}
$PAGES = ceil($TOTALAUCTIONS / $system->SETTINGS['perpage']);
$query = "SELECT * FROM " . $DBPrefix . "auctions\n\t\t\tWHERE " . $insql . " starts <= :time\n\t\t\tAND closed = 0\n\t\t\tAND suspended = 0";
$params = array();
$params[] = array(':time', $NOW, 'int');
if (!empty($_POST['catkeyword'])) {
$query .= " AND title LIKE :title";
$params[] = array(':title', '%' . $system->cleanvars($_POST['catkeyword']) . '%', 'str');
}
$query .= " ORDER BY ends ASC LIMIT :offset, :perpage";
$params[] = array(':offset', $OFFSET, 'int');
$params[] = array(':perpage', $system->SETTINGS['perpage'], 'int');
// get featured items
$query_feat = "SELECT * FROM " . $DBPrefix . "auctions\n\t\t\tWHERE " . $insql . " starts <= :time\n\t\t\tAND closed = 0\n\t\t\tAND suspended = 0\n\t\t\tAND featured = 'y'";
$params_feat = array();
$params_feat[] = array(':time', $NOW, 'int');
if (!empty($_POST['catkeyword'])) {
$query_feat .= " AND title LIKE :title";
$params_feat[] = array(':title', '%' . $system->cleanvars($_POST['catkeyword']) . '%', 'str');
}
$query_feat .= " ORDER BY ends ASC LIMIT :offset, 5";
$params_feat[] = array(':offset', ($PAGE - 1) * 5, 'int');
include $include_path . 'browseitems.inc.php';
browseItems($query, $params, $query_feat, $params_feat, $TOTALAUCTIONS, 'browse.php', 'id=' . $id);
$template->assign_vars(array('ID' => $id, 'TOP_HTML' => $TPL_main_value, 'CAT_STRING' => $TPL_categories_string, 'NUM_AUCTIONS' => $TOTALAUCTIONS));
}
$page_title = $current_cat_name;
include 'header.php';
$template->set_filenames(array('body' => 'browsecats.tpl'));
$template->display('body');
include 'footer.php';
}
$catSQL .= ")";
}
$query = "SELECT * FROM " . $DBPrefix . "auctions WHERE\n\t\t\t(title LIKE '%" . $term . "%' OR id = " . intval($term) . ")\n\t\t\t" . $catSQL . "\n\t\t\tAND closed = 0 AND suspended = 0 AND starts <= " . $NOW . " AND ends > " . $NOW;
// retrieve records corresponding to passed page number
$PAGE = isset($_GET['PAGE']) ? intval($_GET['PAGE']) : 1;
if ($PAGE == 0) {
$PAGE = 1;
}
// determine limits for SQL query
$left_limit = ($PAGE - 1) * $system->SETTINGS['perpage'];
// get total number of records
$res = mysql_query($query);
$system->check_mysql($res, $query, __LINE__, __FILE__);
$total = mysql_num_rows($res);
// get number of pages
$PAGES = ceil($total / $system->SETTINGS['perpage']);
$query_ = $query . " ORDER BY ends LIMIT " . $left_limit . ", " . $system->SETTINGS['perpage'];
$res = mysql_query($query_);
$system->check_mysql($res, $query_, __LINE__, __FILE__);
$query_ = $query . " AND featured = 'y' ORDER BY ends LIMIT " . intval(($PAGE - 1) * 5) . ", 5";
$feat_res = mysql_query($query_);
$system->check_mysql($feat_res, $query_, __LINE__, __FILE__);
// to be sure about items format, I've unified the call
include $include_path . 'browseitems.inc.php';
browseItems($res, $feat_res, $total, 'search.php', 'q=' . $term . '&id=' . $cat_id);
}
include 'header.php';
$template->set_filenames(array('body' => 'search.tpl'));
$template->display('body');
include 'footer.php';
/* retrieve records corresponding to passed page number */
$PAGE = (int) $_GET['page'];
if ($PAGE == 0) {
$PAGE = 1;
}
$lines = (int) $lines;
if ($lines == 0) {
$lines = 50;
}
/* determine limits for SQL query */
$left_limit = ($PAGE - 1) * $lines;
/* get total number of records */
$rsl = mysql_query($sql_count);
