549 lines
16 KiB
PHP
Executable file
549 lines
16 KiB
PHP
Executable file
<?php
|
|
session_start();
|
|
|
|
if (isset($_COOKIE['ws']) && htmlspecialchars($_COOKIE['ws']) == "0")
|
|
{
|
|
$worksafe = false;
|
|
}else{
|
|
$worksafe = true;
|
|
}
|
|
if (isset($_COOKIE['hs']) && htmlspecialchars($_COOKIE['hs']) == "1")
|
|
{
|
|
$filterHTTPS = true;
|
|
}else{
|
|
$filterHTTPS = false;
|
|
}
|
|
|
|
if (!isset($_REQUEST['q']))
|
|
{
|
|
include 'form.html.php';
|
|
}
|
|
|
|
else
|
|
{
|
|
$link = mysqli_connect('localhost', 'guest', 'qwer');
|
|
|
|
$query = mysqli_real_escape_string($link, $_GET['q']);
|
|
|
|
$lim = 12;
|
|
|
|
$starappend = 0;
|
|
|
|
$startID = 0;
|
|
|
|
if(isset($_REQUEST['nsfw']))
|
|
{
|
|
$worksafe = false;
|
|
}
|
|
|
|
$page=0;
|
|
if (!isset($_REQUEST['p']))
|
|
{
|
|
$offset=0;
|
|
}
|
|
else
|
|
{
|
|
$page = mysqli_real_escape_string($link, $_GET['p']);
|
|
$offset = $page;
|
|
if($offset > 0)
|
|
{
|
|
$offset--;
|
|
}
|
|
$offset = $offset * $lim;
|
|
}
|
|
|
|
//check if doing a more general search
|
|
$general=false;
|
|
if (isset($_REQUEST['g']))
|
|
{
|
|
$general=true;
|
|
}
|
|
|
|
if (!$link)
|
|
{
|
|
$error = 'Cant connect to database.';
|
|
include 'error.html.php';
|
|
exit();
|
|
}
|
|
|
|
if (!mysqli_set_charset($link, 'utf8mb4'))
|
|
{
|
|
$error = 'Unable to set database connection encoding.';
|
|
include 'error.html.php';
|
|
exit();
|
|
}
|
|
|
|
if(!mysqli_select_db($link, 'wiby'))
|
|
{
|
|
$error = 'Unable to locate the database.';
|
|
include 'error.html.php';
|
|
exit();
|
|
}
|
|
|
|
//Check if query is a url (contains http:// or https:// and no spaces). If so, put quotations around to to get an exact match
|
|
$urlDetected = 0;
|
|
if(strpos($query, ' ') == false && strpos($query,'.') == true && strpos($query,'"') == false && preg_match('/http/',$query) == true)
|
|
{
|
|
$queryOriginal = $query;
|
|
$query = '"' . $query . '"';
|
|
$urlDetected = 1;
|
|
}
|
|
|
|
//did user manually set -https instead of settings cookie?
|
|
if(substr($query,-7) == " -https"){
|
|
$filterHTTPS = true;
|
|
$query = substr($query, 0,-7);
|
|
}
|
|
$queryNoQuotes = $query;
|
|
|
|
//if query is just 1 or 2 letters, help make it work. Also CIA :D
|
|
if(strlen($query) < 3 || $query == "cia" || $query == "CIA"){
|
|
$query = " ".$query." *";
|
|
}
|
|
if($query == "c++" || $query == "C++"){//shitty but works
|
|
$query = "c++ programming";
|
|
}
|
|
|
|
$queryNoQuotes = $query;
|
|
|
|
//Are there quotes in the query?
