search.php | searchcode

/Quản lý website bán áo đồng phục PHP/lamao/modules/search.php

https://gitlab.com/phamngsinh/baitaplon_sinhvien
PHP | 307 lines | 276 code | 2 blank | 29 comment | 42 complexity | a77c5e9a3fe4992d57c46eca480f620d MD5 | raw file

<?php if (substr_count($_SERVER['PHP_SELF'],'/search.php')>0) die ("You can't access this file directly..."); ?>
<div class="bo">
<table width="100%" cellspacing="0" cellpadding="0" border="0">
	<?php
	if (isset($_REQUEST['module']))
		{
		?>
		<tr id="content" style="display: ;">
    	<td align="right" valign="top">
		<table width="100%" border="0" cellpadding="0" cellspacing="0">
		<?php
			if($_REQUEST['choice']=='news')
				$tblname='news';
			if($_REQUEST['choice']=='articles')
				$tblname='articles';
			$itemonrow=1;
			$rows=12;
			$curpage=1;
			$title='&raquo; '.$display['search'].' '.$display['articles'];
			//----------------------------    Query     --------------------------
			//Tim kiem theo ngay
			if (isset($_POST['sday'],$_POST['smonth'],$_POST['syear']) and $_POST['sday']!='' and $_POST['smonth']!='' and $_POST['syear']!='')
			{
				if ($where==false)
				{
					$search.=' where';
					$where=true;
				}
				if ($condition!=0)
				{
					$search.=' and';
				}
				$search.=' log like "'.$_POST['syear'].'-'.$_POST['smonth'].'-'.$_POST['sday'].'%"';
				$condition++;
				$type.='<p class="formindex"><strong>- Thời gian : <font color="#ff0000">'.$_POST['sday'].'-'.$_POST['smonth'].'-'.$_POST['syear'].'</font></strong></p>';
			}

			if (isset($_REQUEST['category']))
				{
				$query='select * from '.$tblname.'_cat where id='.$_REQUEST['category'].'';
				if ($doquery=mysql_query($query,$link))
					{
					$result=mysql_fetch_array($doquery);
					$level=$result['level'];
					}
				else
					$level='';
				
