mirror of
https://github.com/phpbb/phpbb.git
synced 2025-06-29 06:38:52 +00:00
Fix bug #36565 - Search by authorname does not display posts of guests and deleted users
Authorised by: naderman git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9713 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Joas Schilling
parent
89d87a2182
commit
2854705096
4 changed files with 107 additions and 42 deletions
|
|
@ -141,6 +141,7 @@
|
|||
<li>[Fix] Check if template file is empty before trying to read from it. (Bug #47345 - Patch by bantu)</li>
|
||||
<li>[Fix] Correct descriptions of the permissions to use BBCode, smilies, images and flash to be more relevant. (Bug #36065 - Patch by rxu)</li>
|
||||
<li>[Fix] Fix style issues in print mode. (Bug #26375 - Patch by leviatan21)</li>
|
||||
<li>[Fix] Search by authorname does not display posts of guests and deleted users (Bug #36565 - Patch by nickvergessen)</li>
|
||||
<li>[Change] Change the data format of the default file ACM to be more secure from tampering and have better performance.</li>
|
||||
<li>[Change] Add index on log_time to the log table to prevent slowdown on boards with many log entries. (Bug #44665 - Patch by bantu)</li>
|
||||
<li>[Change] Template engine now permits to a limited extent variable includes.</li>
|
||||
|
|
|
|||
|
|
@ -324,16 +324,17 @@ class fulltext_mysql extends search_backend
|
|||
* Performs a search on keywords depending on display specific params. You have to run split_keywords() first.
|
||||
*
|
||||
* @param string $type contains either posts or topics depending on what should be searched for
|
||||
* @param string &$fields contains either titleonly (topic titles should be searched), msgonly (only message bodies should be searched), firstpost (only subject and body of the first post should be searched) or all (all post bodies and subjects should be searched)
|
||||
* @param string &$terms is either 'all' (use query as entered, words without prefix should default to "have to be in field") or 'any' (ignore search query parts and just return all posts that contain any of the specified words)
|
||||
* @param array &$sort_by_sql contains SQL code for the ORDER BY part of a query
|
||||
* @param string &$sort_key is the key of $sort_by_sql for the selected sorting
|
||||
* @param string &$sort_dir is either a or d representing ASC and DESC
|
||||
* @param string &$sort_days specifies the maximum amount of days a post may be old
|
||||
* @param array &$ex_fid_ary specifies an array of forum ids which should not be searched
|
||||
* @param array &$m_approve_fid_ary specifies an array of forum ids in which the searcher is allowed to view unapproved posts
|
||||
* @param int &$topic_id is set to 0 or a topic id, if it is not 0 then only posts in this topic should be searched
|
||||
* @param array &$author_ary an array of author ids if the author should be ignored during the search the array is empty
|
||||
* @param string $fields contains either titleonly (topic titles should be searched), msgonly (only message bodies should be searched), firstpost (only subject and body of the first post should be searched) or all (all post bodies and subjects should be searched)
|
||||
* @param string $terms is either 'all' (use query as entered, words without prefix should default to "have to be in field") or 'any' (ignore search query parts and just return all posts that contain any of the specified words)
|
||||
* @param array $sort_by_sql contains SQL code for the ORDER BY part of a query
|
||||
* @param string $sort_key is the key of $sort_by_sql for the selected sorting
|
||||
* @param string $sort_dir is either a or d representing ASC and DESC
|
||||
* @param string $sort_days specifies the maximum amount of days a post may be old
|
||||
* @param array $ex_fid_ary specifies an array of forum ids which should not be searched
|
||||
* @param array $m_approve_fid_ary specifies an array of forum ids in which the searcher is allowed to view unapproved posts
|
||||
* @param int $topic_id is set to 0 or a topic id, if it is not 0 then only posts in this topic should be searched
|
||||
* @param array $author_ary an array of author ids if the author should be ignored during the search the array is empty
|
||||
* @param string $author_name specifies the author match, when ANONYMOUS is also a search-match
|
||||
* @param array &$id_ary passed by reference, to be filled with ids for the page specified by $start and $per_page, should be ordered
