public static function getListingAgentLink($listingID)
 {
     global $conn, $config, $lang;
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     // get the main data for a given listing
     $rawID = $listingID;
     $listingID = $misc->make_db_extra_safe($listingID);
     $sql = "SELECT " . $config['table_prefix'] . "listingsdb.userdb_id FROM {$config['table_prefix']}listingsdb  WHERE listingsdb_id = {$listingID}";
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     // get main listings data
     $display = '';
     while (!$recordSet->EOF) {
         $listing_user_ID = $misc->make_db_unsafe($recordSet->fields['userdb_id']);
         $recordSet->MoveNext();
     }
     // end while
     if ($config['url_style'] == '1') {
         $display .= $config['baseurl'] . '/index.php?action=view_user&user='******' ' . listing_pages::getListingAgentLastName($rawID);
         $url_title = str_replace("/", "", $Title);
         $url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title));
         $display .= $config['baseurl'] . '/agent-' . urlencode($url_title) . '-' . $listing_user_ID . '.html';
     }
     return $display;
 }
 function replace_listing_field_tags($listing_id, $tempate_section = '', $utf8HTML = false)
 {
     global $lang;
     if (is_numeric($listing_id)) {
         global $config, $conn, $or_replace_listing_id, $or_replace_listing_owner;
         $or_replace_listing_id = $listing_id;
         require_once $config['basepath'] . '/include/listing.inc.php';
         require_once $config['basepath'] . '/include/vtour.inc.php';
         require_once $config['basepath'] . '/include/misc.inc.php';
         $misc = new misc();
         if ($tempate_section != '') {
             $tsection = true;
         } else {
             $tempate_section = $this->page;
             $tsection = false;
         }
         if ($utf8HTML) {
             //Deal with listing field blocks
             $lf_blocks = array();
             preg_match_all('/{listing_field_([^{}]*?)_block}/', $tempate_section, $lf_blocks);
             require_once $config['basepath'] . '/include/user.inc.php';
             global $or_replace_listing_owner;
             if (count($lf_blocks) > 1) {
                 foreach ($lf_blocks[1] as $block) {
                     require_once $config['basepath'] . '/include/listing.inc.php';
                     $value = listing_pages::renderSingleListingItem($or_replace_listing_id, $block, 'rawvalue');
                     if ($value == '') {
                         $tempate_section = preg_replace('/{listing_field_' . $block . '_block}(.*?){\\/listing_field_' . $block . '_block}/is', '', $tempate_section);
                     } else {
                         $tempate_section = str_replace('{listing_field_' . $block . '_block}', '', $tempate_section);
                         $tempate_section = str_replace('{/listing_field_' . $block . '_block}', '', $tempate_section);
                     }
                 }
             }
             // Handle Caption Only
             $tempate_section = preg_replace_callback('/{listing_field_([^{}]*?)_caption}/', create_function('$matches', 'global $config,$or_replace_listing_id,$lang;require_once($config[\'basepath\'].\'/include/listing.inc.php\'); return htmlentities(utf8_encode(listing_pages::renderSingleListingItem($or_replace_listing_id, $matches[1],\'caption\')), ENT_QUOTES, \'UTF-8\');'), $tempate_section);
             // Hanle Value Only
             $tempate_section = preg_replace_callback('/{listing_field_([^{}]*?)_value}/', create_function('$matches', 'global $config,$or_replace_listing_id,$lang;require_once($config[\'basepath\'].\'/include/listing.inc.php\'); return htmlentities(utf8_encode(listing_pages::renderSingleListingItem($or_replace_listing_id, $matches[1],\'value\')), ENT_QUOTES, \'UTF-8\');'), $tempate_section);
             // Handle Raw Value
             $tempate_section = preg_replace_callback('/{listing_field_([^{}]*?)_rawvalue}/', create_function('$matches', 'global $config,$or_replace_listing_id,$lang;require_once($config[\'basepath\'].\'/include/listing.inc.php\'); return htmlentities(utf8_encode(listing_pages::renderSingleListingItem($or_replace_listing_id, $matches[1],\'rawvalue\')), ENT_QUOTES, \'UTF-8\');'), $tempate_section);
             // Handle Both Caption and Value
             $tempate_section = preg_replace_callback('/{listing_field_([^{}]*?)}/', create_function('$matches', 'global $config,$or_replace_listing_id,$lang;require_once($config[\'basepath\'].\'/include/listing.inc.php\'); return htmlentities(utf8_encode(listing_pages::renderSingleListingItem($or_replace_listing_id, $matches[1])), ENT_QUOTES, \'UTF-8\');'), $tempate_section);
             $value = htmlentities(utf8_encode(listing_pages::get_title($listing_id)), ENT_QUOTES, 'UTF-8');
             $tempate_section = str_replace('{listing_title}', $value, $tempate_section);
             $value = listing_pages::get_title($listing_id);
             if ($config["controlpanel_mbstring_enabled"] == 1) {
                 if (mb_detect_encoding($value) != 'UTF-8') {
                     $value = utf8_encode($value);
                 }
             }
             $tempate_section = str_replace('{rss_listing_title}', $value, $tempate_section);
             $value = htmlentities(utf8_encode(listing_pages::getListingAgent($listing_id)), ENT_QUOTES, 'UTF-8');
             $tempate_section = str_replace('{listing_agent_name}', $value, $tempate_section);
             $value = htmlentities(utf8_encode(listing_pages::getListingAgentFirstName($listing_id)), ENT_QUOTES, 'UTF-8');
             $tempate_section = str_replace('{listing_agent_first_name}', $value, $tempate_section);
             $value = htmlentities(utf8_encode(listing_pages::getListingAgentLastName($listing_id)), ENT_QUOTES, 'UTF-8');
             $tempate_section = str_replace('{listing_agent_last_name}', $value, $tempate_section);
             $value = htmlentities(utf8_encode(listing_pages::getListingAgentLink($listing_id)), ENT_QUOTES, 'UTF-8');
             $tempate_section = str_replace('{listing_agent_link}', $value, $tempate_section);
             $value = htmlentities(utf8_encode(listing_pages::get_pclass($listing_id)), ENT_QUOTES, 'UTF-8');
             $tempate_section = str_replace('{listing_pclass}', $value, $tempate_section);
             $value = htmlentities(utf8_encode(listing_pages::getAgentListingsLink($listing_id)), ENT_QUOTES, 'UTF-8');
             $tempate_section = str_replace('{listing_agent_listings}', $value, $tempate_section);