|
|
$exactMatch = false;
|
|
if(strpos($queryNoQuotes,'"') !== false)
|
|
{
|
|
$exactMatch = true;
|
|
}
|
|
|
|
//alright then lets remove the quotes
|
|
if($exactMatch == true)
|
|
{
|
|
while(strpos($queryNoQuotes,'"') !== false)
|
|
{
|
|
$queryNoQuotes = str_replace('"', "",$queryNoQuotes);
|
|
}
|
|
}
|
|
|
|
//first remove any flags inside queryNoQuotes, also grab any required words (+ prefix)
|
|
$queryNoQuotesOrFlags = '';
|
|
$requiredword = '';
|
|
$flags = '';
|
|
if(strpos($queryNoQuotes,'+') !== false || strpos($queryNoQuotes,'-') !== false){
|
|
$words = explode(' ', $queryNoQuotes);
|
|
$i = 0;
|
|
foreach ($words as $word) {
|
|
if($i != 0 && $word[0] != '-' && $word[0] != '+'){
|
|
$queryNoQuotesOrFlags .= ' ';
|
|
}
|
|
if ($word[0] != '-' && $word[0] != '+'){
|
|
$queryNoQuotesOrFlags .= $word;
|
|
}
|
|
if ($word[0] == '+' && strlen($word) > 1){
|
|
$requiredword = substr($word,1);
|
|
}
|
|
if ($word[0] == '-' && $word[0] == '+'){
|
|
$flags .= " $word";
|
|
}
|
|
$i++;
|
|
}
|
|
}
|
|
|
|
//remove the '*' if contained anywhere in queryNoQuotes
|
|
if(strpos($queryNoQuotes,'*') !== false && $exactMatch == false){
|
|
$queryNoQuotes = str_replace('*', "",$queryNoQuotes);
|
|
}
|
|
|
|
$queryNoQuotes_SQLsafe = mysqli_real_escape_string($link, $queryNoQuotes);
|
|
$flags = mysqli_real_escape_string($link, $flags);
|
|
|
|
if($exactMatch == false)
|
|
{
|
|
//find longest word in query
|
|
$words = explode(' ', $queryNoQuotes);
|
|
$longestWordLength = 0;
|
|
$longestWord = '';
|
|
$wordcount = 0;
|
|
$longestwordelementnum = 0;
|
|
foreach ($words as $word) {
|
|
if (strlen($word) > $longestWordLength) {
|
|
$longestWordLength = strlen($word);
|
|
$longestWord = $word;
|
|
$longestwordelementnum = $wordcount;
|
|
}
|
|
$wordcount++;
|
|
}
|
|
}
|
|
|
|
$additions = '';
|
|
if($filterHTTPS == true){
|
|
$additions = $additions."AND http = '1' ";
|
|
}
|
|
if($worksafe == true){
|
|
$additions = $additions."AND worksafe = '1' ";
|
|
}
|
|
|
|
$count = 0;
|
|
|
|
if(!$general){
|
|
$queryWithQuotesAndFlags = '"'. $queryNoQuotes_SQLsafe.'"'.$flags.'';
|
|
|
|
//perform full text search FOR InnoDB or MyISAM STORAGE ENGINE
|
|
$outputFTS = mysqli_query($link, "SELECT id, url, title, description, body FROM windex WHERE Match(tags, body, description, title, url) Against('$queryWithQuotesAndFlags' IN BOOLEAN MODE) AND enable = '1' $additions ORDER BY CASE WHEN LOCATE('$queryNoQuotes_SQLsafe', tags)>0 THEN 30 WHEN LOCATE('$queryNoQuotes_SQLsafe', title)>0 AND Match(title) AGAINST('$queryWithQuotesAndFlags' IN BOOLEAN MODE) THEN 20 WHEN LOCATE('$queryNoQuotes_SQLsafe', title)>0 THEN 16 WHEN Match(title) AGAINST('$queryWithQuotesAndFlags' IN BOOLEAN MODE) THEN Match(title) AGAINST('$queryWithQuotesAndFlags' IN BOOLEAN MODE) END DESC, id DESC LIMIT $lim OFFSET $offset");
|
|
|
|
/*if(!$outputFTS)//dont error out yet, will give another try below
|
|
{
|
|
$error = 'Error ' . mysqli_error($link);
|
|
include 'error.html.php';
|
|
exit();
|
|
}*/
|
|
|
|
if($urlDetected == 1)
|
|
{
|
|
$query = $queryOriginal;
|
|
}
|
|
|
|
//this will get set if position of longest word of query is found within body
|
|
$pos = -1;
|
|
|
|
//lets put contents of the full text search into the array
|
|
while($row = mysqli_fetch_array($outputFTS))
|
|
{
|
|
//put the contents of the URL column within the DB into an array
|
|
$id[] = $row[0];
|
|
$url[] = $row[1];
|
|
$title[] = substr($row[2],0,150);
|
|
$description[] = substr($row[3],0,180);
|
|
$body = $row[4];
|
|
$count++;
|
|
$lastID = $row[0];
|
|
|
|