|
||||
* @param int $start indicates the first index of the page
|
||||
* @param int $per_page number of ids each page is supposed to contain
|
||||
|
|
@ -341,7 +342,7 @@ class fulltext_mysql extends search_backend
|
|||
*
|
||||
* @access public
|
||||
*/
|
||||
function keyword_search($type, &$fields, &$terms, &$sort_by_sql, &$sort_key, &$sort_dir, &$sort_days, &$ex_fid_ary, &$m_approve_fid_ary, &$topic_id, &$author_ary, &$id_ary, $start, $per_page)
|
||||
function keyword_search($type, $fields, $terms, $sort_by_sql, $sort_key, $sort_dir, $sort_days, $ex_fid_ary, $m_approve_fid_ary, $topic_id, $author_ary, $author_name, &$id_ary, $start, $per_page)
|
||||
{
|
||||
global $config, $db;
|
||||
|
||||
|
|
@ -440,14 +441,27 @@ class fulltext_mysql extends search_backend
|
|||
$sql_select = ($type == 'posts') ? $sql_select . 'p.post_id' : 'DISTINCT ' . $sql_select . 't.topic_id';
|
||||
$sql_from = ($join_topic) ? TOPICS_TABLE . ' t, ' : '';
|
||||
$field = ($type == 'posts') ? 'post_id' : 'topic_id';
|
||||
$sql_author = (sizeof($author_ary) == 1) ? ' = ' . $author_ary[0] : 'IN (' . implode(', ', $author_ary) . ')';
|
||||
if (sizeof($author_ary) && $author_name)
|
||||
{
|
||||
// first one matches post of registered users, second one guests and deleted users
|
||||
$sql_author = ' AND (' . $db->sql_in_set('p.poster_id', $author_ary) . " AND p.post_username = ''";
|
||||
$sql_author .= ' OR p.poster_id = ' . ANONYMOUS . ' AND p.post_username ' . $author_name . ')';
|
||||
}
|
||||
else if (sizeof($author_ary))
|
||||
{
|
||||
$sql_author = ' AND ' . $db->sql_in_set('p.poster_id', $author_ary);
|
||||
}
|
||||
else
|
||||
{
|
||||
$sql_author = '';
|
||||
}
|
||||
|
||||
$sql_where_options = $sql_sort_join;
|
||||
$sql_where_options .= ($topic_id) ? ' AND p.topic_id = ' . $topic_id : '';
|
||||
$sql_where_options .= ($join_topic) ? ' AND t.topic_id = p.topic_id' : '';
|
||||
$sql_where_options .= (sizeof($ex_fid_ary)) ? ' AND ' . $db->sql_in_set('p.forum_id', $ex_fid_ary, true) : '';
|
||||
$sql_where_options .= $m_approve_fid_sql;
|
||||
$sql_where_options .= (sizeof($author_ary)) ? ' AND p.poster_id ' . $sql_author : '';
|
||||
$sql_where_options .= $sql_author;
|
||||
$sql_where_options .= ($sort_days) ? ' AND p.post_time >= ' . (time() - ($sort_days * 86400)) : '';
|
||||
$sql_where_options .= $sql_match_where;
|
||||
|
||||
|
|
@ -500,7 +514,7 @@ class fulltext_mysql extends search_backend
|
|||
* @param int $per_page number of ids each page is supposed to contain
|
||||
* @return total number of results
|
||||
*/
|
||||
function author_search($type, $firstpost_only, &$sort_by_sql, &$sort_key, &$sort_dir, &$sort_days, &$ex_fid_ary, &$m_approve_fid_ary, &$topic_id, &$author_ary, &$id_ary, $start, $per_page)
|
||||
function author_search($type, $firstpost_only, $sort_by_sql, $sort_key, $sort_dir, $sort_days, $ex_fid_ary, $m_approve_fid_ary, $topic_id, $author_ary, $author_name, &$id_ary, $start, $per_page)
|
||||
{
|
||||
global $config, $db;
|
||||
|
||||
|
|
@ -522,7 +536,8 @@ class fulltext_mysql extends search_backend
|
|||
$topic_id,
|
||||
implode(',', $ex_fid_ary),
|
||||
implode(',', $m_approve_fid_ary),
|
||||
implode(',', $author_ary)
|
||||
implode(',', $author_ary),
|
||||
$author_name,
|
||||
)));
|
||||
|
||||
// try reading the results from cache
|
||||
|
|
@ -535,7 +550,16 @@ class fulltext_mysql extends search_backend
|
|||
$id_ary = array();
|
||||
|
||||
// Create some display specific sql strings
|
||||
if ($author_name)
|
||||
{
|
||||
// first one matches post of registered users, second one guests and deleted users
|
||||
$sql_author = '(' . $db->sql_in_set('p.poster_id', $author_ary) . " AND p.post_username = ''";
|
||||
$sql_author .= ' OR p.poster_id = ' . ANONYMOUS . ' AND p.post_username ' . $author_name . ')';
|
||||
}
|
||||
else
|
||||
{
|
||||
$sql_author = $db->sql_in_set('p.poster_id', $author_ary);
|
||||
}
|
||||
$sql_fora = (sizeof($ex_fid_ary)) ? ' AND ' . $db->sql_in_set('p.forum_id', $ex_fid_ary, true) : '';
|
||||
$sql_topic_id = ($topic_id) ? ' AND p.topic_id = ' . (int) $topic_id : '';
|
||||
$sql_time = ($sort_days) ? ' AND p.post_time >= ' . (time() - ($sort_days * 86400)) : '';
|
||||
|
|
|
|||
|
|
@ -392,16 +392,17 @@ class fulltext_native extends search_backend
|
|||
* Performs a search on keywords depending on display specific params. You have to run split_keywords() first.
