Просмотр файла include/search.php

<?php
	if(empty($_GET['q']))
	{
		if($version == "wml")
		{
			header("Content-type: text/vnd.wap.wml; charset=utf-8");
			header("Cache-Control: no-cache");
			$sa = intval($_GET['sa']);
			if(!$sa)
			{
			echo(doctype("Поиск").'
'.$tag.'<a href="./?p=20&amp;v='.$version.'&amp;sa=1&amp;sid='.$sid.'">Поиск автора</a>'.$tagC.' <br />
'.$tag.'Что ищем:'.$tagC.' <br />
<input type="text" name="q" /><br />
'.$tag.'Где ищем:'.$tagC.'<br />
<select name="w">
<option value="4">В сообщениях</option>
<option value="3">В названиях тем</option>
</select><br />
'.$tag.'В подфорумах:'.$tagC.'<br />
<select multiple="multiple" name="f">');
$f = mysql_query("SELECT `id`, `name` FROM `forums`");
	while($fids = mysql_fetch_array($f))
	{
	echo('<option value="'.$fids['id'].'">'.$fids['name'].'</option>');
	}
echo('</select><br /><input type="checkbox" name="f" value="all"/> Везде<br />
<anchor>[Искать]
<go href="./?p=20&amp;v=wml&amp;sid='.$sid.'" method="get">
<postfield name="q" value="$(q)" />
<postfield name="w" value="$(w)" />
<postfield name="f" value="$(f)" />
<postfield name="l" value="$(l)" />
</go></anchor><br />
'.$tag.'
- - - - <br />
<a href="./?p=0&amp;v=wml&amp;sid='.$sid.'">Форум</a>
'.$tagC.'
</p></card></wml>');
}
else
{
echo(doctype("Поиск автора").'
'.$tag.'Автор:'.$tagC.' <br />
<input type="text" name="q" /><br />
<select name="w">
<option value="2">Автор сообщений</option>
<option value="1">Автор тем</option></select><br />
'.$tag.'В подфорумах:'.$tagC.'<br />
<select multiple="multiple" name="f">');
$f = mysql_query("SELECT `id`, `name` FROM `forums`");
	while($fids = mysql_fetch_array($f))
	{
	echo('<option value="'.$fids['id'].'">'.$fids['name'].'</option>');
	}
echo('<option value="14">Реклама</option>
</select><br /><input type="checkbox" name="f" value="all"/> Везде<br />
<anchor>[Искать]
<go href="./?p=20&amp;v=wml&amp;sid='.$sid.'" method="get">
<postfield name="q" value="$(q)" />
<postfield name="w" value="$(w)" />
<postfield name="f" value="$(f)" />
<postfield name="l" value="$(l)" />
</go></anchor><br />
'.$tag.'
- - - - <br />
<a href="./?p=0&amp;v=wml&amp;sid='.$sid.'">Форум</a>
'.$tagC.'
</p></card></wml>');
}

		} elseif($version == "xhtml")
		{
			header("Content-type: text/html; charset=utf-8");
			header("Last-Modified:".gmdate("D, d M Y H:i:s")." GMT");
   header("Cache-Control: no-cache, must-relative");
			$sa = intval($_GET['sa']);
			echo('<html>
<head>
<title>');
if(!$sa)
{
echo('Поиск');
}
else
{
echo('Поиск автора');
}
echo('</title>
</head>
<body bgcolor="'.$style['background'].'" link="'.$style['link'].'" vlink="'.$style['link'].'" text="#000000">
<form action="'.$forumdir.'" method="get">
<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">
<tr><td align="center" bgcolor="'.$style['title'].'" colspan="2">
<font color="#FFFFFF">');

if(!$sa)
{
echo('<b>Поиск</b>');
}
else
{
echo('<b>Поиск автора</b>');
}
echo('
</font>
</td></tr>
<tr><td bgcolor="'.$style['bottom'].'" colspan="2">');

