#!/usr/bin/perl -wT
############################################################
## Written and copyright 2002 by 
## Jacqueline D. Hamilton (kira@cgi101.com)
##
## This code is excerpted from "CGI Programming 201"
## (http://www.cgi101.com/advanced)
##
## You may use this code on your own website, however
## you may not publish or sell any copy or derivative work
## without permission of the author.
#############################################################
use strict;
use lib '.';
use MyBoard;

my($forum_id, $keywords, @keyary, @searchary, $i, $searchstr, $sth, $rv, 
$f, $count);

$forum_id = $cgi->param('forum');
$keywords = $cgi->param('keywords');
@keyary = split(/\s+/, $keywords);

# loop through the keywords - untaint them (only allow alphanumeric words)
# then push them into a search array.

foreach $i (@keyary) {
   if ($i =~ /^(\w+)$/) {
      push(@searchary, qq(message RLIKE '\[\[:<:\]\]$1\[\[:>:\]\]'));
   } else {
     &dienice("Please use alphanumeric keywords (letters and 
numbers only).");
   }
}
# now join the search array so you have a string of the format
# message rlike 'foo' and message rlike 'bar'

$searchstr = join(" and ", @searchary);

&do_header("Search Results");
print qq(<h2>Search Results</h2>\n);

$sth = $dbh->prepare("select *,date_format(date, '%c/%e/%Y') as nicedate 
from messages where forum=? and $searchstr") or &dbdie;
$rv = $sth->execute($forum_id);
$count = 0;
while ($f = $sth->fetchrow_hashref) {
	print qq(<b><a href="message.cgi?$f->{id}">$f->{subject}</a></b> 
($f->{author}) posted on $f->{'nicedate'}<br>\n);
	$count = $count + 1;
}

print qq(<p>$count results.<p>\n);	
&do_footer;