PHP Code for Blog Search
Content Management System: Blogs
- regular blog: home page
- small blog: home page
- tiny blog: home page
- blog: search
- blog: login
- blog: topic and replies viewing page
- blog: add topic to database
- blog: add reply to database
- blog: edit topic in database
- blog: create topic in database
- blog: delete topic in database
- blog: delete reply in database
- blog: create categories in database
- blog: edit categories in database
- blog: open or close topic
- blog: delete user account in members table
Blog is another word for weblog. A weblog is a website that is like a diary or journal. Bloggers often write about their opinions and thoughts. What bloggers write is called posts, which are blocks of writing on the blog. Posts often include links to other websites, and often images and even videos as well. Blogs can have many writers. If they have more than one writer, they are often called community blogs, team blogs, or group blogs. But more and more blogs let any visitors leave comments in an interactive format. Signing up and logging in is often required for this privilege. This interaction with visitors is an important part of many blogs.
One of the critical functions on a blog is the Search function. The best searches have relevancy scoring and highlighting. The PHP search below has both of these. This allows results where the most relevant results are shown first and the search terms are pointed out to the user quite clearly.
On to the code. As usual, we start with config.php, since without it, the MySQL-based blog would not be viable.You cannot relate to a db without knowing the magic words. Next, the security of the page is dealt with by ensuring the page visitor has a username that's in the database. Note that the various pages on our blog app use both forms and URL query strings to transfer data between pages, so both POST and GET are checked for username, and if neither works, the visitor is sent to the login script. Not only is the db checked for a valid username, the username is checked to make sure it has only 6 to 20 letters, numbers or underscore in it and no other characters—otherwise, it's off to the login script. If a hacker has put something nasty in the query string, he'll end up at the login script. All our blog app scripts have this same username checker at the top of the PHP section—except for the login script.
Next come the highlight() function. We search for the search string $S using PHP's preg_match_all() function, looking into the $x string and putting the results in the $matches array. Then we take each match and surround it with a span tag that styles the match with a lightblue background.
Then we have the function getarrnum(). When search matches are found in the blog_answer table, where replies are located, the match score for the Topic the replies are replying to needs to increment, but it's not obvious which of the elements of the $score array corresponds to which Topic. The Topic array is $N and it has the Topics' id numbers but they're not in any special order numerically and some numbers are absent due to deletions so $N is simply an array of numbers corresponding to ids. The getarrnum() function finds the correct $score array element to give credit to.
Then the search type and search terms are POSTed from the form at the bottom of the page to the PHP script. Next, after tags get stripped from the search terms, illegal characters are dumped from the search term(s), which means anything that's not alphanumeric or space or ! or . or , or ? gets deleted. Then the mysql_real_escape_string() function is run on the search terms, although it's just a formality since the preg_replace() function already knocked out potential problems. But it's a good function to use before a mysql_query statement occurs.
Then the db is queried for all the ids in both the blog_question and blog_answer MySQL tables, and these are put, with PHP's array_push function, into the arrays $N[] and $A[] respectively. Then the statement if($t=="words"){ is used and half way down the page is an else statement. If the user will be searching for a list of words (which get entered separated by spaces), the top half of the PHP script will be utilized. If an exact word or phrase is being searched for, everything after the else will be utilized—the bottom half of the page. If the user will be searching for a list of words, the input search string gets exploded into the array $searchtermarray[], and this array now contains the separated word list.
Then the terms get looped through and searched for in both the blog_question table and the blog_answer table. The $gotmatch flag is set to 1 if anything is matched in either table. The fields searched are topic, detail, and name in the blog_question table, and a_name and a_answer in the blog_answer table. The LIKE '%" . $S . "%' code finds matches even if they are part of larger words, using % signs as wild cards for matching whatever may be on either side of the match. The function mysql_num_rows() counts how many finds there are. If there is nothing found, the $gotmatch flag stays at 0 and the user gets a message about being unsuccessful.
Next, the search terms are looped through and the blog_question table is searched for each term and the corresponding $score array elements are incremented for each find, then the same thing happens with the blog_answer table, which needs the function getarrnum() to assist it in finding the correct $score array element.
