function delete_favorites() { global $config, $lang, $conn; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); $display = ''; login::loginCheck('Member'); if (!isset($_GET['listingID'])) { $display .= '<a href="' . $config['baseurl'] . '/index.php">' . $lang['perhaps_you_were_looking_something_else'] . '</a>'; } elseif ($_GET['listingID'] == '') { $display .= '<a href="' . $config['baseurl'] . '/index.php">' . $lang['perhaps_you_were_looking_something_else'] . '</a>'; } else { $userID = $misc->make_db_safe($_SESSION['userID']); $listingID = $misc->make_db_safe($_GET['listingID']); $sql = "DELETE FROM " . $config['table_prefix'] . "userfavoritelistings WHERE userdb_id = {$userID} AND listingsdb_id = {$listingID}"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $display .= '<br />' . $lang['listing_deleted_from_favorites']; $display .= membersfavorites::view_favorites(); } return $display; }
function save_search() { global $config, $lang, $conn; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); $display = ''; $status = login::loginCheck('Member'); if ($status === true) { $userID = $misc->make_db_safe($_SESSION['userID']); if (isset($_POST['title'])) { $title = $misc->make_db_safe($_POST['title']); $query = $misc->make_db_safe($_POST['query']); $notify = $misc->make_db_safe($_POST['notify']); $misc->make_db_safe($_POST['title']); $sql = "SELECT * FROM " . $config['table_prefix'] . "usersavedsearches WHERE userdb_id = {$userID} AND usersavedsearches_title = {$title}"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { log_error($sql); } $num_columns = $recordSet->RecordCount(); if ($num_columns == 0) { $sql = "INSERT INTO " . $config['table_prefix'] . "usersavedsearches (userdb_id, usersavedsearches_title, usersavedsearches_query_string,usersavedsearches_last_viewed,usersavedsearches_new_listings,usersavedsearches_notify) VALUES ({$userID}, {$title}, {$query},now(),0, {$notify})"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } else { $display .= '<br />' . $lang['search_added_to_saved_searches']; } } else { $display .= '<br />' . $lang['search_title_already_in_saved_searches'] . '<br />'; $guidestring = ''; foreach ($_GET as $k => $v) { if (is_array($v)) { foreach ($v as $vitem) { $guidestring .= '&' . urlencode("{$k}") . '[]=' . urlencode("{$vitem}"); } } else { $guidestring .= '&' . urlencode("{$k}") . '=' . urlencode("{$v}"); } } $display .= '<br />'; $display .= '<form action="index.php?' . $guidestring . '" method="post">'; $display .= $lang['enter_title_for_search']; $display .= '<input type="text" name="title" /><br /><br />'; if ($config['email_users_notification_of_new_listings'] == "1") { $display .= $lang['notify_saved_search']; $display .= '<select name="notify" size="1"><option value="yes">' . $lang['yes'] . '<option value="no">' . $lang['no'] . '</select><br /><br />'; } else { $display .= $lang['notify_saved_search_disabled'] . '<br />'; $display .= $lang['notify_saved_search']; $display .= '<select name="notify" size="1"><option value="yes">' . $lang['yes'] . '<option value="no">' . $lang['no'] . '</select><br /><br />'; } $display .= '<input type="submit" value=' . $lang['save_search'] . '" />'; $display .= '<input type="hidden" name="query" value="' . $query . '" />'; $display .= '</form>'; $display .= '<br />'; } } else { $query = ''; foreach ($_GET as $k => $v) { if ($v && $k != 'action' && $k != 'PHPSESSID') { if (is_array($v)) { foreach ($v as $vitem) { $query .= '&' . urlencode("{$k}") . '[]=' . urlencode("{$vitem}"); } } else { $query .= '&' . urlencode("{$k}") . '=' . urlencode("{$v}"); } } } if (substr($query, 0, strcspn($query, "=")) == "cur_page") { $query = substr($query, strcspn($query, "&") + 1); // echo $QUERY_STRING; } $sql = "SELECT usersavedsearches_title, usersavedsearches_query_string FROM " . $config['table_prefix'] . "usersavedsearches WHERE userdb_id = {$_SESSION['userID']} AND usersavedsearches_query_string = '{$query}'"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { log_error($sql); } $num_columns = $recordSet->RecordCount(); if ($num_columns != 0) { $display .= '<br />' . $lang['search_already_in_saved_searches'] . '<a href="' . $config['baseurl'] . '/index.php?searchresults&' . make_db_unsafe($recordSet->fields['usersavedsearches_query_string'] . '">' . make_db_unsafe($recordSet->fields['usersavedsearches_title']) . '</a><br />'); } else { // Get full guidesting $guidestring = ''; foreach ($_GET as $k => $v) { if (is_array($v)) { foreach ($v as $vitem) { $guidestring .= '&' . urlencode("{$k}") . '[]=' . urlencode("{$vitem}"); } } else { $guidestring .= '&' . urlencode("{$k}") . '=' . urlencode("{$v}"); } } $display .= '<br />'; $display .= '<form action="index.php?' . $guidestring . '" method="post">'; $display .= $lang['enter_title_for_search'] . '<input type="text" name="title" /><br /><br />'; if ($config['email_users_notification_of_new_listings'] == "1") { $display .= $lang['notify_saved_search']; $display .= '<select name="notify" size="1"><option value="yes">' . $lang['yes'] . '<option value="no">' . $lang['no'] . '</select><br /><br />'; } else { $display .= $lang['notify_saved_search_disabled'] . '<br />'; $display .= $lang['notify_saved_search']; $display .= '<select name="notify" size="1"><option value="yes">' . $lang['yes'] . '<option value="no">' . $lang['no'] . '</select><br /><br />'; } $display .= '<input type="submit" value="' . $lang['save_search'] . '" />'; $display .= '<input type="hidden" name="query" value="' . $query . '" />'; $display .= '</form>'; $display .= '<br />'; } } } else { $display = $status; } return $display; }
function display() { global $conn, $config, $lang; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); // Make Sure we passed the PageID $display = ''; if (!isset($_GET['PageID'])) { $display .= "ERROR. PageID not sent"; } $page_id = $misc->make_db_safe($_GET['PageID']); $display .= '<div class="page_display">'; $sql = "SELECT pagesmain_full,pagesmain_id FROM " . $config['table_prefix'] . "pagesmain WHERE pagesmain_id=" . $page_id; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $full = html_entity_decode($misc->make_db_unsafe($recordSet->fields['pagesmain_full']), ENT_NOQUOTES, $config['charset']); //$full = $misc->make_db_unsafe($recordSet->fields['pagesmain_full']); $id = $recordSet->fields['pagesmain_id']; if ($config["wysiwyg_execute_php"] == 1) { ob_start(); $full = str_replace("<!--<?php", "<?php", $full); $full = str_replace("?>-->", "?>", $full); eval('?>' . "{$full}" . '<?php '); $display .= ob_get_contents(); ob_end_clean(); } else { $display .= $full; } // Allow Admin To Edit # if (isset($_SESSION['editpages']) && $_SESSION['admin_privs'] == 'yes' && $config["wysiwyg_show_edit"] == 1) { $display .= "<p> </p>"; $display .= "<a href=\"{$config['baseurl']}/admin/index.php?action=edit_page&id={$id}\">{$lang['edit_html_from_site']}</a>"; } $display .= '</div>'; // parse page for template varibales require_once $config['basepath'] . '/include/class/template/core.inc.php'; $template = new page_user(); $template->page = $display; $template->replace_tags(array('templated_search_form', 'featured_listings_horizontal', 'featured_listings_vertical', 'company_name', 'link_printer_friendly')); $display = $template->return_page(); return $display; }
public static function get_featured($listing_id, $raw) { global $conn, $config; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); $listing_id = $misc->make_db_extra_safe($listing_id); $sql = "SELECT listingsdb_featured FROM " . $config['table_prefix'] . "listingsdb WHERE listingsdb_id = {$listing_id}"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $featured = $recordSet->fields['listingsdb_featured']; if ($raw == 'no') { if ($featured == 'yes') { $featured = 'featured'; } else { $featured = ''; } } return $featured; }
function verify_email() { global $conn, $config, $lang; $display = ''; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); if (isset($_GET['id']) && isset($_GET['key'])) { $userID = $misc->make_db_unsafe($_GET['id']); $sql = 'SELECT userdb_id, userdb_user_name, userdb_user_password, userdb_emailaddress, userdb_is_agent FROM ' . $config['table_prefix'] . 'userdb WHERE userdb_id = ' . $userID; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $user_id = $misc->make_db_unsafe($recordSet->fields['userdb_id']); $user_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_name']); $user_pass = $misc->make_db_unsafe($recordSet->fields['userdb_user_password']); $emailAddress = $misc->make_db_unsafe($recordSet->fields['userdb_emailaddress']); if (md5($user_id . ':' . $emailAddress) == $_GET['key']) { $valid = true; } if ($recordSet->fields['userdb_is_agent'] == 'yes') { $type = 'agent'; } else { $type = 'member'; } if ($config['moderate_' . $type . 's'] == 0) { if ($type == 'agent') { if ($config["agent_default_active"] == 0) { $set_active = "no"; } else { $set_active = "yes"; } } else { $set_active = "yes"; } } else { $set_active = "no"; } $sql_set_active = $misc->make_db_safe($set_active); if ($valid == true) { if ($config['email_notification_of_new_users'] == 1) { // if the site admin should be notified when a new user is added $message = $_SERVER['REMOTE_ADDR'] . ' -- ' . date('F j, Y, g:i:s a') . "\r\n\r\n" . $lang['admin_new_user'] . ":\r\n" . $config['baseurl'] . '/admin/index.php?action=user_manager&edit=' . $userID . "\r\n"; $header = 'From: ' . $config['admin_name'] . ' <' . $config['admin_email'] . ">\r\n"; $header .= "X-Sender: {$config['admin_email']}\r\n"; $header .= "Return-Path: {$config['admin_email']}\r\n"; mail("{$config['admin_email']}", "{$lang['admin_new_user']}", $message, $header); } // end if $verified = $misc->make_db_safe('yes'); $sql = 'UPDATE ' . $config['table_prefix'] . 'userdb SET userdb_active = ' . $sql_set_active . ', userdb_email_verified = ' . $verified . ' WHERE userdb_id = ' . $userID; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $display .= '<p class="notice">' . $lang['verify_email_thanks'] . '</p>'; if ($config['moderate_' . $type . 's'] == 1) { // if moderation is turned on... $display .= '<p>' . $lang['admin_new_user_moderated'] . '</p>'; } else { //log the user in $_SESSION['username'] = $user_name; $_SESSION['userpassword'] = $user_pass; login::loginCheck('Member'); $display .= '<p>' . $lang['you_may_now_view_priv'] . '</p>'; } } else { $display .= '<p class="notice">' . $lang['verify_email_invalid_link'] . '</div>'; } } else { $display .= '<p class="notice">' . $lang['verify_email_invalid_link'] . '</div>'; } return $display; }
function update_active_status($user_id, $status) { global $conn, $config, $lang; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); $sql_status = $misc->make_db_safe($status); $sql = 'UPDATE ' . $config['table_prefix'] . 'listingsdb SET listingsdb_active = ' . $sql_status . ' WHERE userdb_id = ' . $user_id; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } return '<p>' . $lang['agent_listings_updated'] . $status . '</p>'; }
function goodvtour($listingID) { global $lang, $conn, $config, $jscript; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); $ext = 'bad'; if (isset($_GET['listingID'])) { if ($_GET['listingID'] != "") { $listingID = intval($listingID); $sql = "SELECT vtourimages_file_name, vtourimages_rank FROM " . $config['table_prefix'] . "vtourimages WHERE (listingsdb_id = {$listingID}) ORDER BY vtourimages_rank"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } } $num_images = $recordSet->RecordCount(); if ($num_images > 0) { while (!$recordSet->EOF) { $file_name = $misc->make_db_unsafe($recordSet->fields['vtourimages_file_name']); $ext = substr(strrchr($file_name, '.'), 1); $recordSet->MoveNext(); } // end while } // end if ($num_images > 0) } if ($ext == 'jpg' || $ext == 'egg') { return true; } else { return false; } }
/** * configurator::show_configurator() * This function handles the display and updates for the site configurator. * * @param string $guidestring * @return */ function show_configurator($guidestring = '') { global $conn, $lang, $config; $security = login::loginCheck('edit_site_config', true); $display = ''; if ($security === true) { // Open Connection to the Control Panel Table require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); // DISABLE MULTILINGUAL SUPPORT AS IT IS NOT READY FOR THIS RELEASE $ml_support = false; // Default Options $yes_no[0] = 'No'; $yes_no[1] = 'Yes'; $asc_desc['ASC'] = 'ASC'; $asc_desc['DESC'] = 'DESC'; // New Charset Settings - Current charsets supported by PHP 4.3.0 and up $charset['ISO-8859-1'] = 'ISO-8859-1'; $charset['ISO-8859-15'] = 'ISO-8859-15'; $charset['UTF-8'] = 'UTF-8'; $charset['cp866'] = 'cp866'; $charset['cp1251'] = 'cp1251'; $charset['cp1252'] = 'cp1252'; $charset['KOI8-R'] = 'KOI8-R'; $charset['BIG5'] = 'BIG5'; $charset['GB2312'] = 'GB2312'; $charset['BIG5-HKSCS'] = 'BIG5-HKSCS'; $charset['Shift_JIS'] = 'Shift_JIS'; $charset['EUC-JP'] = 'EUC-JP'; // New Global Maps $map_types['global_mapquest'] = $lang['global_mapquest']; $map_types['global_multimap'] = $lang['global_multimap']; // Map Options $map_types['mapquest_AD'] = $lang['mapquest_AD']; $map_types['mapquest_AE'] = $lang['mapquest_AE']; $map_types['mapquest_AF'] = $lang['mapquest_AF']; $map_types['mapquest_AG'] = $lang['mapquest_AG']; $map_types['mapquest_AI'] = $lang['mapquest_AI']; $map_types['mapquest_AL'] = $lang['mapquest_AL']; $map_types['mapquest_AM'] = $lang['mapquest_AM']; $map_types['mapquest_AN'] = $lang['mapquest_AN']; $map_types['mapquest_AO'] = $lang['mapquest_AO']; $map_types['mapquest_AR'] = $lang['mapquest_AR']; $map_types['mapquest_AS'] = $lang['mapquest_AS']; $map_types['mapquest_AT'] = $lang['mapquest_AT']; $map_types['mapquest_AU'] = $lang['mapquest_AU']; $map_types['mapquest_AW'] = $lang['mapquest_AW']; $map_types['mapquest_AZ'] = $lang['mapquest_AZ']; $map_types['mapquest_BA'] = $lang['mapquest_BA']; $map_types['mapquest_BB'] = $lang['mapquest_BB']; $map_types['mapquest_BD'] = $lang['mapquest_BD']; $map_types['mapquest_BE'] = $lang['mapquest_BE']; $map_types['mapquest_BF'] = $lang['mapquest_BF']; $map_types['mapquest_BG'] = $lang['mapquest_BG']; $map_types['mapquest_BH'] = $lang['mapquest_BH']; $map_types['mapquest_BI'] = $lang['mapquest_BI']; $map_types['mapquest_BJ'] = $lang['mapquest_BJ']; $map_types['mapquest_BM'] = $lang['mapquest_BM']; $map_types['mapquest_BN'] = $lang['mapquest_BN']; $map_types['mapquest_BO'] = $lang['mapquest_BO']; $map_types['mapquest_BR'] = $lang['mapquest_BR']; $map_types['mapquest_BS'] = $lang['mapquest_BS']; $map_types['mapquest_BT'] = $lang['mapquest_BT']; $map_types['mapquest_BV'] = $lang['mapquest_BV']; $map_types['mapquest_BW'] = $lang['mapquest_BW']; $map_types['mapquest_BY'] = $lang['mapquest_BY']; $map_types['mapquest_BZ'] = $lang['mapquest_BZ']; $map_types['mapquest_CA'] = $lang['mapquest_CA']; $map_types['mapquest_CC'] = $lang['mapquest_CC']; $map_types['mapquest_CD'] = $lang['mapquest_CD']; $map_types['mapquest_CF'] = $lang['mapquest_CF']; $map_types['mapquest_CG'] = $lang['mapquest_CG']; $map_types['mapquest_CH'] = $lang['mapquest_CH']; $map_types['mapquest_CI'] = $lang['mapquest_CI']; $map_types['mapquest_CK'] = $lang['mapquest_CK']; $map_types['mapquest_CL'] = $lang['mapquest_CL']; $map_types['mapquest_CM'] = $lang['mapquest_CM']; $map_types['mapquest_CN'] = $lang['mapquest_CN']; $map_types['mapquest_CO'] = $lang['mapquest_CO']; $map_types['mapquest_CR'] = $lang['mapquest_CR']; $map_types['mapquest_CS'] = $lang['mapquest_CS']; $map_types['mapquest_CU'] = $lang['mapquest_CU']; $map_types['mapquest_CV'] = $lang['mapquest_CV']; $map_types['mapquest_CX'] = $lang['mapquest_CX']; $map_types['mapquest_CY'] = $lang['mapquest_CY']; $map_types['mapquest_CZ'] = $lang['mapquest_CZ']; $map_types['mapquest_DE'] = $lang['mapquest_DE']; $map_types['mapquest_DJ'] = $lang['mapquest_DJ']; $map_types['mapquest_DK'] = $lang['mapquest_DK']; $map_types['mapquest_DM'] = $lang['mapquest_DM']; $map_types['mapquest_DO'] = $lang['mapquest_DO']; $map_types['mapquest_DZ'] = $lang['mapquest_DZ']; $map_types['mapquest_EC'] = $lang['mapquest_EC']; $map_types['mapquest_EE'] = $lang['mapquest_EE']; $map_types['mapquest_EG'] = $lang['mapquest_EG']; $map_types['mapquest_EH'] = $lang['mapquest_EH']; $map_types['mapquest_ER'] = $lang['mapquest_ER']; $map_types['mapquest_ES'] = $lang['mapquest_ES']; $map_types['mapquest_ET'] = $lang['mapquest_ET']; $map_types['mapquest_FI'] = $lang['mapquest_FI']; $map_types['mapquest_FJ'] = $lang['mapquest_FJ']; $map_types['mapquest_FK'] = $lang['mapquest_FK']; $map_types['mapquest_FM'] = $lang['mapquest_FM']; $map_types['mapquest_FO'] = $lang['mapquest_FO']; $map_types['mapquest_FR'] = $lang['mapquest_FR']; $map_types['multimap_FR'] = $lang['multimap_FR']; $map_types['mapquest_GA'] = $lang['mapquest_GA']; $map_types['mapquest_GB'] = $lang['mapquest_GB']; $map_types['mapquest_GD'] = $lang['mapquest_GD']; $map_types['mapquest_GE'] = $lang['mapquest_GE']; $map_types['mapquest_GF'] = $lang['mapquest_GF']; $map_types['mapquest_GH'] = $lang['mapquest_GH']; $map_types['mapquest_GI'] = $lang['mapquest_GI']; $map_types['mapquest_GL'] = $lang['mapquest_GL']; $map_types['mapquest_GM'] = $lang['mapquest_GM']; $map_types['mapquest_GN'] = $lang['mapquest_GN']; $map_types['mapquest_GP'] = $lang['mapquest_GP']; $map_types['mapquest_GQ'] = $lang['mapquest_GQ']; $map_types['mapquest_GR'] = $lang['mapquest_GR']; $map_types['mapquest_GS'] = $lang['mapquest_GS']; $map_types['mapquest_GT'] = $lang['mapquest_GT']; $map_types['mapquest_GU'] = $lang['mapquest_GU']; $map_types['mapquest_GW'] = $lang['mapquest_GW']; $map_types['mapquest_GY'] = $lang['mapquest_GY']; $map_types['mapquest_GZ'] = $lang['mapquest_GZ']; $map_types['mapquest_HK'] = $lang['mapquest_HK']; $map_types['mapquest_HM'] = $lang['mapquest_HM']; $map_types['mapquest_HN'] = $lang['mapquest_HN']; $map_types['mapquest_HR'] = $lang['mapquest_HR']; $map_types['mapquest_HT'] = $lang['mapquest_HT']; $map_types['mapquest_HU'] = $lang['mapquest_HU']; $map_types['mapquest_ID'] = $lang['mapquest_ID']; $map_types['mapquest_IE'] = $lang['mapquest_IE']; $map_types['mapquest_IL'] = $lang['mapquest_IL']; $map_types['mapquest_IN'] = $lang['mapquest_IN']; $map_types['mapquest_IO'] = $lang['mapquest_IO']; $map_types['mapquest_IQ'] = $lang['mapquest_IQ']; $map_types['mapquest_IR'] = $lang['mapquest_IR']; $map_types['mapquest_IS'] = $lang['mapquest_IS']; $map_types['mapquest_IT'] = $lang['mapquest_IT']; $map_types['mapquest_JM'] = $lang['mapquest_JM']; $map_types['mapquest_JO'] = $lang['mapquest_JO']; $map_types['mapquest_JP'] = $lang['mapquest_JP']; $map_types['mapquest_KE'] = $lang['mapquest_KE']; $map_types['mapquest_KG'] = $lang['mapquest_KG']; $map_types['mapquest_KH'] = $lang['mapquest_KH']; $map_types['mapquest_KI'] = $lang['mapquest_KI']; $map_types['mapquest_KM'] = $lang['mapquest_KM']; $map_types['mapquest_KN'] = $lang['mapquest_KN']; $map_types['mapquest_KP'] = $lang['mapquest_KP']; $map_types['mapquest_KR'] = $lang['mapquest_KR']; $map_types['mapquest_KW'] = $lang['mapquest_KW']; $map_types['mapquest_KY'] = $lang['mapquest_KY']; $map_types['mapquest_KZ'] = $lang['mapquest_KZ']; $map_types['mapquest_LA'] = $lang['mapquest_LA']; $map_types['mapquest_LB'] = $lang['mapquest_LB']; $map_types['mapquest_LC'] = $lang['mapquest_LC']; $map_types['mapquest_LI'] = $lang['mapquest_LI']; $map_types['mapquest_LK'] = $lang['mapquest_LK']; $map_types['mapquest_LR'] = $lang['mapquest_LR']; $map_types['mapquest_LS'] = $lang['mapquest_LS']; $map_types['mapquest_LT'] = $lang['mapquest_LT']; $map_types['mapquest_LU'] = $lang['mapquest_LU']; $map_types['mapquest_LV'] = $lang['mapquest_LV']; $map_types['mapquest_LY'] = $lang['mapquest_LY']; $map_types['mapquest_MA'] = $lang['mapquest_MA']; $map_types['mapquest_MC'] = $lang['mapquest_MC']; $map_types['mapquest_MD'] = $lang['mapquest_MD']; $map_types['mapquest_MG'] = $lang['mapquest_MG']; $map_types['mapquest_MH'] = $lang['mapquest_MH']; $map_types['mapquest_MK'] = $lang['mapquest_MK']; $map_types['mapquest_ML'] = $lang['mapquest_ML']; $map_types['mapquest_MM'] = $lang['mapquest_MM']; $map_types['mapquest_MN'] = $lang['mapquest_MN']; $map_types['mapquest_MO'] = $lang['mapquest_MO']; $map_types['mapquest_MP'] = $lang['mapquest_MP']; $map_types['mapquest_MQ'] = $lang['mapquest_MQ']; $map_types['mapquest_MR'] = $lang['mapquest_MR']; $map_types['mapquest_MS'] = $lang['mapquest_MS']; $map_types['mapquest_MT'] = $lang['mapquest_MT']; $map_types['mapquest_MU'] = $lang['mapquest_MU']; $map_types['mapquest_MV'] = $lang['mapquest_MV']; $map_types['mapquest_MW'] = $lang['mapquest_MW']; $map_types['mapquest_MX'] = $lang['mapquest_MX']; $map_types['mapquest_MY'] = $lang['mapquest_MY']; $map_types['mapquest_MZ'] = $lang['mapquest_MZ']; $map_types['mapquest_NA'] = $lang['mapquest_NA']; $map_types['mapquest_NC'] = $lang['mapquest_NC']; $map_types['mapquest_NE'] = $lang['mapquest_NE']; $map_types['mapquest_NF'] = $lang['mapquest_NF']; $map_types['mapquest_NG'] = $lang['mapquest_NG']; $map_types['mapquest_NI'] = $lang['mapquest_NI']; $map_types['mapquest_NL'] = $lang['mapquest_NL']; $map_types['mapquest_NO'] = $lang['mapquest_NO']; $map_types['mapquest_NP'] = $lang['mapquest_NP']; $map_types['mapquest_NR'] = $lang['mapquest_NR']; $map_types['mapquest_NU'] = $lang['mapquest_NU']; $map_types['mapquest_NZ'] = $lang['mapquest_NZ']; $map_types['mapquest_OM'] = $lang['mapquest_OM']; $map_types['mapquest_PA'] = $lang['mapquest_PA']; $map_types['mapquest_PE'] = $lang['mapquest_PE']; $map_types['mapquest_PF'] = $lang['mapquest_PF']; $map_types['mapquest_PG'] = $lang['mapquest_PG']; $map_types['mapquest_PH'] = $lang['mapquest_PH']; $map_types['mapquest_PK'] = $lang['mapquest_PK']; $map_types['mapquest_PL'] = $lang['mapquest_PL']; $map_types['mapquest_PM'] = $lang['mapquest_PM']; $map_types['mapquest_PN'] = $lang['mapquest_PN']; $map_types['mapquest_PR'] = $lang['mapquest_PR']; $map_types['mapquest_PS'] = $lang['mapquest_PS']; $map_types['mapquest_PT'] = $lang['mapquest_PT']; $map_types['mapquest_PW'] = $lang['mapquest_PW']; $map_types['mapquest_PY'] = $lang['mapquest_PY']; $map_types['mapquest_QA'] = $lang['mapquest_QA']; $map_types['mapquest_RE'] = $lang['mapquest_RE']; $map_types['mapquest_RO'] = $lang['mapquest_RO']; $map_types['mapquest_RU'] = $lang['mapquest_RU']; $map_types['mapquest_RW'] = $lang['mapquest_RW']; $map_types['mapquest_SA'] = $lang['mapquest_SA']; $map_types['mapquest_SB'] = $lang['mapquest_SB']; $map_types['mapquest_SC'] = $lang['mapquest_SC']; $map_types['mapquest_SD'] = $lang['mapquest_SD']; $map_types['mapquest_SE'] = $lang['mapquest_SE']; $map_types['mapquest_SG'] = $lang['mapquest_SG']; $map_types['mapquest_SH'] = $lang['mapquest_SH']; $map_types['mapquest_SI'] = $lang['mapquest_SI']; $map_types['mapquest_SJ'] = $lang['mapquest_SJ']; $map_types['mapquest_SK'] = $lang['mapquest_SK']; $map_types['mapquest_SL'] = $lang['mapquest_SL']; $map_types['mapquest_SM'] = $lang['mapquest_SM']; $map_types['mapquest_SN'] = $lang['mapquest_SN']; $map_types['mapquest_SO'] = $lang['mapquest_SO']; $map_types['mapquest_SR'] = $lang['mapquest_SR']; $map_types['mapquest_ST'] = $lang['mapquest_ST']; $map_types['mapquest_SV'] = $lang['mapquest_SV']; $map_types['mapquest_SY'] = $lang['mapquest_SY']; $map_types['mapquest_SZ'] = $lang['mapquest_SZ']; $map_types['mapquest_TC'] = $lang['mapquest_TC']; $map_types['mapquest_TD'] = $lang['mapquest_TD']; $map_types['mapquest_TF'] = $lang['mapquest_TF']; $map_types['mapquest_TG'] = $lang['mapquest_TG']; $map_types['mapquest_TH'] = $lang['mapquest_TH']; $map_types['mapquest_TJ'] = $lang['mapquest_TJ']; $map_types['mapquest_TK'] = $lang['mapquest_TK']; $map_types['mapquest_TM'] = $lang['mapquest_TM']; $map_types['mapquest_TN'] = $lang['mapquest_TN']; $map_types['mapquest_TO'] = $lang['mapquest_TO']; $map_types['mapquest_TP'] = $lang['mapquest_TP']; $map_types['mapquest_TR'] = $lang['mapquest_TR']; $map_types['mapquest_TT'] = $lang['mapquest_TT']; $map_types['mapquest_TV'] = $lang['mapquest_TV']; $map_types['mapquest_TW'] = $lang['mapquest_TW']; $map_types['mapquest_TZ'] = $lang['mapquest_TZ']; $map_types['mapquest_UA'] = $lang['mapquest_UA']; $map_types['mapquest_UG'] = $lang['mapquest_UG']; $map_types['multimap_GB'] = $lang['multimap_uk']; $map_types['google_us'] = $lang['google_us']; $map_types['mapquest_US'] = $lang['mapquest_US']; $map_types['yahoo_us'] = $lang['yahoo_us']; $map_types['mapquest_UY'] = $lang['mapquest_UY']; $map_types['mapquest_UZ'] = $lang['mapquest_UZ']; $map_types['mapquest_VA'] = $lang['mapquest_VA']; $map_types['mapquest_VC'] = $lang['mapquest_VC']; $map_types['mapquest_VE'] = $lang['mapquest_VE']; $map_types['mapquest_VG'] = $lang['mapquest_VG']; $map_types['mapquest_VI'] = $lang['mapquest_VI']; $map_types['mapquest_VN'] = $lang['mapquest_VN']; $map_types['mapquest_VU'] = $lang['mapquest_VU']; $map_types['mapquest_WF'] = $lang['mapquest_WF']; $map_types['mapquest_WS'] = $lang['mapquest_WS']; $map_types['mapquest_YE'] = $lang['mapquest_YE']; $map_types['mapquest_YT'] = $lang['mapquest_YT']; $map_types['mapquest_ZA'] = $lang['mapquest_ZA']; $map_types['mapquest_ZM'] = $lang['mapquest_ZM']; $map_types['mapquest_ZW'] = $lang['mapquest_ZW']; // Listing Template Field Names for Map Field Selection $sql = "SELECT listingsformelements_field_name, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsformelements"; $recordSet = $conn->Execute($sql); if (!$recordSet) { $misc->log_error($sql); } $listing_field_name_options[''] = ''; while (!$recordSet->EOF) { $field_name = $recordSet->fields['listingsformelements_field_name']; $listing_field_name_options[$field_name] = $field_name . ' (' . $recordSet->fields['listingsformelements_field_caption'] . ')'; $recordSet->MoveNext(); } // Agent Template Field Names for Vcard Selection $sql = "SELECT agentformelements_field_name, agentformelements_field_caption FROM " . $config['table_prefix'] . "agentformelements"; $recordSet = $conn->Execute($sql); if (!$recordSet) { $misc->log_error($sql); } $agent_field_name_options[''] = ''; while (!$recordSet->EOF) { $field_name = $recordSet->fields['agentformelements_field_name']; $agent_field_name_options[$field_name] = $field_name . ' (' . $recordSet->fields['agentformelements_field_caption'] . ')'; $recordSet->MoveNext(); } // Listing Template Field Names for Search Field Selection $sql = "SELECT listingsformelements_field_name, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsformelements WHERE listingsformelements_display_on_browse = 'Yes'"; $recordSet = $conn->Execute($sql); $search_field_sortby_options['random'] = $lang['random']; $search_field_sortby_options['listingsdb_id'] = $lang['id']; $search_field_sortby_options['listingsdb_title'] = $lang['title']; $search_field_sortby_options['listingsdb_featured'] = $lang['featured']; $search_field_sortby_options['listingsdb_last_modified'] = $lang['last_modified']; $search_field_special_sortby_options['none'] = $lang['none']; $search_field_special_sortby_options['listingsdb_featured'] = $lang['featured']; $search_field_special_sortby_options['listingsdb_id'] = $lang['id']; $search_field_special_sortby_options['listingsdb_title'] = $lang['title']; $search_field_special_sortby_options['listingsdb_last_modified'] = $lang['last_modified']; if (!$recordSet) { $misc->log_error($sql); } while (!$recordSet->EOF) { $field_name = $recordSet->fields['listingsformelements_field_name']; $search_field_sortby_options[$field_name] = $field_name . ' (' . $recordSet->fields['listingsformelements_field_caption'] . ')'; $search_field_special_sortby_options[$field_name] = $field_name . ' (' . $recordSet->fields['listingsformelements_field_caption'] . ')'; $recordSet->MoveNext(); } $thumbnail_prog['gd'] = 'GD Libs'; $thumbnail_prog['imagemagick'] = 'ImageMagick'; $resize_opts['width'] = 'Width'; $resize_opts['height'] = 'Height'; $resize_opts['bestfit'] = 'Best Fit'; $resize_opts['both'] = 'Both'; $mainimage_opts['width'] = 'Width'; $mainimage_opts['height'] = 'Height'; $mainimage_opts['both'] = 'Both'; $filedisplay['filename'] = 'Filename'; $filedisplay['caption'] = 'Caption'; $filedisplay['both'] = 'Both'; // Generate GuideString $guidestring = ''; foreach ($_GET as $k => $v) { if (is_array($v)) { foreach ($v as $vitem) { $guidestring .= '&' . urlencode("{$k}") . '[]=' . urlencode("{$vitem}"); } } else { $guidestring .= '&' . urlencode("{$k}") . '=' . urlencode("{$v}"); } } // Save any Post Data if (isset($_POST['controlpanel_admin_name'])) { if ($ml_support === true) { // Setup any new Language Databases require_once $config['basepath'] . '/include/multilingual.inc.php'; foreach ($_POST['controlpanel_configured_langs'] as $f) { // $display .= $f; $new_langs[] = $f; } $sql = 'SELECT controlpanel_configured_langs from ' . $config['table_prefix_no_lang'] . 'controlpanel'; $recordSet = $conn->Execute($sql); if (!$recordSet) { $misc->log_error($sql); } $old_langs = explode(',', $recordSet->fields['controlpanel_configured_langs']); // Setup New Language Tables foreach ($new_langs as $newlang) { if (!in_array($newlang, $old_langs)) { multilingual::setup_additional_language($newlang); } } // Remove Old Language Tables foreach ($old_langs as $oldlang) { if (!in_array($oldlang, $new_langs)) { multilingual::remove_additional_language($oldlang); } } } // Update ControlPanel $sql = 'UPDATE ' . $config['table_prefix_no_lang'] . 'controlpanel SET '; $sql_part = ''; foreach ($_POST as $field => $value) { if (is_array($value)) { $value2 = ''; foreach ($value as $f) { if ($value2 == '') { $value2 = "{$f}"; } else { $value2 .= ",{$f}"; } } $value2 = $misc->make_db_safe($value2); if ($sql_part == '') { $sql_part = "{$field} = {$value2}"; } else { $sql_part .= " , {$field} = {$value2}"; } } else { $value = $misc->make_db_safe($value); if ($sql_part == '') { $sql_part = "{$field} = {$value}"; } else { $sql_part .= " , {$field} = {$value}"; } } } $sql .= $sql_part; $recordSet = $conn->Execute($sql); if (!$recordSet) { $misc->log_error($sql); } $display .= '<br /><b>' . $lang['configuration_saved'] . '</b><br />'; } // START SITE CONFIGURATOR $sql = 'SELECT * from ' . $config["table_prefix_no_lang"] . 'controlpanel'; $recordSet = $conn->Execute($sql); if (!$recordSet) { $misc->log_error($sql); } // Include the Form Generation Class include $config['basepath'] . '/include/class/form_generation.inc.php'; $formGen = new formGeneration(); $display .= '<h2>' . $lang['open_realty_configurator'] . '</h2>'; $display .= $formGen->startform('index.php?' . $guidestring); //Start tabbed page $display .= '<div class="tab-pane" id="tabPane1">'; $display .= '<script type="text/javascript">' . "\r\n"; $display .= 'tp1 = new WebFXTabPane( document.getElementById( "tabPane1" ) );' . "\r\n"; $display .= '</script>' . "\r\n"; //Tab 1 $display .= '<div class="tab-page" id="tabPage1">'; $display .= '<h2 class="tab">' . $lang['site_config_tab_general'] . '</h2>'; $display .= '<script type="text/javascript">tp1.addTabPage( document.getElementById( "tabPage1" ) );</script>'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['site_config_heading_general_info'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['admin_name'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_admin_name', $misc->make_db_unsafe($recordSet->fields['controlpanel_admin_name']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_admin_name'])) . '</td>'; $display .= '<td>' . $lang['admin_name_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['admin_email'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_admin_email', $misc->make_db_unsafe($recordSet->fields['controlpanel_admin_email']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_admin_email'])) . '</td>'; $display .= '<td>' . $lang['admin_email_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['company_name'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_company_name', $misc->make_db_unsafe($recordSet->fields['controlpanel_company_name']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_company_name'])) . '</td>'; $display .= '<td>' . $lang['company_name_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['company_location'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_company_location', $misc->make_db_unsafe($recordSet->fields['controlpanel_company_location']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_company_location'])) . '</td>'; $display .