6]['images'] as $s_imgtext) { $s_imgtext[6] = getImageCaption($s_imgtext[6], '', true); if($s_imgtext[6]['caption']) { $s_text .= ' '.$s_imgtext[6]['caption']; } elseif($s_imgtext[6]['title']) { $s_text .= ' '.$s_imgtext[6]['title']; } elseif($s_imgtext[6]['alt']) { $s_text .= ' '.$s_imgtext[6]['alt']; } if($content['search']['search_filenames']) { $s_imgname .= ' '.$s_imgtext[1]; } } $s_text .= $s_imgname; } break; case 31: $s_text .= ' '.$scrow[3]; $scrow[6] = @unserialize($scrow[6]); if(isset($scrow[6]['images']) && is_array($scrow[6]['images']) && count($scrow[6]['images'])) { foreach($scrow[6]['images'] as $s_imgtext) { $s_text .= ' '.$s_imgtext['caption']; //$s_text .= ' '.$s_imgtext['url']; if($content['search']['search_filenames']) { $s_text .= ' '.$s_imgtext['thumb_name']; $s_text .= ' '.$s_imgtext['zoom_name']; } } } break; // search recipe case 26: $s_text .= ' '.$scrow[2].' '.$scrow[3]; $scrow[6] = @unserialize($scrow[6]); if(isset($scrow[6]['preparation'])) { $s_text .= ' '.$scrow[6]['preparation'].' '.$scrow[6]['ingredients']; $s_text .= ' '.$scrow[6]['calorificvalue'].' '.$scrow[6]['calorificvalue_add']; } break; // all other non defined CPs default: $s_text .= ' '.$scrow[2].' '.$scrow[3]; } $s_text = preg_replace('/]*>.*?<\/script>/is', '', $s_text); // strip all