public static function edit_listing_link($url_only = 'no')
{
global $lang, $config, $current_ID;
$display = '';
//Get the listing ID
if ($current_ID != '') {
$_GET['listingID'] = $current_ID;
}
if (isset($_GET['listingID'])) {
$listingID = intval($_GET['listingID']);
$listingagentid = listing_pages::getListingAgentID($listingID);
if (isset($_SESSION['userID'])) {
$userid = $_SESSION['userID'];
if ($_SESSION['edit_all_listings'] == 'yes' || $_SESSION['admin_privs'] == 'yes') {
$edit_link = $config['baseurl'] . '/admin/index.php?action=edit_listings&edit=' . $listingID;
} elseif ($_SESSION['isAgent'] == 'yes' && $listingagentid == $userid) {
$edit_link = $config['baseurl'] . '/admin/index.php?action=edit_my_listings&edit=' . $listingID;
} else {
return;
}
if ($url_only == 'yes') {
$display = $edit_link;
} else {
$display = '<a href="' . $edit_link . '">' . $lang['edit_listing'] . '</a>';
}
}
}
return $display;
}
function replace_tags($tags = array())
{
global $config, $lang;
require_once $config['basepath'] . '/include/login.inc.php';
$login = new login();
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
// Remove tags not found in teh template
$new_tags = $tags;
$tags = array();
foreach ($new_tags as $tag) {
if (strpos($this->page, '{' . $tag . '}') !== false) {
$tags[] = $tag;
}
}
unset($new_tags);
if (sizeof($tags) > 0) {
foreach ($tags as $tag) {
$data = '';
switch ($tag) {
case 'content':
$data = $this->replace_user_action();
break;
case 'templated_search_form':
require_once $config['basepath'] . '/include/search.inc.php';
$search = new search_page();
$data = $search->create_searchpage('no', true);
break;
case 'baseurl':
$data = $config['baseurl'];
break;
case 'template_url':
$data = $config['template_url'];
break;
case 'addthis_button':
global $jscript_last;
$jscript_last .= "\r\n" . '<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js"></script>';
$data = '<a href="http://www.addthis.com/bookmark.php?v=250" class="addthis_button"><img src="http://s7.addthis.com/static/btn/v2/lg-share-en.gif" width="125" height="16" border="0" alt="Share" /></a>';
break;
case 'load_js':
$data = $this->load_js();
break;
case 'load_js_last':
global $jscript_last;
$data = $jscript_last;
break;
case 'tabbed_js':
global $jscript;
$jscript .= '<script type="text/javascript" src="' . $config['baseurl'] . '/tabpane.js"></script>' . "\r\n";
$data = '';
break;
case 'license_tag':
$data = "<!--Open-Realty is distributed by Transparent Technologies and is Licensed under the Open-Realty License. See http://www.open-realty.org/license_info.html for more information.-->";
break;
case 'main_listing_data':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->getMainListingData($_GET['listingID']);
break;
case 'featured_listings_vertical':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->renderFeaturedListingsVertical();
break;
case 'featured_listings_horizontal':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->renderFeaturedListingsHorizontal();
break;
case 'featured_listings_horizontal_latest':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->renderLatestFeaturedListingsHorizontal();
break;
case 'random_listings_vertical':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->renderFeaturedListingsVertical(0, true);
break;
case 'random_listings_horizontal':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
//$data = $listing->renderFeaturedListingsHorizontal(0, true);
$data = $listing->renderRandomListingsHorizontal();
break;
case 'latest_listings_vertical':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->renderFeaturedListingsVertical(0, false, '', true);
break;
case 'latest_listings_horizontal':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->renderFeaturedListingsHorizontal(0, false, '', true);
break;
case preg_match("/^featured_listings_horizontal_class_([0-9]*)/", $tag, $feat_class) ? $tag : !$tag:
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->renderFeaturedListingsHorizontal(0, FALSE, $feat_class[1]);
break;
case preg_match("/^featured_listings_vertical_class_([0-9]*)/", $tag, $feat_class) ? $tag : !$tag:
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->renderFeaturedListingsVertical(0, FALSE, $feat_class[1]);
break;
case preg_match("/^random_listings_horizontal_class_([0-9]*)/", $tag, $feat_class) ? $tag : !$tag:
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->renderFeaturedListingsHorizontal(0, TRUE, $feat_class[1]);
break;
case preg_match("/^random_listings_vertical_class_([0-9]*)/", $tag, $feat_class) ? $tag : !$tag:
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->renderFeaturedListingsVertical(0, TRUE, $feat_class[1]);
break;
case preg_match("/^latest_listings_horizontal_class_([0-9]*)/", $tag, $feat_class) ? $tag : !$tag:
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->renderFeaturedListingsHorizontal(0, false, $feat_class[1], true);
break;
case preg_match("/^latest_listings_vertical_class_([0-9]*)/", $tag, $feat_class) ? $tag : !$tag:
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->renderFeaturedListingsVertical(0, false, $feat_class[1], true);
break;
case 'headline':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->renderTemplateAreaNoCaption('headline', $_GET['listingID']);
break;
case 'full_description':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->renderTemplateAreaNoCaption('center', $_GET['listingID']);
break;
case 'listing_images':
require_once $config['basepath'] . '/include/images.inc.php';
$images = new image_handler();
$data = $images->renderListingsImages($_GET['listingID'], 'yes');
break;
case 'listing_images_nocaption':
require_once $config['basepath'] . '/include/images.inc.php';
$images = new image_handler();
$data = $images->renderListingsImages($_GET['listingID'], 'no');
break;
case 'listing_files_select':
require_once $config['basepath'] . '/include/files.inc.php';
$files = new file_handler();
$data = $files->render_files_select($_GET['listingID'], 'listing');
break;
case 'files_listing_vertical':
require_once $config['basepath'] . '/include/files.inc.php';
$files = new file_handler();
$data = $files->render_templated_files($_GET['listingID'], 'listing', 'vertical');
break;
case 'files_listing_horizontal':
require_once $config['basepath'] . '/include/files.inc.php';
$files = new file_handler();
$data = $files->render_templated_files($_GET['listingID'], 'listing', 'horizontal');
break;
case 'slideshow_images':
require_once $config['basepath'] . '/include/images.inc.php';
$images = new image_handler();
$data = $images->renderListingsMainImageSlideShow($_GET['listingID']);
break;
case 'link_calc':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->create_calc_link();
break;
case 'link_calc_url':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->create_calc_link($url_only = 'yes');
break;
case 'link_add_favorites':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->create_add_favorite_link();
break;
case 'link_add_favorites_url':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->create_add_favorite_link($url_only = 'yes');
break;
case 'link_printer_friendly':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->create_printer_friendly_link();
break;
case 'link_email_friend':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->create_email_friend_link();
break;
case 'link_map':
require_once $config['basepath'] . '/include/maps.inc.php';
$maps = new maps();
$data = $maps->create_map_link();
break;
case 'link_yahoo_school':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->create_yahoo_school_link();
break;
case 'link_yahoo_neighborhood':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->create_yahoo_neighborhood_link();
break;
case 'link_printer_friendly_url':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->create_printer_friendly_link($url_only = 'yes');
break;
case 'link_email_friend_url':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->create_email_friend_link($url_only = 'yes');
break;
case 'link_map_url':
require_once $config['basepath'] . '/include/maps.inc.php';
$maps = new maps();
$data = $maps->create_map_link($url_only = 'yes');
break;
case 'link_yahoo_school_url':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->create_yahoo_school_link($url_only = 'yes');
break;
case 'link_yahoo_neighborhood_url':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->create_yahoo_neighborhood_link($url_only = 'yes');
break;
case 'contact_agent_link_url':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->contact_agent_link($url_only = 'yes');
break;
case 'agent_info':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->renderUserInfoOnListingsPage($_GET['listingID']);
break;
case 'listing_email':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->getListingEmail($_GET['listingID']);
break;
case 'hitcount':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->hitcount($_GET['listingID']);
break;
case 'main_image':
require_once $config['basepath'] . '/include/images.inc.php';
$images = new image_handler();
$data = $images->renderListingsMainImage($_GET['listingID'], 'yes', 'no');
break;
case 'main_image_nodesc':
require_once $config['basepath'] . '/include/images.inc.php';
$images = new image_handler();
$data = $images->renderListingsMainImage($_GET['listingID'], 'no', 'no');
break;
case 'main_image_java':
require_once $config['basepath'] . '/include/images.inc.php';
$images = new image_handler();
$data = $images->renderListingsMainImage($_GET['listingID'], 'yes', 'yes');
break;
case 'main_image_java_nodesc':
require_once $config['basepath'] . '/include/images.inc.php';
$images = new image_handler();
$data = $images->renderListingsMainImage($_GET['listingID'], 'no', 'yes');
break;
case 'listing_images_java':
require_once $config['basepath'] . '/include/images.inc.php';
$images = new image_handler();
$data = $images->renderListingsImagesJava($_GET['listingID'], 'no');
break;
case 'listing_images_java_caption':
require_once $config['basepath'] . '/include/images.inc.php';
$images = new image_handler();
$data = $images->renderListingsImagesJava($_GET['listingID'], 'yes');
break;
case 'listing_images_java_rows':
require_once $config['basepath'] . '/include/images.inc.php';
$images = new image_handler();
$data = $images->renderListingsImagesJavaRows($_GET['listingID']);
break;
case 'listing_images_mouseover_java':
require_once $config['basepath'] . '/include/images.inc.php';
$images = new image_handler();
$data = $images->renderListingsImagesJava($_GET['listingID'], 'no', 'yes');
break;
case 'listing_images_mouseover_java_caption':
require_once $config['basepath'] . '/include/images.inc.php';
$images = new image_handler();
$data = $images->renderListingsImagesJava($_GET['listingID'], 'yes', 'yes');
break;
case 'listing_images_mouseover_java_rows':
require_once $config['basepath'] . '/include/images.inc.php';
$images = new image_handler();
$data = $images->renderListingsImagesJavaRows($_GET['listingID'], 'yes');
break;
case 'vtour_button':
require_once $config['basepath'] . '/include/vtour.inc.php';
$vtour = new vtours();
$data = $vtour->rendervtourlink($_GET['listingID']);
break;
case 'listingid':
$data = $_GET['listingID'];
break;
case 'get_creation_date':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->get_creation_date($_GET['listingID']);
break;
case 'get_featured_raw':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->get_featured($_GET['listingID'], 'yes');
break;
case 'get_featured':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->get_featured($_GET['listingID'], 'no');
break;
case 'get_modified_date':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->get_modified_date($_GET['listingID']);
break;
case 'contact_agent_link':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->contact_agent_link();
break;
case 'select_language':
// require_once($config['basepath'] . '/include/multilingual.inc.php');
// $multilingual = new multilingual();
// $data = $multilingual->multilingual_select();
break;
case 'company_name':
$data = $config['company_name'];
break;
case 'company_location':
$data = $config['company_location'];
break;
case 'company_logo':
$data = $config['company_logo'];
break;
case 'show_vtour':
if (isset($_GET['listingID'])) {
require_once $config['basepath'] . '/include/vtour.inc.php';
$vtour = new vtours();
$data = $vtour->show_vtour($_GET['listingID'], false);
} else {
$data = 'No Listing ID';
}
break;
case 'charset':
$data = $config['charset'];
break;
case 'link_edit_listing':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->edit_listing_link();
break;
case 'link_edit_listing_url':
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$data = $listing->edit_listing_link('yes');
break;
case 'template_select':
$data = $this->template_selector();
break;
case 'money_sign':
$data = $config['money_sign'];
break;
case 'horizontal_header_banner':
if (@(include getenv('DOCUMENT_ROOT') . '/advertising/phpadsnew.inc.php')) {
if (!isset($phpAds_context)) {
$phpAds_context = array();
}
$phpAds_raw = view_raw('zone:1', 0, '_self', '', '0', $phpAds_context);
$data = $phpAds_raw['html'];
} else {
$data = '<img src="/images/bannerd.png">';
}
break;
default:
if (preg_match("/^addon_(.*?)_.*/", $tag, $addon_name)) {
$file = $config['basepath'] . '/addons/' . $addon_name[1] . '/addon.inc.php';
if (file_exists($file)) {
include_once $file;
$function_name = $addon_name[1] . '_run_template_user_fields';
$data = $function_name($tag);
} else {
$data = '';
}
} else {
$data = '';
}
break;
}
$this->page = str_replace('{' . $tag . '}', $data, $this->page);
}
}
unset($tags);
unset($tag);
}
function update_listing($verify_user = true)
{
global $conn, $lang, $config;
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
require_once $config['basepath'] . '/include/forms.inc.php';
$forms = new forms();
require_once $config['basepath'] . '/include/listing.inc.php';
$listing_pages = new listing_pages();
$display = '';
// update the listing
if ($verify_user) {
$sql_edit = intval($_POST['edit']);
$listing_ownerID = $listing_pages->getListingAgentID($sql_edit);
if (intval($_SESSION['userID']) != $listing_ownerID) {
$display = $lang['listing_editor_permission_denied'] . '<br />';
return $display;
}
}
if ($_POST['title'] == "") {
// if the title is blank
$display .= "{$lang['admin_new_listing_enter_a_title']}<br />";
} else {
$pass_the_form = $forms->validateForm('listingsformelements', $_POST['pclass']);
if ($pass_the_form !== "Yes") {
// if we're not going to pass it, tell that they forgot to fill in one of the fields
foreach ($pass_the_form as $k => $v) {
if ($v == 'REQUIRED') {
$display .= "<p class=\"redtext\">{$k}: {$lang['required_fields_not_filled']}</p>";
}
if ($v == 'TYPE') {
$display .= "<p class=\"redtext\">{$k}: {$lang['field_type_does_not_match']}</p>";
}
}
// $display .= "<p>$lang[required_fields_not_filled]</p>";
}
if ($pass_the_form == "Yes") {
$sql_title = $misc->make_db_safe($_POST['title']);
$sql_notes = $misc->make_db_safe($_POST['notes']);
$sql_edit = $misc->make_db_safe($_POST['edit']);
if (!isset($_POST['mlsexport'])) {
$_POST['mlsexport'] = "no";
}
$sql_mlsexport = $misc->make_db_safe($_POST['mlsexport']);
$sql = "UPDATE " . $config['table_prefix'] . "listingsdb SET ";
if (!$verify_user) {
$sql_or_owner = $misc->make_db_safe($_POST['or_owner']);
// update the listing data
$sql .= "userdb_ID = {$sql_or_owner}, ";
}
$sql .= "listingsdb_title = {$sql_title}, ";
if ($_SESSION['admin_privs'] == "yes" || $_SESSION['featureListings'] == "yes") {
// Check Number of Featured Listings User has
if (isset($_POST['or_owner'])) {
$or_owner = $misc->make_db_safe($_POST['or_owner']);
$featuredsql = 'SELECT count(listingsdb_id) as listing_count FROM ' . $config['table_prefix'] . 'listingsdb WHERE listingsdb_featured = \'yes\' AND userdb_id = ' . $or_owner;
} else {
$featuredsql = 'SELECT count(listingsdb_id) as listing_count FROM ' . $config['table_prefix'] . 'listingsdb WHERE listingsdb_featured = \'yes\' AND userdb_id = ' . $_SESSION['userID'];
}
$recordSet = $conn->Execute($featuredsql);
if ($recordSet === false) {
$misc->log_error($featuredsql);
}
$featuredlisting_count = $recordSet->fields['listing_count'];
// Get User Featured Listing Limit
if (isset($_POST['or_owner'])) {
$or_owner = $misc->make_db_safe($_POST['or_owner']);
$featuredsql = 'SELECT userdb_featuredlistinglimit FROM ' . $config['table_prefix'] . 'userdb WHERE userdb_id = ' . $or_owner;
} else {
$featuredsql = 'SELECT userdb_featuredlistinglimit FROM ' . $config['table_prefix'] . 'userdb WHERE userdb_id = ' . $_SESSION['userID'];
}
$recordSet = $conn->Execute($featuredsql);
if ($recordSet === false) {
$misc->log_error($featuredsql);
}
$featuredlisting_limit = $recordSet->fields['userdb_featuredlistinglimit'];
$featuredLimitError = FALSE;
if ($_POST['featured'] == 'yes') {
if ($featuredlisting_limit > $featuredlisting_count || $featuredlisting_limit == '-1') {
// if the user can feature properties
$sql_featured = $misc->make_db_safe($_POST['featured']);
$sql .= "listingsdb_featured = {$sql_featured}, ";
} else {
//See if we are already featured..
