58 lines
1.9 KiB
PHP
58 lines
1.9 KiB
PHP
<?php
|
|
header('Content-Type: application/json');
|
|
require_once 'auth/session.php';
|
|
requireLogin();
|
|
|
|
$user_id = $_SESSION['user_id'];
|
|
$query = $_GET['q'] ?? '';
|
|
$type = $_GET['type'] ?? 'messages'; // messages or users
|
|
$channel_id = $_GET['channel_id'] ?? 0;
|
|
|
|
if (empty($query)) {
|
|
echo json_encode(['success' => true, 'results' => []]);
|
|
exit;
|
|
}
|
|
|
|
try {
|
|
if ($type === 'users') {
|
|
$stmt = db()->prepare("
|
|
SELECT id, display_name as username, username as login_name, avatar_url, status
|
|
FROM users
|
|
WHERE username LIKE ? OR display_name LIKE ?
|
|
LIMIT 20
|
|
");
|
|
$stmt->execute(["%" . $query . "%", "%" . $query . "%"]);
|
|
$results = $stmt->fetchAll();
|
|
} else {
|
|
$sql = "SELECT m.*, u.display_name as username, u.username as login_name, u.avatar_url
|
|
FROM messages m
|
|
JOIN users u ON m.user_id = u.id
|
|
WHERE m.content LIKE ? ";
|
|
$params = ["%" . $query . "%"];
|
|
|
|
if ($channel_id > 0) {
|
|
$sql .= " AND m.channel_id = ?";
|
|
$params[] = $channel_id;
|
|
} else {
|
|
// Search in all channels user has access to
|
|
$sql .= " AND m.channel_id IN (
|
|
SELECT c.id FROM channels c
|
|
LEFT JOIN server_members sm ON c.server_id = sm.server_id
|
|
LEFT JOIN channel_members cm ON c.id = cm.channel_id
|
|
WHERE sm.user_id = ? OR cm.user_id = ?
|
|
)";
|
|
$params[] = $user_id;
|
|
$params[] = $user_id;
|
|
}
|
|
|
|
$sql .= " ORDER BY m.created_at DESC LIMIT 50";
|
|
$stmt = db()->prepare($sql);
|
|
$stmt->execute($params);
|
|
$results = $stmt->fetchAll();
|
|
}
|
|
|
|
echo json_encode(['success' => true, 'results' => $results]);
|
|
} catch (Exception $e) {
|
|
echo json_encode(['success' => false, 'error' => $e->getMessage()]);
|
|
}
|