|
||||
*
|
||||
* @param string $type contains either posts or topics depending on what should be searched for
|
||||
* @param string &$fields contains either titleonly (topic titles should be searched), msgonly (only message bodies should be searched), firstpost (only subject and body of the first post should be searched) or all (all post bodies and subjects should be searched)
|
||||
* @param string &$terms is either 'all' (use query as entered, words without prefix should default to "have to be in field") or 'any' (ignore search query parts and just return all posts that contain any of the specified words)
|
||||
* @param array &$sort_by_sql contains SQL code for the ORDER BY part of a query
|
||||
* @param string &$sort_key is the key of $sort_by_sql for the selected sorting
|
||||
* @param string &$sort_dir is either a or d representing ASC and DESC
|
||||
* @param string &$sort_days specifies the maximum amount of days a post may be old
|
||||
* @param array &$ex_fid_ary specifies an array of forum ids which should not be searched
|
||||
* @param array &$m_approve_fid_ary specifies an array of forum ids in which the searcher is allowed to view unapproved posts
|
||||
* @param int &$topic_id is set to 0 or a topic id, if it is not 0 then only posts in this topic should be searched
|
||||
* @param array &$author_ary an array of author ids if the author should be ignored during the search the array is empty
|
||||
* @param string $fields contains either titleonly (topic titles should be searched), msgonly (only message bodies should be searched), firstpost (only subject and body of the first post should be searched) or all (all post bodies and subjects should be searched)
|
||||
* @param string $terms is either 'all' (use query as entered, words without prefix should default to "have to be in field") or 'any' (ignore search query parts and just return all posts that contain any of the specified words)
|
||||
* @param array $sort_by_sql contains SQL code for the ORDER BY part of a query
|
||||
* @param string $sort_key is the key of $sort_by_sql for the selected sorting
|
||||
* @param string $sort_dir is either a or d representing ASC and DESC
|
||||
* @param string $sort_days specifies the maximum amount of days a post may be old
|
||||
* @param array $ex_fid_ary specifies an array of forum ids which should not be searched
|
||||
* @param array $m_approve_fid_ary specifies an array of forum ids in which the searcher is allowed to view unapproved posts
|
||||
* @param int $topic_id is set to 0 or a topic id, if it is not 0 then only posts in this topic should be searched
|
||||
* @param array $author_ary an array of author ids if the author should be ignored during the search the array is empty
|
||||
* @param string $author_name specifies the author match, when ANONYMOUS is also a search-match
|
||||
* @param array &$id_ary passed by reference, to be filled with ids for the page specified by $start and $per_page, should be ordered
|
||||
* @param int $start indicates the first index of the page
|
||||
* @param int $per_page number of ids each page is supposed to contain
|
||||
|
|
@ -409,7 +410,7 @@ class fulltext_native extends search_backend
|
|||
*
|
||||
* @access public
|
||||
*/
|
||||
function keyword_search($type, &$fields, &$terms, &$sort_by_sql, &$sort_key, &$sort_dir, &$sort_days, &$ex_fid_ary, &$m_approve_fid_ary, &$topic_id, &$author_ary, &$id_ary, $start, $per_page)
|
||||
function keyword_search($type, $fields, $terms, $sort_by_sql, $sort_key, $sort_dir, $sort_days, $ex_fid_ary, $m_approve_fid_ary, $topic_id, $author_ary, $author_name, &$id_ary, $start, $per_page)
|
||||
{
|
||||
global $config, $db;
|
||||
|
||||
|
|
@ -432,7 +433,8 @@ class fulltext_native extends search_backend
|
|||
$topic_id,
|
||||
implode(',', $ex_fid_ary),
|
