<?php
/*****************************************************************
* Spacemarc News
* Version: 1.2.0
* Author and copyright (C): Marcello Vitagliano
* Web site: http://www.spacemarc.it
* License: GNU General Public License
*
* This program is free software: you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation, either version 3
* of the License, or (at your option) any later version.
*
* Current file: searchadmin.php
*****************************************************************/
header("Content-type: text/html; charset=ISO-8859-1");
session_start();
define('IN_NEWS', true);
//includo i file di configurazione
require_once (dirname(__FILE__) . '/../config.php');
require_once (dirname(__FILE__) . '/functions.php');
require_once (dirname(__FILE__) . '/../lang/lang.php');
$db = mysql_connect($db_host, $db_user, $db_password) or die("Impossibile connettersi a MySQL<br />Numero errore: " . mysql_errno() . "<br />Tipo di errore: " . mysql_error());
mysql_select_db($db_name, $db) or die("Impossibile selezionare il database $db_name<br />Numero errore: " . mysql_errno() . "<br />Tipo di errore: " . mysql_error());
check_login();
//calcolo il tempo di generazione della pagina (1a parte)
$mtime1 = explode(" ", microtime());
$starttime = $mtime1[1] + $mtime1[0];
$conf = mysql_query("SELECT max_ricerche FROM $tab_config");
$rowconf = mysql_fetch_array($conf);
$error = NULL;
$num_totale = NULL;
$rec_page = $rowconf['max_ricerche'];
$settimana = time() - 60 * 60 * 24 * 7;
$mese = time() - 60 * 60 * 24 * 31;
$anno = time() - 60 * 60 * 24 * 365;
$start = (isset($_GET['start'])) ? abs(floor(intval($_GET['start']))) : 0;
if (isset($_GET['chiave'])) {
if (!get_magic_quotes_gpc()) {
$chiave = mysql_real_escape_string($_GET['chiave']);
}
else {
$chiave = $_GET['chiave'];
}
if (trim($chiave) == '' || strlen(trim($chiave)) < 4) {
$error = "<br /><div id=\"error2\">" . $lang['max_min_chars'] . "</div>";
$doquery = NULL;
}
else {
$error = NULL;
$doquery = 1;
}
}
else {
$chiave = NULL;
$doquery = NULL;
}
if (isset($_GET['time'])) {
$time = $_GET['time'];
switch ($time) {
case "sett":
$q_time = "nt.data_pubb >= $settimana";
$q_field = NULL;
break;
case "mese":
$q_time = "nt.data_pubb >= $mese";
$q_field = NULL;
break;
case "anno":
$q_time = "nt.data_pubb >= $anno";
$q_field = NULL;
break;
case "sempre":
$q_time = "nt.data_pubb > 1";
$q_field = NULL;
break;
default:
$q_time = "nt.data_pubb >= $mese";
$q_field = NULL;
}
}
else {
$q_time = "nt.data_pubb >= $mese";
$q_field = ", nt.letture";
$time = "mese";
}
if (isset($_GET['ordine'])) {
$ordine = $_GET['ordine'];
switch ($ordine) {
case "titoli":
$q_ordine = "nt.titolo ASC";
$q_field = NULL;
break;
case "datadesc":
$q_ordine = "nt.data_pubb DESC";
$q_field = NULL;
break;
case "piulette":
$q_ordine = "nt.letture DESC";
$q_field = ", letture";
break;
case "piustampate":
$q_ordine = "nt.stampe DESC";
$q_field = ", stampe";
break;
case "pertinenza":
$q_ordine = "pertinenza DESC";
$q_field = NULL;
break;
default:
$q_ordine = "nt.data_pubb DESC";
$q_field = ", letture";
}
}
else {
$q_ordine = "nt.data_pubb DESC";
$q_field = NULL;
$ordine = "datadesc";
}
if (isset($_GET['autore'])) {
$get_autore = intval($_GET['autore']);
switch ($get_autore) {
case "0":
$q_autore = "nu.user_id >0";
break;
default:
$q_autore = "nu.user_id=$get_autore";
}
}
else {
$q_autore = "nu.user_id >0";
$get_autore = "0";
}
if (get_magic_quotes_gpc()) {
$val_chiave = isset($_GET['chiave']) ? stripslashes(htmlspecialchars($_GET['chiave'], ENT_QUOTES)) : NULL;
}
else {
$val_chiave = isset($_GET['chiave']) ? htmlspecialchars($_GET['chiave'], ENT_QUOTES) : NULL;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Amministrazione news - Cerca un termine nelle news
</title>
<link rel="stylesheet" href="../style.css" type="text/css" />
<script language="JavaScript" src="../javascript.js" type="text/JavaScript"></script>
</head>
<body>
<?php
include ("menu.php");
?>
<div id="container-search" class="text">
<form name="cerca" id="cerca" method="get" action="searchadmin.php">
<fieldset>
<legend><b>Cerca tra le news</b>
</legend><br /> Cerca
<input type="text" size="14" name="chiave" maxlength="50" class="searchbox" value="<?php echo $val_chiave; ?>" /> tra le news
<select name="time">
<option value="sett"<?php echo (isset($_GET['time']) && $_GET['time'] == "sett" ? " selected=\"selected\"" : NULL); ?>>
<?php echo $lang['settimana']; ?>
</option>
<option value="mese"<?php echo (isset($_GET['time']) && $_GET['time'] == "mese" ? " selected=\"selected\"" : NULL); ?>>