$featuredcheckSql = 'SELECT listingsdb_featured FROM ' . $config['table_prefix'] . 'listingsdb WHERE listingsdb_id = ' . $sql_edit;
$recordSetFeatured = $conn->Execute($featuredcheckSql);
if ($recordSetFeatured === false) {
$misc->log_error($featuredcheckSql);
}
$current_status = $recordSetFeatured->fields['listingsdb_featured'];
if ($current_status == 'yes') {
$sql_featured = $misc->make_db_safe($_POST['featured']);
$sql .= "listingsdb_featured = {$sql_featured}, ";
} else {
$featuredLimitError = TRUE;
}
}
} else {
//Not Feautred Save no matter what
$sql_featured = $misc->make_db_safe($_POST['featured']);
$sql .= "listingsdb_featured = {$sql_featured}, ";
}
}
// end if ($featureListings == "yes")
if ($_SESSION['admin_privs'] == "yes" || $_SESSION['moderator'] == "yes") {
// if the user is an administrtor
$sql_active = $misc->make_db_safe($_POST['edit_active']);
$sql .= "listingsdb_active = {$sql_active}, ";
}
// end if ($admin_privs == "yes")
if (($_SESSION['admin_privs'] == "yes" || $_SESSION['edit_expiration'] == "yes") && $config['use_expiration'] == "1") {
$expiration_date = $misc->or_date_format($_POST['edit_expiration']);
$sql .= "listingsdb_expiration = " . $expiration_date . ",";
}
if ($verify_user) {
$sql .= "listingsdb_notes = {$sql_notes}, listingsdb_mlsexport = {$sql_mlsexport}, listingsdb_last_modified = " . $conn->DBTimeStamp(time()) . " WHERE ((listingsdb_id = {$sql_edit}) AND (userdb_id = {$_SESSION['userID']}))";
} else {
$sql .= "listingsdb_notes = {$sql_notes}, listingsdb_mlsexport = {$sql_mlsexport}, listingsdb_last_modified = " . $conn->DBTimeStamp(time()) . " WHERE listingsdb_id = {$sql_edit}";
}
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
if ($verify_user) {
$message = listing_editor::updateListingsData($_POST['edit'], $_SESSION['userID']);
} else {
// update the image data (in case the or_owner has changed)
$sql = "UPDATE " . $config['table_prefix'] . "listingsimages SET userdb_id = {$sql_or_owner} WHERE listingsdb_id = {$sql_edit}";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$message = listing_editor::updateListingsData($_POST['edit'], $_POST['or_owner']);
}
// Ok Now Handle Any property class changes that all the data is saved.
// First Get a list of all the currently assing property classes.
$sql2 = 'SELECT class_id FROM ' . $config['table_prefix_no_lang'] . 'classlistingsdb WHERE listingsdb_id =' . $sql_edit;
$recordSet2 = $conn->execute($sql2);
if ($recordSet2 === false) {
$misc->log_error($sql2);
}
$current_class_id = array();
while (!$recordSet2->EOF) {
$current_class_id[] = $recordSet2->fields['class_id'];
$recordSet2->MoveNext();
}
// Get List of edited pclasses
$new_class_assigned_sql = implode(',', $_POST['pclass']);
// Now if teh property class is no longer assigned remove this listin from the class and remove any listing fields tha belogn only to this class
foreach ($current_class_id as $c_class_id) {
if (!in_array($c_class_id, $_POST['pclass'])) {
// Delete listing from class
$sql = 'DELETE FROM ' . $config['table_prefix_no_lang'] . 'classlistingsdb WHERE class_id = ' . $c_class_id . ' AND listingsdb_id = ' . $sql_edit;
$recordSet = $conn->execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
// Get a list of form element ids for the new selected property classes
$sql = 'SELECT listingsformelements_id FROM ' . $config['table_prefix_no_lang'] . 'classformelements WHERE class_id IN (' . $new_class_assigned_sql . ')';
$recordSet = $conn->execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$formelement_ids = array();
while (!$recordSet->EOF) {
$formelement_ids[] = $recordSet->fields['listingsformelements_id'];
$recordSet->Movenext();
}
$new_listingsformelements_id_sql = implode(',', $formelement_ids);
$sql = 'SELECT DISTINCT(listingsformelements_field_name) FROM ' . $config['table_prefix_no_lang'] . 'classformelements as c,' . $config['table_prefix'] . 'listingsformelements as f WHERE class_id = ' . $c_class_id . ' AND c.listingsformelements_id NOT IN (' . $new_listingsformelements_id_sql . ') AND c.listingsformelements_id = f.listingsformelements_id';
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$sql2 = 'DELETE FROM ' . $config['table_prefix'] . 'listingsdbelements WHERE listingsdbelements_field_name = ' . $recordSet->fields['listingsformelements_field_name'] . ' AND listingsdb_id = ' . $sql_edit;
$recordSet2 = $conn->execute($sql2);
if ($recordSet2 === false) {
$misc->log_error($sql2);
}
}
}
}
// If this is a new class add the listing to the class
foreach ($_POST['pclass'] as $class_id) {
if (!in_array($class_id, $current_class_id)) {
$sql2 = 'INSERT INTO ' . $config['table_prefix_no_lang'] . 'classlistingsdb (class_id,listingsdb_id) VALUES (' . $class_id . ',' . $sql_edit . ')';
$recordSet2 = $conn->execute($sql2);
if ($recordSet2 === false) {
$misc->log_error($sql2);
}
}
}
if ($message == "success") {
$display .= "<p>{$lang['admin_listings_editor_listing_number']} {$_POST['edit']} {$lang['has_been_updated']} </p>";
if ($featuredLimitError == TRUE) {
$display .= "<p style=\"error\">{$lang['admin_listings_editor_featuredlistingerror']} </p>";
}
$misc->log_action("{$lang['log_updated_listing']} {$_POST['edit']}");
} else {
$display .= "<p>{$lang['alert_site_admin']}</p>";
}
// end else
}
// end if $pass_the_form == "Yes"
}
// end else
return $display;
}
function addtofavorites()
{
global $config, $lang, $conn;
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
$security = login::loginCheck('Member');
if ($security === true) {
ob_start();
$display = '';
if ($_GET['listingID'] == "") {
$display .= '<a href="' . $config['baseurl'] . '/index.php">' . $lang['perhaps_you_were_looking_something_else'] . '</a>';
} else {
$userID = $misc->make_db_safe($_SESSION['userID']);
$listingID = $misc->make_db_safe($_GET['listingID']);
$sql = "SELECT * FROM " . $config['table_prefix'] . "userfavoritelistings WHERE userdb_id = {$userID} AND listingsdb_id = {$listingID}";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
log_error($sql);
}
$num_columns = $recordSet->RecordCount();
if ($num_columns == 0) {
$sql = "INSERT INTO " . $config['table_prefix'] . "userfavoritelistings (userdb_id, listingsdb_id) VALUES ({$userID}, {$listingID})";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
log_error($sql);
}
echo '<br />' . $lang['listing_added_to_favorites'];
} else {
echo '<br />' . $lang['listing_already_in_favorites'];
}
}
include_once dirname(__FILE__) . '/listing.inc.php';
echo listing_pages::listing_view();
$display = ob_get_contents();
ob_end_clean();
return $display;
} else {
return $security;
}
}
/**
* **************************************************************************\
* Open-Realty - search_results Function *
* -------------------------------------------- *
* This is the search_results function. The listing_browse page is called is*
* also now a funciton called search_results_old *
* \**************************************************************************
*/
function search_results($return_ids_only = false)
{
$DEBUG_SQL = FALSE;
global $config, $conn, $lang, $current_ID, $db_type;
require_once $config['basepath'] . '/include/misc.inc.php';
require_once $config['basepath'] . '/include/class/template/core.inc.php';
$misc = new misc();
$page = new page();
// Load any addons
$addons = $page->load_addons();
$guidestring = "";
$guidestring_with_sort = "";
// Save GET
// Deal with & still being in the URL
foreach ($_GET as $k => $v) {
if (strpos($k, 'amp;') !== false) {
$new_k = str_replace('amp;', '', $k);
$_GET[$new_k] = $v;
unset($_GET[$k]);
}
}
//Deal with googlebot double encoding URLS.
foreach ($_GET as $k => $v) {
if (strpos($k, '%5B%5D') !== false) {
$new_k = str_replace('%5B%5D', '', $k);
$_GET[$new_k][] = $v;
unset($_GET[$k]);
}
}
foreach ($_GET as $k => $v) {
if ($v != '' && $k != 'listingID' && $k != 'cur_page' && $k != 'action' && $k != 'PHPSESSID' && $k != 'sortby' && $k != 'sorttype' && $k != 'printer_friendly' && $k != 'template') {
if (is_array($v)) {
foreach ($v as $vitem) {
$guidestring .= '&' . urlencode("{$k}") . '[]=' . urlencode("{$vitem}");
}
} else {
$guidestring .= '&' . urlencode("{$k}") . '=' . urlencode("{$v}");
}
}
}
$display = '';
// Now we get the GET and build our WHERE CLAUSE
$searchresultSQL = '';
// Set ImageONly to False
$imageonly = false;
$vtoursonly = false;
$tablelist = array();
$tablelist_fullname = array();
$postalcode_dist_lat = '';
$postalcode_dist_long = '';
$postalcode_dist_dist = '';
$latlong_dist_lat = '';
$latlong_dist_long = '';
$latlong_dist_dist = '';
$city_dist_lat = '';
$city_dist_long = '';
$city_dist_dist = '';
foreach ($_GET as $k => $v) {
if ($k == "sortby") {
$guidestring_with_sort = "{$k}={$v}";
} elseif ($k == "sorttype") {
$guidestring_with_sort = "{$k}={$v}&";
} elseif ($k == 'PageID') {
$searchresultSQL .= '';
} elseif ($k == "user_ID") {
if ($v != '' && $v != 'Any Agent') {
if (is_array($v)) {
$sstring = '';
foreach ($v as $u) {
$u = $misc->make_db_safe($u);
if (empty($sstring)) {
$sstring .= $config['table_prefix'] . 'listingsdb.userdb_id = ' . $u;
} else {
$sstring .= ' OR ' . $config['table_prefix'] . 'listingsdb.userdb_id = ' . $u;
}
}
if ($searchresultSQL != '') {
$searchresultSQL .= ' AND ';
}
$searchresultSQL .= '(' . $sstring . ')';
} else {
$sql_v = $misc->make_db_safe($v);
if ($searchresultSQL != '') {
$searchresultSQL .= ' AND ';
}
$searchresultSQL .= '(' . $config['table_prefix'] . 'listingsdb.userdb_id = ' . $sql_v . ')';
}
}
} elseif ($k == "featuredOnly") {
// $guidestring .= "&$k=$v";
if ($v == "yes") {
if ($searchresultSQL != '') {
$searchresultSQL .= ' AND ';
}
$searchresultSQL = $searchresultSQL . '(' . $config['table_prefix'] . 'listingsdb.listingsdb_featured = \'yes\')';
}
} elseif ($k == 'pclass') {
$class_sql = '';
foreach ($v as $class) {
// Ignore non numberic values
if (is_numeric($class)) {
if (!empty($class_sql)) {
$class_sql .= ' OR ';
}
$class_sql .= $config['table_prefix_no_lang'] . "classlistingsdb.class_id = {$class}";
}
}
if (!empty($class_sql)) {
if ($searchresultSQL != '') {
$searchresultSQL .= ' AND ';
}
$searchresultSQL = $searchresultSQL . '(' . $class_sql . ') AND ' . $config['table_prefix_no_lang'] . 'classlistingsdb.listingsdb_id = ' . $config['table_prefix'] . 'listingsdb.listingsdb_id';
$tablelist_fullname[] = $config['table_prefix_no_lang'] . "classlistingsdb";
}
} elseif ($k == "listing_id") {
$listing_id = explode(',', $v);
$i = 0;
if ($searchresultSQL != '') {
$searchresultSQL .= ' AND ';
}
foreach ($listing_id as $id) {
$id = $misc->make_db_safe($id);
if ($i == 0) {
$searchresultSQL .= '((' . $config['table_prefix'] . 'listingsdb.listingsdb_id = ' . $id . ')';
} else {
$searchresultSQL .= ' OR (' . $config['table_prefix'] . 'listingsdb.listingsdb_id = ' . $id . ')';
}
$i++;
}
$searchresultSQL .= ')';
} elseif ($k == "imagesOnly") {
// Grab only listings with images if that is what we need.