Then the array_multisort($score,SORT_DESC,SORT_NUMERIC,$N); code is run, which sorts the $score array from highest to lowest and it changes the order of the $N array (where the blog_question table ids are) exactly in parallel with the $score array sorting. This parallel sorting stuff is what multisort was designed to do. The reason for the sort is now the $N array ids are sorted from MOST relevant to the search terms to LEAST relevant to the search terms. This is used when the $N array is used to display the Topics according to relevance. The code if($score[$k]>0){ assures that if no matches were made for a certain Topic, there will be no displaying of them in the search results, but if there were matches, there will be displaying.
But just before the displaying, the highlight() function is run so the matches will be highlighted in light blue.
The indenting script is especially interesting since with our system, you're allowed to hit Return/Enter for new paragraphs, and when the PHP script below finds a Return we use the nl2br() function to turn it into <BR />. This nl2br() function processes contents like this: $content=nl2br($content), which turns Returns to break tags: <BR />—as we noted. But let's look at the preg_replace function that turns these tags, in turn, to </p><p> tags: $pattern = '/(<BR\s\/>)+/i' sets up the regular expression replacement pattern for the function, and the i at the end is to make it case insensitive. $replacement = '</p><p>' sets up the replacement text. Finally, the function itself: $content=preg_replace($pattern, $replacement, $content). You'll notice in the script below that the CSS for paragraphs has text-indent:2em;margin-bottom:-1em styling, so that paragraphs get indented automatically.
Next comes dealing with all the custom tags we invented for various HTML code creation purposes. Below, you can learn about our custom codes for italics, bold, underline, links, email links, pictures, videos, and sounds. Anyway, the purpose of these custom tags is to be safer than regular HTML tags, which are so easily exploited.
For italics, the tags we get blog writers to use are (i-) and (ii-) for start and end tag, which our PHP script turns into <i> and </i>, using '/\(i-\)/i' and '/\(ii-\)/i' as regular expression replacement patterns and '<i>' and '</i>'as replacement text. The same is done for underline and bold. And (p-) and (pp-) are the picture tags, with '<center><br><IMG SRC="' replacing the first and
'" BORDER=0><br><br></center>' replacing the second, and the image name like pic.png in between. A special replacement happens if the writer puts 2 dots in front of the file name: ../ is added to the start of the image source so a picture can be in a higher level folder or no folder (except public_html), but this is for relative paths on the blog site only, so it only applies to pictures hosted by the blog site, whereas the other picture tag without the dots can use pictures from any web address path.
With links, (l-) turns into <a href="http://, (ll-) turns into "> after the domain, and (lll-) turns into </a> after the link text.
With video, (v-) turns into '<div style="width:580px"><br><center><object width="480" height="385"><param name="movie" value="http://www.youtube.com/v/', (vv-) turns into '&hl=en_US&fs=1&"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/' after the special letter codes in their video's YouTube embed code, and (vvv-) turns into '&hl=en_US&fs=1&" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="480" height="385"></embed></object><br><br></center></div>' after they repeat their letter code. Nutty? It works! The special letter codes are simply the ones between http://www.youtube.com/v/ and &hl=en_US&fs=1& in their embed code, which YouTube happily shares with video uploading people and visitors alike.
For audio, the webmaster need to load a sound.js file into the web page's folder; this file has only this in it: function sound(s,q) {document.getElementById(q).innerHTML="<embed src='"+s+"' hidden=true autostart=true loop=false>"} to empower the audio. Then (a-) is turned into '<div style="width:580px"><br><center><script src="sound.js"></script><span id="a1"></span><form><input type="button" value="', (aa-) is turned into '" onClick="sound(\'' after the sound's name, and (aaa-) is turned into '\',\'a1\')"></form><br><br></center></div>' after the sound file name such as siren.mp3. Note that the backslashes are all escaping the quotes; also, a button to press to get sound will show up onscreen to give readers of the blog something to press to get the sound.
