<?php
extract($_GET);
extract($_POST);
$obj_setting = new common();
if (isset($id) and $id != '' and isset($action) and $action == 'delete') {
$obj_setting->delete('news_category', "id={$id}");
$obj_setting->delete('news_articles', "category_id={$id}");
$_SESSION['success_msg'] = 'Category and its associated articles deleted successfully.';
echo '<script>location.href="' . DEFAULT_ADMIN_URL . '/page/news_category.php' . '";</script>';
}
$total_rows = $obj_setting->numberOfRows('news_category', "id={$id}");
if ($total_rows > 0) {
$singlePage = $obj_setting->customQuery("SELECT category_name FROM news_category id='" . $id . "'");
$getPageName = $db->fetchNextObject($singlePage);
$pageName = $getPageName->tab_title;
} else {
$pageName = 'There is no Category exists with this id.';
}
unset($obj_setting);
extract($_POST);
#getting array of ids from multiple checkbox and then imploding those ids with ',' to put in IN()
$totalIds = implode(",", $allselect);
$obj_setting = new common();
# Here we are deleting all selected pages
if ($totalIds != '' and isset($action) and $action == 'delete') {
if (isset($searchtext) and $searchtext != '') {
$addToUrl = '?searchtext=' . $searchtext . '&searchcombo=' . $searchcombo;
} else {
$addToUrl = '';
}
$obj_setting->delete('car', " car_id IN ({$totalIds})");
$obj_setting->delete('contact', " car_id IN ({$totalIds})");
$_SESSION['success_msg'] = 'Cars deleted successfully.';
echo '<script>location.href="' . DEFAULT_ADMIN_URL . '/car/index.php' . $addToUrl . '";</script>';
}
#taking imploded ids and checking if these ids exists in database or not
#if not then we are showing error message and if found then we are fetching names
#of those pages to show
$total_rows = $obj_setting->numberOfRows('pages', " id IN('{$totalIds}')");
if ($total_rows > 0) {
$totalNames = array();
$singlePage = $obj_setting->customQuery("SELECT name FROM pages where id IN('{$totalIds}')");
while ($getPageName = $db->fetchNextObject($singlePage)) {
$totalNames[] = $getPageName->name;
}
$pageName = implode(" , ", $totalNames);
} else {
$pageName = 'There are no cars exists with these car ids.';
}
unset($obj_setting);
*/
foreach ($resp->searchResult->item as $finditem) {
$itemId = $finditem->itemId;
$title = $finditem->title;
$postalCode = $finditem->postalCode;
$location = $finditem->location;
$country = $finditem->country;
$startTime = $finditem->startTime;
$endTimes = $finditem->listingInfo->endTime;
$listingType = $finditem->listingInfo->listingType;
$buyItNowAvailable = $finditem->listingInfo->buyItNowAvailable == 'true' ? 1 : 0;
$buyItNowPrice = $finditem->sellingStatus->convertedCurrentPrice;
if ($finditem->listingInfo->buyItNowAvailable == 'true') {
$buyItNowPrice = $finditem->listingInfo->buyItNowPrice;
}
if ($obj_setting->numberOfRows("ebay_car", " itemId=" . $itemId) < 1) {
$xml = '<?xml version="1.0" encoding="utf-8"?>
<GetItemRequest xmlns="urn:ebay:apis:eBLBaseComponents">
<RequesterCredentials>
<eBayAuthToken>' . $userToken . '</eBayAuthToken>
</RequesterCredentials>
<DetailLevel>ReturnAll</DetailLevel>
<OutputSelector>Item.VIN,Item.ListingDetails.EndTime,Item.ItemID,Item.PictureDetails.PictureURL,Item.SellingStatus.CurrentPrice,Item.SubTitle,Item.ItemSpecifics,Item.ConditionDisplayName,Item.Description</OutputSelector>
<IncludeItemSpecifics>true</IncludeItemSpecifics>
<ItemID>' . $itemId . '</ItemID>
</GetItemRequest>';
$ch = curl_init("https://api.ebay.com/ws/api.dll?siteid={$siteid}");
$headers = array('X-EBAY-API-COMPATIBILITY-LEVEL: ' . $version, 'X-EBAY-API-DEV-NAME: ' . $devid, 'X-EBAY-API-APP-NAME: ' . $appid, 'X-EBAY-API-CERT-NAME: ' . $certid, 'X-EBAY-API-CALL-NAME: ' . $callname, 'X-EBAY-API-SITEID: ' . $siteid);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
<?php
extract($_GET);
extract($_POST);
$obj_setting = new common();
if (isset($id) and $id != '' and isset($action) and $action == 'delete') {
if (isset($searchtext) and $searchtext != '') {
$addToUrl = '?searchtext=' . $searchtext . '&searchcombo=' . $searchcombo;
} else {
$addToUrl = '';
}
$obj_setting->delete('newsletter_subscriber', " id={$id}");
$_SESSION['success_msg'] = 'Enquiry deleted successfully.';
echo '<script>location.href="' . DEFAULT_ADMIN_URL . '/contact/newsletter/index.php' . $addToUrl . '";</script>';
}
$total_rows = $obj_setting->numberOfRows('newsletter_subscriber', " id={$id}");
if ($total_rows > 0) {
$singlePage = $obj_setting->customQuery("SELECT * FROM newsletter_subscriber where id='" . $id . "'");
$getPageName = $db->fetchNextObject($singlePage);
$pageName = $getPageName->name;
} else {
$pageName = 'No enquiry exists with this id.';
}
unset($obj_setting);
<?php
extract($_GET);
extract($_POST);
$obj_setting = new common();
if (isset($car_id) and $car_id != '' and isset($action) and $action == 'delete') {