if ($v == "yes") {
$imageonly = true;
}
} elseif ($k == "vtoursOnly") {
// Grab only listings with images if that is what we need.
if ($v == "yes") {
$vtoursonly = true;
}
} elseif ($k == 'listing_last_modified_equal') {
if ($searchresultSQL != '') {
$searchresultSQL .= ' AND ';
}
$safe_v = $conn->DBTimeStamp($v);
$searchresultSQL .= " listingsdb_last_modified = {$safe_v}";
//listingsdb_last_modified
} elseif ($k == 'listing_last_modified_greater') {
if ($searchresultSQL != '') {
$searchresultSQL .= ' AND ';
}
$safe_v = $conn->DBTimeStamp($v);
$searchresultSQL .= " listingsdb_last_modified > {$safe_v}";
//listingsdb_last_modified
} elseif ($k == 'listing_last_modified_less') {
if ($searchresultSQL != '') {
$searchresultSQL .= ' AND ';
}
$safe_v = $conn->DBTimeStamp($v);
$searchresultSQL .= " listingsdb_last_modified < {$safe_v}";
//listingsdb_last_modified
} elseif ($k == 'latlong_dist_lat' || $k == 'latlong_dist_long' || $k == 'latlong_dist_dist' && $v != '') {
switch ($k) {
case 'latlong_dist_lat':
$latlong_dist_lat = $v;
break;
case 'latlong_dist_long':
$latlong_dist_long = $v;
break;
case 'latlong_dist_dist':
$latlong_dist_dist = $v;
break;
}
} elseif ($k == 'postalcode_dist_code' && $v != '') {
$postalcode = $misc->make_db_safe($v);
$sql = 'SELECT zipdist_latitude, zipdist_longitude FROM ' . $config['table_prefix_no_lang'] . 'zipdist WHERE zipdist_zipcode =' . $postalcode;
$postalcode_recordSet = $conn->Execute($sql);
if ($postalcode_recordSet === false) {
$misc->log_error($sql);
}
$postalcode_dist_lat = $misc->make_db_unsafe($postalcode_recordSet->fields['zipdist_latitude']);
$postalcode_dist_long = $misc->make_db_unsafe($postalcode_recordSet->fields['zipdist_longitude']);
} elseif ($k == 'postalcode_dist_dist' && $v != '') {
$postalcode_dist_dist = $v;
} elseif ($k == 'city_dist_code' && $v != '') {
$city = $misc->make_db_safe($v);
$sql = 'SELECT zipdist_latitude, zipdist_longitude FROM ' . $config['table_prefix_no_lang'] . 'zipdist WHERE zipdist_cityname =' . $city;
$city_recordSet = $conn->Execute($sql);
if ($city_recordSet === false) {
$misc->log_error($sql);
}
$city_dist_lat = $misc->make_db_unsafe($city_recordSet->fields['zipdist_latitude']);
$city_dist_long = $misc->make_db_unsafe($city_recordSet->fields['zipdist_longitude']);
} elseif ($k == 'city_dist_dist' && $v != '') {
$city_dist_dist = $v;
} elseif ($v != '' && $k != 'listingID' && $k != 'postalcode_dist_code' && $k != 'postalcode_dist_dist' && $k != 'city_dist_code' && $k != 'city_dist_dist' && $k != 'latlong_dist_lat' && $k != 'latlong_dist_long' && $k != 'latlong_dist_dist' && $k != 'cur_page' && $k != 'action' && $k != 'PHPSESSID' && $k != 'sortby' && $k != 'sorttype' && $k != 'printer_friendly' && $k != 'template' && $k != 'pclass' && $k != 'listing_last_modified_less' && $k != 'listing_last_modified_equal' && $k != 'listing_last_modified_greater') {
if (!is_array($v)) {
if ($searchresultSQL != '') {
$searchresultSQL .= ' AND ';
}
//Handle NULL/NOTNULL Searches
if (substr($k, -5) == '-NULL' && $v == '1') {
$subk = substr($k, 0, -5);
$searchresultSQL .= "(`{$subk}`.listingsdbelements_field_name = '{$subk}' AND (`{$subk}`.listingsdbelements_field_value IS NULL OR `{$subk}`.listingsdbelements_field_value = ''))";
if (!in_array($subk, $tablelist)) {
$tablelist[] = $subk;
}
} elseif (substr($k, -8) == '-NOTNULL' && $v == '1') {
$subk = substr($k, 0, -8);
$searchresultSQL .= "(`{$subk}`.listingsdbelements_field_name = '{$subk}' AND (`{$subk}`.listingsdbelements_field_value IS NOT NULL AND `{$subk}`.listingsdbelements_field_value <> ''))";
if (!in_array($subk, $tablelist)) {
$tablelist[] = $subk;
}
} elseif (substr($k, -4) == '-max') {
$subk = substr($k, 0, -4);
if ($db_type == 'mysql') {
$searchresultSQL .= "(`{$subk}`.listingsdbelements_field_name = '{$subk}' AND CAST(`{$subk}`.listingsdbelements_field_value as signed) <= '{$v}')";
} else {
$searchresultSQL .= "(`{$subk}`.listingsdbelements_field_name = '{$subk}' AND CAST(`{$subk}`.listingsdbelements_field_value as int4) <= '{$v}')";
}
if (!in_array($subk, $tablelist)) {
$tablelist[] = $subk;
}
} else {
if (substr($k, -4) == '-min') {
$subk = substr($k, 0, -4);
if ($db_type == 'mysql') {
$searchresultSQL .= "(`{$subk}`.listingsdbelements_field_name = '{$subk}' AND CAST(`{$subk}`.listingsdbelements_field_value as signed) >= '{$v}')";
} else {
$searchresultSQL .= "(`{$subk}`.listingsdbelements_field_name = '{$subk}' AND CAST(`{$subk}`.listingsdbelements_field_value as int4) >= '{$v}')";
}
if (!in_array($subk, $tablelist)) {
$tablelist[] = $subk;
}
} elseif (substr($k, -8) == '-maxdate') {
if ($config['date_format'] == 1) {
$format = "%m/%d/%Y";
} elseif ($config['date_format'] == 2) {
$format = "%Y/%d/%m";
} elseif ($config['date_format'] == 3) {
$format = "%d/%m/%Y";
}
$v = $misc->parseDate($v, $format);
$subk = urldecode(substr($k, 0, -8));
$searchresultSQL .= "(`{$subk}`.listingsdbelements_field_name = '{$subk}' AND `{$subk}`.listingsdbelements_field_value <= '{$v}')";
if (!in_array($subk, $tablelist)) {
$tablelist[] = $subk;
}
} else {
if (substr($k, -8) == '-mindate') {
if ($config['date_format'] == 1) {
$format = "%m/%d/%Y";
} elseif ($config['date_format'] == 2) {
$format = "%Y/%d/%m";
} elseif ($config['date_format'] == 3) {
$format = "%d/%m/%Y";
}
$v = $misc->parseDate($v, $format);
$subk = urldecode(substr($k, 0, -8));
$searchresultSQL .= "(`{$subk}`.listingsdbelements_field_name = '{$subk}' AND `{$subk}`.listingsdbelements_field_value >= '{$v}')";
if (!in_array($subk, $tablelist)) {
$tablelist[] = $subk;
}
} else {
if (substr($k, -5) == '-date') {
if ($config['date_format'] == 1) {
$format = "%m/%d/%Y";
} elseif ($config['date_format'] == 2) {
$format = "%Y/%d/%m";
} elseif ($config['date_format'] == 3) {
$format = "%d/%m/%Y";
}
$v = $misc->parseDate($v, $format);
$subk = urldecode(substr($k, 0, -5));
$searchresultSQL .= "(`{$subk}`.listingsdbelements_field_name = '{$subk}' AND `{$subk}`.listingsdbelements_field_value = '{$v}')";
if (!in_array($subk, $tablelist)) {
$tablelist[] = $subk;
}
} elseif ($k == 'searchtext') {
$safe_v = addslashes($v);
$searchresultSQL .= "((`{$k}`.listingsdbelements_field_value like '%{$safe_v}%') OR (listingsdb_title like '%{$safe_v}%'))";
$tablelist[] = $k;
} else {
$safe_v = $misc->make_db_safe($v);
$searchresultSQL .= "(`{$k}`.listingsdbelements_field_name = '{$k}' AND `{$k}`.listingsdbelements_field_value = {$safe_v})";
$tablelist[] = $k;
}
}
}
}
} else {
// Make Sure Array is not empty
$use = false;
$comma_separated = implode(" ", $v);
if (trim($comma_separated) != '') {
$use = true;
if ($searchresultSQL != '') {
$searchresultSQL .= ' AND ';
}
}
if ($use === true) {
if (substr($k, -3) == '_or') {
$k = substr($k, 0, strlen($k) - 3);
$safe_k = addslashes($k);
$searchresultSQL .= "(`{$safe_k}`.listingsdbelements_field_name = '{$safe_k}' AND (";
$vitem_count = 0;
foreach ($v as $vitem) {
$safe_vitem = addslashes($vitem);
if ($vitem != '') {
if ($vitem_count != 0) {
$searchresultSQL .= " OR `{$safe_k}`.listingsdbelements_field_value LIKE '%{$safe_vitem}%'";
} else {
$searchresultSQL .= " `{$safe_k}`.listingsdbelements_field_value LIKE '%{$safe_vitem}%'";
}
$vitem_count++;
}
}
$searchresultSQL .= "))";
$tablelist[] = $safe_k;
} else {
$safe_k = addslashes($k);
$searchresultSQL .= "(`{$safe_k}`.listingsdbelements_field_name = '{$safe_k}' AND (";
$vitem_count = 0;
foreach ($v as $vitem) {
$safe_vitem = addslashes($vitem);
if ($vitem != '') {
if ($vitem_count != 0) {
$searchresultSQL .= " AND `{$safe_k}`.listingsdbelements_field_value LIKE '%{$safe_vitem}%'";
} else {
$searchresultSQL .= " `{$safe_k}`.listingsdbelements_field_value LIKE '%{$safe_vitem}%'";
}
$vitem_count++;
}
}
$searchresultSQL .= "))";
$tablelist[] = $safe_k;
}
}
}
}
}
if ($postalcode_dist_lat != '' && $postalcode_dist_long != '' && $postalcode_dist_dist != '') {
$sql = "SELECT zipdist_zipcode FROM {$config['table_prefix_no_lang']}zipdist WHERE (POW((69.1*(zipdist_longitude-\"{$postalcode_dist_long}\")*cos({$postalcode_dist_lat}/57.3)),\"2\")+POW((69.1*(zipdist_latitude-\"{$postalcode_dist_lat}\")),\"2\"))<({$postalcode_dist_dist}*{$postalcode_dist_dist}) ";
$recordSet = $conn->Execute($sql);
if (!$recordSet) {
$misc->log_error($sql);
}
$zipcodes = array();
while (!$recordSet->EOF) {
$zipcodes[] = $recordSet->fields['zipdist_zipcode'];
$recordSet->MoveNext();
}
$pc_field_name = $config["map_zip"];
// Build Search Query
// Make Sure Array is not empty
$use = false;
$comma_separated = implode(" ", $zipcodes);
if (trim($comma_separated) != '') {
$use = true;
if ($searchresultSQL != '') {
$searchresultSQL .= ' AND ';
}
}
if ($use === true) {
$searchresultSQL .= "(`{$pc_field_name}`.listingsdbelements_field_name = '{$pc_field_name}' AND (";
$vitem_count = 0;
foreach ($zipcodes as $vitem) {
$safe_vitem = addslashes($vitem);
if ($vitem != '') {
if ($vitem_count != 0) {
$searchresultSQL .= " OR `{$pc_field_name}`.listingsdbelements_field_value = '{$save_vitem}'";
} else {
$searchresultSQL .= " `{$pc_field_name}`.listingsdbelements_field_value = '{$safe_vitem}'";
}
$vitem_count++;
}
}
$searchresultSQL .= "))";
$tablelist[] = $pc_field_name;
}
}
if ($city_dist_lat != '' && $city_dist_long != '' && $city_dist_dist != '') {
$sql = "SELECT zipdist_zipcode FROM {$config['table_prefix_no_lang']}zipdist WHERE (POW((69.1*(zipdist_longitude-\"{$city_dist_long}\")*cos({$city_dist_lat}/57.3)),\"2\")+POW((69.1*(zipdist_latitude-\"{$city_dist_lat}\")),\"2\"))<({$city_dist_dist}*{$city_dist_dist}) ";
$recordSet = $conn->Execute($sql);
if (!$recordSet) {
$misc->log_error($sql);
}
$zipcodes = array();
while (!$recordSet->EOF) {
$zipcodes[] = $recordSet->fields['zipdist_zipcode'];
$recordSet->MoveNext();
}
$pc_field_name = $config["map_zip"];
// Build Search Query
// Make Sure Array is not empty
$use = false;
$comma_separated = implode(" ", $zipcodes);
if (trim($comma_separated) != '') {
$use = true;
if ($searchresultSQL != '') {
$searchresultSQL .= ' AND ';
}
}
if ($use === true) {
$searchresultSQL .= "(`{$pc_field_name}`.listingsdbelements_field_name = '{$pc_field_name}' AND (";
$vitem_count = 0;
foreach ($zipcodes as $vitem) {
$safe_vitem = addslashes($vitem);
if ($vitem != '') {
if ($vitem_count != 0) {
$searchresultSQL .= " OR `{$pc_field_name}`.listingsdbelements_field_value = '{$safe_vitem}'";
} else {
$searchresultSQL .= " `{$pc_field_name}`.listingsdbelements_field_value = '{$safe_vitem}'";
}
$vitem_count++;
}
}
$searchresultSQL .= "))";
$tablelist[] = $pc_field_name;
}
}
//Lat Long Distance
if ($latlong_dist_lat != '' && $latlong_dist_long != '' && $latlong_dist_dist != '') {
/*
max_lon = lon1 + arcsin(sin(D/R)/cos(lat1))
min_lon = lon1 - arcsin(sin(D/R)/cos(lat1))
max_lat = lat1 + (180/pi)(D/R)
min_lat = lat1 - (180/pi)(D/R)
*/
//$max_long = $latlong_dist_long + asin(sin($latlong_dist_dist/3956)/cos($latlong_dist_lat));
//$min_long = $latlong_dist_long - asin(sin($latlong_dist_dist/3956)/cos($latlong_dist_lat));
//$max_lat = $latlong_dist_lat + (180/pi())*($latlong_dist_dist/3956);
//$min_lat = $latlong_dist_lat - (180/pi())*($latlong_dist_dist/3956);
/*
Latitude:
Apparently a degree of latitude expressed in miles does
vary slighty by latitude
(http://www.ncgia.ucsb.edu/education/curricula/giscc/units/u014/tables/table01.html)
but for our purposes, I suggest we use 1 degree latitude
= 69 miles.