<?php echo $lang['mese']; ?>
</option>
<option value="anno"<?php echo (isset($_GET['time']) && $_GET['time'] == "anno" ? " selected=\"selected\"" : NULL); ?>>
<?php echo $lang['anno']; ?>
</option>
<option value="sempre"<?php echo (isset($_GET['time']) && $_GET['time'] == "sempre" ? " selected=\"selected\"" : NULL); ?>>
<?php echo $lang['sempre']; ?>
</option>
</select> scritte da
<select name="autore">
<option value="0"<?php echo (isset($_GET['autore']) && $_GET['autore'] == "0" ? " selected=\"selected\"" : NULL); ?>>TUTTI
</option>
<?php
$res_sel = mysql_query("SELECT nu.user_id, nu.nome_cognome FROM $tab_utenti nu JOIN $tab_news nt ON nt.user_id=nu.user_id GROUP BY nu.user_id HAVING COUNT(nt.user_id)>0 ORDER BY nu.nome_cognome ASC") or die(mysql_error());
if (mysql_num_rows($res_sel) != 0) {
while ($row_sel = mysql_fetch_array($res_sel)) {
echo "<option value=\"" . $row_sel['user_id'] . "\"" . (isset($_GET['autore']) && $_GET['autore'] == $row_sel['user_id'] ? " selected=\"selected\"" : NULL) . ">" . $row_sel['nome_cognome'] . "</option>\n";
}
}
?>
</select> ed ordinale per
<select name="ordine">
<option value="pertinenza"<?php echo (isset($_GET['ordine']) && $_GET['ordine'] == "pertinenza" ? " selected=\"selected\"" : NULL); ?>>
<?php echo $lang['pertinenza']; ?>
</option>
<option value="datadesc"<?php echo (isset($_GET['ordine']) && $_GET['ordine'] == "datadesc" ? " selected=\"selected\"" : NULL); ?>>
<?php echo $lang['piu_recenti']; ?>
</option>
<option value="piulette"<?php echo (isset($_GET['ordine']) && $_GET['ordine'] == "piulette" ? " selected=\"selected\"" : NULL); ?>>
<?php echo $lang['piu_lette']; ?>
</option>
<option value="piustampate"<?php echo (isset($_GET['ordine']) && $_GET['ordine'] == "piustampate" ? " selected=\"selected\"" : NULL); ?>>
<?php echo $lang['piu_stampate']; ?>
</option>
<option value="titoli"<?php echo (isset($_GET['ordine']) && $_GET['ordine'] == "titoli" ? " selected=\"selected\"" : NULL); ?>>
<?php echo $lang['titoli_az']; ?>
</option>
</select>
<input type="submit" name="submit" style="font-weight: bold;" value="Cerca" /><br /><br />
</fieldset>
</form>
<?php
if ($doquery == 1) {
$result = mysql_query("SELECT nt.id, nt.titolo, nu.user_id, nu.nome_cognome, nt.data_pubb$q_field, MATCH(titolo, testo) AGAINST ('$chiave*' IN BOOLEAN MODE) AS Pertinenza
FROM $tab_news nt
JOIN $tab_utenti nu ON nu.user_id=nt.user_id
WHERE MATCH (titolo, testo) AGAINST ('$chiave*' IN BOOLEAN MODE)
AND $q_time AND $q_autore
ORDER BY $q_ordine
LIMIT $start, $rec_page");
$num_totale = mysql_result(mysql_query("SELECT COUNT(nt.id) FROM $tab_news nt JOIN $tab_utenti nu ON nu.user_id=nt.user_id WHERE MATCH (titolo, testo) AGAINST ('$chiave*' IN BOOLEAN MODE) AND $q_time AND $q_autore") , 0);
//se la ricerca non produce risultati stampo l'avviso
$trovata = ($num_totale == 0) ? "<br /><div id=\"error2\">Spiacente, nessun record trovato</div>" : "<b>$num_totale</b> risultati per la parola <b>" . stripslashes(htmlspecialchars($chiave, ENT_QUOTES)) . "</b>";
echo "<br /><span class=\"text\">$trovata</span><br /><br />";
while ($row = mysql_fetch_array($result)) {
//stampo i risultati
$letture = (isset($row['letture'])) ? "" . $row['letture'] . " letture - " : NULL;
$stampe = (isset($row['stampe'])) ? "" . $row['stampe'] . " stampe - " : NULL;
$modifica = ($row['user_id'] == $_SESSION['user_id'] || $_SESSION['livello_id'] == 1) ? " - <a href=\"modifica.php?id=" . $row['id'] . "\" title=\"Modifica [Nuova finestra]\" target=\"_blank\">Modifica</a>" : NULL;
echo "<img src=\"$img_path/news.png\" alt=\"\" /> $letture $stampe <a href=\"../view.php?id=" . $row['id'] . "\" title=\"Leggi [Nuova finestra]\" target=\"_blank\">" . @strtolower(eregi_replace($chiave, "<b>" . $chiave . "</b>", $row['titolo'])) . "</a> (" . strftime("%d/%m/%Y %H:%M", $row['data_pubb']) . " - " . $row['nome_cognome'] . ") [Pertinenza: " . $row['Pertinenza'] . "] $modifica<br />";
}
}
echo $error . "<br />";
if ($num_totale > $rec_page) {
echo "<div id=\"paginazione\" class=\"text2\">";
//paginazione
$numero_pagine = ceil($num_totale / $rec_page);
$pagina_attuale = ceil(($start / $rec_page) + 1);
echo page_bar("searchadmin.php?chiave=" . stripslashes(htmlspecialchars($chiave, ENT_QUOTES)) . "&time=$time&ordine=$ordine&autore=$get_autore", $pagina_attuale, $numero_pagine, $rec_page);
echo "</div><br/><br />";
}
?>
</div><br />
<?php include ("footer.php"); ?>
</body>
</html>