if($sa!=1)
{
echo('<a href="./?p=20&amp;v='.$version.'&amp;sa=1&amp;sid='.$sid.'">Поиск автора</a><br />');
}
echo('</td></tr>');
if($sa==1)
{
echo('
<tr bgcolor="'.$style['text'].'"><td>
'.$tag.'Автор:'.$tagC.'</td><td><input type="text" name="q" /><br /><select name="w">
<option value="2">Автор сообщений</option>
<option value="1">Автор тем</option></select></td></tr>
');
}
if(!$sa)
{
echo('
<tr bgcolor="'.$style['text'].'"><td>
'.$tag.'Что ищем:'.$tagC.'</td><td><input type="text" name="q" /></td></tr>
<tr bgcolor="'.$style['text'].'"><td>
'.$tag.'Где ищем:'.$tagC.'</td><td>
<select name="w">
<option value="4">В сообщениях</option>
<option value="3">В названиях тем</option>
</select></td></tr>');
}
echo('
<tr bgcolor="'.$style['text'].'"><td>
'.$tag.'В подфорумах:'.$tagC.'</td><td>
<select multiple="multiple" name="f">');
$f = mysql_query("SELECT `id`, `name` FROM `forums`");
	while($fids = mysql_fetch_array($f))
	{
	echo('<option value="'.$fids['id'].'">'.$fids['name'].'</option>');
	}
echo('</select><br /><input type="checkbox" name="f" value="all"/> Везде</td></tr>
');
if(!$sa)
{
echo('
<tr bgcolor="'.$style['text'].'"><td>
'.$tag.'Искать слова:'.$tagC.'</td><td>
<select name="l">
<option value="and">все</option>
<option value="or">любые</option>
</select>
</td></tr>');
}

echo('
<tr bgcolor="'.$style['text'].'"><td align="center" colspan="2">
<input type="hidden" name="p" value="20" />
<input type="hidden" name="sid" value="'.$sid.'" />
<input type="hidden" name="v" value="xhtml" />
<input type="submit" value="Искать" />
</td></tr>
<tr bgcolor="'.$style['bottom'].'"><td colspan="2">
'.$tag.'<a href="./?p=0&amp;v=xhtml&amp;sid='.$sid.'">Форум</a> '.$tagC.'
</td></tr></table>
</form>
</body></html>');
		}
	} else
	{
		$query = htmlspecialchars(sql(trim(chop($_GET['q']))));
		$logic = htmlspecialchars(sql(trim(chop($_GET['l']))));
		$where = intval($_GET['w']);
		$forums = htmlspecialchars(sql(trim(chop($_GET['f']))));
		$WHERE = "WHERE ";
		$SQL = "";
		if($logic =! "or" or $logic != "and")
		{
			$logic = "and";
		}
		if($forums != "all")
		{
			$WHERE .= "id_forum=".intval($forums)." AND ";
		}
        if($logic == "or")
        {
  		}
  		if($where == 1)
  		{
  			$SQL .= "SELECT * FROM themes " . $WHERE . " name='".$query."' AND del != 1 ";
  			$wh = "в авторах тем";
  		} elseif($where == 2)
  		{
  			$SQL .= "SELECT posts.*, themes.* FROM posts
  			LEFT JOIN themes ON posts.id_theme=themes.id ".$WHERE." posts.name='".$query."' AND del != 1 ";
  			$wh = "в авторах сообщений";
  		} elseif($where == 3)
  		{
  			$SQL .= "SELECT * FROM themes " . $WHERE . " tname LIKE '%".$query."%' AND del != 1 ";
  			$wh = "в названиях тем";
  		} elseif($where == 4)
  		{
  			$SQL .= "SELECT posts.*, themes.* FROM posts
  			LEFT JOIN themes ON posts.id_theme=themes.id " . $WHERE . " post LIKE '%" . $query . "%' AND del != 1";
  			$wh = "в сообщениях";
  		}
		if($query != NULL)
		{
			$count = mysql_num_rows(mysql_query($SQL));