             $value = htmlentities(utf8_encode(listing_pages::getListingAgentID($listing_id)), ENT_QUOTES, 'UTF-8');
             $tempate_section = str_replace('{listing_agent_id}', $value, $tempate_section);
             // Get listing owner
             $owner_sql = 'SELECT userdb_id FROM ' . $config['table_prefix'] . 'listingsdb WHERE (listingsdb_id = ' . $or_replace_listing_id . ')';
             $recordSet = $conn->execute($owner_sql);
             $or_replace_listing_owner = $recordSet->fields['userdb_id'];
             //New listing_agent_field_****_block tag handler for 2.4.1
             $laf_blocks = array();
             preg_match_all('/{listing_agent_field_([^{}]*?)_block}/', $tempate_section, $laf_blocks);
             require_once $config['basepath'] . '/include/user.inc.php';
             global $or_replace_listing_owner;
             if (count($laf_blocks) > 1) {
                 foreach ($laf_blocks[1] as $block) {
                     $value = user::renderSingleListingItem($or_replace_listing_owner, $block, 'rawvalue');
                     if ($value == '') {
                         $tempate_section = preg_replace('/{listing_agent_field_' . $block . '_block}(.*?){\\/listing_agent_field_' . $block . '_block}/is', '', $tempate_section);
                     } else {
                         $tempate_section = str_replace('{listing_agent_field_' . $block . '_block}', '', $tempate_section);
                         $tempate_section = str_replace('{/listing_agent_field_' . $block . '_block}', '', $tempate_section);
                     }
                 }
             }
             // Replace listing_agent tags
             // Handle Caption Only
             $tempate_section = preg_replace_callback('/{listing_agent_field_([^{}]*?)_caption}/', create_function('$matches', 'global $config,$or_replace_listing_owner,$lang;require_once($config[\'basepath\'].\'/include/user.inc.php\'); return htmlentities(utf8_encode(user::renderSingleListingItem($or_replace_listing_owner, $matches[1],\'caption\')), ENT_QUOTES, \'UTF-8\');'), $tempate_section);
             // Hanle Value Only
             $tempate_section = preg_replace_callback('/{listing_agent_field_([^{}]*?)_value}/', create_function('$matches', 'global $config,$or_replace_listing_owner,$lang;require_once($config[\'basepath\'].\'/include/user.inc.php\'); return htmlentities(utf8_encode(user::renderSingleListingItem($or_replace_listing_owner, $matches[1],\'value\')), ENT_QUOTES, \'UTF-8\');'), $tempate_section);
             // Handle Raw Value
             $tempate_section = preg_replace_callback('/{listing_agent_field_([^{}]*?)_rawvalue}/', create_function('$matches', 'global $config,$or_replace_listing_owner,$lang;require_once($config[\'basepath\'].\'/include/user.inc.php\'); return htmlentities(utf8_encode(user::renderSingleListingItem($or_replace_listing_owner, $matches[1],\'rawvalue\')), ENT_QUOTES, \'UTF-8\');'), $tempate_section);
             // Handle Both Caption and Value
             $tempate_section = preg_replace_callback('/{listing_agent_field_([^{}]*?)}/', create_function('$matches', 'global $config,$or_replace_listing_owner,$lang;require_once($config[\'basepath\'].\'/include/user.inc.php\'); return htmlentities(utf8_encode(user::renderSingleListingItem($or_replace_listing_owner, $matches[1])), ENT_QUOTES, \'UTF-8\');'), $tempate_section);
         } else {
             //Deal with listing field blocks
             $lf_blocks = array();
             preg_match_all('/{listing_field_([^{}]*?)_block}/', $tempate_section, $lf_blocks);
             require_once $config['basepath'] . '/include/user.inc.php';
             global $or_replace_listing_owner;
             if (count($lf_blocks) > 1) {
                 foreach ($lf_blocks[1] as $block) {
                     require_once $config['basepath'] . '/include/listing.inc.php';
                     $value = listing_pages::renderSingleListingItem($or_replace_listing_id, $block, 'rawvalue');
                     if ($value == '') {
                         $tempate_section = preg_replace('/{listing_field_' . $block . '_block}(.*?){\\/listing_field_' . $block . '_block}/is', '', $tempate_section);
                     } else {
                         $tempate_section = str_replace('{listing_field_' . $block . '_block}', '', $tempate_section);
                         $tempate_section = str_replace('{/listing_field_' . $block . '_block}', '', $tempate_section);
                     }
                 }
             }
             // Handle Caption Only
             $tempate_section = preg_replace_callback('/{listing_field_([^{}]*?)_caption}/', create_function('$matches', 'global $config,$or_replace_listing_id,$lang;require_once($config[\'basepath\'].\'/include/listing.inc.php\'); return listing_pages::renderSingleListingItem($or_replace_listing_id, $matches[1],\'caption\');'), $tempate_section);
             // Hanle Value Only
             $tempate_section = preg_replace_callback('/{listing_field_([^{}]*?)_value}/', create_function('$matches', 'global $config,$or_replace_listing_id,$lang;require_once($config[\'basepath\'].\'/include/listing.inc.php\'); return listing_pages::renderSingleListingItem($or_replace_listing_id, $matches[1],\'value\');'), $tempate_section);
             // Handle Raw Value
             $tempate_section = preg_replace_callback('/{listing_field_([^{}]*?)_rawvalue}/', create_function('$matches', 'global $config,$or_replace_listing_id,$lang;require_once($config[\'basepath\'].\'/include/listing.inc.php\'); return listing_pages::renderSingleListingItem($or_replace_listing_id, $matches[1],\'rawvalue\');'), $tempate_section);
             // Handle Both Caption and Value
             $tempate_section = preg_replace_callback('/{listing_field_([^{}]*?)}/', create_function('$matches', 'global $config,$or_replace_listing_id,$lang;require_once($config[\'basepath\'].\'/include/listing.inc.php\'); return listing_pages::renderSingleListingItem($or_replace_listing_id, $matches[1]);'), $tempate_section);
             $value = listing_pages::get_title($listing_id);
             $tempate_section = str_replace('{listing_title}', $value, $tempate_section);
             $value = listing_pages::getListingAgent($listing_id);
             $tempate_section = str_replace('{listing_agent_name}', $value, $tempate_section);
             $value = listing_pages::getListingAgentFirstName($listing_id);
             $tempate_section = str_replace('{listing_agent_first_name}', $value, $tempate_section);
             $value = listing_pages::getListingAgentLastName($listing_id);
