From e62b83e79c8ed3b9ddf6e7e4b8bdeedc0d319ff4 Mon Sep 17 00:00:00 2001 From: Michael Foster Date: Sat, 20 Jul 2013 07:50:33 -0400 Subject: [PATCH] Bring back search (searching posts not implemented yet) --- inc/config.php | 2 +- inc/mod/pages.php | 106 ++++++++++++++++++++++++ mod.php | 3 + templates/mod/dashboard.html | 11 +-- templates/mod/search_form.html | 15 ++++ templates/mod/search_results.html | 129 ++++++++++++++++++++++++++++++ 6 files changed, 257 insertions(+), 9 deletions(-) create mode 100644 templates/mod/search_form.html create mode 100644 templates/mod/search_results.html diff --git a/inc/config.php b/inc/config.php index b7f6d220..9706178c 100644 --- a/inc/config.php +++ b/inc/config.php @@ -1015,7 +1015,7 @@ $config['mod']['master_pm'] = ADMIN; // Rebuild everything $config['mod']['rebuild'] = ADMIN; - // Search through posts + // Search through posts, IP address notes and bans $config['mod']['search'] = JANITOR; // Read the moderator noticeboard $config['mod']['noticeboard'] = JANITOR; diff --git a/inc/mod/pages.php b/inc/mod/pages.php index 3f823d3d..fc5577bc 100644 --- a/inc/mod/pages.php +++ b/inc/mod/pages.php @@ -162,6 +162,112 @@ function mod_dashboard() { mod_page(_('Dashboard'), 'mod/dashboard.html', $args); } +function mod_search_redirect() { + global $config; + + if (!hasPermission($config['mod']['search'])) + error($config['error']['noaccess']); + + if (isset($_POST['query'], $_POST['type']) && in_array($_POST['type'], array('posts', 'IP_notes', 'bans'))) { + $query = $_POST['query']; + $query = urlencode($query); + $query = str_replace('_', '%5F', $query); + $query = str_replace('+', '_', $query); + + header('Location: ?/search/' . $_POST['type'] . '/' . $query, true, $config['redirect_http']); + } else { + header('Location: ?/', true, $config['redirect_http']); + } +} + +function mod_search($type, $query) { + global $pdo, $config; + + if (!hasPermission($config['mod']['search'])) + error($config['error']['noaccess']); + + // Unescape query + $query = str_replace('_', ' ', $query); + $query = urldecode($query); + $search_query = $query; + + // Form a series of LIKE clauses for the query. + // This gets a little complicated. + + // Escape "escape" character + $query = str_replace('!', '!!', $query); + + // Escape SQL wildcard + $query = str_replace('%', '!%', $query); + + // Use asterisk as wildcard instead + $query = str_replace('*', '%', $query); + + // Array of phrases to match + $match = array(); + + // Exact phrases ("like this") + if (preg_match_all('/"(.+?)"/', $query, $matches)) { + foreach ($matches[1] as $phrase) { + $query = str_replace("\"{$phrase}\"", '', $query); + $match[] = $pdo->quote($phrase); + } + } + + // Non-exact phrases (ie. plain keywords) + $keywords = explode(' ', $query); + foreach ($keywords as $word) { + if (empty($word)) + continue; + $match[] = $pdo->quote($word); + } + + // Which `field` to search? + if ($type == 'posts') + $sql_field = 'body'; + if ($type == 'IP_notes') + $sql_field = 'body'; + if ($type == 'bans') + $sql_field = 'reason'; + + // Build the "LIKE 'this' AND LIKE 'that'" etc. part of the SQL query + $sql_like = ''; + foreach ($match as $phrase) { + if (!empty($sql_like)) + $sql_like .= ' AND '; + $phrase = preg_replace('/^\'(.+)\'$/', '\'%$1%\'', $phrase); + $sql_like .= '`' . $sql_field . '` LIKE ' . $phrase . ' ESCAPE \'!\''; + } + + if ($type == 'posts') { + error('Searching posts is under development. Sorry.'); + } + + if ($type == 'IP_notes') { + $query = query('SELECT * FROM `ip_notes` LEFT JOIN `mods` ON `mod` = `mods`.`id` WHERE ' . $sql_like . ' ORDER BY `time` DESC') or error(db_error()); + $results = $query->fetchAll(PDO::FETCH_ASSOC); + } + + if ($type == 'bans') { + $query = query('SELECT `bans`.*, `username` FROM `bans` LEFT JOIN `mods` ON `mod` = `mods`.`id` WHERE ' . $sql_like . ' ORDER BY (`expires` IS NOT NULL AND `expires` < UNIX_TIMESTAMP()), `set`') or error(db_error()); + $results = $query->fetchAll(PDO::FETCH_ASSOC); + + foreach ($results as &$ban) { + if (filter_var($ban['ip'], FILTER_VALIDATE_IP) !== false) + $ban['real_ip'] = true; + } + } + + // $results now contains the search results + + mod_page(_('Search results'), 'mod/search_results.html', array( + 'search_type' => $type, + 'search_query' => $search_query, + 'result_count' => count($results), + 'results' => $results + )); +} + function mod_edit_board($boardName) { global $board, $config; diff --git a/mod.php b/mod.php index 42196ef2..2523658c 100644 --- a/mod.php +++ b/mod.php @@ -56,6 +56,9 @@ $pages = array( '/IP/([\w.:]+)/remove_note/(\d+)' => 'ip_remove_note', // remove note from ip address '/bans' => 'bans', // ban list '/bans/(\d+)' => 'bans', // ban list + + '/search' => 'search_redirect', // search + '/search/(posts|IP_notes|bans)/(.+)' => 'search', // search // CSRF-protected moderator actions '/ban' => 'secure_POST ban', // new ban diff --git a/templates/mod/dashboard.html b/templates/mod/dashboard.html index e54b3cd3..619663f5 100644 --- a/templates/mod/dashboard.html +++ b/templates/mod/dashboard.html @@ -101,22 +101,17 @@ -{# +{% if mod|hasPermission(config.mod.search) %}
{% trans 'Search' %}
-#} +{% endif %} {% if config.debug %}
diff --git a/templates/mod/search_form.html b/templates/mod/search_form.html new file mode 100644 index 00000000..c74121fd --- /dev/null +++ b/templates/mod/search_form.html @@ -0,0 +1,15 @@ +
+ + + + +
+