= '<td>' . $lang['company_location_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['company_logo'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_company_logo', $misc->make_db_unsafe($recordSet->fields['controlpanel_company_logo']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_company_logo'])) . '</td>'; $display .= '<td>' . $lang['company_logo_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['automatic_update_check'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_automatic_update_check', $misc->make_db_unsafe($recordSet->fields['controlpanel_automatic_update_check']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_automatic_update_check'])) . '</td>'; $display .= '<td>' . $lang['automatic_update_check_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['demo_mode'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_demo_mode', $misc->make_db_unsafe($recordSet->fields['controlpanel_demo_mode']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_demo_mode'])) . '</td>'; $display .= '<td>' . $lang['demo_mode_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset><br />'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['site_config_heading_server_paths'] . '</b></legend>'; $display .= '<table align="center" cellspacing="0" cellpadding="3" width="99%" border="0">'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['base_url'] . '</strong></td>'; $display .= '<td>' . $misc->make_db_unsafe($recordSet->fields['controlpanel_baseurl']) . '</td>'; $display .= '<td>' . $lang['base_url_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['base_path'] . '</strong></td>'; $display .= '<td>' . $misc->make_db_unsafe($recordSet->fields['controlpanel_basepath']) . '</td>'; $display .= '<td>' . $lang['base_path_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset><br />'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['site_config_heading_language_settings'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $display .= '<tr class=tdshade2>'; $display .= '<td width="150"><strong>' . $lang['lang'] . '</strong></td>'; // Get Language Options $dir = 0; $options = array(); if ($handle = opendir($config['basepath'] . '/include/language')) { while (false !== ($file = readdir($handle))) { if ($file != "." && $file != ".." && $file != "CVS" && $file != ".svn") { if (is_dir($config['basepath'] . '/include/language/' . $file)) { $options[$file] = $file; $dir++; } } } closedir($handle); } $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_lang', $misc->make_db_unsafe($recordSet->fields['controlpanel_lang']), false, 35, '', '', '', '', $options, $misc->make_db_unsafe($recordSet->fields['controlpanel_lang']), true) . '</td>'; $display .= '<td>' . $lang['lang_desc'] . '</td>'; $display .= '</tr>'; if ($ml_support === true) { $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['configured_langs'] . '</strong></td>'; $dir = 0; $options = array(); if ($handle = opendir($config['basepath'] . '/include/language')) { while (false !== ($file = readdir($handle))) { if ($file != "." && $file != ".." && $file != "CVS" && $file != ".svn") { if (is_dir($config['basepath'] . '/include/language/' . $file)) { $options[$file] = $file; $dir++; } } } closedir($handle); } $selected = explode(',', $recordSet->fields['controlpanel_configured_langs']); $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_configured_langs[]', $misc->make_db_unsafe($recordSet->fields['controlpanel_configured_langs']), true, 8, '', '', '', '', $options, $selected) . '</td>'; $display .= '<td>' . $lang['configured_langs_desc'] . '</td>'; $display .= '</tr>'; } $display .= '</table>'; $display .= '</fieldset>'; $display .= '</div>'; //End Tab1 //Tab 2 $display .= '<div class="tab-page" id="tabPage2">'; $display .= '<h2 class="tab">' . $lang['site_config_tab_template'] . '</h2>'; $display .= '<script type="text/javascript">tp1.addTabPage( document.getElementById( "tabPage2" ) );</script>'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['site_config_heading_template_settings'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $url_type[1] = $lang['url_standard']; $url_type[2] = $lang['url_search_friendly']; $url_seperator["+"] = $lang['url_seperator_default']; $url_seperator["-"] = $lang['url_seperator_hyphen']; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['charset'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_charset', $misc->make_db_unsafe($recordSet->fields['controlpanel_charset']), false, 35, '', '', '', '', $charset, $misc->make_db_unsafe($recordSet->fields['controlpanel_charset'])) . '</td>'; $display .= '<td>' . $lang['charset_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="100"><strong>' . $lang['template'] . '</strong></td>'; // Get Template List $dir = 0; $options = array(); if ($handle = opendir($config['basepath'] . '/template')) { while (false !== ($file = readdir($handle))) { if ($file != "." && $file != ".." && $file != "CVS" && $file != ".svn") { if (is_dir($config['basepath'] . '/template/' . $file)) { $options[$file] = $file; $dir++; } } } closedir($handle); } $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_template', $misc->make_db_unsafe($recordSet->fields['controlpanel_template']), false, 35, '', '', '', '', $options, $misc->make_db_unsafe($recordSet->fields['controlpanel_template'])) . '</td>'; $display .= '<td>' . $lang['template_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['admin_template'] . '</strong></td>'; // Get Template List $dir = 0; $options = array(); if ($handle = opendir($config['basepath'] . '/admin/template')) { while (false !== ($file = readdir($handle))) { if ($file != "." && $file != ".." && $file != "CVS" && $file != ".svn") { if (is_dir($config['basepath'] . '/admin/template/' . $file)) { $options[$file] = $file; $dir++; } } } closedir($handle); } $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_admin_template', $misc->make_db_unsafe($recordSet->fields['controlpanel_admin_template']), false, 35, '', '', '', '', $options, $misc->make_db_unsafe($recordSet->fields['controlpanel_admin_template'])) . '</td>'; $display .= '<td>' . $lang['admin_template_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['listing_template'] . '</strong></td>'; // Get Listing Template List $options = array(); if ($handle = opendir($config['basepath'] . '/template/' . $config['template'])) { while (false !== ($file = readdir($handle))) { if ($file != "." && $file != ".." && $file != "CVS" && $file != ".svn") { if (!is_dir($config['basepath'] . '/template/' . $config['template'] . '/' . $file)) { if (substr($file, 0, 14) == 'listing_detail') { $options[$file] = substr($file, 15, -5); } } } } closedir($handle); } $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_listing_template', $misc->make_db_unsafe($recordSet->fields['controlpanel_listing_template']), false, 35, '', '', '', '', $options, $misc->make_db_unsafe($recordSet->fields['controlpanel_listing_template'])) . '</td>'; $display .= '<td>' . $lang['listing_template_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['template_listing_sections'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_template_listing_sections', $misc->make_db_unsafe($recordSet->fields['controlpanel_template_listing_sections']), false, 35, '', '', '', '', '', $misc->make_db_unsafe($recordSet->fields['controlpanel_template_listing_sections'])) . '</td>'; $display .= '<td>' . $lang['template_listing_sections_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['search_result_template'] . '</strong></td>'; // Get Search Result Template List $options = array(); if ($handle = opendir($config['basepath'] . '/template/' . $config['template'])) { while (false !== ($file = readdir($handle))) { if ($file != "." && $file != ".." && $file != "CVS" && $file != ".svn") { if (!is_dir($config['basepath'] . '/template/' . $config['template'] . '/' . $file)) { if (substr($file, 0, 13) == 'search_result') { $options[$file] = substr($file, 14, -5); } } } } closedir($handle); } $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_search_result_template', $misc->make_db_unsafe($recordSet->fields['controlpanel_search_result_template']), false, 35, '', '', '', '', $options, $misc->make_db_unsafe($recordSet->fields['controlpanel_search_result_template'])) . '</td>'; $display .= '<td>' . $lang['search_result_template_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['view_agent_template'] . '</strong></td>'; // Get View Agent Template List $options = array(); if ($handle = opendir($config['basepath'] . '/template/' . $config['template'])) { while (false !== ($file = readdir($handle))) { if ($file != "." && $file != ".." && $file != "CVS" && $file != ".svn") { if (!is_dir($config['basepath'] . '/template/' . $config['template'] . '/' . $file)) { if (substr($file, 0, 10) == 'view_user_') { $options[$file] = substr($file, 10, -5); } } } } closedir($handle); } $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_agent_template', $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_template']), false, 35, '', '', '', '', $options, $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_template'])) . '</td>'; $display .= '<td>' . $lang['view_agent_template_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['vtour_template'] . '</strong></td>'; // Get VTour Template List $options = array(); if ($handle = opendir($config['basepath'] . '/template/' . $config['template'])) { while (false !== ($file = readdir($handle))) { if ($file != "." && $file != ".." && $file != "CVS" && $file != ".svn") { if (!is_dir($config['basepath'] . '/template/' . $config['template'] . '/' . $file)) { if (substr($file, 0, 6) == 'vtour_') { $options[$file] = substr($file, 6, -5); } } } } closedir($handle); } $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_vtour_template', $misc->make_db_unsafe($recordSet->fields['controlpanel_vtour_template']), false, 35, '', '', '', '', $options, $misc->make_db_unsafe($recordSet->fields['controlpanel_vtour_template'])) . '</td>'; $display .= '<td>' . $lang['vtour_template_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset>'; $display .= '</div>'; //End Tab2 //Start tab3 $display .= '<div class="tab-page" id="tabPage3">'; $display .= '<h2 class="tab">' . $lang['site_config_tab_seo'] . '</h2>'; $display .= '<script type="text/javascript">tp1.addTabPage( document.getElementById( "tabPage3" ) );</script>'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['site_config_heading_seo_settings'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['url_type'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_url_style', $misc->make_db_unsafe($recordSet->fields['controlpanel_url_style']), false, 35, '', '', '', '', $url_type, $misc->make_db_unsafe($recordSet->fields['controlpanel_url_style'])) . '</td>'; $display .= '<td>' . $lang['url_type_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['url_seperator'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_seo_url_seperator', $misc->make_db_unsafe($recordSet->fields['controlpanel_seo_url_seperator']), false, 35, '', '', '', '', $url_seperator, $misc->make_db_unsafe($recordSet->fields['controlpanel_seo_url_seperator'])) . '</td>'; $display .= '<td>' . $lang['url_seperator_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['seo_default_title'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_seo_default_title', $misc->make_db_unsafe($recordSet->fields['controlpanel_seo_default_title']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_seo_default_title'])) . '</td>'; $display .= '<td>' . $lang['seo_default_title_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['seo_default_keywords'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_seo_default_keywords', $misc->make_db_unsafe($recordSet->fields['controlpanel_seo_default_keywords']), false, 35, '', '', '', '', $url_type, $misc->make_db_unsafe($recordSet->fields['controlpanel_seo_default_keywords'])) . '</td>'; $display .= '<td>' . $lang['seo_default_keywords_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['seo_default_description'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_seo_default_description', $misc->make_db_unsafe($recordSet->fields['controlpanel_seo_default_description']), false, 35, '', '', '', '', $url_type, $misc->make_db_unsafe($recordSet->fields['controlpanel_seo_default_description'])) . '</td>'; $display .= '<td>' . $lang['seo_default_description_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['seo_listing_title'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_seo_listing_title', $misc->make_db_unsafe($recordSet->fields['controlpanel_seo_listing_title']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_seo_listing_title'])) . '</td>'; $display .= '<td>' . $lang['seo_listing_title_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['seo_listing_keywords'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_seo_listing_keywords', $misc->make_db_unsafe($recordSet->fields['controlpanel_seo_listing_keywords']), false, 35, '', '', '', '', $url_type, $misc->make_db_unsafe($recordSet->fields['controlpanel_seo_listing_keywords'])) . '</td>'; $display .= '<td>' . $lang['seo_listing_keywords_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['seo_listing_description'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_seo_listing_description', $misc->make_db_unsafe($recordSet->fields['controlpanel_seo_listing_description']), false, 35, '', '', '', '', $url_type, $misc->make_db_unsafe($recordSet->fields['controlpanel_seo_listing_description'])) . '</td>'; $display .= '<td>' . $lang['seo_listing_description_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset>'; $display .= '</div>'; //End tab3 //start tab4 $display .= '<div class="tab-page" id="tabPage4">'; $display .= '<h2 class="tab">' . $lang['site_config_tab_wysiwyg'] . '</h2>'; $display .= '<script type="text/javascript">tp1.addTabPage( document.getElementById( "tabPage4" ) );</script>'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['site_config_heading_wysiwyg_settings'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['wysiwyg_editor'] . '</strong></td>'; $wysiwyg_editor_list = array(); $wysiwyg_editor_list['list'] = 'None'; if (file_exists($config['basepath'] . '/include/class/fckeditor')) { $wysiwyg_editor_list['fckeditor'] = 'FCKeditor'; } if (file_exists($config['basepath'] . '/include/class/xinha')) { $wysiwyg_editor_list['xinha'] = 'Xinha'; } if (file_exists($config['basepath'] . '/include/class/tinymce')) { $wysiwyg_editor_list['tinymce'] = 'TinyMCE'; } $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_wysiwyg_editor', $misc->make_db_unsafe($recordSet->fields['controlpanel_wysiwyg_editor']), false, 35, '', '', '', '', $wysiwyg_editor_list, $misc->make_db_unsafe($recordSet->fields['controlpanel_wysiwyg_editor'])) . '</td>'; $display .= '<td>' . $lang['wysiwyg_editor_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="100"><strong>' . $lang['wysiwyg_show_edit'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_wysiwyg_show_edit', $misc->make_db_unsafe($recordSet->fields['controlpanel_wysiwyg_show_edit']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_wysiwyg_show_edit'])) . '</td>'; $display .= '<td>' . $lang['wysiwyg_show_edit_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['wysiwyg_execute_php'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_wysiwyg_execute_php', $misc->make_db_unsafe($recordSet->fields['controlpanel_wysiwyg_execute_php']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_wysiwyg_execute_php'])) . '</td>'; $display .= '<td>' . $lang['wysiwyg_execute_php_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset><br />'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['site_config_heading_html_settings'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['add_linefeeds'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_add_linefeeds', $misc->make_db_unsafe($recordSet->fields['controlpanel_add_linefeeds']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_add_linefeeds'])) . '</td>'; $display .= '<td>' . $lang['add_linefeeds_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['strip_html'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_strip_html', $misc->make_db_unsafe($recordSet->fields['controlpanel_strip_html']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_strip_html'])) . '</td>'; $display .= '<td>' . $lang['strip_html_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['allowed_html_tags'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_allowed_html_tags', $misc->make_db_unsafe($recordSet->fields['controlpanel_allowed_html_tags']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_allowed_html_tags'])) . '</td>'; $display .= '<td>' . $lang['allowed_html_tags_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset>'; $display .= '</div>'; //End tab4 //start tab5 $display .= '<div class="tab-page" id="tabPage5">'; $display .= '<h2 class="tab">' . $lang['site_config_tab_numbers'] . '</h2>'; $display .= '<script type="text/javascript">tp1.addTabPage( document.getElementById( "tabPage5" ) );</script>'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['site_config_heading_number_formatting'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $number_format[1] = '1,000.00'; $number_format[2] = '1.000,00'; $number_format[3] = '1 000.00'; $number_format[4] = '1 000,00'; $number_format[5] = '1\'000,00'; $number_format[6] = '1-000 00'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['number_format_style'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_number_format_style', $misc->make_db_unsafe($recordSet->fields['controlpanel_number_format_style']), false, 35, '', '', '', '', $number_format, $misc->make_db_unsafe($recordSet->fields['controlpanel_number_format_style'])) . '</td>'; $display .= '<td>' . $lang['number_format_style_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="100"><strong>' . $lang['number_decimals_number_fields'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_number_decimals_number_fields', $misc->make_db_unsafe($recordSet->fields['controlpanel_number_decimals_number_fields']), false, 3, '', '', '', '', $number_format, $misc->make_db_unsafe($recordSet->fields['controlpanel_number_decimals_number_fields'])) . '</td>'; $display .= '<td>' . $lang['number_decimals_number_fields_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['number_decimals_price_fields'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_number_decimals_price_fields', $misc->make_db_unsafe($recordSet->fields['controlpanel_number_decimals_price_fields']), false, 3, '', '', '', '', $number_format, $misc->make_db_unsafe($recordSet->fields['controlpanel_number_decimals_price_fields'])) . '</td>'; $display .= '<td>' . $lang['number_decimals_price_fields_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="100"><strong>' . $lang['force_decimals'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_force_decimals', $misc->make_db_unsafe($recordSet->fields['controlpanel_force_decimals']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_force_decimals'])) . '</td>'; $display .= '<td>' . $lang['force_decimals_desc'] . '</td>'; $display .= '</tr>'; $money_format[1] = $misc->make_db_unsafe($recordSet->fields['controlpanel_money_sign']) . '1'; $money_format[2] = '1' . $misc->make_db_unsafe($recordSet->fields['controlpanel_money_sign']); $money_format[3] = $misc->make_db_unsafe($recordSet->fields['controlpanel_money_sign']) . ' 1'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['money_format'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_money_format', $misc->make_db_unsafe($recordSet->fields['controlpanel_money_format']), false, 35, '', '', '', '', $money_format, $misc->make_db_unsafe($recordSet->fields['controlpanel_money_format'])) . '</td>'; $display .= '<td>' . $lang['money_format_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['money_sign'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_money_sign', $misc->make_db_unsafe($recordSet->fields['controlpanel_money_sign']), false, 2, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_money_sign'])) . '</td>'; $display .= '<td>' . $lang['money_sign_desc'] . '</td>'; $display .= '</tr>'; $date_format[1] = 'mm/dd/yyyy'; $date_format[2] = 'yyyy/dd/mm'; $date_format[3] = 'dd/mm/yyyy'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['date_format'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_date_format', $misc->make_db_unsafe($recordSet->fields['controlpanel_date_format']), false, 2, '', '', '', '', $date_format, $misc->make_db_unsafe($recordSet->fields['controlpanel_date_format'])) . '</td>'; $display .= '<td>' . $lang['date_format_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="100"><strong>' . $lang['zero_price_text'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_zero_price', $misc->make_db_unsafe($recordSet->fields['controlpanel_zero_price']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_zero_price'])) . '</td>'; $display .= '<td>' . $lang['zero_price_text_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['site_config_price_field'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_price_field', $misc->make_db_unsafe($recordSet->fields['controlpanel_price_field']), false, 35, '', '', '', '', $listing_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_price_field'])) . '</td>'; $display .= '<td>' . $lang['site_config_price_field_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset>'; $display .= '</div>'; //End tab5 //start tab6 $display .= '<div class="tab-page" id="tabPage6">'; $display .= '<h2 class="tab">' . $lang['site_config_tab_uploads'] . '</h2>'; $display .= '<script type="text/javascript">tp1.addTabPage( document.getElementById( "tabPage6" ) );</script>'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['site_config_heading_upload_settings'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['allowed_upload_extensions'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_allowed_upload_extensions', $misc->make_db_unsafe($recordSet->fields['controlpanel_allowed_upload_extensions']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_allowed_upload_extensions'])) . '</td>'; $display .= '<td>' . $lang['allowed_upload_extensions_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="100"><strong>' . $lang['allowed_upload_types'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_allowed_upload_types', $misc->make_db_unsafe($recordSet->fields['controlpanel_allowed_upload_types']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_allowed_upload_types'])) . '</td>'; $display .= '<td>' . $lang['allowed_upload_types_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['make_thumbnail'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_make_thumbnail', $misc->make_db_unsafe($recordSet->fields['controlpanel_make_thumbnail']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_make_thumbnail'])) . '</td>'; $display .= '<td>' . $lang['make_thumbnail_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['thumbnail_width'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_thumbnail_width', $misc->make_db_unsafe($recordSet->fields['controlpanel_thumbnail_width']), false, 4, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_thumbnail_width'])) . '</td>'; $display .= '<td>' . $lang['thumbnail_width_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['thumbnail_height'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_thumbnail_height', $misc->make_db_unsafe($recordSet->fields['controlpanel_thumbnail_height']), false, 4, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_thumbnail_height'])) . '</td>'; $display .= '<td>' . $lang['thumbnail_height_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['resize_thumb_by'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_resize_thumb_by', $misc->make_db_unsafe($recordSet->fields['controlpanel_resize_thumb_by']), false, 4, '', '', '', '', $resize_opts, $misc->make_db_unsafe($recordSet->fields['controlpanel_resize_thumb_by'])) . '</td>'; $display .= '<td>' . $lang['resize_thumb_by_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['thumbnail_prog'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_thumbnail_prog', $misc->make_db_unsafe($recordSet->fields['controlpanel_thumbnail_prog']), false, 4, '', '', '', '', $thumbnail_prog, $misc->make_db_unsafe($recordSet->fields['controlpanel_thumbnail_prog'])) . '</td>'; $display .= '<td>' . $lang['thumbnail_prog_desc'] . '</td>'; $display .= '</tr>'; // Path $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['path_to_imagemagick'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_path_to_imagemagick', $misc->make_db_unsafe($recordSet->fields['controlpanel_path_to_imagemagick']), false, 25, '', '', '', '', $thumbnail_prog, $misc->make_db_unsafe($recordSet->fields['controlpanel_path_to_imagemagick'])) . '</td>'; $display .= '<td>' . $lang['path_to_imagemagick_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['jpeg_quality'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_jpeg_quality', $misc->make_db_unsafe($recordSet->fields['controlpanel_jpeg_quality']), false, 4, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_jpeg_quality'])) . '</td>'; $display .= '<td>' . $lang['jpeg_quality_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['resize_img'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_resize_img', $misc->make_db_unsafe($recordSet->fields['controlpanel_resize_img']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_resize_img'])) . '</td>'; $display .= '<td>' . $lang['resize_img_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['resize_by'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_resize_by', $misc->make_db_unsafe($recordSet->fields['controlpanel_resize_by']), false, 4, '', '', '', '', $resize_opts, $misc->make_db_unsafe($recordSet->fields['controlpanel_resize_by'])) . '</td>'; $display .= '<td>' . $lang['resize_by_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['gdversion2'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_gd_version', $misc->make_db_unsafe($recordSet->fields['controlpanel_gd_version']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_gd_version'])) . '</td>'; $display .= '<td>' . $lang['gdversion2_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['show_no_photo'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_show_no_photo', $misc->make_db_unsafe($recordSet->fields['controlpanel_show_no_photo']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_show_no_photo'])) . '</td>'; $display .= '<td>' . $lang['show_no_photo_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset><br />'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['site_config_heading_upload_limits'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $display .= '<tr class=tdshade1>'; $display .= '<td width="100"><strong>' . $lang['max_listings_uploads'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_max_listings_uploads', $misc->make_db_unsafe($recordSet->fields['controlpanel_max_listings_uploads']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_max_listings_uploads'])) . '</td>'; $display .= '<td>' . $lang['max_listings_uploads_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['max_listings_upload_size'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_max_listings_upload_size', $misc->make_db_unsafe($recordSet->fields['controlpanel_max_listings_upload_size']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_max_listings_upload_size'])) . '</td>'; $display .= '<td>' . $lang['max_listings_upload_size_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="100"><strong>' . $lang['max_listings_upload_width'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_max_listings_upload_width', $misc->make_db_unsafe($recordSet->fields['controlpanel_max_listings_upload_width']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_max_listings_upload_width'])) . '</td>'; $display .= '<td>' . $lang['max_listings_upload_width_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['max_listings_upload_height'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_max_listings_upload_height', $misc->make_db_unsafe($recordSet->fields['controlpanel_max_listings_upload_height']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_max_listings_upload_width'])) . '</td>'; $display .= '<td>' . $lang['max_listings_upload_height_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="100"><strong>' . $lang['max_user_uploads'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_max_user_uploads', $misc->make_db_unsafe($recordSet->fields['controlpanel_max_user_uploads']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_max_user_uploads'])) . '</td>'; $display .= '<td>' . $lang['max_user_uploads_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['max_user_upload_size'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_max_user_upload_size', $misc->make_db_unsafe($recordSet->fields['controlpanel_max_user_upload_size']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_max_user_upload_size'])) . '</td>'; $display .= '<td>' . $lang['max_user_upload_size_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="100"><strong>' . $lang['max_user_upload_width'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_max_user_upload_width', $misc->make_db_unsafe($recordSet->fields['controlpanel_max_user_upload_width']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_max_user_upload_width'])) . '</td>'; $display .= '<td>' . $lang['max_user_upload_width_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['max_user_upload_height'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_max_user_upload_height', $misc->make_db_unsafe($recordSet->fields['controlpanel_max_user_upload_height']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_max_user_upload_width'])) . '</td>'; $display .= '<td>' . $lang['max_user_upload_height_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="100"><strong>' . $lang['max_vtour_uploads'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_max_vtour_uploads', $misc->make_db_unsafe($recordSet->fields['controlpanel_max_vtour_uploads']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_max_vtour_uploads'])) . '</td>'; $display .= '<td>' . $lang['max_vtour_uploads_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['max_vtour_upload_size'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_max_vtour_upload_size', $misc->make_db_unsafe($recordSet->fields['controlpanel_max_vtour_upload_size']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_max_vtour_upload_size'])) . '</td>'; $display .= '<td>' . $lang['max_vtour_upload_size_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="100"><strong>' . $lang['max_vtour_upload_width'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_max_vtour_upload_width', $misc->make_db_unsafe($recordSet->fields['controlpanel_max_vtour_upload_width']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_max_vtour_upload_width'])) . '</td>'; $display .= '<td>' . $lang['max_vtour_upload_width_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset>'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['image_display_sizes'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $display .= '<tr class=tdshade1>'; $display .= '<td width="100"><strong>' . $lang['main_image_display_by'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_main_image_display_by', $misc->make_db_unsafe($recordSet->fields['controlpanel_main_image_display_by']), false, 7, '', '', '', '', $mainimage_opts, $misc->make_db_unsafe($recordSet->fields['controlpanel_main_image_display_by'])) . '</td>'; $display .= '<td>' . $lang['main_image_display_by_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['main_image_width'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_main_image_width', $misc->make_db_unsafe($recordSet->fields['controlpanel_main_image_width']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_main_image_width'])) . '</td>'; $display .= '<td>' . $lang['main_image_width_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="100"><strong>' . $lang['main_image_height'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_main_image_height', $misc->make_db_unsafe($recordSet->fields['controlpanel_main_image_height']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_main_image_height'])) . '</td>'; $display .