Longitude:
This is more tricky one since it varies by latitude
(http://www.ncgia.ucsb.edu/education/curricula/giscc/units/u014/tables/table02.html).
The
simplest formula seems to be:
1 degree longitude expressed in miles = cos (latitude) *
69.17 miles
*/
//Get Correct Milage for ong based on lat.
$cos_long = 69.17;
if ($latlong_dist_lat >= 10) {
$cos_long = 68.13;
}
if ($latlong_dist_lat >= 20) {
$cos_long = 65.03;
}
if ($latlong_dist_lat >= 30) {
$cos_long = 59.95;
}
if ($latlong_dist_lat >= 40) {
$cos_long = 53.06;
}
if ($latlong_dist_lat >= 50) {
$cos_long = 44.55;
}
if ($latlong_dist_lat >= 60) {
$cos_long = 34.67;
}
if ($latlong_dist_lat >= 70) {
$cos_long = 23.73;
}
if ($latlong_dist_lat >= 80) {
$cos_long = 12.05;
}
if ($latlong_dist_lat >= 90) {
$cos_long = 0;
}
$max_long = $latlong_dist_long + $latlong_dist_dist / (cos(deg2rad($latlong_dist_lat)) * $cos_long);
$min_long = $latlong_dist_long - $latlong_dist_dist / (cos(deg2rad($latlong_dist_lat)) * $cos_long);
$max_lat = $latlong_dist_lat + $latlong_dist_dist / 69;
$min_lat = $latlong_dist_lat - $latlong_dist_dist / 69;
//
if ($max_lat < $min_lat) {
$max_lat2 = $min_lat;
$min_lat = $max_lat;
$max_lat = $max_lat2;
}
if ($max_long < $min_long) {
$max_long2 = $min_long;
$min_long = $max_long;
$max_long = $max_long2;
}
// Lat and Long Fields
$sql = "SELECT listingsformelements_field_name FROM " . $config['table_prefix'] . "listingsformelements WHERE listingsformelements_field_type = 'lat'";
$recordSet = $conn->Execute($sql);
if (!$recordSet) {
$misc->log_error($sql);
}
$lat_field = $recordSet->fields['listingsformelements_field_name'];
$sql = "SELECT listingsformelements_field_name FROM " . $config['table_prefix'] . "listingsformelements WHERE listingsformelements_field_type = 'long'";
$recordSet = $conn->Execute($sql);
if (!$recordSet) {
$misc->log_error($sql);
}
$long_field = $recordSet->fields['listingsformelements_field_name'];
if ($lat_field != '' & $long_field != '') {
$tablelist[] = $lat_field;
$tablelist[] = $long_field;
if ($searchresultSQL != '') {
$searchresultSQL .= ' AND ';
}
$searchresultSQL .= "(`{$lat_field}`.listingsdbelements_field_name = '{$lat_field}' AND `{$lat_field}`.listingsdbelements_field_value+0 <= '{$max_lat}')";
if ($searchresultSQL != '') {
$searchresultSQL .= ' AND ';
}
$searchresultSQL .= "(`{$lat_field}`.listingsdbelements_field_name = '{$lat_field}' AND `{$lat_field}`.listingsdbelements_field_value+0 >= '{$min_lat}')";
if ($searchresultSQL != '') {
$searchresultSQL .= ' AND ';
}
$searchresultSQL .= "(`{$long_field}`.listingsdbelements_field_name = '{$long_field}' AND `{$long_field}`.listingsdbelements_field_value+0 <= '{$max_long}')";
if ($searchresultSQL != '') {
$searchresultSQL .= ' AND ';
}
$searchresultSQL .= "(`{$long_field}`.listingsdbelements_field_name = '{$long_field}' AND `{$long_field}`.listingsdbelements_field_value+0 >= '{$min_long}')";
}
}
// Handle Sorting
// sort the listings
// this is the main SQL that grabs the listings
// basic sort by title..
$group_order_text = '';
$sortby = '';
$sorttype = '';
if ($config["special_sortby"] != 'none') {
$sortby = $config["special_sortby"] . ',';
$sorttype = $config["special_sorttype"] . ',';
}
if (!isset($_GET['sortby'])) {
$_GET['sortby'] = $config["sortby"];
}
if (!isset($_GET['sorttype'])) {
$_GET['sorttype'] = $config["sorttype"];
}
$sortby .= $_GET['sortby'];
$sorttype .= $_GET['sorttype'];
$sql_sort_type = '';
$sortby_array = explode(',', $sortby);
$sorttype_array = explode(',', $sorttype);
$sort_text = '';
$order_text = '';
$group_order_text = '';
$tablelist_nosort = $tablelist;
$sort_count = count($sortby_array);
for ($x = 0; $x < $sort_count; $x++) {
//make sure user input is sanitized before adding to query string
$sortby_array[$x] = $misc->sanitize($sortby_array[$x]);
$sorttype_array[$x] = $misc->sanitize($sorttype_array[$x], 4);
//limit length to 4 characters as sorttype can only be ASC or DESC
if ($sorttype_array[$x] != 'ASC' && $sorttype_array[$x] != 'DESC') {
$sorttype_array[$x] = '';
}
if ($sortby_array[$x] == 'listingsdb_id') {
if ($x == 0) {
$order_text .= 'ORDER BY listingsdb_id ' . $sorttype_array[$x];
} else {
$order_text .= ',listingsdb_id ' . $sorttype_array[$x];
}
} elseif ($sortby_array[$x] == 'listingsdb_title') {
if ($x == 0) {
$order_text .= 'ORDER BY listingsdb_title ' . $sorttype_array[$x];
} else {
$order_text .= ',listingsdb_title ' . $sorttype_array[$x];
}
} elseif ($sortby_array[$x] == 'random') {
if ($x == 0) {
$order_text .= 'ORDER BY rand() ' . $sorttype_array[$x];
} else {
$order_text .= ',rand() ' . $sorttype_array[$x];
}
} elseif ($sortby_array[$x] == 'listingsdb_featured') {
if ($x == 0) {
$order_text .= 'ORDER BY listingsdb_featured ' . $sorttype_array[$x];
} else {
$order_text .= ',listingsdb_featured ' . $sorttype_array[$x];
}
} elseif ($sortby_array[$x] == 'listingsdb_last_modified') {
if ($x == 0) {
$order_text .= 'ORDER BY listingsdb_last_modified ' . $sorttype_array[$x];
} else {
$order_text .= ',listingsdb_last_modified ' . $sorttype_array[$x];
}
} elseif ($sortby_array[$x] == 'pclass') {
if ($searchresultSQL != '') {
$searchresultSQL .= ' AND ';
}
$searchresultSQL .= $config['table_prefix_no_lang'] . 'classlistingsdb.listingsdb_id = ' . $config['table_prefix'] . 'listingsdb.listingsdb_id AND ' . $config['table_prefix_no_lang'] . 'classlistingsdb.class_id = ' . $config['table_prefix'] . 'class.class_id ';
$tablelist_fullname[] = $config['table_prefix_no_lang'] . "classlistingsdb";
$tablelist_fullname[] = $config['table_prefix'] . 'class';
if ($x == 0) {
$order_text .= 'ORDER BY ' . $config['table_prefix'] . 'class.class_name ' . $sorttype_array[$x];
} else {
$order_text .= ',' . $config['table_prefix'] . 'class.class_name ' . $sorttype_array[$x];
}
} else {
// Check if field is a number or price field and cast the order.
$sort_by_field = $misc->make_db_extra_safe($sortby_array[$x]);
$sql_sort_type = 'SELECT listingsformelements_field_type FROM ' . $config['table_prefix'] . 'listingsformelements WHERE listingsformelements_field_name = ' . $sort_by_field;
$recordSet_sort_type = $conn->Execute($sql_sort_type);
if (!$recordSet_sort_type) {
$misc->log_error($sql_sort_type);
}
$field_type = $recordSet_sort_type->fields['listingsformelements_field_type'];
if ($field_type == 'price' || $field_type == 'number' || $field_type == 'decimal') {
$tablelist[] = 'sort' . $x;
$sort_text .= 'AND (sort' . $x . '.listingsdbelements_field_name = ' . $sort_by_field . ') ';
global $db_type;
if ($db_type == 'mysql') {
if ($x == 0) {
$order_text .= ' ORDER BY CAST(sort' . $x . '.listingsdbelements_field_value as signed) ' . $sorttype_array[$x];
$group_order_text .= ',sort' . $x . '.listingsdbelements_field_value';
} else {
$order_text .= ',CAST(sort' . $x . '.listingsdbelements_field_value as signed) ' . $sorttype_array[$x];
$group_order_text .= ',sort' . $x . '.listingsdbelements_field_value';
}
} else {
if ($x == 0) {
$order_text .= ' ORDER BY CAST(sort' . $x . '.listingsdbelements_field_value as int4) ' . $sorttype_array[$x];
$group_order_text .= ',sort' . $x . '.listingsdbelements_field_value';
} else {
$order_text .= ',CAST(sort' . $x . '.listingsdbelements_field_value as int4) ' . $sorttype_array[$x];
$group_order_text .= ',sort' . $x . '.listingsdbelements_field_value';
}
}
} else {
$tablelist[] = 'sort' . $x;
$sort_text .= 'AND (sort' . $x . '.listingsdbelements_field_name = ' . $sort_by_field . ') ';
if ($x == 0) {
$order_text .= ' ORDER BY sort' . $x . '.listingsdbelements_field_value ' . $sorttype_array[$x];
} else {
$order_text .= ', sort' . $x . '.listingsdbelements_field_value ' . $sorttype_array[$x];
}
$group_order_text .= ',sort' . $x . '.listingsdbelements_field_value';
}
}
}
$group_order_text = $group_order_text . ' ' . $order_text;
if ($imageonly == true || $vtoursonly == true) {
$order_text = "GROUP BY " . $config['table_prefix'] . "listingsdb.listingsdb_id, " . $config['table_prefix'] . "listingsdb.listingsdb_title " . $group_order_text;
}
if ($DEBUG_SQL) {
echo '<strong>Sort Type SQL:</strong> ' . $sql_sort_type . '<br />';
echo '<strong>Sort Text:</strong> ' . $sort_text . '<br />';
echo '<strong>Order Text:</strong> ' . $order_text . '<br />';
}
$guidestring_with_sort = $guidestring_with_sort . $guidestring;
// End of Sort
$arrayLength = count($tablelist);
if ($DEBUG_SQL) {
echo '<strong>Table List Array Length:</strong> ' . $arrayLength . '<br />';
}
$string_table_list = '';
for ($i = 0; $i < $arrayLength; $i++) {
$string_table_list .= ' ,' . $config['table_prefix'] . 'listingsdbelements `' . $tablelist[$i] . '`';
}
$arrayLength = count($tablelist_nosort);
$string_table_list_no_sort = '';
for ($i = 0; $i < $arrayLength; $i++) {
$string_table_list_no_sort .= ' ,' . $config['table_prefix'] . 'listingsdbelements `' . $tablelist[$i] . '`';
}
$arrayLength = count($tablelist_fullname);
if ($DEBUG_SQL) {
echo '<strong>Table List Array Length:</strong> ' . $arrayLength . '<br />';
}
for ($i = 0; $i < $arrayLength; $i++) {
$string_table_list .= ' ,' . $tablelist_fullname[$i];
$string_table_list_no_sort .= ' ,' . $tablelist_fullname[$i];
}
if ($DEBUG_SQL) {
echo '<strong>Table List String:</strong> ' . $string_table_list . '<br />';
}
$arrayLength = count($tablelist);
$string_where_clause = '';
for ($i = 0; $i < $arrayLength; $i++) {
$string_where_clause .= ' AND (' . $config['table_prefix'] . 'listingsdb.listingsdb_id = `' . $tablelist[$i] . '`.listingsdb_id)';
}
$arrayLength = count($tablelist_nosort);
$string_where_clause_nosort = '';
for ($i = 0; $i < $arrayLength; $i++) {
$string_where_clause_nosort .= ' AND (' . $config['table_prefix'] . 'listingsdb.listingsdb_id = `' . $tablelist[$i] . '`.listingsdb_id)';
}
if ($imageonly) {
$searchSQL = "SELECT distinct(" . $config['table_prefix'] . "listingsdb.listingsdb_id), " . $config['table_prefix'] . "listingsdb.userdb_id, " . $config['table_prefix'] . "listingsdb.listingsdb_title FROM " . $config['table_prefix'] . "listingsdb, " . $config['table_prefix'] . "listingsimages " . $string_table_list . " WHERE (listingsdb_active = 'yes') " . $string_where_clause . " AND (" . $config['table_prefix'] . "listingsimages.listingsdb_id = " . $config['table_prefix'] . "listingsdb.listingsdb_id) ";
$searchSQLCount = "SELECT COUNT(distinct(" . $config['table_prefix'] . "listingsdb.listingsdb_id)) as total_listings FROM " . $config['table_prefix'] . "listingsdb, " . $config['table_prefix'] . "listingsimages " . $string_table_list_no_sort . " WHERE (listingsdb_active = 'yes') " . $string_where_clause_nosort . " AND (" . $config['table_prefix'] . "listingsimages.listingsdb_id = " . $config['table_prefix'] . "listingsdb.listingsdb_id) ";
} elseif ($vtoursonly) {
$searchSQL = "SELECT distinct(" . $config['table_prefix'] . "listingsdb.listingsdb_id), " . $config['table_prefix'] . "listingsdb.userdb_id, " . $config['table_prefix'] . "listingsdb.listingsdb_title FROM " . $config['table_prefix'] . "listingsdb, " . $config['table_prefix'] . "vtourimages " . $string_table_list . " WHERE (listingsdb_active = 'yes') " . $string_where_clause . " AND (" . $config['table_prefix'] . "vtourimages.listingsdb_id = " . $config['table_prefix'] . "listingsdb.listingsdb_id) ";
$searchSQLCount = "SELECT COUNT(distinct(" . $config['table_prefix'] . "listingsdb.listingsdb_id)) as total_listings FROM " . $config['table_prefix'] . "listingsdb, " . $config['table_prefix'] . "vtourimages " . $string_table_list_no_sort . " WHERE (listingsdb_active = 'yes') " . $string_where_clause_nosort . " AND (" . $config['table_prefix'] . "vtourimages.listingsdb_id = " . $config['table_prefix'] . "listingsdb.listingsdb_id) ";
} else {
$searchSQL = "SELECT distinct(" . $config['table_prefix'] . "listingsdb.listingsdb_id), " . $config['table_prefix'] . "listingsdb.userdb_id, " . $config['table_prefix'] . "listingsdb.listingsdb_title FROM " . $config['table_prefix'] . "listingsdb " . $string_table_list . " WHERE (listingsdb_active = 'yes') " . $string_where_clause;
$searchSQLCount = "SELECT COUNT(distinct(" . $config['table_prefix'] . "listingsdb.listingsdb_id)) as total_listings FROM " . $config['table_prefix'] . "listingsdb " . $string_table_list_no_sort . " WHERE (listingsdb_active = 'yes') " . $string_where_clause_nosort;
}
if ($searchresultSQL != '') {
$searchSQL .= " AND " . $searchresultSQL;
$searchSQLCount .= " AND " . $searchresultSQL;
}
if ($config['use_expiration'] == 1) {
$searchSQL .= " AND (listingsdb_expiration > " . $conn->DBDate(time()) . ")";
$searchSQLCount .= " AND (listingsdb_expiration > " . $conn->DBDate(time()) . ")";
}
$sql = $searchSQL . " {$sort_text} {$order_text}";
$searchSQLCount = $searchSQLCount;
// We now have a complete SQL Query. Now grab the results
$recordSet = $conn->Execute($searchSQLCount);
if ($DEBUG_SQL) {
echo '<strong>Listing Count:</strong> ' . $searchSQLCount . '<br />';
}
if (!$recordSet) {
$misc->log_error($searchSQLCount);
}
// We have the results so now we need to stack them in arrays to use with the search_result.html template file
// Load the templste
require_once $config['basepath'] . '/include/class/template/core.inc.php';
$page = new page_user();
if (count($_GET['pclass']) == 1 && file_exists($config['template_path'] . '/search_results_class_' . $_GET['pclass'][0] . '.html')) {
$page->load_page($config['template_path'] . '/search_results_class_' . $_GET['pclass'][0] . '.html');
} else {
$page->load_page($config['template_path'] . '/' . $config['search_result_template']);
}
// Get header section
$header_section = $page->get_template_section('search_result_header');
$search_result = '';
// Ok we have the header section now get the result section
$search_result_section = $page->get_template_section('search_result_dataset');
// Get the number of rows(records) we have.