             $tempate_section = str_replace('{listing_agent_last_name}', $value, $tempate_section);
             $value = listing_pages::getListingAgentLink($listing_id);
             $tempate_section = str_replace('{listing_agent_link}', $value, $tempate_section);
             $value = listing_pages::get_pclass($listing_id);
             $tempate_section = str_replace('{listing_pclass}', $value, $tempate_section);
             $value = listing_pages::getAgentListingsLink($listing_id);
             $tempate_section = str_replace('{listing_agent_listings}', $value, $tempate_section);
             $value = listing_pages::getListingAgentID($listing_id);
             $tempate_section = str_replace('{listing_agent_id}', $value, $tempate_section);
             // Get listing owner
             $owner_sql = 'SELECT userdb_id FROM ' . $config['table_prefix'] . 'listingsdb WHERE (listingsdb_id = ' . $or_replace_listing_id . ')';
             $recordSet = $conn->execute($owner_sql);
             $or_replace_listing_owner = $recordSet->fields['userdb_id'];
             $laf_blocks = array();
             preg_match_all('/{listing_agent_field_([^{}]*?)_block}/', $tempate_section, $laf_blocks);
             require_once $config['basepath'] . '/include/user.inc.php';
             global $or_replace_listing_owner;
             if (count($laf_blocks) > 1) {
                 foreach ($laf_blocks[1] as $block) {
                     $value = user::renderSingleListingItem($or_replace_listing_owner, $block, 'rawvalue');
                     if ($value == '') {
                         $tempate_section = preg_replace('/{listing_agent_field_' . $block . '_block}(.*?){\\/listing_agent_field_' . $block . '_block}/is', '', $tempate_section);
                     } else {
                         $tempate_section = str_replace('{listing_agent_field_' . $block . '_block}', '', $tempate_section);
                         $tempate_section = str_replace('{/listing_agent_field_' . $block . '_block}', '', $tempate_section);
                     }
                 }
             }
             // Replace listing_agent tags
             // Handle Caption Only
             $tempate_section = preg_replace_callback('/{listing_agent_field_([^{}]*?)_caption}/', create_function('$matches', 'global $config,$or_replace_listing_owner,$lang;require_once($config[\'basepath\'].\'/include/user.inc.php\'); return user::renderSingleListingItem($or_replace_listing_owner, $matches[1],\'caption\');'), $tempate_section);
             // Hanle Value Only
             $tempate_section = preg_replace_callback('/{listing_agent_field_([^{}]*?)_value}/', create_function('$matches', 'global $config,$or_replace_listing_owner,$lang;require_once($config[\'basepath\'].\'/include/user.inc.php\'); return user::renderSingleListingItem($or_replace_listing_owner, $matches[1],\'value\');'), $tempate_section);
             // Handle Raw Value
             $tempate_section = preg_replace_callback('/{listing_agent_field_([^{}]*?)_rawvalue}/', create_function('$matches', 'global $config,$or_replace_listing_owner,$lang;require_once($config[\'basepath\'].\'/include/user.inc.php\'); return user::renderSingleListingItem($or_replace_listing_owner, $matches[1],\'rawvalue\');'), $tempate_section);
             // Handle Both Caption and Value
             $tempate_section = preg_replace_callback('/{listing_agent_field_([^{}]*?)}/', create_function('$matches', 'global $config,$or_replace_listing_owner,$lang;require_once($config[\'basepath\'].\'/include/user.inc.php\'); return user::renderSingleListingItem($or_replace_listing_owner, $matches[1]);'), $tempate_section);
         }
         // Listing Images
         $sql2 = "SELECT listingsdb_title FROM " . $config['table_prefix'] . "listingsdb WHERE listingsdb_id = {$listing_id}";
         $recordSet2 = $conn->Execute($sql2);
         if (!$recordSet2) {
             $misc->log_error($sql2);
         }
         $Title = $misc->make_db_unsafe($recordSet2->fields['listingsdb_title']);
         if ($config['url_style'] == '1') {
             $url = '<a href="index.php?action=listingview&amp;listingID=' . $listing_id . '">';
             $fullurl = '<a href="' . $config["baseurl"] . '/index.php?action=listingview&amp;listingID=' . $listing_id . '">';
             // Listing Link
             $tempate_section = str_replace('{link_to_listing}', 'index.php?action=listingview&amp;listingID=' . $listing_id, $tempate_section);
             $tempate_section = str_replace('{fulllink_to_listing}', $config['baseurl'] . '/index.php?action=listingview&amp;listingID=' . $listing_id, $tempate_section);
         } else {
             $url_title = str_replace("/", "", $Title);
             $url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title));
             $url = '<a href="listing-' . misc::urlencode_to_sef($url_title) . '-' . $listing_id . '.html">';
             $fullurl = '<a href="' . $config["baseurl"] . '/listing-' . misc::urlencode_to_sef($url_title) . '-' . $listing_id . '.html">';
             // Listing Link
             $tempate_section = str_replace('{link_to_listing}', 'listing-' . misc::urlencode_to_sef($url_title) . '-' . $listing_id . '.html', $tempate_section);
             $tempate_section = str_replace('{fulllink_to_listing}', '' . $config["baseurl"] . '/listing-' . misc::urlencode_to_sef($url_title) . '-' . $listing_id . '.html', $tempate_section);
         }
         // grab the listing's image
         $sql2 = "SELECT listingsimages_id, listingsimages_caption, listingsimages_thumb_file_name, listingsimages_file_name FROM " . $config['table_prefix'] . "listingsimages WHERE listingsdb_id = {$listing_id} ORDER BY listingsimages_rank";
         $recordSet2 = $conn->Execute($sql2);
         if (!$recordSet2) {
             $misc->log_error($sql2);
         }
         $num_images = $recordSet2->RecordCount();
         if ($num_images == 0) {
             if ($config['show_no_photo'] == 1) {
                 $listing_image = $url . '<img src="' . $config["baseurl"] . '/images/nophoto.gif" alt="' . $lang['no_photo'] . '" /></a>';
                 $listing_image_full = $fullurl . '<img src="' . $config["baseurl"] . '/images/nophoto.gif" alt="' . $lang['no_photo'] . '" /></a>';
                 if ($_GET['action'] == 'listingview') {
                     $listing_image = '<img src="' . $config["baseurl"] . '/images/nophoto.gif" alt="' . $lang['no_photo'] . '" />';
                     $listing_image_full = '<img src="' . $config["baseurl"] . '/images/nophoto.gif" alt="' . $lang['no_photo'] . '" />';