= '<td>' . $lang['main_image_height_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['number_columns'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_number_columns', $misc->make_db_unsafe($recordSet->fields['controlpanel_number_columns']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_number_columns'])) . '</td>'; $display .= '<td>' . $lang['number_columns_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset>'; $display .= '</div>'; //End tab6 //start tab7 $display .= '<div class="tab-page" id="tabPage7">'; $display .= '<h2 class="tab">' . $lang['site_config_tab_uploads_files'] . '</h2>'; $display .= '<script type="text/javascript">tp1.addTabPage( document.getElementById( "tabPage7" ) );</script>'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['site_config_heading_upload_file_settings'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['allowed_upload_extensions'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_allowed_file_upload_extensions', $misc->make_db_unsafe($recordSet->fields['controlpanel_allowed_file_upload_extensions']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_allowed_file_upload_extensions'])) . '</td>'; $display .= '<td>' . $lang['allowed_upload_extensions_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset><br />'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['site_config_heading_upload_file_limits'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $display .= '<tr class=tdshade1>'; $display .= '<td width="100"><strong>' . $lang['max_file_uploads'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_max_listings_file_uploads', $misc->make_db_unsafe($recordSet->fields['controlpanel_max_listings_file_uploads']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_max_listings_file_uploads'])) . '</td>'; $display .= '<td>' . $lang['max_file_uploads_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['max_file_upload_size'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_max_listings_file_upload_size', $misc->make_db_unsafe($recordSet->fields['controlpanel_max_listings_file_upload_size']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_max_listings_file_upload_size'])) . '</td>'; $display .= '<td>' . $lang['max_file_upload_size_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="100"><strong>' . $lang['max_user_file_uploads'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_max_users_file_uploads', $misc->make_db_unsafe($recordSet->fields['controlpanel_max_users_file_uploads']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_max_users_file_uploads'])) . '</td>'; $display .= '<td>' . $lang['max_user_file_uploads_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['max_user_file_upload_size'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_max_users_file_upload_size', $misc->make_db_unsafe($recordSet->fields['controlpanel_max_users_file_upload_size']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_max_users_file_upload_size'])) . '</td>'; $display .= '<td>' . $lang['max_user_file_upload_size_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset>'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['file_display_settings'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['show_file_icon'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_show_file_icon', $misc->make_db_unsafe($recordSet->fields['controlpanel_show_file_icon']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_show_file_icon'])) . '</td>'; $display .= '<td>' . $lang['show_file_icon_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['show_file_display_option'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_file_display_option', $misc->make_db_unsafe($recordSet->fields['controlpanel_file_display_option']), false, 4, '', '', '', '', $filedisplay, $misc->make_db_unsafe($recordSet->fields['controlpanel_file_display_option'])) . '</td>'; $display .= '<td>' . $lang['show_file_display_option_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['show_file_size'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_show_file_size', $misc->make_db_unsafe($recordSet->fields['controlpanel_show_file_size']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_show_file_size'])) . '</td>'; $display .= '<td>' . $lang['show_file_size_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['file_icon_width'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_icon_image_width', $misc->make_db_unsafe($recordSet->fields['controlpanel_icon_image_width']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_icon_image_width'])) . '</td>'; $display .= '<td>' . $lang['file_icon_width_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="100"><strong>' . $lang['file_icon_height'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_icon_image_height', $misc->make_db_unsafe($recordSet->fields['controlpanel_icon_image_height']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_icon_image_height'])) . '</td>'; $display .= '<td>' . $lang['file_icon_height_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset>'; $display .= '</div>'; //End tab7 //start tab8 $display .= '<div class="tab-page" id="tabPage8">'; $display .= '<h2 class="tab">' . $lang['site_config_tab_search'] . '</h2>'; $display .= '<script type="text/javascript">tp1.addTabPage( document.getElementById( "tabPage8" ) );</script>'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['site_config_heading_search_options'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $display .= '<tr class=tdshade1>'; $display .= '<td width="100"><strong>' . $lang['search_step_max'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_search_step_max', $misc->make_db_unsafe($recordSet->fields['controlpanel_search_step_max']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_search_step_max'])) . '</td>'; $display .= '<td>' . $lang['search_step_max_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['listings_per_page'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_listings_per_page', $misc->make_db_unsafe($recordSet->fields['controlpanel_listings_per_page']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_listings_per_page'])) . '</td>'; $display .= '<td>' . $lang['listings_per_page_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="100"><strong>' . $lang['configured_search_sortby'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_search_sortby', $misc->make_db_unsafe($recordSet->fields['controlpanel_search_sortby']), false, 35, '', '', '', '', $search_field_sortby_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_search_sortby'])) . '</td>'; $display .= '<td>' . $lang['configured_search_sortby_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['configured_search_sorttype'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_search_sorttype', $misc->make_db_unsafe($recordSet->fields['controlpanel_search_sorttype']), false, 35, '', '', '', '', $asc_desc, $misc->make_db_unsafe($recordSet->fields['controlpanel_search_sorttype'])) . '</td>'; $display .= '<td>' . $lang['configured_search_sorttype_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="100"><strong>' . $lang['configured_special_search_sortby'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_special_search_sortby', $misc->make_db_unsafe($recordSet->fields['controlpanel_special_search_sortby']), false, 35, '', '', '', '', $search_field_special_sortby_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_special_search_sortby'])) . '</td>'; $display .= '<td>' . $lang['configured_special_search_sortby_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['configured_special_search_sorttype'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_special_search_sorttype', $misc->make_db_unsafe($recordSet->fields['controlpanel_special_search_sorttype']), false, 35, '', '', '', '', $asc_desc, $misc->make_db_unsafe($recordSet->fields['controlpanel_special_search_sorttype'])) . '</td>'; $display .= '<td>' . $lang['configured_special_search_sorttype_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="100"><strong>' . $lang['configured_show_count'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_configured_show_count', $misc->make_db_unsafe($recordSet->fields['controlpanel_configured_show_count']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_configured_show_count'])) . '</td>'; $display .= '<td>' . $lang['configured_show_count_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['max_search_results'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_max_search_results', $misc->make_db_unsafe($recordSet->fields['controlpanel_max_search_results']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_max_search_results'])) . '</td>'; $display .= '<td>' . $lang['max_search_results_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['search_list_separator'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_search_list_separator', $misc->make_db_unsafe($recordSet->fields['controlpanel_search_list_separator']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_search_list_separator'])) . '</td>'; $display .= '<td>' . $lang['search_list_separator_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['textarea_short_chars'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_textarea_short_chars', $misc->make_db_unsafe($recordSet->fields['controlpanel_textarea_short_chars']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_textarea_short_chars'])) . '</td>'; $display .= '<td>' . $lang['textarea_short_chars_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset>'; $display .= '</div>'; //End tab8 //start tab9 $display .= '<div class="tab-page" id="tabPage9">'; $display .= '<h2 class="tab">' . $lang['site_config_tab_vtours'] . '</h2>'; $display .= '<script type="text/javascript">tp1.addTabPage( document.getElementById( "tabPage9" ) );</script>'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['site_config_heading_vtour_options'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['vtour_width'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_vtour_width', $misc->make_db_unsafe($recordSet->fields['controlpanel_vtour_width']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_vtour_width'])) . '</td>'; $display .= '<td>' . $lang['vtour_width_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="100"><strong>' . $lang['vtour_height'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_vtour_height', $misc->make_db_unsafe($recordSet->fields['controlpanel_vtour_height']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_vtour_height'])) . '</td>'; $display .= '<td>' . $lang['vtour_height_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['vtour_fov'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_vtour_fov', $misc->make_db_unsafe($recordSet->fields['controlpanel_vtour_fov']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_vtour_fov'])) . '</td>'; $display .= '<td>' . $lang['vtour_fov_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="100"><strong>' . $lang['vt_popup_width'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_vt_popup_width', $misc->make_db_unsafe($recordSet->fields['controlpanel_vt_popup_width']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_vt_popup_width'])) . '</td>'; $display .= '<td>' . $lang['vt_popup_width_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['vt_popup_height'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_vt_popup_height', $misc->make_db_unsafe($recordSet->fields['controlpanel_vt_popup_height']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_vt_popup_height'])) . '</td>'; $display .= '<td>' . $lang['vt_popup_height_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset>'; $display .= '</div>'; //End tab9 //start tab10 $display .= '<div class="tab-page" id="tabPage10">'; $display .= '<h2 class="tab">' . $lang['site_config_tab_notify'] . '</h2>'; $display .= '<script type="text/javascript">tp1.addTabPage( document.getElementById( "tabPage10" ) );</script>'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['site_config_heading_notification_settings'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['email_notification_of_new_users'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_email_notification_of_new_users', $misc->make_db_unsafe($recordSet->fields['controlpanel_email_notification_of_new_users']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_email_notification_of_new_users'])) . '</td>'; $display .= '<td>' . $lang['email_notification_of_new_users_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['email_notification_of_new_listings'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_email_notification_of_new_listings', $misc->make_db_unsafe($recordSet->fields['controlpanel_email_notification_of_new_listings']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_email_notification_of_new_listings'])) . '</td>'; $display .= '<td>' . $lang['email_notification_of_new_listings_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['email_users_notification_of_new_listings'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_email_users_notification_of_new_listings', $misc->make_db_unsafe($recordSet->fields['controlpanel_email_users_notification_of_new_listings']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_email_users_notification_of_new_listings'])) . '</td>'; $display .= '<td>' . $lang['email_users_notification_of_new_listings_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['email_registration_information_to_new_users'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_email_information_to_new_users', $misc->make_db_unsafe($recordSet->fields['controlpanel_email_information_to_new_users']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_email_information_to_new_users'])) . '</td>'; $display .= '<td>' . $lang['email_information_to_new_users_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['use_email_image_verification'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_use_email_image_verification', $misc->make_db_unsafe($recordSet->fields['controlpanel_use_email_image_verification']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_use_email_image_verification'])) . '</td>'; $display .= '<td>' . $lang['use_email_image_verification_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['disable_referrer_check'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_disable_referrer_check', $misc->make_db_unsafe($recordSet->fields['controlpanel_disable_referrer_check']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_disable_referrer_check'])) . '</td>'; $display .= '<td>' . $lang['disable_referrer_check_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['include_senders_ip'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_include_senders_ip', $misc->make_db_unsafe($recordSet->fields['controlpanel_include_senders_ip']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_include_senders_ip'])) . '</td>'; $display .= '<td>' . $lang['include_senders_ip_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset>'; $display .= '</div>'; //End tab10 //start tab11 $display .= '<div class="tab-page" id="tabPage11">'; $display .= '<h2 class="tab">' . $lang['site_config_tab_users'] . '</h2>'; $display .= '<script type="text/javascript">tp1.addTabPage( document.getElementById( "tabPage11" ) );</script>'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['site_config_heading_member_settings'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['moderate_members'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_moderate_members', $misc->make_db_unsafe($recordSet->fields['controlpanel_moderate_members']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_moderate_members'])) . '</td>'; $display .= '<td>' . $lang['moderate_members_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['allow_member_signup'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_allow_member_signup', $misc->make_db_unsafe($recordSet->fields['controlpanel_allow_member_signup']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_allow_member_signup'])) . '</td>'; $display .= '<td>' . $lang['allow_member_signup_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset><br />'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['site_config_heading_agent_permissions'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['moderate_agents'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_moderate_agents', $misc->make_db_unsafe($recordSet->fields['controlpanel_moderate_agents']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_moderate_agents'])) . '</td>'; $display .= '<td>' . $lang['moderate_agents_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['allow_agent_signup'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_allow_agent_signup', $misc->make_db_unsafe($recordSet->fields['controlpanel_allow_agent_signup']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_allow_agent_signup'])) . '</td>'; $display .= '<td>' . $lang['allow_agent_signup_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['agent_default_active'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_agent_default_active', $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_active']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_active'])) . '</td>'; $display .= '<td>' . $lang['agent_default_active_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['agent_default_admin'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_agent_default_admin', $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_admin']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_admin'])) . '</td>'; $display .= '<td>' . $lang['agent_default_admin_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['agent_default_edit_all_users'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_agent_default_edit_all_users', $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_edit_all_users']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_edit_all_users'])) . '</td>'; $display .= '<td>' . $lang['agent_default_edit_all_users_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['agent_default_edit_all_listings'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_agent_default_edit_all_listings', $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_edit_all_listings']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_edit_all_listings'])) . '</td>'; $display .= '<td>' . $lang['agent_default_edit_all_listings_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['agent_default_feature'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_agent_default_feature', $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_feature']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_feature'])) . '</td>'; $display .= '<td>' . $lang['agent_default_feature_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['agent_default_moderate'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_agent_default_moderate', $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_moderate']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_moderate'])) . '</td>'; $display .= '<td>' . $lang['agent_default_moderate_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['agent_default_logview'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_agent_default_logview', $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_logview']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_logview'])) . '</td>'; $display .= '<td>' . $lang['agent_default_logview_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['agent_default_edit_site_config'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_agent_default_edit_site_config', $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_edit_site_config']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_edit_site_config'])) . '</td>'; $display .= '<td>' . $lang['agent_default_edit_site_config_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['agent_default_edit_member_template'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_agent_default_edit_member_template', $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_edit_member_template']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_edit_member_template'])) . '</td>'; $display .= '<td>' . $lang['agent_default_edit_member_template_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['agent_default_edit_agent_template'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_agent_default_edit_agent_template', $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_edit_agent_template']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_edit_agent_template'])) . '</td>'; $display .= '<td>' . $lang['agent_default_edit_agent_template_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['agent_default_edit_listing_template'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_agent_default_edit_listing_template', $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_edit_listing_template']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_edit_listing_template'])) . '</td>'; $display .= '<td>' . $lang['agent_default_edit_listing_template_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['agent_default_canExportListings'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_agent_default_can_export_listings', $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_can_export_listings']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_can_export_listings'])) . '</td>'; $display .= '<td>' . $lang['agent_default_canExportListings_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['agent_default_canChangeExpirations'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_agent_default_canchangeexpirations', $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_canchangeexpirations']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_canchangeexpirations'])) . '</td>'; $display .= '<td>' . $lang['agent_default_canChangeExpirations_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['agent_default_editpages'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_agent_default_editpages', $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_editpages']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_editpages'])) . '</td>'; $display .= '<td>' . $lang['agent_default_editpages_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['agent_default_havevtours'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_agent_default_havevtours', $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_havevtours']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_havevtours'])) . '</td>'; $display .= '<td>' . $lang['agent_default_havevtours_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['agent_default_havefiles'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_agent_default_havefiles', $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_havefiles']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_havefiles'])) . '</td>'; $display .= '<td>' . $lang['agent_default_havefiles_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['agent_default_num_listings'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_agent_default_num_listings', $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_num_listings']), false, 4, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_agent_default_num_listings'])) . '</td>'; $display .= '<td>' . $lang['agent_default_num_listings_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset><br />'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['site_config_heading_agent_settings'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['users_per_page'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_users_per_page', $misc->make_db_unsafe($recordSet->fields['controlpanel_users_per_page']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_users_per_page'])) . '</td>'; $display .= '<td>' . $lang['users_per_page_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['admin_show_admin_on_agent_list'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_show_admin_on_agent_list', $misc->make_db_unsafe($recordSet->fields['controlpanel_show_admin_on_agent_list']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_show_admin_on_agent_list'])) . '</td>'; $display .= '<td>' . $lang['admin_show_admin_on_agent_list_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset>'; $display .= '</div>'; //End tab11 //Start tab12 $display .= '<div class="tab-page" id="tabPage12">'; $display .= '<h2 class="tab">' . $lang['site_config_tab_listings'] . '</h2>'; $display .= '<script type="text/javascript">tp1.addTabPage( document.getElementById( "tabPage12" ) );</script>'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['site_config_heading_listing_settings'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['allow_multiple_pclasses_selection'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_multiple_pclass_selection', $misc->make_db_unsafe($recordSet->fields['controlpanel_multiple_pclass_selection']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_multiple_pclass_selection'])) . '</td>'; $display .= '<td>' . $lang['allow_multiple_pclasses_selection_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['num_featured_listings'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_num_featured_listings', $misc->make_db_unsafe($recordSet->fields['controlpanel_num_featured_listings']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_num_featured_listings'])) . '</td>'; $display .= '<td>' . $lang['num_featured_listings_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['use_expiration'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_use_expiration', $misc->make_db_unsafe($recordSet->fields['controlpanel_use_expiration']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_use_expiration'])) . '</td>'; $display .= '<td>' . $lang['use_expiration_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['days_until_listings_expire'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_days_until_listings_expire', $misc->make_db_unsafe($recordSet->fields['controlpanel_days_until_listings_expire']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_days_until_listings_expire'])) . '</td>'; $display .= '<td>' . $lang['days_until_listings_expire_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['moderate_listings'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_moderate_listings', $misc->make_db_unsafe($recordSet->fields['controlpanel_moderate_listings']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_moderate_listings'])) . '</td>'; $display .= '<td>' . $lang['moderate_listings_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['export_listings'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_export_listings', $misc->make_db_unsafe($recordSet->fields['controlpanel_export_listings']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_export_listings'])) . '</td>'; $display .= '<td>' . $lang['export_listings_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['show_listedby_admin'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_show_listedby_admin', $misc->make_db_unsafe($recordSet->fields['controlpanel_show_listedby_admin']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_show_listedby_admin'])) . '</td>'; $display .= '<td>' . $lang['show_listedby_admin_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['show_next_prev_listing_page'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_show_next_prev_listing_page', $misc->make_db_unsafe($recordSet->fields['controlpanel_show_next_prev_listing_page']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_show_next_prev_listing_page'])) . '</td>'; $display .= '<td>' . $lang['show_next_prev_listing_page_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['show_notes_field'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_show_notes_field', $misc->make_db_unsafe($recordSet->fields['controlpanel_show_notes_field']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_show_notes_field'])) . '</td>'; $display .= '<td>' . $lang['show_notes_field_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['feature_list_separator'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_feature_list_separator', $misc->make_db_unsafe($recordSet->fields['controlpanel_feature_list_separator']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_feature_list_separator'])) . '</td>'; $display .= '<td>' . $lang['feature_list_separator_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset>'; $display .= '</div>'; //End tab12 //Start tab13 $display .= '<div class="tab-page" id="tabPage13">'; $display .= '<h2 class="tab">' . $lang['site_config_tab_map'] . '</h2>'; $display .= '<script type="text/javascript">tp1.addTabPage( document.getElementById( "tabPage13" ) );</script>'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['site_config_heading_map_settings'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['site_config_map_type'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_map_type', $misc->make_db_unsafe($recordSet->fields['controlpanel_map_type']), false, 35, '', '', '', '', $map_types, $misc->make_db_unsafe($recordSet->fields['controlpanel_map_type'])) . '</td>'; $display .= '<td>' . $lang['site_config_map_type_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['site_config_map_address'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_map_address', $misc->make_db_unsafe($recordSet->fields['controlpanel_map_address']), false, 35, '', '', '', '', $listing_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_map_address'])) . '</td>'; $display .= '<td>' . $lang['site_config_map_address_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['site_config_map_address2'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_map_address2', $misc->make_db_unsafe($recordSet->fields['controlpanel_map_address2']), false, 35, '', '', '', '', $listing_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_map_address2'])) . '</td>'; $display .= '<td>' . $lang['site_config_map_address2_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['site_config_map_address3'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_map_address3', $misc->make_db_unsafe($recordSet->fields['controlpanel_map_address3']), false, 35, '', '', '', '', $listing_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_map_address3'])) . '</td>'; $display .= '<td>' . $lang['site_config_map_address3_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['site_config_map_address4'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_map_address4', $misc->make_db_unsafe($recordSet->fields['controlpanel_map_address4']), false, 35, '', '', '', '', $listing_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_map_address4'])) . '</td>'; $display .= '<td>' . $lang['site_config_map_address4_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['site_config_map_city'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_map_city', $misc->make_db_unsafe($recordSet->fields['controlpanel_map_city']), false, 35, '', '', '', '', $listing_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_map_city'])) . '</td>'; $display .= '<td>' . $lang['site_config_map_city_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['site_config_map_state'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_map_state', $misc->make_db_unsafe($recordSet->fields['controlpanel_map_state']), false, 35, '', '', '', '', $listing_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_map_state'])) . '</td>'; $display .= '<td>' . $lang['site_config_map_state_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td><strong>' . $lang['site_config_map_zip'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_map_zip', $misc->make_db_unsafe($recordSet->fields['controlpanel_map_zip']), false, 35, '', '', '', '', $listing_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_map_zip'])) . '</td>'; $display .= '<td>' . $lang['site_config_map_zip_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td><strong>' . $lang['site_config_map_country'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_map_country', $misc->make_db_unsafe($recordSet->fields['controlpanel_map_country']), false, 35, '', '', '', '', $listing_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_map_country'])) . '</td>'; $display .= '<td>' . $lang['site_config_map_country_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset>'; $display .= '</div>'; //End tab13 //Start tab14 $display .= '<div class="tab-page" id="tabPage14">'; $display .= '<h2 class="tab">' . $lang['site_config_tab_vcards'] . '</h2>'; $display .