// $num_rows = $recordSet->RecordCount();
$num_rows = $recordSet->fields['total_listings'];
if ($return_ids_only === true) {
// If we are returning IDs only for the notify listing then get the id and move on.
$id = array();
$resultRecordSet = $conn->Execute($sql);
if (!$resultRecordSet) {
$misc->log_error($sql);
}
if ($DEBUG_SQL) {
echo '<strong>Search SQL:</strong> ' . $sql . '<br />';
}
while (!$resultRecordSet->EOF) {
$id[] = $resultRecordSet->fields['listingsdb_id'];
$resultRecordSet->MoveNext();
}
// while
return $id;
} elseif ($return_ids_only === 'perpage') {
$id = array();
if (!isset($_GET['cur_page'])) {
$_GET['cur_page'] = 0;
}
$limit_str = intval($_GET['cur_page']) * $config['listings_per_page'];
$resultRecordSet = $conn->SelectLimit($sql, $config['listings_per_page'], $limit_str);
if (!$resultRecordSet) {
$misc->log_error($sql);
}
if ($DEBUG_SQL) {
echo '<strong>Search SQL:</strong> ' . $sql . '<br />';
}
while (!$resultRecordSet->EOF) {
$id[] = $resultRecordSet->fields['listingsdb_id'];
$resultRecordSet->MoveNext();
}
// while
return $id;
} else {
if ($num_rows > 0) {
if (!isset($_GET['cur_page'])) {
$_GET['cur_page'] = 0;
}
// build the string to select a certain number of listings per page
$limit_str = intval($_GET['cur_page']) * $config['listings_per_page'];
$num_records = $config['listings_per_page'];
$some_num = intval($_GET['cur_page']) + 1;
$this_page_max = $some_num * $config['listings_per_page'];
// Check if we're setting a maximum number of search results
if ($config["max_search_results"] > 0) {
// Check if we've reached the max number of listings setting.
if ($this_page_max > $config["max_search_results"]) {
$num_records = $this_page_max - $config["max_search_results"];
}
// Failsafe check in case the max search results was set lower than the listings per page setting.
if ($config["max_search_results"] < $config['listings_per_page']) {
$num_records = $config["max_search_results"];
}
// Adjust the $num_rows for the next_prev function to show at the max the max results setting
if ($num_rows > $config["max_search_results"]) {
$num_rows = $config["max_search_results"];
}
}
if ($config['show_next_prev_listing_page'] == 1) {
// ************added for next prev navigation***********
$newurl = '';
foreach ($_GET as $k => $v) {
if ($v && $k != 'cur_page' && $k != 'PHPSESSID' && $k != 'action') {
if (is_array($v)) {
foreach ($v as $vitem) {
$newurl .= '&' . urlencode("{$k}") . '[]=' . urlencode("{$vitem}");
}
} else {
$newurl .= '&' . urlencode("{$k}") . '=' . urlencode("{$v}");
}
}
}
$rtest = $conn->Execute($sql);
if (!$rtest) {
$misc->log_error($sql);
}
$_SESSION['results'] = array();
$_SESSION['titles'] = array();
while (!$rtest->EOF) {
$ID = $rtest->fields['listingsdb_id'];
$url_title = $rtest->fields['listingsdb_title'];
$url_title = str_replace("/", "", $url_title);
$url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title));
$url_title = str_replace(" ", "+", $url_title);
$_SESSION['results'][] = $ID;
$_SESSION['titles'][] = $url_title;
$rtest->MoveNext();
}
$_SESSION['cur_page'] = intval($_GET['cur_page']);
$_SESSION['searchstring'] = $newurl;
$_SESSION['count'] = $num_rows;
// ************added for next prev navigation***********
}
// Store the next_prev code as a variable to place in the template
$next_prev = $misc->next_prev($num_rows, intval($_GET['cur_page']), $guidestring_with_sort);
$next_prev_bottom = $misc->next_prev($num_rows, intval($_GET['cur_page']), $guidestring_with_sort, 'bottom');
$resultRecordSet = $conn->SelectLimit($sql, $num_records, $limit_str);
if (!$resultRecordSet) {
$misc->log_error($sql);
}
if ($DEBUG_SQL) {
echo '<strong>Search SQL:</strong> ' . $sql . '<br />';
}
// Get the the fields marked as browseable.
$sql = "SELECT listingsformelements_id, listingsformelements_field_caption, listingsformelements_field_name, listingsformelements_display_priv, listingsformelements_search_result_rank FROM " . $config['table_prefix'] . "listingsformelements WHERE (listingsformelements_display_on_browse = 'Yes') AND (listingsformelements_field_type <> 'textarea') ORDER BY listingsformelements_search_result_rank";
$recordSet = $conn->Execute($sql);
$num_columns = $recordSet->RecordCount();
// Get header_title
$field_caption = $lang['title'];
$field_name = "listingsdb_title";
$sorttypestring = '';
$sort_type_count = 0;
foreach ($sortby_array as $sortby) {
if ($sortby == $field_name) {
if (!isset($sorttype_array[$sort_type_count]) || $sorttype_array[$sort_type_count] == 'DESC') {
$reverse_sort = 'ASC';
} else {
$reverse_sort = 'DESC';
}
$sorttypestring = 'sorttype=' . $reverse_sort;
}
$sort_type_count++;
}
if ($sorttypestring == '') {
$sorttypestring = "sorttype=ASC";
}
// This is header_title it is the lang variable for title
$header_title = '<a href="index.php?action=searchresults&sortby=' . $field_name . '&' . $sorttypestring . $guidestring . '">' . $field_caption . '</a>';
$header_title_no_sort = $field_caption;
// Get header_title
$field_caption = $lang['header_pclass'];
$field_name = "pclass";
$sorttypestring = '';
$sort_type_count = 0;
foreach ($sortby_array as $sortby) {
if ($sortby == $field_name) {
if (!isset($sorttype_array[$sort_type_count]) || $sorttype_array[$sort_type_count] == 'DESC') {
$reverse_sort = 'ASC';
} else {
$reverse_sort = 'DESC';
}
$sorttypestring = 'sorttype=' . $reverse_sort;
}
$sort_type_count++;
}
if ($sorttypestring == '') {
$sorttypestring = "sorttype=ASC";
}
// This is header_title it is the lang variable for title
$header_pclass = '<a href="index.php?action=searchresults&sortby=' . $field_name . '&' . $sorttypestring . $guidestring . '">' . $field_caption . '</a>';
$header_pclass_no_sort = $field_caption;
$field = array();
$field_no_sort = array();
while (!$recordSet->EOF) {
$x = $misc->make_db_unsafe($recordSet->fields['listingsformelements_search_result_rank']);
// Check for Translations if needed
if (!isset($_SESSION["users_lang"])) {
$field_caption = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_caption']);
} else {
$listingsformelements_id = $recordSet->fields['listingsformelements_id'];
$lang_sql = "SELECT listingsformelements_field_caption FROM " . $config['lang_table_prefix'] . "listingsformelements WHERE listingsformelements_id = {$listingsformelements_id}";
$lang_recordSet = $conn->Execute($lang_sql);
if (!$lang_recordSet) {
$misc->log_error($lang_sql);
}
if ($DEBUG_SQL) {
echo '<strong>ML: Field Caption SQL:</strong> ' . $lang_sql . '<br />';
}
$field_caption = $misc->masearch_result_datasetke_db_unsafe($lang_recordSet->fields['listingsformelements_field_caption']);
}
$field_name = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_name']);
$display_priv = $misc->make_db_unsafe($recordSet->fields['listingsformelements_display_priv']);
$display_status = false;
if ($display_priv == 1) {
$display_status = login::loginCheck('Member', true);
} elseif ($display_priv == 2) {
$display_status = login::loginCheck('Agent', true);
} else {
$display_status = true;
}
if ($display_status === true) {
$sorttypestring = '';
$sort_type_count = 0;
foreach ($sortby_array as $sortby) {
if ($sortby == $field_name) {
if (!isset($sorttype_array[$sort_type_count]) || $sorttype_array[$sort_type_count] == 'DESC') {
$reverse_sort = 'ASC';
} else {
$reverse_sort = 'DESC';
}
$sorttypestring = 'sorttype=' . $reverse_sort;
}
$sort_type_count++;
}
if ($sorttypestring == '') {
$sorttypestring = "sorttype=ASC";
}
$field[$x] = '<a href="index.php?action=searchresults&sortby=' . $field_name . '&' . $sorttypestring . $guidestring . '">' . $field_caption . '</a>';
$field_no_sort[$x] = $field_caption;
}
$recordSet->MoveNext();
}
// end while
// We have all the header information so we can now parse that section
$header_section = $page->parse_template_section($header_section, 'header_title', $header_title);
$header_section = $page->parse_template_section($header_section, 'header_title_no_sort', $header_title_no_sort);
$header_section = $page->parse_template_section($header_section, 'header_pclass', $header_pclass);
$header_section = $page->parse_template_section($header_section, 'header_pclass_no_sort', $header_pclass_no_sort);
foreach ($field as $x => $f) {
$header_section = $page->parse_template_section($header_section, 'header_' . $x, $f);
}
foreach ($field_no_sort as $x => $f) {
$header_section = $page->parse_template_section($header_section, 'header_' . $x . '_no_sort', $f);
}
// We have the title now we need the image
$num_columns = $num_columns + 1;
// add one for the image
$count = 0;
while (!$resultRecordSet->EOF) {
// Start a new section for each listing.
