function quote()
{
global $viewhelper, $pos;
$this->loadModel("quote");
$condition = $joins = $id = null;
$conditions = array();
$tpl_file = "market/quote";
$viewhelper->setTitle(L("price_quotes", "tpl"));
$viewhelper->setPosition(L("price_quotes", "tpl"), "index.php?do=market&action=quote");
if (isset($_GET['id'])) {
$id = intval($_GET['id']);
}
if (isset($_GET['catid'])) {
$type_id = intval($_GET['catid']);
$conditions[] = "Quote.type_id='" . $type_id . "'";
$viewhelper->setTitle("The industry " . $type_id);
}
if (!empty($_GET['title'])) {
$conditions[] = "title LIKE '%" . pb_addslashes($_GET['title']) . "%'";
}
$this->quote->setCondition($conditions);
$amount = $this->quote->findCount(null, $conditions);
$fields = "Quote.*,Quote.created AS pubdate,ROUND((Quote.min_price+Quote.max_price)/2,2) AS price";
$result = $this->quote->findAll($fields, $joins, $conditions, "Quote.id DESC", $pos, $this->displaypg);
setvar("items", pb_lang_split_recursive($result));
uaAssign(array("QuoteSearchFrom" => date("Y-m-d", strtotime("last month")), "QuoteSearchTo" => date("Y-m-d")));
setvar("paging", array('total' => $amount));
render($tpl_file);
}
function write($sid, $sess_data)
{
$sess_data = pb_addslashes($sess_data);
$expiry = $this->time + $this->lifetime;
$sql = "SELECT * FROM {$this->sess_table} WHERE sesskey='{$sid}'";
$result = $this->db->GetRow($sql);
if (!empty($result)) {
$sql = "UPDATE {$this->sess_table} SET data='{$sess_data}',expiry='{$expiry}',modified='{$this->time}' WHERE sesskey='{$sid}'";
$this->db->Execute($sql);
} else {
$this->db->Execute("INSERT INTO {$this->sess_table} (sesskey,data,expiry,expireref,created,modified) VALUES('{$sid}', '{$sess_data}', '{$expiry}', '" . pb_getenv('PHP_SELF') . "', '{$this->time}', '{$this->time}')");
}
return true;
}
function setParams($extra = array())
{
$params = array();
if (isset($_POST)) {
$params['form'] = $_POST;
if (ini_get('magic_quotes_gpc') === '1') {
$params['form'] = pb_addslashes($params['form']);
}
if (pb_getenv('HTTP_X_HTTP_METHOD_OVERRIDE')) {
$params['form']['_method'] = pb_getenv('HTTP_X_HTTP_METHOD_OVERRIDE');
}
if (isset($params['form']['_method'])) {
if (isset($_SERVER) && !empty($_SERVER)) {
$_SERVER['REQUEST_METHOD'] = $params['form']['_method'];
} else {
$_ENV['REQUEST_METHOD'] = $params['form']['_method'];
}
unset($params['form']['_method']);
}
}
$params = array_merge($extra, $params);
if (isset($_GET)) {
if (ini_get('magic_quotes_gpc') === '1') {
$url = stripslashes_deep($_GET);
} else {
$url = $_GET;
}
if (isset($params['url'])) {
$params['url'] = array_merge($params['url'], $url);
} else {
$params['url'] = $url;
}
}
if (isset($params['action']) && strlen($params['action']) === 0) {
$params['action'] = 'list';
}
if (isset($params['form']['data'])) {
$params['data'] = $params['form']['data'];
unset($params['form']['data']);
}
$this->params = $params;
}
$time_offset = isset($_PB_CACHE['setting']['time_offset']) ? $_PB_CACHE['setting']['time_offset'] : 0;
$date_format = isset($_PB_CACHE['setting']['date_format']) ? $_PB_CACHE['setting']['date_format'] : "Y-m-d";
$time_now = array('time' => gmdate("{$date_format} H:i", $time_stamp + 3600 * $time_offset), 'offset' => $time_offset >= 0 ? $time_offset == 0 ? '' : '+' . $time_offset : $time_offset);
if (PHP_VERSION > '5.1') {
//@date_default_timezone_set('Etc/GMT'.($time_offset > 0 ? '-' : '+').(abs($time_offset)));
} else {
//@putenv("TZ=GMT".$time_now['offset']);
}
$viewhelper = new PbView();
$conditions = null;
$pb_userinfo = pb_get_member_info();
if ($pb_userinfo) {
$pb_user = $pb_userinfo;
$pb_user = pb_addslashes($pb_user);
uaAssign($pb_userinfo);
}
uaAssign(array('SiteUrl' => URL, 'Charset' => $charset, 'AppLanguage' => $app_lang));