Email links get (e-) turned into <a href="mailto:, (ee-) turned into @ after the 1st section of the email before the @ and before the second, (eee-) turned into ?subject= before the email's subject text, (eeee-) turned into "> after the email subject, and (eeeee-) turned into </a> after the link text.
However, the above topic display is just the start. Next comes the reply display. There can be many replies to a blog topic, so the script that displayed the topic above will not work for reply display. We'll need to loop through the replies. The first step is to declare already declared arrays unset($CN);$CN=array();unset($NM);$NM=array(); after first unsetting them to free any memory they were using. These arrays are needed because when each search term finds (or not) a match and highlights it, this process needs to happen not only for each search term but also for each reply—and there can be plenty—and without the new arrays the highlighting gets only the last reply. The arrays get loaded from the db table fields of the blog_answer table (the replies table) by array_push. These are the fields of the reply table that also have a field question_id corresponding to the topic (plus replies) now being displayed.
Keep in mind that the top half of the code below (which is for searching on inputted word lists) is all about looping through all the topics with a nonzero score and displaying them and their replies as well. So think about the first quarter of the code below as being about displaying a topic, then the next quarter of the code loops through any replies to this one topic, and then we keep looping as long as there are nonzero scores. We could have just showed the item (just the topic or just the reply) that had the match in it, but that would be content without context. What good is "Great idea, Joe, I wish I had thought of it. Hey, should we take it to the boss?" since you can't tell what is being referred to. Similarly, many times it's the replies that really have the gold in them, not the topics. So just displaying topics if the replies have the only search term matches would also give the searcher short shrift. So we chose to show both replies and topics. Hopefully the way we unset the arrays and re-declared them for each topic's reply set will keep you away from any out-of-memory problems.
Note that for reply display, once we've gotten all the needed reply data from the db, we loop through the new arrays highlighting the matches and storing these highlighted replies back in the array. Then we loop through the arrays, running the display routine for each loop. If it seems like our whole PHP script searches more times than you'd like, we concur. Once for determining if the "unsuccessful search" needs to come up, once for scoring the topics and replies on their relevance, and again in the display mode does seem excessive. We can't think of a shortcut. Can you? Love to hear from you . . .
Okay, the above covers the searching for word lists function. Now let's look into searching for an exact word or phrase. This is a bit simpler since there is no looping through a list of terms looking for matches. There is exactly ONE search term. Otherwise, the script is about the same. We search the blog_question and blog_answer tables for matches to see if we will need to show the "unsuccessful" message. If there's any match, we loop through the topics, scoring each according to matches to establish relevancy. Note that the first search is whether either TABLE has matches. The next search is not whether any topic or reply has matches—that was already established. No, the next search is to determine WHICH topics or replies have matches, and score them accordingly. Then we loop through the topics, and for each one with a nonzero score we display both topic and reply with the matches highlighted. For reply dislay, we need no new arrays. We merely search through the replies table (blog_answer) for replies that have the question_id matching the topic that the topic loop is now on, and we highlight the matches, and loop through however many replies there are with the use of the PHP while command.
At the bottom of the page is the form for inputting the search type and search terms. Note that the form action is cms-search-blog.php?username=<? echo stripslashes($U); ?>. There is no reason you cannot stick a block of PHP code in the middle of a query string, nor any reason a query string cannot be in a form action attribute. For more on this, see the bottom of the page: JavaScript-Object-Notation.html.
