MDL-6386 - Regression from MDL-6462, lost stripslashes in CLOZE question,
[moodle.git] / mod / forum / search.php
CommitLineData
41905731 1<?php // $Id$
501cdbd8 2
ab00aa12 3 require_once('../../config.php');
4 require_once('lib.php');
501cdbd8 5
e6ae4dc8 6 $id = required_param('id', PARAM_INT); // course id
7 $search = trim(optional_param('search', '', PARAM_NOTAGS)); // search string
8 $page = optional_param('page', 0, PARAM_INT); // which page to show
b1dc6929 9 $perpage = optional_param('perpage', 10, PARAM_INT); // how many per page
10b9a26a 10 $showform = optional_param('showform', 0, PARAM_INT); // Just show the form
e6ae4dc8 11
12 $user = trim(optional_param('user', '', PARAM_NOTAGS)); // Names to search for
13 $userid = trim(optional_param('userid', 0, PARAM_INT)); // UserID to search for
77ffdf4b 14 $forumid = trim(optional_param('forumid', 0, PARAM_INT)); // ForumID to search for
e6ae4dc8 15 $subject = trim(optional_param('subject', '', PARAM_NOTAGS)); // Subject
16 $phrase = trim(optional_param('phrase', '', PARAM_NOTAGS)); // Phrase
17 $words = trim(optional_param('words', '', PARAM_NOTAGS)); // Words
18 $fullwords = trim(optional_param('fullwords', '', PARAM_NOTAGS)); // Whole words
19 $notwords = trim(optional_param('notwords', '', PARAM_NOTAGS)); // Words we don't want
20
ab00aa12 21 $timefromrestrict = optional_param('timefromrestrict', 0, PARAM_INT); // Use starting date
4e471fc6 22 $fromday = optional_param('fromday', 0, PARAM_INT); // Starting date
23 $frommonth = optional_param('frommonth', 0, PARAM_INT); // Starting date
24 $fromyear = optional_param('fromyear', 0, PARAM_INT); // Starting date
25 $fromhour = optional_param('fromhour', 0, PARAM_INT); // Starting date
26 $fromminute = optional_param('fromminute', 0, PARAM_INT); // Starting date
ab00aa12 27 if ($timefromrestrict) {
4e471fc6 28 $datefrom = make_timestamp($fromyear, $frommonth, $fromday, $fromhour, $fromminute);
29 } else {
30 $datefrom = optional_param('datefrom', 0, PARAM_INT); // Starting date
31 }
32
ab00aa12 33 $timetorestrict = optional_param('timetorestrict', 0, PARAM_INT); // Use ending date
4e471fc6 34 $today = optional_param('today', 0, PARAM_INT); // Ending date
35 $tomonth = optional_param('tomonth', 0, PARAM_INT); // Ending date
36 $toyear = optional_param('toyear', 0, PARAM_INT); // Ending date
37 $tohour = optional_param('tohour', 0, PARAM_INT); // Ending date
38 $tominute = optional_param('tominute', 0, PARAM_INT); // Ending date
ab00aa12 39 if ($timetorestrict) {
4e471fc6 40 $dateto = make_timestamp($toyear, $tomonth, $today, $tohour, $tominute);
41 } else {
3ad24cea 42 $dateto = optional_param('dateto', 0, PARAM_INT); // Ending date
4e471fc6 43 }
44
45
e6ae4dc8 46
47 if (empty($search)) { // Check the other parameters instead
48 if (!empty($words)) {
49 $search .= ' '.$words;
50 }
51 if (!empty($userid)) {
52 $search .= ' userid:'.$userid;
53 }
77ffdf4b 54 if (!empty($forumid)) {
55 $search .= ' forumid:'.$forumid;
56 }
e6ae4dc8 57 if (!empty($user)) {
58 $search .= ' '.forum_clean_search_terms($user, 'user:');
59 }
60 if (!empty($subject)) {
61 $search .= ' '.forum_clean_search_terms($subject, 'subject:');