$search_result .= $search_result_section;
// alternate the colors
if ($count == 0) {
$count = $count + 1;
} else {
$count = 0;
}
$Title = $misc->make_db_unsafe($resultRecordSet->fields['listingsdb_title']);
$current_ID = $resultRecordSet->fields['listingsdb_id'];
$or_owner = $resultRecordSet->fields['userdb_id'];
if ($config['url_style'] == '1') {
$url = '<a href="index.php?action=listingview&listingID=' . $current_ID . '">';
} else {
$url_title = str_replace("/", "", $Title);
$url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title));
$url = '<a href="listing-' . misc::urlencode_to_sef($url_title) . '-' . $current_ID . '.html">';
}
$field_title = $url . $Title . '</a>';
// Insert the title as we grabbed it earlier
$search_result = $page->parse_template_section($search_result, 'field_title', $field_title);
$search_result = $page->parse_template_section($search_result, 'listingid', $current_ID);
$search_result = $page->replace_listing_field_tags($current_ID, $search_result);
//get distance for postal code distance searches
if (isset($_GET['postalcode_dist_dist'])) {
$sql3 = "SELECT listingsdbelements_field_value FROM " . $config['table_prefix'] . "listingsdbelements WHERE ((listingsdb_id = {$current_ID}) AND (listingsdbelements_field_name = '" . $config['map_zip'] . "'))";
$recordSet3 = $conn->Execute($sql3);
$sql4 = 'SELECT zipdist_latitude, zipdist_longitude FROM ' . $config['table_prefix_no_lang'] . 'zipdist WHERE zipdist_zipcode =' . $recordSet3->fields['listingsdbelements_field_value'];
$recordSet4 = $conn->Execute($sql4);
$postalcode_distance = round($this->calculate_mileage($postalcode_dist_lat, $recordSet4->fields['zipdist_latitude'], $postalcode_dist_long, $recordSet4->fields['zipdist_longitude']), 2) . ' ' . $lang['postalcode_miles_away'];
$search_result = $page->parse_template_section($search_result, 'postalcode_search_distance', $postalcode_distance);
}
// grab the rest of the listing's data
$sql2 = "SELECT listingsdbelements_field_name, listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_display_priv, listingsformelements_search_result_rank FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((listingsdb_id = {$current_ID}) AND (listingsformelements_display_on_browse = 'Yes') " . "AND (listingsdbelements_field_name = listingsformelements_field_name)) ORDER BY listingsformelements_search_result_rank";
$recordSet2 = $conn->Execute($sql2);
if ($DEBUG_SQL) {
echo '<strong>Listing Data:</strong> ' . $sql2 . '<br />';
}
if (!$recordSet2) {
$misc->log_error($sql2);
}
$field = array();
$textarea = array();
while (!$recordSet2->EOF) {
$field_name = $misc->make_db_unsafe($recordSet2->fields['listingsdbelements_field_name']);
$field_value = $misc->make_db_unsafe($recordSet2->fields['listingsdbelements_field_value']);
$field_type = $misc->make_db_unsafe($recordSet2->fields['listingsformelements_field_type']);
$display_priv = $misc->make_db_unsafe($recordSet2->fields['listingsformelements_display_priv']);
$x = $misc->make_db_unsafe($recordSet2->fields['listingsformelements_search_result_rank']);
$display_status = false;
if ($display_priv == 1) {
$display_status = login::loginCheck('Member', true);
} elseif ($display_priv == 2) {
$display_status = login::loginCheck('Agent', true);
} else {
$display_status = true;
}
if ($display_status === true) {
switch ($field_type) {
case 'textarea':
if ($config['add_linefeeds'] === "1") {
$textarea[$x] = nl2br($field_value);
} else {
$textarea[$x] = $field_value;
}
break;
case "select-multiple":
case "option":
case "checkbox":
// handle field types with multiple options
$feature_index_list = explode("||", $field_value);
$field[$x] = '';
foreach ($feature_index_list as $feature_list_item) {
$field[$x] .= $feature_list_item;
$field[$x] .= $config['feature_list_separator'];
}
break;
case "price":
$sql3 = "SELECT listingsdbelements_field_value FROM " . $config['table_prefix'] . "listingsdbelements WHERE ((listingsdb_id = {$current_ID}) AND (listingsdbelements_field_name = 'status'))";
$recordSet3 = $conn->Execute($sql3);
if (!$recordSet3) {
$misc->log_error($sql3);
}
if ($DEBUG_SQL) {
echo '<strong>Status Lookup for price field:</strong> ' . $sql3 . '<br />';
}
$status = $misc->make_db_unsafe($recordSet3->fields['listingsdbelements_field_value']);
$recordSet3->Close();
if ($field_value == "" && $config["zero_price"] == "1") {
$money_amount = $misc->international_num_format($field_value, $config['number_decimals_price_fields']);
if ($status == 'Sold') {
$field[$x] = "<span style=\"text-decoration: line-through\">";
$field[$x] .= "</span><br /><span style=\"color:red;\"><strong>{$lang['mark_as_sold']}</strong></span>";
} elseif ($status == 'Pending') {
$field[$x] .= "<br /><span style=\"color:green;\"><strong>{$lang['mark_as_pending']}</strong></span>";
} else {
$field[$x] = $lang['call_for_price'];
}
} else {
$money_amount = $misc->international_num_format($field_value, $config['number_decimals_price_fields']);
if ($status == 'Sold') {
$field[$x] = "<span style=\"text-decoration: line-through\">";
$field[$x] .= $misc->money_formats($money_amount);
$field[$x] .= "</span><br /><span style=\"color:red;\"><strong>{$lang['mark_as_sold']}</strong></span>";
} elseif ($status == 'Pending') {
$field[$x] = $misc->money_formats($money_amount);
$field[$x] .= "<br /><span style=\"color:green;\"><strong>{$lang['mark_as_pending']}</strong></span>";
} else {
$field[$x] = $misc->money_formats($money_amount);
}
}
// end else
break;
case "select":
if ($field_name == "Mi_business") {
$sql4 = "SELECT listingsdbelements_field_value FROM " . $config['table_prefix'] . "listingsdbelements WHERE ((listingsdb_id = {$current_ID}) AND (listingsdbelements_field_name = 'Mi_business'))";
$recordSet4 = $conn->Execute($sql4);
if (!$recordSet4) {
$misc->log_error($sql4);
} else {
$requiredMigration = $misc->make_db_unsafe($recordSet4->fields['listingsdbelements_field_value']);
$recordSet4->Close();
if ($requiredMigration == 'Yes') {
$field[$x] = '<strong style="color:red">Business Migration Ready 能用作投资移民申请</strong>';
} else {
$field[$x] = '';
}
}
} else {
$field[$x] = "{$field_value}";
}
break;
case "number":
$field[$x] = $misc->international_num_format($field_value, $config['number_decimals_number_fields']);
break;
case "url":
$field[$x] = "<a href=\"{$field_value}\" target=\"_blank\">{$field_value}</a>";
break;
case "email":
$field[$x] = "<a href=\"mailto:{$field_value}\">{$field_value}</a>";
break;
case "date":
if ($config['date_format'] == 1) {
$format = "m/d/Y";
} elseif ($config['date_format'] == 2) {
$format = "Y/d/m";
} elseif ($config['date_format'] == 3) {
$format = "d/m/Y";
}
if ($field_value > 0) {
$field_value = date($format, "{$field_value}");
}
$field[$x] = "{$field_value}";
break;
default:
$field[$x] = "{$field_value}";
break;
}
// end switch
}
$recordSet2->MoveNext();
}
// end while
foreach ($field as $x => $f) {
$search_result = $page->parse_template_section($search_result, 'field_' . $x, $f);
}
//Form URLS for TextArea
if ($config['url_style'] == '1') {
$preview = '... <a href="index.php?action=listingview&listingID=' . $current_ID . '">' . $lang['more_info'] . '</a>';
} else {
$url_title = str_replace("/", "", $Title);
$url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title));
$preview = '... <a href="listing-' . misc::urlencode_to_sef($url_title) . '-' . $current_ID . '.html">' . $lang['more_info'] . '</a>';
}
foreach ($textarea as $x => $f) {
// Normal Textarea
$search_result = $page->parse_template_section($search_result, 'textarea_' . $x, $f);
// Short textarea of first number of characters defined in site config with link to the listing
$p = substr(strip_tags($f), 0, $config['textarea_short_chars']);
$p = substr($p, 0, strrpos($p, ' '));
$search_result = $page->parse_template_section($search_result, 'textarea_' . $x . '_short', $p . '' . $preview);
}
//Cleanup Textareas
$search_result = preg_replace('/{textarea_(.*?)_short}/', $preview, $search_result);
$search_result = preg_replace('/{textarea_(.*?)}/', '', $search_result);
// Show Vtour indicator Image if vtour exists
require_once $config['basepath'] . '/include/vtour.inc.php';
$vtour_link = vtours::rendervtourlink($current_ID, true);
$search_result = $page->parse_template_section($search_result, 'vtour_button', $vtour_link);
// Show Creation Date
require_once $config['basepath'] . '/include/listing.inc.php';
$get_creation_date = listing_pages::get_creation_date($current_ID);
$search_result = $page->parse_template_section($search_result, 'get_creation_date', $get_creation_date);
// Show Featured
require_once $config['basepath'] . '/include/listing.inc.php';
$get_featured = listing_pages::get_featured($current_ID, 'no');
$search_result = $page->parse_template_section($search_result, 'get_featured', $get_featured);
// Show Featured Raw
require_once $config['basepath'] . '/include/listing.inc.php';
$get_featured_raw = listing_pages::get_featured($current_ID, 'yes');
$search_result = $page->parse_template_section($search_result, 'get_featured_raw', $get_featured_raw);
// Show Modified Date
require_once $config['basepath'] . '/include/listing.inc.php';
$get_modified_date = listing_pages::get_modified_date($current_ID);
$search_result = $page->parse_template_section($search_result, 'get_modified_date', $get_modified_date);
// Start {isfavorite} search result template section tag
if (isset($_SESSION['userID'])) {
$userID = $misc->make_db_safe($_SESSION['userID']);
$sql1 = "SELECT listingsdb_id FROM " . $config['table_prefix'] . "userfavoritelistings WHERE ((listingsdb_id = {$current_ID}) AND (userdb_id={$userID}))";
$recordSet1 = $conn->Execute($sql1);
if ($recordSet1 === false) {
$misc->log_error($sql1);
}
$favorite_listingsdb_id = $misc->make_db_unsafe($recordSet1->fields['listingsdb_id']);
if ($favorite_listingsdb_id !== $current_ID) {
$isfavorite = "no";
$search_result = $page->parse_template_section($search_result, 'isfavorite', $isfavorite);
} else {
$isfavorite = "yes";
$search_result = $page->parse_template_section($search_result, 'isfavorite', $isfavorite);
}
}
// End {isfavorite} search result template section tag
// Show Delete From Favorites Link if needed
$delete_from_fav = '';
if (isset($_SESSION['userID'])) {
$userID = $misc->make_db_safe($_SESSION['userID']);
$sql = "SELECT listingsdb_id FROM " . $config['table_prefix'] . "userfavoritelistings WHERE ((listingsdb_id = {$current_ID}) AND (userdb_id={$userID}))";
$recordSet = $conn->Execute($sql);
if (!$recordSet) {
$misc->log_error($sql);
}
if ($DEBUG_SQL) {
echo '<strong>Delete Favorite Lookup:</strong> ' . $sql . '<br />';
}
$num_rows = $recordSet->RecordCount();
if ($num_rows > 0) {
$delete_from_fav = '<a href="index.php?action=delete_favorites&listingID=' . $current_ID . '" onclick="return confirmDelete()">' . $lang['delete_from_favorites'] . '</a>';
}
}
// Instert link into section
$search_result = $page->parse_template_section($search_result, 'delete_from_favorite', $delete_from_fav);
//Show Add To Favorites
$link_add_favorites = '';
if (isset($_SESSION['userID'])) {
$userID = $misc->make_db_safe($_SESSION['userID']);
$sql = "SELECT listingsdb_id FROM " . $config['table_prefix'] . "userfavoritelistings WHERE ((listingsdb_id = {$current_ID}) AND (userdb_id={$userID}))";
$recordSet = $conn->Execute($sql);
if (!$recordSet) {
$misc->log_error($sql);
}
if ($DEBUG_SQL) {
echo '<strong>Add Favorite Lookup:</strong> ' . $sql . '<br />';
}
$num_rows = $recordSet->RecordCount();
if ($num_rows == 0) {
$link_add_favorites = listing_pages::create_add_favorite_link();
}
} else {
$link_add_favorites = listing_pages::create_add_favorite_link();
}
// Instert link into section
$search_result = $page->parse_template_section($search_result, 'link_add_favorites', $link_add_favorites);
// Insert row number
$search_result = $page->parse_template_section($search_result, 'row_num_even_odd', $count);
$resultRecordSet->MoveNext();
// Replace Edit Listing links
require_once $config['basepath'] . '/include/listing.inc.php';
$edit_link = listing_pages::edit_listing_link();
$search_result = $page->parse_template_section($search_result, 'link_edit_listing', $edit_link);
$edit_link = listing_pages::edit_listing_link('yes');
$search_result = $page->parse_template_section($search_result, 'link_edit_listing_url', $edit_link);
// Replace addon fields.
$addon_fields = $page->get_addon_template_field_list($addons);
$search_result = $page->parse_addon_tags($search_result, $addon_fields);
$search_result = $page->cleanup_fields($search_result);
$search_result = $page->cleanup_images($search_result);
}
// end while
$page->replace_template_section('search_result_header', $header_section);
$page->replace_template_section('search_result_dataset', $search_result);
$page->replace_permission_tags();
$page->cleanup_template_sections($next_prev, $next_prev_bottom);
$display = $page->return_page();
} else {
if (!isset($_GET['cur_page'])) {
$_GET['cur_page'] = 0;
}
// This search has no results. Display an error message and the search page again.
$display .= search_page::create_searchpage(false, true);
}
return $display;
}
}
function view_image($type)
{
global $conn, $config, $lang;
require_once $config['basepath'] . '/include/misc.inc.php';
require_once $config['basepath'] . '/include/listing.inc.php';
$misc = new misc();
$display = '';
if (!isset($_GET['image_id'])) {
return $lang['image_not_found'];
}
$sql_imageID = $misc->make_db_safe($_GET['image_id']);
if ($type == "listing") {
// get the image data
$sql = "SELECT listingsimages_caption, listingsimages_file_name, listingsimages_description, listingsdb_id FROM " . $config['table_prefix'] . "listingsimages WHERE (listingsimages_id = {$sql_imageID})";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$caption = $misc->make_db_unsafe($recordSet->fields['listingsimages_caption']);
$file_name = $misc->make_db_unsafe($recordSet->fields['listingsimages_file_name']);
$description = $misc->make_db_unsafe($recordSet->fields['listingsimages_description']);
$listing_id = $misc->make_db_unsafe($recordSet->fields['listingsdb_id']);
$recordSet->MoveNext();
}
$display .= '<div class="view_image">';
$display .= '<span class="image_caption">';
if ($caption != "") {
$display .= "{$caption} - ";
}
//SEO Friendly Links
$Title = listing_pages::get_title($listing_id);
if ($config['url_style'] == '1') {
$url = '<a href="index.php?action=listingview&listingID=' . $listing_id . '">';
} else {
$url_title = str_replace("/", "", $Title);
$url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title));
$url = '<a href="listing-' . urlencode($url_title) . '-' . $listing_id . '.html">';
}
$display .= $url . $lang['return_to_listing'] . '</a></span><br />';
$display .= '<img src="' . $config['listings_view_images_path'] . '/' . $file_name . '" alt="' . $caption . '" />';
$display .= '<br />';
$display .= $description;
$display .= '</div>';
} elseif ($type == "userimage") {
// get the image data
$sql = "SELECT userimages_caption, userimages_file_name, userimages_description, userdb_id FROM " . $config['table_prefix'] . "userimages WHERE (userimages_id = {$sql_imageID})";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$caption = $misc->make_db_unsafe($recordSet->fields['userimages_caption']);
$file_name = $misc->make_db_unsafe($recordSet->fields['userimages_file_name']);
$description = $misc->make_db_unsafe($recordSet->fields['userimages_description']);
$user_id = $recordSet->fields['userdb_id'];
$recordSet->MoveNext();
}
$display .= '<table class="form_" align="center">';
$display .= '<tr>';
$display .= ' <td class="row_main">';
$display .= ' <h3>';
if ($caption != "") {
$display .= "{$caption} - ";
}
$display .= '<a href="index.php?action=view_user&user='******'">' . $lang['return_to_user'] . '</a></h3>';
$display .= ' <center>';
$display .= ' <img src="' . $config['user_view_images_path'] . '/' . $file_name . '" alt="' . $caption . '" border="1">';
$display .= ' </center>';
$display .= ' <br />';
$display .= $description;
$display .= ' </td>';
$display .= '</tr>';
$display .= '</table>';
}
// end if ($type == "listing")
return $display;
}
function renderNotifyListings($listingIDArray, $search_title, $user_name, $email)
{
global $conn, $lang, $config, $db_type, $current_ID;
//Load the Core Template class and the Misc Class
require_once $config['basepath'] . '/include/class/template/core.inc.php';
$page = new page_user();
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
require_once $config['basepath'] . '/include/listing.inc.php';
$listingclass = new listing_pages();
//Declare an empty display variable to hold all output from function.
$display = '';
//If We have a $current_ID save it
$old_current_ID = '';
if ($current_ID != '') {
$old_current_ID = $current_ID;
}
//Load the Notify Listing Template specified in the Site Config
$page->load_page($config['template_path'] . '/' . $config['notify_listings_template']);
// Determine if the template uses rows.
// First item in array is the row conent second item is the number of block per block row
$notify_template_row = $page->get_template_section_row('notify_listing_block_row');
if (is_array($notify_template_row)) {
$row = $notify_template_row[0];
$col_count = $notify_template_row[1];
$user_rows = true;
$x = 1;
//Create an empty array to hold the row conents
$new_row_data = array();
} else {
$user_rows = false;
}
$notify_template_section = '';
foreach ($listingIDArray as $current_ID) {
if ($user_rows == true && $x > $col_count) {
//We are at then end of a row. Save the template section as a new row.
$new_row_data[] = $page->replace_template_section('notify_listing_block', $notify_template_section, $row);
//$new_row_data[] = $notify_template_section;
$notify_template_section = $page->get_template_section('notify_listing_block');
$x = 1;
} else {
$notify_template_section .= $page->get_template_section('notify_listing_block');
}
$listing_title = $listingclass->get_title($current_ID);
if ($config['url_style'] == '1') {
$notify_url = $config['baseurl'] . '/index.php?action=listingview&listingID=' . $current_ID;
// #####
} else {
$url_title = str_replace("/", "", $listing_title);
$url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title));
$notify_url = $config['baseurl'] . '/listing-' . misc::urlencode_to_sef($url_title) . '-' . $current_ID . '.html';
// #####
}
$notify_template_section = $page->replace_listing_field_tags($current_ID, $notify_template_section);
$notify_template_section = $page->replace_listing_field_tags($current_ID, $notify_template_section);
$notify_template_section = $page->parse_template_section($notify_template_section, 'notify_url', $notify_url);
$notify_template_section = $page->parse_template_section($notify_template_section, 'listingid', $current_ID);
// Setup Image Tags
$sql2 = "SELECT listingsimages_thumb_file_name,listingsimages_file_name\n\t\t\t\t\tFROM " . $config['table_prefix'] . "listingsimages\n\t\t\t\t\tWHERE (listingsdb_id = {$current_ID})\n\t\t\t\t\tORDER BY listingsimages_rank";
$recordSet2 = $conn->SelectLimit($sql2, 1, 0);
if ($recordSet2 === false) {
$misc->log_error($sql2);
}
if ($recordSet2->RecordCount() > 0) {
$thumb_file_name = $misc->make_db_unsafe($recordSet2->fields['listingsimages_thumb_file_name']);
$file_name = $misc->make_db_unsafe($recordSet2->fields['listingsimages_file_name']);
if ($thumb_file_name != "" && file_exists("{$config['listings_upload_path']}/{$thumb_file_name}")) {
// gotta grab the thumbnail image size
$imagedata = GetImageSize("{$config['listings_upload_path']}/{$thumb_file_name}");
$imagewidth = $imagedata[0];
$imageheight = $imagedata[1];
$shrinkage = $config['thumbnail_width'] / $imagewidth;
$notify_thumb_width = $imagewidth * $shrinkage;
$notify_thumb_height = $imageheight * $shrinkage;
$notify_thumb_src = $config['listings_view_images_path'] . '/' . $thumb_file_name;
// gotta grab the thumbnail image size
$imagedata = GetImageSize("{$config['listings_upload_path']}/{$file_name}");
$imagewidth = $imagedata[0];
$imageheight = $imagedata[1];
$notify_width = $imagewidth;
$notify_height = $imageheight;
$notify_src = $config['listings_view_images_path'] . '/' . $file_name;
}
} else {
if ($config['show_no_photo'] == 1) {
$imagedata = GetImageSize($config['basepath'] . "/images/nophoto.gif");
$imagewidth = $imagedata[0];
$imageheight = $imagedata[1];
$shrinkage = $config['thumbnail_width'] / $imagewidth;
$notify_thumb_width = $imagewidth * $shrinkage;
$notify_thumb_height = $imageheight * $shrinkage;
$notify_thumb_src = $config['baseurl'] . '/images/nophoto.gif';
$notify_width = $notify_thumb_width;
$notify_height = $notify_thumb_height;
$notify_src = $config['baseurl'] . '/images/nophoto.gif';
} else {
$notify_thumb_width = '';
$notify_thumb_height = '';
$notify_thumb_src = '';
$notify_width = '';
$notify_height = '';
$notify_src = '';
}
}
if (!empty($notify_thumb_src)) {
$notify_template_section = $page->parse_template_section($notify_template_section, 'notify_thumb_src', $notify_thumb_src);
$notify_template_section = $page->parse_template_section($notify_template_section, 'notify_thumb_height', $notify_thumb_height);
$notify_template_section = $page->parse_template_section($notify_template_section, 'notify_thumb_width', $notify_thumb_width);
$notify_template_section = $page->cleanup_template_block('notify_img', $notify_template_section);
} else {
$notify_template_section = $page->remove_template_block('notify_img', $notify_template_section);
}
if (!empty($notify_src)) {
$notify_template_section = $page->parse_template_section($notify_template_section, 'notify_large_src', $notify_src);
$notify_template_section = $page->parse_template_section($notify_template_section, 'notify_large_height', $notify_height);
$notify_template_section = $page->parse_template_section($notify_template_section, 'notify_large_width', $notify_width);
$notify_template_section = $page->cleanup_template_block('notify_img_large', $notify_template_section);
} else {
$notify_template_section = $page->remove_template_block('notify_img_large', $notify_template_section);
}
if ($user_rows == true) {
$x++;
}
}
if ($user_rows == true) {
$notify_template_section = $page->cleanup_template_block('notify_listing', $notify_template_section);
$new_row_data[] = $page->replace_template_section('notify_listing_block', $notify_template_section, $row);
$replace_row = '';
foreach ($new_row_data as $rows) {
$replace_row .= $rows;
}
$page->replace_template_section_row('notify_listing_block_row', $replace_row);
} else {
$page->replace_template_section('notify_listing_block', $notify_template_section);
}
$page->replace_permission_tags();
$page->replace_urls();
$page->auto_replace_tags();
$page->replace_lang_template_tags();
$display .= $page->return_page();
$current_ID = '';
if ($old_current_ID != '') {
$current_ID = $old_current_ID;
}
return $display;
}
/**
* maps::create_map_link()
* This is the function to call to show a map link. It should be called from the listing detail page, or any page where $_GET['listingID'] is set.
* This function then calls the appropriate make_mapname function as specified in the configuration.
*
* @see maps::make_mapquest()
* @see maps::make_yahoo_us()
* @return string Return the URL for the map as long as the required fields are filled out, if not it returns a empty string.
*/
function create_map_link($url_only = 'no')
{
global $conn, $config;
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
// Map Type
// Get Address, City, State, Zip
// Create Blank Variables
$display = '';
$address = '';
$city = '';
$state = '';
$zip = '';
// Get Listing ID
$sql_listingID = $misc->make_db_safe($_GET['listingID']);
$listing_title = urlencode(listing_pages::get_title($_GET['listingID']));
// get address
$sql_address_field = $misc->make_db_safe($config['map_address']);
$sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_address_field}))";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$address = urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']));
$recordSet->MoveNext();
}
// end while
// Add address fields 2 & 3
$sql_address_field = $misc->make_db_safe($config['map_address2']);
$sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_address_field}))";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$address .= ' ' . urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']));
$recordSet->MoveNext();
}
// end while
$sql_address_field = $misc->make_db_safe($config['map_address3']);
$sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_address_field}))";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$address .= ' ' . urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']));
$recordSet->MoveNext();
}
// end while
$sql_address_field = $misc->make_db_safe($config['map_address4']);
$sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_address_field}))";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$address .= ' ' . urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']));
$recordSet->MoveNext();
}
// end while
// get city
$sql_city_field = $misc->make_db_safe($config['map_city']);
$sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_city_field}))";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$city = urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']));
$recordSet->MoveNext();
}
// end while
// get state
$sql_state_field = $misc->make_db_safe($config['map_state']);
$sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_state_field}))";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$state = urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']));
$recordSet->MoveNext();
}
// end while
// get zip
$sql_zip_field = $misc->make_db_safe($config['map_zip']);
$sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_zip_field}))";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$zip = urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']));
$recordSet->MoveNext();
}
// end while
// get zip
$sql_country_field = $misc->make_db_safe($config['map_country']);
$sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_country_field}))";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$country = urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']));
$recordSet->MoveNext();
}
// end while
if ($address != '' || $city != '' || $state != '' || $zip != '') {
$map_type = 'make_' . $config['map_type'];
$pos = strpos($map_type, 'mapquest');
$pos2 = strpos($map_type, 'multimap');
$pos3 = strpos($map_type, 'global_');
if ($pos3 !== false) {
if ($pos !== false) {
$display = maps::make_mapquest($country, $address, $city, $state, $zip, $listing_title, $url_only);
} elseif ($pos2 !== false) {
$display = maps::make_multimap($country, $address, $city, $state, $zip, $listing_title, $url_only);
}
} elseif ($pos !== false) {
$country = substr($map_type, -2);
$display = maps::make_mapquest($country, $address, $city, $state, $zip, $listing_title, $url_only);
} elseif ($pos2 !== false) {
$country = substr($map_type, -2);
$display = maps::make_multimap($country, $address, $city, $state, $zip, $listing_title, $url_only);
} else {
$display = maps::$map_type($address, $city, $state, $zip, $listing_title, $url_only);
}
}
return $display;
}
function add_listing()
{
@set_time_limit(1500);
global $conn, $lang, $config;
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
require_once $config['basepath'] . '/include/forms.inc.php';
$forms = new forms();
require_once $config['basepath'] . '/include/listing.inc.php';
$listing = new listing_pages();
$display = '';
$display .= '<span class="section_header">' . $lang['admin_menu_add_a_listing'] . '</span>';
if (isset($_POST['action']) && $_POST['action'] == "create_new_listing") {
// Check Number of Listings User has
if (isset($_POST['or_owner'])) {
$or_owner = $misc->make_db_safe($_POST['or_owner']);
$sql = 'SELECT count(listingsdb_id) as listing_count FROM ' . $config['table_prefix'] . 'listingsdb WHERE userdb_id = ' . $or_owner;
} else {
$sql = 'SELECT count(listingsdb_id) as listing_count FROM ' . $config['table_prefix'] . 'listingsdb WHERE userdb_id = ' . $_SESSION['userID'];
}
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$listing_count = $recordSet->fields['listing_count'];
// Get User Listing Limit
if (isset($_POST['or_owner'])) {
$or_owner = $misc->make_db_safe($_POST['or_owner']);
$sql = 'SELECT userdb_limit_listings FROM ' . $config['table_prefix'] . 'userdb WHERE userdb_id = ' . $or_owner;
} else {
$sql = 'SELECT userdb_limit_listings FROM ' . $config['table_prefix'] . 'userdb WHERE userdb_id = ' . $_SESSION['userID'];
}
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$listing_limit = $recordSet->fields['userdb_limit_listings'];
if ($listing_count >= $listing_limit && $listing_limit != '-1') {
$display .= '<br />';
$display .= '<!-- ' . $listing_count . ' >= ' . $listing_limit . ' -->';
$display .= $lang['admin_listing_limit_reached'];
} else {
// creates a new listing
if ($_POST['title'] == "") {
$display .= "<p>{$lang['admin_new_listing_enter_a_title']}</p>";
$display .= "<form><input type=\"button\" value=\"{$lang['back_button_text']}\" onclick=\"history.back()\" /></form>";
} else {
$pass_the_form = $forms->validateForm('listingsformelements', $_POST['property_class']);
if ($pass_the_form != "Yes") {
// if we're not going to pass it, tell that they forgot to fill in one of the fields
foreach ($pass_the_form as $k => $v) {
if ($v == 'REQUIRED') {
$display .= "<p class=\"redtext\">{$k}: {$lang['required_fields_not_filled']}</p>";
}
if ($v == 'TYPE') {
$display .= "<p class=\"redtext\">{$k}: {$lang['field_type_does_not_match']}</p>";
}
}
$display .= "<form><input type=\"button\" value=\"{$lang['back_button_text']}\" onclick=\"history.back()\" /></form>";
} else {
$title = $misc->make_db_safe($_POST['title']);
$notes = $misc->make_db_safe($_POST['notes']);
$mlsexport = $misc->make_db_safe($_POST['mlsexport']);
if (isset($_POST['or_owner'])) {
$new_listing_owner = $_POST['or_owner'];
$sql_new_listing_owner = $misc->make_db_safe($_POST['or_owner']);
} else {
$new_listing_owner = $_SESSION['userID'];
$sql_new_listing_owner = $misc->make_db_safe($_SESSION['userID']);
}
// check to see if moderation is turned on...
if ($config['moderate_listings'] == false) {
$set_active = "yes";
} else {
$set_active = "no";
}
if (isset($_POST['active'])) {
$set_active = $_POST['active'];
}
// create the account with the random number as the password
$expiration_date = mktime(0, 0, 0, date("m"), date("d") + $config['days_until_listings_expire'], date("Y"));
$sql = "INSERT INTO " . $config['table_prefix'] . "listingsdb (listingsdb_title, listingsdb_notes, userdb_id, listingsdb_active, listingsdb_mlsexport, listingsdb_creation_date, listingsdb_last_modified, listingsdb_expiration, listingsdb_hit_count, listingsdb_featured) VALUES ({$title}, {$notes}, {$sql_new_listing_owner}, '{$set_active}', {$mlsexport}, " . $conn->DBDate(time()) . "," . $conn->DBTimeStamp(time()) . "," . $conn->DBDate($expiration_date) . ",0,'no')";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
} else {
$new_listing_id = $conn->Insert_ID();
}
// end while
// Add Listing to the property class system.
foreach ($_POST['property_class'] as $class_id) {
$sql = 'INSERT INTO ' . $config['table_prefix_no_lang'] . 'classlistingsdb (listingsdb_id, class_id) VALUES(' . $new_listing_id . ',' . $class_id . ')';
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
}
// now that that's taken care of, it's time to insert all the rest
// of the variables into the database
$message = listing_editor::updateListingsData($new_listing_id, $new_listing_owner);
if ($message == "success") {
$display .= "<p>{$lang['admin_new_listing_created']}, {$_SESSION['username']}</p>";
if ($config['moderate_listings'] === "1") {
// if moderation is turned on...