if($exactMatch == false)
|
|
{
|
|
//remove the '*' at the end of the longest word if present
|
|
if(strpos($longestWord,'*') == true)
|
|
{
|
|
$longestWord = str_replace('*', "",$longestWord);
|
|
}
|
|
|
|
//first find an exact
|
|
if(strlen($requiredword) > 0){
|
|
$pos = stripos($body, $requiredword);
|
|
}else{
|
|
$pos = stripos($body, $queryNoQuotes);
|
|
}
|
|
|
|
//search within body for position of longest query word. If not found, try another word
|
|
if($pos == false){
|
|
$pos = stripos($body, $longestWord);
|
|
if($pos == false && $wordcount > 1)
|
|
{
|
|
if($longestwordelementnum > 0)
|
|
{
|
|
if(strpos($words[0],'*') == true)//remove the '*' at the end of the query if present
|
|
$words[0] = str_replace('*', "",$words[0]);
|
|
$pos = stripos($body, $words[0]);
|
|
}
|
|
else if($longestwordelementnum == 0)
|
|
{
|
|
if(strpos($words[1],'*') == true)//remove the '*' at the end of the query if present
|
|
$words[1] = str_replace('*', "",$words[1]);
|
|
$pos = stripos($body, $words[1]);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
else
|
|
{
|
|
$pos = stripos($body, $queryNoQuotes);
|
|
}
|
|
//still not found?, set position to 0
|
|
if($pos == false){
|
|
$pos = 0;
|
|
}
|
|
|
|
//get all positions of all keywords in body
|
|
/* $lastPos = 0;
|
|
$positions = array();
|
|
foreach($words as $word)
|
|
{
|
|
while (($lastPos = mb_strpos($body, $word, $lastPos))!== false) {
|
|
$positions[$word][] = $lastPos;
|
|
$lastPos = $lastPos + strlen($word);
|
|
}
|
|
}*/
|
|
|
|
//figure out how much preceding text to use
|
|
if($pos < 32)
|
|
$starttext = 0;
|
|
else if($pos > 25)
|
|
$starttext = $pos - 25;
|
|
else if($pos > 20)
|
|
$starttext = $pos - 15;
|
|
//else $starttext = 0;
|
|
|
|
//total length of the ballpark
|
|
$textlength = 180;
|
|
|
|
//populate the ballpark
|
|
if($pos >= 0)
|
|
{
|
|
$ballparktext = substr($body,$starttext,$textlength);
|
|
}
|
|
else $ballpark = '0';
|
|
|
|
//find position of nearest Period
|
|
$foundPeriod = true;
|
|
$posPeriod = stripos($ballparktext, '. ') + $starttext +1;
|
|
|
|
//find position of nearest Space
|
|
$foundSpace = true;
|
|
$posSpace = stripos($ballparktext, ' ') + $starttext;
|
|
|
|
//if longest word in query is after a period+space within ballpark, reset $starttext to that point
|
|
if($pos-$starttext > $posPeriod)
|
|
{
|
|
$starttext = $posPeriod;
|
|
//populate the bodymatch
|
|
if($pos-$starttext >= 0)
|
|
{
|
|
$bodymatch[] = substr($body,$starttext,$textlength);
|
|
}
|
|
else $bodymatch[] = '';
|
|
}
|
|
//else if($pos-starttext > $posSpace)//else if longest word in query is after a space within ballpark, reset $starttext to that point
|
|
else if($pos > $posSpace)//else if longest word in query is after a space within ballpark, reset $starttext to that point
|
|
{
|
|
$starttext = $posSpace;
|
|
//populate the bodymatch
|
|
if($pos-$starttext >= 0)
|
|
{
|
|
$bodymatch[] = substr($body,$starttext,$textlength);
|
|
}
|
|
else $bodymatch[] = '';
|
|
}
|
|
else //else just set the bodymatch to the ballparktext
|
|
{
|
|
//populate the bodymatch
|
|
if($pos-$starttext >= 0)
|
|
{
|
|
$bodymatch[] = $ballparktext;
|
|
}
|
|
else $bodymatch[] = '';
|
|
}
|
|
|
|
}
|
|
}
|
|
$outputFTSrows=$count;
|
|
//do a general search if exact results peter off
|
|
if($outputFTSrows < 8 && $exactMatch == false){
|
|
$count = 0;
|
|
$general = true;
|
|
|
|
//Check if query contains a hyphenated word. MySQL is finicky about them. We will wrap quotes around hyphenated words that aren't part of a string which is already wraped in quotes.
|
|
if((strpos($queryNoQuotes,'-') !== false || strpos($queryNoQuotes,'+') !== false) && $urlDetected == false){
|
|
$hyphenwords = explode(' ',$query);
|
|
$query = '';
|
|
$quotes = 0;
|
|
$i = 0;
|
|
foreach ($hyphenwords as $word) {
|
|
if(strpos($queryNoQuotes,'"') !== false){
|
|
$quotes++;
|
|
}
|
|
if(((strpos($queryNoQuotes,'-') !== false && $word[0] != '-') || (strpos($queryNoQuotes,'+') !== false && $word[0] != '+')) && $quotes%2 == 0){//if hyphen exists, not a flag, not wrapped in quotes already
|
|
$word = '"' . $word . '"';
|
|
}
|
|
if($i > 0){
|
|
$query .= ' ';
|
|
}
|
|
$query .= $word;
|
|
$i++;
|
|
}
|
|
}
|
|
|
|
//perform full text search FOR InnoDB or MyISAM STORAGE ENGINE
|
|
$outputFTSgeneral = mysqli_query($link, "SELECT id, url, title, description, body FROM windex WHERE Match(tags, body, description, title, url) Against('$query' IN BOOLEAN MODE) AND enable = '1' $additions ORDER BY CASE WHEN LOCATE('$queryNoQuotes_SQLsafe', tags)>0 THEN 30 WHEN LOCATE('$queryNoQuotes_SQLsafe', title)>0 AND Match(title) AGAINST('$query' IN BOOLEAN MODE) THEN 20 WHEN LOCATE('$queryNoQuotes_SQLsafe', title)>0 THEN 16 WHEN Match(title) AGAINST('$query' IN BOOLEAN MODE) THEN Match(title) AGAINST('$query' IN BOOLEAN MODE) END DESC, id DESC LIMIT $lim OFFSET $offset");
|
|
|
|
|
|
//if all else fails, try a full text search with * appended (better to get something than nothing I suppose)
|
|
if(mysqli_num_rows($outputFTSgeneral) == 0 && $offset == 0 && $urlDetected == 0)
|
|
{
|
|
$starappend = 1;
|
|
$querystar = $query;
|
|
//innodb will get fussy over some things if put in like '''' or ****, uncomment below lines if using innoDB
|
|
$querystar = str_replace('*', "",$querystar);
|
|
$querystar = str_replace('"', "",$querystar);
|
|
$querystar = str_replace('"', "",$querystar);
|
|
$querystar = str_replace('\'', "",$querystar);
|
|
//-----------------------------------------------
|
|
|
|
$querystar = $querystar . '*';
|
|
|
|
//perform full text search FOR InnoDB or MyISAM STORAGE ENGINE
|
|
$outputFTSgeneral = mysqli_query($link, "SELECT id, url, title, description, body FROM windex WHERE Match(tags, body, description, title, url) Against('$querystar' IN BOOLEAN MODE) AND enable = '1' $additions ORDER BY CASE WHEN LOCATE('$queryNoQuotes_SQLsafe', tags)>0 THEN 30 WHEN LOCATE('$queryNoQuotes_SQLsafe', title)>0 AND Match(title) AGAINST('$querystar' IN BOOLEAN MODE) THEN 20 WHEN LOCATE('$queryNoQuotes_SQLsafe', title)>0 THEN 16 WHEN Match(title) AGAINST('$querystar' IN BOOLEAN MODE) THEN Match(title) AGAINST('$querystar' IN BOOLEAN MODE) END DESC, id DESC LIMIT $lim OFFSET $offset");
|
|
|
|
if(!$outputFTSgeneral)
|
|
{
|
|
$error = 'Error ' . mysqli_error($link);
|
|
include 'error.html.php';
|
|
exit();
|
|
}
|
|
}
|
|
|
|
//this will get set if position of longest word of query is found within body
|
|
$pos = -1;
|
|
|
|
//lets put contents of the full text search into the array
|
|
while($row = mysqli_fetch_array($outputFTSgeneral))
|
|
{
|
|
$count++;
|
|
//check for duplicates if appending general search matches on the same page where exact matches were found
|
|
$duplicate = false;
|
|
if($outputFTSrows < 8 && $outputFTSrows > 0){
|
|
foreach($id as $idtocheck){
|
|
if($idtocheck==$row[0]){
|
|
$duplicate=true;
|
|
break;
|
|
}
|
|
|
|
}
|
|
}
|
|
if($duplicate==false){
|
|
//put the contents of the URL column within the DB into an array
|
|
$id[] = $row[0];
|
|
$url[] = $row[1];
|
|
$title[] = substr($row[2],0,150);
|
|
$description[] = substr($row[3],0,180);
|
|
$body = $row[4];
|
|
$lastID = $row[0];
|
|
if($exactMatch == false)
|
|
{
|
|
//remove the '*' at the end of the longest word if present
|
|
if(strpos($longestWord,'*') == true)
|
|
{
|
|
$longestWord = str_replace('*', "",$longestWord);
|
|
}
|
|
|
|
//first find an exact
|
|
if(strlen($requiredword) > 0){
|
|
$pos = stripos($body, $requiredword);
|
|
}else{
|
|
$pos = stripos($body, $queryNoQuotes);
|
|
}
|
|
|
|
//search within body for position of longest query word. If not found, try another word
|
|
if($pos == false){
|
|
$pos = stripos($body, $longestWord);
|
|
if($pos == false && $wordcount > 1)
|
|
{
|
|
if($longestwordelementnum > 0)
|
|
{
|
|
if(strpos($words[0],'*') == true)//remove the '*' at the end of the query if present
|
|
$words[0] = str_replace('*', "",$words[0]);
|
|
$pos = stripos($body, $words[0]);
|
|
}
|
|
else if($longestwordelementnum == 0)
|
|
{
|
|
if(strpos($words[1],'*') == true)//remove the '*' at the end of the query if present
|
|
$words[1] = str_replace('*', "",$words[1]);
|
|
$pos = stripos($body, $words[1]);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
else
|
|
{
|
|
$pos = stripos($body, $queryNoQuotes);
|
|
}
|
|
//still not found?, set position to 0
|
|
if($pos == false){
|
|
$pos = 0;
|
|
}
|
|
|
|
//get all positions of all keywords in body
|
|
/* $lastPos = 0;
|
|
$positions = array();
|
|
foreach($words as $word)
|
|
{
|
|
while (($lastPos = mb_strpos($body, $word, $lastPos))!== false) {
|
|
$positions[$word][] = $lastPos;
|
|
$lastPos = $lastPos + strlen($word);
|
|
}
|
|
}*/
|
|
|
|
//figure out how much preceding text to use
|
|
if($pos < 32)
|
|
$starttext = 0;
|
|
else if($pos > 25)
|
|
$starttext = $pos - 25;
|
|
else if($pos > 20)
|
|
$starttext = $pos - 15;
|
|
//else $starttext = 0;
|
|
|
|
//total length of the ballpark
|
|
$textlength = 180;
|
|
|
|
//populate the ballpark
|
|
if($pos >= 0)
|
|
{
|
|
$ballparktext = substr($body,$starttext,$textlength);
|
|
}
|
|
else $ballpark = '0';
|
|
|
|
//find position of nearest Period
|
|
$foundPeriod = true;
|
|
$posPeriod = stripos($ballparktext, '. ') + $starttext +1;
|
|
|
|
//find position of nearest Space
|
|
$foundSpace = true;
|
|
$posSpace = stripos($ballparktext, ' ') + $starttext;
|
|
|
|
//if longest word in query is after a period+space within ballpark, reset $starttext to that point
|
|
if($pos-$starttext > $posPeriod)
|
|
{
|
|
$starttext = $posPeriod;
|
|
//populate the bodymatch
|
|
if($pos-$starttext >= 0)
|
|
{
|
|
$bodymatch[] = substr($body,$starttext,$textlength);
|
|
}
|
|
else $bodymatch[] = '';
|
|
}
|
|
//else if($pos-starttext > $posSpace)//else if longest word in query is after a space within ballpark, reset $starttext to that point
|
|
else if($pos > $posSpace)//else if longest word in query is after a space within ballpark, reset $starttext to that point
|
|
{
|
|
$starttext = $posSpace;
|
|
//populate the bodymatch
|
|
if($pos-$starttext >= 0)
|
|
{
|
|
$bodymatch[] = substr($body,$starttext,$textlength);
|
|
}
|
|
else $bodymatch[] = '';
|
|
}
|
|
else //else just set the bodymatch to the ballparktext
|
|
{
|
|
//populate the bodymatch
|
|
if($pos-$starttext >= 0)
|
|
{
|
|
$bodymatch[] = $ballparktext;
|
|
}
|
|
else $bodymatch[] = '';
|
|
}
|
|
}
|
|
|
|
}
|
|
}
|
|
|
|
$row = null;
|
|
|
|
include 'results.json.php';
|
|
}
|
|
|
|
function JSONRealEscapeString($var){
|
|
$var = str_replace("\\","\\\\",$var);
|
|
$var = str_replace("\t","\\t",$var);
|
|
$var = str_replace("\b","\\b",$var);
|
|
$var = str_replace("\n","\\n",$var);
|
|
$var = str_replace("\r","\\r",$var);
|
|
$var = str_replace("\f","\\f",$var);
|
|
return $var;
|
|
}
|
|
|
|
?>
|