{% trans '(Search is case-insensitive and based on keywords. To match exact phrases, use "quotes". Use an asterisk (*) for wildcard.)' %}

\ No newline at end of file diff --git a/templates/mod/search_results.html b/templates/mod/search_results.html new file mode 100644 index 00000000..84de8969 --- /dev/null +++ b/templates/mod/search_results.html @@ -0,0 +1,129 @@ +
+ {% trans 'Search' %} + +
    +
  • + {% include 'mod/search_form.html' %} +
  • +
+
+ +

Showing {{ result_count }} result{% if result_count != 1 %}s{% endif %}.

+ +{% if search_type == 'IP_notes' %} + + + + + + + + {% for note in results %} + + + + + + + {% endfor %} +
{% trans 'IP address' %}{% trans 'Staff' %}{% trans 'Note' %}{% trans 'Date' %}
+ {{ note.ip }} + + {% if note.username %} + {{ note.username|e }} + {% else %} + {% trans 'deleted?' %} + {% endif %} + + {{ note.body }} + + {{ note.time|date(config.post_date) }} +
+{% endif %} + + +{% if search_type == 'bans' %} + + + + + + + + + + + + {% for ban in results %} + + + + + + + + + + + {% endfor %} +
{% trans 'IP address/mask' %}{% trans 'Reason' %}{% trans 'Board' %}{% trans 'Set' %}{% trans 'Duration' %}{% trans 'Expires' %}{% trans 'Seen' %}{% trans 'Staff' %}
+ {% if ban.real_ip %} + {{ ban.ip }} + {% else %} + {{ ban.ip|e }} + {% endif %} + + {% if ban.reason %} + {{ ban.reason }} + {% else %} + - + {% endif %} + + {% if ban.board %} + {{ config.board_abbreviation|sprintf(ban.board) }} + {% else %} + {% trans 'all boards' %} + {% endif %} + + + {{ ban.set|ago }} ago + + + {% if ban.expires == 0 %} + - + {% else %} + {{ (ban.expires - ban.set + time()) | until }} + {% endif %} + + {% if ban.expires == 0 %} + {% trans 'never' %} + {% else %} + {{ ban.expires|date(config.post_date) }} + {% if ban.expires > time() %} + (in {{ ban.expires|until }}) + {% endif %} + {% endif %} + + {% if ban.seen %} + {% trans 'Yes' %} + {% else %} + {% trans 'No' %} + {% endif %} + + {% if ban.username %} + {% if mod|hasPermission(config.mod.view_banstaff) %} + {{ ban.username|e }} + {% else %} + {% if mod|hasPermission(config.mod.view_banquestionmark) %} + ? + {% else %} + + {% endif %} + {% endif %} + {% elseif ban.mod == -1 %} + system + {% else %} + {% trans 'deleted?' %} + {% endif %} +
+{% endif %} \ No newline at end of file