예제 #1
            $where_str .= ")";
        $where_str .= ")";
    } else {
        $where_str .= " AND p2c.products_id = p.products_id\r\n                    AND p2c.products_id = pd.products_id\r\n                    AND pd.language_id = :languagesID\r\n                    AND p2c.categories_id = :categoriesID";
        $where_str = $db->bindVars($where_str, ':categoriesID', $_GET['categories_id'], 'integer');
        $where_str = $db->bindVars($where_str, ':languagesID', $_SESSION['languages_id'], 'integer');
if (isset($_GET['manufacturers_id']) && zen_not_null($_GET['manufacturers_id'])) {
    $where_str .= " AND m.manufacturers_id = :manufacturersID";
    $where_str = $db->bindVars($where_str, ':manufacturersID', $_GET['manufacturers_id'], 'integer');
if (isset($keywords) && zen_not_null($keywords)) {
    if (zen_parse_search_string(stripslashes($_GET['keyword']), $search_keywords)) {
        $where_str .= " AND (";
        for ($i = 0, $n = sizeof($search_keywords); $i < $n; $i++) {
            switch ($search_keywords[$i]) {
                case '(':
                case ')':
                case 'and':
                case 'or':
                    $where_str .= " " . $search_keywords[$i] . " ";
                    $where_str .= "(pd.products_name LIKE '%:keywords%'\r\n                                         OR p.products_model\r\n                                         LIKE '%:keywords%'\r\n                                         OR m.manufacturers_name\r\n                                         LIKE '%:keywords%'";
                    $where_str = $db->bindVars($where_str, ':keywords', $search_keywords[$i], 'noquotestring');
                    // search meta tags
                    $where_str .= " OR (mtpd.metatags_keywords\r\n                        LIKE '%:keywords%'\r\n                        AND mtpd.metatags_keywords !='')";
                    $where_str = $db->bindVars($where_str, ':keywords', $search_keywords[$i], 'noquotestring');
예제 #2
    if (zen_not_null($pto)) {
        if (!settype($pto, 'float')) {
            $error = true;
            $price_check_error = true;
            $messageStack->add_session('search', ERROR_PRICE_TO_MUST_BE_NUM);
    if ($price_check_error == false && is_float($pfrom) && is_float($pto)) {
        if ($pfrom >= $pto) {
            $error = true;
            $messageStack->add_session('search', ERROR_PRICE_TO_LESS_THAN_PRICE_FROM);
    if (zen_not_null($keywords)) {
        if (!zen_parse_search_string($keywords, $search_keywords)) {
            $error = true;
            $messageStack->add_session('search', ERROR_INVALID_KEYWORDS);
if (empty($dfrom) && empty($dto) && empty($pfrom) && empty($pto) && empty($keywords)) {
    $error = true;
    // redundant should be able to remove this
    $messageStack->add_session('search', ERROR_AT_LEAST_ONE_INPUT);
if ($error == true) {
    zen_redirect(zen_href_link(FILENAME_ADVANCED_SEARCH, zen_get_all_get_params(), 'NONSSL', true, false));
$breadcrumb->add(NAVBAR_TITLE_1, zen_href_link(FILENAME_ADVANCED_SEARCH));