/* File Name: index.php */ /* Last Updated: March 25th, 2004 */ /* Author: Lee Babin <www.leebabin.com><*****@*****.**> */ /* Copyright {TheCodeShoppe}. All Rights Reserved. */ /* www.thecodeshoppe.com <403.255.9767> */ /****************************************************************************/ //Explode the page var to get us the folder name. $expdir = explode("/", $_GET['page']); //Then dynamically build the path to the class building file. $theinc = $expdir[0] . "/" . "catconfig.php"; //And then include the class. require $theinc; //First things first, set up security. if ($thepage->getenforcesecurity()) { //Check for a valid security match. $areweclear = checkthesecurity($_SESSION['cookie_id'], $thepage->getlevelcheck(), $thepage->getlevelsallowed()); } else { $areweclear = true; } if ($areweclear) { $indid = $_GET['indid']; if ($yesno != "full") { DoError(0, "You must be logged in to view this page.", ""); } else { //Validate for a match. $thecatid = $thepage->gettablename() . "id"; $matchquery = "SELECT * FROM " . $thepage->gettablename() . " WHERE " . $thecatid . "='" . $indid . "'"; if ($validquery = mysql_query($matchquery)) { if (mysql_num_rows($validquery) == 0) { DoError(0, "Sorry, no match found.", ""); } else {
//Check how to order the page. if ($thepage->getshoworder() == "true"){ //If we are allowing the client to order themselves: $orderby = "displayorder"; } else { //Else we order by the default. $orderby = $thepage->getorderby(); } //Now, we go through and output all of the listings from this table. if ($thepage->getnumperpage() != ""){ //If we are limiting the query, then include the limit statement. //Check if we are limiting which items can be seen. if ($showonlyyours){ //Check if the current security level its into the "see all" category. $secclear = checkthesecurity ($_SESSION['cookie_id'],$thepage->getlevelcheck(),$thepage->getcanseeall()); if ($secclear){ if (isset ($_GET['searchq'])){ $buildquery = "SELECT * FROM " . $thepage->gettablename() . " WHERE " . $thepage->getsearchby() . " LIKE '%" . trim($_GET['searchq']) . "%'" . " ORDER BY " . $orderby . " " . $thepage->getascdesc() . " LIMIT $startfrom, $endat"; } else { $buildquery = "SELECT * FROM " . $thepage->gettablename() . " ORDER BY " . $orderby . " " . $thepage->getascdesc() . " LIMIT $startfrom, $endat"; } } else { //Show only the records belonging to this account. $tempid = $_SESSION['cookie_id']; if (isset ($_GET['searchq'])){ $thequery = $buildquery = "SELECT * FROM " . $thepage->gettablename() . " WHERE staffloginid='$tempid' AND " . $thepage->getsearchby() . " LIKE '%" . trim($_GET['searchq']) . "%' ORDER BY " . $orderby . " " . $thepage->getascdesc() . " LIMIT $startfrom, $endat";; } else { $thequery = $buildquery = "SELECT * FROM " . $thepage->gettablename() . " WHERE staffloginid='$tempid' ORDER BY " . $orderby . " " . $thepage->getascdesc() . " LIMIT $startfrom, $endat";; } }