62 }
63 if (!empty($fullwords)) {
64 $search .= ' '.forum_clean_search_terms($fullwords, '+');
65 }
66 if (!empty($notwords)) {
67 $search .= ' '.forum_clean_search_terms($notwords, '-');
68 }
69 if (!empty($phrase)) {
70 $search .= ' "'.$phrase.'"';
71 }
4e471fc6 72 if (!empty($datefrom)) {
73 $search .= ' datefrom:'.$datefrom;
74 }
75 if (!empty($dateto)) {
76 $search .= ' dateto:'.$dateto;
77 }
e6ae4dc8 78 $individualparams = true;
79 } else {
80 $individualparams = false;
81 }
501cdbd8 82
8b9c7aa0 83 if ($search) {
e6ae4dc8 84 $search = forum_clean_search_terms($search);
8b9c7aa0 85 }
86
501cdbd8 87 if (! $course = get_record("course", "id", $id)) {
88 error("Course id is incorrect.");
89 }
90
ec81373f 91 require_course_login($course);
501cdbd8 92
8f0cd6ef 93 add_to_log($course->id, "forum", "search", "search.php?id=$course->id&amp;search=".urlencode($search), $search);
501cdbd8 94
46217d06 95 $strforums = get_string("modulenameplural", "forum");
96 $strsearch = get_string("search", "forum");
97 $strsearchresults = get_string("searchresults", "forum");
8b9c7aa0 98 $strpage = get_string("page");
97485d07 99
10b9a26a 100 if (!$search || $showform) {
f950af3c 101 print_header_simple("$strsearch", "",
e6ae4dc8 102 "<a href=\"index.php?id=$course->id\">$strforums</a> -> $strsearch", 'search.words',
b2432b7f 103 "", "", "&nbsp;", navmenu($course));
680afe2e 104
e6ae4dc8 105 forum_print_big_search_form($course);
106 print_footer($course);
107 exit;
501cdbd8 108 }
109
e6ae4dc8 110/// We need to do a search now and print results
111
77ffdf4b 112 $searchterms = str_replace('forumid:', 'instance:', $search);
113 $searchterms = explode(' ', $searchterms);
e6ae4dc8 114
6f1cc8d6 115 $searchform = forum_search_form($course, $search);
e6ae4dc8 116
4e471fc6 117
42fb3c85 118 if (!$posts = forum_search_posts($searchterms, $course->id, $page*$perpage, $perpage, $totalcount)) {
e6ae4dc8 119
120 print_header_simple("$strsearchresults", "",
121 "<a href=\"index.php?id=$course->id\">$strforums</a> ->
7369657c 122 <a href=\"search.php?id=$course->id\">$strsearch</a> -> ".s($search), 'search.words',
e6ae4dc8 123 "", "", "&nbsp;", navmenu($course));
124 print_heading(get_string("nopostscontaining", "forum", $search));
125
126 if (!$individualparams) {
127 $words = $search;
c7a5b3b1 128 }
e6ae4dc8 129
130 forum_print_big_search_form($course);
77ffdf4b 131
132 print_footer($course);
e6ae4dc8 133 exit;
134 }
135
136 print_header_simple("$strsearchresults", "",
137 "<a href=\"index.php?id=$course->id\">$strforums</a> ->
7369657c 138 <a href=\"search.php?id=$course->id\">$strsearch</a> -> ".s($search), '',
e6ae4dc8 139 "", "", $searchform, navmenu($course));
140
10b9a26a 141 echo '<div class="reportlink">';
142 echo '<a href="search.php?id='.$course->id.
143 '&amp;user='.urlencode($user).
144 '&amp;userid='.$userid.
145 '&amp;forumid='.$forumid.
146 '&amp;subject='.urlencode($subject).
147 '&amp;phrase='.urlencode($phrase).
148 '&amp;words='.urlencode($words).
149 '&amp;fullwords='.urlencode($fullwords).
150 '&amp;notwords='.urlencode($notwords).
151 '&amp;dateto='.$dateto.
152 '&amp;datefrom='.$datefrom.
153 '&amp;showform=1'.