$system->check_mysql($rsl, $sql_count, __LINE__, __FILE__);
$hash = mysql_fetch_array($rsl);
$total = (int) $hash[0];
/* get number of pages */
$PAGES = (int) ($total / $lines);
if ($total % $lines > 0) {
++$PAGES;
}
$result = mysql_query($sql . " LIMIT {$left_limit},{$lines}");
$system->check_mysql($result, $sql, __LINE__, __FILE__);
// to be sure about items format, I've unified the call
include $include_path . "browseitems.inc.php";
browseItems($result, 'search.php');
}
include "header.php";
$template->set_filenames(array('body' => 'search.html'));
$template->display('body');
include "footer.php";
$PAGES = intval($total / $system->SETTINGS['perpage']);
if ($total % $system->SETTINGS['perpage'] > 0) {
++$PAGES;
}
// get records corresponding to this page
$query = "SELECT au.* FROM " . $DBPrefix . "auctions au\n\t\t\t" . $userjoin . "\n\t\t\tWHERE au.suspended = 0\n\t\t\tAND " . $wher . $ora . "\n\t\t\tau.starts <= :time\n\t\t\tORDER BY " . $by . " LIMIT :offset, :perpage";
$params = $asparams;
$params[] = array(':offset', $left_limit, 'int');
$params[] = array(':perpage', $system->SETTINGS['perpage'], 'int');
// get featured items
$query_feat = "SELECT au.* FROM " . $DBPrefix . "auctions au\n\t\t\t" . $userjoin . "\n\t\t\tWHERE au.suspended = 0\n\t\t\tAND " . $wher . $ora . "\n\t\t\tfeatured = 'y'\n\t\t\tAND\tau.starts <= :time\n\t\t\tORDER BY " . $by . " LIMIT :offset, 5";
$params_feat = $asparams;
$params_feat[] = array(':offset', ($PAGE - 1) * 5, 'int');
if ($total > 0) {
include $include_path . 'browseitems.inc.php';
browseItems($query, $params, $query_feat, $params_feat, $total, 'adsearch.php');
include 'header.php';
$template->set_filenames(array('body' => 'asearch_result.tpl'));
$template->display('body');
include 'footer.php';
exit;
} else {
$ERR = $ERR_122;
}
}
// payments
$payment_methods = '';
$query = "SELECT * FROM " . $DBPrefix . "gateways LIMIT 1";
$db->direct_query($query);
$gateways_data = $db->result();
$gateway_list = explode(',', $gateways_data['gateways']);
$currently_watched_items = explode(' ', trim($user->user_data['item_watch']));
$items_to_watch = array();
for ($j = 0; $j < count($currently_watched_items); $j++) {
if ($currently_watched_items[$j] != $item_to_delete) {
array_push($items_to_watch, $currently_watched_items[$j]);
}
}
$query = "UPDATE " . $DBPrefix . "users SET item_watch = :item_watch WHERE id = :user_id";
$params = array();
$params[] = array(':item_watch', implode(' ', $items_to_watch), 'str');
$params[] = array(':user_id', $user->user_data['id'], 'int');
$db->query($query, $params);
$user->user_data['item_watch'] = implode(' ', $items_to_watch);
$user_message .= $MSG['item_watch_item_removed'];
}
// Show results
$items = trim($user->user_data['item_watch']);
if ($items != '' && $items != null) {
$itemids = str_replace(' ', ',', $items);
$query = "SELECT * FROM " . $DBPrefix . "auctions WHERE id IN (" . $itemids . ")";
$db->direct_query($query);
$total = $db->numrows();
browseItems($query, null, '', '', $total, 'item_watch.php');
}
$template->assign_vars(array('USER_MESSAGE' => $user_message));
include 'header.php';
$TMP_usmenutitle = $MSG['472'];
include INCLUDE_PATH . 'user_cp.php';
$template->set_filenames(array('body' => 'item_watch.tpl'));
$template->display('body');
include 'footer.php';
