forensoftware/search.php at master · Wronnay/forensoftware · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
<?php
error_reporting(0);
include 'inc/h.php';
$subsite_title = l73;
include 'design/header.php';
  if(isset($_GET['what'])) {
$what2 = str_replace('_', '%', presql($_GET['what']));
      $sql = "SELECT
            id,
            autor_id,
			topic_id,
			title,
			post,
            date
        FROM
            ".$PREFIX."_posts
		WHERE
		    post
		LIKE
		    '%".presql($what2)."%'
		OR
		    title
		LIKE
		    '%".presql($what2)."%'
        ORDER BY
            date DESC
		";
    $dbpre = $dbc->prepare($sql);
    $dbpre->execute();
echo '<h2>'.l74.':</h2><p></p>';
      while ($row = $dbpre->fetch(PDO::FETCH_ASSOC)){
?>
<div><h2><a href="topic.php?id=<?php echo nocss($row['topic_id']); ?>#<?php echo nocss($row['id']); ?>"><?php echo nocss($row['title']); ?></a></h2>
		<p><a href="topic.php?id=<?php echo nocss($row['topic_id']); ?>#<?php echo nocss($row['id']); ?>"><?php echo nl2p(parse_bbcode($row['post'])); ?></a></p>
        </div>
<?php
	  }
  }
else {
  if(isset($_POST['submit']) AND $_POST['submit'] == l75) {
  $what = presql($_POST['suchbegriff']);
  $what = strtolower($what);
  $what = str_replace(' ', '_', $what);
  header("Location: search.php?what=".$what);
  }
echo l76;
?>
<form method="post" enctype="multipart/form-data" action="search.php">
<input type="text" name="suchbegriff" size="40">
<input type="submit" name="submit" value="<?php echo l75; ?>">
</form>
<?php
}
include 'design/footer.php';
?>