                 }
                 $tempate_section = str_replace('{raw_image_thumb_1}', $config['baseurl'] . '/images/nophoto.gif', $tempate_section);
             } else {
                 $listing_image = '';
                 $tempate_section = str_replace('{raw_image_thumb_1}', '', $tempate_section);
             }
             $tempate_section = str_replace('{image_thumb_1}', $listing_image, $tempate_section);
             $tempate_section = str_replace('{image_thumb_fullurl_1}', $listing_image, $tempate_section);
         }
         $x = 1;
         while (!$recordSet2->EOF) {
             //if we're already on the listing then make the urls goto the view image
             $listingsimages_id = $misc->make_db_unsafe($recordSet2->fields['listingsimages_id']);
             $image_caption = $misc->make_db_unsafe($recordSet2->fields['listingsimages_caption']);
             $thumb_file_name = $misc->make_db_unsafe($recordSet2->fields['listingsimages_thumb_file_name']);
             $full_file_name = $misc->make_db_unsafe($recordSet2->fields['listingsimages_file_name']);
             if ($_GET['action'] == 'listingview') {
                 if ($config['url_style'] == '1') {
                     $url = '<a href="index.php?action=view_listing_image&amp;image_id=' . $listingsimages_id . '">';
                     $fullurl = '<a href="' . $config["baseurl"] . '/index.php?action=view_listing_image&amp;image_id=' . $listingsimages_id . '">';
                 } else {
                     $url = '<a href="listing_image_' . $listingsimages_id . '.html">';
                     $fullurl = '<a href="' . $config["baseurl"] . '/listing_image_' . $listingsimages_id . '.html">';
                 }
             }
             if ($thumb_file_name != "" && file_exists("{$config['listings_upload_path']}/{$thumb_file_name}")) {
                 // Full Image Sizes
                 $imagedata = GetImageSize("{$config['listings_upload_path']}/{$full_file_name}");
                 $imagewidth = $imagedata[0];
                 $imageheight = $imagedata[1];
                 $max_width = $config['main_image_width'];
                 $max_height = $config['main_image_height'];
                 $resize_by = $config['resize_by'];
                 $shrinkage = 1;
                 if ($max_width == $imagewidth || $max_height == $imageheight) {
                     $display_width = $imagewidth;
                     $display_height = $imageheight;
                 } else {
                     if ($resize_by == 'width') {
                         $shrinkage = $imagewidth / $max_width;
                         $display_width = $max_width;
                         $display_height = round($imageheight / $shrinkage);
                     } elseif ($resize_by == 'height') {
                         $shrinkage = $imageheight / $max_height;
                         $display_height = $max_height;
                         $display_width = round($imagewidth / $shrinkage);
                     } elseif ($resize_by == 'both') {
                         $display_width = $max_width;
                         $display_height = $max_height;
                     } elseif ($resize_by == 'bestfit') {
                         $shrinkage_width = $imagewidth / $max_width;
                         $shrinkage_height = $imageheight / $max_height;
                         $shrinkage = max($shrinkage_width, $shrinkage_height);
                         $display_height = round($imageheight / $shrinkage);
                         $display_width = round($imagewidth / $shrinkage);
                     }
                 }
                 // Thumbnail Image Sizes
                 $thumb_imagedata = GetImageSize("{$config['listings_upload_path']}/{$thumb_file_name}");
                 $thumb_imagewidth = $thumb_imagedata[0];
                 $thumb_imageheight = $thumb_imagedata[1];
                 $thumb_max_width = $config['thumbnail_width'];
                 $thumb_max_height = $config['thumbnail_height'];
                 $resize_thumb_by = $config['resize_thumb_by'];
                 $shrinkage = 1;
                 if ($thumb_max_width == $thumb_imagewidth || $thumb_max_height == $thumb_imageheight) {
                     $thumb_displaywidth = $thumb_imagewidth;
                     $thumb_displayheight = $thumb_imageheight;
                 } else {
                     if ($resize_thumb_by == 'width') {
                         $shrinkage = $thumb_imagewidth / $thumb_max_width;
                         $thumb_displaywidth = $thumb_max_width;
                         $thumb_displayheight = round($thumb_imageheight / $shrinkage);
                     } elseif ($resize_thumb_by == 'height') {
                         $shrinkage = $thumb_imageheight / $thumb_max_height;
                         $thumb_displayheight = $thumb_max_height;
                         $thumb_displaywidth = round($thumb_imagewidth / $shrinkage);
                     } elseif ($resize_thumb_by == 'both') {
                         $thumb_displayheight = $thumb_max_height;
                         $thumb_displaywidth = $thumb_max_width;
                     }
                 }
                 $listing_image = $url . '<img src="' . $config['listings_view_images_path'] . '/' . $thumb_file_name . '" height="' . $thumb_displayheight . '" width="' . $thumb_displaywidth . '" alt="' . $image_caption . '" /></a>';
                 $listing_image_full = $url . '<img src="' . $config['listings_view_images_path'] . '/' . $full_file_name . '" height="' . $display_height . '" width="' . $display_width . '" alt="' . $image_caption . '" /></a>';
                 $listing_image_fullurl = $fullurl . '<img src="' . $config['listings_view_images_path'] . '/' . $thumb_file_name . '" height="' . $thumb_displayheight . '" width="' . $thumb_displaywidth . '" alt="' . $image_caption . '" /></a>';
                 $listing_image_full_fullurl = $fullurl . '<img src="' . $config['listings_view_images_path'] . '/' . $full_file_name . '" height="' . $display_height . '" width="' . $display_width . '" alt="' . $image_caption . '" /></a>';
                 $tempate_section = str_replace('{image_thumb_' . $x . '}', $listing_image, $tempate_section);
                 $tempate_section = str_replace('{raw_image_thumb_' . $x . '}', $config['listings_view_images_path'] . '/' . $thumb_file_name, $tempate_section);
                 $tempate_section = str_replace('{image_thumb_fullurl_' . $x . '}', $listing_image_fullurl, $tempate_section);