$query = "SELECT * FROM " . $DBPrefix . "auctions WHERE\n\t\t\t(title LIKE :title OR id = :auc_id)\n\t\t\t" . $catSQL . "\n\t\t\tAND closed = 0 AND suspended = 0 AND starts <= :time AND ends > :time";
$params = array();
$params[] = array(':title', '%' . $system->cleanvars($term) . '%', 'str');
$params[] = array(':auc_id', $term, 'int');
$params[] = array(':time', $NOW, 'int');
$db->query($query, $params);
// get total number of records
$total = $db->numrows();
// retrieve records corresponding to passed page number
$PAGE = isset($_GET['PAGE']) ? intval($_GET['PAGE']) : 1;
if ($PAGE == 0) {
$PAGE = 1;
}
// determine limits for SQL query
$left_limit = ($PAGE - 1) * $system->SETTINGS['perpage'];
// get number of pages
$PAGES = ceil($total / $system->SETTINGS['perpage']);
$query_feat = $query . " AND featured = 'y' ORDER BY ends LIMIT :offset, 5";
$params_feat = $params;
$params_feat[] = array(':offset', ($PAGE - 1) * 5, 'int');
$query = $query . " ORDER BY ends LIMIT :offset, :perpage";
$params[] = array(':offset', $left_limit, 'int');
$params[] = array(':perpage', $system->SETTINGS['perpage'], 'int');
// to be sure about items format, I've unified the call
include $include_path . 'browseitems.inc.php';
browseItems($query, $params, $query_feat, $params_feat, $total, 'search.php', 'q=' . $term . '&id=' . $cat_id);
}
include 'header.php';
$template->set_filenames(array('body' => 'search.tpl'));
$template->display('body');
include 'footer.php';
$result = mysql_query($query);
$system->check_mysql($result, $query, __LINE__, __FILE__);
}
// Show results
$query = "SELECT item_watch from " . $DBPrefix . "users WHERE nick='" . $system->cleanvars($_SESSION['WEBID_LOGGED_IN_USERNAME']) . "' ";
$result = mysql_query($query);
$system->check_mysql($result, $query, __LINE__, __FILE__);
$TPL_auctions_list_value = array();
$items = trim(mysql_result($result, 0, "item_watch"));
if (mysql_num_rows($result) > 0) {
$HasResults = true;
}
if ($items != "" && $items != null) {
$item = split(" ", $items);
$itemids = '0';
for ($j = 0; $j < count($item); $j++) {
$itemids .= ',' . $item[$j];
}
$query = "SELECT * from " . $DBPrefix . "auctions WHERE id IN ({$itemids})";
$result = mysql_query($query);
$system->check_mysql($result, $query, __LINE__, __FILE__);
if (mysql_num_rows($result) > 0) {
browseItems($result, 'item_watch.php');
}
}
include "header.php";
$TMP_usmenutitle = $MSG['472'];
include "includes/user_cp.php";
$template->set_filenames(array('body' => 'item_watch.html'));
$template->display('body');
include "footer.php";
if (!isset($_GET['PAGE']) || $_GET['PAGE'] == 1) {
$OFFSET = 0;
$PAGE = 1;
} else {
$PAGE = $_REQUEST['PAGE'];
$OFFSET = ($PAGE - 1) * $system->SETTINGS['perpage'];
}
$PAGES = ceil($TOTALAUCTIONS / $system->SETTINGS['perpage']);
$query = "SELECT * FROM " . $DBPrefix . "auctions\n\t\t\tWHERE " . $insql . " starts <= " . $NOW . "\n\t\t\tAND closed = 0\n\t\t\tAND suspended = 0";
if (!empty($_POST['catkeyword'])) {
$query .= " AND title LIKE '%" . $system->cleanvars($_POST['catkeyword']) . "%'";
}
$query .= " ORDER BY ends ASC LIMIT " . intval($OFFSET) . "," . $system->SETTINGS['perpage'];
$res = mysql_query($query);
$system->check_mysql($res, $query, __LINE__, __FILE__);
// get featured items
$query = "SELECT * FROM " . $DBPrefix . "auctions\n\t\t\tWHERE " . $insql . " starts <= " . $NOW . "\n\t\t\tAND closed = 0\n\t\t\tAND suspended = 0\n\t\t\tAND featured = 'y'";