if (isset($searchtext) and $searchtext != '') {
$addToUrl = '?searchtext=' . $searchtext . '&searchcombo=' . $searchcombo;
} else {
$addToUrl = '';
}
$total_rows = $obj_setting->numberOfRows('car', " car_id={$car_id}");
if ($total_rows > 0) {
$obj_setting->delete('car', " car_id={$car_id}");
$obj_setting->delete('contact', " car_id={$car_id}");
$obj_setting->delete('car_flat', " car_id={$car_id}");
$_SESSION['success_msg'] = 'Car deleted successfully.';
if (!empty($_REQUEST['type']) && $_REQUEST['type'] == 'nostock') {
echo '<script>location.href="' . DEFAULT_ADMIN_URL . '/new_stock/new_car/index.php";</script>';
}
echo '<script>location.href="' . DEFAULT_ADMIN_URL . '/car/index.php' . $addToUrl . '";</script>';
} else {
$pageName = 'There is no car exists with this car id.';
}
}
unset($obj_setting);
*************************************************************************************************************/
extract($_GET);
extract($_POST);
$obj_product = new common();
$obj = new validation();
$obj_handle = new Handle();
/* Get Current Date Time Stamp */
$currentTimestamp = getCurrentTimestamp();
if (isset($submit) && $submit != "" && $_SERVER['REQUEST_METHOD'] == 'POST') {
$error = '';
//$obj->add_fields($name, 'req', 'Please Enter Product-Name');
if ($name == '') {
$obj->add_fields($name, 'req', 'Please Enter Sub Category Name');
} else {
$result = $obj_product->numberOfRows(TBL_MEMBER, 'name = "' . $name . '" AND cat_id=' . $cat_id . ' AND sub_cat_id =' . $sub_cat_id);
}
$obj->add_fields($cat_id, 'req', 'Please Select Product Category');
$obj->add_fields($sub_cat_id, 'req', 'Please Select Product Sub Category');
$error = $obj->validate();
if ($error || $result > 0) {
if ($result > 0) {
$error .= "Product already Exist in selected Category.";
}
$errorMsg = "<font color='#FF0000' family='verdana' size=2>" . $error . "</font>";
} else {
if ($_FILES['logo']['name']) {
$logo = $currentTimestamp . '_' . $_FILES['logo']['name'];
move_uploaded_file($_FILES['logo']['tmp_name'], LIST_ROOT_ADMIN . "/products_manager/upload/" . $logo);
} else {
$logo = 'no_img.jpg';
$this1 = $eu + $limit;
$back = $eu - $limit;
$next = $eu + $limit;
if (isset($_GET['field']) and $_GET['field'] != '') {
$field = $_GET['field'];
} else {
$field = 'name';
}
if (isset($_GET['orderBy']) and $_GET['orderBy'] != '') {
$orderby = $_GET['orderBy'];
} else {
$orderby = 'ASC';
}
$obj_setting = new common();
if (!isset($_REQUEST['searchcombo'])) {
$total_rows = $obj_setting->numberOfRows('pages');
//number of rows in pages table
} else {
if ($_REQUEST['searchtext'] == 'Search') {
$total_rows = $obj_setting->numberOfRows('pages');
//number of rows in pages table
} else {
$total_rows = $obj_setting->numberOfRows('pages', " `name` like '%" . addslashes($_REQUEST['searchtext']) . "%' OR `desc` like '%" . addslashes($_REQUEST['searchtext']) . "%'");
//number of rows in pages table for perticular search criteria
}
}
if (!isset($_REQUEST['searchcombo'])) {
$all_pages = $obj_setting->customQuery("SELECT * FROM pages order by {$field} {$orderby} limit {$eu}, {$limit} ");
} else {
if ($_REQUEST['searchtext'] == 'Search') {
$all_pages = $obj_setting->customQuery("SELECT * FROM pages order by {$field} {$orderby} limit {$eu}, {$limit} ");
$all_years[$year] = $year;
}
} else {
if ($modelID != '') {
$all_year_query = $obj_setting->customQuery("SELECT year FROM reviews WHERE model=" . $modelID);
$all_years = array();
while ($yearrow = mysql_fetch_object($all_year_query)) {
$year = $yearrow->year;
$all_years[$year] = $year;
}
}
}
}
$reviewsArrNew = array();
$reviewsArrOld = array();
$total_rowsOld = $obj_setting->numberOfRows('reviews', $QueryString);
if ($QueryString) {
$total_rowsOld = $obj_setting->numberOfRows('reviews', 'old_new = 0 AND ' . $QueryString);
$total_rowsNew = $obj_setting->numberOfRows('reviews', 'old_new = 1 AND ' . $QueryString);
$QueryStringOld = 'WHERE old_new =0 AND ' . $QueryString;
$QueryStringNew = 'WHERE old_new =1 AND ' . $QueryString;
} else {
$total_rowsOld = $obj_setting->numberOfRows('reviews', 'old_new = 0 ' . $QueryString);
$total_rowsNew = $obj_setting->numberOfRows('reviews', 'old_new = 1 ' . $QueryString);
//$QueryString = 'WHERE '.$QueryString;
$QueryStringOld = 'WHERE old_new =0 ' . $QueryString;
$QueryStringNew = 'WHERE old_new =1 ' . $QueryString;
}
//print_r($total_rowsOld);echo "kgjrkh"; print_r($total_rowsNew);die;
if (isset($start)) {
$QueryString .= ' limit ' . $eu . ', ' . $limit;
$select20 = "";
break;
}
$start = $_GET['start'];
if (strlen($start) > 0 and !is_numeric($start)) {
$start = 0;
}
$eu = $start - 0;
if (!$limit > 0) {
// if limit value is not available then let us use a default value
$limit = PAGING_LIMIT;
// No of records to be shown per page by default.