                 //Full Image tags
                 $tempate_section = str_replace('{image_full_' . $x . '}', $listing_image_full, $tempate_section);
                 $tempate_section = str_replace('{raw_image_full_' . $x . '}', $config['listings_view_images_path'] . '/' . $full_file_name, $tempate_section);
                 $tempate_section = str_replace('{image_full_fullurl_' . $x . '}', $listing_image_full_fullurl, $tempate_section);
             } else {
                 if ($config['show_no_photo'] == 1) {
                     $listing_image = $url . '<img src="' . $config["baseurl"] . '/images/nophoto.gif" alt="' . $lang['no_photo'] . '" /></a>';
                     $listing_image_fullurl = $fullurl . '<img src="' . $config["baseurl"] . '/images/nophoto.gif" alt="' . $lang['no_photo'] . '" /></a>';
                     $tempate_section = str_replace('{raw_image_thumb_' . $x . '}', $config['baseurl'] . '/images/nophoto.gif', $tempate_section);
                 } else {
                     $listing_image = '';
                     $tempate_section = str_replace('{raw_image_thumb_' . $x . '}', '', $tempate_section);
                 }
                 $tempate_section = str_replace('{image_thumb_' . $x . '}', $listing_image, $tempate_section);
                 $tempate_section = str_replace('{image_thumb_fullurl_' . $x . '}', $listing_image_fullurl, $tempate_section);
                 $tempate_section = str_replace('{image_full_' . $x . '}', '', $tempate_section);
                 $tempate_section = str_replace('{raw_image_full_' . $x . '}', '', $tempate_section);
                 $tempate_section = str_replace('{image_full_fullurl_' . $x . '}', '', $tempate_section);
             }
             // We have the image so insert it into the section.
             $x++;
             $recordSet2->MoveNext();
         }
         // end while
         // End Listing Images
         $value = array();
         $value = listing_pages::getListingAgentThumbnail($listing_id);
         $x = 0;
         foreach ($value as $y) {
             $tempate_section = str_replace('{listing_agent_thumbnail_' . $x . '}', $y, $tempate_section);
             $x++;
         }
         $tempate_section = preg_replace('/{listing_agent_thumbnail_([^{}]*?)}/', '', $tempate_section);
         // End of Listing Tag Replacement
         if ($tsection === true) {
             return $tempate_section;
         } else {
             $this->page = $tempate_section;
         }
     }
 }
 function add_listing()
 {
     @set_time_limit(1500);
     global $conn, $lang, $config;
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     require_once $config['basepath'] . '/include/forms.inc.php';
     $forms = new forms();
     require_once $config['basepath'] . '/include/listing.inc.php';
     $listing = new listing_pages();
     $display = '';
     $display .= '<span class="section_header">' . $lang['admin_menu_add_a_listing'] . '</span>';
     if (isset($_POST['action']) && $_POST['action'] == "create_new_listing") {
         // Check Number of Listings User has
         if (isset($_POST['or_owner'])) {
             $or_owner = $misc->make_db_safe($_POST['or_owner']);
             $sql = 'SELECT count(listingsdb_id) as listing_count FROM ' . $config['table_prefix'] . 'listingsdb WHERE userdb_id = ' . $or_owner;
         } else {
             $sql = 'SELECT count(listingsdb_id) as listing_count FROM ' . $config['table_prefix'] . 'listingsdb WHERE userdb_id = ' . $_SESSION['userID'];
         }
         $recordSet = $conn->Execute($sql);
         if ($recordSet === false) {
             $misc->log_error($sql);
         }
         $listing_count = $recordSet->fields['listing_count'];
         // Get User Listing Limit
         if (isset($_POST['or_owner'])) {
             $or_owner = $misc->make_db_safe($_POST['or_owner']);
             $sql = 'SELECT userdb_limit_listings FROM ' . $config['table_prefix'] . 'userdb WHERE userdb_id = ' . $or_owner;
         } else {
             $sql = 'SELECT userdb_limit_listings FROM ' . $config['table_prefix'] . 'userdb WHERE userdb_id = ' . $_SESSION['userID'];
         }
         $recordSet = $conn->Execute($sql);
         if ($recordSet === false) {
             $misc->log_error($sql);
         }
         $listing_limit = $recordSet->fields['userdb_limit_listings'];
         //Ok Decide if user can have more listings
         if ($listing_count >= $listing_limit && $listing_limit != '-1') {
             $display .= '<br />';
             $display .= '<!-- ' . $listing_count . ' >= ' . $listing_limit . ' -->';
             $display .= $lang['admin_listing_limit_reached'];
         } else {
             // creates a new listing
             if ($_POST['title'] == "") {
                 $display .= "<p>{$lang['admin_new_listing_enter_a_title']}</p>";
                 $display .= "<form><input type=\"button\" value=\"{$lang['back_button_text']}\" onclick=\"history.back()\" /></form>";
             } else {
                 $pass_the_form = $forms->validateForm('listingsformelements', $_POST['property_class']);
                 if ($pass_the_form != "Yes") {
                     // if we're not going to pass it, tell that they forgot to fill in one of the fields
                     foreach ($pass_the_form as $k => $v) {
                         if ($v == 'REQUIRED') {
                             $display .= "<p class=\"redtext\">{$k}: {$lang['required_fields_not_filled']}</p>";
                         }
                         if ($v == 'TYPE') {
                             $display .= "<p class=\"redtext\">{$k}: {$lang['field_type_does_not_match']}</p>";
                         }
                     }
                     $display .= "<form><input type=\"button\" value=\"{$lang['back_button_text']}\" onclick=\"history.back()\" /></form>";
                 } else {
                     $title = $misc->make_db_safe($_POST['title']);
                     $notes = $misc->make_db_safe($_POST['notes']);
                     $mlsexport = $misc->make_db_safe($_POST['mlsexport']);
                     if (isset($_POST['or_owner'])) {
                         $new_listing_owner = $_POST['or_owner'];
                         $sql_new_listing_owner = $misc->make_db_safe($_POST['or_owner']);
                     } else {
                         $new_listing_owner = $_SESSION['userID'];
                         $sql_new_listing_owner = $misc->make_db_safe($_SESSION['userID']);
                     }
                     // check to see if moderation is turned on...
                     if ($config['moderate_listings'] == false) {
                         $set_active = "yes";
                     } else {
                         $set_active = "no";
                     }
                     if (isset($_POST['active'])) {
                         $set_active = $_POST['active'];
                     }
                     // create the account with the random number as the password
                     $expiration_date = mktime(0, 0, 0, date("m"), date("d") + $config['days_until_listings_expire'], date("Y"));
                     $sql = "INSERT INTO " . $config['table_prefix'] . "listingsdb (listingsdb_title, listingsdb_notes, userdb_id, listingsdb_active, listingsdb_mlsexport, listingsdb_creation_date, listingsdb_last_modified, listingsdb_expiration, listingsdb_hit_count, listingsdb_featured) VALUES ({$title}, {$notes},  {$sql_new_listing_owner}, '{$set_active}', {$mlsexport}, " . $conn->DBDate(time()) . "," . $conn->DBTimeStamp(time()) . "," . $conn->DBDate($expiration_date) . ",0,'no')";
                     $recordSet = $conn->Execute($sql);
                     if ($recordSet === false) {
                         $misc->log_error($sql);
                     } else {
                         $new_listing_id = $conn->Insert_ID();
                     }
                     // end while
                     // Add Listing to the property class system.
                     foreach ($_POST['property_class'] as $class_id) {
                         $sql = 'INSERT INTO ' . $config['table_prefix_no_lang'] . 'classlistingsdb (listingsdb_id, class_id) VALUES(' . $new_listing_id . ',' . $class_id . ')';
                         $recordSet = $conn->Execute($sql);
                         if ($recordSet === false) {
                             $misc->log_error($sql);
                         }
                     }
                     // now that that's taken care of, it's time to insert all the rest
                     // of the variables into the database
                     $message = listing_editor::updateListingsData($new_listing_id, $new_listing_owner);
                     if ($message == "success") {
                         $display .= "<p>{$lang['admin_new_listing_created']}, {$_SESSION['username']}</p>";
                         if ($config['moderate_listings'] === "1") {
                             // if moderation is turned on...
                             $display .= "<p>{$lang['admin_new_listing_moderated']}</p>";
                         }
                         if (isset($_POST['or_owner'])) {
                             $display .= "<p><a href=\"index.php?action=edit_listings&amp;edit={$new_listing_id}\">{$lang['you_may_now_edit_the_listing']}</a></p>";
                         } else {
                             $display .= "<p><a href=\"index.php?action=edit_my_listings&amp;edit={$new_listing_id}\">{$lang['you_may_now_edit_your_listing']}</a></p>";
                         }
                         $display .= "<br /><p>{$lang['admin_additional_steps']}</p>";
                         $display .= '<form action="index.php?action=edit_listing_images" method="post" name="edit_listing_images"><input type="hidden" name="edit" value="' . $new_listing_id . '" /><a href="javascript:document.edit_listing_images.submit()">' . $lang['upload_images'] . '</a></form>';
                         $display .= '<br />';
                         if ($_SESSION['admin_privs'] == "yes" || $_SESSION['havevtours'] == "yes") {
                             $display .= '<form action="index.php?action=edit_vtour_images" method="post" name="edit_vtour_images"><input type="hidden" name="edit" value="' . $new_listing_id . '" /><a href="javascript:document.edit_vtour_images.submit()">' . $lang['upload_vtours'] . '</a></form>';
                             $display .= '<br />';
                         }
                         if ($_SESSION['admin_privs'] == "yes" || $_SESSION['havefiles'] == "yes") {
                             $display .= '<form action="index.php?action=edit_listing_files" method="post" name="edit_listing_files"><input type="hidden" name="edit" value="' . $new_listing_id . '" /><a href="javascript:document.edit_listing_files.submit()">' . $lang['upload_files'] . '</a></form>';
                             $display .= '<br />';
                         }
                         $misc->log_action("{$lang['log_created_listing']} {$new_listing_id}");
                         if ($config['email_notification_of_new_listings'] === "1") {
                             // if the site admin should be notified when a new listing is added
                             global $config, $lang;
                             $agent_email = $listing->getListingEmail($new_listing_id, true);
                             $agent_first_name = $listing->getListingAgentFirstName($new_listing_id);
                             $agent_last_name = $listing->getListingAgentLastName($new_listing_id);
                             $message = $_SERVER['REMOTE_ADDR'] . " -- " . date("F j, Y, g:i:s a") . "\r\n\r\n{$lang['admin_new_listing']}:\r\n{$config['baseurl']}/admin/index.php?action=edit_listings&edit={$new_listing_id}\r\n";
                             $header = "From: " . $agent_first_name . " " . $agent_last_name . " <" . $agent_email . ">\r\n";
                             $header .= "X-Sender: {$config['admin_email']}\r\n";
                             $header .= "Return-Path: {$config['admin_email']}\r\n";
                             $sent = $misc->send_email($agent_first_name . " " . $agent_last_name, $agent_email, $config['admin_email'], $message, $lang['admin_new_listing']);
                         }
                         // end if
                     } else {
                         $display .= "<p>{$lang['alert_site_admin']}</p>";
                     }
                     // end else
                 }
                 // end $pass_the_form == "Yes"
             }
             // end else
         }
         //End if (($listing_count >= $listing_limit) && ($listing_limit !== -1))
     } else {
         // Check Number of Listings User has
         $sql = 'SELECT count(listingsdb_id) FROM ' . $config['table_prefix'] . 'listingsdb WHERE userdb_id = ' . $_SESSION['userID'];
         $recordSet = $conn->Execute($sql);
         if ($recordSet === false) {
             $misc->log_error($sql);
         }
         $listing_count = $recordSet->fields[0];
         // Get User Listing Limit
         $sql = 'SELECT userdb_limit_listings FROM ' . $config['table_prefix'] . 'userdb WHERE userdb_id = ' . $_SESSION['userID'];
         $recordSet = $conn->Execute($sql);
         if ($recordSet === false) {
             $misc->log_error($sql);
         }
         $listing_limit = $recordSet->fields[0];
         $display .= '<!-- ' . $listing_count . ' >= ' . $listing_limit . ' -->';
         if ($listing_count >= $listing_limit && $listing_limit !== '-1') {
             $display .= '<br />';
             $display .= $lang['admin_listing_limit_reached'];
         } else {
             //START FORM VALIDATION
             if (isset($_POST['property_class'])) {
                 $class_sql = '';
                 foreach ($_POST['property_class'] as $class_id) {
                     if (empty($class_sql)) {
                         $class_sql .= ' class_id = ' . $class_id;
                     } else {
                         $class_sql .= ' OR class_id = ' . $class_id;
                     }
                     $display .= '<input type="hidden" name="property_class[]" value="' . $class_id . '" />';
                 }
                 $pclass_list = '';
                 $sql = "SELECT DISTINCT(listingsformelements_id) FROM  " . $config['table_prefix_no_lang'] . "classformelements WHERE " . $class_sql;
                 $recordSet = $conn->execute($sql);
                 if ($recordSet === false) {
                     $misc->log_error($sql);
                 }
                 while (!$recordSet->EOF) {
                     if (empty($pclass_list)) {
                         $pclass_list .= $recordSet->fields['listingsformelements_id'];
                     } else {
                         $pclass_list .= ',' . $recordSet->fields['listingsformelements_id'];
                     }
                     $recordSet->Movenext();
                 }
                 if ($pclass_list == '') {
                     $pclass_list = 0;
                 }
                 $sql = "SELECT listingsformelements_field_type, listingsformelements_field_name, listingsformelements_field_caption, listingsformelements_default_text, listingsformelements_field_elements, listingsformelements_required, listingsformelements_field_length, listingsformelements_tool_tip from " . $config['table_prefix'] . "listingsformelements WHERE listingsformelements_id IN (" . $pclass_list . ") ORDER BY listingsformelements_rank, listingsformelements_field_name";
             } else {
                 $sql = "SELECT listingsformelements_field_type, listingsformelements_field_name, listingsformelements_field_caption, listingsformelements_default_text, listingsformelements_field_elements, listingsformelements_required, listingsformelements_field_length, listingsformelements_tool_tip from " . $config['table_prefix'] . "listingsformelements ORDER BY listingsformelements_rank, listingsformelements_field_name";
             }
             $recordSet = $conn->Execute($sql);
             if ($recordSet === false) {
                 $misc->log_error($sql);
             }
             $display .= "\r\n<script type=\"text/javascript\" >\r\n";
             $display .= "<!--\r\n";
             $display .= "function validate_form()\r\n";
             $display .= "{\r\n";
             $display .= "var msg=\"\"\r\n";
             $display .= "valid = true;\r\n";
             $display .= "if ( document.addlisting.title.value == \"\" )\r\n";
             $display .= "{\r\n";
             $display .= "msg += '{$lang['forgot_field']} {$lang['admin_listings_editor_title']} {$lang['admin_template_editor_field']}.\\r\\n';\r\n";
             $display .= "valid = false;\r\n";
             $display .= "}\r\n";
             while (!$recordSet->EOF) {
                 $field_name = $recordSet->fields['listingsformelements_field_name'];
                 $field_caption = $recordSet->fields['listingsformelements_field_caption'];
                 $required = $recordSet->fields['listingsformelements_required'];
                 if ($required == 'Yes') {
                     $display .= "if ( document.addlisting.{$field_name}.value == \"\" )\r\n";
                     $display .= "{\r\n";
                     $display .= "msg += '{$lang['forgot_field']} {$field_caption} {$lang['admin_template_editor_field']}.\\r\\n';\r\n";
                     $display .= "valid = false;\r\n";
                     $display .= "}\r\n";
                 }
                 $recordSet->MoveNext();
             }
             $display .= "if (msg != \"\")\r\n";
             $display .= "{\r\n";
             $display .= "alert (msg);";
             $display .= "}\r\n";
             $display .= "return valid;\r\n";
             $display .= "}\r\n";
             $display .= "//-->\r\n";
             $display .= "</script>\r\n";
             //END FORM VALIDATION
             $display .= '<form name="addlisting" action="index.php?action=add_listing" method="post" onsubmit="return validate_form ( );">';
             $display .= '<input type="hidden" name="action" value="create_new_listing" />';
             $display .= '<table class="form_main">';
             $display .= '<tr>';
             $display .= '<td align="right" class="row_main"><b>' . $lang['admin_listings_editor_title'] . '<span class="required">*</span></b></td>';
             $display .= '<td align="left" class="row_main"> <input type="text" name="title" /></td>';
             $display .= '</tr>';
             // Display Agent selection Option to assign listing
             if ($_SESSION['admin_privs'] == "yes" || $_SESSION['edit_all_listings'] == "yes") {
                 $display .= '<tr><td align="right"><b>' . $lang['listing_editor_listing_agent'] . ':</b></td>';
                 $display .= '<td align="left" class="row_main"><select name="or_owner" size="1">';
                 // find the name of the agent listed as ID in $edit_or_owner
                 $sql = "SELECT userdb_user_first_name, userdb_user_last_name FROM " . $config['table_prefix'] . "userdb WHERE (userdb_id = {$_SESSION['userID']})";
                 $ADODB_FETCH_MODE = ADODB_FETCH_ASSOC;
                 $recordSet = $conn->Execute($sql);
                 if ($recordSet === false) {
                     $misc->log_error($sql);
                 }
                 // strip slashes so input appears correctly
                 $agent_first_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_first_name']);
                 $agent_last_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_last_name']);
                 if ($_SESSION['admin_privs'] != "yes") {
                     $display .= "<option value=\"{$_SESSION['userID']}\">{$agent_last_name},{$agent_first_name}</option>";
                 }
                 // fill list with names of all agents
                 $sql = "SELECT userdb_id, userdb_user_first_name, userdb_user_last_name FROM " . $config['table_prefix'] . "userdb where userdb_is_agent = 'yes' or userdb_is_admin = 'yes' ORDER BY userdb_user_last_name,userdb_user_first_name";
                 $ADODB_FETCH_MODE = ADODB_FETCH_ASSOC;
                 $recordSet = $conn->Execute($sql);
                 if ($recordSet === false) {