if (!empty($_POST['catkeyword'])) {
$query .= " AND title LIKE '%" . $system->cleanvars($_POST['catkeyword']) . "%'";
}
$query .= " ORDER BY ends ASC LIMIT " . intval(($PAGE - 1) * 5) . ", 5";
$feat_res = mysql_query($query);
$system->check_mysql($feat_res, $query, __LINE__, __FILE__);
include $include_path . 'browseitems.inc.php';
browseItems($res, $feat_res, $TOTALAUCTIONS, 'browse.php', 'id=' . $id);
$template->assign_vars(array('ID' => $id, 'TOP_HTML' => $TPL_main_value, 'CAT_STRING' => $TPL_categories_string, 'NUM_AUCTIONS' => $TOTALAUCTIONS));
}
include 'header.php';
$template->set_filenames(array('body' => 'browsecats.tpl'));
$template->display('body');
include 'footer.php';
// get number of pages
$PAGES = intval($total / $system->SETTINGS['perpage']);
if ($total % $system->SETTINGS['perpage'] > 0) {
++$PAGES;
}
// get records corresponding to this page
$query = "SELECT au.* FROM " . $DBPrefix . "auctions au\n\t\t\t" . $userjoin . "\n\t\t\tWHERE au.suspended = 0\n\t\t\tAND " . $wher . $ora . "\n\t\t\tau.starts <= " . $NOW . "\n\t\t\tORDER BY " . $by . " LIMIT " . intval($left_limit) . ", " . $system->SETTINGS['perpage'];
$res = mysql_query($query);
$system->check_mysql($res, $query, __LINE__, __FILE__);
// get featured items
$query = "SELECT au.* FROM " . $DBPrefix . "auctions au\n\t\t\t" . $userjoin . "\n\t\t\tWHERE au.suspended = 0\n\t\t\tAND " . $wher . $ora . "\n\t\t\tfeatured = 'y'\n\t\t\tAND\tau.starts <= " . $NOW . "\n\t\t\tORDER BY " . $by . " LIMIT " . intval(($PAGE - 1) * 5) . ", 5";
$feat_res = mysql_query($query);
$system->check_mysql($feat_res, $query, __LINE__, __FILE__);
if (mysql_num_rows($res) > 0) {
include $include_path . 'browseitems.inc.php';
browseItems($res, $feat_res, $total, 'adsearch.php');
include 'header.php';
$template->set_filenames(array('body' => 'asearch_result.tpl'));
$template->display('body');
include 'footer.php';
exit;
} else {
$ERR = $ERR_122;
}
}
// payments
$payment_methods = '';
$query = "SELECT * FROM " . $DBPrefix . "gateways";
$res = mysql_query($query);
$system->check_mysql($res, $query, __LINE__, __FILE__);
$gateways_data = mysql_fetch_assoc($res);
$item_watch = $auc_id[$j] . ' ' . $item_watch;
}
}
$item_watch_new = trim($item_watch);
$query = "UPDATE " . $DBPrefix . "users SET item_watch = :item_watch_new WHERE id = :user_id";
$params = array();
$params[] = array(':item_watch_new', $system->cleanvars($item_watch_new), 'str');
$params[] = array(':user_id', $user->user_data['id'], 'int');
$db->query($query, $params);
$user->user_data['item_watch'] = $item_watch_new;
}
// Show results
$items = trim($user->user_data['item_watch']);
if ($items != '' && $items != null) {
$item = explode(' ', $items);
$itemids = '0';
$total = count($item);
for ($j = 0; $j < $total; $j++) {
$itemids .= ',' . $item[$j];
}
$query = "SELECT * FROM " . $DBPrefix . "auctions WHERE id IN (" . $itemids . ")";
$db->direct_query($query);
$total = $db->numrows();
browseItems($query, $params, '', '', $total, 'item_watch.php');
}
include 'header.php';
$TMP_usmenutitle = $MSG['472'];
include $include_path . 'user_cp.php';
$template->set_filenames(array('body' => 'item_watch.tpl'));
$template->display('body');
include 'footer.php';
} else {
$item_watch = $auc_id[$j] . ' ' . $item_watch;
}
}
$item_watch_new = trim($item_watch);