			$start = intval($_GET['s']);
			if(!empty($start))
			{
				$limit = "LIMIT ".$start.", ".abs($count - $start);
				$int = $start;
			}
			else
			{
				$int = 0;
			}

			if($version == "xhtml")
			{
				$thisPageSize = 1400;
			}
			else
			{
				$thisPageSize = 750;
			}

			if(!$count OR strlen($query) < 3)
			{
				if($version == "wml")
				{
					header("Content-type: text/vnd.wap.wml; charset=utf-8");
					header("Cache-Control: no-cache");
					echo(doctype("Поиск").$tag.'
Вы искали '.$wh.' <b>'.stripslashes($query).'</b> <br />
По Вашему запросу ничего не найдено!<br />
- - -<br />
<a href="./?p=20&amp;v=wml&amp;sid='.$sid.'">Искать еще</a><br />
<a href="./?p=0&amp;v=wml&amp;sid='.$sid.'">Форумы</a>
'.$tagC.'
</p></card></wml>');
				} elseif($version == "xhtml")
				{
					header("Content-type: text/html; charset=utf-8");
					header("Last-Modified:".gmdate("D, d M Y H:i:s")." GMT");
   header("Cache-Control: no-cache, must-relative");
					echo('<html>
<head>
<title>Поиск</title>
</head>
<body bgcolor="'.$style['background'].'" link="'.$style['link'].'" vlink="'.$style['link'].'" text="#000000">
<form action="'.$forumdir.'" method="get">
<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">
<tr><td align="center" bgcolor="'.$style['title'].'">
<font color="#FFFFFF"><b>Поиск</b></font>
</td></tr>
<tr><td bgcolor="'.$style['bottom'].'"></td></tr>
<tr bgcolor="'.$style['text'].'"><td>'.$tag.'
Вы искали '.$wh.' <b>'.stripslashes($query).'</b><br />
По Вашему запросу ничего не найдено.
'.$tagC.'</td></tr>
<tr><td bgcolor="'.$style['bottom'].'"> '.$tag.'
<a href="./?p=20&amp;v=xhtml&amp;sid='.$sid.'&amp;">Искать еще</a><br />
<a href="./?p=0&amp;v=xhtml&amp;sid='.$sid.'">Форумы</a>
'.$tagC.'</td></tr>
</table>
</body></html>');
				}
			} else
			{
				$que = mysql_query($SQL.$limit);
				if($version == "wml")
				{
					header("Content-type: text/vnd.wap.wml; charset=utf-8");
					header("Cache-Control: no-cache");
					echo(doctype("Поиск").$tag.'
Вы искали '.$wh.' <b>'.stripslashes($query)."</b> <br />\r\n
Найдено соответствий <b>".$count."</b>!<br />\r\n");
						while($link = mysql_fetch_array($que))
						{
							static $s;
							echo(date('d m H:i', $link['time']).' ');
							$authoriz = mysql_query("SELECT * FROM `users` WHERE `username`='".$username."' AND `password`='".$password."'");
					$Sauthoriz = mysql_fetch_array($authoriz);
					if(!$authorize || $Sauthoriz['private'] == "off")
					{
								echo("<b>".$link['name']."</b><br />\r\n");
							} elseif($Sauthoriz['private'] == "private")
							{
							echo('<b><a href="./?p=24&amp;uid='.UserName2id($link['name']).'&amp;v='.$version.'&amp;sid='.$sid.'&amp;d=1">'.$link['name']."</a></b><br />\r\n");
							}
							elseif($Sauthoriz['private'] == "user")
							{
								echo('<b><a href="./?p=6&amp;id='.UserName2id($link['name']).'&amp;v='.$version.'&amp;th='.$color.'">'.$link['name']."</a></b><br />\r\n");
							}
							echo("<a href=\"./?p=4&amp;v=wml&amp;sid=".$sid."&amp;t=".$link['id']."\">".$link['tname']."</a><br />\r\n");
							echo(nl2br(str_replace($query, "<u>".$query."</u>", $link['post']))."<br />\r\n");
							$int++;
							$s += strlen($link['time'].$link['name'].$link['tname'].$link['post']);
							if($s + $thisPageSize + (110 * abs($int - $start)) > $pageSize)
							{
								if($int != $count)
								{
									$next = $int;
								}
								break;
							}
						}
echo('- - -<br />');
	if(!empty($next))
	{
		echo("<a href=\"".$_SERVER['REQUEST_URI']."&amp;s=".$next."\">Дальше</a><br />\r\n");
	}
echo('<a href="./?p=20&amp;v=wml&amp;sid='.$sid.'">Искать еще</a><br />
<a href="./?v=wml&amp;sid='.$sid.'">Форумы</a>
'.$tagC.'</p></card></wml>');
				} elseif($version == "xhtml")
				{
					header("Content-type: text/html; charset=utf-8");
					header("Last-Modified:".gmdate("D, d M Y H:i:s")." GMT");
   header("Cache-Control: no-cache, must-relative");
					echo('<html>
<head>
<title>Поиск</title>
</head>
<body bgcolor="'.$style['background'].'" link="'.$style['link'].'" vlink="'.$style['link'].'" text="#000000">
<form action="'.$forumdir.'" method="get">
<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">
<tr><td align="center" bgcolor="'.$style['title'].'">
<font color="#FFFFFF"><b>Поиск</b></font>
</td></tr>
<tr><td bgcolor="'.$style['bottom'].'">'.$tag.'
Вы искали '.$wh.' <b>'.stripslashes($query).'</b><br />
Найдено соответствий: '.$count.'
'.$tagC.'</td></tr>
<tr bgcolor="'.$style['text'].'"><td>'.$tag);
						while($link = mysql_fetch_assoc($que))
						{
							static $s;
							echo(date('d m H:i', $link['time']).' ');
							$authoriz = mysql_query("SELECT * FROM `users` WHERE `username`='".$username."' AND `password`='".$password."'");
					$Sauthoriz = mysql_fetch_array($authoriz);
					if(!$authorize || $Sauthoriz['private'] == "off")
					{
								echo("<b>".$link['name']."</b><br />\r\n");
							} elseif($Sauthoriz['private'] == "private")
							{
							echo('<b><a href="./?p=24&amp;uid='.UserName2id($link['name']).'&amp;v='.$version.'&amp;sid='.$sid.'&amp;d=1">'.$link['name']."</a></b><br />\r\n");
							}
							elseif($Sauthoriz['private'] == "user")
							{
								echo('<b><a href="./?p=6&amp;id='.UserName2id($link['name']).'&amp;v='.$version.'&amp;th='.$color.'">'.$link['name']."</a></b><br />\r\n");
							}
							echo("<a href=\"./?p=4&amp;v=xhtml&amp;sid=".$sid."&amp;t=".$link['id']."\">".$link['tname']."</a><br />\r\n");
							echo(nl2br(str_replace($query, "<u>".$query."</u>", $link['post']))."<br />\r\n");
							$int++;
							$s += strlen($link['time'].$link['name'].$link['tname'].$link['post']);
							if($s + $thisPageSize + (110 * abs($int - $start)) > $pageSize)
							{
								if($int != $count)
								{
									$next = $int;
								}
								break;
							}
						}
echo($tagC.'</td></tr>
<tr bgcolor="'.$style['bottom'].'"><td>'.$tag);
	if(!empty($next))
	{
		echo("<a href=\"".$_SERVER['REQUEST_URI']."&amp;s=".$next."\">Дальше</a><br />\r\n");
	}
echo('<a href="./?p=20&amp;v=xhtml&amp;sid='.$sid.'">Искать еще</a><br />
<a href="./?p=0&amp;v=xhtml&amp;sid='.$sid.'">Форумы</a>
'.$tagC.'</td></tr>
</table>
</body></html>');
				}
			}
		}
	}
?>