154 '">'.get_string('advancedsearch','forum').'...</a>';
155 echo '</div>';
156
e6ae4dc8 157 print_heading("$strsearchresults: $totalcount");
158
7f9dd6b4 159 print_paging_bar($totalcount, $page, $perpage, "search.php?search=".urlencode(stripslashes($search))."&amp;id=$course->id&amp;perpage=$perpage&amp;");
e6ae4dc8 160
161 //added to implement highlighting of search terms found only in HTML markup
162 //fiedorow - 9/2/2005
163 $strippedsearch = str_replace('user:','',$search);
164 $strippedsearch = str_replace('subject:','',$strippedsearch);
165 $strippedsearch = str_replace('&quot;','',$strippedsearch);
ab00aa12 166 $searchterms = explode(' ', $strippedsearch); // Search for words independently
e6ae4dc8 167 foreach ($searchterms as $key => $searchterm) {
168 if (preg_match('/^\-/',$searchterm)) {
169 unset($searchterms[$key]);
170 } else {
171 $searchterms[$key] = preg_replace('/^\+/','',$searchterm);
ceca2ad2 172 }
e6ae4dc8 173 }
a8d7ea4d 174 $strippedsearch = implode(' ', $searchterms); // Rebuild the string
501cdbd8 175
e6ae4dc8 176 foreach ($posts as $post) {
177
ab00aa12 178 if (! $discussion = get_record('forum_discussions', 'id', $post->discussion)) {
179 error('Discussion ID was incorrect');
e6ae4dc8 180 }
ab00aa12 181 if (! $forum = get_record('forum', 'id', "$discussion->forum")) {
e6ae4dc8 182 error("Could not find forum $discussion->forum");
cdea3a53 183 }
184
a8d7ea4d 185 $post->subject = highlight($strippedsearch, $post->subject);
186 $discussion->name = highlight($strippedsearch, $discussion->name);
b800ac5a 187
3849dae8 188 $fullsubject = "<a href=\"view.php?f=$forum->id\">".format_string($forum->name,true)."</a>";
ab00aa12 189 if ($forum->type != 'single') {
c78ac798 190 $fullsubject .= " -> <a href=\"discuss.php?d=$discussion->id\">".format_string($discussion->name,true)."</a>";
e6ae4dc8 191 if ($post->parent != 0) {
17dc3f3c 192 $fullsubject .= " -> <a href=\"discuss.php?d=$post->discussion&amp;parent=$post->id\">".format_string($post->subject,true)."</a>";
ceca2ad2 193 }
e6ae4dc8 194 }
501cdbd8 195
e6ae4dc8 196 $post->subject = $fullsubject;
048ccc47 197
e6ae4dc8 198 //Indicate search terms only found in HTML markup
199 //Use highlight() with nonsense tags to spot search terms in the
200 //actual text content first. fiedorow - 9/2/2005
201 $missing_terms = "";
b343df86 202
203 // Hack for posts of format FORMAT_PLAIN. Otherwise html tags added by
204 // the highlight() call bellow get stripped out by forum_print_post().
205 if ($post->format == FORMAT_PLAIN) {
206 $post->message = s($post->message);
207 $post->message = rebuildnolinktag($post->message);
208 $post->message = str_replace(' ', '&nbsp; ', $post->message);
209 $post->message = nl2br($post->message);
210 $post->format = FORMAT_HTML;
211 }
212
f2b5d7e3 213 $options = new object();
214 $options->trusttext = true;
215 // detect TRUSTTEXT marker before first call to format_text
216 if (trusttext_present($post->message)) {
217 $ttpresent = true;
218 } else {
219 $ttpresent = false;
220 }
b343df86 221 $message = highlight($strippedsearch,
222 format_text($post->message, $post->format, $options, $course->id),
223 0, '<fgw9sdpq4>', '</fgw9sdpq4>');
9044a387 224
e6ae4dc8 225 foreach ($searchterms as $searchterm) {
226 if (preg_match("/$searchterm/i",$message) && !preg_match('/<fgw9sdpq4>'.$searchterm.'<\/fgw9sdpq4>/i',$message)) {
227 $missing_terms .= " $searchterm";
cdea3a53 228 }
e6ae4dc8 229 }
f2b5d7e3 230 // now is the right time to strip the TRUSTTEXT marker, we will add it later if needed
231 $post->message = trusttext_strip($post->message);
cdea3a53 232
e6ae4dc8 233 $message = str_replace('<fgw9sdpq4>','<span class="highlight">',$message);
234 $message = str_replace('</fgw9sdpq4>','</span>',$message);
501cdbd8 235
e6ae4dc8 236 if ($missing_terms) {
237 $strmissingsearchterms = get_string('missingsearchterms','forum');