= '<script type="text/javascript">tp1.addTabPage( document.getElementById( "tabPage14" ) );</script>'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['site_config_vcard_settings'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['site_config_vcard_phone'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_vcard_phone', $misc->make_db_unsafe($recordSet->fields['controlpanel_vcard_phone']), false, 35, '', '', '', '', $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_vcard_phone'])) . '</td>'; $display .= '<td>' . $lang['site_config_vcard_phone_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['site_config_vcard_fax'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_vcard_fax', $misc->make_db_unsafe($recordSet->fields['controlpanel_vcard_fax']), false, 35, '', '', '', '', $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_vcard_fax'])) . '</td>'; $display .= '<td>' . $lang['site_config_vcard_fax_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['site_config_vcard_mobile'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_vcard_mobile', $misc->make_db_unsafe($recordSet->fields['controlpanel_vcard_mobile']), false, 35, '', '', '', '', $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_vcard_mobile'])) . '</td>'; $display .= '<td>' . $lang['site_config_vcard_mobile_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['site_config_vcard_address'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_vcard_address', $misc->make_db_unsafe($recordSet->fields['controlpanel_vcard_address']), false, 35, '', '', '', '', $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_vcard_address'])) . '</td>'; $display .= '<td>' . $lang['site_config_vcard_address_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['site_config_vcard_city'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_vcard_city', $misc->make_db_unsafe($recordSet->fields['controlpanel_vcard_city']), false, 35, '', '', '', '', $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_vcard_city'])) . '</td>'; $display .= '<td>' . $lang['site_config_vcard_city_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['site_config_vcard_state'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_vcard_state', $misc->make_db_unsafe($recordSet->fields['controlpanel_vcard_state']), false, 35, '', '', '', '', $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_vcard_state'])) . '</td>'; $display .= '<td>' . $lang['site_config_vcard_state_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['site_config_vcard_zip'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_vcard_zip', $misc->make_db_unsafe($recordSet->fields['controlpanel_vcard_zip']), false, 35, '', '', '', '', $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_vcard_zip'])) . '</td>'; $display .= '<td>' . $lang['site_config_vcard_zip_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['site_config_vcard_country'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_vcard_country', $misc->make_db_unsafe($recordSet->fields['controlpanel_vcard_country']), false, 35, '', '', '', '', $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_vcard_country'])) . '</td>'; $display .= '<td>' . $lang['site_config_vcard_country_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['site_config_vcard_notes'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_vcard_notes', $misc->make_db_unsafe($recordSet->fields['controlpanel_vcard_notes']), false, 35, '', '', '', '', $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_vcard_notes'])) . '</td>'; $display .= '<td>' . $lang['site_config_vcard_notes_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['site_config_vcard_url'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_vcard_url', $misc->make_db_unsafe($recordSet->fields['controlpanel_vcard_utl']), false, 35, '', '', '', '', $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_vcard_url'])) . '</td>'; $display .= '<td>' . $lang['site_config_vcard_url_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset>'; $display .= '</div>'; //End tab14 //Start tab15 $display .= '<div class="tab-page" id="tabPage15">'; $display .= '<h2 class="tab">' . $lang['site_config_tab_rss'] . '</h2>'; $display .= '<script type="text/javascript">tp1.addTabPage( document.getElementById( "tabPage15" ) );</script>'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['rss_config'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['rss_title_featured'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_rss_title_featured', $misc->make_db_unsafe($recordSet->fields['controlpanel_rss_title_featured']), false, 35, '', '', '', '', $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_rss_title_featured'])) . '</td>'; $display .= '<td>' . $lang['rss_title_featured_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['rss_desc_featured'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_rss_desc_featured', $misc->make_db_unsafe($recordSet->fields['controlpanel_rss_desc_featured']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_rss_desc_featured'])) . '</td>'; $display .= '<td>' . $lang['rss_desc_featured_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['rss_listingdesc_featured'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_rss_listingdesc_featured', $misc->make_db_unsafe($recordSet->fields['controlpanel_rss_listingdesc_featured']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_rss_listingdesc_featured'])) . '</td>'; $display .= '<td>' . $lang['rss_listingdesc_featured_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['rss_limit_featured'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_rss_limit_featured', $misc->make_db_unsafe($recordSet->fields['controlpanel_rss_limit_featured']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_rss_limit_featured'])) . '</td>'; $display .= '<td>' . $lang['rss_limit_featured_desc'] . '</td>'; $display .= '</tr>'; //Last modified RSS Feed $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['rss_title_lastmodified'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_rss_title_lastmodified', $misc->make_db_unsafe($recordSet->fields['controlpanel_rss_title_lastmodified']), false, 35, '', '', '', '', $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_rss_title_lastmodified'])) . '</td>'; $display .= '<td>' . $lang['rss_title_lastmodified_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['rss_desc_lastmodified'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_rss_desc_lastmodified', $misc->make_db_unsafe($recordSet->fields['controlpanel_rss_desc_lastmodified']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_rss_desc_lastmodified'])) . '</td>'; $display .= '<td>' . $lang['rss_desc_lastmodified_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['rss_listingdesc_lastmodified'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_rss_listingdesc_lastmodified', $misc->make_db_unsafe($recordSet->fields['controlpanel_rss_listingdesc_lastmodified']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_rss_listingdesc_lastmodified'])) . '</td>'; $display .= '<td>' . $lang['rss_listingdesc_lastmodified_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="100"><strong>' . $lang['rss_limit_lastmodified'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('text', 'controlpanel_rss_limit_lastmodified', $misc->make_db_unsafe($recordSet->fields['controlpanel_rss_limit_lastmodified']), false, 7, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_rss_limit_lastmodified'])) . '</td>'; $display .= '<td>' . $lang['rss_limit_lastmodified_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset>'; $display .= '</div>'; //End tab15 //Start tab16 $display .= '<div class="tab-page" id="tabPage16">'; $display .= '<h2 class="tab">' . $lang['site_config_tab_help'] . '</h2>'; $display .= '<script type="text/javascript">tp1.addTabPage( document.getElementById( "tabPage16" ) );</script>'; $display .= '<fieldset>'; $display .= '<legend><b>' . $lang['help_config'] . '</b></legend>'; $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['use_help_links'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('select', 'controlpanel_use_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_use_help_link']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['controlpanel_use_help_link'])) . '</td>'; $display .= '<td>' . $lang['use_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['admin_main_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_main_admin_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_main_admin_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_main_admin_help_link'])) . '</td>'; $display .= '<td>' . $lang['main_admin_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['admin_configure_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_configure_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_configure_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_configure_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_configure_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['admin_add_listing_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_add_listing_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_add_listing_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_add_listing_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_add_listing_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['admin_edit_listing_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_edit_listing_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_listing_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_listing_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_edit_listing_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['admin_modify_listing_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_modify_listing_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_modify_listing_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_modify_listing_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_modify_listing_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['admin_edit_user_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_edit_user_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_user_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_user_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_edit_user_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['admin_user_manager_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_user_manager_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_user_manager_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_user_manager_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_user_manager_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['admin_page_editor_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_page_editor_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_page_editor_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_page_editor_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_page_editor_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['admin_edit_listing_images_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_edit_listing_images_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_listing_images_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_listing_images_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_edit_listing_images_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['admin_edit_vtour_images_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_edit_vtour_images_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_vtour_images_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_vtour_images_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_edit_vtour_images_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['admin_edit_listing_files_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_edit_listing_files_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_listing_files_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_listing_files_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_edit_listing_files_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['admin_edit_agent_template_add_field_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_edit_agent_template_add_field_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_agent_template_add_field_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_agent_template_add_field_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_edit_agent_template_add_field_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['admin_edit_agent_template_field_order_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_edit_agent_template_field_order_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_agent_template_field_order_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_agent_template_field_order_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_edit_agent_template_field_order_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['admin_edit_member_template_add_field_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_edit_member_template_add_field_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_member_template_add_field_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_member_template_add_field_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_edit_member_template_add_field_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['admin_edit_member_template_field_order_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_edit_member_template_field_order_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_member_template_field_order_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_member_template_field_order_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_edit_member_template_field_order_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['admin_edit_listing_template_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_edit_listing_template_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_listing_template_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_listing_template_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_edit_listing_template_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['admin_edit_listing_template_add_field_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_edit_listing_template_add_field_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_listing_template_add_field_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_listing_template_add_field_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_edit_listing_template_add_field_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['admin_edit_listings_template_field_order_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_edit_listings_template_field_order_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_listings_template_field_order_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_listings_template_field_order_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_edit_listings_template_field_order_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['admin_edit_listing_template_search_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_edit_listing_template_search_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_listing_template_search_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_listing_template_search_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_edit_listing_template_search_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['admin_edit_listing_template_search_results_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_edit_listing_template_search_results_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_listing_template_search_results_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_edit_listing_template_search_results_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_edit_listing_template_search_results_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['admin_show_property_classes_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_show_property_classes_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_show_property_classes_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_show_property_classes_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_show_property_classes_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['admin_view_log_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_view_log_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_view_log_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_view_log_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_view_log_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['admin_user_template_member_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_user_template_member_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_user_template_member_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_user_template_member_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_user_template_member_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['admin_user_template_agent_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_user_template_agent_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_user_template_agent_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_user_template_agent_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_user_template_agent_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['admin_modify_property_class_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_modify_property_class_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_modify_property_class_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_modify_property_class_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_modify_property_class_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['admin_insert_property_class_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_insert_property_class_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_insert_property_class_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_insert_property_class_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_insert_property_class_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['admin_addon_transparentmaps_admin_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_addon_transparentmaps_admin_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_addon_transparentmaps_admin_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_addon_transparentmaps_admin_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_addon_transparentmaps_admin_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['admin_addon_transparentmaps_geocode_all_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_addon_transparentmaps_geocode_all_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_addon_transparentmaps_geocode_all_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_addon_transparentmaps_geocode_all_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_addon_transparentmaps_geocode_all_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['admin_addon_transparentRETS_config_server_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_addon_transparentRETS_config_server_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_addon_transparentRETS_config_server_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_addon_transparentRETS_config_server_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_addon_transparentRETS_config_server_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['admin_addon_transparentRETS_config_imports_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_addon_transparentRETS_config_imports_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_addon_transparentRETS_config_imports_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_addon_transparentRETS_config_imports_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_addon_transparentRETS_config_imports_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['admin_addon_IDXManager_config_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_addon_IDXManager_config_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_addon_IDXManager_config_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_addon_IDXManager_config_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_addon_IDXManager_config_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade2>'; $display .= '<td width="130"><strong>' . $lang['admin_addon_IDXManager_classmanager_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_addon_IDXManager_classmanager_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_addon_IDXManager_classmanager_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_addon_IDXManager_classmanager_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_addon_IDXManager_classmanager_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '<tr class=tdshade1>'; $display .= '<td width="130"><strong>' . $lang['admin_addon_csvloader_admin_help_link'] . '</strong></td>'; $display .= '<td>' . $formGen->createformitem('textarea', 'controlpanel_addon_csvloader_admin_help_link', $misc->make_db_unsafe($recordSet->fields['controlpanel_addon_csvloader_admin_help_link']), false, 35, '', '', 5, 35, $agent_field_name_options, $misc->make_db_unsafe($recordSet->fields['controlpanel_addon_csvloader_admin_help_link'])) . '</td>'; $display .= '<td>' . $lang['admin_addon_csvloader_admin_help_link_desc'] . '</td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</fieldset>'; $display .= '</div>'; //End tab15 //End tabbed page $display .= '</div>'; // END OF SITE CONFIGURATOR $display .= '<table width="99%" align="center"><tr><td align="center">'; if ($config["demo_mode"] != 1 || $_SESSION['admin_privs'] == 'yes') { $display .= $formGen->createformitem('submit', '', $lang['save_changes']); } else { $display .= $lang['demo_mode_no_changes']; } $display .= '</td></tr></table>'; $display .= $formGen->endform(); } else { $display .= '<div class="error_text">' . $lang['access_denied'] . '</div>'; } return $display; }
function edit_vtour_images() { global $lang, $conn, $config; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); $display = ''; if (isset($_GET['edit']) && $_GET['edit'] != '') { $_POST['edit'] = $_GET['edit']; } $edit = intval($_POST['edit']); $sql_edit = intval($_POST['edit']); if (!isset($_POST['action'])) { $_POST['action'] = ''; } // does this person have access to these listings? if ($_SESSION['edit_all_listings'] != "yes" && $_SESSION['admin_privs'] != "yes") { $sql = "SELECT userdb_id FROM " . $config['table_prefix'] . "listingsdb WHERE (listingsdb_id = {$sql_edit})"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } while (!$recordSet->EOF) { $owner = $recordSet->fields['userdb_id']; $recordSet->MoveNext(); } if ($_SESSION['userID'] != $owner) { die($lang['priv_failure']); } } // end priv check if ($_POST['action'] == "update_pic") { $count = 0; $num_fields = count($_POST['pic']); $sql_edit = $misc->make_db_safe($_POST['edit']); while ($count < $num_fields) { $sql_caption = $misc->make_db_safe($_POST['caption'][$count]); $sql_description = $misc->make_db_safe($_POST['description'][$count]); $sql_rank = $misc->make_db_safe($_POST['rank'][$count]); $sql_pic = $misc->make_db_safe($_POST['pic'][$count]); if ($_SESSION['edit_all_listings'] == "yes" || $_SESSION['admin_privs'] == "yes") { $sql = "UPDATE " . $config['table_prefix'] . "vtourimages SET vtourimages_caption = {$sql_caption}, vtourimages_description = {$sql_description}, vtourimages_rank = {$sql_rank} WHERE ((listingsdb_id = {$sql_edit}) AND (vtourimages_file_name = {$sql_pic}))"; } else { $sql = "UPDATE " . $config['table_prefix'] . "vtourimages SET vtourimages_caption = {$sql_caption}, vtourimages_description = {$sql_description}, vtourimages_rank = {$sql_rank} WHERE ((listingsdb_id = {$sql_edit}) AND (vtourimages_file_name = {$sql_pic}) AND (userdb_id = {$_SESSION['userID']}))"; } $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $count++; } $display .= '<p>' . $lang['images_update'] . '</p>'; $misc->log_action($lang['log_updated_listing_image'] . $edit); } if (isset($_GET['delete'])) { // get the data for the pic being deleted $sql_pic_id = $misc->make_db_safe($_GET['delete']); $sql_edit = $misc->make_db_safe($_GET['edit']); if ($_SESSION['edit_all_listings'] == "yes" || $_SESSION['admin_privs'] == "yes") { $sql = "SELECT vtourimages_file_name, vtourimages_thumb_file_name FROM " . $config['table_prefix'] . "vtourimages WHERE ((listingsdb_id = {$sql_edit}) AND (vtourimages_id = {$sql_pic_id}))"; } else { $sql = "SELECT vtourimages_file_name, vtourimages_thumb_file_name FROM " . $config['table_prefix'] . "vtourimages WHERE ((listingsdb_id = {$sql_edit}) AND (vtourimages_id = {$sql_pic_id}) AND (userdb_id = {$_SESSION['userID']}))"; } $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } while (!$recordSet->EOF) { $thumb_file_name = $misc->make_db_unsafe($recordSet->fields['vtourimages_thumb_file_name']); $file_name = $misc->make_db_unsafe($recordSet->fields['vtourimages_file_name']); $recordSet->MoveNext(); } // end while // delete from the db if ($_SESSION['edit_all_listings'] == "yes" || $_SESSION['admin_privs'] == "yes") { $sql = "DELETE FROM " . $config['table_prefix'] . "vtourimages WHERE ((listingsdb_id = {$sql_edit}) AND (vtourimages_file_name = '{$file_name}'))"; } else { $sql = "DELETE FROM " . $config['table_prefix'] . "vtourimages WHERE ((listingsdb_id = {$sql_edit}) AND (vtourimages_file_name = '{$file_name}') AND (userdb_id = '{$_SESSION['userID']}'))"; } $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } // delete the files themselves // on widows, required php 4.11 or better (I think) if (!unlink("{$config['vtour_upload_path']}/{$file_name}")) { die("{$lang['alert_site_admin']}"); } if ($file_name != $thumb_file_name) { if (!unlink("{$config['vtour_upload_path']}/{$thumb_file_name}")) { die("{$lang['alert_site_admin']}"); } } $misc->log_action("{$lang['log_deleted_listing_image']} {$file_name}"); $display .= "<p>{$lang['image']} '{$file_name}' {$lang['has_been_deleted']}</p>"; } if ($_POST['action'] == "upload") { if ($_SESSION['edit_all_listings'] == "yes" || $_SESSION['admin_privs'] == "yes") { // get the owner of the listing $sql = "SELECT userdb_id FROM " . $config['table_prefix'] . "listingsdb WHERE (listingsdb_id = {$sql_edit})"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } while (!$recordSet->EOF) { $owner = $recordSet->fields['userdb_id']; $recordSet->MoveNext(); } $display .= $this->handleUpload("vtour", $edit, $owner); } else { $display .= $this->handleUpload("vtour", $edit, $_SESSION['userID']); } } // end if $action == "upload" if ($_SESSION['edit_all_listings'] == "yes" || $_SESSION['admin_privs'] == "yes") { $sql = "SELECT vtourimages_id, vtourimages_caption, vtourimages_file_name, vtourimages_thumb_file_name, vtourimages_description, vtourimages_rank FROM " . $config['table_prefix'] . "vtourimages WHERE (listingsdb_id = {$sql_edit}) ORDER BY vtourimages_rank"; } else { $sql = "SELECT vtourimages_id, vtourimages_caption, vtourimages_file_name, vtourimages_thumb_file_name, vtourimages_description, vtourimages_rank FROM " . $config['table_prefix'] . "vtourimages WHERE ((listingsdb_id = {$sql_edit}) AND (userdb_id = '{$_SESSION['userID']}')) ORDER BY vtourimages_rank"; } $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $display .= '<table class="image_upload">'; $ext = ''; $num_images = $recordSet->RecordCount(); $file_name = $misc->make_db_unsafe($recordSet->fields['vtourimages_file_name']); $ext = substr(strrchr($file_name, '.'), 1); $avaliable_images = $config["max_vtour_uploads"] - $num_images; $x = 0; if ($num_images < $config['max_vtour_uploads'] && $ext != 'egg') { $display .= '<table border="0" cellspacing="0" cellpadding="0">'; $display .= '<tr>'; $display .= '<td colspan="2">'; $display .= '<h3>' . $lang['upload_a_picture'] . '</h3>'; $display .= '</td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td width="150"> </td>'; $display .= '<td>'; $display .= '<form enctype="multipart/form-data" action="index.php?action=edit_vtour_images" method="post">'; $display .= '<input type="hidden" name="action" value="upload" />'; $display .= '<input type="hidden" name="edit" value="' . $edit . '" />'; $display .= '<input type="hidden" name="MAX_FILE_SIZE" value="' . $config['max_vtour_upload_size'] . '" />'; while ($x < $avaliable_images) { $display .= '<b>' . $lang['upload_send_this_file'] . ': </b><input name="userfile[]" type="file" /><br />'; $x++; } $display .= '<input type="submit" value="' . $lang['upload_send_file'] . '" />'; $display .= '</form>'; $display .= '</td>'; $display .= '</tr>'; $display .= '</table>'; } // end if $num_images <= $config[max_user_uploads] $display .= '<table class="image_upload">'; $display .= '<tr>'; $display .= '<td colspan="2">'; $display .= '<h3>' . $lang['edit_images'] . ' -- '; if ($_SESSION['edit_all_listings'] == "yes" || $_SESSION['admin_privs'] == "yes") { $display .= "<a href=\"index.php?action=edit_listings&edit={$edit}\">"; } else { $display .= "<a href=\"index.php?action=edit_my_listings&edit={$edit}\">"; } $display .= $lang['return_to_editing_listing']; $display .= '</a></h3></td></tr>'; $display .= '</table>'; $count = 0; $display .= '<form action="index.php?action=edit_vtour_images" method="post">'; $display .= '<table class="image_upload">'; while (!$recordSet->EOF) { // $edit = $misc->make_db_safe($_POST['edit']); $pic_id = $recordSet->fields['vtourimages_id']; $rank = $recordSet->fields['vtourimages_rank']; $caption = $misc->make_db_unsafe($recordSet->fields['vtourimages_caption']); $thumb_file_name = $misc->make_db_unsafe($recordSet->fields['vtourimages_thumb_file_name']); $description = $misc->make_db_unsafe($recordSet->fields['vtourimages_description']); $file_name = $misc->make_db_unsafe($recordSet->fields['vtourimages_file_name']); $ext = substr(strrchr($file_name, '.'), 1); if ($ext == 'jpg') { // gotta grab the image size $imagedata = GetImageSize("{$config['vtour_upload_path']}/{$file_name}"); $imagewidth = $imagedata[0]; $imageheight = $imagedata[1]; $shrinkage = $config['thumbnail_width'] / $imagewidth; $displaywidth = $imagewidth * $shrinkage; $displayheight = $imageheight * $shrinkage; $filesize = filesize("{$config['vtour_upload_path']}/{$file_name}"); $filesize = $filesize / 1000; // to get k // now grab the thumbnail data $thumb_imagedata = GetImageSize("{$config['vtour_upload_path']}/{$thumb_file_name}"); $thumb_imagewidth = $thumb_imagedata[0]; $thumb_imageheight = $thumb_imagedata[1]; $thumb_filesize = filesize("{$config['vtour_upload_path']}/{$thumb_file_name}"); $thumb_filesize = $thumb_filesize / 1000; // alternate the colors if ($count == 0) { $count = 1; } else { $count = 0; } $display .= '<tr class="image_row_' . $count . '"><td valign="top" class="image_row_' . $count . '" width="150"><b>' . $file_name . '</b><br />' . $lang['width'] . '=' . $imagewidth . '<br />' . $lang['height'] . '=' . $imageheight . '<br />' . $lang['size'] . '=' . $filesize . ' k<br />'; $display .= '<br />' . $lang['thumbnail'] . ':<br />'; $display .= '<img src="' . $config['vtour_view_images_path'] . '/' . $thumb_file_name . '" width="' . $displaywidth . '" border="1" alt="" />'; $display .= '<br />' . $lang['width'] . '=' . $thumb_imagewidth . '<br />' . $lang['height'] . '=' . $thumb_imageheight . '<br />' . $lang['size'] . '=' . $thumb_filesize . ' k<br />'; $display .= '<br /><a href="index.php?action=edit_vtour_images&delete=' . $pic_id . '&edit=' . $edit . '" onclick="return confirmDelete()">' . $lang['delete'] . '</a>'; $display .= '</td><td align="center" class="image_row_' . $count . '"><img src="' . $config['vtour_view_images_path'] . '/' . $file_name . '" border="1" width="600" alt="" />'; $display .= '</tr><tr><td align="center" class="image_row_' . $count . '" colspan="2">'; $display .= '<input type="hidden" name="pic[]" value="' . $file_name . '" />'; $display .= '<table border="0">'; $display .= '<tr><td align="right" class="image_row_' . $count . '"><b>' . $lang['admin_template_editor_field_rank'] . ':</b></td><td align="left"><input type="text" name="rank[]" value="' . $rank . '" /><div class="small">' . $lang['upload_rank_explanation'] . '</div></td></tr>'; $display .= '<tr><td align="right" class="image_row_' . $count . '"><b>' . $lang['upload_caption'] . ':</b></td><td align="left"><input type="text" name="caption[]" value="' . $caption . '" /></td></tr>'; $display .= '<tr><td align="right" class="image_row_' . $count . '"><b>' . $lang['upload_description'] . ':</b><td align="left"><textarea name="description[]" rows="6" cols="40">' . $description . '</textarea></td></tr>'; $display .= '</table>'; $display .= '</td></tr><tr><td colspan="2"><hr /></td></tr>'; $recordSet->MoveNext(); } elseif ($ext == 'egg') { // alternate the colors if ($count == 0) { $count = 1; } else { $count = 0; } $display .= '<tr class="image_row_' . $count . '"><td valign="top" align="center" class="image_row_' . $count . '"><b>' . $file_name . '</b><br />'; $display .= '<img src="' . $config[baseurl] . '/images/eggimage.gif" border="1" />'; $display .= '<br /><a href="index.php?action=edit_vtour_images&delete=' . $pic_id . '&edit=' . $edit . '" onclick="return confirmDelete()">' . $lang['delete'] . '</a>'; $display .= '</tr>'; $recordSet->MoveNext(); } else { // alternate the colors if ($count == 0) { $count = 1; } else { $count = 0; } $display .= '<tr class="image_row_' . $count . '"><td valign="top" class="image_row_' . $count . '" width="150"><b>' . $lang[unsupported_vtour] . '<br />' . $file_name . '</b><br />' . $lang[size] . '=' . $filesize . 'k<br />'; $display .= '<br /><a href="index.php?action=edit_vtour_images&delete=' . $pic_id . '&edit=' . $edit . '" onclick="return confirmDelete()">' . $lang['delete'] . '</a>'; $display .= '</tr><tr><td align="center" class="image_row_' . $count . '">'; $display .= '<input type="hidden" name="pic[]" value="' . $file_name . '" />'; $display .= '<table border="0">'; $display .= '<tr><td align="right" class="image_row_' . $count . '"><b>' . $lang['admin_template_editor_field_rank'] . ':</b></td><td align="left"><input type="text" name="rank[]" value="' . $rank . '" /><div class="small">' . $lang['upload_rank_explanation'] . '</div></td></tr>'; $display .= '<tr><td align="right" class="image_row_' . $count . '"><b>' . $lang['upload_caption'] . ':</b></td><td align="left"><input type="text" name="caption[]" value="' . $caption . '" /></td></tr>'; $display .= '<tr><td align="right" class="image_row_' . $count . '"><b>' . $lang['upload_description'] . ':</b><td align="left"><textarea name="description[]" rows="6" cols="40">' . $description . '</textarea></td></tr>'; $display .= '</table>'; $display .= '</td></tr><tr><td><hr /></td></tr>'; $recordSet->MoveNext(); } // end else it's not a supported vtour } // end while $display .= '<tr><td align="center" class="image_row_' . $count . '" colspan="2"><input type="submit" value="' . $lang['update'] . '" />'; $display .= '</table>'; $display .= '<input type="hidden" name="edit" value="' . $edit . '" />'; $display .= '<input type="hidden" name="action" value="update_pic" />'; $display .= '</form>'; return $display; }