}
$this1 = $eu + $limit;
$back = $eu - $limit;
$next = $eu + $limit;
if (isset($_GET['field']) and $_GET['field'] != '') {
$field = $_GET['field'];
} else {
$field = 'id';
}
if (isset($_GET['orderBy']) and $_GET['orderBy'] != '') {
$orderby = $_GET['orderBy'];
} else {
$orderby = 'ASC';
}
$obj_setting = new common();
//number of rows in pages table
$total_rows = $obj_setting->numberOfRows('media');
$allMedia = $obj_setting->customQuery("SELECT * from media order by {$field} {$orderby} limit {$eu}, {$limit}");
unset($obj_setting);
$start = 0;
}
$eu = $start - 0;
if (!$limit > 0) {
// if limit value is not available then let us use a default value
$limit = PAGING_LIMIT;
// No of records to be shown per page by default.
}
$this1 = $eu + $limit;
$back = $eu - $limit;
$next = $eu + $limit;
if (isset($_GET['field']) and $_GET['field'] != '') {
$field = 'news_articles' . $_GET['field'];
} else {
$field = 'articles.id';
}
if (isset($_GET['orderBy']) and $_GET['orderBy'] != '') {
$orderby = $_GET['orderBy'];
} else {
$orderby = 'ASC';
}
$obj_setting = new common();
//number of rows in pages table
if ($_GET['cat_id'] != '') {
$total_rows = $obj_setting->numberOfRows('news_articles', "category_id='" . $_GET['cat_id'] . "'");
$allArticles = $obj_setting->customQuery("SELECT category.category_name,articles.id,articles.title FROM news_articles as articles LEFT JOIN news_category as category ON articles.category_id=category.id where articles.category_id='" . $_GET['cat_id'] . "' order by {$field} {$orderby} limit {$eu}, {$limit}");
} else {
$total_rows = $obj_setting->numberOfRows('news_articles');
$allArticles = $obj_setting->customQuery("SELECT category.category_name,articles.id,articles.title FROM news_articles as articles LEFT JOIN news_category as category ON articles.category_id=category.id order by {$field} {$orderby} limit {$eu}, {$limit}");
}
unset($obj_setting);
<?php
extract($_GET);
extract($_POST);
$obj_setting = new common();
if (isset($id) and $id != '' and isset($action) and $action == 'delete') {
$obj_setting->delete('content_page', " id={$id}");
$_SESSION['success_msg'] = 'Tab deleted successfully.';
echo '<script>location.href="' . DEFAULT_ADMIN_URL . '/logistique/index.php' . '";</script>';
}
$total_rows = $obj_setting->numberOfRows('content_page', " id={$id}");
if ($total_rows > 0) {
$singlePage = $obj_setting->customQuery("SELECT tab_title FROM content_page where page_name='logistique' and id='" . $id . "'");
$getPageName = $db->fetchNextObject($singlePage);
$pageName = $getPageName->tab_title;
} else {
$pageName = 'There is no Tab exists with this id.';
}
unset($obj_setting);
<?php
extract($_GET);
extract($_POST);
#getting array of ids from multiple checkbox and then imploding those ids with ',' to put in IN()
$totalIds = implode("','", $allselect);
$obj_setting = new common();
# Here we are deleting all selected pages
if (isset($id) and $id != '' and isset($action) and $action == 'delete') {
$obj_setting->delete('rot_banner', " id IN('{$id}')");
$_SESSION['success_msg'] = 'Banner deleted successfully.';
echo '<script>location.href="' . DEFAULT_ADMIN_URL . '/home/index.php' . '";</script>';
}
#taking imploded ids and checking if these ids exists in database or not
#if not then we are showing error message and if found then we are fetching names
#of those pages to show
$total_rows = $obj_setting->numberOfRows('rot_banner', " id IN('{$totalIds}')");
if ($total_rows < 0) {
$pageName = 'There are no banner exists with these banner ids.';
}
unset($obj_setting);
<?php
extract($_GET);
extract($_POST);
#getting array of ids from multiple checkbox and then imploding those ids with ',' to put in IN()
$totalIds = implode("','", $allselect);
$obj_setting = new common();
# Here we are deleting all selected pages
if (isset($id) and $id != '' and isset($action) and $action == 'delete') {
$obj_setting->delete('news_category', "id IN('{$id}')");
$obj_setting->delete('news_articles', "category_id IN('{$id}')");
$_SESSION['success_msg'] = 'Category and its associated articles deleted successfully.';
echo '<script>location.href="' . DEFAULT_ADMIN_URL . '/page/news_category.php' . '";</script>';
}
#taking imploded ids and checking if these ids exists in database or not
#if not then we are showing error message and if found then we are fetching names
#of those pages to show
$total_rows = $obj_setting->numberOfRows('news_category', "id IN('{$totalIds}')");
if ($total_rows < 0) {
$pageName = 'There are no Category exists with these ids.';
}
unset($obj_setting);
$this1 = $eu + $limit;
$back = $eu - $limit;
$next = $eu + $limit;
if (isset($_GET['field']) and $_GET['field'] != '') {
$field = $_GET['field'];
} else {
$field = 'id';
}
if (isset($_GET['orderBy']) and $_GET['orderBy'] != '') {
$orderby = $_GET['orderBy'];
} else {
$orderby = 'DESC';
}
$obj_setting = new common();
if (!isset($_REQUEST['searchcombo'])) {
$total_rows = $obj_setting->numberOfRows('newsletter_subscriber');
//number of rows in pages table
} else {
if ($_REQUEST['searchtext'] == 'Search') {
$total_rows = $obj_setting->numberOfRows('newsletter_subscriber');
//number of rows in pages table
} else {
$total_rows = $obj_setting->numberOfRows('newsletter_subscriber', " `name` like '%" . addslashes($_REQUEST['searchtext']) . "%' OR `email` like '%" . addslashes($_REQUEST['searchtext']) . "%'");
//number of rows in pages table for perticular search criteria
}
}
if (!isset($_REQUEST['searchcombo'])) {
if ($searchword == "" && $type != "") {
$all_pages = $obj_setting->customQuery("SELECT * FROM newsletter_subscriber where type = {$type} order by {$field} {$orderby} limit {$eu}, {$limit} ");
} else {
if ($searchword != "" && $type != "") {
function validate()
{
$errorMsg = "";
for ($i = 0; $i < $this->id; $i++) {
$postVar = $this->check_vars[$i]['data'];
$authType = $this->check_vars[$i]['authtype'];
$error = $this->check_vars[$i]['error'];
$optionalparam = $this->check_vars[$i]['optionalparam'];
$pos = strpos($authType, '=');
if ($pos !== false) {
$authType = substr($this->check_vars[$i]['authtype'], 0, $pos);
$value = substr($this->check_vars[$i]['authtype'], $pos + 1);
}
switch ($authType) {
case "req":
if (is_array($postVar['name'])) {
$count = count($postVar['name']);
for ($j = 0; $j < $count; $j++) {
$length = strlen(trim($postVar['name'][$j]));
if (!$length) {
$errorMsg .= $error . " :File " . ($j + 1) . "<br>";
}
}
} elseif (is_array($postVar)) {
$count = count($postVar);
for ($j = 0; $j < $count; $j++) {
$length = strlen(trim($postVar[$j]));
if (!$length) {
$errorMsg .= $error . " :Car Id " . ($j + 1) . "<br>";
}
}
} elseif (isset($postVar['name']) && empty($postVar['name'])) {
$length = strlen(trim($postVar['name']));
if (!$length) {
$errorMsg .= $error . "<br>";
}
} else {
$length = strlen(trim($postVar));
if (!$length) {
$errorMsg .= $error . "<br>";
}
}
break;
case "alpha":
$regexp = '/^[A-Za-z]$/';
if (!preg_match($regexp, trim($postVar))) {
$length = strlen(trim($postVar));
if ($length) {
$errorMsg .= $error . "<br>";
}
}
break;
case "alphanum":
$regexp = '/^[A-za-z0-9]$/';
if (!preg_match($regexp, trim($postVar))) {
$length = strlen(trim($postVar));
if ($length) {
$errorMsg .= $error . "<br>";
}
}
break;
case "num":
if (is_array($postVar)) {
$count = count($postVar);
for ($j = 0; $j < $count; $j++) {
if (!is_numeric($postVar[$j])) {
$length = strlen(trim($postVar[$j]));
if ($length) {
$errorMsg .= $error . " :Car Id " . ($j + 1) . "<br>";
}
}
}
} elseif (!is_numeric($postVar)) {
$length = strlen(trim($postVar));
if ($length) {
$errorMsg .= $error . "<br>";
}
}
break;
case "uniquearray":
if (is_array($postVar)) {
$array_temp = array();
$j = 0;
foreach ($postVar as $val) {
if ($val != '') {
if (!in_array($val, $array_temp)) {
$array_temp[] = $val;
} else {
$errorMsg .= $error . " :Car Id " . ($j + 1) . "<br>";
}
}
$j++;
}
}
break;
case "uniquevalue":
if ($postVar != '') {
$obj_setting = new common();
$total_articles = $obj_setting->numberOfRows($optionalparam[0], $optionalparam[1]);
if ($total_articles > 0) {
$errorMsg .= $error . "<br>";
}
}
break;
case "dupl":
if (is_array($postVar)) {
$array_temp = array();
$j = 0;
foreach ($postVar as $val) {
if ($val != '') {
if (in_array($val, $optionalparam)) {
$errorMsg .= $error . " :Car Id " . ($j + 1) . "<br>";
}
}
$j++;
}
}
break;
case "year":
$regexp = '/^[0-9]{4}$/';
if (!preg_match($regexp, trim($postVar))) {
$length = strlen(trim($postVar));
if ($length) {
$errorMsg .= $error . "<br>";
}
}
break;
case "validURL":
if (!preg_match('|^http(s)?://[a-z0-9-]+(.[a-z0-9-]+)*(:[0-9]+)?(/.*)?$|i', $postVar)) {
$length = strlen(trim($postVar));
if ($length) {
$errorMsg .= $error . "<br>";
}
}
break;
case "max":
$length = strlen(trim($postVar));
if ($length > $value) {
$errorMsg .= $error . "<br>";
}
break;
case "min":
$length = strlen(trim($postVar));
if ($length < $value && $length != 0) {
$errorMsg .= $error . "<br>";
}
break;
case "lte":
if (is_array($postVar)) {
$count = count($postVar);
if ($count > $value) {
$errorMsg .= $error . "<br>";
}
} else {
if ($postVar > $value) {
$errorMsg .= $error . "<br>";
}
}
break;
case "gte":
if (is_array($postVar)) {
$count = count($postVar);
if ($count < $value) {
$errorMsg .= $error . "<br>";
}
} else {
if ($postVar < $value) {
$length = strlen(trim($postVar));
if ($length) {
$errorMsg .= $error . "<br>";
}
}
}
break;
case "username":
$regexp1 = '/^[0-9]$/';
$regexp2 = '/^[a-zA-Z]+[a-zA-Z0-9\\.\\_]*[a-zA-Z0-9]+$/';
if (!preg_match($regexp1, trim($postVar)) && !preg_match($regexp2, trim($postVar))) {
$length = strlen(trim($postVar));
if ($length) {
$errorMsg .= $error . "<br>";
}
}
break;
case "name":
$regexp = "/^[a-zA-Z]+[a-zA-Z\\.\\- ]*[a-zA-Z]+\$/";
if (!preg_match($regexp, trim($postVar))) {
$length = strlen(trim($postVar));
if ($length) {
$errorMsg .= $error . "<br>";
}
}
break;
case "address":
$regexp = '/^[a-zA-Z0-9]+,.*$/';
if (!preg_match($regexp, trim($postVar))) {
$length = strlen(trim($postVar));
if ($length) {
$errorMsg .= $error . "<br>";
}
}
break;
case "phone":
if (isset($value)) {
$found = strpos($value, ',');
if ($found === false) {
$options[0] = $value;
} else {
$options = explode(",", $value);
}
}
$patternMatch = 0;
foreach ($options as $opt) {
$type = $this->availablePhoneType($opt);
foreach ($type as $regexp) {
if (preg_match($regexp, $postVar)) {
$patternMatch = 1;
}
}
if ($patternMatch) {
break;
}
}
if (!$patternMatch) {
$length = strlen(trim($postVar));
if ($length) {
$errorMsg .= $error . "<br>";
}
}
break;
case "mobile":
$regexp1 = '/^[0-9]{10}$/';
# (+91)1111111111
$regexp2 = '/^[\\(][\\+][0-9]{2}[\\)][0-9]{10}$/';
# +911111111111
$regexp3 = '/^[\\+][0-9]{2}[0-9]{10}$/';
#91-1111111111
$regexp4 = '/^[0-9]{2}[\\-][0-9]{10}$/';
if (!preg_match($regexp1, trim($postVar)) && !preg_match($regexp2, trim($postVar)) && !preg_match($regexp3, trim($postVar)) && !preg_match($regexp4, trim($postVar))) {
$length = strlen(trim($postVar));
if ($length) {
$errorMsg .= $error . "<br>";
}
}
break;
case "zip":
$regexp = '/^[0-9]{6,10}$/';
if (!preg_match($regexp, trim($postVar))) {
$length = strlen(trim($postVar));
if ($length) {
$errorMsg .= $error . "<br>";
}
}
break;
case "uszip":
# 12345-6789
$regexp = '/^[0-9]{5}[\\-]{1}[0-9]{4}$/';
if (!preg_match($regexp, trim($postVar))) {
$length = strlen(trim($postVar));
if ($length) {
$errorMsg .= $error . "<br>";
}
}
break;
case "ukzip":
# ZW3 3SW
$regexp = '/^[a-zA-Z]{2}[0-9]{1}[ ]{1}[0-9]{1}[a-zA-Z]{2}$/';
if (!preg_match($regexp, trim($postVar))) {
$length = strlen(trim($postVar));
if ($length) {
$errorMsg .= $error . "<br>";
}
}
break;
case "ssn":
$regexp = '/^(?!000)([0-6][0-9]{2}|7([0-6][0-9]|7[012]))([ -]?)(?!00)[0-9][0-9]\\3(?!0000)[0-9]{4}$/';
if (!preg_match($regexp, trim($postVar))) {
$length = strlen(trim($postVar));
if ($length) {
$errorMsg .= $error . "<br>";
}
}
break;
case "currency":
$regexp1 = '/^[0-9]+\\.[0-9]+$/';
$regexp2 = '/^[0-9]+$/';
if (!preg_match($regexp1, trim($postVar)) && !preg_match($regexp2, trim($postVar))) {
$length = strlen(trim($postVar));
if ($length) {
$errorMsg .= $error . "<br>";
}
}
break;
case "email":
$regexp = '/^[A-Za-z0-9]+((\\.|\\_){1}[a-zA-Z0-9]+)*@([a-zA-Z0-9]+([\\-]{1}[a-zA-Z0-9]+)*[\\.]{1})+[a-zA-Z]{2,4}$/';
if (!preg_match($regexp, trim($postVar))) {
$length = strlen(trim($postVar));
if ($length) {
$errorMsg .= $error . "<br>";
}
}
break;
case "url":
$regexp = '|^http(s)?://[a-z0-9-]+(\\.[a-z0-9-]+)*(:[0-9]+)?(/.*)?$|i';
if (!preg_match($regexp, trim($postVar))) {
$length = strlen(trim($postVar));
if ($length) {
$errorMsg .= $error . "<br>";
}
}
break;
case "youtubeurl":
$theURL = "https://www.youtube.com/oembed?url={$postVar}&format=json";
$headers = get_headers($theURL);
//echo substr($headers[0], 9, 3);die;
if (substr($headers[0], 9, 3) !== "404") {
} else {
$errorMsg .= $error . "<br>";
}
break;
case "ip":
$regexp = '/^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}$/';
if (!preg_match($regexp, trim($postVar))) {
$length = strlen(trim($postVar));
if ($length) {
$errorMsg .= $error . "<br>";
}
}
break;
case "date":
$errorMsg .= $this->validateDate(trim($postVar), $value, $error);
break;
case "ftype":
$errorMsg .= $this->validateFileType($postVar, $value, $error);
break;
case "fsize":
$errorMsg .= $this->validateFileSize($postVar, $value, $error);
break;
case "imgwh":
$errorMsg .= $this->validateImageHeightWidth($postVar, $value, $error);
break;
case "custom":
if (!preg_match($value, trim($postVar))) {
$length = strlen(trim($postVar));
if ($length) {
$errorMsg .= $error . "<br>";
}
}
break;
}
}
return $errorMsg;
}
$pages->items_total = $total_rows;
$pages->default_ipp = 15;
$pages->paginate();
$cars = $search->attributeSearch($dataArray, $groupby, 'ASC', $pages->limit);
} else {
$total_rows = $search->attributeSearchCount($dataArray);
$pages = new Paginator();
$pages->items_total = $total_rows;
$pages->default_ipp = 15;
$pages->paginate();
$cars = $search->attributeSearch($dataArray, 'fullName', 'ASC', $pages->limit);
}
}
}
} else {
$total_rows = $common->numberOfRows("car", '');
$pages = new Paginator();
$pages->items_total = $total_rows;
$pages->default_ipp = 15;
$pages->paginate();
/*$dataArray = array( "manufacturer" => "64");
$cars = $search->attributeSearch($dataArray,'fullName','ASC',$pages->limit);*/
$result = $common->customQuery("select car_id from car " . $pages->limit);
$car = array();
while ($res = mysql_fetch_object($result)) {
$cars[] = $res->car_id;
}
}
if (isset($_POST) && isset($_POST["submit_inq"])) {
global $db;
$common_obj = new common();
extract($_GET);
extract($_POST);
#getting array of ids from multiple checkbox and then imploding those ids with ',' to put in IN()
$totalIds = implode("','", $allselect);
$obj_setting = new common();
# Here we are deleting all selected pages
if (isset($pageid) and $pageid != '' and isset($action) and $action == 'delete') {
if (isset($searchtext) and $searchtext != '') {
$addToUrl = '?searchtext=' . $searchtext . '&searchcombo=' . $searchcombo;
} else {
$addToUrl = '';
}
$obj_setting->delete('email_log', " id IN('{$pageid}')");
$_SESSION['success_msg'] = 'Enquiry deleted successfully.';
echo '<script>location.href="' . DEFAULT_ADMIN_URL . '/contact/log/index.php' . $addToUrl . '";</script>';
}
#taking imploded ids and checking if these ids exists in database or not
#if not then we are showing error message and if found then we are fetching names
#of those pages to show
$total_rows = $obj_setting->numberOfRows('contact', " id IN('{$totalIds}')");
if ($total_rows > 0) {
$totalNames = array();
$singlePage = $obj_setting->customQuery("SELECT * FROM email_log where id IN('{$totalIds}')");
while ($getPageName = $db->fetchNextObject($singlePage)) {
$totalNames[] = $getPageName->name;
}
$pageName = implode(" , ", $totalNames);
} else {
$pageName = 'No Enquiry exists with these ids.';
}
unset($obj_setting);
}
}
if (isset($price) && $price[0] != "" && $price[1] != "") {
if ($first) {
$whereCondition .= 'price between ' . $price[0] . ' and ' . $price[1];
$first = false;
} else {
$whereCondition .= ' and price between ' . $price[0] . ' and ' . $price[1];
}
}
if (isset($page)) {
$carPages->current_page = $page;
}
}
$invOrderBy = explode('~', $invSort);
$carPages->default_ipp = $invPageLimit;
$carPages->pageUrl = 'products.php';
if (!isset($search)) {
$carPages->pageUrl = 'notre_inventaire';
}
$eu = $invPageLimit * ($invCurPage - 1);
$inventoryTotalRows = $common->numberOfRows('car_flat', $whereCondition);
//number of rows in pages table
$addCarToQuery = '';
$carPages->items_total = $inventoryTotalRows;
$carPages->paginate();
$all_cars = $common->read('car_flat', $whereCondition, $invOrderBy[0] . " " . $invOrderBy[1] . " LIMIT 0, " . $invPageLimit);
$all_car = array();
while ($row = mysql_fetch_array($all_cars)) {
$all_car[] = $row;
}
<?php
session_start();
$error = 0;
$error_login_msg = "";
if (trim($_POST['useremail']) != "") {
$common = new common();
$wherecondition = "email='" . trim($_POST['useremail']) . "'";
$usercount = $common->numberOfRows("users", $wherecondition);
if ($usercount == 0) {
$error_login_msg = '<span class="error_msg">Email non reconnu! Veuillez réessayer ou créer un nouveau compte.</span>';
} else {
$userqrywhrcondition = "email='" . trim($_POST['useremail']) . "'";
$user = $common->read("users", $userqrywhrcondition);
$uservalue = mysql_fetch_object($user);
//$password = base64_decode($uservalue->original_pswd);
$password = base64_decode($uservalue->password);
// Your subject
$subject = 'mot de passe oublié';
$message = nl2br("Message de La Centrale : compte utilisateur\n\t\t\t\t\t\t\tLa Centrale\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t------------------------------\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\tVous avez oublié votre mot de passe : \n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\tIdentifiant : " . trim($_POST['useremail']) . "\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\tMot de passe : {$password}");
$message = html_entity_decode(htmlentities($message, ENT_QUOTES, "UTF-8"));
$sentmail = sendSmtpMail(trim($_POST['useremail']), $subject, $message);
$error_login_msg = '<span class="success_msg">Mot de passe envoyé ! Si le message n\'apparaît pas d\'ici quelques minutes, vérifiez les courriers indésirables.</span>';
//echo "<script>window.location.href = '".DEFAULT_URL."/wishlist'</script>";
}
} else {
if (isset($_POST['useremail'])) {
$error_login_msg = '<span class="error_msg">S\'il vous plaît entrez l\'adresse e-mail valide pour obtenir votre mot de passe.</span>';
}
}
/*Fetch tabs*/
if (!isset($_GET['page'])) {
$pagesnum = 1;
$pagesPhotonum = 1;
}
if (isset($_GET['media']) && $_GET['media'] == 'photo') {
$pagesnum = 1;
$pagesPhotonum = $_GET['page'];
}
if (isset($_GET['media']) && $_GET['media'] == 'video') {
$pagesPhotonum = 1;
$pagesnum = $_GET['page'];
}
$pagesPhoto = new Paginator();
$pagesPhoto->default_ipp = 8;
$total_rows = $common->numberOfRows('media', "type='1'");
$pagesPhoto->items_total = $total_rows;
$pagesPhoto->extraParam = 'photo';
$pagesPhoto->paginate();
$limit = 8;
$eu = $limit * ($pagesPhotonum - 1);
$allMedia = $common->customQuery("SELECT * FROM media where type = '1' ORDER BY id ASC limit {$eu}, {$limit}");
$pages = new Paginator();
$pages->default_ipp = 8;
$totalVideos = $common->numberOfRows('media', "type='0'");
$pages->items_total = $totalVideos;
$pages->extraParam = 'video';
$pages->paginate();
$limit = 8;
$eu = $limit * ($pagesnum - 1);
$allVideo = $common->customQuery("SELECT * FROM media where type = '0' ORDER BY id ASC limit {$eu}, {$limit}");
$query = "INSERT INTO " . $userTblName . " Values " . $ins_str;
$common->customQuery($query);
}
$_SESSION['announces']['page'] = ceil($dbCarCount / 25);
$_SESSION['announces']['total'] = $ebay_total + $total_rows;
$_SESSION['announces']['fill'] = false;
}
if ($sort == "") {
$now_sort = "price";
$now_order = "ASC";
} else {
$oder = explode("~", $sort);
$now_sort = $oder[0];
$now_order = $oder[1];
}
$num = $common->numberOfRows($userTblName);
if (!isset($_GET['page'])) {
$page = 1;
}
$pages = new Paginator();
$pages->default_ipp = 25;
$pages->items_total = $_SESSION['announces']['total'];
$pages->paginate();
if ($num != 0) {
if ($page % $_SESSION['announces']['page'] == 0) {
$startLim = ($_SESSION['announces']['page'] - 1) * 25;
} else {
$startLim = ($page % $_SESSION['announces']['page'] - 1) * 25;
}
$list = $common->customQuery("SELECT * FROM " . $userTblName . " ORDER BY {$now_sort} {$now_order} LIMIT {$startLim} ,25");
if (!isset($cars_arr) && !isset($ebay_arr)) {
} else {
if ($groupby != "" && $sort == "") {
$total_rows = $search->attributeSearchCount($dataArray, $groupby);
$pages->items_total += $total_rows;
$pages->paginate();
$cars = $search->attributeSearch($dataArray, $groupby, 'ASC', $pages->limit);
} else {
$total_rows = $search->attributeSearchCount($dataArray);
$pages->items_total += $total_rows;
$pages->paginate();
$cars = $search->attributeSearch($dataArray, 'fullName', 'ASC', $pages->limit);
}
}
}
} else {
$total_rows = $common->numberOfRows("car", '');
$pages->items_total += $total_rows;
$pages->paginate();
$result = $common->customQuery("select car_id from car order by RAND() " . $pages->limit);
$car = array();
while ($res = mysql_fetch_object($result)) {
$cars[] = $res->car_id;
}
}
unset($pages);
$dbCarCount = 0;
$ins_str = '';
$ebay_arr = array();
foreach ($resp->searchResult->item as $item) {
$dbCarCount++;
$itemId = (string) $item->itemId;
<?php
extract($_GET);
extract($_POST);
$obj_setting = new common();
if (isset($pageid) and $pageid != '' and isset($action) and $action == 'delete') {
if (isset($searchtext) and $searchtext != '') {
$addToUrl = '?searchtext=' . $searchtext . '&searchcombo=' . $searchcombo;
} else {
$addToUrl = '';
}
$obj_setting->delete('pages', " id={$pageid}");
$_SESSION['success_msg'] = 'Page deleted successfully.';
echo '<script>location.href="' . DEFAULT_ADMIN_URL . '/page/index.php' . $addToUrl . '";</script>';
}
$total_rows = $obj_setting->numberOfRows('pages', " id={$pageid}");
if ($total_rows > 0) {
$singlePage = $obj_setting->customQuery("SELECT name FROM pages where id='" . $pageid . "'");
$getPageName = $db->fetchNextObject($singlePage);
$pageName = $getPageName->name;
} else {
$pageName = 'There is no page exists with this page id.';
}
unset($obj_setting);
<?php
extract($_GET);
extract($_POST);
$obj_setting = new common();
if (isset($id) and $id != '' and isset($action) and $action == 'delete') {
if (isset($searchtext) and $searchtext != '') {
$addToUrl = '?searchtext=' . $searchtext . '&searchcombo=' . $searchcombo;
} else {
$addToUrl = '';
}
$obj_setting->delete('car_inquiry', " id={$id}");
$_SESSION['success_msg'] = 'Enquiry deleted successfully.';
echo '<script>location.href="' . DEFAULT_ADMIN_URL . '/contact/guest/index.php' . $addToUrl . '";</script>';
}
$total_rows = $obj_setting->numberOfRows('car_inquiry', " id={$contactid}");
if ($total_rows > 0) {
$singlePage = $obj_setting->customQuery("SELECT * FROM car_inquiry where id='" . $id . "'");
$getPageName = $db->fetchNextObject($singlePage);
$pageName = $getPageName->name;
} else {
$pageName = 'No enquiry exists with this id.';
}
unset($obj_setting);
$this1 = $eu + $limit;
$back = $eu - $limit;
$next = $eu + $limit;
if (isset($_GET['field']) and $_GET['field'] != '') {
$field = $_GET['field'];
} else {
$field = 'id';
}
if (isset($_GET['orderBy']) and $_GET['orderBy'] != '') {
$orderby = $_GET['orderBy'];
} else {
$orderby = 'DESC';
}
$obj_setting = new common();
if (!isset($_REQUEST['searchcombo'])) {
$total_rows = $obj_setting->numberOfRows('contact', 'type = 101');
//number of rows in pages table
} else {
if ($_REQUEST['searchtext'] == 'Search') {
$total_rows = $obj_setting->numberOfRows('contact', 'type = 101');
//number of rows in pages table
} else {
$total_rows = $obj_setting->numberOfRows('contact', "type = 101 and `name` like '%" . addslashes($_REQUEST['searchtext']) . "%' OR `email` like '%" . addslashes($_REQUEST['searchtext']) . "%'");
//number of rows in pages table for perticular search criteria
}
}
if (!isset($_REQUEST['searchcombo'])) {
if ($searchword == "" && $type != "") {
$all_pages = $obj_setting->customQuery("SELECT * FROM contact where type = 101 order by {$field} {$orderby} limit {$eu}, {$limit} ");
} else {
if ($searchword != "" && $type != "") {
$this1 = $eu + $limit;
$back = $eu - $limit;
$next = $eu + $limit;
if (isset($_GET['field']) and $_GET['field'] != '') {
$field = $_GET['field'];
} else {
$field = 'id';
}
if (isset($_GET['orderBy']) and $_GET['orderBy'] != '') {
$orderby = $_GET['orderBy'];
} else {
$orderby = 'DESC';
}
$obj_setting = new common();
if (!isset($_REQUEST['searchcombo'])) {
$total_rows = $obj_setting->numberOfRows('car_inquiry');
//number of rows in pages table
} else {
if ($_REQUEST['searchtext'] == 'Search') {
$total_rows = $obj_setting->numberOfRows('car_inquiry');
//number of rows in pages table
} else {
$total_rows = $obj_setting->numberOfRows('car_inquiry', " `name` like '%" . addslashes($_REQUEST['searchtext']) . "%' OR `email` like '%" . addslashes($_REQUEST['searchtext']) . "%'");
//number of rows in pages table for perticular search criteria
}
}
if (!isset($_REQUEST['searchcombo'])) {
if ($searchword == "" && $type != "") {
$all_pages = $obj_setting->customQuery("SELECT * FROM car_inquiry where type = {$type} order by {$field} {$orderby} limit {$eu}, {$limit} ");
} else {
if ($searchword != "" && $type != "") {
<?php
extract($_GET);
extract($_POST);
$obj_setting = new common();
if (isset($id) and $id != '' and isset($action) and $action == 'delete') {
$obj_setting->delete('rot_banner', " id={$id}");
$_SESSION['success_msg'] = 'Banner deleted successfully.';
echo '<script>location.href="' . DEFAULT_ADMIN_URL . '/home/index.php' . '";</script>';
}
$total_rows = $obj_setting->numberOfRows('rot_banner', " id={$id}");
if ($total_rows > 0) {
$singlePage = $obj_setting->customQuery("SELECT name FROM rot_banner where id='" . $id . "'");
$getPageName = $db->fetchNextObject($singlePage);
$pageName = $getPageName->name;
} else {
$pageName = 'There is no banner exists with this page id.';
}
unset($obj_setting);
$this1 = $eu + $limit;
$back = $eu - $limit;
$next = $eu + $limit;
if (isset($_GET['field']) and $_GET['field'] != '') {
$field = $_GET['field'];
} else {
$field = 'id';
}
if (isset($_GET['orderBy']) and $_GET['orderBy'] != '') {
$orderby = $_GET['orderBy'];
} else {
$orderby = 'ASC';
}
$obj_setting = new common();
if (!isset($_REQUEST['searchcombo'])) {
$total_rows = $obj_setting->numberOfRows('email_log');
//number of rows in pages table
} else {
if ($_REQUEST['searchtext'] == 'Search') {
$total_rows = $obj_setting->numberOfRows('email_log');
//number of rows in pages table
} else {
$total_rows = $obj_setting->numberOfRows('email_log', " `email` like '%" . addslashes($_REQUEST['searchtext']) . "%'");
//number of rows in pages table for perticular search criteria
}
}
if (!isset($_REQUEST['searchcombo'])) {
if ($searchword == "" && $type != "") {
$all_pages = $obj_setting->customQuery("SELECT * FROM email_log order by {$field} {$orderby} limit {$eu}, {$limit} ");
} else {
if ($searchword != "" && $type != "") {
<?php
extract($_GET);
extract($_POST);
$obj_setting = new common();
if (isset($id) and $id != '' and isset($action) and $action == 'delete') {
if (isset($searchtext) and $searchtext != '') {
$addToUrl = '?searchtext=' . $searchtext . '&searchcombo=' . $searchcombo;
} else {
$addToUrl = '';
}
$obj_setting->delete('faq', " id={$id}");
$_SESSION['success_msg'] = 'FAQ deleted successfully.';
echo '<script>location.href="' . DEFAULT_ADMIN_URL . '/faq/index.php' . $addToUrl . '";</script>';
}
$total_rows = $obj_setting->numberOfRows('faq', " id={$contactid}");
if ($total_rows > 0) {
$singlePage = $obj_setting->customQuery("SELECT * FROM faq where id='" . $id . "'");
$getPageName = $db->fetchNextObject($singlePage);
$pageName = $getPageName->name;
} else {
$pageName = 'No FAQ exists with this id.';
}
unset($obj_setting);
$select20 = "";
break;
}
$start = $_GET['start'];
if (strlen($start) > 0 and !is_numeric($start)) {
$start = 0;
}
$eu = $start - 0;
if (!$limit > 0) {
// if limit value is not available then let us use a default value
$limit = PAGING_LIMIT;
// No of records to be shown per page by default.
}
$this1 = $eu + $limit;
$back = $eu - $limit;
$next = $eu + $limit;
if (isset($_GET['field']) and $_GET['field'] != '') {
$field = $_GET['field'];
} else {
$field = 'id';
}
if (isset($_GET['orderBy']) and $_GET['orderBy'] != '') {
$orderby = $_GET['orderBy'];
} else {
$orderby = 'ASC';
}
$obj_setting = new common();
$total_rows = $obj_setting->numberOfRows('content_page');
//number of rows in pages table
$allAccessories = $obj_setting->customQuery("SELECT * FROM content_page order by {$field} {$orderby} limit {$eu}, {$limit}");
unset($obj_setting);