                     $misc->log_error($sql);
                 }
                 while (!$recordSet->EOF) {
                     // strip slashes so input appears correctly
                     $agent_ID = $recordSet->fields['userdb_id'];
                     $agent_first_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_first_name']);
                     $agent_last_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_last_name']);
                     if ($agent_ID == $_SESSION['userID']) {
                         $display .= "<option value=\"{$agent_ID}\" selected=\"selected\">{$agent_last_name},{$agent_first_name}</option>";
                     } else {
                         $display .= "<option value=\"{$agent_ID}\">{$agent_last_name},{$agent_first_name}</option>";
                     }
                     $recordSet->MoveNext();
                 }
                 $display .= "</select></td>";
                 $display .= '</tr>';
             }
             if ($config["show_notes_field"] == 1) {
                 $display .= '<tr>';
                 $display .= '<td align="right" class="row_main"><b>' . $lang['admin_listings_editor_notes'] . '</b><br /><div class="small">(' . $lang['admin_listings_editor_notes_note'] . ')</div></td>';
                 $display .= '<td align="left" class="row_main"><textarea name="notes" cols="40" rows="6"></textarea></td>';
                 $display .= '</tr>';
             } else {
                 $display .= '<input type="hidden" name="notes" value="" />';
             }
             if ($config["export_listings"] == 1 && $_SESSION['export_listings'] == "yes") {
                 $display .= '<tr>';
                 $display .= '<td align="right" class="row_main"><b>' . $lang['admin_listings_editor_mlsexport'] . '</b><br /><div class="small">(' . $lang['admin_listings_editor_mlsexport'] . ')</div></td>';
                 $display .= '<td align="left" class="row_main">';
                 $display .= '<select size="1" name="mlsexport">';
                 $display .= '<option value="no" selected="selected">' . $lang['no'] . '</option>';
                 $display .= '<option value="yes">' . $lang['yes'] . '</option>';
                 $display .= '</select>';
                 $display .= '</td>';
                 $display .= '</tr>';
             } else {
                 $display .= '<input type="hidden" name="mlsexport" value="no" />';
             }
             // Determine which fields to show based on property class
             if (isset($_POST['property_class'])) {
                 $class_sql = '';
                 foreach ($_POST['property_class'] as $class_id) {
                     if (empty($class_sql)) {
                         $class_sql .= ' class_id = ' . $class_id;
                     } else {
                         $class_sql .= ' OR class_id = ' . $class_id;
                     }
                     $display .= '<input type="hidden" name="property_class[]" value="' . $class_id . '" />';
                 }
                 $pclass_list = '';
                 $sql = "SELECT DISTINCT(listingsformelements_id) FROM  " . $config['table_prefix_no_lang'] . "classformelements WHERE " . $class_sql;
                 $recordSet = $conn->execute($sql);
                 if ($recordSet === false) {
                     $misc->log_error($sql);
                 }
                 while (!$recordSet->EOF) {
                     if (empty($pclass_list)) {
                         $pclass_list .= $recordSet->fields['listingsformelements_id'];
                     } else {
                         $pclass_list .= ',' . $recordSet->fields['listingsformelements_id'];
                     }
                     $recordSet->Movenext();
                 }
                 if ($pclass_list == '') {
                     $pclass_list = 0;
                 }
                 $sql = "SELECT listingsformelements_field_type, listingsformelements_field_name, listingsformelements_field_caption, listingsformelements_default_text, listingsformelements_field_elements, listingsformelements_required, listingsformelements_field_length, listingsformelements_tool_tip from " . $config['table_prefix'] . "listingsformelements WHERE listingsformelements_id IN (" . $pclass_list . ") ORDER BY listingsformelements_rank, listingsformelements_field_name";
             } else {
                 $sql = "SELECT listingsformelements_field_type, listingsformelements_field_name, listingsformelements_field_caption, listingsformelements_default_text, listingsformelements_field_elements, listingsformelements_required, listingsformelements_field_length, listingsformelements_tool_tip from " . $config['table_prefix'] . "listingsformelements ORDER BY listingsformelements_rank, listingsformelements_field_name";
             }
             $recordSet = $conn->Execute($sql);
             if ($recordSet === false) {
                 $misc->log_error($sql);
             }
             while (!$recordSet->EOF) {
                 $field_type = $recordSet->fields['listingsformelements_field_type'];
                 $field_name = $recordSet->fields['listingsformelements_field_name'];
                 $field_caption = $recordSet->fields['listingsformelements_field_caption'];
                 $default_text = $recordSet->fields['listingsformelements_default_text'];
                 $field_elements = $recordSet->fields['listingsformelements_field_elements'];
                 $required = $recordSet->fields['listingsformelements_required'];
                 $field_length = $recordSet->fields['listingsformelements_field_length'];
                 $tool_tip = $recordSet->fields['listingsformelements_tool_tip'];
                 $field_type = $misc->make_db_unsafe($field_type);
                 $field_name = $misc->make_db_unsafe($field_name);
                 $field_caption = $misc->make_db_unsafe($field_caption);
                 $default_text = $misc->make_db_unsafe($default_text);
                 $field_elements = $misc->make_db_unsafe($field_elements);
                 $required = $misc->make_db_unsafe($required);
                 $field_length = $misc->make_db_unsafe($field_length);
                 $tool_tip = $misc->make_db_unsafe($tool_tip);
                 $display .= $forms->renderFormElement($field_type, $field_name, $field_caption, $default_text, $field_elements, $required, $field_length, $tool_tip);
                 $recordSet->MoveNext();
             }
             // end while
             $display .= $forms->renderFormElement("submit", "", "{$lang['submit']}", "", "", "");
             $display .= '<tr><td colspan="2" align="center" class="row_main">' . $lang['required_form_text'] . '</td></tr>';
             $display .= '</table>';
             $display .= '</form>';
         }
         //End
     }
     // end if
     return $display;
 }