238 $post->message = '<p class="highlight2">'.$strmissingsearchterms.' '.$missing_terms.'</p>'.$message;
f2b5d7e3 239 $ttpresent = false;
ab00aa12 240 } else {
241 $post->message = $message;
501cdbd8 242 }
b800ac5a 243
e6ae4dc8 244 $fulllink = "<a href=\"discuss.php?d=$post->discussion#$post->id\">".get_string("postincontext", "forum")."</a>";
245 //search terms already highlighted - fiedorow - 9/2/2005
098d27d4 246 $SESSION->forum_search = true;
f2b5d7e3 247
248 // reconstruct the TRUSTTEXT properly after processing
249 if ($ttpresent) {
250 $post->message = trusttext_mark($post->message);
251 } else {
252 $post->message = trusttext_strip($post->message); //make 100% sure TRUSTTEXT marker was not created during processing
253 }
e6ae4dc8 254 forum_print_post($post, $course->id, false, false, false, false, $fulllink);
098d27d4 255 unset($SESSION->forum_search);
e6ae4dc8 256
257 echo "<br />";
501cdbd8 258 }
259
7f9dd6b4 260 print_paging_bar($totalcount, $page, $perpage, "search.php?search=".urlencode(stripslashes($search))."&amp;id=$course->id&amp;perpage=$perpage&amp;");
e6ae4dc8 261
501cdbd8 262 print_footer($course);
263
e6ae4dc8 264
265
266function forum_print_big_search_form($course) {
428aa337 267 global $CFG, $words, $subject, $phrase, $user, $userid, $fullwords, $notwords, $datefrom, $dateto;
e6ae4dc8 268
269 print_simple_box(get_string('searchforumintro', 'forum'), 'center', '', '', 'searchbox', 'intro');
270
271 print_simple_box_start("center");
ab00aa12 272
32f0b38a 273 echo "<script type=\"text/javascript\">\n";
ab00aa12 274 echo "var timefromitems = ['fromday','frommonth','fromyear','fromhour', 'fromminute'];\n";
275 echo "var timetoitems = ['today','tomonth','toyear','tohour','tominute'];\n";
276 echo "</script>\n";
277
d2ce367f 278 echo '<form id="searchform" action="search.php" method="get">';
76b1f3c7 279 echo '<input type="hidden" value="'.$course->id.'" name="id" alt="" />';
e6ae4dc8 280 echo '<table cellpadding="10" class="searchbox" id="form">';
281
282 echo '<tr>';
283 echo '<td class="c0">'.get_string('searchwords', 'forum').':</td>';
76b1f3c7 284 echo '<td class="c1"><input type="text" size="35" name="words" value="'.s($words).'" alt="" /></td>';
e6ae4dc8 285 echo '</tr>';
286
287 echo '<tr>';
4e471fc6 288 echo '<td class="c0">'.get_string('searchphrase', 'forum').':</td>';
76b1f3c7 289 echo '<td class="c1"><input type="text" size="35" name="phrase" value="'.s($phrase).'" alt="" /></td>';
e6ae4dc8 290 echo '</tr>';
291
292 echo '<tr>';
293 echo '<td class="c0">'.get_string('searchnotwords', 'forum').':</td>';
76b1f3c7 294 echo '<td class="c1"><input type="text" size="35" name="notwords" value="'.s($notwords).'" alt="" /></td>';
e6ae4dc8 295 echo '</tr>';
296
a4bad45c 297 if ($CFG->dbfamily == 'mysql' || $CFG->dbfamily == 'postgres') {
428aa337 298 echo '<tr>';
299 echo '<td class="c0">'.get_string('searchfullwords', 'forum').':</td>';
76b1f3c7 300 echo '<td class="c1"><input type="text" size="35" name="fullwords" value="'.s($fullwords).'" alt="" /></td>';
428aa337 301 echo '</tr>';
302 }
4e471fc6 303
304 echo '<tr>';
305 echo '<td class="c0">'.get_string('searchdatefrom', 'forum').':</td>';
306 echo '<td class="c1">';
d2ce367f 307 echo '<input name="timefromrestrict" type="checkbox" value="1" alt="'.get_string('searchdatefrom', 'forum').'" onclick="return lockoptions(\'searchform\', \'timefromrestrict\', timefromitems)" /> ';
4e471fc6 308 if (empty($dateto)) {
309 $datefrom = make_timestamp(2000, 1, 1, 0, 0, 0);
310 }
311 print_date_selector('fromday', 'frommonth', 'fromyear', $datefrom);
312 print_time_selector('fromhour', 'fromminute', $datefrom);
ab00aa12 313
314 echo '<input type="hidden" name="hfromday" value="0" />';
315 echo '<input type="hidden" name="hfrommonth" value="0" />';
316 echo '<input type="hidden" name="hfromyear" value="0" />';