function create_download($ID, $file_id, $type) { global $config, $conn; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); $folderid = $ID; $ID = $misc->make_db_extra_safe($ID); $fileID = $misc->make_db_extra_safe($file_id); if ($type == 'listing') { $file_upload_path = $config['listings_file_upload_path']; $file_view_path = $config['listings_view_file_path']; $sqltype = 'listings'; } else { $file_upload_path = $config['users_file_upload_path']; $file_view_path = $config['users_view_file_path']; $sqltype = 'user'; } $sql = "SELECT DISTINCT " . $type . "sfiles_file_name FROM " . $config['table_prefix'] . "" . $type . "sfiles WHERE (" . $sqltype . "db_id = {$ID}) AND (" . $type . "sfiles_id = " . $fileID . ") ORDER BY " . $type . "sfiles_rank"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } while (!$recordSet->EOF) { $file_filename = $misc->make_db_unsafe($recordSet->fields[$type . 'sfiles_file_name']); $recordSet->MoveNext(); } $fullPath = $file_upload_path . '/' . $folderid . '/' . $file_filename; if ($fd = fopen($fullPath, "r")) { $fsize = filesize($fullPath); $path_parts = pathinfo($fullPath); header("Content-type: application/octet-stream"); header("Content-Disposition: attachment; filename=\"" . $path_parts["basename"] . "\""); header("Content-length: {$fsize}"); header("Cache-control: private"); //use this to open files directly while (!feof($fd)) { $buffer = fread($fd, 2048); echo $buffer; } } fclose($fd); }
function get_blog_keywords($blog_id) { global $conn, $config; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); if (isset($_GET['PageID'])) { $blog_id = $misc->make_db_safe($blog_id); $sql = "SELECT blogmain_keywords FROM " . $config['table_prefix'] . "blogmain WHERE blogmain_id=" . $blog_id; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $keywords = $misc->make_db_unsafe($recordSet->fields['blogmain_keywords']); return $keywords; } else { return ''; } }
function renderNotifyListings($listingIDArray, $search_title, $user_name, $email) { global $conn, $lang, $config, $db_type, $current_ID; //Load the Core Template class and the Misc Class require_once $config['basepath'] . '/include/class/template/core.inc.php'; $page = new page_user(); require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); require_once $config['basepath'] . '/include/listing.inc.php'; $listingclass = new listing_pages(); //Declare an empty display variable to hold all output from function. $display = ''; //If We have a $current_ID save it $old_current_ID = ''; if ($current_ID != '') { $old_current_ID = $current_ID; } //Load the Notify Listing Template specified in the Site Config $page->load_page($config['template_path'] . '/' . $config['notify_listings_template']); // Determine if the template uses rows. // First item in array is the row conent second item is the number of block per block row $notify_template_row = $page->get_template_section_row('notify_listing_block_row'); if (is_array($notify_template_row)) { $row = $notify_template_row[0]; $col_count = $notify_template_row[1]; $user_rows = true; $x = 1; //Create an empty array to hold the row conents $new_row_data = array(); } else { $user_rows = false; } $notify_template_section = ''; foreach ($listingIDArray as $current_ID) { if ($user_rows == true && $x > $col_count) { //We are at then end of a row. Save the template section as a new row. $new_row_data[] = $page->replace_template_section('notify_listing_block', $notify_template_section, $row); //$new_row_data[] = $notify_template_section; $notify_template_section = $page->get_template_section('notify_listing_block'); $x = 1; } else { $notify_template_section .= $page->get_template_section('notify_listing_block'); } $listing_title = $listingclass->get_title($current_ID); if ($config['url_style'] == '1') { $notify_url = $config['baseurl'] . '/index.php?action=listingview&listingID=' . $current_ID; // ##### } else { $url_title = str_replace("/", "", $listing_title); $url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title)); $notify_url = $config['baseurl'] . '/listing-' . misc::urlencode_to_sef($url_title) . '-' . $current_ID . '.html'; // ##### } $notify_template_section = $page->replace_listing_field_tags($current_ID, $notify_template_section); $notify_template_section = $page->replace_listing_field_tags($current_ID, $notify_template_section); $notify_template_section = $page->parse_template_section($notify_template_section, 'notify_url', $notify_url); $notify_template_section = $page->parse_template_section($notify_template_section, 'listingid', $current_ID); // Setup Image Tags $sql2 = "SELECT listingsimages_thumb_file_name,listingsimages_file_name\n\t\t\t\t\tFROM " . $config['table_prefix'] . "listingsimages\n\t\t\t\t\tWHERE (listingsdb_id = {$current_ID})\n\t\t\t\t\tORDER BY listingsimages_rank"; $recordSet2 = $conn->SelectLimit($sql2, 1, 0); if ($recordSet2 === false) { $misc->log_error($sql2); } if ($recordSet2->RecordCount() > 0) { $thumb_file_name = $misc->make_db_unsafe($recordSet2->fields['listingsimages_thumb_file_name']); $file_name = $misc->make_db_unsafe($recordSet2->fields['listingsimages_file_name']); if ($thumb_file_name != "" && file_exists("{$config['listings_upload_path']}/{$thumb_file_name}")) { // gotta grab the thumbnail image size $imagedata = GetImageSize("{$config['listings_upload_path']}/{$thumb_file_name}"); $imagewidth = $imagedata[0]; $imageheight = $imagedata[1]; $shrinkage = $config['thumbnail_width'] / $imagewidth; $notify_thumb_width = $imagewidth * $shrinkage; $notify_thumb_height = $imageheight * $shrinkage; $notify_thumb_src = $config['listings_view_images_path'] . '/' . $thumb_file_name; // gotta grab the thumbnail image size $imagedata = GetImageSize("{$config['listings_upload_path']}/{$file_name}"); $imagewidth = $imagedata[0]; $imageheight = $imagedata[1]; $notify_width = $imagewidth; $notify_height = $imageheight; $notify_src = $config['listings_view_images_path'] . '/' . $file_name; } } else { if ($config['show_no_photo'] == 1) { $imagedata = GetImageSize($config['basepath'] . "/images/nophoto.gif"); $imagewidth = $imagedata[0]; $imageheight = $imagedata[1]; $shrinkage = $config['thumbnail_width'] / $imagewidth; $notify_thumb_width = $imagewidth * $shrinkage; $notify_thumb_height = $imageheight * $shrinkage; $notify_thumb_src = $config['baseurl'] . '/images/nophoto.gif'; $notify_width = $notify_thumb_width; $notify_height = $notify_thumb_height; $notify_src = $config['baseurl'] . '/images/nophoto.gif'; } else { $notify_thumb_width = ''; $notify_thumb_height = ''; $notify_thumb_src = ''; $notify_width = ''; $notify_height = ''; $notify_src = ''; } } if (!empty($notify_thumb_src)) { $notify_template_section = $page->parse_template_section($notify_template_section, 'notify_thumb_src', $notify_thumb_src); $notify_template_section = $page->parse_template_section($notify_template_section, 'notify_thumb_height', $notify_thumb_height); $notify_template_section = $page->parse_template_section($notify_template_section, 'notify_thumb_width', $notify_thumb_width); $notify_template_section = $page->cleanup_template_block('notify_img', $notify_template_section); } else { $notify_template_section = $page->remove_template_block('notify_img', $notify_template_section); } if (!empty($notify_src)) { $notify_template_section = $page->parse_template_section($notify_template_section, 'notify_large_src', $notify_src); $notify_template_section = $page->parse_template_section($notify_template_section, 'notify_large_height', $notify_height); $notify_template_section = $page->parse_template_section($notify_template_section, 'notify_large_width', $notify_width); $notify_template_section = $page->cleanup_template_block('notify_img_large', $notify_template_section); } else { $notify_template_section = $page->remove_template_block('notify_img_large', $notify_template_section); } if ($user_rows == true) { $x++; } } if ($user_rows == true) { $notify_template_section = $page->cleanup_template_block('notify_listing', $notify_template_section); $new_row_data[] = $page->replace_template_section('notify_listing_block', $notify_template_section, $row); $replace_row = ''; foreach ($new_row_data as $rows) { $replace_row .= $rows; } $page->replace_template_section_row('notify_listing_block_row', $replace_row); } else { $page->replace_template_section('notify_listing_block', $notify_template_section); } $page->replace_permission_tags(); $page->replace_urls(); $page->auto_replace_tags(); $page->replace_lang_template_tags(); $display .= $page->return_page(); $current_ID = ''; if ($old_current_ID != '') { $current_ID = $old_current_ID; } return $display; }
/** * maps::create_map_link() * This is the function to call to show a map link. It should be called from the listing detail page, or any page where $_GET['listingID'] is set. * This function then calls the appropriate make_mapname function as specified in the configuration. * * @see maps::make_mapquest() * @see maps::make_yahoo_us() * @return string Return the URL for the map as long as the required fields are filled out, if not it returns a empty string. */ function create_map_link($url_only = 'no') { global $conn, $config; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); // Map Type // Get Address, City, State, Zip // Create Blank Variables $display = ''; $address = ''; $city = ''; $state = ''; $zip = ''; // Get Listing ID $sql_listingID = $misc->make_db_safe($_GET['listingID']); $listing_title = urlencode(listing_pages::get_title($_GET['listingID'])); // get address $sql_address_field = $misc->make_db_safe($config['map_address']); $sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_address_field}))"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } while (!$recordSet->EOF) { $address = urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value'])); $recordSet->MoveNext(); } // end while // Add address fields 2 & 3 $sql_address_field = $misc->make_db_safe($config['map_address2']); $sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_address_field}))"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } while (!$recordSet->EOF) { $address .= ' ' . urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value'])); $recordSet->MoveNext(); } // end while $sql_address_field = $misc->make_db_safe($config['map_address3']); $sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_address_field}))"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } while (!$recordSet->EOF) { $address .= ' ' . urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value'])); $recordSet->MoveNext(); } // end while $sql_address_field = $misc->make_db_safe($config['map_address4']); $sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_address_field}))"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } while (!$recordSet->EOF) { $address .= ' ' . urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value'])); $recordSet->MoveNext(); } // end while // get city $sql_city_field = $misc->make_db_safe($config['map_city']); $sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_city_field}))"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } while (!$recordSet->EOF) { $city = urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value'])); $recordSet->MoveNext(); } // end while // get state $sql_state_field = $misc->make_db_safe($config['map_state']); $sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_state_field}))"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } while (!$recordSet->EOF) { $state = urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value'])); $recordSet->MoveNext(); } // end while // get zip $sql_zip_field = $misc->make_db_safe($config['map_zip']); $sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_zip_field}))"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } while (!$recordSet->EOF) { $zip = urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value'])); $recordSet->MoveNext(); } // end while // get zip $sql_country_field = $misc->make_db_safe($config['map_country']); $sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_country_field}))"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } while (!$recordSet->EOF) { $country = urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value'])); $recordSet->MoveNext(); } // end while if ($address != '' || $city != '' || $state != '' || $zip != '') { $map_type = 'make_' . $config['map_type']; $pos = strpos($map_type, 'mapquest'); $pos2 = strpos($map_type, 'multimap'); $pos3 = strpos($map_type, 'global_'); if ($pos3 !== false) { if ($pos !== false) { $display = maps::make_mapquest($country, $address, $city, $state, $zip, $listing_title, $url_only); } elseif ($pos2 !== false) { $display = maps::make_multimap($country, $address, $city, $state, $zip, $listing_title, $url_only); } } elseif ($pos !== false) { $country = substr($map_type, -2); $display = maps::make_mapquest($country, $address, $city, $state, $zip, $listing_title, $url_only); } elseif ($pos2 !== false) { $country = substr($map_type, -2); $display = maps::make_multimap($country, $address, $city, $state, $zip, $listing_title, $url_only); } else { $display = maps::$map_type($address, $city, $state, $zip, $listing_title, $url_only); } } return $display; }
function show_users($filter = '', $lookup_field = '', $lookup_value = '') { global $conn, $config, $lang; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); // Verify User is an Admin $security = login::loginCheck('edit_all_users', true); $display = ''; $filter_sql = ''; if ($filter == 'agents') { $filter_sql = " WHERE userdb_is_agent = 'yes'"; } elseif ($filter == 'members') { $filter_sql = " WHERE userdb_is_agent = 'no' AND userdb_is_admin = 'no'"; } elseif ($filter == 'admins') { $filter_sql = " WHERE userdb_is_admin = 'yes'"; } if ($security === true) { $sql = "SELECT * FROM " . $config['table_prefix'] . "userdb {$filter_sql} ORDER BY userdb_id "; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $num_rows = $recordSet->RecordCount(); if (!isset($_GET['cur_page'])) { $_GET['cur_page'] = 0; } $display .= '<center>' . $misc->next_prev($num_rows, intval($_GET['cur_page'])) . '</center>'; // put in the next/previous stuff // build the string to select a certain number of users per page $limit_str = intval($_GET['cur_page']) * $config['listings_per_page']; $recordSet = $conn->SelectLimit($sql, $config['listings_per_page'], $limit_str); if ($recordSet === false) { $misc->log_error($sql); } $count = 0; // $display .= "<br /><br />"; while (!$recordSet->EOF) { // alternate the colors if ($count == 0) { $count = $count + 1; } else { $count = 0; } // strip slashes so input appears correctly $edit_ID = $recordSet->fields['userdb_id']; $edit_user_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_name']); $edit_user_first_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_first_name']); $edit_user_last_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_last_name']); $edit_emailAddress = $misc->make_db_unsafe($recordSet->fields['userdb_emailaddress']); $edit_active = $recordSet->fields['userdb_active']; $edit_isAgent = $recordSet->fields['userdb_is_agent']; $edit_isAdmin = $recordSet->fields['userdb_is_admin']; $edit_canEditSiteConfig = $recordSet->fields['userdb_can_edit_site_config']; $edit_canEditMemberTemplate = $recordSet->fields['userdb_can_edit_member_template']; $edit_canEditAgentTemplate = $recordSet->fields['userdb_can_edit_agent_template']; $edit_canEditListingTemplate = $recordSet->fields['userdb_can_edit_listing_template']; $edit_canFeatureListings = $recordSet->fields['userdb_can_feature_listings']; $edit_canViewLogs = $recordSet->fields['userdb_can_view_logs']; $edit_canModerate = $recordSet->fields['userdb_can_moderate']; $edit_can_have_vtours = $recordSet->fields['userdb_can_have_vtours']; $edit_can_edit_expiration = $recordSet->fields['userdb_can_edit_expiration']; $edit_can_export_listings = $recordSet->fields['userdb_can_export_listings']; $edit_canEditAllListings = $recordSet->fields['userdb_can_edit_all_listings']; $edit_canEditAllUsers = $recordSet->fields['userdb_can_edit_all_users']; $edit_canEditPropertyClasses = $recordSet->fields['userdb_can_edit_property_classes']; // Determine user type if ($edit_isAgent == 'yes') { $user_type = $lang['user_manager_agent']; } elseif ($edit_isAdmin == 'yes') { $user_type = $lang['user_manager_admin']; } else { $user_type = $lang['user_manager_member']; } // Layout Start $display .= '<table width="600" border="0" align="center" cellpadding="0" cellspacing="0">'; // $display .= '<tbody style="border-width:thin;border-style:solid;border-color:#FFFFFF;">'; $display .= '<tr bgcolor="#330099">'; $display .= '<td width="510" colspan="2" style="padding-left:2px">'; $display .= '<span style="color:#FFFFFF;font-weight:bold;">' . $edit_user_first_name . ' ' . $edit_user_last_name . ' (' . $edit_ID . '): ' . $edit_emailAddress . '</span>'; $display .= '</td>'; $display .= '<td width="90" align="right">'; $display .= '<a href="index.php?action=user_manager&edit=' . $edit_ID . '"><img src="images/' . $config['lang'] . '/user_manager_edit.jpg" alt="' . $lang['user_manager_edit_user'] . '" width="16" height="16"></a>'; $display .= '<img src="images/blank.gif" alt=" " width="16" height="16">'; $display .= '<a href="index.php?action=user_manager&delete=' . $edit_ID . '" onclick="return confirmDelete(\'' . $lang['delete_user'] . '\')"><img src="images/' . $config['lang'] . '/user_manager_delete.jpg" alt="' . $lang['user_manager_delete_user'] . '" width="16" height="16"></a>'; $display .= '</td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td colspan="2"><strong>' . $lang['user_manager_user_name'] . ': ' . $edit_user_name . '</strong></td>'; $display .= '<td></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td colspan="2"><strong>' . $lang['user_manager_account_type'] . ': ' . $user_type . '</strong></td>'; $display .= '<td></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td colspan="2"><strong>' . $lang['user_manager_active'] . ': ' . $edit_active . '</strong></td>'; $display .= '<td></td>'; $display .= '</tr>'; if ($edit_isAgent == 'yes') { $display .= '<tr>'; $display .= '<td colspan="2"><strong>' . $lang['user_manager_admin'] . ': ' . $edit_isAdmin . '</strong></td>'; $display .= '<td></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td colspan="2"><strong>' . $lang['user_manager_vtour'] . ': ' . $edit_can_have_vtours . '</strong></td>'; $display .= '<td></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td colspan="2"><strong>' . $lang['user_manager_featured_listings'] . ': ' . $edit_canFeatureListings . '</strong></td>'; $display .= '<td></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td colspan="2"><strong>' . $lang['user_manager_edit_expiration'] . ': ' . $edit_can_edit_expiration . '</strong></td>'; $display .= '<td></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td colspan="2"><strong>' . $lang['user_manager_export_listings'] . ': ' . $edit_can_export_listings . '</strong></td>'; $display .= '<td></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td colspan="2"><strong>' . $lang['user_manager_edit_all_listings'] . ': ' . $edit_canEditAllListings . '</strong></td>'; $display .= '<td></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td colspan="2"><strong>' . $lang['user_manager_edit_all_users'] . ': ' . $edit_canEditAllUsers . '</strong></td>'; $display .= '<td></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td colspan="2"><strong>' . $lang['user_manager_edit_property_classes'] . ': ' . $edit_canEditPropertyClasses . '</strong></td>'; $display .= '<td></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td colspan="2"><strong>' . $lang['user_manager_moderate'] . ': ' . $edit_canModerate . '</strong></td>'; $display .= '<td></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td colspan="2"><strong>' . $lang['user_manager_view_logs'] . ': ' . $edit_canViewLogs . '</strong></td>'; $display .= '<td></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td colspan="2"><strong>' . $lang['user_manager_member_template_access'] . ': ' . $edit_canEditMemberTemplate . '</strong></td>'; $display .= '<td></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td colspan="2"><strong>' . $lang['user_manager_agent_template_access'] . ': ' . $edit_canEditAgentTemplate . '</strong></td>'; $display .= '<td></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td colspan="2"><strong>' . $lang['user_manager_listing_template_access'] . ': ' . $edit_canEditListingTemplate . '</strong></td>'; $display .= '<td></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td colspan="2"><strong>' . $lang['user_manager_site_config_access'] . ': ' . $edit_canEditSiteConfig . '</strong></td>'; $display .= '<td></td>'; $display .= '</tr>'; } // $display .= '</tbody>'; $display .= '</table>'; $recordSet->MoveNext(); } // end while } // End Verify User isAdmin return $display; }
/** * Contact::ContactAgentForm() * * @param integer $listing_id This should hold the listing ID. Listing_id is used only if agent_id is not set * @param integer $agent_id This should hold the agent id * @return */ function ContactAgentForm($listing_id = 0, $agent_id = 0) { global $conn, $config, $lang; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); $display = ''; $error = array(); $listing_id = intval($listing_id); $agent_id = intval($agent_id); if ($agent_id == 0) { if ($listing_id != 0) { $sql_listing_id = $misc->make_db_safe($listing_id); $sql = 'SELECT userdb_id FROM ' . $config['table_prefix'] . 'listingsdb WHERE listingsdb_id = ' . $sql_listing_id; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $agent_id = $misc->make_db_unsafe($recordSet->fields['userdb_id']); } } if (isset($_POST['message'])) { // Make sure there is a message if ($_SESSION['security_code'] != md5($_POST['security_code']) && $config["use_email_image_verification"] == 1) { $error[] = 'email_verification_code_not_valid'; } if (trim($_POST['name']) == '') { $error[] = 'email_no_name'; } if (trim($_POST['email']) == '') { $error[] = 'email_no_email_address'; } elseif ($misc->validate_email($_POST['email']) !== true) { $error[] = 'email_invalid_email_address'; } if (trim($_POST['subject']) == '') { $error[] = 'email_no_subject'; } if (trim($_POST['message']) == '') { $error[] = 'email_no_message'; } } if (count($error) == 0 && isset($_POST['message'])) { // Grab Agents Email $sql_agent_id = $misc->make_db_safe($agent_id); $sql = 'SELECT userdb_emailaddress FROM ' . $config['table_prefix'] . 'userdb WHERE userdb_id = ' . $sql_agent_id; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } if ($config["include_senders_ip"] == 1) { $_POST['message'] .= "\r\n" . $lang['senders_ip_address'] . $_SERVER["REMOTE_ADDR"]; } if ($recordSet->RecordCount() != 0) { $emailaddress = $misc->make_db_unsafe($recordSet->fields['userdb_emailaddress']); // Send Mail $sent = $misc->send_email($_POST['name'], $_POST['email'], $emailaddress, $_POST['message'], $_POST['subject']); if ($sent === true) { $display .= $lang['email_listing_agent_sent']; } else { $display .= $sent; } } } else { if (count($error) != 0) { foreach ($error as $err) { $display .= '<div class="error_text">' . $lang[$err] . '</div>'; } } $name = ''; $email = ''; $subject = ''; if ($listing_id !== 0) { $subject = $lang['email_in_reference_to_listing'] . $listing_id; } $message = ''; if (isset($_POST['message'])) { $email = stripslashes($_POST['email']); $name = stripslashes($_POST['name']); $message = stripslashes($_POST['message']); $subject = stripslashes($_POST['subject']); } $display .= '<form name="contact_agent" method="post" action="index.php?action=contact_agent&popup=yes&listing_id=' . $listing_id . '&agent_id=' . $agent_id . '"> <table border="0" cellspacing="2" cellpadding="4"> <tr> <td colspan="2" style="vertical-align: top" class="TitleColor"><label for="name">' . $lang['email_your_name'] . ' </label> <input id="name" name="name" value="' . htmlentities($name) . '" type="text" size="50"> </td> </tr> <tr> <td colspan="2" style="vertical-align: top" class="TitleColor"><label for="email">' . $lang['email_your_email'] . ' </label> <input id="email" name="email" value="' . htmlentities($email) . '" type="text" size="50"> </td> </tr> <tr> <td colspan="2" style="vertical-align: top" class="TitleColor"><label for="subject">' . $lang['email_your_subject'] . '</label> <input id="subject" name="subject" value="' . htmlentities($subject) . '" type="text" size="50"> </td> </tr> <tr> <td colspan="2" style="vertical-align: top" class="TitleColor"><label for="message">' . $lang['email_your_message'] . '</label> <br /> <br /> <textarea id="message" name="message" rows="5" cols="50">' . htmlentities($message) . '</textarea> </td> </tr>'; if ($config["use_email_image_verification"] == 1) { $display .= '<tr> <td colspan="2"><img src="' . $config['baseurl'] . '/include/class/captcha/captcha_image.php" /></td> </tr> <tr> <td colspan="2" style="vertical-align: top" class="TitleColor"><label for="security_code">' . $lang['email_verification_code'] . '</label> <input id="security_code" name="security_code" type="text" /> </td> </tr>'; } $display .= '<tr> <td colspan="2"><input type="submit" name="Submit" value="' . $lang['email_send'] . '"> </td> </tr> </table> </form>'; } return $display; }
function quicksearch_form() { global $conn, $config; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); $display = ""; $display .= "<form action='index.php'method='get' name='class_search_form' id='class_search_form'>"; //Select "Purpose" START $sql = "SELECT listingsdbelements_field_value FROM " . $config['table_prefix'] . "listingsdbelements WHERE listingsdbelements_field_name = 'purpose'"; $rs = $conn->Execute($sql); if (!$rs) { $misc->log_error($sql); } $i = 0; while (!$rs->EOF) { $current_value = $misc->make_db_unsafe($rs->fields['listingsdbelements_field_value']); $rs->MoveNext(); $purpose[$i] = $current_value; $i++; } $purpose = array_unique($purpose); sort($purpose); $display .= ""; //<strong>{lang_quicksearch_purpose}: </strong> for ($i = 0; $i < count($purpose); $i++) { $display .= "<input class='checkbox' type='radio'"; if ($i == 1) { $display .= " checked "; } $display .= "name='purpose' value='" . $purpose[$i] . " '>" . $purpose[$i] . " "; } $display .= "<br /><br />"; //Select "Purpose" END //Select "Property Type" START $sql = "SELECT class_id, class_name FROM " . $config['table_prefix'] . "class"; $rs = $conn->Execute($sql); if (!$rs) { $misc->log_error($sql); } $i = 0; $display .= "<strong>{lang_quicksearch_property_type}</strong><br />\n\t\t\t\t\t\t\t\t<select class='inputbox' name='pclass[]'>"; $display .= "<option value=''>" . "{lang_quicksearch_all}" . "</option>"; while (!$rs->EOF) { $i++; $value_classname = $misc->make_db_unsafe($rs->fields['class_name']); $value_classid = $misc->make_db_unsafe($rs->fields['class_id']); $display .= "<option value='" . $value_classid . "'>" . $value_classname . "</option>"; $rs->MoveNext(); } //Select "Property Type" END //Select "Region" START $sql = "SELECT listingsdbelements_field_value FROM " . $config['table_prefix'] . "listingsdbelements WHERE listingsdbelements_field_name = 'region'"; $rs = $conn->Execute($sql); if (!$rs) { $misc->log_error($sql); } $i = 0; while (!$rs->EOF) { $current_value = $misc->make_db_unsafe($rs->fields['listingsdbelements_field_value']); $rs->MoveNext(); $regions[$i] = $current_value; $i++; } $regions = array_unique($regions); sort($regions); $display .= "</select><br />\n\t\t\t<strong>{lang_quicksearch_region}</strong> <br />\n\t\t\t<select class='inputbox' name='region'>\n \t\t<option value=''>{lang_quicksearch_all}</option>"; for ($i = 0; $i < count($regions); $i++) { $display .= "<option value='" . $regions[$i] . "'>" . $regions[$i] . "</option>"; } //Select "Region" END $display .= "</select><br />\n\t\t<strong>{lang_quicksearch_price}</strong> <br />\n\t\t<input class='inputbox' type='Text' name='price-min' size='7' maxlength='10'>-<input class='inputbox' type='Text' name='price-max' size='7' maxlength='10'> €<br />\n\t\t<!-- <strong>Reference ID</strong><br />\n\t\t<input class='inputbox' type='Text' name='reference_id[]' size='10' maxlength='10'><br /> -->\t\t\t\t\t\n\t\t<input name='action' id='action' value='' type='hidden' />\t\t\n\t\t<strong><input id='find' name='view_search_results' value='{lang_search_button}' type='button' onclick='document.class_search_form.action.value=\"searchresults\";document.getElementById(\"class_search_form\").submit();' /></strong>\n\t\t<br /><br />\n\t\t<a href='index.php?action=search_step_2'>{lang_quicksearch_detailed_search}</a>\n\t\t</form>"; return $display; }