$query = "UPDATE " . $DBPrefix . "users SET item_watch = '" . $item_watch_new . "' WHERE id = " . $user->user_data['id'];
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
$user->user_data['item_watch'] = $item_watch_new;
}
// Show results
$items = trim($user->user_data['item_watch']);
if ($items != '' && $items != null) {
$item = preg_split('/ /', $items);
$itemids = '0';
$total = count($item);
for ($j = 0; $j < $total; $j++) {
$itemids .= ',' . $item[$j];
}
$query = "SELECT * FROM " . $DBPrefix . "auctions WHERE id IN ({$itemids})";
$result = mysql_query($query);
$system->check_mysql($result, $query, __LINE__, __FILE__);
if (mysql_num_rows($result) > 0) {
browseItems($result, false, $total, 'item_watch.php');
}
}
include 'header.php';
$TMP_usmenutitle = $MSG['472'];
include $include_path . 'user_cp.php';
$template->set_filenames(array('body' => 'item_watch.tpl'));
$template->display('body');
include 'footer.php';
$system->check_mysql($rsl, $qs, __LINE__, __FILE__);
$hash = mysql_fetch_array($rsl);
$total = !$hash[0] ? 1 : (int) $hash[0];
// Handle pagination
$TOTALAUCTIONS = $total;
if (!isset($_GET['PAGE']) || $_GET['PAGE'] == 1) {
$OFFSET = 0;
$PAGE = 1;
} else {
$PAGE = $_REQUEST['PAGE'];
$OFFSET = ($PAGE - 1) * $LIMIT;
}
$PAGES = ceil($TOTALAUCTIONS / $LIMIT);
$qs = "SELECT * FROM " . $DBPrefix . "auctions\r\n\t\t\tWHERE {$insql} starts <= " . $NOW . "\r\n\t\t\tAND closed = 0\r\n\t\t\tAND private = 'n'\r\n\t\t\tAND suspended = 0";
if ($system->SETTINGS['adultonly'] == 'y' && !isset($_SESSION['WEBID_LOGGED_IN'])) {
$qs .= " AND adultonly='n'";
}
if (!empty($_POST['catkeyword'])) {
$qs .= " AND title LIKE '%" . $system->cleanvars($_POST['catkeyword']) . "%'";
}
$qs .= " ORDER BY ends ASC LIMIT " . intval($OFFSET) . "," . intval($LIMIT);
$result = mysql_query($qs);
$system->check_mysql($result, $qs, __LINE__, __FILE__);
include $include_path . "browseitems.inc.php";
browseItems($result, 'browse.php');
$template->assign_vars(array('TOP_HTML' => $TPL_main_value, 'CAT_STRING' => $TPL_categories_string));
}
include "header.php";
$template->set_filenames(array('body' => 'browsecats.html'));
$template->display('body');
include "footer.php";
$res = mysql_query($query);
$system->check_mysql($res, $query, __LINE__, __FILE__);
$hash = mysql_fetch_array($res);
$total = (int) $hash['total'];
/* get number of pages */
$PAGES = (int) ($total / $lines);
if ($total % $lines > 0) {
++$PAGES;
}
/* get records corresponding to this page*/
$query = "SELECT au.* FROM " . $DBPrefix . "auctions au\r\n\t\t\t{$userjoin}\r\n\t\t\tWHERE (au.suspended='0')\r\n\t\t\tAND ({$wher} au.private='n' {$ora})\r\n\t\t\tAND\tau.starts <= " . $NOW . "\r\n\t\t\tORDER BY {$by} LIMIT " . intval($left_limit) . ", " . intval($lines);
$res = mysql_query($query);
$system->check_mysql($res, $query, __LINE__, __FILE__);
if (mysql_num_rows($res) > 0) {
include $include_path . "browseitems.inc.php";
browseItems($res, 'adsearch.php');
include "header.php";
$template->set_filenames(array('body' => 'asearch_result.html'));
$template->display('body');
include "footer.php";
exit;
} else {
$ERR = $ERR_122;
}
}
// -------------------------------------- payment
$qurey = "SELECT * FROM " . $DBPrefix . "payments";
$res = mysql_query($qurey);
$system->check_mysql($res, $qurey, __LINE__, __FILE__);
$num_payments = mysql_num_rows($res);
$TPL_payments_list = '';