SAVE THIS PAGE AS: cms-search-blog.php
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=windows-1252">
<TITLE>Search Blog—Content Management System (CMS)</TITLE>
<meta name="description" content="Search Blog—Content Management System (CMS)">
<meta name="keywords" content="search Blog,search,blogs,blog,Content Management System,Content Management System Articles,php,CMS,javascript, dhtml, DHTML">
<style type="text/css">
BODY {margin-left:0; margin-right:0; margin-top:0;text-align:left;background-color:#ddd}
p, li {font:13px Verdana; color:black;text-align:left;text-indent:2em;margin-bottom:-1em}
td {padding:10px}
h1 {font:bold 28px Verdana; color:black;text-align:center}
h2 {font:bold 24px Verdana;text-align:center}
h3 {font:bold 15px Verdana;}
.title {position:absolute;top:10px;left:130px;width:842px}
.textbox {position:absolute;top:190px;left:190px;width:772px;}
.info {position:absolute;top:88px;left:2px;width:160px;background-color:#bbb;border:1px solid blue;padding:5px}
</style>
</head>
<body>
<div class='textbox'>
<?php
include_once"config.php";
$U=$_POST['username'];if (!isset($U)){$U=$_GET['username'];}
if (isset($U)&&preg_match("/[A-Za-z0-9_]{6,20}$/",$U)){$check_user_data = mysql_query("SELECT * FROM blogmembers WHERE username='$U'") or die(mysql_error());if(mysql_num_rows($check_user_data)==0){unset($U);}}else{unset($U);}
if (!isset($U)){echo '<script language="javascript">alert("Please login.");window.location="blog-login.php"; </script>';}
function highlight() {
global $x, $S;
if (strlen($x) < 1 || strlen($S) < 1) {return;}
preg_match_all("/$S+/i", $x, $matches);
if (is_array($matches[0]) && count($matches[0]) >= 1) {
foreach ($matches[0] as $match) {
$x = str_replace($match, '<span style="background-color:lightblue;">'.$match.'</span>', $x);
}}}
function getarrnum() {
global $z, $m, $number, $N, $score;
if($m<>0){
for($kk=0;$kk<$number;$kk++){
if($N[$kk]==$z){$score[$kk]=$score[$kk]+$m;
}}}}
$S=$_POST['search'];$t=$_POST['searchtype'];
if(!isset($S)){echo '<script language="javascript">alert("Enter search terms.");</script>';
}else{
if (strlen($S)<3) {echo '<script language="javascript">alert("Enter longer search terms.");</script>';
}else{
$S=strip_tags($S);
$pattern2 = '/[^a-zA-Z0-9\\s\\.\\,\\!\\?]/i';
$replacement = '';
$S=preg_replace($pattern2, $replacement, $S);
$S=mysql_real_escape_string($S);
$score=array();$N=array();$A=array();$NM=array();$CN=array();
$res = mysql_query("SELECT id FROM blog_question") or die(mysql_error());
while ($row = mysql_fetch_row($res)) {
array_push ($N, $row[0]);
}
$number=mysql_num_rows($res);
for($i=0;$i<$number;$i++) {
$score[$i]=0;
}
$res = mysql_query("SELECT id FROM blog_answer") or die(mysql_error());
while ($row = mysql_fetch_row($res)) {
array_push ($A, $row[0]);
}
$a_number=mysql_num_rows($res);
if($t=="words"){
$gotmatch=0;
$searchtermarray = explode(" ", $S);
$terms=count($searchtermarray);
for($i=0;$i<$terms;$i++) {
$S=$searchtermarray[$i]; //do not need multi-term $S anymore--just the $searchtermarray[$i] values
$r=mysql_query("SELECT * FROM blog_question WHERE topic LIKE '%" . $S . "%' OR detail LIKE '%" . $S . "%' OR name LIKE '%" . $S . "%'") or die('Error ,search failed');
$num_rows = mysql_num_rows($r);
if($num_rows>0){$gotmatch=1;}
$r=mysql_query("SELECT * FROM blog_answer WHERE a_name LIKE '%" . $S . "%' OR a_answer LIKE '%" . $S . "%'") or die('Error ,search failed');
$num_a_rows = mysql_num_rows($r);
if($num_a_rows>0){$gotmatch=1;}
}
if ($gotmatch==0){echo '<script language="javascript">alert("The search was unsuccessful.");</script>';$S='';
}else{
for($i=0;$i<$terms;$i++) {
$S=$searchtermarray[$i];
for($k=0;$k<$number;$k++) {
$res = mysql_query("SELECT * FROM blog_question WHERE id='$N[$k]'") or die(mysql_error());
while($row = mysql_fetch_array($res)){
$x=$row['topic']." ".$row['detail']." ".$row['name'];
}
preg_match_all("/$S+/i", $x, $matches); $m=count($matches[0]);
$score[$k]=$score[$k]+$m;
}
for($k=0;$k<$a_number;$k++) {
$res = mysql_query("SELECT * FROM blog_answer WHERE id='$A[$k]'") or die(mysql_error());
while($row = mysql_fetch_array($res)){
$x=$row['a_name']." ".$row['a_answer'];$z=$row['question_id'];
}
preg_match_all("/$S+/i", $x, $matches); $m=count($matches[0]); getarrnum();
}
}
array_multisort($score,SORT_DESC,SORT_NUMERIC,$N);
echo '<table width="772" border="1">';
for($k=0;$k<$number;$k++) {
$res = mysql_query("SELECT * FROM blog_question WHERE id='$N[$k]'") or die(mysql_error());
while($row = mysql_fetch_array($res)){
$tt=$row['topic'];
$nm=$row['name'];
$cn=$row['detail'];
if($score[$k]>0){
for($i=0;$i<$terms;$i++) {
$S=$searchtermarray[$i];
$S=stripslashes($S); //unescape quotes and backslashes so they're normal
$x=$tt;highlight();$tt=$x; //highlight search terms
$x=$nm;highlight();$nm=$x; //highlight search terms
$x=$cn;highlight();$cn=$x; //highlight search terms
}
echo '<tr><td><b>';
echo "<span style='color:blue'>TOPIC:</span> ".$tt;
echo "</b></td></tr><tr><td><b>";
echo "Name: ".$nm;
echo "</b></td></tr><tr><td>";
$content=$cn;
$content=nl2br($content); //Enter turns into <BR />
$pattern = '/(<BR\s\/>)+/i';
$replacement = '</p><p>'; //turn any <BR />s into a </p><p> to allow indent since <p>s are css styled to indent!
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(i-\)/i';
$replacement = '<i>'; //turn any (i-)s into a <i>s to allow italics
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(ii-\)/i';
$replacement = '</i>'; //turn any (ii-)s into a </i>s to allow italics
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(b-\)/i';
$replacement = '<b>'; //turn any (b-)s into a <b>s to allow bold
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(bb-\)/i';
$replacement = '</b>'; //turn any (bb-)s into a </b>s to allow bold
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(u-\)/i';
$replacement = '<u>'; //turn any (u-)s into a <u>s to allow underline
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(uu-\)/i';
$replacement = '</u>'; //turn any (uu-)s into a </u>s to allow underline
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(p-\)\.\./i';
$replacement = '<center><br><IMG SRC="../'; //turn any (p-)s into start of image tag to allow image
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(p-\)/i';
$replacement = '<center><br><IMG SRC="'; //turn any (p-)s into start of image tag to allow image
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(pp-\)/i';
$replacement = '" BORDER=0><br><br></center>'; //turn any (pp-)s into end of image tag to allow image
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(l-\)/i';
$replacement = '<a href="http://'; //turn any (l-)s into <http:// to allow link protocol
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(ll-\)/i';
$replacement = '">'; //turn any (ll-)s into "> to allow url
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(lll-\)/i';
$replacement = '</a>'; //turn any (lll-)s into </a> to link text
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(e-\)/i';
$replacement = '<a href="mailto:'; //turn any (e-)s into <a href="mailto: to allow link protocol
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(ee-\)/i';
$replacement = '@'; //turn any (ee-)s into @ to allow email @ sign
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(eee-\)/i';
$replacement = '?subject='; //turn any (eee-)s into ?subject= to allow email subject
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(eeee-\)/i';
$replacement = '">'; //turn any (eeee-)s into "> to allow email address
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(eeeee-\)/i';
$replacement = '</a>'; //turn any (eeeee-)s into </a> to allow link text
$content=preg_replace($pattern, $replacement, $content);
echo $content;
echo "<br><br></td></tr>";
unset($CN);$CN=array();unset($NM);$NM=array();
$res = mysql_query("SELECT a_answer FROM blog_answer WHERE question_id='$N[$k]'") or die(mysql_error());
while($row = mysql_fetch_row($res)){
array_push ($CN, $row[0]);}
$res = mysql_query("SELECT a_name FROM blog_answer WHERE question_id='$N[$k]'") or die(mysql_error());
while($row = mysql_fetch_row($res)){
array_push ($NM, $row[0]);}
$re=mysql_num_rows($res);
for($i=0;$i<$terms;$i++) {
$S=$searchtermarray[$i];
for($j=0;$j<$re;$j++) {
$x=$NM[$j];highlight();$NM[$j]=$x; //highlight search terms
$x=$CN[$j];highlight();$CN[$j]=$x; //highlight search terms
}}
for($j=0;$j<$re;$j++) {
$nm=$NM[$j];
$cn=$CN[$j];
echo "<tr><td><b> Reply name: ".$nm."</b></td></tr>";
$content=$cn;
$content=nl2br($content); //Enter turns into <BR />
$pattern = '/(<BR\s\/>)+/i';
$replacement = '</p><p>'; //turn any <BR />s into a </p><p> to allow indent since <p>s are css styled to indent!
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(i-\)/i';
$replacement = '<i>'; //turn any (i-)s into a <i>s to allow italics
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(ii-\)/i';
$replacement = '</i>'; //turn any (ii-)s into a </i>s to allow italics
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(b-\)/i';
$replacement = '<b>'; //turn any (b-)s into a <b>s to allow bold
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(bb-\)/i';
$replacement = '</b>'; //turn any (bb-)s into a </b>s to allow bold
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(u-\)/i';
$replacement = '<u>'; //turn any (u-)s into a <u>s to allow underline
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(uu-\)/i';
$replacement = '</u>'; //turn any (uu-)s into a </u>s to allow underline
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(p-\)\.\./i';
$replacement = '<center><br><IMG SRC="../'; //turn any (p-)s into start of image tag to allow image
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(p-\)/i';
$replacement = '<center><br><IMG SRC="'; //turn any (p-)s into start of image tag to allow image
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(pp-\)/i';
$replacement = '" BORDER=0><br><br></center>'; //turn any (pp-)s into end of image tag to allow image
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(l-\)/i';
$replacement = '<a href="http://'; //turn any (l-)s into <http:// to allow link protocol
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(ll-\)/i';
$replacement = '">'; //turn any (ll-)s into "> to allow url
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(lll-\)/i';
$replacement = '</a>'; //turn any (lll-)s into </a> to link text
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(e-\)/i';
$replacement = '<a href="mailto:'; //turn any (e-)s into <a href="mailto: to allow link protocol
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(ee-\)/i';
$replacement = '@'; //turn any (ee-)s into @ to allow email @ sign
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(eee-\)/i';
$replacement = '?subject='; //turn any (eee-)s into ?subject= to allow email subject
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(eeee-\)/i';
$replacement = '">'; //turn any (eeee-)s into "> to allow email address
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(eeeee-\)/i';
$replacement = '</a>'; //turn any (eeeee-)s into </a> to allow link text
$content=preg_replace($pattern, $replacement, $content);
echo "<tr><td><b> Reply: </b>".$content."<br><br></td></tr>";}
}}}
echo '</table>';
}
}else{
$gotmatch=0;
$r=mysql_query("SELECT * FROM blog_question WHERE topic LIKE '%" . $S . "%' OR detail LIKE '%" . $S . "%' OR name LIKE '%" . $S . "%'") or die('Error ,search failed');
$num_rows = mysql_num_rows($r);
if($num_rows>0){$gotmatch=1;}
$r=mysql_query("SELECT * FROM blog_answer WHERE a_name LIKE '%" . $S . "%' OR a_answer LIKE '%" . $S . "%'") or die('Error ,search failed');
$num_a_rows = mysql_num_rows($r);
if($num_a_rows>0){$gotmatch=1;}
if ($gotmatch==0){echo '<script language="javascript">alert("The search was unsuccessful.");</script>';$S='';
}else{
for($k=0;$k<$number;$k++) {
$res = mysql_query("SELECT * FROM blog_question WHERE id='$N[$k]'") or die(mysql_error());
while($row = mysql_fetch_array($res)){
$x=$row['topic']." ".$row['detail']." ".$row['name'];
}
preg_match_all("/$S+/i", $x, $matches); $m=count($matches[0]);
$score[$k]=$score[$k]+$m;
}
for($k=0;$k<$a_number;$k++) {
$res = mysql_query("SELECT * FROM blog_answer WHERE id='$A[$k]'") or die(mysql_error());
while($row = mysql_fetch_array($res)){
$x=$row['a_name']." ".$row['a_answer'];$z=$row['question_id'];
}
preg_match_all("/$S+/i", $x, $matches); $m=count($matches[0]); getarrnum();
}
}
array_multisort($score,SORT_DESC,SORT_NUMERIC,$N);
echo '<table width="772" border="1">';
for($k=0;$k<$number;$k++) {
$res = mysql_query("SELECT * FROM blog_question WHERE id='$N[$k]'") or die(mysql_error());
while($row = mysql_fetch_array($res)){
$tt=$row['topic'];
$nm=$row['name'];
$cn=$row['detail'];
if($score[$k]>0){
$S=stripslashes($S); //unescape quotes and backslashes so they're normal
$x=$tt;highlight();$tt=$x; //highlight search terms
$x=$nm;highlight();$nm=$x; //highlight search terms
$x=$cn;highlight();$cn=$x; //highlight search terms
echo '<tr><td><b>';
echo "<span style='color:blue'>TOPIC:</span> ".$tt;
echo "</b></td></tr><tr><td><b>";
echo "Name: ".$nm;
echo "</b></td></tr><tr><td>";
$content=$cn;
$content=nl2br($content); //Enter turns into <BR />
$pattern = '/(<BR\s\/>)+/i';
$replacement = '</p><p>'; //turn any <BR />s into a </p><p> to allow indent since <p>s are css styled to indent!
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(i-\)/i';
$replacement = '<i>'; //turn any (i-)s into a <i>s to allow italics
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(ii-\)/i';
$replacement = '</i>'; //turn any (ii-)s into a </i>s to allow italics
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(b-\)/i';
$replacement = '<b>'; //turn any (b-)s into a <b>s to allow bold
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(bb-\)/i';
$replacement = '</b>'; //turn any (bb-)s into a </b>s to allow bold
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(u-\)/i';
$replacement = '<u>'; //turn any (u-)s into a <u>s to allow underline
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(uu-\)/i';
$replacement = '</u>'; //turn any (uu-)s into a </u>s to allow underline
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(p-\)\.\./i';
$replacement = '<center><br><IMG SRC="../'; //turn any (p-)s into start of image tag to allow image
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(p-\)/i';
$replacement = '<center><br><IMG SRC="'; //turn any (p-)s into start of image tag to allow image
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(pp-\)/i';
$replacement = '" BORDER=0><br><br></center>'; //turn any (pp-)s into end of image tag to allow image
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(l-\)/i';
$replacement = '<a href="http://'; //turn any (l-)s into <http:// to allow link protocol
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(ll-\)/i';
$replacement = '">'; //turn any (ll-)s into "> to allow url
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(lll-\)/i';
$replacement = '</a>'; //turn any (lll-)s into </a> to link text
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(e-\)/i';
$replacement = '<a href="mailto:'; //turn any (e-)s into <a href="mailto: to allow link protocol
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(ee-\)/i';
$replacement = '@'; //turn any (ee-)s into @ to allow email @ sign
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(eee-\)/i';
$replacement = '?subject='; //turn any (eee-)s into ?subject= to allow email subject
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(eeee-\)/i';
$replacement = '">'; //turn any (eeee-)s into "> to allow email address
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(eeeee-\)/i';
$replacement = '</a>'; //turn any (eeeee-)s into </a> to allow link text
$content=preg_replace($pattern, $replacement, $content);
echo $content;
echo "<br><br></td></tr>";
$res = mysql_query("SELECT * FROM blog_answer WHERE question_id='$N[$k]'") or die(mysql_error());
while($row = mysql_fetch_array($res)){
$nm=$row['a_name'];
$cn=$row['a_answer'];
$x=$nm;highlight();$nm=$x; //highlight search terms
$x=$cn;highlight();$cn=$x; //highlight search terms
echo "<tr><td><b> Reply name: ".$nm."</b></td></tr>";
$content=$cn;
$content=nl2br($content); //Enter turns into <BR />
$pattern = '/(<BR\s\/>)+/i';
$replacement = '</p><p>'; //turn any <BR />s into a </p><p> to allow indent since <p>s are css styled to indent!