function create_vcard($user) { global $config, $conn; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); require_once $config['basepath'] . '/include/class/vcard/vcard.inc.php'; $v = new vCard(); $first = $this->get_user_first_name($user); $last = $this->get_user_last_name($user); $v->setName($last, $first); $sql = 'SELECT userdb_emailaddress FROM ' . $config['lang_table_prefix'] . 'userdb WHERE userdb_id=' . $user; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $email = $recordSet->fields['userdb_emailaddress']; $v->setEmail($email); $sql = $sql = "SELECT userdbelements_field_name,userdbelements_field_value FROM " . $config['lang_table_prefix'] . "userdbelements WHERE userdb_id=" . $user; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } while (!$recordSet->EOF) { if ($recordSet->fields['userdbelements_field_name'] == $config['vcard_phone']) { $phone = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']); $v->setPhoneNumber($phone, "HOME;VOICE"); } elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_fax']) { $fax = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']); $v->setPhoneNumber($fax, "HOME;FAX"); } elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_mobile']) { $mobile = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']); $v->setPhoneNumber($mobile, "HOME;CELL"); } elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_notes']) { $notes = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']); $v->setNote($notes); } elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_url']) { $url = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']); $v->setURL($url, "HOME"); } elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_address']) { $address = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']); } elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_city']) { $city = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']); } elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_state']) { $state = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']); } elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_zip']) { $zip = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']); } elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_country']) { $country = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']); } $v->setAddress("", "", $address, $city, $state, $zip, $country, "HOME;POSTAL"); $recordSet->MoveNext(); } $output = $v->getVCard(); echo $output; $filename = $v->getFileName(); Header("Content-Disposition: attachment; filename={$filename}"); Header("Content-Length: " . strlen($output)); Header("Connection: close"); Header("Content-Type: text/x-vCard; name={$filename}"); }
function view_saved_searches() { global $config, $lang, $conn; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); $display = ''; $status = login::loginCheck('Member'); if ($status === true) { $display .= '<h3>' . $lang['saved_searches'] . '</h3>'; $userID = $misc->make_db_safe($_SESSION['userID']); $sql = "SELECT usersavedsearches_id, usersavedsearches_title, usersavedsearches_query_string FROM " . $config['table_prefix'] . "usersavedsearches WHERE userdb_id = {$userID} ORDER BY usersavedsearches_title"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $num_columns = $recordSet->RecordCount(); if ($num_columns == 0) { $display .= $lang['no_saved_searches'] . '<br /><br />'; } else { while (!$recordSet->EOF) { $title = $misc->make_db_unsafe($recordSet->fields['usersavedsearches_title']); if ($title == '') { $title = $lang['saved_search']; } $display .= '<a href="index.php?action=searchresults&' . $misc->make_db_unsafe($recordSet->fields['usersavedsearches_query_string']) . '">' . $title . '</a> <div class="note"><a href="index.php?action=delete_search&searchID=' . $misc->make_db_unsafe($recordSet->fields['usersavedsearches_id']) . '" onclick="return confirmDelete()">' . $lang['delete_search'] . '</a></div><br /><br />'; $recordSet->MoveNext(); } } } else { $display = $status; } return $display; }
function view_favorites() { global $config, $lang, $conn; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); $security = login::loginCheck('Member'); if ($security === true) { $display = ''; $display .= '<h3>' . $lang['favorite_listings'] . '</h3>'; $userID = $misc->make_db_safe($_SESSION['userID']); $sql = "SELECT listingsdb_id FROM " . $config['table_prefix'] . "userfavoritelistings WHERE userdb_id = {$userID}"; $recordSet = $conn->Execute($sql); if ($recordSet == false) { $misc->log_error($sql); } $num_columns = $recordSet->RecordCount(); if ($num_columns == 0) { $display .= $lang['no_listing_in_favorites'] . '<br /><br />'; } else { $recordNum = 0; $listings = ''; while (!$recordSet->EOF) { if ($recordNum == 0) { $listings .= $recordSet->fields['listingsdb_id']; } else { $listings .= "," . $recordSet->fields['listingsdb_id']; } $recordNum++; $recordSet->MoveNext(); } $_GET['listing_id'] = $listings; require_once $config['basepath'] . '/include/search.inc.php'; $search = new search_page(); $display .= $search->search_results(); } // End else return $display; } else { return $security; } }
function edit_listing_field($edit_listing_field_name) { // include global variables global $conn, $lang, $config; $security = login::loginCheck('edit_listing_template', true); if ($security === true) { // Include the misc Class require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); $edit_listing_field_name = $misc->make_db_safe($edit_listing_field_name); $sql = "SELECT * FROM " . $config['table_prefix'] . "listingsformelements WHERE listingsformelements_field_name = {$edit_listing_field_name}"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $id = $misc->make_db_unsafe($recordSet->fields['listingsformelements_id']); $field_type = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_type']); $field_name = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_name']); // Multi Lingual Support if (!isset($_SESSION["users_lang"])) { // Hold empty string for translation fields, as we are workgin with teh default lang $default_lang_field_caption = ''; $default_lang_default_text = ''; $default_lang_field_elements = ''; $default_lang_search_label = ''; $field_caption = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_caption']); $default_text = $misc->make_db_unsafe($recordSet->fields['listingsformelements_default_text']); $field_elements = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_elements']); $search_label = $misc->make_db_unsafe($recordSet->fields['listingsformelements_search_label']); } else { // Store default lang to show for tanslator $default_lang_field_caption = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_caption']); $default_lang_default_text = $misc->make_db_unsafe($recordSet->fields['listingsformelements_default_text']); $default_lang_field_elements = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_elements']); $default_lang_search_label = $misc->make_db_unsafe($recordSet->fields['listingsformelements_search_label']); $default_lang_tool_tip = $misc->make_db_unsafe($recordSet->fields['listingsformelements_tool_tip']); $field_id = $recordSet->fields['listingsformelements_id']; $lang_sql = "SELECT listingsformelements_field_caption,listingsformelements_default_text,listingsformelements_field_elements,listingsformelements_search_label FROM " . $config['lang_table_prefix'] . "listingsformelements WHERE listingsformelements_id = {$field_id}"; $lang_recordSet = $conn->Execute($lang_sql); if (!$lang_recordSet) { $misc->log_error($lang_sql); } $field_caption = $misc->make_db_unsafe($lang_recordSet->fields['listingsformelements_field_caption']); $default_text = $misc->make_db_unsafe($lang_recordSet->fields['listingsformelements_default_text']); $field_elements = $misc->make_db_unsafe($lang_recordSet->fields['listingsformelements_field_elements']); $search_label = $misc->make_db_unsafe($lang_recordSet->fields['listingsformelements_search_label']); } $rank = $misc->make_db_unsafe($recordSet->fields['listingsformelements_rank']); $search_rank = $misc->make_db_unsafe($recordSet->fields['listingsformelements_search_rank']); $search_result_rank = $misc->make_db_unsafe($recordSet->fields['listingsformelements_search_result_rank']); $required = $misc->make_db_unsafe($recordSet->fields['listingsformelements_required']); $location = $misc->make_db_unsafe($recordSet->fields['listingsformelements_location']); $display_on_browse = $misc->make_db_unsafe($recordSet->fields['listingsformelements_display_on_browse']); $display_priv = $misc->make_db_unsafe($recordSet->fields['listingsformelements_display_priv']); $search_step = $misc->make_db_unsafe($recordSet->fields['listingsformelements_search_step']); $searchable = $misc->make_db_unsafe($recordSet->fields['listingsformelements_searchable']); $search_type = $misc->make_db_unsafe($recordSet->fields['listingsformelements_search_type']); $field_length = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_length']); $tool_tip = $misc->make_db_unsafe($recordSet->fields['listingsformelements_tool_tip']); $display = ''; $display .= '<br /><form action="' . $config['baseurl'] . '/admin/index.php?action=edit_listing_template" method="post" id="update_field">'; $display .= '<table align="center">'; $display .= '<tr>'; $display .= '<td colspan="2" align="center" class="templateEditorNew" valign="top"><hr><B>' . $lang['general_options'] . '</b></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td align="right" class="templateEditorHead" valign="top"><b>' . $lang['admin_template_editor_field_name'] . ':</b></td>'; $display .= '<td class="templateEditorHead" align="left"><input type="hidden" name="update_id" value="' . $id . '"><input type="hidden" name="old_field_name" value="' . $field_name . '"><input type="text" name="edit_field" value="' . $field_name . '"></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td align="right" class="templateEditorHead" valign="top"><b>' . $lang['admin_template_editor_field_type'] . ':</b></td>'; $display .= '<td class="templateEditorHead" align="left">'; $display .= '<select name="field_type" size="1">'; $display .= '<option value="' . $field_type . '" selected="selected">' . $lang[$field_type] . '</option>'; $display .= '<option value="">-----</option>'; $display .= '<option value="text">' . $lang['text'] . '</option>'; $display .= '<option value="textarea" >' . $lang['textarea'] . '</option>'; $display .= '<option value="select" >' . $lang['select'] . '</option>'; $display .= '<option value="select-multiple">' . $lang['select-multiple'] . '</option>'; $display .= '<option value="option" >' . $lang['option'] . '</option>'; $display .= '<option value="checkbox" >' . $lang['checkbox'] . '</option>'; $display .= '<option value="divider">' . $lang['divider'] . '</option>'; $display .= '<option value="price">' . $lang['price'] . '</option>'; $display .= '<option value="url">' . $lang['url'] . '</option>'; $display .= '<option value="email">' . $lang['email'] . '</option>'; $display .= '<option value="number">' . $lang['number'] . '</option>'; $display .= '<option value="decimal">' . $lang['decimal'] . '</option>'; $display .= '<option value="date">' . $lang['date'] . '</option>'; $display .= '<option value="lat">' . $lang['lat'] . '</option>'; $display .= '<option value="long">' . $lang['long'] . '</option>'; $display .= '</select>'; $display .= '</td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td align="right" class="templateEditorHead" valign="top"><b>' . $lang['admin_template_editor_field_required'] . ':</b></td>'; $display .= '<td class="templateEditorHead" align="left">'; $display .= '<select name="required" size="1">'; $display .= '<option value="' . $required . '" selected="selected">' . $lang[strtolower($required)] . '</option>'; $display .= '<option value="No">-----</option>'; $display .= '<option value="No">' . $lang['no'] . '</option>'; $display .= '<option value="Yes" >' . $lang['yes'] . '</option>'; $display .= '</select>'; $display .= '</td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td align="right" class="templateEditorHead" valign="top"><b>' . $lang['admin_template_editor_field_caption'] . ':</b></td>'; $display .= '<td class="templateEditorHead" align="left"><input type=text name="field_caption" value = "' . $field_caption . '">'; if (isset($_SESSION["users_lang"])) { // Show Fields value in default language. $display .= '<b>' . $lang['translate'] . '</b>' . ': ' . $default_lang_field_caption; } $display .= '</td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td align="right" class="templateEditorHead" valign="top"><b>' . $lang['admin_template_editor_field_elements'] . ':</b><br /><div class="small">(' . $lang['admin_template_editor_choices_separated'] . ')</div></td>'; $display .= '<td class="templateEditorHead" align="left"><textarea name="field_elements" cols="80" rows="5">' . $field_elements . '</textarea>'; if (isset($_SESSION["users_lang"])) { // Show Fields value in default language. $display .= '<br />' . '<b>' . $lang['translate'] . '</b>' . ': ' . $default_lang_field_elements; } $display .= '</td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td align="right" class="templateEditorHead" valign="top"><b>' . $lang['admin_template_editor_field_default_text'] . ':</b></td>'; $display .= '<td class="templateEditorHead" align="left"><input type=text name="default_text" value = "' . $default_text . '">'; if (isset($_SESSION["users_lang"])) { // Show Fields value in default language. $display .= '<b>' . $lang['translate'] . '</b>' . ': ' . $default_lang_default_text; } $display .= '</td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td align="right" class="templateEditorHead" valign="top"><b>' . $lang['admin_template_editor_tool_tip'] . ':</b></td>'; $display .= '<td class="templateEditorHead" align="left"><textarea name="tool_tip" cols="80" rows="5">' . $tool_tip . '</textarea>'; if (isset($_SESSION["users_lang"])) { // Show Fields value in default language. $display .= '<br />' . '<b>' . $lang['translate'] . '</b>' . ': ' . $default_lang_tool_tip; } $display .= '</td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td align="right" class="templateEditorHead" valign="top"><b>' . $lang['admin_template_editor_field_length'] . ':</b></td>'; $display .= '<td class="templateEditorHead" align="left"><input type=text name="field_length" value = "' . $field_length . '"></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td align="right" class="templateEditorHead" valign="top"><b>' . $lang['admin_template_editor_field_display_priv'] . ':</b></td>'; $display .= '<td class="templateEditorHead" align="left">'; $display .= '<select name="display_priv" size="1">'; $display .= '<option value="' . $display_priv . '" selected="selected">' . $lang['display_priv_' . $display_priv] . '</option>'; $display .= '<option value="0">-----</option>'; $display .= '<option value="0">' . $lang['display_priv_0'] . '</option>'; $display .= '<option value="1" >' . $lang['display_priv_1'] . '</option>'; $display .= '<option value="2" >' . $lang['display_priv_2'] . '</option>'; $display .= '<option value="3" >' . $lang['display_priv_3'] . '</option>'; $display .= '</select>'; $display .= '</td>'; $display .= '</tr>'; // Property Class Selection $display .= '<tr>'; $display .= '<td align="right" class="templateEditorHead" valign="top"><b>' . $lang['admin_template_editor_field_property_class'] . ':</b></td>'; $display .= '<td class="templateEditorHead" align="left">'; $display .= '<select name="property_class[]" multiple="multiple" size="5">'; // get list of all property clases $sql = 'SELECT class_name, class_id FROM ' . $config['table_prefix'] . 'class ORDER BY class_rank'; $recordSet = $conn->Execute($sql); if (!$recordSet) { $misc->log_error($sql); } while (!$recordSet->EOF()) { $class_id = $recordSet->fields['class_id']; $class_name = $recordSet->fields['class_name']; // check if this field is part of this class $sql = 'SELECT count(class_id) as exist FROM ' . $config['table_prefix_no_lang'] . 'classformelements WHERE listingsformelements_id = ' . $id . ' AND class_id =' . $class_id; $recordSet2 = $conn->Execute($sql); if (!$recordSet2) { $misc->log_error($sql); } $select = $recordSet2->fields['exist']; if ($select > 0) { $display .= '<option value="' . $class_id . '" selected="selected">' . $class_name . '</option>'; } else { $display .= '<option value="' . $class_id . '" >' . $class_name . '</option>'; } $recordSet->MoveNext(); } $display .= '</select>'; $display .= '</td>'; $display .= '</tr>'; // LISTING PAGE OPTIONS $display .= '<tr>'; $display .= '<td colspan="2" align="center" class="templateEditorNew" valign="top"><hr><B>' . $lang['listing_page_options'] . '</b></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td align="right" class="templateEditorHead" valign="top"><b>' . $lang['admin_template_editor_field_display_location'] . ':</b></td>'; $display .= '<td class="templateEditorHead" align="left">'; $display .= '<select name="location" size="1">'; $display .= '<option value="' . $location . '" selected="selected">' . $location . '</option>'; $display .= '<option value="">-- ' . $lang['do_not_display'] . ' --</option>'; $sections = explode(',', $config['template_listing_sections']); foreach ($sections as $section) { $display .= '<option value="' . $section . '">' . $section . '</option>'; } $display .= '</select>'; $display .= '</td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td align="right" class="templateEditorHead" valign="top"><b>' . $lang['admin_template_editor_field_rank'] . ':</b></td>'; $display .= '<td class="templateEditorHead" align="left" ><input type=text name="rank" value = "' . $rank . '"></td>'; $display .= '</tr>'; // Search Page Options $display .= '<tr>'; $display .= '<td colspan="2" align="center" class="templateEditorNew" valign="top"><hr><B>' . $lang['search_options'] . '</b></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td align="right" class="templateEditorNew" valign="top"><b>' . $lang['allow_searching'] . '</b></td>'; $display .= '<td class="templateEditorNew"><input type="checkbox" name="searchable" value="1" '; if ($searchable) { $display .= 'checked="checked"'; } $display .= '></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td align="right" class="templateEditorHead" valign="top"><b>' . $lang['admin_template_editor_field_rank_search'] . ':</b></td>'; $display .= '<td class="templateEditorHead" align="left" ><input type=text name="search_rank" value = "' . $search_rank . '"></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td align="right" class="templateEditorNew" valign="top"><b>' . $lang['search_label'] . '</b></td>'; $display .= '<td class="templateEditorNew"><input type="text" name="search_label" value="' . htmlspecialchars($search_label, ENT_COMPAT, $config['charset']) . '">'; if (isset($_SESSION["users_lang"])) { // Show Fields value in default language. $display .= '<b>' . $lang['translate'] . '</b>' . ': ' . $default_lang_search_label; } $display .= '</td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td align="right" class="templateEditorNew" valign="top"><b>' . $lang['search_type'] . '</b></td>'; $display .= '<td class="templateEditorNew">'; $display .= '<select name="search_type">'; if ($search_type != '') { $display .= '<option value="' . $search_type . '">' . $lang[$search_type . '_description'] . '</option>'; } $display .= '<option></option>'; $display .= '<option value="ptext">' . $lang['ptext_description'] . '</option>'; $display .= '<option value="optionlist">' . $lang['optionlist_description'] . '</option>'; $display .= '<option value="optionlist_or">' . $lang['optionlist_or_description'] . '</option>'; $display .= '<option value="fcheckbox">' . $lang['fcheckbox_description'] . '</option>'; $display .= '<option value="fcheckbox_or">' . $lang['fcheckbox_or_description'] . '</option>'; $display .= '<option value="fpulldown">' . $lang['fpulldown_description'] . '</option>'; $display .= '<option value="select">' . $lang['select_description'] . '</option>'; $display .= '<option value="select_or">' . $lang['select_or_description'] . '</option>'; $display .= '<option value="pulldown">' . $lang['pulldown_description'] . '</option>'; $display .= '<option value="checkbox">' . $lang['checkbox_description'] . '</option>'; $display .= '<option value="checkbox_or">' . $lang['checkbox_or_description'] . '</option>'; $display .= '<option value="option">' . $lang['option_description'] . '</option>'; $display .= '<option value="minmax">' . $lang['minmax_description'] . '</option>'; $display .= '<option value="daterange">' . $lang['daterange_description'] . '</option>'; $display .= '<option value="singledate">' . $lang['singledate_description'] . '</option>'; $display .= '<option value="null_checkbox">' . $lang['null_checkbox_description'] . '</option>'; $display .= '<option value="notnull_checkbox">' . $lang['notnull_checkbox_description'] . '</option>'; $display .= '</select>'; $display .= '</td>'; $display .= '<tr>'; $display .= '<td align="right" class="templateEditorNew" valign="top"><font size="1">++ </font><b>' . $lang['step_by'] . '</b></td>'; $display .= '<td class="templateEditorNew"><input type="text" name="search_step" value = "' . $search_step . '">'; $display .= '<br /><font size="1">' . $lang['used_for_range_selections_only'] . '</font>'; $display .= '</td>'; $display .= '</tr>'; // SEARCH RESULT OPTIONS $display .= '<tr>'; $display .= '<td colspan="2" align="center" class="templateEditorNew" valign="top"><hr><B>' . $lang['search_result_options'] . '</b></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td align="right" class="templateEditorHead" valign="top"><b>' . $lang['admin_template_editor_field_display_browse'] . ':</b></td>'; $display .= '<td class="templateEditorHead" align="left">'; $display .= '<select name="display_on_browse" size="1">'; $display .= '<option value="' . $display_on_browse . '" selected="selected">' . $lang[strtolower($display_on_browse)] . '</option>'; $display .= '<option value="No">-----</option>'; $display .= '<option value="No">' . $lang['no'] . '</option>'; $display .= '<option value="Yes" >' . $lang['yes'] . '</option>'; $display .= '</select>'; $display .= '</td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td align="right" class="templateEditorHead" valign="top"><b>' . $lang['admin_template_editor_field_rank_search_result'] . ':</b></td>'; $display .= '<td class="templateEditorHead" align="left" ><input type=text name="search_result_rank" value = "' . $search_result_rank . '"></td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td align="right" class="templateEditorHead" valign="top"> </td>'; $display .= '<td class="templateEditorHead" align="left"><input type="submit" name="field_submit" value="' . $lang['update_button'] . '"> <a href="' . $config['baseurl'] . '/admin/index.php?action=edit_listing_template&delete_field=' . $field_name . '" onclick="return confirmDelete()">' . $lang['delete'] . '</a></td>'; $display .= '</tr>'; $display .= '</table>'; $display .= '</form>'; return $display; } else { return '<div class="error_text">' . $lang['access_denied'] . '</div>'; } }
function show_classes() { global $conn, $config, $lang; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); // Verify User is an Admin $security = login::loginCheck('edit_property_classes', true); $display = ''; if ($security === true) { $display .= '<span class="section_header">' . $lang['property_class_editor'] . '</span><br /><br />'; $display .= '<table align="center" class="admin_property_class_table">'; $display .= '<tr>'; $display .= '<td><strong>' . $lang['property_class_id'] . '</strong></td><td><strong>' . $lang['property_class_name'] . '</strong></td><td><strong>' . $lang['property_class_rank'] . '</strong></td><td><strong>' . $lang['action'] . '</strong></td>'; $display .= '</tr>'; $sql = 'SELECT * FROM ' . $config['table_prefix'] . 'class ORDER BY class_rank'; $recordSet = $conn->Execute($sql); if (!$recordSet) { $misc->log_error($sql); } while (!$recordSet->EOF) { $class_name = $misc->make_db_unsafe($recordSet->fields['class_name']); $class_id = $misc->make_db_unsafe($recordSet->fields['class_id']); $class_rank = $misc->make_db_unsafe($recordSet->fields['class_rank']); $display .= '<tr><td>' . $class_id . '</td><td>' . $class_name . '</td><td>' . $class_rank . '</td><td><a href="index.php?action=delete_property_class&id=' . $class_id . '" onclick="return confirmDelete(\'' . $lang['delete_prop_class'] . '\')">' . $lang['delete'] . '</a> <a href="index.php?action=modify_property_class&id=' . $class_id . '">' . $lang['modify'] . '</a></td></tr>'; $recordSet->MoveNext(); } $display .= '</table>'; $display .= '<br /><a href="index.php?action=insert_property_class">' . $lang['property_class_insert'] . '</a>'; } else { } return $display; }
function forgot_password_reset() { global $config, $lang, $conn; $data = ''; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); if (!isset($_POST['user_pass'])) { if (isset($_GET['id']) || isset($_GET['email'])) { $id = $misc->make_db_safe($_GET['id']); $email = $misc->make_db_safe($_GET['email']); $sql = "SELECT forgot_id FROM " . $config['table_prefix_no_lang'] . "forgot WHERE forgot_email = {$email} AND forgot_rand = {$id} AND forgot_time > NOW() - INTERVAL 1 DAY"; // echo $sql.'<br />'; $recordSet = $conn->execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $num = $recordSet->RecordCount(); if ($num == 1) { $data .= '<form action="' . $config['baseurl'] . '/admin/index.php?action=forgot" method="post">'; $data .= '<input type="hidden" name="rand_id" value="' . htmlentities($_GET['id']) . '"><input type="hidden" name="email" value="' . htmlentities($_GET['email']) . '"><p>' . $lang['reset_password'] . ': <input type="password" name="user_pass" /></p><p><input type="submit" value="' . $lang['enter_new_password'] . '" /></p></form>'; $data .= '</form>'; } else { $data .= $lang['invalid_expired_link']; } } else { $data .= $lang['invalid_expired_link']; } } else { $id = $misc->make_db_safe($_POST['rand_id']); $email = $misc->make_db_safe($_POST['email']); $sql = "SELECT forgot_id FROM " . $config['table_prefix_no_lang'] . "forgot WHERE forgot_email = {$email} AND forgot_rand = {$id} AND forgot_time > NOW() - INTERVAL 1 DAY"; $recordSet = $conn->execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $num = $recordSet->RecordCount(); if ($num == 1) { // Delete ID from Forgot list $delete_id = $recordSet->fields['forgot_id']; $sql = "DELETE FROM " . $config['table_prefix_no_lang'] . "forgot WHERE forgot_id = {$delete_id}"; $recordSet = $conn->execute($sql); if ($recordSet === false) { $misc->log_error($sql); } // Set Password $md5_pass = md5($_POST['user_pass']); $md5_pass = $misc->make_db_safe($md5_pass); $sql = "UPDATE " . $config['table_prefix'] . "userdb SET userdb_user_password = {$md5_pass} WHERE userdb_emailaddress = {$email}"; $recordSet = $conn->execute($sql); if ($recordSet === false) { $misc->log_error($sql); } else { $data .= '<center>' . $lang['password_changed'] . '<br /><a href="' . $config['baseurl'] . '/admin/index.php">' . $config['baseurl'] . '/admin/index.php</a></center>'; } } else { $data .= $lang['invalid_expired_link']; } } return $data; }
function validateForm($db_to_validate, $pclass = array()) { // Validates the info being put into the system global $conn, $lang, $config; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); $pass_the_form = "Yes"; // this stuff is input that's already been dealt with // check to if the form should be passed $sql = 'SELECT ' . $db_to_validate . '_required, ' . $db_to_validate . '_field_type, ' . $db_to_validate . '_field_name from ' . $config['table_prefix'] . $db_to_validate; if (count($pclass) > 0 && $db_to_validate == 'listingsformelements') { $sql .= ' WHERE listingsformelements_id IN (SELECT listingsformelements_id FROM ' . $config['table_prefix_no_lang'] . 'classformelements WHERE class_id IN (' . implode(',', $pclass) . '))'; } $recordSet = $conn->Execute($sql); if ($recordSet == false) { $misc->log_error($sql); } while (!$recordSet->EOF) { $required = $recordSet->fields[$db_to_validate . '_required']; $field_type = $recordSet->fields[$db_to_validate . '_field_type']; $field_name = $recordSet->fields[$db_to_validate . '_field_name']; if ($required == "Yes") { if (!isset($_POST[$field_name]) || is_array($_POST[$field_name]) && count($_POST[$field_name]) == 0 || !is_array($_POST[$field_name]) && trim($_POST[$field_name]) == '') { $pass_the_form = "No"; $error[$field_name] = 'REQUIRED'; } } // end if if ($field_type == 'number' && isset($_POST[$field_name]) && !is_numeric($_POST[$field_name]) && $_POST[$field_name] != "") { $pass_the_form = "No"; $error[$field_name] = 'TYPE'; } $recordSet->MoveNext(); } if ($pass_the_form == 'Yes') { return $pass_the_form; } else { return $error; } }
