2 // PukiWiki - Yet another WikiWikiWeb clone.
4 // Copyright 2003-2017 PukiWiki Development Team
5 // License: GPL v2 or (at your option) any later version
9 // Allow search via GET method 'index.php?plugin=search&word=keyword'
10 // NOTE: Also allows DoS to your site more easily by SPAMbot or worm or ...
11 define('PLUGIN_SEARCH_DISABLE_GET_ACCESS', 1); // 1, 0
13 define('PLUGIN_SEARCH_MAX_LENGTH', 80);
14 define('PLUGIN_SEARCH_MAX_BASE', 16); // #search(1,2,3,...,15,16)
16 // Show a search box on a page
17 function plugin_search_convert()
19 $args = func_get_args();
20 return plugin_search_search_form('', '', $args);
23 function plugin_search_action()
25 global $post, $vars, $_title_result, $_title_search, $_msg_searching;
27 if (PLUGIN_SEARCH_DISABLE_GET_ACCESS) {
28 $s_word = isset($post['word']) ? htmlsc($post['word']) : '';
30 $s_word = isset($vars['word']) ? htmlsc($vars['word']) : '';
32 if (strlen($s_word) > PLUGIN_SEARCH_MAX_LENGTH) {
33 unset($vars['word']); // Stop using $_msg_word at lib/html.php
34 die_message('Search words too long');
37 $type = isset($vars['type']) ? $vars['type'] : '';
38 $base = isset($vars['base']) ? $vars['base'] : '';
42 $msg = str_replace('$1', $s_word, $_title_result);
43 $body = do_search($vars['word'], $type, FALSE, $base);
46 unset($vars['word']); // Stop using $_msg_word at lib/html.php
47 $msg = $_title_search;
48 $body = '<br />' . "\n" . $_msg_searching . "\n";
52 $bases = ($base == '') ? array() : array($base);
53 $body .= plugin_search_search_form($s_word, $type, $bases);
55 return array('msg'=>$msg, 'body'=>$body);
58 function plugin_search_search_form($s_word = '', $type = '', $bases = array())
60 global $_btn_and, $_btn_or, $_btn_search;
61 global $_search_pages, $_search_all;
63 $script = get_base_uri();
64 $and_check = $or_check = '';
66 $or_check = ' checked="checked"';
68 $and_check = ' checked="checked"';
75 $check = ' checked="checked"';
76 foreach($bases as $base) {
78 if (PLUGIN_SEARCH_MAX_BASE < $_num) break;
79 $s_base = htmlsc($base);
80 $base_str = '<strong>' . $s_base . '</strong>';
81 $base_label = str_replace('$1', $base_str, $_search_pages);
84 <label><input type="radio" name="base" value="$s_base" $check /> $base_label</label>
90 <label><input type="radio" name="base" value="" /> $_search_all</label>
92 $base_option = '<div class="small">' . $base_msg . '</div>';
96 <form action="$script?cmd=search" method="post">
98 <input type="text" name="word" value="$s_word" size="20" />
99 <label><input type="radio" name="type" value="AND" $and_check /> $_btn_and</label>
100 <label><input type="radio" name="type" value="OR" $or_check /> $_btn_or</label>
101 <input type="submit" value="$_btn_search" />