||||
implode(',', $m_approve_fid_ary),
|
||||
implode(',', $author_ary)
|
||||
implode(',', $author_ary),
|
||||
$author_name,
|
||||
)));
|
||||
|
||||
// try reading the results from cache
|
||||
|
|
@ -623,7 +625,17 @@ class fulltext_native extends search_backend
|
|||
|
||||
if (sizeof($author_ary))
|
||||
{
|
||||
$sql_where[] = $db->sql_in_set('p.poster_id', $author_ary);
|
||||
if ($author_name)
|
||||
{
|
||||
// first one matches post of registered users, second one guests and deleted users
|
||||
$sql_author = '(' . $db->sql_in_set('p.poster_id', $author_ary) . " AND p.post_username = ''";
|
||||
$sql_author .= ' OR p.poster_id = ' . ANONYMOUS . ' AND p.post_username ' . $author_name . ')';
|
||||
}
|
||||
else
|
||||
{
|
||||
$sql_author = $db->sql_in_set('p.poster_id', $author_ary);
|
||||
}
|
||||
$sql_where[] = $sql_author;
|
||||
}
|
||||
|
||||
if (sizeof($ex_fid_ary))
|
||||
|
|
@ -773,14 +785,15 @@ class fulltext_native extends search_backend
|
|||
*
|
||||
* @param string $type contains either posts or topics depending on what should be searched for
|
||||
* @param boolean $firstpost_only if true, only topic starting posts will be considered
|
||||
* @param array &$sort_by_sql contains SQL code for the ORDER BY part of a query
|
||||
* @param string &$sort_key is the key of $sort_by_sql for the selected sorting
|
||||
* @param string &$sort_dir is either a or d representing ASC and DESC
|
||||
* @param string &$sort_days specifies the maximum amount of days a post may be old
|
||||
* @param array &$ex_fid_ary specifies an array of forum ids which should not be searched
|
||||
* @param array &$m_approve_fid_ary specifies an array of forum ids in which the searcher is allowed to view unapproved posts
|
||||
* @param int &$topic_id is set to 0 or a topic id, if it is not 0 then only posts in this topic should be searched
|
||||
* @param array &$author_ary an array of author ids
|
||||
* @param array $sort_by_sql contains SQL code for the ORDER BY part of a query
|
||||
* @param string $sort_key is the key of $sort_by_sql for the selected sorting
|
||||
* @param string $sort_dir is either a or d representing ASC and DESC
|
||||
* @param string $sort_days specifies the maximum amount of days a post may be old
|
||||
* @param array $ex_fid_ary specifies an array of forum ids which should not be searched
|
||||
* @param array $m_approve_fid_ary specifies an array of forum ids in which the searcher is allowed to view unapproved posts
|
||||
* @param int $topic_id is set to 0 or a topic id, if it is not 0 then only posts in this topic should be searched
|
||||
* @param array $author_ary an array of author ids
|
||||
* @param string $author_name specifies the author match, when ANONYMOUS is also a search-match
|
||||
* @param array &$id_ary passed by reference, to be filled with ids for the page specified by $start and $per_page, should be ordered
|
||||
* @param int $start indicates the first index of the page
|
||||
* @param int $per_page number of ids each page is supposed to contain
|
||||
|
|
@ -788,7 +801,7 @@ class fulltext_native extends search_backend
|
|||
*
|
||||
* @access public
|
||||
*/
|
||||
function author_search($type, $firstpost_only, &$sort_by_sql, &$sort_key, &$sort_dir, &$sort_days, &$ex_fid_ary, &$m_approve_fid_ary, &$topic_id, &$author_ary, &$id_ary, $start, $per_page)
|
||||
function author_search($type, $firstpost_only, $sort_by_sql, $sort_key, $sort_dir, $sort_days, $ex_fid_ary, $m_approve_fid_ary, $topic_id, $author_ary, $author_name, &$id_ary, $start, $per_page)
|
||||
{
|
||||
global $config, $db;
|
||||
|
||||
|
|
@ -810,7 +823,8 @@ class fulltext_native extends search_backend
|
|||
$topic_id,
|
||||
implode(',', $ex_fid_ary),
|
||||
implode(',', $m_approve_fid_ary),
|
||||
implode(',', $author_ary)
|
||||