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(i-\)/i';
$replacement = '<i>'; //turn any (i-)s into a <i>s to allow italics
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(ii-\)/i';
$replacement = '</i>'; //turn any (ii-)s into a </i>s to allow italics
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(b-\)/i';
$replacement = '<b>'; //turn any (b-)s into a <b>s to allow bold
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(bb-\)/i';
$replacement = '</b>'; //turn any (bb-)s into a </b>s to allow bold
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(u-\)/i';
$replacement = '<u>'; //turn any (u-)s into a <u>s to allow underline
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(uu-\)/i';
$replacement = '</u>'; //turn any (uu-)s into a </u>s to allow underline
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(p-\)\.\./i';
$replacement = '<center><br><IMG SRC="../'; //turn any (p-)s into start of image tag to allow image
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(p-\)/i';
$replacement = '<center><br><IMG SRC="'; //turn any (p-)s into start of image tag to allow image
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(pp-\)/i';
$replacement = '" BORDER=0><br><br></center>'; //turn any (pp-)s into end of image tag to allow image
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(l-\)/i';
$replacement = '<a href="http://'; //turn any (l-)s into <http:// to allow link protocol
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(ll-\)/i';
$replacement = '">'; //turn any (ll-)s into "> to allow url
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(lll-\)/i';
$replacement = '</a>'; //turn any (lll-)s into </a> to link text
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(e-\)/i';
$replacement = '<a href="mailto:'; //turn any (e-)s into <a href="mailto: to allow link protocol
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(ee-\)/i';
$replacement = '@'; //turn any (ee-)s into @ to allow email @ sign
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(eee-\)/i';
$replacement = '?subject='; //turn any (eee-)s into ?subject= to allow email subject
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(eeee-\)/i';
$replacement = '">'; //turn any (eeee-)s into "> to allow email address
$content=preg_replace($pattern, $replacement, $content);
$pattern = '/\(eeeee-\)/i';
$replacement = '</a>'; //turn any (eeeee-)s into </a> to allow link text
$content=preg_replace($pattern, $replacement, $content);
echo "<tr><td><b> Reply: </b>".$content."<br><br></td></tr>";}
}}}
echo '</table>';
}}}
mysql_close();
?>
</div>
<div class='title'>
<h1> Search Blog</h1>
<form method="post" action="cms-search-blog.php?username=<? echo stripslashes($U); ?>">
<table width="700" border="0" cellpadding="2" cellspacing="2" align="center">
<tr>
<td width="130">Search for:</td>
<td width='570'><input name="search" type="text" size="100"></td>
</tr>
<b>
Options: </b>
<input type="radio" name="searchtype" value="phrase" checked> match exact phrase
<input type="radio" name="searchtype" value="words"> search for words<br>
<tr>
<td> </td><td><input name="retrieve" type="submit" value="Search Blog">
<input name="reset" type="reset" value="Reset"></td>
</tr>
</table>
</form>
</div>
<div id='info' class='info'>No hyphens (-) or underscores (_) or Enter/Return allowed in search terms. Use letters, numbers, spaces and these: <B> , . ? ! </b> in searches. Click "match exact phrase" to match exact phrases only. Use "search for words" to search for 2 or more terms at once. Relevancy will determine the order of results returned as search results—whatever topic has the most word matches will be displayed first as it's the most relevant to your search.<br><a href="cms-blog.php?username=<? echo stripslashes($U); ?>";><B>Return to Blog</B></a></div>
</tr>
</table>
</body>
</html>