				$query1='select * from '.$tblname.'_cat where level like "'.$level.'%" ';
				$ids='';
				$counter=0;
				if ($doquery1=mysql_query($query1,$link))
					while ($result1=mysql_fetch_array($doquery1))
					{
					$counter++;
					if ($counter>1)
						$ids.=',';
					$ids.='"'.$result1['id'].'"';
					}
				$getfield=array('title','content');
				$strs = explode(" ",$_POST['sstring']);
				$query='select * from '.$tblname.' where(';
				for ($j=0;$j<count($getfield);$j++)
					{
					if ($j>0)
						$query.=' or';
					//$query.=' '.$getfield[$j].' like "%'.$_POST['sstring'].'%"';
					for ($k=0;$k<count($strs);$k++)
						{
							//echo $strs;
							if ($k>0)
								$query.=' and';
							$query.=' '.$getfield[$j].' like "%'.$strs[$k].'%"';
						}
					}
				$query.=') and lang='.get_langID().'';
				if (isset($_POST['searchbydate']) and strlen($_POST['searchbydate'])>=10)
					{
					if ($searchbydate=datetime_conv($_POST['searchbydate'],'%d-%m-%y','%y-%m-%d'))
						$query.=' and log like "'.$searchbydate.'%"';
					}
				$query.=' and category in ('.$ids.')';
				$query.=' order by log DESC';
				//echo $query;
				//---------------- Show item -----------------
				function show_item($result)
					{
					//global $_POST['sstring'];
					global $obj;
					global $display;
					global $getfield;
					global $strs;
					$items=5;
					$url='?module=detailnews';
					$url.='&newscatID='.$result['category'];
					$url.='&artID='.$result['id'];
					echo '<p class="content1" style="font-size : 12px;">';
					for ($i=0;$i<count($getfield);$i++)
						{
						if (strlen($result[$getfield[$i]])>127)
							$result[$getfield[$i]]=get($result[$getfield[$i]],60).'...';
						if ($i==0)
							echo "<strong>";
						$keyword="";
						for ($m=0;$m<count($strs);$m++)
						{
							if ($m>0)
								$keyword.=" ";
							$keyword.=$strs[$m];
							$memo=str_replace($strs[$m],'<font color="#FF6600"><b>'.$strs[$m].'</b></font>');
						//echo $memo;
						}
						//echo $keyword;
						$memo=str_replace($keyword,'<font color="#FF6600"><b>'.$keyword.'</b></font>',strip_tags(stripslashes($result[$getfield[$i]])));
						//$memo=str_replace($strs[$m],'<font color="#FF6600"><b>'.$strs[$m].'</b></font>',strip_tags(stripslashes($memo)));
						echo $memo;
						if ($i==0)
							echo "</strong>";
						echo '<br>';
						}
					//.$field2.'&nbsp;&nbsp;'.$field3.'&nbsp;&nbsp;'.$field4.'&nbsp;&nbsp;'.$field5.'&nbsp;&nbsp;'.$field6.'';
					//echo '&nbsp;&nbsp;'.$result[$_REQUEST['cbox'.$i]].'&nbsp;&nbsp;
					echo '<a href="'.$url.'" target="_blank">&raquo; '.$display['view_more'].'</a>';
					echo '</p>';
					}
				}
			?>
			<tr>
				<td height="22" colspan="3" style="border-bottom: solid 1px #FFFFFF;">
				<p><font class="title15">&nbsp;&nbsp;&nbsp;&nbsp;<?php echo $display['searchresult']; ?>&nbsp;&nbsp;&nbsp;&nbsp;</font></p>
				</td>
			</tr>
			<tr><td colspan="3" height="20" align="right">
			<?php include ($module_dir.'navigator.php'); ?></td></tr>
			<tr>
		    <td width="20">&nbsp;</td>
		    <td align="center" valign="top">
			<table width="100%" border="0" cellpadding="0" cellspacing="0">
			    <tr>
				<?php
				//show_content();
				if (isset($_REQUEST['curpage'],$_REQUEST['totalpage'],$_REQUEST['found']))
					{
					$found=$_REQUEST['found'];
					$totalpage=$_REQUEST['totalpage'];
					$curpage=$_REQUEST['curpage'];
					$from=($curpage-1) * $itemonrow * $rows;
					$to=$from + $itemonrow*$rows;
					$limit=' limit '.$from.','.$to;
					}
				if (isset($limit,$query))
					$query.=$limit;
				//echo $query;
				//exit;
				$doquery=mysql_query($query,$link);
				if ($doquery and mysql_num_rows($doquery)>0)
					{
					if (!isset($found))
						$found=mysql_num_rows($doquery);
					if (!isset($totalpage))
						{
						if ($found<($itemonrow*$rows))
							$totalpage=1;
						else
							{
							if ($found%($itemonrow*$rows)==0)
								$totalpage=$found/($itemonrow*$rows);
							else
								$totalpage=(int)($found/($itemonrow*$rows))+1;
							}
						}
					if (isset($found) and $found!=0)
						{
						echo '<tr><td colspan="'.($itemonrow+($itemonrow-1)).'" align="right" valign="top" style="padding: 0 0 0 0; border-bottom: solid 1px #1C891C;">';
						echo '<p class="title3" style="color: #336699;">';
						//echo $display['searchresult'].' : ';
						echo $display['found'].' : '.$found.' '.$display['articles'];
						echo ' ( '.$totalpage.' '.$display['page'].' )';
						echo '';
						echo "</p></td></tr>\n";
						//echo "<tr><td height=\"10\" colspan=\"3\"></td></tr>\n";
						}
					$i=0;
					while ($result=mysql_fetch_array($doquery) and $i<=($itemonrow*$rows))
						{
						//Show item
						?>
						<td width="<?php echo round(96/$itemonrow,1); ?>%" style="padding: 6 6 0 6; border-bottom: 1px solid #DDDDDD; border-top: solid 1px #FFFFFF; background-color: #EEEEEE;" valign="top">
						<?php @show_item($result); ?>
						</td>
						<?php
						$i++;
						if ($i%$itemonrow==0)
							{
							?>
							</tr>
							<!-- <tr><td colspan="<?php echo ($itemonrow+($itemonrow-1)); ?>" height="10"></td></tr> -->
							<?php
							}
						else
							echo '<td width="30"></td>';
						if ($i==$rows*$itemonrow)
							break;
						}
					?>
					</tr>
					<tr><td align="left" colspan="<?php echo ($itemonrow+($itemonrow-1)); ?>">
					<p class="title4" style="font-weight: bold; text-align: right;">
					<?php
					/*
					if (isset($found) and $found!=0)
						echo $display['found'].' '.$found.' '.$display['articles'];
					*/
					if (isset($totalpage))
						{
						for ($i=1; $i<=$totalpage; $i++)
							{
							if ($i%20==1)
								echo '</p><p class="title4" style="font-weight: bold; text-align: right;">';
							echo '<input type="button" value="';
							if ($i<10)
								echo '0';
							echo $i.'"';
							if ($i!=$curpage)
								{
								echo ' class="button"';
								echo ' onClick="browse('.$i;
								/*
								if ($cat=='')
									echo ",''";
								else
									echo ",'".$cat."'";
								*/
								echo ')"';
								echo ' onmouseover="this.className=\'button_over\'" onmouseout="this.className=\'button\'"';
								}
							else
								echo ' class="button_down"';
							echo ">&nbsp;\n";
							}
						}
					?>
					<script language="Javascript">
					function browse(curpage)
						{
						document.browsesearch.curpage.value=curpage;
						//document.browsesearch.cat.value=cat;
						document.browsesearch.submit();
						}
					</script>
					<form name="browsesearch" method="post" action="?module=search">
					<input type="hidden" name="module" value="search">
					<input type="hidden" name="object" value="<?php echo $obj; ?>">
					<input type="hidden" name="found" value="<?php echo $found; ?>">
					<input type="hidden" name="totalpage" value="<?php echo $totalpage; ?>">
					<input type="hidden" name="curpage" value="">
					<?php
					if (isset($_POST['total']))
						{
						echo "<input type=\"hidden\" name=\"total\" value=\"".$_POST['total']."\">\n";
						for ($i=0;$i<$_POST['total'];$i++)
							{
							if (isset($_REQUEST['cbox'.$i]))
								{
								//echo 'hehe';
								echo "<input type=\"hidden\" name=\"cbox".$i."\" value=\"".$_REQUEST['cbox'.$i]."\">\n";
								}
							}
						}
					if (isset($_REQUEST['tblname']))
						echo "<input type=\"hidden\" name=\"tblname\" value=\"".$_REQUEST['tblname']."\">\n";
					if (isset($_POST['category']))
						echo "<input type=\"hidden\" name=\"category\" value=\"".$_POST['category']."\">\n";
					if (isset($_REQUEST['title']))
						echo "<input type=\"hidden\" name=\"title\" value=\"".$_REQUEST['title']."\">\n";
					if (isset($_REQUEST['catID']))
						echo "<input type=\"hidden\" name=\"catID\" value=\"".$_REQUEST['catID']."\">\n";
					if (isset($_POST['sstring']))
						echo "<input type=\"hidden\" name=\"sstring\" value=\"".$_POST['sstring']."\">\n";
					?>
					</form>
					</p></td></tr>
					<?php
					}
				else
					{
					?>
					<script>
					alert("<?php echo $display['searchresult'].' \" '.$_REQUEST['sstring'].' \"  : 0 '; ?>")
					//window.history.go(-1)
					</script>
					<?php
					}
				?>
				</tr>
			</table>
			</td>
			<td width="20">&nbsp;</td>
			</tr>
		</table>
		<?php
		}
		?>
	</td>
	</tr>
</table>
</div>