implode(',', $author_ary),
|
||||
$author_name,
|
||||
)));
|
||||
|
||||
// try reading the results from cache
|
||||
|
|
@ -823,7 +837,16 @@ class fulltext_native extends search_backend
|
|||
$id_ary = array();
|
||||
|
||||
// Create some display specific sql strings
|
||||
if ($author_name)
|
||||
{
|
||||
// first one matches post of registered users, second one guests and deleted users
|
||||
$sql_author = '(' . $db->sql_in_set('p.poster_id', $author_ary) . " AND p.post_username = ''";
|
||||
$sql_author .= ' OR p.poster_id = ' . ANONYMOUS . ' AND p.post_username ' . $author_name . ')';
|
||||
}
|
||||
else
|
||||
{
|
||||
$sql_author = $db->sql_in_set('p.poster_id', $author_ary);
|
||||
}
|
||||
$sql_fora = (sizeof($ex_fid_ary)) ? ' AND ' . $db->sql_in_set('p.forum_id', $ex_fid_ary, true) : '';
|
||||
$sql_time = ($sort_days) ? ' AND p.post_time >= ' . (time() - ($sort_days * 86400)) : '';
|
||||
$sql_topic_id = ($topic_id) ? ' AND p.topic_id = ' . (int) $topic_id : '';
|
||||
|
|
|
|||
|
|
@ -97,6 +97,7 @@ if ($keywords || $author || $author_id || $search_id || $submit)
|
|||
|
||||
// If we are looking for authors get their ids
|
||||
$author_id_ary = array();
|
||||
$sql_author_match = '';
|
||||
if ($author_id)
|
||||
{
|
||||
$author_id_ary[] = $author_id;
|
||||
|
|
@ -122,6 +123,22 @@ if ($keywords || $author || $author_id || $search_id || $submit)
|
|||
}
|
||||
$db->sql_freeresult($result);
|
||||
|
||||
$sql_where = (strpos($author, '*') !== false) ? ' post_username ' . $db->sql_like_expression(str_replace('*', $db->any_char, utf8_clean_string($author))) : " post_username = '" . $db->sql_escape(utf8_clean_string($author)) . "'";
|
||||
|
||||
$sql = 'SELECT 1 as guest_post
|
||||
FROM ' . POSTS_TABLE . "
|
||||
WHERE $sql_where
|
||||
AND poster_id = " . ANONYMOUS;
|
||||
$result = $db->sql_query_limit($sql, 1);
|
||||
$found_guest_post = $db->sql_fetchfield('guest_post');
|
||||
$db->sql_freeresult($result);
|
||||
|
||||
if ($found_guest_post)
|
||||
{
|
||||
$author_id_ary[] = ANONYMOUS;
|
||||
$sql_author_match = (strpos($author, '*') !== false) ? ' ' . $db->sql_like_expression(str_replace('*', $db->any_char, utf8_clean_string($author))) : " = '" . $db->sql_escape(utf8_clean_string($author)) . "'";
|
||||
}
|
||||
|
||||
if (!sizeof($author_id_ary))
|
||||
{
|
||||
trigger_error('NO_SEARCH_RESULTS');
|
||||
|
|
@ -435,12 +452,12 @@ if ($keywords || $author || $author_id || $search_id || $submit)
|
|||
|
||||
if (!empty($search->search_query))
|
||||
{
|
||||
$total_match_count = $search->keyword_search($show_results, $search_fields, $search_terms, $sort_by_sql, $sort_key, $sort_dir, $sort_days, $ex_fid_ary, $m_approve_fid_ary, $topic_id, $author_id_ary, $id_ary, $start, $per_page);
|
||||
$total_match_count = $search->keyword_search($show_results, $search_fields, $search_terms, $sort_by_sql, $sort_key, $sort_dir, $sort_days, $ex_fid_ary, $m_approve_fid_ary, $topic_id, $author_id_ary, $sql_author_match, $id_ary, $start, $per_page);
|
||||
}
|
||||
else if (sizeof($author_id_ary))
|
||||
{
|
||||
$firstpost_only = ($search_fields === 'firstpost' || $search_fields == 'titleonly') ? true : false;
|
||||
$total_match_count = $search->author_search($show_results, $firstpost_only, $sort_by_sql, $sort_key, $sort_dir, $sort_days, $ex_fid_ary, $m_approve_fid_ary, $topic_id, $author_id_ary, $id_ary, $start, $per_page);
|
||||
$total_match_count = $search->author_search($show_results, $firstpost_only, $sort_by_sql, $sort_key, $sort_dir, $sort_days, $ex_fid_ary, $m_approve_fid_ary, $topic_id, $author_id_ary, $sql_author_match, $id_ary, $start, $per_page);
|
||||
}
|
||||
|
||||
// For some searches we need to print out the "no results" page directly to allow re-sorting/refining the search options.
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue