X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=index.php;h=850b350e9c5ad1c2dbae08c5573b929aaf22749b;hb=797a6f308fadab9965165e88d56cb0759140e3cc;hp=a9264cbb9f7d99db16477fc4d4cf14afad4dbff0;hpb=cee0d9609f7cf860cf951ca2d838cfaacecd37d2;p=github%2Fshaarli%2FShaarli.git diff --git a/index.php b/index.php index a9264cbb..850b350e 100644 --- a/index.php +++ b/index.php @@ -1,6 +1,6 @@ /shaarli/ define('WEB_PATH', substr($_SERVER["REQUEST_URI"], 0, 1+strrpos($_SERVER["REQUEST_URI"], '/', 0))); @@ -268,7 +268,10 @@ $GLOBALS['redirector'] = !empty($GLOBALS['redirector']) ? escape($GLOBALS['redir // a token depending of deployment salt, user password, and the current ip define('STAY_SIGNED_IN_TOKEN', sha1($GLOBALS['hash'].$_SERVER["REMOTE_ADDR"].$GLOBALS['salt'])); -autoLocale($_SERVER['HTTP_ACCEPT_LANGUAGE']); // Sniff browser language and set date format accordingly. +// Sniff browser language and set date format accordingly. +if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { + autoLocale($_SERVER['HTTP_ACCEPT_LANGUAGE']); +} header('Content-Type: text/html; charset=utf-8'); // We use UTF-8 for proper international characters handling. //================================================================================================== @@ -603,7 +606,7 @@ class pageBuilder if (!empty($_GET['searchtags'])) { $searchcrits .= '&searchtags=' . urlencode($_GET['searchtags']); } - elseif (!empty($_GET['searchterm'])) { + if (!empty($_GET['searchterm'])) { $searchcrits .= '&searchterm=' . urlencode($_GET['searchterm']); } $this->tpl->assign('searchcrits', $searchcrits); @@ -689,11 +692,19 @@ function showRSS() // Read links from database (and filter private links if user it not logged in). // Optionally filter the results: - if (!empty($_GET['searchterm'])) { - $linksToDisplay = $LINKSDB->filter(LinkFilter::$FILTER_TEXT, $_GET['searchterm']); + $searchtags = !empty($_GET['searchtags']) ? escape($_GET['searchtags']) : ''; + $searchterm = !empty($_GET['searchterm']) ? escape($_GET['searchterm']) : ''; + if (! empty($searchtags) && ! empty($searchterm)) { + $linksToDisplay = $LINKSDB->filter( + LinkFilter::$FILTER_TAG | LinkFilter::$FILTER_TEXT, + array($searchtags, $searchterm) + ); + } + elseif ($searchtags) { + $linksToDisplay = $LINKSDB->filter(LinkFilter::$FILTER_TAG, $searchtags); } - elseif (!empty($_GET['searchtags'])) { - $linksToDisplay = $LINKSDB->filter(LinkFilter::$FILTER_TAG, trim($_GET['searchtags'])); + elseif ($searchterm) { + $linksToDisplay = $LINKSDB->filter(LinkFilter::$FILTER_TEXT, $searchterm); } else { $linksToDisplay = $LINKSDB; @@ -787,11 +798,19 @@ function showATOM() ); // Optionally filter the results: - if (!empty($_GET['searchterm'])) { - $linksToDisplay = $LINKSDB->filter(LinkFilter::$FILTER_TEXT, $_GET['searchterm']); + $searchtags = !empty($_GET['searchtags']) ? escape($_GET['searchtags']) : ''; + $searchterm = !empty($_GET['searchterm']) ? escape($_GET['searchterm']) : ''; + if (! empty($searchtags) && ! empty($searchterm)) { + $linksToDisplay = $LINKSDB->filter( + LinkFilter::$FILTER_TAG | LinkFilter::$FILTER_TEXT, + array($searchtags, $searchterm) + ); + } + elseif ($searchtags) { + $linksToDisplay = $LINKSDB->filter(LinkFilter::$FILTER_TAG, $searchtags); } - else if (!empty($_GET['searchtags'])) { - $linksToDisplay = $LINKSDB->filter(LinkFilter::$FILTER_TAG, trim($_GET['searchtags'])); + elseif ($searchterm) { + $linksToDisplay = $LINKSDB->filter(LinkFilter::$FILTER_TEXT, $searchterm); } else { $linksToDisplay = $LINKSDB; @@ -1145,11 +1164,19 @@ function renderPage() if ($targetPage == Router::$PAGE_PICWALL) { // Optionally filter the results: - if (!empty($_GET['searchterm'])) { - $links = $LINKSDB->filter(LinkFilter::$FILTER_TEXT, $_GET['searchterm']); + $searchtags = !empty($_GET['searchtags']) ? escape($_GET['searchtags']) : ''; + $searchterm = !empty($_GET['searchterm']) ? escape($_GET['searchterm']) : ''; + if (! empty($searchtags) && ! empty($searchterm)) { + $links = $LINKSDB->filter( + LinkFilter::$FILTER_TAG | LinkFilter::$FILTER_TEXT, + array($searchtags, $searchterm) + ); } - elseif (! empty($_GET['searchtags'])) { - $links = $LINKSDB->filter(LinkFilter::$FILTER_TAG, trim($_GET['searchtags'])); + elseif ($searchtags) { + $links = $LINKSDB->filter(LinkFilter::$FILTER_TAG, $searchtags); + } + elseif ($searchterm) { + $links = $LINKSDB->filter(LinkFilter::$FILTER_TEXT, $searchterm); } else { $links = $LINKSDB; @@ -1944,29 +1971,46 @@ function importFile() // This function fills all the necessary fields in the $PAGE for the template 'linklist.html' function buildLinkList($PAGE,$LINKSDB) { - // ---- Filter link database according to parameters - $search_type = ''; - $search_crits = ''; + // Filter link database according to parameters. + $searchtags = !empty($_GET['searchtags']) ? escape($_GET['searchtags']) : ''; + $searchterm = !empty($_GET['searchterm']) ? escape(trim($_GET['searchterm'])) : ''; $privateonly = !empty($_SESSION['privateonly']) ? true : false; - // Fulltext search - if (isset($_GET['searchterm'])) { - $search_crits = escape(trim($_GET['searchterm'])); - $search_type = LinkFilter::$FILTER_TEXT; - $linksToDisplay = $LINKSDB->filter($search_type, $search_crits, false, $privateonly); + // Search tags + fullsearch. + if (! empty($searchtags) && ! empty($searchterm)) { + $linksToDisplay = $LINKSDB->filter( + LinkFilter::$FILTER_TAG | LinkFilter::$FILTER_TEXT, + array($searchtags, $searchterm), + false, + $privateonly + ); } - // Search by tag - elseif (isset($_GET['searchtags'])) { - $search_crits = explode(' ', escape(trim($_GET['searchtags']))); - $search_type = LinkFilter::$FILTER_TAG; - $linksToDisplay = $LINKSDB->filter($search_type, $search_crits, false, $privateonly); + // Search by tags. + elseif (! empty($searchtags)) { + $linksToDisplay = $LINKSDB->filter( + LinkFilter::$FILTER_TAG, + $searchtags, + false, + $privateonly + ); + } + // Fulltext search. + elseif (! empty($searchterm)) { + $linksToDisplay = $LINKSDB->filter( + LinkFilter::$FILTER_TEXT, + $searchterm, + false, + $privateonly + ); } // Detect smallHashes in URL. - elseif (isset($_SERVER['QUERY_STRING']) - && preg_match('/[a-zA-Z0-9-_@]{6}(&.+?)?/', $_SERVER['QUERY_STRING'])) { - $search_type = LinkFilter::$FILTER_HASH; - $search_crits = substr(trim($_SERVER["QUERY_STRING"], '/'), 0, 6); - $linksToDisplay = $LINKSDB->filter($search_type, $search_crits); + elseif (! empty($_SERVER['QUERY_STRING']) + && preg_match('/[a-zA-Z0-9-_@]{6}(&.+?)?/', $_SERVER['QUERY_STRING']) + ) { + $linksToDisplay = $LINKSDB->filter( + LinkFilter::$FILTER_HASH, + substr(trim($_SERVER["QUERY_STRING"], '/'), 0, 6) + ); if (count($linksToDisplay) == 0) { $PAGE->render404('The link you are trying to reach does not exist or has been deleted.'); @@ -2022,21 +2066,18 @@ function buildLinkList($PAGE,$LINKSDB) } // Compute paging navigation - $searchterm = empty($_GET['searchterm']) ? '' : '&searchterm=' . $_GET['searchterm']; - $searchtags = empty($_GET['searchtags']) ? '' : '&searchtags=' . $_GET['searchtags']; + $searchtagsUrl = empty($searchtags) ? '' : '&searchtags=' . urlencode($searchtags); + $searchtermUrl = empty($searchterm) ? '' : '&searchterm=' . urlencode($searchterm); $previous_page_url = ''; if ($i != count($keys)) { - $previous_page_url = '?page=' . ($page+1) . $searchterm . $searchtags; + $previous_page_url = '?page=' . ($page+1) . $searchtermUrl . $searchtagsUrl; } $next_page_url=''; if ($page>1) { - $next_page_url = '?page=' . ($page-1) . $searchterm . $searchtags; + $next_page_url = '?page=' . ($page-1) . $searchtermUrl . $searchtagsUrl; } - $token = ''; - if (isLoggedIn()) { - $token = getToken(); - } + $token = isLoggedIn() ? getToken() : ''; // Fill all template fields. $data = array( @@ -2046,8 +2087,8 @@ function buildLinkList($PAGE,$LINKSDB) 'page_current' => $page, 'page_max' => $pagecount, 'result_count' => count($linksToDisplay), - 'search_type' => $search_type, - 'search_crits' => $search_crits, + 'search_term' => $searchterm, + 'search_tags' => $searchtags, 'redirector' => empty($GLOBALS['redirector']) ? '' : $GLOBALS['redirector'], // Optional redirector URL. 'token' => $token, 'links' => $linkDisp,