$display .= "<p>{$lang['admin_new_listing_moderated']}</p>";
}
if (isset($_POST['or_owner'])) {
$display .= "<p><a href=\"index.php?action=edit_listings&edit={$new_listing_id}\">{$lang['you_may_now_edit_the_listing']}</a></p>";
} else {
$display .= "<p><a href=\"index.php?action=edit_my_listings&edit={$new_listing_id}\">{$lang['you_may_now_edit_your_listing']}</a></p>";
}
$display .= "<br /><p>{$lang['admin_additional_steps']}</p>";
$display .= '<form action="index.php?action=edit_listing_images" method="post" name="edit_listing_images"><input type="hidden" name="edit" value="' . $new_listing_id . '" /><a href="javascript:document.edit_listing_images.submit()">' . $lang['upload_images'] . '</a></form>';
$display .= '<br />';
if ($_SESSION['admin_privs'] == "yes" || $_SESSION['havevtours'] == "yes") {
$display .= '<form action="index.php?action=edit_vtour_images" method="post" name="edit_vtour_images"><input type="hidden" name="edit" value="' . $new_listing_id . '" /><a href="javascript:document.edit_vtour_images.submit()">' . $lang['upload_vtours'] . '</a></form>';
$display .= '<br />';
}
if ($_SESSION['admin_privs'] == "yes" || $_SESSION['havevfiles'] == "yes") {
$display .= '<form action="index.php?action=edit_listing_files" method="post" name="edit_listing_files"><input type="hidden" name="edit" value="' . $new_listing_id . '" /><a href="javascript:document.edit_listing_files.submit()">' . $lang['upload_files'] . '</a></form>';
$display .= '<br />';
}
$misc->log_action("{$lang['log_created_listing']} {$new_listing_id}");
if ($config['email_notification_of_new_listings'] === "1") {
// if the site admin should be notified when a new listing is added
global $config, $lang;
$agent_email = $listing->getListingEmail($new_listing_id, true);
$agent_first_name = $listing->getListingAgentFirstName($new_listing_id);
$agent_last_name = $listing->getListingAgentLastName($new_listing_id);
$message = $_SERVER['REMOTE_ADDR'] . " -- " . date("F j, Y, g:i:s a") . "\r\n\r\n{$lang['admin_new_listing']}:\r\n{$config['baseurl']}/admin/index.php?action=edit_listings&edit={$new_listing_id}\r\n";
$header = "From: " . $agent_first_name . " " . $agent_last_name . " <" . $agent_email . ">\r\n";
$header .= "X-Sender: {$config['admin_email']}\r\n";
$header .= "Return-Path: {$config['admin_email']}\r\n";
$sent = $misc->send_email($agent_first_name . " " . $agent_last_name, $agent_email, $config['admin_email'], $message, $lang['admin_new_listing']);
}
// end if
// Notify users with Saved Searches that match the new listing.
if ($config['email_users_notification_of_new_listings'] == "1") {
$display .= listing_editor::notify_new_listing($new_listing_id);
}
} else {
$display .= "<p>{$lang['alert_site_admin']}</p>";
}
// end else
}
// end $pass_the_form == "Yes"
}
// end else
}
//End if (($listing_count >= $listing_limit) && ($listing_limit !== -1))
} else {
// Check Number of Listings User has
$sql = 'SELECT count(listingsdb_id) FROM ' . $config['table_prefix'] . 'listingsdb WHERE userdb_id = ' . $_SESSION['userID'];
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$listing_count = $recordSet->fields[0];
// Get User Listing Limit
$sql = 'SELECT userdb_limit_listings FROM ' . $config['table_prefix'] . 'userdb WHERE userdb_id = ' . $_SESSION['userID'];
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$listing_limit = $recordSet->fields[0];
$display .= '<!-- ' . $listing_count . ' >= ' . $listing_limit . ' -->';
if ($listing_count >= $listing_limit && $listing_limit !== '-1') {
$display .= '<br />';
$display .= $lang['admin_listing_limit_reached'];
} else {
//START FORM VALIDATION
if (isset($_POST['property_class'])) {
$class_sql = '';
foreach ($_POST['property_class'] as $class_id) {
if (empty($class_sql)) {
$class_sql .= ' class_id = ' . $class_id;
} else {
$class_sql .= ' OR class_id = ' . $class_id;
}
$display .= '<input type="hidden" name="property_class[]" value="' . $class_id . '" />';
}
$pclass_list = '';
$sql = "SELECT DISTINCT(listingsformelements_id) FROM " . $config['table_prefix_no_lang'] . "classformelements WHERE " . $class_sql;
$recordSet = $conn->execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
if (empty($pclass_list)) {
$pclass_list .= $recordSet->fields['listingsformelements_id'];
} else {
$pclass_list .= ',' . $recordSet->fields['listingsformelements_id'];
}
$recordSet->Movenext();
}
if ($pclass_list == '') {
$pclass_list = 0;
}
$sql = "SELECT listingsformelements_field_type, listingsformelements_field_name, listingsformelements_field_caption, listingsformelements_default_text, listingsformelements_field_elements, listingsformelements_required, listingsformelements_field_length, listingsformelements_tool_tip from " . $config['table_prefix'] . "listingsformelements WHERE listingsformelements_id IN (" . $pclass_list . ") ORDER BY listingsformelements_rank, listingsformelements_field_name";
} else {
$sql = "SELECT listingsformelements_field_type, listingsformelements_field_name, listingsformelements_field_caption, listingsformelements_default_text, listingsformelements_field_elements, listingsformelements_required, listingsformelements_field_length, listingsformelements_tool_tip from " . $config['table_prefix'] . "listingsformelements ORDER BY listingsformelements_rank, listingsformelements_field_name";
}
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$display .= "\r\n<script type=\"text/javascript\" >\r\n";
$display .= "<!--\r\n";
$display .= "function validate_form()\r\n";
$display .= "{\r\n";
$display .= "var msg=\"\"\r\n";
$display .= "valid = true;\r\n";
$display .= "if ( document.addlisting.title.value == \"\" )\r\n";
$display .= "{\r\n";
$display .= "msg += '{$lang['forgot_field']} {$lang['admin_listings_editor_title']} {$lang['admin_template_editor_field']}.\\r\\n';\r\n";
$display .= "valid = false;\r\n";
$display .= "}\r\n";
while (!$recordSet->EOF) {
$field_name = $recordSet->fields['listingsformelements_field_name'];
$field_caption = $recordSet->fields['listingsformelements_field_caption'];
$required = $recordSet->fields['listingsformelements_required'];
if ($required == 'Yes') {
$display .= "if ( document.addlisting.{$field_name}.value == \"\" )\r\n";
$display .= "{\r\n";
$display .= "msg += '{$lang['forgot_field']} {$field_caption} {$lang['admin_template_editor_field']}.\\r\\n';\r\n";
$display .= "valid = false;\r\n";
$display .= "}\r\n";
}
$recordSet->MoveNext();
}
$display .= "if (msg != \"\")\r\n";
$display .= "{\r\n";
$display .= "alert (msg);";
$display .= "}\r\n";
$display .= "return valid;\r\n";
$display .= "}\r\n";
$display .= "//-->\r\n";
$display .= "</script>\r\n";
//END FORM VALIDATION
$display .= '<form name="addlisting" action="index.php?action=add_listing" method="post" onsubmit="return validate_form ( );">';
$display .= '<input type="hidden" name="action" value="create_new_listing" />';
$display .= '<table class="form_main">';
$display .= '<tr>';
$display .= '<td align="right" class="row_main"><b>' . $lang['admin_listings_editor_title'] . '<span class="required">*</span></b></td>';
$display .= '<td align="left" class="row_main"> <input type="text" name="title" /></td>';
$display .= '</tr>';
// Display Agent selection Option to assign listing
if ($_SESSION['admin_privs'] == "yes" || $_SESSION['edit_all_listings'] == "yes") {
$display .= '<tr><td align="right"><b>' . $lang['listing_editor_listing_agent'] . ':</b></td>';
$display .= '<td align="left" class="row_main"><select name="or_owner" size="1">';
// find the name of the agent listed as ID in $edit_or_owner
$sql = "SELECT userdb_user_first_name, userdb_user_last_name FROM " . $config['table_prefix'] . "userdb WHERE (userdb_id = {$_SESSION['userID']})";
$ADODB_FETCH_MODE = ADODB_FETCH_ASSOC;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
// strip slashes so input appears correctly
$agent_first_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_first_name']);
$agent_last_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_last_name']);
if ($_SESSION['admin_privs'] != "yes") {
$display .= "<option value=\"{$_SESSION['userID']}\">{$agent_last_name},{$agent_first_name}</option>";
}
// fill list with names of all agents
$sql = "SELECT userdb_id, userdb_user_first_name, userdb_user_last_name FROM " . $config['table_prefix'] . "userdb where userdb_is_agent = 'yes' ORDER BY userdb_user_last_name,userdb_user_first_name";
$ADODB_FETCH_MODE = ADODB_FETCH_ASSOC;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
// strip slashes so input appears correctly
$agent_ID = $recordSet->fields['userdb_id'];
$agent_first_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_first_name']);
$agent_last_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_last_name']);
if ($agent_ID == $_SESSION['userID']) {
$display .= "<option value=\"{$agent_ID}\" selected=\"selected\">{$agent_last_name},{$agent_first_name}</option>";
} else {
$display .= "<option value=\"{$agent_ID}\">{$agent_last_name},{$agent_first_name}</option>";
}
$recordSet->MoveNext();
}
$display .= "</select></td>";
$display .= '</tr>';
}
if ($config["show_notes_field"] == 1) {
$display .= '<tr>';
$display .= '<td align="right" class="row_main"><b>' . $lang['admin_listings_editor_notes'] . '</b><br /><div class="small">(' . $lang['admin_listings_editor_notes_note'] . ')</div></td>';
$display .= '<td align="left" class="row_main"><textarea name="notes" cols="40" rows="6"></textarea></td>';
$display .= '</tr>';
} else {
$display .= '<input type="hidden" name="notes" value="" />';
}
if ($config["export_listings"] == 1 && $_SESSION['export_listings'] == "yes") {
$display .= '<tr>';
$display .= '<td align="right" class="row_main"><b>' . $lang['admin_listings_editor_mlsexport'] . '</b><br /><div class="small">(' . $lang['admin_listings_editor_mlsexport'] . ')</div></td>';
$display .= '<td align="left" class="row_main">';
$display .= '<select size="1" name="mlsexport">';
$display .= '<option value="no" selected="selected">' . $lang['no'] . '</option>';
$display .= '<option value="yes">' . $lang['yes'] . '</option>';
$display .= '</select>';
$display .= '</td>';
$display .= '</tr>';
} else {
$display .= '<input type="hidden" name="mlsexport" value="no" />';
}
// Determine which fields to show based on property class
if (isset($_POST['property_class'])) {
$class_sql = '';
foreach ($_POST['property_class'] as $class_id) {
if (empty($class_sql)) {
$class_sql .= ' class_id = ' . $class_id;
} else {
$class_sql .= ' OR class_id = ' . $class_id;
}
$display .= '<input type="hidden" name="property_class[]" value="' . $class_id . '" />';
}
$pclass_list = '';
$sql = "SELECT DISTINCT(listingsformelements_id) FROM " . $config['table_prefix_no_lang'] . "classformelements WHERE " . $class_sql;
$recordSet = $conn->execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
if (empty($pclass_list)) {
$pclass_list .= $recordSet->fields['listingsformelements_id'];
} else {
$pclass_list .= ',' . $recordSet->fields['listingsformelements_id'];
}
$recordSet->Movenext();
}
if ($pclass_list == '') {
$pclass_list = 0;
}
$sql = "SELECT listingsformelements_field_type, listingsformelements_field_name, listingsformelements_field_caption, listingsformelements_default_text, listingsformelements_field_elements, listingsformelements_required, listingsformelements_field_length, listingsformelements_tool_tip from " . $config['table_prefix'] . "listingsformelements WHERE listingsformelements_id IN (" . $pclass_list . ") ORDER BY listingsformelements_rank, listingsformelements_field_name";
} else {
$sql = "SELECT listingsformelements_field_type, listingsformelements_field_name, listingsformelements_field_caption, listingsformelements_default_text, listingsformelements_field_elements, listingsformelements_required, listingsformelements_field_length, listingsformelements_tool_tip from " . $config['table_prefix'] . "listingsformelements ORDER BY listingsformelements_rank, listingsformelements_field_name";
}
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$field_type = $recordSet->fields['listingsformelements_field_type'];
$field_name = $recordSet->fields['listingsformelements_field_name'];
$field_caption = $recordSet->fields['listingsformelements_field_caption'];
$default_text = $recordSet->fields['listingsformelements_default_text'];
$field_elements = $recordSet->fields['listingsformelements_field_elements'];
$required = $recordSet->fields['listingsformelements_required'];
$field_length = $recordSet->fields['listingsformelements_field_length'];
$tool_tip = $recordSet->fields['listingsformelements_tool_tip'];
$field_type = $misc->make_db_unsafe($field_type);
$field_name = $misc->make_db_unsafe($field_name);
$field_caption = $misc->make_db_unsafe($field_caption);
$default_text = $misc->make_db_unsafe($default_text);
$field_elements = $misc->make_db_unsafe($field_elements);
$required = $misc->make_db_unsafe($required);
$field_length = $misc->make_db_unsafe($field_length);
$tool_tip = $misc->make_db_unsafe($tool_tip);
$display .= $forms->renderFormElement($field_type, $field_name, $field_caption, $default_text, $field_elements, $required, $field_length, $tool_tip);
$recordSet->MoveNext();
}
// end while
$display .= $forms->renderFormElement("submit", "", "{$lang['submit']}", "", "", "");
$display .= '<tr><td colspan="2" align="center" class="row_main">' . $lang['required_form_text'] . '</td></tr>';
$display .= '</table>';
$display .= '</form>';
}
//End
}
// end if
return $display;
}