2 // PukiWiki - Yet another WikiWikiWeb clone.
3 // $Id: search.inc.php,v 1.14 2011/01/25 15:01:01 henoheno Exp $
7 // Allow search via GET method 'index.php?plugin=search&word=keyword'
8 // NOTE: Also allows DoS to your site more easily by SPAMbot or worm or ...
9 define('PLUGIN_SEARCH_DISABLE_GET_ACCESS', 1); // 1, 0
11 define('PLUGIN_SEARCH_MAX_LENGTH', 80);
12 define('PLUGIN_SEARCH_MAX_BASE', 16); // #search(1,2,3,...,15,16)
14 // Show a search box on a page
15 function plugin_search_convert()
20 return '#search(): You already view a search box<br />' . "\n";
23 $args = func_get_args();
24 return plugin_search_search_form('', '', $args);
28 function plugin_search_action()
30 global $post, $vars, $_title_result, $_title_search, $_msg_searching;
32 if (PLUGIN_SEARCH_DISABLE_GET_ACCESS) {
33 $s_word = isset($post['word']) ? htmlsc($post['word']) : '';
35 $s_word = isset($vars['word']) ? htmlsc($vars['word']) : '';
37 if (strlen($s_word) > PLUGIN_SEARCH_MAX_LENGTH) {
38 unset($vars['word']); // Stop using $_msg_word at lib/html.php
39 die_message('Search words too long');
42 $type = isset($vars['type']) ? $vars['type'] : '';
43 $base = isset($vars['base']) ? $vars['base'] : '';
47 $msg = str_replace('$1', $s_word, $_title_result);
48 $body = do_search($vars['word'], $type, FALSE, $base);
51 unset($vars['word']); // Stop using $_msg_word at lib/html.php
52 $msg = $_title_search;
53 $body = '<br />' . "\n" . $_msg_searching . "\n";
57 $bases = ($base == '') ? array() : array($base);
58 $body .= plugin_search_search_form($s_word, $type, $bases);
60 return array('msg'=>$msg, 'body'=>$body);
63 function plugin_search_search_form($s_word = '', $type = '', $bases = array())
65 global $script, $_btn_and, $_btn_or, $_btn_search;
66 global $_search_pages, $_search_all;
68 $and_check = $or_check = '';
70 $or_check = ' checked="checked"';
72 $and_check = ' checked="checked"';
79 $check = ' checked="checked"';
80 foreach($bases as $base) {
82 if (PLUGIN_SEARCH_MAX_BASE < $_num) break;
83 $label_id = '_p_search_base_id_' . $_num;
84 $s_base = htmlsc($base);
85 $base_str = '<strong>' . $s_base . '</strong>';
86 $base_label = str_replace('$1', $base_str, $_search_pages);
89 <input type="radio" name="base" id="$label_id" value="$s_base" $check />
90 <label for="$label_id">$base_label</label>
96 <input type="radio" name="base" id="_p_search_base_id_all" value="" />
97 <label for="_p_search_base_id_all">$_search_all</label>
99 $base_option = '<div class="small">' . $base_msg . '</div>';
103 <form action="$script?cmd=search" method="post">
105 <input type="text" name="word" value="$s_word" size="20" />
106 <input type="radio" name="type" id="_p_search_AND" value="AND" $and_check />
107 <label for="_p_search_AND">$_btn_and</label>
108 <input type="radio" name="type" id="_p_search_OR" value="OR" $or_check />
109 <label for="_p_search_OR">$_btn_or</label>
110 <input type="submit" value="$_btn_search" />