317 echo '<input type="hidden" name="hfromhour" value="0" />';
318 echo '<input type="hidden" name="hfromminute" value="0" />';
319
4e471fc6 320 echo '</td>';
321 echo '</tr>';
322
323 echo '<tr>';
324 echo '<td class="c0">'.get_string('searchdateto', 'forum').':</td>';
325 echo '<td class="c1">';
d2ce367f 326 echo '<input name="timetorestrict" type="checkbox" value="1" alt="'.get_string('searchdateto', 'forum').'" onclick="return lockoptions(\'searchform\', \'timetorestrict\', timetoitems)" /> ';
4e471fc6 327 if (empty($dateto)) {
328 $dateto = time()+3600;
329 }
330 print_date_selector('today', 'tomonth', 'toyear', $dateto);
331 print_time_selector('tohour', 'tominute', $dateto);
ab00aa12 332
333 echo '<input type="hidden" name="htoday" value="0" />';
334 echo '<input type="hidden" name="htomonth" value="0" />';
335 echo '<input type="hidden" name="htoyear" value="0" />';
336 echo '<input type="hidden" name="htohour" value="0" />';
337 echo '<input type="hidden" name="htominute" value="0" />';
338
4e471fc6 339 echo '</td>';
e6ae4dc8 340 echo '</tr>';
341
77ffdf4b 342 echo '<tr>';
343 echo '<td class="c0">'.get_string('searchwhichforums', 'forum').':</td>';
344 echo '<td class="c1">';
345 choose_from_menu(forum_menu_list($course), 'forumid', '', get_string('allforums', 'forum'), '');
346 echo '</td>';
347 echo '</tr>';
348
e6ae4dc8 349 echo '<tr>';
350 echo '<td class="c0">'.get_string('searchsubject', 'forum').':</td>';
76b1f3c7 351 echo '<td class="c1"><input type="text" size="35" name="subject" value="'.s($subject).'" alt="" /></td>';
e6ae4dc8 352 echo '</tr>';
353
354 echo '<tr>';
355 echo '<td class="c0">'.get_string('searchuser', 'forum').':</td>';
76b1f3c7 356 echo '<td class="c1"><input type="text" size="35" name="user" value="'.s($user).'" alt="" /></td>';
e6ae4dc8 357 echo '</tr>';
358
359 echo '<tr>';
360 echo '<td class="submit" colspan="2" align="center">';
76b1f3c7 361 echo '<input type="submit" value="'.get_string('searchforums', 'forum').'" alt="" /></td>';
e6ae4dc8 362 echo '</tr>';
363
364 echo '</table>';
365 echo '</form>';
ab00aa12 366
367 echo "<script type=\"text/javascript\">";
d2ce367f 368 echo "lockoptions('searchform','timefromrestrict', timefromitems);";
369 echo "lockoptions('searchform','timetorestrict', timetoitems);";
ab00aa12 370 echo "</script>\n";
371
e6ae4dc8 372 print_simple_box_end();
373}
374
375
376function forum_clean_search_terms($words, $prefix='') {
377 $searchterms = explode(' ', $words);
378 foreach ($searchterms as $key => $searchterm) {
379 if (strlen($searchterm) < 2) {
380 unset($searchterms[$key]);
381 } else if ($prefix) {
382 $searchterms[$key] = $prefix.$searchterm;
383 }
384 }
385 return trim(implode(' ', $searchterms));
386}
387
77ffdf4b 388function forum_menu_list($course) {
389
390 $menu = array();
77ffdf4b 391 $currentgroup = get_current_group($course->id);
77ffdf4b 392
393 if ($forums = get_all_instances_in_course("forum", $course)) {
394 if ($course->format == 'weeks') {
395 $strsection = get_string('week');
396 } else {
397 $strsection = get_string('topic');
398 }
399
400 foreach ($forums as $forum) {
bbbf2d40 401 if ($cm = get_coursemodule_from_instance('forum', $forum->id, $course->id)) {
511ec76b 402 $context = get_context_instance(CONTEXT_MODULE, $cm->id);
77ffdf4b 403 if (!isset($forum->visible)) {
bbbf2d40 404 if (!instance_is_visible("forum", $forum) &&
0468976c 405 !has_capability('moodle/course:viewhiddenactivities', $context)) {
77ffdf4b 406 continue;
407 }
408 }
bbbf2d40 409 $groupmode = groupmode($course, $cm); // Groups are being used
511ec76b 410 if ($groupmode == SEPARATEGROUPS && ($currentgroup === false) &&
411 !has_capability('moodle/site:accessallgroups', $context)) {
bbbf2d40 412 continue;
77ffdf4b 413 }
414 }
3849dae8 415 $menu[$forum->id] = format_string($forum->name,true);
77ffdf4b 416 }
417 }
418
419 return $menu;
420}
421
0468976c 422?>