function searchbox_render($browse_caption, $browse_field_name, $pclass, $searchbox_type) { // builds a searchbox for any given item you want // to let users search by global $conn, $config, $lang; $display = ''; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); $time = $misc->getmicrotime(); $class_sql = ''; if (!empty($_GET['pclass'])) { $pclass = $_GET['pclass']; } if (!empty($pclass)) { //$classes = array(); //$classes = explode('|', $_GET['pclass']); foreach ($pclass as $class) { // Ignore non numberic values if (is_numeric($class)) { if (!empty($class_sql)) { $class_sql .= ' OR '; } $class_sql .= $config['table_prefix_no_lang'] . "classlistingsdb.class_id = {$class}"; } } if (!empty($class_sql)) { $class_sql = ' AND (' . $class_sql . ')'; } } //Lookup Field Type $sql_browse_field_name = $misc->make_db_safe($browse_field_name); $sql = "SELECT listingsformelements_field_type FROM " . $config['table_prefix'] . "listingsformelements WHERE listingsformelements_field_name = {$sql_browse_field_name}"; $rsStepLookup = $conn->Execute($sql); if (!$rsStepLookup) { $misc->log_error($sql); } $field_type = $rsStepLookup->fields['listingsformelements_field_type']; unset($rsStepLookup); $sortby = ''; $dateFormat = FALSE; if ($field_type == 'date') { $dateFormat = TRUE; } switch ($field_type) { case 'decimal': $sortby = 'ORDER BY listingsdbelements_field_value+0 ASC'; break; case 'number': global $db_type; if ($db_type == 'mysql') { $sortby = 'ORDER BY CAST(listingsdbelements_field_value as signed) ASC'; } else { $sortby = 'ORDER BY CAST(listingsdbelements_field_value as int4) ASC'; } break; default: $sortby = 'ORDER BY listingsdbelements_field_value ASC'; break; } if (!empty($class_sql)) { if ($config['configured_show_count'] == 1) { $sql = "SELECT listingsdbelements_field_value, count(listingsdbelements_field_value) AS num_type FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsdb," . $config['table_prefix_no_lang'] . "classlistingsdb WHERE listingsdbelements_field_name = '{$browse_field_name}' AND listingsdb_active = 'yes' AND listingsdbelements_field_value <> '' AND " . $config['table_prefix'] . "listingsdbelements.listingsdb_id = " . $config['table_prefix'] . "listingsdb.listingsdb_id AND " . $config['table_prefix'] . "listingsdb.listingsdb_id = " . $config['table_prefix_no_lang'] . "classlistingsdb.listingsdb_id {$class_sql}"; } else { $sql = "SELECT listingsdbelements_field_value FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsdb," . $config['table_prefix_no_lang'] . "classlistingsdb WHERE listingsdbelements_field_name = '{$browse_field_name}' AND listingsdb_active = 'yes' AND listingsdbelements_field_value <> '' AND " . $config['table_prefix'] . "listingsdbelements.listingsdb_id = " . $config['table_prefix'] . "listingsdb.listingsdb_id AND " . $config['table_prefix'] . "listingsdb.listingsdb_id = " . $config['table_prefix_no_lang'] . "classlistingsdb.listingsdb_id {$class_sql}"; } } else { if ($config['configured_show_count'] == 1) { $sql = "SELECT listingsdbelements_field_value, count(listingsdbelements_field_value) AS num_type FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsdb WHERE listingsdbelements_field_name = '{$browse_field_name}' AND listingsdb_active = 'yes' AND listingsdbelements_field_value <> '' AND " . $config['table_prefix'] . "listingsdbelements.listingsdb_id = " . $config['table_prefix'] . "listingsdb.listingsdb_id "; } else { $sql = "SELECT listingsdbelements_field_value FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsdb WHERE listingsdbelements_field_name = '{$browse_field_name}' AND listingsdb_active = 'yes' AND listingsdbelements_field_value <> '' AND " . $config['table_prefix'] . "listingsdbelements.listingsdb_id = " . $config['table_prefix'] . "listingsdb.listingsdb_id "; } } if ($config['use_expiration'] === "1") { $sql .= " AND listingsdb_expiration > " . $conn->DBDate(time()); } $sql .= "GROUP BY " . $config['table_prefix'] . "listingsdbelements.listingsdbelements_field_value {$sortby} "; // echo $sql.'<br />'; $recordSet = $conn->Execute($sql); if (!$recordSet) { $misc->log_error($sql); } //Get Date Format Settins if ($config['date_format'] == 1) { $format = "m/d/Y"; } elseif ($config['date_format'] == 2) { $format = "Y/d/m"; } elseif ($config['date_format'] == 3) { $format = "d/m/Y"; } switch ($searchbox_type) { case 'ptext': $display .= '<tr><td class="searchpage_field_caption">' . $browse_caption . '</td>'; $display .= '<td align="left"><input name="' . $browse_field_name . '[]" type="text"'; if (isset($_GET[$browse_field_name]) && $_GET[$browse_field_name] != '') { $f = htmlspecialchars($_GET[$browse_field_name], ENT_COMPAT, $config['charset']); $display .= 'value="' . $f . '"'; } $display .= ' />'; $display .= '</td></tr>'; break; case 'pulldown': $display .= '<tr><td class="searchpage_field_caption">' . $browse_caption . '</td>'; $display .= '<td align="left"><select name="' . $browse_field_name . '"><option value="">' . $lang['all'] . '</option>'; // if ($rental == "yes") while (!$recordSet->EOF) { $field_output = $misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']); $selected = ''; if (isset($_GET[$browse_field_name]) && $_GET[$browse_field_name] == $field_output) { $selected = 'selected="selected"'; } $num_type = ''; if ($config['configured_show_count'] == 1) { $num_type = $recordSet->fields['num_type']; $num_type = "({$num_type})"; } if ($dateFormat == TRUE) { $display .= '<option value="' . $field_output . '" ' . $selected . '>' . date($format, $field_output) . ' ' . $num_type . '</option>'; } else { if ($field_type == 'number') { $field_display = $misc->international_num_format($field_output, $config['number_decimals_number_fields']); $display .= '<option value="' . $field_output . '" ' . $selected . '>' . $field_display . ' ' . $num_type . '</option>'; } else { $display .= '<option value="' . $field_output . '" ' . $selected . '>' . $field_output . ' ' . $num_type . '</option>'; } } $recordSet->MoveNext(); } // end while $display .= '</select></td></tr>'; break; case 'null_checkbox': $display .= '<tr><td class="searchpage_field_caption">' . $browse_caption . '</td>'; $display .= '<td align="left">'; $num_type = ''; if ($config['configured_show_count'] == 1) { $num_type = $recordSet->fields['num_type']; $num_type = '(' . $num_type . ')'; } $setvalue = ''; if (isset($_GET[$browse_field_name . '-NULL']) && $_GET[$browse_field_name . '-NULL'] == 1) { $setvalue = 'checked="checked"'; } $display .= '<input type="checkbox" name="' . $browse_field_name . '-NULL" ' . $setvalue . ' value="1" />' . $browse_field_name . ' ' . $lang['null_search'] . ' ' . $num_type . '<br />'; $display .= '</td></tr>'; break; case 'notnull_checkbox': $display .= '<tr><td class="searchpage_field_caption">' . $browse_caption . '</td>'; $display .= '<td align="left">'; $num_type = ''; if ($config['configured_show_count'] == 1) { $num_type = $recordSet->fields['num_type']; $num_type = "({$num_type})"; } $setvalue = ''; if (isset($_GET[$browse_field_name . '-NOTNULL']) && $_GET[$browse_field_name . '-NOTNULL'] == 1) { $setvalue = 'checked="checked"'; } $display .= '<input type="checkbox" name="' . $browse_field_name . '-NOTNULL" ' . $setvalue . ' value="1" />' . $browse_field_name . ' ' . $lang['notnull_search'] . ' ' . $num_type . '<br />'; $display .= '</td></tr>'; break; case 'select': $display .= '<tr><td class="searchpage_field_caption">' . $browse_caption . '</td>'; $display .= '<td align="left"><select name="' . $browse_field_name . '[]" size="5" multiple="multiple">'; $selected = ''; if (isset($_GET[$browse_field_name]) && is_array($_GET[$browse_field_name])) { if (in_array('', $_GET[$browse_field_name])) { $selected = 'selected="selected"'; } } $display .= '<option value="" ' . $selected . '>' . $lang['all'] . '</option>'; while (!$recordSet->EOF) { $field_output = $misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']); $selected = ''; if (isset($_GET[$browse_field_name]) && is_array($_GET[$browse_field_name])) { if (in_array($field_output, $_GET[$browse_field_name])) { $selected = 'selected="selected"'; } } $num_type = ''; if ($config['configured_show_count'] == 1) { $num_type = $recordSet->fields['num_type']; $num_type = "({$num_type})"; } if ($dateFormat == TRUE) { $display .= '<option value="' . $field_output . '" ' . $selected . '>' . date($format, $field_output) . ' ' . $num_type . '</option>'; } else { if ($field_type == 'number') { $field_display = $misc->international_num_format($field_output, $config['number_decimals_number_fields']); $display .= '<option value="' . $field_output . '" ' . $selected . '>' . $field_display . ' ' . $num_type . '</option>'; } else { $display .= '<option value="' . $field_output . '" ' . $selected . '>' . $field_output . ' ' . $num_type . '</option>'; } } $recordSet->MoveNext(); } // end while $display .= '</select></td></tr>'; break; case 'select_or': $display .= '<tr><td class="searchpage_field_caption">' . $browse_caption . '</td>'; $display .= '<td align="left"><select name="' . $browse_field_name . '_or[]" size="5" multiple="multiple">'; $selected = ''; if (isset($_GET[$browse_field_name]) && is_array($_GET[$browse_field_name])) { if (in_array('', $_GET[$browse_field_name])) { $selected = 'selected="selected"'; } } $display .= '<option value="" ' . $selected . '>' . $lang['all'] . '</option>'; while (!$recordSet->EOF) { $field_output = $misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']); $selected = ''; if (isset($_GET[$browse_field_name]) && is_array($_GET[$browse_field_name])) { if (in_array($field_output, $_GET[$browse_field_name])) { $selected = 'selected="selected"'; } } $num_type = ''; if ($config['configured_show_count'] == 1) { $num_type = $recordSet->fields['num_type']; $num_type = "({$num_type})"; } if ($dateFormat == TRUE) { $display .= '<option value="' . $field_output . '" ' . $selected . '>' . date($format, $field_output) . ' ' . $num_type . '</option>'; } else { if ($field_type == 'number') { $field_display = $misc->international_num_format($field_output, $config['number_decimals_number_fields']); $display .= '<option value="' . $field_output . '" ' . $selected . '>' . $field_display . ' ' . $num_type . '</option>'; } else { $display .= '<option value="' . $field_output . '" ' . $selected . '>' . $field_output . ' ' . $num_type . '</option>'; } } $recordSet->MoveNext(); } // end while $display .= '</select></td></tr>'; break; case 'checkbox': $display .= '<tr><td class="searchpage_field_caption">' . $browse_caption . '</td>'; $display .= '<td align="left">'; while (!$recordSet->EOF) { $field_output = $misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']); $selected = ''; if (isset($_GET[$browse_field_name]) && is_array($_GET[$browse_field_name])) { if (in_array($field_output, $_GET[$browse_field_name])) { $selected = 'checked="checked"'; } } $num_type = ''; if ($config['configured_show_count'] == 1) { $num_type = $recordSet->fields['num_type']; $num_type = "({$num_type})"; } if ($dateFormat == TRUE) { $display .= '<input type="checkbox" name="' . $browse_field_name . '[]" value="' . $field_output . '" ' . $selected . ' />' . date($format, $field_output) . ' ' . $num_type . ''; $display .= $config['search_list_separator']; } else { if ($field_type == 'number') { $field_display = $misc->international_num_format($field_output, $config['number_decimals_number_fields']); $display .= '<input type="checkbox" name="' . $browse_field_name . '[]" value="' . $field_output . '" ' . $selected . ' />' . $field_display . ' ' . $num_type . ''; $display .= $config['search_list_separator']; } else { $display .= '<input type="checkbox" name="' . $browse_field_name . '[]" value="' . $field_output . '" ' . $selected . ' />' . $field_output . ' ' . $num_type . ''; $display .= $config['search_list_separator']; } } $recordSet->MoveNext(); } // end while $display .= '</td></tr>'; break; case 'checkbox_or': $display .= '<tr><td class="searchpage_field_caption">' . $browse_caption . '</td>'; $display .= '<td align="left">'; while (!$recordSet->EOF) { $field_output = $misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']); $selected = ''; if (isset($_GET[$browse_field_name]) && is_array($_GET[$browse_field_name])) { if (in_array($field_output, $_GET[$browse_field_name])) { $selected = 'checked="checked"'; } } $num_type = ''; if ($config['configured_show_count'] == 1) { $num_type = $recordSet->fields['num_type']; $num_type = "({$num_type})"; } if ($dateFormat == TRUE) { $display .= '<input type="checkbox" name="' . $browse_field_name . '_or[]" value="' . $field_output . '" ' . $selected . ' />' . date($format, $field_output) . ' ' . $num_type . ''; $display .= $config['search_list_separator']; } else { if ($field_type == 'number') { $field_display = $misc->international_num_format($field_output, $config['number_decimals_number_fields']); $display .= '<input type="checkbox" name="' . $browse_field_name . '_or[]" value="' . $field_output . '" ' . $selected . ' />' . $field_display . ' ' . $num_type . ''; $display .= $config['search_list_separator']; } else { $display .= '<input type="checkbox" name="' . $browse_field_name . '_or[]" value="' . $field_output . '" ' . $selected . ' />' . $field_output . ' ' . $num_type . ''; $display .= $config['search_list_separator']; } } $recordSet->MoveNext(); } // end while $display .= '</td></tr>'; break; case 'option': $display .= '<tr><td class="searchpage_field_caption">' . $browse_caption . '</td>'; $display .= '<td align="left">'; while (!$recordSet->EOF) { $field_output = $misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']); $selected = ''; if (isset($_GET[$browse_field_name]) && $_GET[$browse_field_name] == $field_output) { $selected = 'checked="checked"'; } $num_type = ''; if ($config['configured_show_count'] == 1) { $num_type = $recordSet->fields['num_type']; $num_type = "({$num_type})"; } if ($dateFormat == TRUE) { $display .= '<input type="radio" name="' . $browse_field_name . '" value="' . $field_output . '" ' . $selected . ' />' . date($format, $field_output) . ' ' . $num_type . ''; $display .= $config['search_list_separator']; } else { if ($field_type == 'number') { $field_display = $misc->international_num_format($field_output, $config['number_decimals_number_fields']); $display .= '<input type="radio" name="' . $browse_field_name . '" value="' . $field_output . '" ' . $selected . ' />' . $field_display . ' ' . $num_type . ''; $display .= $config['search_list_separator']; } else { $display .= '<input type="radio" name="' . $browse_field_name . '" value="' . $field_output . '" ' . $selected . ' />' . $field_output . ' ' . $num_type . ''; $display .= $config['search_list_separator']; } } $recordSet->MoveNext(); } // end while $display .= '</td></tr>'; break; case 'optionlist': $display .= '<tr><td class="searchpage_field_caption">' . $browse_caption . '</td>'; $display .= '<td align="left"><select name="' . $browse_field_name . '[]" multiple="multiple" size="6">'; $r = $conn->execute("select listingsformelements_field_elements from " . $config['table_prefix'] . "listingsformelements where listingsformelements_field_name = '{$browse_field_name}'"); $r = $r->fields['listingsformelements_field_elements']; $r = explode('||', $r); sort($r); foreach ($r as $f) { $selected = ''; if (isset($_GET[$browse_field_name]) && is_array($_GET[$browse_field_name])) { if (in_array($f, $_GET[$browse_field_name])) { $selected = 'selected="selected"'; } } $f = htmlspecialchars($f, ENT_COMPAT, $config['charset']); $display .= '<option value="' . $f . '" ' . $selected . '>' . $f . '</option>'; } $display .= '</select></td></tr>'; break; case 'optionlist_or': $display .= '<tr><td class="searchpage_field_caption">' . $browse_caption . '</td>'; $display .= '<td align="left"><select name="' . $browse_field_name . '_or[]" multiple="multiple" size="6">'; $r = $conn->execute("select listingsformelements_field_elements from " . $config['table_prefix'] . "listingsformelements where listingsformelements_field_name = '{$browse_field_name}'"); $r = $r->fields['listingsformelements_field_elements']; $r = explode('||', $r); sort($r); foreach ($r as $f) { $selected = ''; if (isset($_GET[$browse_field_name]) && is_array($_GET[$browse_field_name])) { if (in_array($f, $_GET[$browse_field_name])) { $selected = 'selected="selected"'; } } $f = htmlspecialchars($f, ENT_COMPAT, $config['charset']); $display .= '<option value="' . $f . '" ' . $selected . '>' . $f . '</option>'; } $display .= '</select></td></tr>'; break; case 'fcheckbox': $display .= '<tr><td class="searchpage_field_caption">' . $browse_caption . '</td>'; $display .= '<td align="left">'; $r = $conn->Execute("select listingsformelements_field_elements from " . $config['table_prefix'] . "listingsformelements where listingsformelements_field_name = '{$browse_field_name}'"); $r = $r->fields['listingsformelements_field_elements']; $r = explode('||', $r); sort($r); foreach ($r as $f) { $selected = ''; if (isset($_GET[$browse_field_name]) && is_array($_GET[$browse_field_name])) { if (in_array($f, $_GET[$browse_field_name])) { $selected = 'checked="checked"'; } } $f = htmlspecialchars($f, ENT_COMPAT, $config['charset']); $display .= '<input type="checkbox" name="' . $browse_field_name . '[]" value="' . $f . '" ' . $selected . ' />' . $f . ''; $display .= $config['search_list_separator']; } $display .= '</td></tr>'; break; case 'fcheckbox_or': $display .= '<tr><td class="searchpage_field_caption">' . $browse_caption . '</td>'; $display .= '<td align="left">'; $r = $conn->Execute("select listingsformelements_field_elements from " . $config['table_prefix'] . "listingsformelements where listingsformelements_field_name = '{$browse_field_name}'"); $r = $r->fields['listingsformelements_field_elements']; $r = explode('||', $r); sort($r); foreach ($r as $f) { $selected = ''; if (isset($_GET[$browse_field_name]) && is_array($_GET[$browse_field_name])) { if (in_array($f, $_GET[$browse_field_name])) { $selected = 'checked="checked"'; } } $f = htmlspecialchars($f, ENT_COMPAT, $config['charset']); $display .= '<input type="checkbox" name="' . $browse_field_name . '_or[]" value="' . $f . '" ' . $selected . ' />' . $f . ''; $display .= $config['search_list_separator']; } $display .= '</td></tr>'; break; case 'fpulldown': $display .= '<tr><td class="searchpage_field_caption">' . $browse_caption . '</td>'; $display .= '<td align="left">'; $display .= '<select name="' . $browse_field_name . '"><option value="">' . $lang['all'] . '</option>'; $r = $conn->Execute("select listingsformelements_field_elements from " . $config['table_prefix'] . "listingsformelements where listingsformelements_field_name = '{$browse_field_name}'"); $r = $r->fields['listingsformelements_field_elements']; $r = explode('||', $r); sort($r); foreach ($r as $f) { $selected = ''; if (isset($_GET[$browse_field_name]) && $_GET[$browse_field_name] == $f) { $selected = 'selected="selected"'; } $f = htmlspecialchars($f, ENT_COMPAT, $config['charset']); $display .= '<option value="' . $f . '" ' . $selected . '>' . $f . '</option>'; } $display .= '</select></td></tr>'; break; case 'daterange': static $js_added; $display = ''; if (!$js_added) { // add date $display .= '<script type="text/javascript" src="' . $config['baseurl'] . '/dateformat.js"></script>' . "\r\n"; $js_added = true; } $display .= '<tr><td class="searchpage_field_caption">' . $browse_caption . '</td><td align="left">'; $setvalue = ''; if (isset($_GET[$browse_field_name . '-mindate']) && $_GET[$browse_field_name . '-mindate'] != '') { $f = htmlspecialchars($_GET[$browse_field_name . '-mindate'], ENT_COMPAT, $config['charset']); $setvalue = 'value="' . $f . '"'; } $display .= $lang['from'] . ' <input type="text" name="' . $browse_field_name . '-mindate" ' . $setvalue . ' onFocus="javascript:vDateType=\'' . $config['date_format'] . '\'" onKeyUp="DateFormat(this,this.value,event,false,\'' . $config['date_format'] . '\')" onBlur="DateFormat(this,this.value,event,true,\'' . $config['date_format'] . '\')" /> (' . $config["date_format_long"] . ')<br />'; $setvalue = ''; if (isset($_GET[$browse_field_name . '-maxdate']) && $_GET[$browse_field_name . '-maxdate'] != '') { $f = htmlspecialchars($_GET[$browse_field_name . '-maxdate'], ENT_COMPAT, $config['charset']); $setvalue = 'value="' . $f . '"'; } $display .= $lang['to'] . '<input type="text" name="' . $browse_field_name . '-maxdate" ' . $setvalue . ' onFocus="javascript:vDateType=\'' . $config['date_format'] . '\'" onKeyUp="DateFormat(this,this.value,event,false,\'' . $config['date_format'] . '\')" onBlur="DateFormat(this,this.value,event,true,\'' . $config['date_format'] . '\')" /> (' . $config["date_format_long"] . ')'; $display .= '</td></tr>'; break; case 'singledate': static $js_added; $display = ''; if (!$js_added) { // add date $display .= '<script type="text/javascript" src="' . $config['baseurl'] . '/dateformat.js"></script>' . "\r\n"; $js_added = true; } $display .= '<tr><td class="searchpage_field_caption">' . $browse_caption . '</td><td align="left">'; $setvalue = ''; if (isset($_GET[$browse_field_name . '-date']) && $_GET[$browse_field_name . '-date'] != '') { $f = htmlspecialchars($_GET[$browse_field_name . '-date'], ENT_COMPAT, $config['charset']); $setvalue = 'value="' . $f . '"'; } $display .= ' <input type="text" name="' . $browse_field_name . '-date" ' . $setvalue . ' onFocus="javascript:vDateType=\'' . $config['date_format'] . '\'" onKeyUp="DateFormat(this,this.value,event,false,\'' . $config['date_format'] . '\')" onBlur="DateFormat(this,this.value,event,true,\'' . $config['date_format'] . '\')" /> (' . $config["date_format_long"] . ')'; $display .= '</td></tr>'; break; case 'minmax': $display = ''; $display .= '<tr><td class="searchpage_field_caption">' . $browse_caption . '</td><td align="left">'; $sql = "SELECT listingsformelements_field_type, listingsformelements_search_step FROM " . $config['table_prefix'] . "listingsformelements WHERE listingsformelements_field_name = '{$browse_field_name}'"; $rsStepLookup = $conn->Execute($sql); if (!$rsStepLookup) { $misc->log_error($sql); } // Get max, min and step $step = $rsStepLookup->fields['listingsformelements_search_step']; $field_type = $rsStepLookup->fields['listingsformelements_field_type']; unset($rsStepLookup); //Manual Step Values if (strpos($step, '|') !== FALSE) { $step_array = explode('|', $step); if (!isset($step_array[0]) || !isset($step_array[1])) { //Bad Step Array Fail exit; } $min = intval($step_array[0]); $max = intval($step_array[1]); if (isset($step_array[2])) { $step = intval($step_array[2]); } else { $step = 0; } } else { if (empty($class_sql)) { $field_list = $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsdb WHERE\n\t\t\t\t\t\t\t" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = " . $config['table_prefix'] . "listingsdb.listingsdb_id"; } else { $field_list = $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsdb, " . $config['table_prefix_no_lang'] . "classlistingsdb\n\t\t\t\t\t\t\t WHERE " . $config['table_prefix'] . "listingsdbelements.listingsdb_id = " . $config['table_prefix'] . "listingsdb.listingsdb_id AND\n\t\t\t\t\t\t\t " . $config['table_prefix_no_lang'] . "classlistingsdb.listingsdb_id = " . $config['table_prefix'] . "listingsdb.listingsdb_id"; } global $db_type; if ($db_type == 'mysql') { if ($field_type == 'decimal') { $max = $conn->Execute("select max(listingsdbelements_field_value+0) as max FROM {$field_list} AND listingsdbelements_field_name = '{$browse_field_name}'" . $class_sql); $max = $max->fields['max']; $min = $conn->Execute("select min(listingsdbelements_field_value+0) as min FROM {$field_list} AND listingsdbelements_field_name = '{$browse_field_name}'" . $class_sql); $min = $min->fields['min']; } else { $max = $conn->Execute("select max(CAST(listingsdbelements_field_value as signed)) as max FROM {$field_list} AND listingsdbelements_field_name = '{$browse_field_name}'" . $class_sql); $max = $max->fields['max']; $min = $conn->Execute("select min(CAST(listingsdbelements_field_value as signed)) as min FROM {$field_list} AND listingsdbelements_field_name = '{$browse_field_name}'" . $class_sql); $min = $min->fields['min']; if ($field_type == 'price') { $min = substr_replace($min, '000', -3); } } } else { if ($field_type == 'decimal') { $max = $conn->Execute("select max(listingsdbelements_field_value+0) as max FROM {$field_list} AND listingsdbelements_field_name = '{$browse_field_name}'" . $class_sql); $max = $max->fields['max']; $min = $conn->Execute("select min(listingsdbelements_field_value+0) as min FROM {$field_list} AND listingsdbelements_field_name = '{$browse_field_name}'" . $class_sql); $min = $min->fields['min']; } else { $max = $conn->Execute("select max(CAST(listingsdbelements_field_value as int4)) as max FROM {$field_list} AND listingsdbelements_field_name = '{$browse_field_name}'" . $class_sql); $max = $max->fields['max']; $min = $conn->Execute("select min(CAST(listingsdbelements_field_value as int4)) as min FROM {$field_list} AND listingsdbelements_field_name = '{$browse_field_name}'" . $class_sql); $min = $min->fields['min']; if ($field_type == 'price') { $min = substr_replace($min, '000', -3); } } } } if ($step == 0) { if ($max > $min) { $step = ceil(($max - $min) / 10); } else { $step = ceil($max / 10); } } if ($config["search_step_max"] >= '1') { $step_val = ($max - $min) / $config["search_step_max"]; if ($step_val > $step) { $step = $step_val; } } $display .= '<select name="' . $browse_field_name . '-min">' . "\n"; $options = '<option value="">' . $lang['all'] . '</option>' . "\n"; if ($field_type == 'price') { $i = $min; while ($i < $max) { $z = $misc->international_num_format($i, $config['number_decimals_price_fields']); $z = $misc->money_formats($z); $selected = ''; if (isset($_GET[$browse_field_name . '-min']) && $_GET[$browse_field_name . '-min'] == $i) { $selected = 'selected="selected"'; } $options .= '<option value="' . $i . '" ' . $selected . '>' . $z . '</option>'; $i += $step; } $z = $misc->international_num_format($max, $config['number_decimals_price_fields']); $z = $misc->money_formats($z); $selected = ''; if (isset($_GET[$browse_field_name . '-min']) && $_GET[$browse_field_name . '-min'] == $i) { $selected = 'selected="selected"'; } $options .= '<option value="' . $max . '" ' . $selected . '>' . $z . '</option>'; } else { $i = $min; while ($i < $max) { $selected = ''; if (isset($_GET[$browse_field_name . '-min']) && $_GET[$browse_field_name . '-min'] == $i) { $selected = 'selected="selected"'; } $options .= '<option ' . $selected . '>' . $i . '</option>'; $i += $step; } $selected = ''; if (isset($_GET[$browse_field_name . '-min']) && $_GET[$browse_field_name . '-min'] == $max) { $selected = 'selected="selected"'; } $options .= '<option ' . $selected . '>' . $max . '</option>'; } $options .= '</select>'; $display .= $options . ' ' . $lang['to'] . '<br />'; $options = '<option value="">' . $lang['all'] . '</option>' . "\n"; if ($field_type == 'price') { $i = $min; while ($i < $max) { $z = $misc->international_num_format($i, $config['number_decimals_price_fields']); $z = $misc->money_formats($z); $selected = ''; if (isset($_GET[$browse_field_name . '-max']) && $_GET[$browse_field_name . '-max'] == $i) { $selected = 'selected="selected"'; } $options .= '<option value="' . $i . '" ' . $selected . '>' . $z . '</option>'; $i += $step; } $z = $misc->international_num_format($max, $config['number_decimals_price_fields']); $z = $misc->money_formats($z); $selected = ''; if (isset($_GET[$browse_field_name . '-max']) && $_GET[$browse_field_name . '-max'] == $i) { $selected = 'selected="selected"'; } $options .= '<option value="' . $max . '" ' . $selected . '>' . $z . '</option>'; } else { $i = $min; while ($i < $max) { $selected = ''; if (isset($_GET[$browse_field_name . '-max']) && $_GET[$browse_field_name . '-max'] == $i) { $selected = 'selected="selected"'; } $options .= '<option ' . $selected . '>' . $i . '</option>'; $i += $step; } $selected = ''; if (isset($_GET[$browse_field_name . '-max']) && $_GET[$browse_field_name . '-max'] == $max) { $selected = 'selected="selected"'; } $options .= '<option ' . $selected . '>' . $max . '</option>'; } $options .= '</select>'; $display .= '<select name="' . $browse_field_name . '-max">' . $options . '</td></tr>'; break; } // End switch ($searchbox_type) $time2 = $misc->getmicrotime(); $render_time = sprintf('%.3f', $time2 - $time); $display .= "\r\n" . '<!--Search Box ' . $browse_field_name . ' Render Time ' . $render_time . ' -->' . "\r\n"; return $display; }
function clear_log() { global $conn, $config, $lang; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); $display = ''; $display .= "<h3>{$lang['log_delete']}</h3>"; // Check for Admin privs before doing anything if ($_SESSION['admin_privs'] == "yes") { // find the number of log items $sql = "TRUNCATE TABLE " . $config['table_prefix'] . "activitylog"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); $display .= "{$lang['log_clear_error']}"; } else { $display .= "{$lang['log_cleared']}"; $misc->log_action($lang['log_reset']); } } else { $display .= "{$lang['clear_log_need_privs']}"; } $display .= '<br /><a href="' . $config['baseurl'] . '/admin/index.php?action=view_log">' . $lang['admin_view_log'] . '</a>'; return $display; }
function add_page() { global $conn, $lang, $config; $security = login::loginCheck('editpages', true); $display = ''; if ($security === true) { require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); // Do we need to save? if (isset($_POST['edit'])) { // Save page now $save_full = $_POST['ta']; $save_title = $misc->make_db_safe($_POST['title']); $save_description = $misc->make_db_safe($_POST['description']); $save_keywords = $misc->make_db_safe($_POST['keywords']); // $save_full_xhtml = urldecode($save_full); // $save_full_xhtml = $this->html2xhtml($save_full_xhtml); $save_full_xhtml = $misc->make_db_safe(editor::htmlEncodeText($save_full), TRUE); $sql = "INSERT INTO " . $config['table_prefix'] . "pagesmain (pagesmain_full,pagesmain_title,pagesmain_date,pagesmain_summary,pagesmain_no_visitors,pagesmain_complete,pagesmain_description,pagesmain_keywords) VALUES ({$save_full_xhtml},{$save_title}," . $conn->DBDate(time()) . ",'',0,1,{$save_description},{$save_keywords})"; $recordSet = $conn->Execute($sql); if (!$recordSet) { $misc->log_error($sql); } $display .= "<center><b>{$lang['page_saved']}</b></center><br />"; $display .= $this->page_list(); $display .= '<form action="index.php?action=edit_page" method="post" id="edit" name="edit">'; $html = ''; $sql = "SELECT pagesmain_full, pagesmain_title, pagesmain_complete, pagesmain_id, pagesmain_description, pagesmain_keywords FROM " . $config['table_prefix'] . "pagesmain WHERE pagesmain_title = " . $save_title; $recordSet = $conn->Execute($sql); if (!$recordSet) { $misc->log_error($sql); } // Save PageID to Session for Image Upload Plugin $_SESSION['PageID'] = $recordSet->fields['pagesmain_id']; // Pull the page from the database $display .= "<input type=\"hidden\" name=\"edit\" value=\"yes\" />"; $display .= "<input type=\"hidden\" name=\"PageID\" value=\"" . $_SESSION['PageID'] . "\" />"; $html = $misc->make_db_unsafe($recordSet->fields['pagesmain_full']); $title = $misc->make_db_unsafe($recordSet->fields['pagesmain_title']); $description = $misc->make_db_unsafe($recordSet->fields['pagesmain_description']); $keywords = $misc->make_db_unsafe($recordSet->fields['pagesmain_keywords']); // $complete = $misc->make_db_unsafe($recordSet->fields['pagesmain_complete']); $display .= $lang['title'] . ' <input type="text" name="title" value="' . $title . '" /><br /><br />'; $display .= $lang['page_meta_description'] . ' <input type="text" size="50" name="description" value="' . $description . '" /><br /><br />'; $display .= $lang['page_meta_keywords'] . ' <input type="text" size="50" name="keywords" value="' . $keywords . '" /><br /><br />'; $display .= '<textarea name="ta" id="ta" style="height: 350px; width: 100%;">' . $html . '</textarea>'; $display .= '<input type="submit" name="ok" value="' . $lang['submit'] . '" style="margin-top:3px;"/>'; $display .= '</form>'; if ($_SESSION['PageID'] != '') { $display .= '<form action="index.php?action=edit_page" method="post" id="delete" style="margin-top:3px;">'; $display .= '<input type="hidden" name="delete" value="yes" />'; $display .= '<input type="hidden" name="PageID" value="' . $_SESSION['PageID'] . '" />'; $display .= '<input type="submit" name="ok" value="' . $lang['delete_page'] . '" />'; $display .= '</form>'; } } else { $display .= $this->page_list(); $display .= '<form action="index.php?action=add_page" method="post" id="edit" name="edit">'; $display .= "<input type=\"hidden\" name=\"edit\" value=\"yes\" />"; $display .= $lang['title'] . ' <input type="text" name="title" value="" /><br /><br />'; $display .= $lang['page_meta_description'] . ' <input type="text" size="50" name="description" value="" /><br /><br />'; $display .= $lang['page_meta_keywords'] . ' <input type="text" size="50" name="keywords" value="" /><br /><br />'; $display .= '<textarea name="ta" id="ta" style="height: 30em; width: 100%;"></textarea>'; $display .= '<input type="submit" name="ok" value="' . $lang['submit'] . '" style="margin-top:3px;" />'; $display .= '</form>'; } } else { $display .= '<div class="error_text">' . $lang['access_denied'] . '</div>'; } return $display; }