uaAssign($_PB_CACHE['setting']);
$pre_length = strlen($cookiepre);
foreach ($_COOKIE as $key => $val) {
if (substr($key, 0, $pre_length) == $cookiepre) {
$_UCOOKIE[substr($key, $pre_length)] = MAGIC_QUOTES_GPC ? $val : pb_addslashes($val);
}
}
$pre_refer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
if ($gzipcompress && function_exists('ob_gzhandler')) {
ob_start('ob_gzhandler');
} else {
$gzipcompress = 0;
ob_start();
}
$file_cls = new Files();
$pb_protocol = 'http';
if (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) != 'off') {
$pb_protocol = 'https';
}
$PHP_SELF = isset($_SERVER['SCRIPT_NAME']) ? $_SERVER['SCRIPT_NAME'] : preg_replace("/(.*)\\.php(.*)/i", "\\1.php", $_SERVER['PHP_SELF']);
$BASESCRIPT = basename($PHP_SELF);
list($BASEFILENAME) = explode('.', $BASESCRIPT);
$install_url = htmlspecialchars($pb_protocol . "://" . pb_getenv('HTTP_HOST') . preg_replace("/\\/+(api|wap)?\\/*\$/i", '', substr($PHP_SELF, 0, strrpos($PHP_SELF, '/'))) . '/');
$siteUrl = substr($install_url, 0, -(strlen($BASEFILENAME) + 1));
$time_stamp = TIME;
if ($_REQUEST) {
if (!MAGIC_QUOTES_GPC) {
$_REQUEST = pb_addslashes($_REQUEST);
if ($_COOKIE) {
$_COOKIE = pb_addslashes($_COOKIE);
}
}
extract($_REQUEST, EXTR_SKIP);
}
if (!isset($_GET['step'])) {
$step = '1';
} else {
$step = intval($_GET['step']);
}
if (isset($_GET['do'])) {
$do = trim($_GET['do']);
if ($do == "complete") {
include "step" . $step . ".inc.php";
exit;
}
function pb_addslashes($string)
{
if (is_array($string)) {
foreach ($string as $key => $val) {
$string[$key] = pb_addslashes($val);
}
} else {
$string = addslashes($string);
}
return $string;
}
break;
case "chart":
if (empty($id)) {
flash("pls_input_product_name", "market/quote.php");
}
$info = $pdb->GetRow("SELECT * FROM " . $tb_prefix . "quotes WHERE id=" . $id);
$pdb->Execute("UPDATE " . $tb_prefix . "quotes SET hits=hits+1 WHERE id=" . $id);
$info['pubdate'] = df($info['created']);
$info['clicked'] = $info['hits'];
setvar("item", $info);
$tpl_file = "detail.default";
render($tpl_file, true);
break;
case "search":
if (!empty($_GET['title'])) {
$conditions[] = "title LIKE '%" . pb_addslashes($_GET['title']) . "%'";
}
break;
default:
break;
}
}
if (isset($_GET['catid'])) {
$type_id = intval($_GET['catid']);
$conditions[] = "Quote.type_id='" . $type_id . "'";
$viewhelper->setTitle("The industry " . $type_id);
}
$quote->setCondition($conditions);
$amount = $quote->findCount(null, $conditions);
$fields = "Quote.*,Quote.created AS pubdate,ROUND((Quote.min_price+Quote.max_price)/2,2) AS price";
$result = $quote->findAll($fields, $joins, $conditions, "Quote.id DESC", $pos, $limit);
}
$js_language = $app_lang;
if ($show_ajax) {
$show_ajax = 1;
}
$_G = array('SiteUrl' => URL, 'show_ajax' => $show_ajax, 'charset' => $charset, 'AppLanguage' => $app_lang, 'WebRootUrl' => $absolute_uri, 'TemplateDir' => 'templates', 'JsLanguage' => $js_language, 'cookiepre' => $cookiepre, 'cookiedomain' => $cookiedomain, 'cookiepath' => $cookiepath);
uaAssign($_G);
if (!empty($_PB_CACHE['setting']['site_theme_styles'])) {
$_PB_CACHE['setting']['site_theme_styles'] = unserialize($_PB_CACHE['setting']['site_theme_styles']);
}
//at c, use $G;v, $_G.
$G['setting'] = pb_lang_split_recursive($_PB_CACHE['setting']);
$G['setting']['nav_id'] = '';
//Todo:
setvar("_G", $G['setting']);
uaAssign($G['setting']);
if (!MAGIC_QUOTES_GPC) {
$_GET = pb_addslashes($_GET);
$_POST = pb_addslashes($_POST);
$_COOKIE = pb_addslashes($_COOKIE);
$_SERVER = pb_addslashes($_SERVER);
}
$G = am($G, $_GET, $_POST);
$viewhelper = new PbView();
$pre_refer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
if ($gzipcompress && function_exists('ob_gzhandler')) {
ob_start('ob_gzhandler');
} else {
$gzipcompress = 0;
ob_start();
}