function replace_listing_field_tags($listing_id, $tempate_section = '', $utf8HTML = false) { global $lang; if (is_numeric($listing_id)) { global $config, $conn, $or_replace_listing_id, $or_replace_listing_owner; $or_replace_listing_id = $listing_id; require_once $config['basepath'] . '/include/listing.inc.php'; require_once $config['basepath'] . '/include/vtour.inc.php'; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); if ($tempate_section != '') { $tsection = true; } else { $tempate_section = $this->page; $tsection = false; } if ($utf8HTML) { //Deal with listing field blocks $lf_blocks = array(); preg_match_all('/{listing_field_([^{}]*?)_block}/', $tempate_section, $lf_blocks); require_once $config['basepath'] . '/include/user.inc.php'; global $or_replace_listing_owner; if (count($lf_blocks) > 1) { foreach ($lf_blocks[1] as $block) { require_once $config['basepath'] . '/include/listing.inc.php'; $value = listing_pages::renderSingleListingItem($or_replace_listing_id, $block, 'rawvalue'); if ($value == '') { $tempate_section = preg_replace('/{listing_field_' . $block . '_block}(.*?){\\/listing_field_' . $block . '_block}/is', '', $tempate_section); } else { $tempate_section = str_replace('{listing_field_' . $block . '_block}', '', $tempate_section); $tempate_section = str_replace('{/listing_field_' . $block . '_block}', '', $tempate_section); } } } // Handle Caption Only $tempate_section = preg_replace_callback('/{listing_field_([^{}]*?)_caption}/', create_function('$matches', 'global $config,$or_replace_listing_id,$lang;require_once($config[\'basepath\'].\'/include/listing.inc.php\'); return htmlentities(utf8_encode(listing_pages::renderSingleListingItem($or_replace_listing_id, $matches[1],\'caption\')), ENT_QUOTES, \'UTF-8\');'), $tempate_section); // Hanle Value Only $tempate_section = preg_replace_callback('/{listing_field_([^{}]*?)_value}/', create_function('$matches', 'global $config,$or_replace_listing_id,$lang;require_once($config[\'basepath\'].\'/include/listing.inc.php\'); return htmlentities(utf8_encode(listing_pages::renderSingleListingItem($or_replace_listing_id, $matches[1],\'value\')), ENT_QUOTES, \'UTF-8\');'), $tempate_section); // Handle Raw Value $tempate_section = preg_replace_callback('/{listing_field_([^{}]*?)_rawvalue}/', create_function('$matches', 'global $config,$or_replace_listing_id,$lang;require_once($config[\'basepath\'].\'/include/listing.inc.php\'); return htmlentities(utf8_encode(listing_pages::renderSingleListingItem($or_replace_listing_id, $matches[1],\'rawvalue\')), ENT_QUOTES, \'UTF-8\');'), $tempate_section); // Handle Both Caption and Value $tempate_section = preg_replace_callback('/{listing_field_([^{}]*?)}/', create_function('$matches', 'global $config,$or_replace_listing_id,$lang;require_once($config[\'basepath\'].\'/include/listing.inc.php\'); return htmlentities(utf8_encode(listing_pages::renderSingleListingItem($or_replace_listing_id, $matches[1])), ENT_QUOTES, \'UTF-8\');'), $tempate_section); $value = htmlentities(utf8_encode(listing_pages::get_title($listing_id)), ENT_QUOTES, 'UTF-8'); $tempate_section = str_replace('{listing_title}', $value, $tempate_section); $value = listing_pages::get_title($listing_id); if ($config["controlpanel_mbstring_enabled"] == 1) { if (mb_detect_encoding($value) != 'UTF-8') { $value = utf8_encode($value); } } $tempate_section = str_replace('{rss_listing_title}', $value, $tempate_section); $value = htmlentities(utf8_encode(listing_pages::getListingAgent($listing_id)), ENT_QUOTES, 'UTF-8'); $tempate_section = str_replace('{listing_agent_name}', $value, $tempate_section); $value = htmlentities(utf8_encode(listing_pages::getListingAgentFirstName($listing_id)), ENT_QUOTES, 'UTF-8'); $tempate_section = str_replace('{listing_agent_first_name}', $value, $tempate_section); $value = htmlentities(utf8_encode(listing_pages::getListingAgentLastName($listing_id)), ENT_QUOTES, 'UTF-8'); $tempate_section = str_replace('{listing_agent_last_name}', $value, $tempate_section); $value = htmlentities(utf8_encode(listing_pages::getListingAgentLink($listing_id)), ENT_QUOTES, 'UTF-8'); $tempate_section = str_replace('{listing_agent_link}', $value, $tempate_section); $value = htmlentities(utf8_encode(listing_pages::get_pclass($listing_id)), ENT_QUOTES, 'UTF-8'); $tempate_section = str_replace('{listing_pclass}', $value, $tempate_section); $value = htmlentities(utf8_encode(listing_pages::getAgentListingsLink($listing_id)), ENT_QUOTES, 'UTF-8'); $tempate_section = str_replace('{listing_agent_listings}', $value, $tempate_section); $value = htmlentities(utf8_encode(listing_pages::getListingAgentID($listing_id)), ENT_QUOTES, 'UTF-8'); $tempate_section = str_replace('{listing_agent_id}', $value, $tempate_section); // Get listing owner $owner_sql = 'SELECT userdb_id FROM ' . $config['table_prefix'] . 'listingsdb WHERE (listingsdb_id = ' . $or_replace_listing_id . ')'; $recordSet = $conn->execute($owner_sql); $or_replace_listing_owner = $recordSet->fields['userdb_id']; //New listing_agent_field_****_block tag handler for 2.4.1 $laf_blocks = array(); preg_match_all('/{listing_agent_field_([^{}]*?)_block}/', $tempate_section, $laf_blocks); require_once $config['basepath'] . '/include/user.inc.php'; global $or_replace_listing_owner; if (count($laf_blocks) > 1) { foreach ($laf_blocks[1] as $block) { $value = user::renderSingleListingItem($or_replace_listing_owner, $block, 'rawvalue'); if ($value == '') { $tempate_section = preg_replace('/{listing_agent_field_' . $block . '_block}(.*?){\\/listing_agent_field_' . $block . '_block}/is', '', $tempate_section); } else { $tempate_section = str_replace('{listing_agent_field_' . $block . '_block}', '', $tempate_section); $tempate_section = str_replace('{/listing_agent_field_' . $block . '_block}', '', $tempate_section); } } } // Replace listing_agent tags // Handle Caption Only $tempate_section = preg_replace_callback('/{listing_agent_field_([^{}]*?)_caption}/', create_function('$matches', 'global $config,$or_replace_listing_owner,$lang;require_once($config[\'basepath\'].\'/include/user.inc.php\'); return htmlentities(utf8_encode(user::renderSingleListingItem($or_replace_listing_owner, $matches[1],\'caption\')), ENT_QUOTES, \'UTF-8\');'), $tempate_section); // Hanle Value Only $tempate_section = preg_replace_callback('/{listing_agent_field_([^{}]*?)_value}/', create_function('$matches', 'global $config,$or_replace_listing_owner,$lang;require_once($config[\'basepath\'].\'/include/user.inc.php\'); return htmlentities(utf8_encode(user::renderSingleListingItem($or_replace_listing_owner, $matches[1],\'value\')), ENT_QUOTES, \'UTF-8\');'), $tempate_section); // Handle Raw Value $tempate_section = preg_replace_callback('/{listing_agent_field_([^{}]*?)_rawvalue}/', create_function('$matches', 'global $config,$or_replace_listing_owner,$lang;require_once($config[\'basepath\'].\'/include/user.inc.php\'); return htmlentities(utf8_encode(user::renderSingleListingItem($or_replace_listing_owner, $matches[1],\'rawvalue\')), ENT_QUOTES, \'UTF-8\');'), $tempate_section); // Handle Both Caption and Value $tempate_section = preg_replace_callback('/{listing_agent_field_([^{}]*?)}/', create_function('$matches', 'global $config,$or_replace_listing_owner,$lang;require_once($config[\'basepath\'].\'/include/user.inc.php\'); return htmlentities(utf8_encode(user::renderSingleListingItem($or_replace_listing_owner, $matches[1])), ENT_QUOTES, \'UTF-8\');'), $tempate_section); } else { //Deal with listing field blocks $lf_blocks = array(); preg_match_all('/{listing_field_([^{}]*?)_block}/', $tempate_section, $lf_blocks); require_once $config['basepath'] . '/include/user.inc.php'; global $or_replace_listing_owner; if (count($lf_blocks) > 1) { foreach ($lf_blocks[1] as $block) { require_once $config['basepath'] . '/include/listing.inc.php'; $value = listing_pages::renderSingleListingItem($or_replace_listing_id, $block, 'rawvalue'); if ($value == '') { $tempate_section = preg_replace('/{listing_field_' . $block . '_block}(.*?){\\/listing_field_' . $block . '_block}/is', '', $tempate_section); } else { $tempate_section = str_replace('{listing_field_' . $block . '_block}', '', $tempate_section); $tempate_section = str_replace('{/listing_field_' . $block . '_block}', '', $tempate_section); } } } // Handle Caption Only $tempate_section = preg_replace_callback('/{listing_field_([^{}]*?)_caption}/', create_function('$matches', 'global $config,$or_replace_listing_id,$lang;require_once($config[\'basepath\'].\'/include/listing.inc.php\'); return listing_pages::renderSingleListingItem($or_replace_listing_id, $matches[1],\'caption\');'), $tempate_section); // Hanle Value Only $tempate_section = preg_replace_callback('/{listing_field_([^{}]*?)_value}/', create_function('$matches', 'global $config,$or_replace_listing_id,$lang;require_once($config[\'basepath\'].\'/include/listing.inc.php\'); return listing_pages::renderSingleListingItem($or_replace_listing_id, $matches[1],\'value\');'), $tempate_section); // Handle Raw Value $tempate_section = preg_replace_callback('/{listing_field_([^{}]*?)_rawvalue}/', create_function('$matches', 'global $config,$or_replace_listing_id,$lang;require_once($config[\'basepath\'].\'/include/listing.inc.php\'); return listing_pages::renderSingleListingItem($or_replace_listing_id, $matches[1],\'rawvalue\');'), $tempate_section); // Handle Both Caption and Value $tempate_section = preg_replace_callback('/{listing_field_([^{}]*?)}/', create_function('$matches', 'global $config,$or_replace_listing_id,$lang;require_once($config[\'basepath\'].\'/include/listing.inc.php\'); return listing_pages::renderSingleListingItem($or_replace_listing_id, $matches[1]);'), $tempate_section); $value = listing_pages::get_title($listing_id); $tempate_section = str_replace('{listing_title}', $value, $tempate_section); $value = listing_pages::getListingAgent($listing_id); $tempate_section = str_replace('{listing_agent_name}', $value, $tempate_section); $value = listing_pages::getListingAgentFirstName($listing_id); $tempate_section = str_replace('{listing_agent_first_name}', $value, $tempate_section); $value = listing_pages::getListingAgentLastName($listing_id); $tempate_section = str_replace('{listing_agent_last_name}', $value, $tempate_section); $value = listing_pages::getListingAgentLink($listing_id); $tempate_section = str_replace('{listing_agent_link}', $value, $tempate_section); $value = listing_pages::get_pclass($listing_id); $tempate_section = str_replace('{listing_pclass}', $value, $tempate_section); $value = listing_pages::getAgentListingsLink($listing_id); $tempate_section = str_replace('{listing_agent_listings}', $value, $tempate_section); $value = listing_pages::getListingAgentID($listing_id); $tempate_section = str_replace('{listing_agent_id}', $value, $tempate_section); // Get listing owner $owner_sql = 'SELECT userdb_id FROM ' . $config['table_prefix'] . 'listingsdb WHERE (listingsdb_id = ' . $or_replace_listing_id . ')'; $recordSet = $conn->execute($owner_sql); $or_replace_listing_owner = $recordSet->fields['userdb_id']; $laf_blocks = array(); preg_match_all('/{listing_agent_field_([^{}]*?)_block}/', $tempate_section, $laf_blocks); require_once $config['basepath'] . '/include/user.inc.php'; global $or_replace_listing_owner; if (count($laf_blocks) > 1) { foreach ($laf_blocks[1] as $block) { $value = user::renderSingleListingItem($or_replace_listing_owner, $block, 'rawvalue'); if ($value == '') { $tempate_section = preg_replace('/{listing_agent_field_' . $block . '_block}(.*?){\\/listing_agent_field_' . $block . '_block}/is', '', $tempate_section); } else { $tempate_section = str_replace('{listing_agent_field_' . $block . '_block}', '', $tempate_section); $tempate_section = str_replace('{/listing_agent_field_' . $block . '_block}', '', $tempate_section); } } } // Replace listing_agent tags // Handle Caption Only $tempate_section = preg_replace_callback('/{listing_agent_field_([^{}]*?)_caption}/', create_function('$matches', 'global $config,$or_replace_listing_owner,$lang;require_once($config[\'basepath\'].\'/include/user.inc.php\'); return user::renderSingleListingItem($or_replace_listing_owner, $matches[1],\'caption\');'), $tempate_section); // Hanle Value Only $tempate_section = preg_replace_callback('/{listing_agent_field_([^{}]*?)_value}/', create_function('$matches', 'global $config,$or_replace_listing_owner,$lang;require_once($config[\'basepath\'].\'/include/user.inc.php\'); return user::renderSingleListingItem($or_replace_listing_owner, $matches[1],\'value\');'), $tempate_section); // Handle Raw Value $tempate_section = preg_replace_callback('/{listing_agent_field_([^{}]*?)_rawvalue}/', create_function('$matches', 'global $config,$or_replace_listing_owner,$lang;require_once($config[\'basepath\'].\'/include/user.inc.php\'); return user::renderSingleListingItem($or_replace_listing_owner, $matches[1],\'rawvalue\');'), $tempate_section); // Handle Both Caption and Value $tempate_section = preg_replace_callback('/{listing_agent_field_([^{}]*?)}/', create_function('$matches', 'global $config,$or_replace_listing_owner,$lang;require_once($config[\'basepath\'].\'/include/user.inc.php\'); return user::renderSingleListingItem($or_replace_listing_owner, $matches[1]);'), $tempate_section); } // Listing Images $sql2 = "SELECT listingsdb_title FROM " . $config['table_prefix'] . "listingsdb WHERE listingsdb_id = {$listing_id}"; $recordSet2 = $conn->Execute($sql2); if (!$recordSet2) { $misc->log_error($sql2); } $Title = $misc->make_db_unsafe($recordSet2->fields['listingsdb_title']); if ($config['url_style'] == '1') { $url = '<a href="index.php?action=listingview&listingID=' . $listing_id . '">'; $fullurl = '<a href="' . $config["baseurl"] . '/index.php?action=listingview&listingID=' . $listing_id . '">'; // Listing Link $tempate_section = str_replace('{link_to_listing}', 'index.php?action=listingview&listingID=' . $listing_id, $tempate_section); $tempate_section = str_replace('{fulllink_to_listing}', $config['baseurl'] . '/index.php?action=listingview&listingID=' . $listing_id, $tempate_section); } else { $url_title = str_replace("/", "", $Title); $url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title)); $url = '<a href="listing-' . misc::urlencode_to_sef($url_title) . '-' . $listing_id . '.html">'; $fullurl = '<a href="' . $config["baseurl"] . '/listing-' . misc::urlencode_to_sef($url_title) . '-' . $listing_id . '.html">'; // Listing Link $tempate_section = str_replace('{link_to_listing}', 'listing-' . misc::urlencode_to_sef($url_title) . '-' . $listing_id . '.html', $tempate_section); $tempate_section = str_replace('{fulllink_to_listing}', '' . $config["baseurl"] . '/listing-' . misc::urlencode_to_sef($url_title) . '-' . $listing_id . '.html', $tempate_section); } // grab the listing's image $sql2 = "SELECT listingsimages_id, listingsimages_caption, listingsimages_thumb_file_name, listingsimages_file_name FROM " . $config['table_prefix'] . "listingsimages WHERE listingsdb_id = {$listing_id} ORDER BY listingsimages_rank"; $recordSet2 = $conn->Execute($sql2); if (!$recordSet2) { $misc->log_error($sql2); } $num_images = $recordSet2->RecordCount(); if ($num_images == 0) { if ($config['show_no_photo'] == 1) { $listing_image = $url . '<img src="' . $config["baseurl"] . '/images/nophoto.gif" alt="' . $lang['no_photo'] . '" /></a>'; $listing_image_full = $fullurl . '<img src="' . $config["baseurl"] . '/images/nophoto.gif" alt="' . $lang['no_photo'] . '" /></a>'; if ($_GET['action'] == 'listingview') { $listing_image = '<img src="' . $config["baseurl"] . '/images/nophoto.gif" alt="' . $lang['no_photo'] . '" />'; $listing_image_full = '<img src="' . $config["baseurl"] . '/images/nophoto.gif" alt="' . $lang['no_photo'] . '" />'; } $tempate_section = str_replace('{raw_image_thumb_1}', $config['baseurl'] . '/images/nophoto.gif', $tempate_section); } else { $listing_image = ''; $tempate_section = str_replace('{raw_image_thumb_1}', '', $tempate_section); } $tempate_section = str_replace('{image_thumb_1}', $listing_image, $tempate_section); $tempate_section = str_replace('{image_thumb_fullurl_1}', $listing_image, $tempate_section); } $x = 1; while (!$recordSet2->EOF) { //if we're already on the listing then make the urls goto the view image $listingsimages_id = $misc->make_db_unsafe($recordSet2->fields['listingsimages_id']); $image_caption = $misc->make_db_unsafe($recordSet2->fields['listingsimages_caption']); $thumb_file_name = $misc->make_db_unsafe($recordSet2->fields['listingsimages_thumb_file_name']); $full_file_name = $misc->make_db_unsafe($recordSet2->fields['listingsimages_file_name']); if ($_GET['action'] == 'listingview') { if ($config['url_style'] == '1') { $url = '<a href="index.php?action=view_listing_image&image_id=' . $listingsimages_id . '">'; $fullurl = '<a href="' . $config["baseurl"] . '/index.php?action=view_listing_image&image_id=' . $listingsimages_id . '">'; } else { $url = '<a href="listing_image_' . $listingsimages_id . '.html">'; $fullurl = '<a href="' . $config["baseurl"] . '/listing_image_' . $listingsimages_id . '.html">'; } } if ($thumb_file_name != "" && file_exists("{$config['listings_upload_path']}/{$thumb_file_name}")) { // Full Image Sizes $imagedata = GetImageSize("{$config['listings_upload_path']}/{$full_file_name}"); $imagewidth = $imagedata[0]; $imageheight = $imagedata[1]; $max_width = $config['main_image_width']; $max_height = $config['main_image_height']; $resize_by = $config['resize_by']; $shrinkage = 1; if ($max_width == $imagewidth || $max_height == $imageheight) { $display_width = $imagewidth; $display_height = $imageheight; } else { if ($resize_by == 'width') { $shrinkage = $imagewidth / $max_width; $display_width = $max_width; $display_height = round($imageheight / $shrinkage); } elseif ($resize_by == 'height') { $shrinkage = $imageheight / $max_height; $display_height = $max_height; $display_width = round($imagewidth / $shrinkage); } elseif ($resize_by == 'both') { $display_width = $max_width; $display_height = $max_height; } elseif ($resize_by == 'bestfit') { $shrinkage_width = $imagewidth / $max_width; $shrinkage_height = $imageheight / $max_height; $shrinkage = max($shrinkage_width, $shrinkage_height); $display_height = round($imageheight / $shrinkage); $display_width = round($imagewidth / $shrinkage); } } // Thumbnail Image Sizes $thumb_imagedata = GetImageSize("{$config['listings_upload_path']}/{$thumb_file_name}"); $thumb_imagewidth = $thumb_imagedata[0]; $thumb_imageheight = $thumb_imagedata[1]; $thumb_max_width = $config['thumbnail_width']; $thumb_max_height = $config['thumbnail_height']; $resize_thumb_by = $config['resize_thumb_by']; $shrinkage = 1; if ($thumb_max_width == $thumb_imagewidth || $thumb_max_height == $thumb_imageheight) { $thumb_displaywidth = $thumb_imagewidth; $thumb_displayheight = $thumb_imageheight; } else { if ($resize_thumb_by == 'width') { $shrinkage = $thumb_imagewidth / $thumb_max_width; $thumb_displaywidth = $thumb_max_width; $thumb_displayheight = round($thumb_imageheight / $shrinkage); } elseif ($resize_thumb_by == 'height') { $shrinkage = $thumb_imageheight / $thumb_max_height; $thumb_displayheight = $thumb_max_height; $thumb_displaywidth = round($thumb_imagewidth / $shrinkage); } elseif ($resize_thumb_by == 'both') { $thumb_displayheight = $thumb_max_height; $thumb_displaywidth = $thumb_max_width; } } $listing_image = $url . '<img src="' . $config['listings_view_images_path'] . '/' . $thumb_file_name . '" height="' . $thumb_displayheight . '" width="' . $thumb_displaywidth . '" alt="' . $image_caption . '" /></a>'; $listing_image_full = $url . '<img src="' . $config['listings_view_images_path'] . '/' . $full_file_name . '" height="' . $display_height . '" width="' . $display_width . '" alt="' . $image_caption . '" /></a>'; $listing_image_fullurl = $fullurl . '<img src="' . $config['listings_view_images_path'] . '/' . $thumb_file_name . '" height="' . $thumb_displayheight . '" width="' . $thumb_displaywidth . '" alt="' . $image_caption . '" /></a>'; $listing_image_full_fullurl = $fullurl . '<img src="' . $config['listings_view_images_path'] . '/' . $full_file_name . '" height="' . $display_height . '" width="' . $display_width . '" alt="' . $image_caption . '" /></a>'; $tempate_section = str_replace('{image_thumb_' . $x . '}', $listing_image, $tempate_section); $tempate_section = str_replace('{raw_image_thumb_' . $x . '}', $config['listings_view_images_path'] . '/' . $thumb_file_name, $tempate_section); $tempate_section = str_replace('{image_thumb_fullurl_' . $x . '}', $listing_image_fullurl, $tempate_section); //Full Image tags $tempate_section = str_replace('{image_full_' . $x . '}', $listing_image_full, $tempate_section); $tempate_section = str_replace('{raw_image_full_' . $x . '}', $config['listings_view_images_path'] . '/' . $full_file_name, $tempate_section); $tempate_section = str_replace('{image_full_fullurl_' . $x . '}', $listing_image_full_fullurl, $tempate_section); } else { if ($config['show_no_photo'] == 1) { $listing_image = $url . '<img src="' . $config["baseurl"] . '/images/nophoto.gif" alt="' . $lang['no_photo'] . '" /></a>'; $listing_image_fullurl = $fullurl . '<img src="' . $config["baseurl"] . '/images/nophoto.gif" alt="' . $lang['no_photo'] . '" /></a>'; $tempate_section = str_replace('{raw_image_thumb_' . $x . '}', $config['baseurl'] . '/images/nophoto.gif', $tempate_section); } else { $listing_image = ''; $tempate_section = str_replace('{raw_image_thumb_' . $x . '}', '', $tempate_section); } $tempate_section = str_replace('{image_thumb_' . $x . '}', $listing_image, $tempate_section); $tempate_section = str_replace('{image_thumb_fullurl_' . $x . '}', $listing_image_fullurl, $tempate_section); $tempate_section = str_replace('{image_full_' . $x . '}', '', $tempate_section); $tempate_section = str_replace('{raw_image_full_' . $x . '}', '', $tempate_section); $tempate_section = str_replace('{image_full_fullurl_' . $x . '}', '', $tempate_section); } // We have the image so insert it into the section. $x++; $recordSet2->MoveNext(); } // end while // End Listing Images $value = array(); $value = listing_pages::getListingAgentThumbnail($listing_id); $x = 0; foreach ($value as $y) { $tempate_section = str_replace('{listing_agent_thumbnail_' . $x . '}', $y, $tempate_section); $x++; } $tempate_section = preg_replace('/{listing_agent_thumbnail_([^{}]*?)}/', '', $tempate_section); // End of Listing Tag Replacement if ($tsection === true) { return $tempate_section; } else { $this->page = $tempate_section; } } }
function rss_view($option) { global $conn, $lang, $config; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); $display = ''; $sql = 'SELECT listingsdb_id,listingsdb_last_modified FROM ' . $config['table_prefix'] . 'listingsdb WHERE '; //Allow Filtering by agent ID if (isset($_GET['agent_id'])) { if (!is_array($_GET['agent_id'])) { $id = $_GET['agent_id']; unset($_GET['agent_id']); $_GET['agent_id'][] = $id; } $aidset = FALSE; foreach ($_GET['agent_id'] as $aid) { if (is_numeric($aid)) { if ($aidset) { $sql .= ' AND userdb_id = ' . $aid; } else { $sql .= ' userdb_id = ' . $aid; } $aidset = TRUE; } } if ($aidset) { $sql .= ' AND '; } } //Decide with RSS feed to show switch ($option) { case 'featured': if (intval($config['rss_limit_featured']) > 0) { $sql .= ' listingsdb_featured = \'yes\' AND listingsdb_active = \'yes\' LIMIT 0, ' . intval($config['rss_limit_featured']); } else { $sql .= ' listingsdb_featured = \'yes\' AND listingsdb_active = \'yes\' '; } $rsslink = $config['baseurl'] . '/index.php?action=rss_featured_listings'; $rsstitle = $config['rss_title_featured']; $rssdesc = $config['rss_desc_featured']; $rsslistingdesc = $config['rss_listingdesc_featured']; break; case 'lastmodified': if (intval($config['rss_limit_lastmodified']) > 0) { $sql .= ' listingsdb_active = \'yes\' ORDER BY listingsdb_last_modified DESC LIMIT 0, ' . intval($config['rss_limit_lastmodified']); } else { $sql .= ' listingsdb_active = \'yes\' ORDER BY listingsdb_last_modified DESC'; } $rsslink = $config['baseurl'] . '/index.php?action=rss_featured_listings'; $rsstitle = $config['rss_title_lastmodified']; $rssdesc = $config['rss_desc_lastmodified']; $rsslistingdesc = $config['rss_listingdesc_lastmodified']; break; } $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } //Get RSS Template require_once $config['basepath'] . '/include/class/template/core.inc.php'; $page = new page_user(); $page->load_page($config['template_path'] . '/rss.html', FALSE); $page->replace_tag('rss_webroot', $rsslink); $page->replace_tag('rss_description', $rssdesc); $page->replace_tag('rss_title', $rsstitle); $page->replace_tag('rss_listing_description', $rsslistingdesc); $listing_template = $page->get_template_section('rss_listing_block'); $completed_listing_template = ''; while (!$recordSet->EOF) { // first, check to see whether the listing is currently active //Lookup Class $sql2 = "SELECT class_id FROM " . $config['table_prefix_no_lang'] . "classlistingsdb WHERE listingsdb_id = " . $recordSet->fields['listingsdb_id']; $recordSet2 = $conn->SelectLimit($sql2, 1, 0); $num = $recordSet2->RecordCount(); if ($recordSet2 === false) { $misc->log_error($sql); } $class = $recordSet2->fields['class_id']; $completed_listing_template .= $page->replace_listing_field_tags($recordSet->fields['listingsdb_id'], $listing_template, TRUE); $completed_listing_template = str_replace('{rss_listing_guid}', base64_encode($recordSet->fields['listingsdb_id'] . '-' . $recordSet->fields['listingsdb_last_modified']), $completed_listing_template); $recordSet->MoveNext(); } $page->replace_template_section('rss_listing_block', $completed_listing_template); $display = $page->return_page(); return $display; }
function display() { global $conn, $config, $lang; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); require_once $config['basepath'] . '/include/user.inc.php'; $userclass = new user(); require_once $config['basepath'] . '/include/class/template/core.inc.php'; $page = new page_user(); require_once $config['basepath'] . '/include/blog_functions.inc.php'; $blog_functions = new blog_functions(); // Make Sure we passed the PageID $display = ''; if (!isset($_GET['ArticleID']) && intval($_GET['ArticleID']) <= 0) { $display .= "ERROR. PageID not sent"; } else { $blog_id = intval($_GET['ArticleID']); //Check if we posted a comment. if (isset($_SESSION['userID']) && $_SESSION['userID'] > 0 && isset($_POST['comment_text']) && strlen($_POST['comment_text']) > 0) { require_once $config['basepath'] . '/include/blog_editor.inc.php'; $blog_comment = $misc->make_db_safe(blog_editor::htmlEncodeText($_POST['comment_text'])); if ($config['blog_requires_moderation'] == 1) { $moderated = 0; } else { $moderated = 1; } $sql = "INSERT INTO " . $config['table_prefix'] . "blogcomments (userdb_id,blogcomments_timestamp,blogcomments_text,blogmain_id,blogcomments_moderated) VALUES\n\t\t\t\t(" . intval($_SESSION['userID']) . "," . time() . ",{$blog_comment},{$blog_id},{$moderated});"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } } //$display .= '<div class="page_display">'; $sql = "SELECT blogmain_full,blogmain_id FROM " . $config['table_prefix'] . "blogmain WHERE blogmain_id=" . $blog_id; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $full = html_entity_decode($misc->make_db_unsafe($recordSet->fields['blogmain_full']), ENT_NOQUOTES, $config['charset']); //$full = $misc->make_db_unsafe($recordSet->fields['blogmain_full']); $full = preg_replace('/\\<hr.*?\\>/', '', $full, 1); $id = $recordSet->fields['blogmain_id']; if ($config["wysiwyg_execute_php"] == 1) { ob_start(); $full = str_replace("<!--<?php", "<?php", $full); $full = str_replace("?>-->", "?>", $full); eval('?>' . "{$full}" . '<?php '); $full = ob_get_contents(); ob_end_clean(); } //Load Template $page->load_page($config['template_path'] . '/blog_article.html'); //Start Replacing Tags $blog_title = $blog_functions->get_blog_title($id); $page->page = $page->parse_template_section($page->page, 'blog_title', $blog_title); $blog_author = $blog_functions->get_blog_author($id); $page->page = $page->parse_template_section($page->page, 'blog_author', $blog_author); $blog_comment_count = $blog_functions->get_blog_comment_count($id); $page->page = $page->parse_template_section($page->page, 'blog_comment_count', $blog_comment_count); $blog_date_posted = $blog_functions->get_blog_date($id); $page->page = $page->parse_template_section($page->page, 'blog_date_posted', $blog_date_posted); $page->page = $page->parse_template_section($page->page, 'blog_full_article', $full); // Allow Admin To Edit # if (isset($_SESSION['editblog']) && $_SESSION['admin_privs'] == 'yes' && $config["wysiwyg_show_edit"] == 1) { $admin_edit_link .= "{$config['baseurl']}/admin/index.php?action=edit_blog&id={$id}"; $page->page = $page->parse_template_section($page->page, 'admin_edit_link', $admin_edit_link); $page->page = $page->cleanup_template_block('admin_edit_link', $page->page); } else { $page->page = $page->remove_template_block('admin_edit_link', $page->page); } //Deal with COmments $sql = "SELECT blogcomments_id,userdb_id,blogcomments_timestamp,blogcomments_text FROM " . $config['table_prefix'] . "blogcomments WHERE blogmain_id = " . $id . " AND blogcomments_moderated = 1 ORDER BY blogcomments_timestamp ASC;"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $blog_comment_template = ''; while (!$recordSet->EOF) { //Load DB Values $comment_author_id = $misc->make_db_unsafe($recordSet->fields['userdb_id']); $blogcomments_id = $misc->make_db_unsafe($recordSet->fields['blogcomments_id']); $blogcomments_timestamp = $misc->make_db_unsafe($recordSet->fields['blogcomments_timestamp']); $blogcomments_text = html_entity_decode($misc->make_db_unsafe($recordSet->fields['blogcomments_text']), ENT_NOQUOTES, $config['charset']); //Load Template Block $blog_comment_template .= $page->get_template_section('blog_article_comment_item_block'); //Lookup Blog Author.. $author_type = $userclass->get_user_type($comment_author_id); if ($author_type == 'member') { $author_display = $userclass->get_user_name($comment_author_id); } else { $author_display = $userclass->get_user_last_name($comment_author_id) . ', ' . $userclass->get_user_first_name($comment_author_id); } $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_author', $author_display); if ($config['date_format'] == 1) { $format = "m/d/Y"; } elseif ($config['date_format'] == 2) { $format = "Y/d/m"; } elseif ($config['date_format'] == 3) { $format = "d/m/Y"; } $blog_comment_date_posted = date($format, "{$blogcomments_timestamp}"); $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_date_posted', $blog_comment_date_posted); $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_text', $blogcomments_text); $recordSet->MoveNext(); } $page->replace_template_section('blog_article_comment_item_block', $blog_comment_template); //Render Add New Comment if ($config['url_style'] == '1') { $article_url = 'index.php?action=blog_view_article&ArticleID=' . $id; } else { $url_title = str_replace("/", "", $blog_title); $url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title)); $article_url = 'article-' . urlencode($url_title) . '-' . $id . '.html'; } $page->page = $page->parse_template_section($page->page, 'blog_comments_post_url', $article_url); //Render Page Out //$page->replace_tags(array('templated_search_form', 'featured_listings_horizontal', 'featured_listings_vertical', 'company_name', 'link_printer_friendly')); $page->replace_permission_tags(); $display .= $page->return_page(); } return $display; }
/** * insert_listing_field() * This was taken almost verbatim from include/template_editor.inc.php. * The only reason the code is duplicated here is because the code in * template_editor.inc.php is designed around the form, and requires * $_POST[] to be properly set in order to work. The only time this * addon uses this method is during the initial install, and then only * if the database does not already have fields named "latitude" and * "longitude". */ function insert_listing_field($field_type, $field_name, $field_caption, $default_text, $field_elements, $rank, $search_rank, $search_result_rank, $required, $location, $display_on_browse, $search_step, $display_priv, $searchable, $search_label, $search_type, $property_class) { // include global variables global $conn, $lang, $config; // Include the misc Class require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); $field_type = $misc->make_db_safe($field_type); $field_name = $misc->make_db_safe($field_name); $field_caption = $misc->make_db_safe($field_caption); $default_text = $misc->make_db_safe($default_text); $field_elements = $misc->make_db_safe($field_elements); $rank = $misc->make_db_safe($rank); $search_rank = $misc->make_db_safe($search_rank); $search_result_rank = $misc->make_db_safe($search_result_rank); $required = $misc->make_db_safe($required); $location = $misc->make_db_safe($location); $display_on_browse = $misc->make_db_safe($display_on_browse); $search_step = $misc->make_db_safe($search_step); $display_priv = $misc->make_db_safe($display_priv); $searchable = $misc->make_db_safe($searchable); $search_label = $misc->make_db_safe($search_label); $search_type = $misc->make_db_safe($search_type); $id_rand = rand(0, 999999); $sql = "INSERT INTO " . $config['table_prefix'] . "listingsformelements (listingsformelements_field_type, listingsformelements_field_name, listingsformelements_field_caption, listingsformelements_default_text, listingsformelements_field_elements, listingsformelements_rank, listingsformelements_search_rank, listingsformelements_search_result_rank, listingsformelements_required, listingsformelements_location, listingsformelements_display_on_browse, listingsformelements_search_step, listingsformelements_searchable, listingsformelements_search_label, listingsformelements_search_type,listingsformelements_display_priv) VALUES ({$field_type},{$id_rand},{$field_caption},{$default_text},{$field_elements},{$rank},{$search_rank},{$search_result_rank},{$required},{$location},{$display_on_browse},{$search_step},{$searchable},{$search_label},{$search_type},{$display_priv})"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } // Now we need to get the field ID $sql = 'SELECT listingsformelements_id FROM ' . $config['table_prefix'] . 'listingsformelements WHERE listingsformelements_field_name = ' . $id_rand; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $listingsformelements_id = $recordSet->fields['listingsformelements_id']; // Set Real Name $sql = 'UPDATE ' . $config['table_prefix'] . 'listingsformelements SET listingsformelements_field_name = ' . $field_name . ' WHERE listingsformelements_field_name = ' . $id_rand; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } // We should now add a blank field for each listing that already exist. $sql = 'SELECT listingsdb_id, userdb_id FROM ' . $config['table_prefix'] . 'listingsdb'; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $id = array(); $user = array(); while (!$recordSet->EOF) { $id[] = $recordSet->fields['listingsdb_id']; $user[] = $recordSet->fields['userdb_id']; $recordSet->MoveNext(); } // while $count = count($id); $x = 0; while ($x < $count) { $sql = "INSERT INTO " . $config['table_prefix'] . "listingsdbelements (listingsdbelements_field_name, listingsdb_id,userdb_id,listingsdbelements_field_value) VALUES ({$field_name},'{$id[$x]}','{$user[$x]}','')"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $x++; } // Add Listing Field to property class foreach ($property_class as $class_id) { $sql = 'INSERT INTO ' . $config['table_prefix_no_lang'] . 'classformelements (class_id,listingsformelements_id) VALUES (' . $class_id . ',' . $listingsformelements_id . ')'; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } } }