function display()
 {
     global $conn, $config, $lang;
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     require_once $config['basepath'] . '/include/user.inc.php';
     $userclass = new user();
     require_once $config['basepath'] . '/include/class/template/core.inc.php';
     $page = new page_user();
     require_once $config['basepath'] . '/include/blog_functions.inc.php';
     $blog_functions = new blog_functions();
     // Make Sure we passed the PageID
     $display = '';
     if (!isset($_GET['ArticleID']) && intval($_GET['ArticleID']) <= 0) {
         $display .= "ERROR. PageID not sent";
     } else {
         $blog_id = intval($_GET['ArticleID']);
         //Check if we posted a comment.
         if (isset($_SESSION['userID']) && $_SESSION['userID'] > 0 && isset($_POST['comment_text']) && strlen($_POST['comment_text']) > 0) {
             require_once $config['basepath'] . '/include/blog_editor.inc.php';
             $blog_comment = $misc->make_db_safe(blog_editor::htmlEncodeText($_POST['comment_text']));
             if ($config['blog_requires_moderation'] == 1) {
                 $moderated = 0;
             } else {
                 $moderated = 1;
             }
             $sql = "INSERT INTO " . $config['table_prefix'] . "blogcomments (userdb_id,blogcomments_timestamp,blogcomments_text,blogmain_id,blogcomments_moderated) VALUES\n\t\t\t\t(" . intval($_SESSION['userID']) . "," . time() . ",{$blog_comment},{$blog_id},{$moderated});";
             $recordSet = $conn->Execute($sql);
             if ($recordSet === false) {
                 $misc->log_error($sql);
             }
         }
         //$display .= '<div class="page_display">';
         $sql = "SELECT blogmain_full,blogmain_id FROM " . $config['table_prefix'] . "blogmain WHERE blogmain_id=" . $blog_id;
         $recordSet = $conn->Execute($sql);
         if ($recordSet === false) {
             $misc->log_error($sql);
         }
         $full = html_entity_decode($misc->make_db_unsafe($recordSet->fields['blogmain_full']), ENT_NOQUOTES, $config['charset']);
         //$full = $misc->make_db_unsafe($recordSet->fields['blogmain_full']);
         $full = preg_replace('/\\<hr.*?\\>/', '', $full, 1);
         $id = $recordSet->fields['blogmain_id'];
         if ($config["wysiwyg_execute_php"] == 1) {
             ob_start();
             $full = str_replace("<!--<?php", "<?php", $full);
             $full = str_replace("?>-->", "?>", $full);
             eval('?>' . "{$full}" . '<?php ');
             $full = ob_get_contents();
             ob_end_clean();
         }
         //Load Template
         $page->load_page($config['template_path'] . '/blog_article.html');
         //Start Replacing Tags
         $blog_title = $blog_functions->get_blog_title($id);
         $page->page = $page->parse_template_section($page->page, 'blog_title', $blog_title);
         $blog_author = $blog_functions->get_blog_author($id);
         $page->page = $page->parse_template_section($page->page, 'blog_author', $blog_author);
         $blog_comment_count = $blog_functions->get_blog_comment_count($id);
         $page->page = $page->parse_template_section($page->page, 'blog_comment_count', $blog_comment_count);
         $blog_date_posted = $blog_functions->get_blog_date($id);
         $page->page = $page->parse_template_section($page->page, 'blog_date_posted', $blog_date_posted);
         $page->page = $page->parse_template_section($page->page, 'blog_full_article', $full);
         // Allow Admin To Edit #
         if (isset($_SESSION['editblog']) && $_SESSION['admin_privs'] == 'yes' && $config["wysiwyg_show_edit"] == 1) {
             $admin_edit_link .= "{$config['baseurl']}/admin/index.php?action=edit_blog&amp;id={$id}";
             $page->page = $page->parse_template_section($page->page, 'admin_edit_link', $admin_edit_link);
             $page->page = $page->cleanup_template_block('admin_edit_link', $page->page);
         } else {
             $page->page = $page->remove_template_block('admin_edit_link', $page->page);
         }
         //Deal with COmments
         $sql = "SELECT blogcomments_id,userdb_id,blogcomments_timestamp,blogcomments_text FROM " . $config['table_prefix'] . "blogcomments WHERE blogmain_id = " . $id . " AND blogcomments_moderated = 1 ORDER BY blogcomments_timestamp ASC;";
         $recordSet = $conn->Execute($sql);
         if ($recordSet === false) {
             $misc->log_error($sql);
         }
         $blog_comment_template = '';
         while (!$recordSet->EOF) {
             //Load DB Values
             $comment_author_id = $misc->make_db_unsafe($recordSet->fields['userdb_id']);
             $blogcomments_id = $misc->make_db_unsafe($recordSet->fields['blogcomments_id']);
             $blogcomments_timestamp = $misc->make_db_unsafe($recordSet->fields['blogcomments_timestamp']);
             $blogcomments_text = html_entity_decode($misc->make_db_unsafe($recordSet->fields['blogcomments_text']), ENT_NOQUOTES, $config['charset']);
             //Load Template Block
             $blog_comment_template .= $page->get_template_section('blog_article_comment_item_block');
             //Lookup Blog Author..
             $author_type = $userclass->get_user_type($comment_author_id);
             if ($author_type == 'member') {
                 $author_display = $userclass->get_user_name($comment_author_id);
             } else {
                 $author_display = $userclass->get_user_last_name($comment_author_id) . ', ' . $userclass->get_user_first_name($comment_author_id);
             }
             $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_author', $author_display);
             if ($config['date_format'] == 1) {
                 $format = "m/d/Y";
             } elseif ($config['date_format'] == 2) {
                 $format = "Y/d/m";
             } elseif ($config['date_format'] == 3) {
                 $format = "d/m/Y";
             }
             $blog_comment_date_posted = date($format, "{$blogcomments_timestamp}");
             $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_date_posted', $blog_comment_date_posted);
             $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_text', $blogcomments_text);
             $recordSet->MoveNext();
         }
         $page->replace_template_section('blog_article_comment_item_block', $blog_comment_template);
         //Render Add New Comment
         if ($config['url_style'] == '1') {
             $article_url = 'index.php?action=blog_view_article&amp;ArticleID=' . $id;
         } else {
             $url_title = str_replace("/", "", $blog_title);
             $url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title));
             $article_url = 'article-' . urlencode($url_title) . '-' . $id . '.html';
         }
         $page->page = $page->parse_template_section($page->page, 'blog_comments_post_url', $article_url);
         //Render Page Out
         //$page->replace_tags(array('templated_search_form', 'featured_listings_horizontal', 'featured_listings_vertical', 'company_name', 'link_printer_friendly'));
         $page->replace_permission_tags();
         $display .= $page->return_page();
     }
     return $display;
 }
 function edit_listings($only_my_listings = true)
 {
     global $conn, $lang, $config, $listingID;
     if ($only_my_listings == false) {
         $security = login::loginCheck('edit_all_listings', true);
     } else {
         $security = login::loginCheck('Agent', true);
     }
     $display = '';
     if ($security === true) {
         require_once $config['basepath'] . '/include/misc.inc.php';
         $misc = new misc();
         require_once $config['basepath'] . '/include/forms.inc.php';
         $forms = new forms();
         require_once $config['basepath'] . '/include/class/template/core.inc.php';
         $page = new page_user();
         // $display .= '<span class="section_header">'.$lang['listings_editor'].'<span><br /><br />';
         if (!isset($_GET['delete'])) {
             $_GET['delete'] = '';
         }
         if ($_GET['delete'] != '') {
             if ($_SESSION['admin_privs'] == 'yes' || $_SESSION['edit_all_listings'] == 'yes') {
                 listing_editor::delete_listing($_GET['delete'], false);
             } else {
                 listing_editor::delete_listing($_GET['delete'], true);
             }
         }
         if (!isset($_POST['action'])) {
             $_POST['action'] = '';
         }
         if ($_POST['action'] == "update_listing") {
             if ($_SESSION['admin_privs'] == 'yes' || $_SESSION['edit_all_listings'] == 'yes') {
                 $display .= listing_editor::update_listing(false);
             } else {
                 $display .= listing_editor::update_listing(true);
             }
         }
         // end if $action == "update listing"
         if (!isset($_GET['edit'])) {
             $_GET['edit'] = '';
         }
         if (isset($_POST['lookup_field']) && isset($_POST['lookup_value'])) {
             $_SESSION['edit_listing_qeb_lookup_field'] = $_POST['lookup_field'];
             $_SESSION['edit_listing_qeb_lookup_value'] = $_POST['lookup_value'];
         }
         if (isset($_SESSION['edit_listing_qeb_lookup_field']) && isset($_SESSION['edit_listing_qeb_lookup_value'])) {
             if ($_SESSION['edit_listing_qeb_lookup_field'] != 'listingsdb_id') {
                 $_POST['lookup_field'] = $_SESSION['edit_listing_qeb_lookup_field'];
                 $_POST['lookup_value'] = $_SESSION['edit_listing_qeb_lookup_value'];
             }
         }
         if (isset($_POST['filter'])) {
             $_SESSION['edit_listing_qeb_filter'] = $_POST['filter'];
         }
         if (isset($_SESSION['edit_listing_qeb_filter'])) {
             $_POST['filter'] = $_SESSION['edit_listing_qeb_filter'];
         }
         if (isset($_POST['agent_filter'])) {
             $_SESSION['edit_listing_qeb_agent_filter'] = $_POST['agent_filter'];
         }
         if (isset($_SESSION['edit_listing_qeb_agent_filter'])) {
             $_POST['agent_filter'] = $_SESSION['edit_listing_qeb_agent_filter'];
         }
         if (isset($_POST['pclass_filter'])) {
             $_SESSION['edit_listing_qeb_pclass_filter'] = $_POST['pclass_filter'];
         }
         if (isset($_SESSION['edit_listing_qeb_pclass_filter'])) {
             $_POST['pclass_filter'] = $_SESSION['edit_listing_qeb_pclass_filter'];
         }
         if (isset($_POST['lookup_field']) && isset($_POST['lookup_value']) && $_POST['lookup_field'] == 'listingsdb_id' && $_POST['lookup_value'] != '') {
             $_GET['edit'] = intval($_POST['lookup_value']);
         }
         if ($only_my_listings == TRUE) {
             unset($_POST['agent_filter']);
         }
         if ($_GET['edit'] != "") {
             $edit = intval($_GET['edit']);
             // first, grab the listings's main info
             if ($only_my_listings == true) {
                 $sql = "SELECT listingsdb_id, listingsdb_title, listingsdb_notes, userdb_id, listingsdb_last_modified, listingsdb_featured, listingsdb_active, listingsdb_mlsexport, listingsdb_expiration FROM " . $config['table_prefix'] . "listingsdb WHERE (listingsdb_id = {$edit}) AND (userdb_id = '{$_SESSION['userID']}')";
             } else {
                 $sql = "SELECT listingsdb_id, listingsdb_title, listingsdb_notes, userdb_id, listingsdb_last_modified, listingsdb_featured, listingsdb_active, listingsdb_mlsexport, listingsdb_expiration FROM " . $config['table_prefix'] . "listingsdb WHERE (listingsdb_id = {$edit})";
             }
             $ADODB_FETCH_MODE = ADODB_FETCH_ASSOC;
             $recordSet = $conn->Execute($sql);
             if ($recordSet === false) {
                 $misc->log_error($sql);
             }
             if ($recordSet->RecordCount() > 0) {
                 // collect up the main DB's various fields
                 $listing_ID = $misc->make_db_unsafe($recordSet->fields['listingsdb_id']);
                 $edit_title = $misc->make_db_unsafe($recordSet->fields['listingsdb_title']);
                 $edit_notes = $misc->make_db_unsafe($recordSet->fields['listingsdb_notes']);
                 $edit_mlsexport = $misc->make_db_unsafe($recordSet->fields['listingsdb_mlsexport']);
                 $edit_or_owner = $recordSet->fields['userdb_id'];
                 $last_modified = $recordSet->UserTimeStamp($recordSet->fields['listingsdb_last_modified'], 'D M j G:i:s T Y');
                 $edit_featured = $recordSet->fields['listingsdb_featured'];
                 $edit_active = $recordSet->fields['listingsdb_active'];
                 $expiration = $recordSet->UserTimeStamp($recordSet->fields['listingsdb_expiration'], $config["date_format_timestamp"]);
                 // now, display all that stuff
                 $display .= '<table class="form_main">';
                 $display .= '<tr>';
                 $display .= '<td colspan="3" class="row_main">';
                 if ($only_my_listings == true) {
                     $display .= '<span class="section_header"><a href="index.php?action=edit_my_listings">' . $lang['listings_editor'] . '</a></span><br />';
                 } else {
                     $display .= '<span class="section_header"><a href="index.php?action=edit_listings">' . $lang['listings_editor'] . '</a></span><br />';
                 }
                 $display .= '<h3>' . $lang['admin_listings_editor_modify_listing'] . ' (<a href="' . $config['baseurl'] . '/index.php?action=listingview&amp;listingID=' . $listing_ID . '" target="_preview">' . $lang['preview'] . '</a>)</h3>';
                 $display .= '</td>';
                 $display .= '</tr>';
                 $display .= '<tr>';
                 $display .= '<td valign="top" align="center" class="row_main">';
                 $display .= '<b>' . $lang['images'] . '</b>';
                 $display .= '<br />';
                 $display .= '<hr width="75%" />';
                 $display .= '<form action="index.php?action=edit_listing_images" method="post" name="edit_listing_images"><input type="hidden" name="edit" value="' . $_GET['edit'] . '" /><a href="javascript:document.edit_listing_images.submit()">' . $lang['edit_images'] . '</a></form>';
                 $display .= '<br />';
                 $sql = "SELECT listingsimages_caption, listingsimages_file_name, listingsimages_thumb_file_name FROM " . $config['table_prefix'] . "listingsimages WHERE (listingsdb_id = {$edit}) ORDER BY listingsimages_rank";
                 $recordSet = $conn->Execute($sql);
                 if ($recordSet === false) {
                     $misc->log_error($sql);
                 }
                 while (!$recordSet->EOF) {
                     $caption = $misc->make_db_unsafe($recordSet->fields['listingsimages_caption']);
                     $thumb_file_name = $misc->make_db_unsafe($recordSet->fields['listingsimages_thumb_file_name']);
                     $file_name = $misc->make_db_unsafe($recordSet->fields['listingsimages_file_name']);
                     // gotta grab the image size
                     $thumb_imagedata = GetImageSize("{$config['listings_upload_path']}/{$thumb_file_name}");
                     $thumb_imagewidth = $thumb_imagedata[0];
                     $thumb_imageheight = $thumb_imagedata[1];
                     $thumb_max_width = $config['thumbnail_width'];
                     $thumb_max_height = $config['thumbnail_height'];
                     $resize_by = $config['resize_thumb_by'];
                     $shrinkage = 1;
                     if ($thumb_max_width == $thumb_imagewidth || $thumb_max_height == $thumb_imageheight) {
                         $thumb_displaywidth = $thumb_imagewidth;
                         $thumb_displayheight = $thumb_imageheight;
                     } else {
                         if ($resize_by == 'width') {
                             $shrinkage = $thumb_imagewidth / $thumb_max_width;
                             $thumb_displaywidth = $thumb_max_width;
                             $thumb_displayheight = round($thumb_imageheight / $shrinkage);
                         } elseif ($resize_by == 'height') {
                             $shrinkage = $thumb_imageheight / $thumb_max_height;
                             $thumb_displayheight = $thumb_max_height;
                             $thumb_displaywidth = round($thumb_imagewidth / $shrinkage);
                         } elseif ($resize_by == 'both') {
                             $thumb_displayheight = $thumb_max_height;
                             $thumb_displaywidth = $thumb_max_width;
                         }
                     }
                     $display .= "<a href=\"{$config['listings_view_images_path']}/{$file_name}\" target=\"_thumb\"> ";
                     $display .= "<img src=\"{$config['listings_view_images_path']}/{$thumb_file_name}\" height=\"{$thumb_displayheight}\" width=\"{$thumb_displaywidth}\" alt=\"{$thumb_file_name}\" /></a><br /> ";
                     $display .= "<b>{$caption}</b><br /><br />";
                     $recordSet->MoveNext();
                 }
                 // end while
                 $display .= '</td>';
                 if ($_SESSION['admin_privs'] == "yes" || $_SESSION['havevtours'] == "yes") {
                     $display .= '<td valign="top" align="center" class="row_main">';
                     $display .= '<b>' . $lang['vtours'] . '</b>';
                     $display .= '<br />';
                     $display .= '<hr width="75%" />';
                     $display .= '<form action="index.php?action=edit_vtour_images" method="post" name="edit_vtour_images"><input type="hidden" name="edit" value="' . $edit . '" /><a href="javascript:document.edit_vtour_images.submit()">' . $lang['edit_vtours'] . '</a></form>';
                     $display .= '<br />';
                     $sql = "SELECT vtourimages_caption, vtourimages_file_name, vtourimages_thumb_file_name FROM " . $config['table_prefix'] . "vtourimages WHERE (listingsdb_id = '{$edit}') ORDER BY  vtourimages_rank";
                     $recordSet = $conn->Execute($sql);
                     if ($recordSet === false) {
                         $misc->log_error($sql);
                     }
                     while (!$recordSet->EOF) {
                         $caption = $misc->make_db_unsafe($recordSet->fields['vtourimages_caption']);
                         $thumb_file_name = $misc->make_db_unsafe($recordSet->fields['vtourimages_thumb_file_name']);
                         $file_name = $misc->make_db_unsafe($recordSet->fields['vtourimages_file_name']);
                         $ext = substr(strrchr($file_name, '.'), 1);
                         if ($ext == 'jpg') {
                             // gotta grab the image size
                             $imagedata = GetImageSize("{$config['vtour_upload_path']}/{$thumb_file_name}");
                             $imagewidth = $imagedata[0];
                             $imageheight = $imagedata[1];
                             $shrinkage = $config['thumbnail_width'] / $imagewidth;
                             $displaywidth = $imagewidth * $shrinkage;
                             $displayheight = $imageheight * $shrinkage;
                             $display .= "<a href=\"{$config['vtour_view_images_path']}/{$file_name}\" target=\"_thumb\">";
                             $display .= "<img src=\"{$config['vtour_view_images_path']}/{$thumb_file_name}\" height=\"{$displayheight}\" width=\"{$displaywidth}\" alt=\"{$thumb_file_name}\" /></a><br /> ";
                             $display .= "<strong>{$caption}</strong><br /><br />";
                             $recordSet->MoveNext();
                         } elseif ($ext == 'egg') {
                             $display .= "<img src=\"{$config['baseurl']}/images/eggimage.gif\" alt=\"eggimage.gif\" /><br /> ";
                             $recordSet->MoveNext();
                         } else {
                             $display .= $file_name . '<br />' . $lang['unsupported_vtour'] . '<br /><br />';
                             $recordSet->MoveNext();
                         }
                     }
                     // end while
                     if ($_SESSION['admin_privs'] == "yes" || $_SESSION['havefiles'] == "yes") {
                         $display .= '<br />';
                     } else {
                         $display .= '</td>';
                     }
                 }
                 // Place the Files list and edit files link on the edit listing page if we are allowed to have files.
                 if ($_SESSION['admin_privs'] == "yes" || $_SESSION['havefiles'] == "yes") {
                     if ($_SESSION['admin_privs'] == "yes" || $_SESSION['havevtours'] == "yes") {
                         $display .= '<br />';
                     } else {
                         $display .= '<td valign="top" align="center" class="row_main">';
                     }
                     $display .= '<b>' . $lang['files'] . '</b>';
                     $display .= '<br />';
                     $display .= '<hr width="75%" />';
                     $display .= '<form action="index.php?action=edit_listing_files" method="post" name="edit_listing_files"><input type="hidden" name="edit" value="' . $_GET['edit'] . '" /><a href="javascript:document.edit_listing_files.submit()">' . $lang['edit_files'] . '</a></form>';
                     $display .= '<br />';
                     $sql = "SELECT listingsfiles_id, listingsfiles_caption, listingsfiles_file_name FROM " . $config['table_prefix'] . "listingsfiles WHERE (listingsdb_id = '{$_GET['edit']}')";
                     $recordSet = $conn->Execute($sql);
                     if ($recordSet === false) {
                         $misc->log_error($sql);
                     }
                     while (!$recordSet->EOF) {
                         $caption = $misc->make_db_unsafe($recordSet->fields['listingsfiles_caption']);
                         $file_name = $misc->make_db_unsafe($recordSet->fields['listingsfiles_file_name']);
                         $file_id = $misc->make_db_unsafe($recordSet->fields['listingsfiles_id']);
                         $iconext = substr(strrchr($file_name, '.'), 1);
                         $iconpath = $config["file_icons_path"] . '/' . $iconext . '.png';
                         if (file_exists($iconpath)) {
                             $icon = $config["listings_view_file_icons_path"] . '/' . $iconext . '.png';
                         } else {
                             $icon = $config["listings_view_file_icons_path"] . '/default.png';
                         }
                         $file_download_url = 'index.php?action=create_download&amp;ID=' . $edit . '&amp;file_id=' . $file_id . '&amp;type=listing';
                         $display .= '<a href="' . $config['baseurl'] . '/' . $file_download_url . '" target="_thumb">';
                         $display .= '<img src="' . $icon . '" height="' . $config["file_icon_height"] . '" width="' . $config["file_icon_width"] . '" alt="' . $file_name . '" /><br />';
                         $display .= '<strong>' . $file_name . '</strong></a><br />';
                         $display .= '<strong>' . $caption . '</strong><br /><br />';
                         $recordSet->MoveNext();
                     }
                     // end while
                     $display .= '</td>';
                 }
                 $display .= '<td class="row_main">';
                 //START FORM VALIDATION
                 if (isset($_POST['property_class'])) {
                     $class_sql = '';
                     foreach ($_POST['property_class'] as $class_id) {
                         if (empty($class_sql)) {
                             $class_sql .= ' class_id = ' . $class_id;
                         } else {
                             $class_sql .= ' OR class_id = ' . $class_id;
                         }
                         $display .= '<input type="hidden" name="property_class[]" value="' . $class_id . '" />';
                     }
                     $pclass_list = '';
                     $sql = "SELECT DISTINCT(listingsformelements_id) FROM  " . $config['table_prefix_no_lang'] . "classformelements WHERE " . $class_sql;
                     $recordSet = $conn->execute($sql);
                     if ($recordSet === false) {
                         $misc->log_error($sql);
                     }
                     while (!$recordSet->EOF) {
                         if (empty($pclass_list)) {
                             $pclass_list .= $recordSet->fields['listingsformelements_id'];
                         } else {
                             $pclass_list .= ',' . $recordSet->fields['listingsformelements_id'];
                         }
                         $recordSet->Movenext();
                     }
                     if ($pclass_list == '') {
                         $pclass_list = 0;
                     }
                     $sql = "SELECT listingsformelements_field_type, listingsformelements_field_name, listingsformelements_field_caption, listingsformelements_default_text, listingsformelements_field_elements, listingsformelements_required from " . $config['table_prefix'] . "listingsformelements WHERE listingsformelements_id IN (" . $pclass_list . ") ORDER BY listingsformelements_rank, listingsformelements_field_name";
                 } else {
                     $sql = "SELECT listingsformelements_field_type, listingsformelements_field_name, listingsformelements_field_caption, listingsformelements_default_text, listingsformelements_field_elements, listingsformelements_required from " . $config['table_prefix'] . "listingsformelements ORDER BY listingsformelements_rank, listingsformelements_field_name";
                 }
                 $recordSet = $conn->Execute($sql);
                 if ($recordSet === false) {
                     $misc->log_error($sql);
                 }
                 $display .= "\r\n<script type=\"text/javascript\" >\r\n";
                 $display .= "<!--\r\n";
                 $display .= "function validate_form()\r\n";
                 $display .= "{\r\n";
                 $display .= "var msg=\"\"\r\n";
                 $display .= "valid = true;\r\n";
                 $display .= "if ( document.update_listing.title.value == \"\" )\r\n";
                 $display .= "{\r\n";
                 $display .= "msg += '{$lang['forgot_field']} {$lang['admin_listings_editor_title']} {$lang['admin_template_editor_field']}.\\r\\n';\r\n";
                 $display .= "valid = false;\r\n";
                 $display .= "}\r\n";
                 while (!$recordSet->EOF) {
                     $field_name = $recordSet->fields['listingsformelements_field_name'];
                     $field_caption = $recordSet->fields['listingsformelements_field_caption'];
                     $required = $recordSet->fields['listingsformelements_required'];
                     if ($required == 'Yes') {
                         $display .= "if ( document.update_listing.{$field_name}.value == \"\" )\r\n";
                         $display .= "{\r\n";
                         $display .= "msg += '" . html_entity_decode($lang[forgot_field]) . " {$field_caption} " . html_entity_decode($lang[admin_template_editor_field]) . ".\\r\\n';\r\n";
                         $display .= "valid = false;\r\n";
                         $display .= "}\r\n";
                     }
                     $recordSet->MoveNext();
                 }
                 $display .= "if (msg != \"\")\r\n";
                 $display .= "{\r\n";
                 $display .= "alert (msg);";
                 $display .= "}\r\n";
                 $display .= "return valid;\r\n";
                 $display .= "}\r\n";
                 $display .= "//-->\r\n";
                 $display .= "</script>\r\n";
                 //END FORM VALIDATION
                 $display .= '<table>';
                 if ($only_my_listings == true) {
                     $display .= '<form name="update_listing" action="index.php?action=edit_my_listings&amp;edit=' . $_GET['edit'] . '" method="post" onsubmit="return validate_form ( );">';
                 } else {
                     $display .= '<form name="update_listing" action="index.php?action=edit_listings&amp;edit=' . $_GET['edit'] . '" method="post" onsubmit="return validate_form ( );">';
                 }
                 $display .= '<input type="hidden" name="action" value="update_listing">';
                 $display .= '<input type="hidden" name="edit" value="' . $_GET['edit'] . '">';
                 $display .= '<tr>';
                 $display .= '<td align="right"><b>' . $lang['admin_listings_editor_title'] . ': <font color="red">*</font></b></td>';
                 $display .= '<td align="left"> <input type="text" name="title" value="' . $edit_title . '"></td></tr>';
                 // Display Property Classes
                 $sql2 = 'SELECT class_id FROM ' . $config['table_prefix_no_lang'] . 'classlistingsdb WHERE listingsdb_id =' . $listing_ID;
                 $recordSet2 = $conn->execute($sql2);
                 if ($recordSet2 === false) {
                     $misc->log_error($sql2);
                 }
                 $selected_class_id = array();
                 while (!$recordSet2->EOF) {
                     $selected_class_id[] = $recordSet2->fields['class_id'];
                     $recordSet2->MoveNext();
                 }
                 $sql2 = 'SELECT class_id,class_name FROM ' . $config['table_prefix'] . 'class';
                 $recordSet2 = $conn->execute($sql2);
                 if ($recordSet2 === false) {
                     $misc->log_error($sql2);
                 }
                 $display .= '<tr><td align="right"><b>' . $lang['admin_listings_editor_property_class'] . '</b></td><td align="left">';
                 $display .= '<select name="pclass[]"';
                 if ($config["multiple_pclass_selection"] == '1') {
                     $display .= ' multiple="multiple" size="5"';
                 }
                 $display .= '>';
                 while (!$recordSet2->EOF) {
                     $class_id = $recordSet2->fields['class_id'];
                     $class_name = $misc->make_db_unsafe($recordSet2->fields['class_name']);
                     if (in_array($class_id, $selected_class_id, true)) {
                         $display .= '<option value="' . $class_id . '" selected="selected">' . $class_name . '</option>';
                     } else {
                         $display .= '<option value="' . $class_id . '">' . $class_name . '</option>';
                     }
                     $recordSet2->MoveNext();
                 }
                 $display .= '</select></td></tr>';
                 // End property Class Display
                 if ($_SESSION['featureListings'] == "yes" || $_SESSION['admin_privs'] == "yes") {
                     $display .= '<tr><td align="right"><b>' . $lang['admin_listings_editor_featured'] . ':</b></td><td align="left">';
                     $display .= '<select name="featured" size="1">';
                     $display .= '<option value="' . $edit_featured . '">' . $lang['' . $edit_featured . ''] . '</option>';
                     $display .= '<option value="">-----</option>';
                     $display .= '<option value="yes">' . $lang['yes'] . '</option>';
                     $display .= '<option value="no">' . $lang['no'] . '</option>';
                     $display .= '</select></td></tr>';
                 }
                 // end if ($featureListings == "yes")
                 if ($_SESSION['admin_privs'] == "yes" || $_SESSION['moderator'] == 'yes') {
                     $display .= '<tr><td align="right"><b>' . $lang['admin_listings_active'] . ':</b></td><td align="left">';
                     $display .= '<select name="edit_active" size="1">';
                     $display .= '<option value="' . $edit_active . '">' . $lang['' . $edit_active . ''] . '</option>';
                     $display .= '<option value="">-----</option>';
                     $display .= '<option value="yes">' . $lang['yes'] . '</option>';
                     $display .= '<option value="no">' . $lang['no'] . '</option>';
                     $display .= '</select></td></tr>';
                     if ($config['moderate_listings'] == 1 && $edit_active == 'no') {
                         $display .= '<tr><td align="right"><b>' . $lang['admin_send_notices'] . ':</b></td><td align="left">';
                         $display .= '<select name="send_notices" size="1">';
                         $display .= '<option value="no">' . $lang['no'] . '</option>';
                         $display .= '<option value="yes">' . $lang['yes'] . '</option>';
                         $display .= '</select>';
                         $display .= ' <a href="#" class="tooltip"><img src="images/info.gif" width="16" height="16" /><span>' . $lang['send_notices_tool_tip'] . '</span></a>';
                         $display .= '</td></tr>';
                     }
                 }
                 // end if ($featureListings == "yes")
                 if (($_SESSION['admin_privs'] == "yes" || $_SESSION['edit_expiration'] == "yes") && $config['use_expiration'] == "1") {
                     $display .= '<tr><td align="right" class="row_main"><b>' . $lang['expiration'] . ':</b></td><td align="left"><input type="text" name="edit_expiration" value="' . $expiration . '" onFocus="javascript:vDateType=\'' . $config['date_format'] . '\'" onKeyUp="DateFormat(this,this.value,event,false,\'' . $config['date_format'] . '\')" onBlur="DateFormat(this,this.value,event,true,\'' . $config['date_format'] . '\')" />(' . $config['date_format_long'] . ')</td></tr>';
                 }
                 // end if ($admin_privs == "yes" and $config[use_expiration] = "yes")
                 if ($config["export_listings"] == 1 && $_SESSION['export_listings'] == "yes") {
                     $display .= '<tr><td align="right"><strong>' . $lang['admin_listings_editor_mlsexport'] . ':</strong></td><td align="left">';
                     $display .= '<select name="mlsexport" size="1">';
                     $display .= '<option value="' . $edit_mlsexport . '">' . $lang['' . $edit_mlsexport . ''] . '</option>';
                     $display .= '<option value="">-----</option>';
                     $display .= '<option value="yes">' . $lang['yes'] . '</option>';
                     $display .= '<option value="no">' . $lang['no'] . '</option>';
                     $display .= '</select>';
                     $display .= '</td></tr>';
                 } else {
                     $display .= '<input type="hidden" name="mlsexport" value="no" />';
                 }
                 // Display Agent selection Option to reassign listing
                 if ($_SESSION['admin_privs'] == "yes" || $_SESSION['edit_all_listings'] == "yes") {
                     $display .= '<tr><td align="right"><b>' . $lang['listing_editor_listing_agent'] . ':</b></td>';
                     $display .= '<td align="left" class="row_main"><select name="or_owner" size="1">';
                     // find the name of the agent listed as ID in $edit_or_owner
                     $sql = "SELECT userdb_user_first_name, userdb_user_last_name FROM " . $config['table_prefix'] . "userdb WHERE (userdb_id = {$edit_or_owner})";
                     $ADODB_FETCH_MODE = ADODB_FETCH_ASSOC;
                     $recordSet = $conn->Execute($sql);
                     if ($recordSet === false) {
                         $misc->log_error($sql);
                     }
                     // strip slashes so input appears correctly
                     $agent_first_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_first_name']);
                     $agent_last_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_last_name']);
                     $display .= "<option value=\"{$edit_or_owner}\">{$agent_last_name},{$agent_first_name}</option>";
                     // fill list with names of all agents
                     $sql = "SELECT userdb_id, userdb_user_first_name, userdb_user_last_name FROM " . $config['table_prefix'] . "userdb where userdb_is_agent = 'yes' or userdb_is_admin = 'yes' ORDER BY userdb_user_last_name,userdb_user_first_name";
                     $ADODB_FETCH_MODE = ADODB_FETCH_ASSOC;
                     $recordSet = $conn->Execute($sql);
                     if ($recordSet === false) {
                         $misc->log_error($sql);
                     }
                     while (!$recordSet->EOF) {
                         // strip slashes so input appears correctly
                         $agent_ID = $recordSet->fields['userdb_id'];
                         $agent_first_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_first_name']);
                         $agent_last_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_last_name']);
                         $display .= "<option value=\"{$agent_ID}\">{$agent_last_name},{$agent_first_name}</option>";
                         $recordSet->MoveNext();
                     }
                     $display .= "</select></td>";
                     $display .= '</tr>';
                 } else {
                     $display .= '<input type="hidden" name="or_owner" value="' . $edit_or_owner . '" />';
                 }
                 // Show Notes Field
                 if ($config["show_notes_field"] == 1) {
                     $display .= '<tr><td align="right"><b>' . $lang['admin_listings_editor_notes'] . ':</b><br /><div class="small">(' . $lang['admin_listings_editor_notes_note'] . ')</div></td><td align="left"> <textarea name="notes" rows="6" cols="40">' . $edit_notes . '</textarea></td></tr>';
                 } else {
                     $display .= '<input type="hidden" name="notes" value="' . $edit_notes . '" />';
                 }
                 // Show Listing Fields for this property class
                 $sql = 'SELECT class_id from ' . $config['table_prefix_no_lang'] . 'classlistingsdb WHERE listingsdb_id =' . $edit;
                 $recordSet = $conn->Execute($sql);
                 if ($recordSet === false) {
                     $misc->log_error($sql);
                 }
                 $class_sql = '';
                 while (!$recordSet->EOF()) {
                     $class_id = $recordSet->fields['class_id'];
                     if (empty($class_sql)) {
                         $class_sql .= ' class_id = ' . $class_id;
                     } else {
                         $class_sql .= ' OR class_id = ' . $class_id;
                     }
                     $recordSet->MoveNext();
                 }
                 $class_list = '';
                 $sql = "SELECT DISTINCT(listingsformelements_id) FROM  " . $config['table_prefix_no_lang'] . "classformelements WHERE " . $class_sql;
                 $recordSet = $conn->Execute($sql);
                 if ($recordSet === false) {
                     $misc->log_error($sql);
                 }
                 while (!$recordSet->EOF) {
                     if (empty($class_list)) {
                         $class_list .= $recordSet->fields['listingsformelements_id'];
                     } else {
                         $class_list .= ',' . $recordSet->fields['listingsformelements_id'];
                     }
                     $recordSet->MoveNext();
                 }
                 if ($class_list == '') {
                     $class_list = 0;
                 }
                 $sql = "SELECT listingsformelements_field_name, listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption, listingsformelements_default_text, listingsformelements_field_elements, listingsformelements_required, listingsformelements_field_length, listingsformelements_tool_tip FROM " . $config['table_prefix'] . "listingsformelements left join " . $config['table_prefix'] . "listingsdbelements on listingsdbelements_field_name = listingsformelements_field_name AND listingsdb_id = {$edit} WHERE listingsformelements_id IN (" . $class_list . ") ORDER BY listingsformelements_rank";
                 $recordSet = $conn->Execute($sql);
                 if ($recordSet === false) {
                     $misc->log_error($sql);
                 }
                 while (!$recordSet->EOF) {
                     $field_name = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_name']);
                     if (isset($_POST[$field_name])) {
                         if (is_array($_POST[$field_name])) {
                             $field_value = "";
                             foreach ($_POST[$field_name] as $feature_item) {
                                 $feature_item = $misc->make_db_unsafe($feature_item);
                                 $field_value .= "||{$feature_item}";
                             }
                             // end while
                             // now remove the first two characters
                             $feature_insert_length = strlen($field_value);
                             $feature_insert_length = $feature_insert_length - 2;
                             $field_value = substr($field_value, 2, $feature_insert_length);
                         } else {
                             $field_value = $misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']);
                         }
                     } else {
                         $field_value = $misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']);
                     }
                     $field_type = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_type']);
                     $field_caption = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_caption']);
                     $default_text = $misc->make_db_unsafe($recordSet->fields['listingsformelements_default_text']);
                     $field_elements = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_elements']);
                     $required = $misc->make_db_unsafe($recordSet->fields['listingsformelements_required']);
                     $field_length = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_length']);
                     $tool_tip = $misc->make_db_unsafe($recordSet->fields['listingsformelements_tool_tip']);
                     // pass the data to the function
                     $display .= $forms->renderExistingFormElement($field_type, $field_name, $field_value, $field_caption, $default_text, $required, $field_elements, $field_length, $tool_tip);
                     $recordSet->MoveNext();
                 }
                 //$editid = substr($edit, 1, -1) * 1;
                 if ($only_my_listings == true) {
                     $edit_link = $config['baseurl'] . '/admin/index.php?action=edit_my_listings&amp;edit=' . $edit;
                     $delete_link = $config['baseurl'] . '/admin/index.php?action=edit_my_listings&amp;delete=' . $edit;
                 } else {
                     $edit_link = $config['baseurl'] . '/admin/index.php?action=edit_listings&amp;edit=' . $edit;
                     $delete_link = $config['baseurl'] . '/admin/index.php?action=edit_listings&amp;delete=' . $edit;
                 }
                 $display .= '<tr><td colspan="2" align="center">' . $lang[required_form_text] . '</td></tr>';
                 $display .= '<tr><td colspan="2" align="center"><input type="submit" value="' . $lang[update_button] . '">  <a href="' . $delete_link . '" onclick="return confirmDelete()">' . $lang[admin_listings_editor_delete_listing] . '</a></td></tr></table></form>';
                 $display .= '</td></tr></table>';
             } else {
                 $display .= '<center><span class="redtext">' . $lang['admin_listings_editor_invalid_listing'] . '</span></center>';
                 $next_prev = '<center>' . $misc->next_prev($num_rows, $_GET['cur_page'], "", '', TRUE) . '</center>';
                 // put in the next/previous stuff
                 $display .= listing_editor::show_quick_edit_bar($next_prev, $only_my_listings);
             }
         } else {
             // show all the listings
             $sql_filter = '';
             if (isset($_POST['filter'])) {
                 if ($_POST['filter'] == 'active') {
                     $sql_filter = " AND listingsdb_active = 'yes' ";
                 }
                 if ($_POST['filter'] == 'inactive') {
                     $sql_filter = " AND listingsdb_active = 'no' ";
                 }
                 if ($_POST['filter'] == 'expired') {
                     $sql_filter = " AND listingsdb_expiration < " . $conn->DBDate(time());
                 }
                 if ($_POST['filter'] == 'featured') {
                     $sql_filter = " AND listingsdb_featured = 'yes' ";
                 }
                 if ($_POST['filter'] == 'created_1week') {
                     $sql_filter = " AND listingsdb_creation_date >= " . $conn->DBDate(date('Y-m-d', strtotime('-1 week')));
                 }
                 if ($_POST['filter'] == 'created_1month') {
                     $sql_filter = " AND listingsdb_creation_date >= " . $conn->DBDate(date('Y-m-d', strtotime('-1 month')));
                 }
                 if ($_POST['filter'] == 'created_3month') {
                     $sql_filter = " AND listingsdb_creation_date >= " . $conn->DBDate(date('Y-m-d', strtotime('-3 month')));
                 }
             }
             $lookup_sql = '';
             if (isset($_POST['lookup_field']) && isset($_POST['lookup_value']) && $_POST['lookup_field'] != 'listingsdb_id' && $_POST['lookup_field'] != 'listingsdb_title' && $_POST['lookup_value'] != '') {
                 $lookup_field = $misc->make_db_safe($_POST['lookup_field']);
                 $lookup_value = $misc->make_db_safe('%' . $_POST['lookup_value'] . '%');
                 $sql = 'SELECT listingsdb_id FROM ' . $config['table_prefix'] . 'listingsdbelements WHERE listingsdbelements_field_name = ' . $lookup_field . ' AND listingsdbelements_field_value LIKE ' . $lookup_value;
                 $recordSet = $conn->Execute($sql);
                 if ($recordSet === false) {
                     $misc->log_error($sql);
                 }
                 $listing_ids = array();
                 while (!$recordSet->EOF) {
                     $listing_ids[] = $recordSet->fields['listingsdb_id'];
                     $recordSet->MoveNext();
                 }
                 if (count($listing_ids) > 0) {
                     $listing_ids = implode(',', $listing_ids);
                 } else {
                     $listing_ids = '0';
                 }
                 $lookup_sql = ' AND listingsdb_id IN (' . $listing_ids . ') ';
             }
             if (isset($_POST['lookup_field']) && isset($_POST['lookup_value']) && $_POST['lookup_field'] == 'listingsdb_title' && $_POST['lookup_value'] != '') {
                 $lookup_value = $misc->make_db_safe('%' . $_POST['lookup_value'] . '%');
                 $sql = 'SELECT listingsdb_id FROM ' . $config['table_prefix'] . 'listingsdb WHERE listingsdb_title  LIKE ' . $lookup_value;
                 $recordSet = $conn->Execute($sql);
                 if ($recordSet === false) {
                     $misc->log_error($sql);
                 }
                 $listing_ids = array();
                 while (!$recordSet->EOF) {
                     $listing_ids[] = $recordSet->fields['listingsdb_id'];
                     $recordSet->MoveNext();
                 }
                 if (count($listing_ids) > 0) {
                     $listing_ids = implode(',', $listing_ids);
                 } else {
                     $listing_ids = '0';
                 }
                 $lookup_sql = ' AND listingsdb_id IN (' . $listing_ids . ') ';
             }
             if (isset($_POST['pclass_filter']) && $_POST['pclass_filter'] != '') {
                 $pclass_filter = $misc->make_db_safe($_POST['pclass_filter']);
                 $sql = 'SELECT listingsdb_id FROM ' . $config['table_prefix_no_lang'] . 'classlistingsdb WHERE class_id = ' . $pclass_filter;
                 $recordSet = $conn->Execute($sql);
                 if ($recordSet === false) {
                     $misc->log_error($sql);
                 }
                 $listing_ids = array();
                 while (!$recordSet->EOF) {
                     $listing_ids[] = $recordSet->fields['listingsdb_id'];
                     $recordSet->MoveNext();
                 }
                 if (count($listing_ids) > 0) {
                     $listing_ids = implode(',', $listing_ids);
                 } else {
                     $listing_ids = '0';
                 }
                 $pclass_sql = ' AND listingsdb_id IN (' . $listing_ids . ') ';
             }
             if (isset($_POST['agent_filter']) && $_POST['agent_filter'] != '') {
                 $agent_filter = $misc->make_db_safe($_POST['agent_filter']);
                 $sql = 'SELECT listingsdb_id FROM ' . $config['table_prefix'] . 'listingsdb WHERE userdb_id = ' . $agent_filter;
                 $recordSet = $conn->Execute($sql);
                 if ($recordSet === false) {
                     $misc->log_error($sql);
                 }
                 $listing_ids = array();
                 while (!$recordSet->EOF) {
                     $listing_ids[] = $recordSet->fields['listingsdb_id'];
                     $recordSet->MoveNext();
                 }
                 if (count($listing_ids) > 0) {
                     $listing_ids = implode(',', $listing_ids);
                 } else {
                     $listing_ids = '0';
                 }
                 $agent_sql = ' AND listingsdb_id IN (' . $listing_ids . ') ';
             }
             // grab the number of listings from the db
             if ($only_my_listings == true) {
                 $sql = "SELECT listingsdb_id, listingsdb_title, listingsdb_mlsexport, listingsdb_notes,\tlistingsdb_expiration, listingsdb_active, listingsdb_featured, listingsdb_hit_count, userdb_emailaddress FROM " . $config['table_prefix'] . "listingsdb, " . $config['table_prefix'] . "userdb WHERE " . $config['table_prefix'] . "listingsdb.userdb_id = " . $config['table_prefix'] . "userdb.userdb_id AND (" . $config['table_prefix'] . "userdb.userdb_id = '{$_SESSION['userID']}') {$sql_filter} {$lookup_sql} {$pclass_sql} {$agent_sql} ORDER BY listingsdb_id ASC";
             } else {
                 $sql = "SELECT listingsdb_id, listingsdb_title, listingsdb_mlsexport, listingsdb_notes,\tlistingsdb_expiration, listingsdb_active, listingsdb_featured, listingsdb_hit_count, userdb_emailaddress FROM " . $config['table_prefix'] . "listingsdb, " . $config['table_prefix'] . "userdb WHERE " . $config['table_prefix'] . "listingsdb.userdb_id = " . $config['table_prefix'] . "userdb.userdb_id {$sql_filter} {$lookup_sql} {$pclass_sql} {$agent_sql} ORDER BY listingsdb_id ASC";
             }
             $recordSet = $conn->Execute($sql);
             if ($recordSet === false) {
                 $misc->log_error($sql);
             }
             $num_rows = $recordSet->RecordCount();
             if (!isset($_GET['cur_page'])) {
                 $_GET['cur_page'] = 0;
             }
             $next_prev = '<center>' . $misc->next_prev($num_rows, $_GET['cur_page'], "", '', TRUE) . '</center>';
             // put in the next/previous stuff
             $display .= listing_editor::show_quick_edit_bar($next_prev, $only_my_listings);
             // build the string to select a certain number of listings per page
             $limit_str = $_GET['cur_page'] * $config['listings_per_page'];
             $recordSet = $conn->SelectLimit($sql, $config['listings_per_page'], $limit_str);
             if ($recordSet === false) {
                 $misc->log_error($sql);
             }
             $count = 0;
             $display .= "<br /><br />";
             $page->load_page($config['admin_template_path'] . '/edit_listings.html');
             $page->replace_lang_template_tags();
             $page->replace_tags();
             $addons = $page->load_addons();
             $listing_section = $page->get_template_section('listing_dataset');
             while (!$recordSet->EOF) {
                 // alternate the colors
                 if ($count == 0) {
                     $count = $count + 1;
                 } else {
                     $count = 0;
                 }
                 $listing .= $listing_section;
                 // strip slashes so input appears correctly
                 $title = $misc->make_db_unsafe($recordSet->fields['listingsdb_title']);
                 $notes = $misc->make_db_unsafe($recordSet->fields['listingsdb_notes']);
                 $active = $misc->make_db_unsafe($recordSet->fields['listingsdb_active']);
                 $featured = $misc->make_db_unsafe($recordSet->fields['listingsdb_featured']);
                 $mlsexport = $misc->make_db_unsafe($recordSet->fields['listingsdb_mlsexport']);
                 $email = $misc->make_db_unsafe($recordSet->fields['userdb_emailaddress']);
                 $formatted_expiration = $recordSet->UserTimeStamp($recordSet->fields['listingsdb_expiration'], $config["date_format_timestamp"]);
                 $listingID = $recordSet->fields['listingsdb_id'];
                 $hit_count = $misc->make_db_unsafe($recordSet->fields['listingsdb_hit_count']);
                 if ($active == 'yes') {
                     $active = '<span class="edit_listings_' . $active . '">' . $lang['yes'] . '</span>';
                 } elseif ($active == 'no') {
                     $active = '<span class="edit_listings_' . $active . '">' . $lang['no'] . '</span>';
                 }
                 if ($featured == 'yes') {
                     $featured = '<span class="edit_listings_' . $featured . '">' . $lang['yes'] . '</span>';
                 } elseif ($featured == 'no') {
                     $featured = '<span class="edit_listings_' . $featured . '">' . $lang['no'] . '</span>';
                 }
                 //Add filters to link
                 if (isset($_POST['lookup_field']) && isset($_POST['lookup_value'])) {
                     $_GET['lookup_field'] = $_POST['lookup_field'];
                     $_GET['lookup_value'] = $_POST['lookup_value'];
                 }
                 if (isset($_GET['lookup_field']) && isset($_GET['lookup_value'])) {
                     $_POST['lookup_field'] = $_GET['lookup_field'];
                     $_POST['lookup_value'] = $_GET['lookup_value'];
                 }
                 if ($only_my_listings == true) {
                     $edit_link = $config['baseurl'] . '/admin/index.php?action=edit_my_listings&amp;edit=' . $listingID;
                     $delete_link = $config['baseurl'] . '/admin/index.php?action=edit_my_listings&amp;delete=' . $listingID;
                 } else {
                     $edit_link = $config['baseurl'] . '/admin/index.php?action=edit_listings&amp;edit=' . $listingID;
                     $delete_link = $config['baseurl'] . '/admin/index.php?action=edit_listings&amp;delete=' . $listingID;
                 }
                 $email_link = 'mailto:' . $email;
                 $listing = $page->replace_listing_field_tags($listingID, $listing);
                 $listing = $page->parse_template_section($listing, 'listingid', $listingID);
                 $listing = $page->parse_template_section($listing, 'edit_listing_link', $edit_link);
                 $listing = $page->parse_template_section($listing, 'delete_listing_link', $delete_link);
                 $listing = $page->parse_template_section($listing, 'email_agent_link', $email_link);
                 $listing = $page->parse_template_section($listing, 'listing_active_status', $active);
                 $listing = $page->parse_template_section($listing, 'listing_featured_status', $featured);
                 $listing = $page->parse_template_section($listing, 'listing_expiration', $formatted_expiration);
                 $listing = $page->parse_template_section($listing, 'listing_notes', $notes);
                 $listing = $page->parse_template_section($listing, 'row_num_even_odd', $count);
                 $listing = $page->parse_template_section($listing, 'listing_hit_count', $hit_count);
                 $addon_fields = $page->get_addon_template_field_list($addons);
                 $listing = $page->parse_addon_tags($listing, $addon_fields);
                 if ($config["use_expiration"] == 0) {
                     $listing = $page->remove_template_block('show_expiration', $listing);
                 } else {
                     $listing = $page->cleanup_template_block('show_expiration', $listing);
                 }
                 $recordSet->MoveNext();
             }
             // end while
             $page->replace_template_section('listing_dataset', $listing);
             $page->replace_permission_tags();
             $display .= $page->return_page();
         }
         // end if $edit == ""
     } else {
         $display .= '<div class="error_text">' . $lang['access_denied'] . '</div>';
     }
     return $display;
 }
Пример #3
0
 function renderFeaturedListings($num_of_listings = 0, $template_name = '', $random = FALSE, $pclass = '', $latest = FALSE)
 {
     global $conn, $lang, $config, $db_type, $current_ID;
     //Load the Core Template class and the Misc Class
     require_once $config['basepath'] . '/include/class/template/core.inc.php';
     $page = new page_user();
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     //Declare an empty display variable to hold all output from function.
     $display = '';
     //If We have a $current_ID save it
     $old_current_ID = '';
     if ($current_ID != '') {
         $old_current_ID = $current_ID;
     }
     //Get the number of listing to display by default, unless user specified an override in the template file.
     if ($num_of_listings == 0) {
         $num_of_listings = $config['num_featured_listings'];
     }
     //Load a Random set of featured listings
     if ($db_type == 'mysql') {
         $rand = 'RAND()';
     } else {
         $rand = 'RANDOM()';
     }
     if ($latest == TRUE) {
         $rand = 'listingsdb_id DESC';
     }
     if ($random == TRUE || $latest == TRUE) {
         $sql_rand = '';
     } else {
         $sql_rand = "(listingsdb_featured = 'yes') AND";
     }
     if ($config['use_expiration'] === "1") {
         if ($pclass != '') {
             $sql = "SELECT " . $config['table_prefix'] . "listingsdb.listingsdb_id, listingsdb_title FROM " . $config['table_prefix'] . "listingsdb," . $config['table_prefix_no_lang'] . "classlistingsdb WHERe {$sql_rand} (listingsdb_active = 'yes') AND (listingsdb_expiration > " . $conn->DBDate(time()) . ") AND (" . $config['table_prefix'] . "listingsdb.listingsdb_id = " . $config['table_prefix_no_lang'] . "classlistingsdb.listingsdb_id) AND class_id = " . $pclass . " ORDER BY {$rand}";
         } else {
             $sql = "SELECT " . $config['table_prefix'] . "listingsdb.listingsdb_id, listingsdb_title FROM " . $config['table_prefix'] . "listingsdb WHERE {$sql_rand} (listingsdb_active = 'yes') AND (listingsdb_expiration > " . $conn->DBDate(time()) . ") ORDER BY {$rand}";
         }
     } else {
         if ($pclass != '') {
             $sql = "SELECT " . $config['table_prefix'] . "listingsdb.listingsdb_id, listingsdb_title FROM " . $config['table_prefix'] . "listingsdb," . $config['table_prefix_no_lang'] . "classlistingsdb WHERE {$sql_rand} (listingsdb_active = 'yes') AND (" . $config['table_prefix'] . "listingsdb.listingsdb_id = " . $config['table_prefix_no_lang'] . "classlistingsdb.listingsdb_id) AND class_id = " . $pclass . " ORDER BY {$rand}";
         } else {
             $sql = "SELECT " . $config['table_prefix'] . "listingsdb.listingsdb_id, listingsdb_title FROM " . $config['table_prefix'] . "listingsdb WHERE {$sql_rand} (listingsdb_active = 'yes') ORDER BY {$rand}";
         }
     }
     $recordSet = $conn->SelectLimit($sql, $num_of_listings, 0);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     //Find out how many listing were returned
     $returned_num_listings = $recordSet->RecordCount();
     if ($returned_num_listings >= 1) {
         //Load the Featured Listing Template specified in the Site Config unless a template was specified in the calling template tag.
         if ($template_name == '') {
             $page->load_page($config['template_path'] . '/' . $config['featured_listing_template']);
         } else {
             if ($random == TRUE) {
                 $page->load_page($config['template_path'] . '/random_listing_' . $template_name . '.html');
             } elseif ($latest == TRUE) {
                 $page->load_page($config['template_path'] . '/latest_listing_' . $template_name . '.html');
             } else {
                 $page->load_page($config['template_path'] . '/featured_listing_' . $template_name . '.html');
             }
         }
         // Determine if the template uses rows.
         // First item in array is the row conent second item is the number of block per block row
         $featured_template_row = $page->get_template_section_row('featured_listing_block_row');
         if (is_array($featured_template_row)) {
             $row = $featured_template_row[0];
             $col_count = $featured_template_row[1];
             $user_rows = true;
             $x = 1;
             //Create an empty array to hold the row conents
             $new_row_data = array();
         } else {
             $user_rows = false;
         }
         $featured_template_section = '';
         while (!$recordSet->EOF) {
             if ($user_rows == true && $x > $col_count) {
                 //We are at then end of a row. Save the template section as a new row.
                 $new_row_data[] = $page->replace_template_section('featured_listing_block', $featured_template_section, $row);
                 //$new_row_data[] = $featured_template_section;
                 $featured_template_section = $page->get_template_section('featured_listing_block');
                 $x = 1;
             } else {
                 $featured_template_section .= $page->get_template_section('featured_listing_block');
             }
             $listing_title = $misc->make_db_unsafe($recordSet->fields['listingsdb_title']);
             $current_ID = $misc->make_db_unsafe($recordSet->fields['listingsdb_id']);
             if ($config['url_style'] == '1') {
                 $featured_url = 'index.php?action=listingview&amp;listingID=' . $current_ID;
             } else {
                 $url_title = str_replace("/", "", $listing_title);
                 $url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title));
                 $featured_url = 'listing-' . misc::urlencode_to_sef($url_title) . '-' . $current_ID . '.html';
             }
             $featured_template_section = $page->replace_listing_field_tags($current_ID, $featured_template_section);
             $featured_template_section = $page->replace_listing_field_tags($current_ID, $featured_template_section);
             $featured_template_section = $page->parse_template_section($featured_template_section, 'featured_url', $featured_url);
             $featured_template_section = $page->parse_template_section($featured_template_section, 'listingid', $current_ID);
             // Start {isfavorite} featured template section tag
             if (isset($_SESSION['userID'])) {
                 $userID = $misc->make_db_safe($_SESSION['userID']);
                 $sql1 = "SELECT listingsdb_id FROM " . $config['table_prefix'] . "userfavoritelistings WHERE ((listingsdb_id = {$current_ID}) AND (userdb_id={$userID}))";
                 $recordSet1 = $conn->Execute($sql1);
                 if ($recordSet1 === false) {
                     $misc->log_error($sql1);
                 }
                 $favorite_listingsdb_id = $misc->make_db_unsafe($recordSet1->fields['listingsdb_id']);
                 if ($favorite_listingsdb_id !== $current_ID) {
                     $isfavorite = "no";
                     $featured_template_section = $page->parse_template_section($featured_template_section, 'isfavorite', $isfavorite);
                 } else {
                     $isfavorite = "yes";
                     $featured_template_section = $page->parse_template_section($featured_template_section, 'isfavorite', $isfavorite);
                 }
             }
             // End {isfavorite} featured template section tag
             // Setup Image Tags
             $sql2 = "SELECT listingsimages_thumb_file_name,listingsimages_file_name FROM " . $config['table_prefix'] . "listingsimages WHERE (listingsdb_id = {$current_ID}) ORDER BY listingsimages_rank";
             $recordSet2 = $conn->SelectLimit($sql2, 1, 0);
             if ($recordSet2 === false) {
                 $misc->log_error($sql2);
             }
             if ($recordSet2->RecordCount() > 0) {
                 $thumb_file_name = $misc->make_db_unsafe($recordSet2->fields['listingsimages_thumb_file_name']);
                 $file_name = $misc->make_db_unsafe($recordSet2->fields['listingsimages_file_name']);
                 if ($thumb_file_name != "" && file_exists("{$config['listings_upload_path']}/{$thumb_file_name}")) {
                     // gotta grab the thumbnail image size
                     $imagedata = GetImageSize("{$config['listings_upload_path']}/{$thumb_file_name}");
                     $imagewidth = $imagedata[0];
                     $imageheight = $imagedata[1];
                     $shrinkage = $config['thumbnail_width'] / $imagewidth;
                     $featured_thumb_width = $imagewidth * $shrinkage;
                     $featured_thumb_height = $imageheight * $shrinkage;
                     $featured_thumb_src = $config['listings_view_images_path'] . '/' . $thumb_file_name;
                     // gotta grab the thumbnail image size
                     $imagedata = GetImageSize("{$config['listings_upload_path']}/{$file_name}");
                     $imagewidth = $imagedata[0];
                     $imageheight = $imagedata[1];
                     $featured_width = $imagewidth;
                     $featured_height = $imageheight;
                     $featured_src = $config['listings_view_images_path'] . '/' . $file_name;
                 }
             } else {
                 if ($config['show_no_photo'] == 1) {
                     $imagedata = GetImageSize("images/nophoto.gif");
                     $imagewidth = $imagedata[0];
                     $imageheight = $imagedata[1];
                     $shrinkage = $config['thumbnail_width'] / $imagewidth;
                     $featured_thumb_width = $imagewidth * $shrinkage;
                     $featured_thumb_height = $imageheight * $shrinkage;
                     $featured_thumb_src = "images/nophoto.gif";
                     $featured_width = $featured_thumb_width;
                     $featured_height = $featured_thumb_height;
                     $featured_src = "images/nophoto.gif";
                 } else {
                     $featured_thumb_width = '';
                     $featured_thumb_height = '';
                     $featured_thumb_src = '';
                     $featured_width = '';
                     $featured_height = '';
                     $featured_src = '';
                 }
             }
             if (!empty($featured_thumb_src)) {
                 $featured_template_section = $page->parse_template_section($featured_template_section, 'featured_thumb_src', $featured_thumb_src);
                 $featured_template_section = $page->parse_template_section($featured_template_section, 'featured_thumb_height', $featured_thumb_height);
                 $featured_template_section = $page->parse_template_section($featured_template_section, 'featured_thumb_width', $featured_thumb_width);
                 $featured_template_section = $page->cleanup_template_block('featured_img', $featured_template_section);
             } else {
                 $featured_template_section = $page->remove_template_block('featured_img', $featured_template_section);
             }
             if (!empty($featured_src)) {
                 $featured_template_section = $page->parse_template_section($featured_template_section, 'featured_large_src', $featured_src);
                 $featured_template_section = $page->parse_template_section($featured_template_section, 'featured_large_height', $featured_height);
                 $featured_template_section = $page->parse_template_section($featured_template_section, 'featured_large_width', $featured_width);
                 $featured_template_section = $page->cleanup_template_block('featured_img_large', $featured_template_section);
             } else {
                 $featured_template_section = $page->remove_template_block('featured_img_large', $featured_template_section);
             }
             $recordSet->MoveNext();
             if ($user_rows == true) {
                 $x++;
             }
         }
         if ($user_rows == true) {
             $featured_template_section = $page->cleanup_template_block('featured_listing', $featured_template_section);
             $new_row_data[] = $page->replace_template_section('featured_listing_block', $featured_template_section, $row);
             $replace_row = '';
             foreach ($new_row_data as $rows) {
                 $replace_row .= $rows;
             }
             $page->replace_template_section_row('featured_listing_block_row', $replace_row);
         } else {
             $page->replace_template_section('featured_listing_block', $featured_template_section);
         }
         $page->replace_permission_tags();
         $page->auto_replace_tags();
         $display .= $page->return_page();
     }
     $current_ID = '';
     if ($old_current_ID != '') {
         $current_ID = $old_current_ID;
     }
     return $display;
 }
Пример #4
0
 function rss_view($option)
 {
     global $conn, $lang, $config;
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     $display = '';
     $sql = 'SELECT listingsdb_id,listingsdb_last_modified FROM ' . $config['table_prefix'] . 'listingsdb WHERE ';
     //Allow Filtering by agent ID
     if (isset($_GET['agent_id'])) {
         if (!is_array($_GET['agent_id'])) {
             $id = $_GET['agent_id'];
             unset($_GET['agent_id']);
             $_GET['agent_id'][] = $id;
         }
         $aidset = FALSE;
         foreach ($_GET['agent_id'] as $aid) {
             if (is_numeric($aid)) {
                 if ($aidset) {
                     $sql .= ' AND userdb_id = ' . $aid;
                 } else {
                     $sql .= ' userdb_id = ' . $aid;
                 }
                 $aidset = TRUE;
             }
         }
         if ($aidset) {
             $sql .= ' AND ';
         }
     }
     //Decide with RSS feed to show
     switch ($option) {
         case 'featured':
             if (intval($config['rss_limit_featured']) > 0) {
                 $sql .= ' listingsdb_featured = \'yes\' AND listingsdb_active = \'yes\' LIMIT 0, ' . intval($config['rss_limit_featured']);
             } else {
                 $sql .= ' listingsdb_featured = \'yes\' AND listingsdb_active = \'yes\' ';
             }
             $rsslink = $config['baseurl'] . '/index.php?action=rss_featured_listings';
             $rsstitle = $config['rss_title_featured'];
             $rssdesc = $config['rss_desc_featured'];
             $rsslistingdesc = $config['rss_listingdesc_featured'];
             break;
         case 'lastmodified':
             if (intval($config['rss_limit_lastmodified']) > 0) {
                 $sql .= ' listingsdb_active = \'yes\' ORDER BY listingsdb_last_modified DESC LIMIT 0, ' . intval($config['rss_limit_lastmodified']);
             } else {
                 $sql .= ' listingsdb_active = \'yes\' ORDER BY listingsdb_last_modified DESC';
             }
             $rsslink = $config['baseurl'] . '/index.php?action=rss_featured_listings';
             $rsstitle = $config['rss_title_lastmodified'];
             $rssdesc = $config['rss_desc_lastmodified'];
             $rsslistingdesc = $config['rss_listingdesc_lastmodified'];
             break;
     }
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     //Get RSS Template
     require_once $config['basepath'] . '/include/class/template/core.inc.php';
     $page = new page_user();
     $page->load_page($config['template_path'] . '/rss.html', FALSE);
     $page->replace_tag('rss_webroot', $rsslink);
     $page->replace_tag('rss_description', $rssdesc);
     $page->replace_tag('rss_title', $rsstitle);
     $page->replace_tag('rss_listing_description', $rsslistingdesc);
     $listing_template = $page->get_template_section('rss_listing_block');
     $completed_listing_template = '';
     while (!$recordSet->EOF) {
         // first, check to see whether the listing is currently active
         //Lookup Class
         $sql2 = "SELECT class_id FROM " . $config['table_prefix_no_lang'] . "classlistingsdb WHERE listingsdb_id = " . $recordSet->fields['listingsdb_id'];
         $recordSet2 = $conn->SelectLimit($sql2, 1, 0);
         $num = $recordSet2->RecordCount();
         if ($recordSet2 === false) {
             $misc->log_error($sql);
         }
         $class = $recordSet2->fields['class_id'];
         $completed_listing_template .= $page->replace_listing_field_tags($recordSet->fields['listingsdb_id'], $listing_template, TRUE);
         $completed_listing_template = str_replace('{rss_listing_guid}', base64_encode($recordSet->fields['listingsdb_id'] . '-' . $recordSet->fields['listingsdb_last_modified']), $completed_listing_template);
         $recordSet->MoveNext();
     }
     $page->replace_template_section('rss_listing_block', $completed_listing_template);
     $display = $page->return_page();
     return $display;
 }
Пример #5
0
 /**
  * user::view_user()
  *
  * @param  $type
  * @return
  */
 function view_users()
 {
     global $conn, $config, $lang, $agent_id;
     require_once $config['basepath'] . '/include/misc.inc.php';
     require_once $config['basepath'] . '/include/images.inc.php';
     require_once $config['basepath'] . '/include/class/template/core.inc.php';
     $misc = new misc();
     $display = '';
     $user_section = '';
     $page = new page_user();
     $page->load_page($config['template_path'] . '/view_users_default.html');
     //Get User Count
     $sql = "SELECT count(userdb_id) as user_count FROM " . $config['table_prefix'] . "userdb where userdb_is_agent = 'yes' and userdb_active = 'yes' order by userdb_rank,userdb_user_name";
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     $num_rows = $recordSet->fields['user_count'];
     if ($config["show_admin_on_agent_list"] == 0) {
         $options = "userdb_is_agent = 'yes'";
     } else {
         $options = "(userdb_is_agent = 'yes' or userdb_is_admin = 'yes')";
     }
     $sql = "SELECT userdb_user_name, userdb_user_first_name, userdb_user_last_name, userdb_id FROM " . $config['table_prefix'] . "userdb where " . $options . " and userdb_active = 'yes' order by userdb_rank,userdb_user_name";
     //Handle Pagnation
     if (!isset($_GET['cur_page'])) {
         $_GET['cur_page'] = 0;
     }
     $limit_str = intval($_GET['cur_page']) * $config['users_per_page'];
     $some_num = intval($_GET['cur_page']) + 1;
     $next_prev = $misc->next_prev($num_rows, intval($_GET['cur_page']), $guidestring);
     // put in the next/previous stuff
     $recordSet = $conn->SelectLimit($sql, $config['users_per_page'], $limit_str);
     //$recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     while (!$recordSet->EOF) {
         $first_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_first_name']);
         $last_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_last_name']);
         $agent_id = $misc->make_db_unsafe($recordSet->fields['userdb_id']);
         $agent_link = user::get_agent_link($recordSet->fields['userdb_id']);
         $agent_contact_link = user::contact_agent_link($agent_id);
         $agent_fields = user::renderUserInfo($agent_id);
         $user_section .= $page->get_template_section('user_block');
         $user_section = $page->parse_template_section($user_section, 'agent_first_name', $first_name);
         $user_section = $page->parse_template_section($user_section, 'agent_last_name', $last_name);
         $user_section = $page->parse_template_section($user_section, 'agent_id', $agent_id);
         $user_section = $page->parse_template_section($user_section, 'agent_contact_link', $agent_contact_link);
         $user_section = $page->parse_template_section($user_section, 'agent_fields', $agent_fields);
         $user_section = $page->parse_template_section($user_section, 'agent_link', $agent_link);
         // Insert Agent Image
         $sql2 = "SELECT userimages_thumb_file_name FROM " . $config['table_prefix'] . "userimages WHERE userdb_id = {$agent_id} ORDER BY userimages_rank";
         $recordSet2 = $conn->Execute($sql2);
         if ($recordSet2 === false) {
             $misc->log_error($sql2);
         }
         $num_images = $recordSet2->RecordCount();
         if ($num_images == 0) {
             if ($config['show_no_photo'] == 1) {
                 $agent_image = '<img src="images/nophoto.gif" alt="' . $lang['no_photo'] . '" />';
                 $raw_agent_image = 'images/nophoto.gif';
                 $user_section = $page->cleanup_template_block('agent_image_thumb_1', $user_section);
             } else {
                 $agent_image = '';
                 $raw_agent_image = '';
             }
             $user_section = $page->parse_template_section($user_section, 'agent_image_thumb_1', $agent_image);
             $user_section = $page->parse_template_section($user_section, 'raw_agent_image_thumb_1', $raw_agent_image);
             $user_section = $page->remove_template_block('agent_image_thumb_[1-9]', $user_section);
         }
         $x = 1;
         while (!$recordSet2->EOF) {
             $thumb_file_name = $misc->make_db_unsafe($recordSet2->fields['userimages_thumb_file_name']);
             if ($thumb_file_name != "") {
                 // gotta grab the image size
                 $imagedata = GetImageSize("{$config['user_upload_path']}/{$thumb_file_name}");
                 $imagewidth = $imagedata[0];
                 $imageheight = $imagedata[1];
                 $shrinkage = $config['thumbnail_width'] / $imagewidth;
                 $displaywidth = $imagewidth * $shrinkage;
                 $displayheight = $imageheight * $shrinkage;
                 $agent_image = '<img src="' . $config['user_view_images_path'] . '/' . $thumb_file_name . '" height="' . $displayheight . '" width="' . $displaywidth . '" alt="' . $thumb_file_name . '" />';
                 $raw_agent_image = $config['user_view_images_path'] . '/' . $thumb_file_name;
             }
             // end if ($thumb_file_name != "")
             // We have the image so insert it into the section.
             $user_section = $page->parse_template_section($user_section, 'agent_image_thumb_' . $x, $agent_image);
             $user_section = $page->parse_template_section($user_section, 'raw_agent_image_thumb_' . $x, $raw_agent_image);
             $user_section = $page->cleanup_template_block('agent_image_thumb_' . $x, $user_section);
             $x++;
             $recordSet2->MoveNext();
         }
         // end while
         $user_section = preg_replace('{agent_image_thumb_(.*?)}', '', $user_section);
         $user_section = preg_replace('{raw_agent_image_thumb_(.*?)}', '', $user_section);
         $user_section = $page->remove_template_block('agent_image_thumb_[1-9]', $user_section);
         $recordSet->MoveNext();
     }
     $page->replace_template_section('user_block', $user_section);
     $page->page = str_replace('{next_prev}', $next_prev, $page->page);
     return $page->page;
 }
Пример #6
0
 /**
  * **************************************************************************\
  * Open-Realty - search_results Function										*
  * --------------------------------------------								*
  *   This is the search_results function. The listing_browse page is called is*
  * also now a funciton called search_results_old								*
  * \**************************************************************************
  */
 function search_results($return_ids_only = false)
 {
     $DEBUG_SQL = FALSE;
     global $config, $conn, $lang, $current_ID, $db_type;
     require_once $config['basepath'] . '/include/misc.inc.php';
     require_once $config['basepath'] . '/include/class/template/core.inc.php';
     $misc = new misc();
     $page = new page();
     // Load any addons
     $addons = $page->load_addons();
     $guidestring = "";
     $guidestring_with_sort = "";
     // Save GET
     // Deal with &amp; still being in the URL
     foreach ($_GET as $k => $v) {
         if (strpos($k, 'amp;') !== false) {
             $new_k = str_replace('amp;', '', $k);
             $_GET[$new_k] = $v;
             unset($_GET[$k]);
         }
     }
     //Deal with googlebot double encoding URLS.
     foreach ($_GET as $k => $v) {
         if (strpos($k, '%5B%5D') !== false) {
             $new_k = str_replace('%5B%5D', '', $k);
             $_GET[$new_k][] = $v;
             unset($_GET[$k]);
         }
     }
     foreach ($_GET as $k => $v) {
         if ($v != '' && $k != 'listingID' && $k != 'cur_page' && $k != 'action' && $k != 'PHPSESSID' && $k != 'sortby' && $k != 'sorttype' && $k != 'printer_friendly' && $k != 'template') {
             if (is_array($v)) {
                 foreach ($v as $vitem) {
                     $guidestring .= '&amp;' . urlencode("{$k}") . '[]=' . urlencode("{$vitem}");
                 }
             } else {
                 $guidestring .= '&amp;' . urlencode("{$k}") . '=' . urlencode("{$v}");
             }
         }
     }
     $display = '';
     // Now we get the GET and build our WHERE CLAUSE
     $searchresultSQL = '';
     // Set ImageONly to False
     $imageonly = false;
     $vtoursonly = false;
     $tablelist = array();
     $tablelist_fullname = array();
     $postalcode_dist_lat = '';
     $postalcode_dist_long = '';
     $postalcode_dist_dist = '';
     $latlong_dist_lat = '';
     $latlong_dist_long = '';
     $latlong_dist_dist = '';
     $city_dist_lat = '';
     $city_dist_long = '';
     $city_dist_dist = '';
     foreach ($_GET as $k => $v) {
         if ($k == "sortby") {
             $guidestring_with_sort = "{$k}={$v}";
         } elseif ($k == "sorttype") {
             $guidestring_with_sort = "{$k}={$v}&amp;";
         } elseif ($k == 'PageID') {
             $searchresultSQL .= '';
         } elseif ($k == "user_ID") {
             if ($v != '' && $v != 'Any Agent') {
                 if (is_array($v)) {
                     $sstring = '';
                     foreach ($v as $u) {
                         $u = $misc->make_db_safe($u);
                         if (empty($sstring)) {
                             $sstring .= $config['table_prefix'] . 'listingsdb.userdb_id = ' . $u;
                         } else {
                             $sstring .= ' OR ' . $config['table_prefix'] . 'listingsdb.userdb_id = ' . $u;
                         }
                     }
                     if ($searchresultSQL != '') {
                         $searchresultSQL .= ' AND ';
                     }
                     $searchresultSQL .= '(' . $sstring . ')';
                 } else {
                     $sql_v = $misc->make_db_safe($v);
                     if ($searchresultSQL != '') {
                         $searchresultSQL .= ' AND ';
                     }
                     $searchresultSQL .= '(' . $config['table_prefix'] . 'listingsdb.userdb_id = ' . $sql_v . ')';
                 }
             }
         } elseif ($k == "featuredOnly") {
             // $guidestring .= "&amp;$k=$v";
             if ($v == "yes") {
                 if ($searchresultSQL != '') {
                     $searchresultSQL .= ' AND ';
                 }
                 $searchresultSQL = $searchresultSQL . '(' . $config['table_prefix'] . 'listingsdb.listingsdb_featured = \'yes\')';
             }
         } elseif ($k == 'pclass') {
             $class_sql = '';
             foreach ($v as $class) {
                 // Ignore non numberic values
                 if (is_numeric($class)) {
                     if (!empty($class_sql)) {
                         $class_sql .= ' OR ';
                     }
                     $class_sql .= $config['table_prefix_no_lang'] . "classlistingsdb.class_id = {$class}";
                 }
             }
             if (!empty($class_sql)) {
                 if ($searchresultSQL != '') {
                     $searchresultSQL .= ' AND ';
                 }
                 $searchresultSQL = $searchresultSQL . '(' . $class_sql . ') AND ' . $config['table_prefix_no_lang'] . 'classlistingsdb.listingsdb_id = ' . $config['table_prefix'] . 'listingsdb.listingsdb_id';
                 $tablelist_fullname[] = $config['table_prefix_no_lang'] . "classlistingsdb";
             }
         } elseif ($k == "listing_id") {
             $listing_id = explode(',', $v);
             $i = 0;
             if ($searchresultSQL != '') {
                 $searchresultSQL .= ' AND ';
             }
             foreach ($listing_id as $id) {
                 $id = $misc->make_db_safe($id);
                 if ($i == 0) {
                     $searchresultSQL .= '((' . $config['table_prefix'] . 'listingsdb.listingsdb_id = ' . $id . ')';
                 } else {
                     $searchresultSQL .= ' OR (' . $config['table_prefix'] . 'listingsdb.listingsdb_id = ' . $id . ')';
                 }
                 $i++;
             }
             $searchresultSQL .= ')';
         } elseif ($k == "imagesOnly") {
             // Grab only listings with images if that is what we need.
             if ($v == "yes") {
                 $imageonly = true;
             }
         } elseif ($k == "vtoursOnly") {
             // Grab only listings with images if that is what we need.
             if ($v == "yes") {
                 $vtoursonly = true;
             }
         } elseif ($k == 'listing_last_modified_equal') {
             if ($searchresultSQL != '') {
                 $searchresultSQL .= ' AND ';
             }
             $safe_v = $conn->DBTimeStamp($v);
             $searchresultSQL .= " listingsdb_last_modified = {$safe_v}";
             //listingsdb_last_modified
         } elseif ($k == 'listing_last_modified_greater') {
             if ($searchresultSQL != '') {
                 $searchresultSQL .= ' AND ';
             }
             $safe_v = $conn->DBTimeStamp($v);
             $searchresultSQL .= " listingsdb_last_modified > {$safe_v}";
             //listingsdb_last_modified
         } elseif ($k == 'listing_last_modified_less') {
             if ($searchresultSQL != '') {
                 $searchresultSQL .= ' AND ';
             }
             $safe_v = $conn->DBTimeStamp($v);
             $searchresultSQL .= " listingsdb_last_modified < {$safe_v}";
             //listingsdb_last_modified
         } elseif ($k == 'latlong_dist_lat' || $k == 'latlong_dist_long' || $k == 'latlong_dist_dist' && $v != '') {
             switch ($k) {
                 case 'latlong_dist_lat':
                     $latlong_dist_lat = $v;
                     break;
                 case 'latlong_dist_long':
                     $latlong_dist_long = $v;
                     break;
                 case 'latlong_dist_dist':
                     $latlong_dist_dist = $v;
                     break;
             }
         } elseif ($k == 'postalcode_dist_code' && $v != '') {
             $postalcode = $misc->make_db_safe($v);
             $sql = 'SELECT zipdist_latitude, zipdist_longitude FROM ' . $config['table_prefix_no_lang'] . 'zipdist WHERE zipdist_zipcode =' . $postalcode;
             $postalcode_recordSet = $conn->Execute($sql);
             if ($postalcode_recordSet === false) {
                 $misc->log_error($sql);
             }
             $postalcode_dist_lat = $misc->make_db_unsafe($postalcode_recordSet->fields['zipdist_latitude']);
             $postalcode_dist_long = $misc->make_db_unsafe($postalcode_recordSet->fields['zipdist_longitude']);
         } elseif ($k == 'postalcode_dist_dist' && $v != '') {
             $postalcode_dist_dist = $v;
         } elseif ($k == 'city_dist_code' && $v != '') {
             $city = $misc->make_db_safe($v);
             $sql = 'SELECT zipdist_latitude, zipdist_longitude FROM ' . $config['table_prefix_no_lang'] . 'zipdist WHERE zipdist_cityname =' . $city;
             $city_recordSet = $conn->Execute($sql);
             if ($city_recordSet === false) {
                 $misc->log_error($sql);
             }
             $city_dist_lat = $misc->make_db_unsafe($city_recordSet->fields['zipdist_latitude']);
             $city_dist_long = $misc->make_db_unsafe($city_recordSet->fields['zipdist_longitude']);
         } elseif ($k == 'city_dist_dist' && $v != '') {
             $city_dist_dist = $v;
         } elseif ($v != '' && $k != 'listingID' && $k != 'postalcode_dist_code' && $k != 'postalcode_dist_dist' && $k != 'city_dist_code' && $k != 'city_dist_dist' && $k != 'latlong_dist_lat' && $k != 'latlong_dist_long' && $k != 'latlong_dist_dist' && $k != 'cur_page' && $k != 'action' && $k != 'PHPSESSID' && $k != 'sortby' && $k != 'sorttype' && $k != 'printer_friendly' && $k != 'template' && $k != 'pclass' && $k != 'listing_last_modified_less' && $k != 'listing_last_modified_equal' && $k != 'listing_last_modified_greater') {
             if (!is_array($v)) {
                 if ($searchresultSQL != '') {
                     $searchresultSQL .= ' AND ';
                 }
                 //Handle NULL/NOTNULL Searches
                 if (substr($k, -5) == '-NULL' && $v == '1') {
                     $subk = substr($k, 0, -5);
                     $searchresultSQL .= "(`{$subk}`.listingsdbelements_field_name = '{$subk}' AND (`{$subk}`.listingsdbelements_field_value IS NULL OR `{$subk}`.listingsdbelements_field_value = ''))";
                     if (!in_array($subk, $tablelist)) {
                         $tablelist[] = $subk;
                     }
                 } elseif (substr($k, -8) == '-NOTNULL' && $v == '1') {
                     $subk = substr($k, 0, -8);
                     $searchresultSQL .= "(`{$subk}`.listingsdbelements_field_name = '{$subk}' AND (`{$subk}`.listingsdbelements_field_value IS NOT NULL  AND `{$subk}`.listingsdbelements_field_value <> ''))";
                     if (!in_array($subk, $tablelist)) {
                         $tablelist[] = $subk;
                     }
                 } elseif (substr($k, -4) == '-max') {
                     $subk = substr($k, 0, -4);
                     if ($db_type == 'mysql') {
                         $searchresultSQL .= "(`{$subk}`.listingsdbelements_field_name = '{$subk}' AND CAST(`{$subk}`.listingsdbelements_field_value as signed) <= '{$v}')";
                     } else {
                         $searchresultSQL .= "(`{$subk}`.listingsdbelements_field_name = '{$subk}' AND CAST(`{$subk}`.listingsdbelements_field_value as int4) <= '{$v}')";
                     }
                     if (!in_array($subk, $tablelist)) {
                         $tablelist[] = $subk;
                     }
                 } else {
                     if (substr($k, -4) == '-min') {
                         $subk = substr($k, 0, -4);
                         if ($db_type == 'mysql') {
                             $searchresultSQL .= "(`{$subk}`.listingsdbelements_field_name = '{$subk}' AND CAST(`{$subk}`.listingsdbelements_field_value as signed) >= '{$v}')";
                         } else {
                             $searchresultSQL .= "(`{$subk}`.listingsdbelements_field_name = '{$subk}' AND CAST(`{$subk}`.listingsdbelements_field_value as int4) >= '{$v}')";
                         }
                         if (!in_array($subk, $tablelist)) {
                             $tablelist[] = $subk;
                         }
                     } elseif (substr($k, -8) == '-maxdate') {
                         if ($config['date_format'] == 1) {
                             $format = "%m/%d/%Y";
                         } elseif ($config['date_format'] == 2) {
                             $format = "%Y/%d/%m";
                         } elseif ($config['date_format'] == 3) {
                             $format = "%d/%m/%Y";
                         }
                         $v = $misc->parseDate($v, $format);
                         $subk = urldecode(substr($k, 0, -8));
                         $searchresultSQL .= "(`{$subk}`.listingsdbelements_field_name = '{$subk}' AND `{$subk}`.listingsdbelements_field_value <= '{$v}')";
                         if (!in_array($subk, $tablelist)) {
                             $tablelist[] = $subk;
                         }
                     } else {
                         if (substr($k, -8) == '-mindate') {
                             if ($config['date_format'] == 1) {
                                 $format = "%m/%d/%Y";
                             } elseif ($config['date_format'] == 2) {
                                 $format = "%Y/%d/%m";
                             } elseif ($config['date_format'] == 3) {
                                 $format = "%d/%m/%Y";
                             }
                             $v = $misc->parseDate($v, $format);
                             $subk = urldecode(substr($k, 0, -8));
                             $searchresultSQL .= "(`{$subk}`.listingsdbelements_field_name = '{$subk}' AND `{$subk}`.listingsdbelements_field_value >= '{$v}')";
                             if (!in_array($subk, $tablelist)) {
                                 $tablelist[] = $subk;
                             }
                         } else {
                             if (substr($k, -5) == '-date') {
                                 if ($config['date_format'] == 1) {
                                     $format = "%m/%d/%Y";
                                 } elseif ($config['date_format'] == 2) {
                                     $format = "%Y/%d/%m";
                                 } elseif ($config['date_format'] == 3) {
                                     $format = "%d/%m/%Y";
                                 }
                                 $v = $misc->parseDate($v, $format);
                                 $subk = urldecode(substr($k, 0, -5));
                                 $searchresultSQL .= "(`{$subk}`.listingsdbelements_field_name = '{$subk}' AND `{$subk}`.listingsdbelements_field_value = '{$v}')";
                                 if (!in_array($subk, $tablelist)) {
                                     $tablelist[] = $subk;
                                 }
                             } elseif ($k == 'searchtext') {
                                 $safe_v = addslashes($v);
                                 $searchresultSQL .= "((`{$k}`.listingsdbelements_field_value like '%{$safe_v}%') OR (listingsdb_title like '%{$safe_v}%'))";
                                 $tablelist[] = $k;
                             } else {
                                 $safe_v = $misc->make_db_safe($v);
                                 $searchresultSQL .= "(`{$k}`.listingsdbelements_field_name = '{$k}' AND `{$k}`.listingsdbelements_field_value = {$safe_v})";
                                 $tablelist[] = $k;
                             }
                         }
                     }
                 }
             } else {
                 // Make Sure Array is not empty
                 $use = false;
                 $comma_separated = implode(" ", $v);
                 if (trim($comma_separated) != '') {
                     $use = true;
                     if ($searchresultSQL != '') {
                         $searchresultSQL .= ' AND ';
                     }
                 }
                 if ($use === true) {
                     if (substr($k, -3) == '_or') {
                         $k = substr($k, 0, strlen($k) - 3);
                         $safe_k = addslashes($k);
                         $searchresultSQL .= "(`{$safe_k}`.listingsdbelements_field_name = '{$safe_k}' AND (";
                         $vitem_count = 0;
                         foreach ($v as $vitem) {
                             $safe_vitem = addslashes($vitem);
                             if ($vitem != '') {
                                 if ($vitem_count != 0) {
                                     $searchresultSQL .= " OR `{$safe_k}`.listingsdbelements_field_value LIKE '%{$safe_vitem}%'";
                                 } else {
                                     $searchresultSQL .= " `{$safe_k}`.listingsdbelements_field_value LIKE '%{$safe_vitem}%'";
                                 }
                                 $vitem_count++;
                             }
                         }
                         $searchresultSQL .= "))";
                         $tablelist[] = $safe_k;
                     } else {
                         $safe_k = addslashes($k);
                         $searchresultSQL .= "(`{$safe_k}`.listingsdbelements_field_name = '{$safe_k}' AND (";
                         $vitem_count = 0;
                         foreach ($v as $vitem) {
                             $safe_vitem = addslashes($vitem);
                             if ($vitem != '') {
                                 if ($vitem_count != 0) {
                                     $searchresultSQL .= " AND `{$safe_k}`.listingsdbelements_field_value LIKE '%{$safe_vitem}%'";
                                 } else {
                                     $searchresultSQL .= " `{$safe_k}`.listingsdbelements_field_value LIKE '%{$safe_vitem}%'";
                                 }
                                 $vitem_count++;
                             }
                         }
                         $searchresultSQL .= "))";
                         $tablelist[] = $safe_k;
                     }
                 }
             }
         }
     }
     if ($postalcode_dist_lat != '' && $postalcode_dist_long != '' && $postalcode_dist_dist != '') {
         $sql = "SELECT zipdist_zipcode FROM {$config['table_prefix_no_lang']}zipdist WHERE (POW((69.1*(zipdist_longitude-\"{$postalcode_dist_long}\")*cos({$postalcode_dist_lat}/57.3)),\"2\")+POW((69.1*(zipdist_latitude-\"{$postalcode_dist_lat}\")),\"2\"))<({$postalcode_dist_dist}*{$postalcode_dist_dist}) ";
         $recordSet = $conn->Execute($sql);
         if (!$recordSet) {
             $misc->log_error($sql);
         }
         $zipcodes = array();
         while (!$recordSet->EOF) {
             $zipcodes[] = $recordSet->fields['zipdist_zipcode'];
             $recordSet->MoveNext();
         }
         $pc_field_name = $config["map_zip"];
         // Build Search Query
         // Make Sure Array is not empty
         $use = false;
         $comma_separated = implode(" ", $zipcodes);
         if (trim($comma_separated) != '') {
             $use = true;
             if ($searchresultSQL != '') {
                 $searchresultSQL .= ' AND ';
             }
         }
         if ($use === true) {
             $searchresultSQL .= "(`{$pc_field_name}`.listingsdbelements_field_name = '{$pc_field_name}' AND (";
             $vitem_count = 0;
             foreach ($zipcodes as $vitem) {
                 $safe_vitem = addslashes($vitem);
                 if ($vitem != '') {
                     if ($vitem_count != 0) {
                         $searchresultSQL .= " OR `{$pc_field_name}`.listingsdbelements_field_value = '{$save_vitem}'";
                     } else {
                         $searchresultSQL .= " `{$pc_field_name}`.listingsdbelements_field_value = '{$safe_vitem}'";
                     }
                     $vitem_count++;
                 }
             }
             $searchresultSQL .= "))";
             $tablelist[] = $pc_field_name;
         }
     }
     if ($city_dist_lat != '' && $city_dist_long != '' && $city_dist_dist != '') {
         $sql = "SELECT zipdist_zipcode FROM {$config['table_prefix_no_lang']}zipdist WHERE (POW((69.1*(zipdist_longitude-\"{$city_dist_long}\")*cos({$city_dist_lat}/57.3)),\"2\")+POW((69.1*(zipdist_latitude-\"{$city_dist_lat}\")),\"2\"))<({$city_dist_dist}*{$city_dist_dist}) ";
         $recordSet = $conn->Execute($sql);
         if (!$recordSet) {
             $misc->log_error($sql);
         }
         $zipcodes = array();
         while (!$recordSet->EOF) {
             $zipcodes[] = $recordSet->fields['zipdist_zipcode'];
             $recordSet->MoveNext();
         }
         $pc_field_name = $config["map_zip"];
         // Build Search Query
         // Make Sure Array is not empty
         $use = false;
         $comma_separated = implode(" ", $zipcodes);
         if (trim($comma_separated) != '') {
             $use = true;
             if ($searchresultSQL != '') {
                 $searchresultSQL .= ' AND ';
             }
         }
         if ($use === true) {
             $searchresultSQL .= "(`{$pc_field_name}`.listingsdbelements_field_name = '{$pc_field_name}' AND (";
             $vitem_count = 0;
             foreach ($zipcodes as $vitem) {
                 $safe_vitem = addslashes($vitem);
                 if ($vitem != '') {
                     if ($vitem_count != 0) {
                         $searchresultSQL .= " OR `{$pc_field_name}`.listingsdbelements_field_value = '{$safe_vitem}'";
                     } else {
                         $searchresultSQL .= " `{$pc_field_name}`.listingsdbelements_field_value = '{$safe_vitem}'";
                     }
                     $vitem_count++;
                 }
             }
             $searchresultSQL .= "))";
             $tablelist[] = $pc_field_name;
         }
     }
     //Lat Long Distance
     if ($latlong_dist_lat != '' && $latlong_dist_long != '' && $latlong_dist_dist != '') {
         /*
         max_lon = lon1 + arcsin(sin(D/R)/cos(lat1))
         min_lon = lon1 - arcsin(sin(D/R)/cos(lat1))
         max_lat = lat1 + (180/pi)(D/R)
         min_lat = lat1 - (180/pi)(D/R)
         */
         //$max_long = $latlong_dist_long + asin(sin($latlong_dist_dist/3956)/cos($latlong_dist_lat));
         //$min_long = $latlong_dist_long - asin(sin($latlong_dist_dist/3956)/cos($latlong_dist_lat));
         //$max_lat = $latlong_dist_lat + (180/pi())*($latlong_dist_dist/3956);
         //$min_lat = $latlong_dist_lat - (180/pi())*($latlong_dist_dist/3956);
         /*
         Latitude:
         Apparently a degree of latitude expressed in miles does
         vary slighty by latitude
         
         (http://www.ncgia.ucsb.edu/education/curricula/giscc/units/u014/tables/table01.html)
         but for our purposes, I suggest we use 1 degree latitude
         
         = 69 miles.
         
         
         
         Longitude:
         This is more tricky one since it varies by latitude
         (http://www.ncgia.ucsb.edu/education/curricula/giscc/units/u014/tables/table02.html).
         The
         
         simplest formula seems to be:
         1 degree longitude expressed in miles = cos (latitude) *
         69.17 miles
         */
         //Get Correct Milage for ong based on lat.
         $cos_long = 69.17;
         if ($latlong_dist_lat >= 10) {
             $cos_long = 68.13;
         }
         if ($latlong_dist_lat >= 20) {
             $cos_long = 65.03;
         }
         if ($latlong_dist_lat >= 30) {
             $cos_long = 59.95;
         }
         if ($latlong_dist_lat >= 40) {
             $cos_long = 53.06;
         }
         if ($latlong_dist_lat >= 50) {
             $cos_long = 44.55;
         }
         if ($latlong_dist_lat >= 60) {
             $cos_long = 34.67;
         }
         if ($latlong_dist_lat >= 70) {
             $cos_long = 23.73;
         }
         if ($latlong_dist_lat >= 80) {
             $cos_long = 12.05;
         }
         if ($latlong_dist_lat >= 90) {
             $cos_long = 0;
         }
         $max_long = $latlong_dist_long + $latlong_dist_dist / (cos(deg2rad($latlong_dist_lat)) * $cos_long);
         $min_long = $latlong_dist_long - $latlong_dist_dist / (cos(deg2rad($latlong_dist_lat)) * $cos_long);
         $max_lat = $latlong_dist_lat + $latlong_dist_dist / 69;
         $min_lat = $latlong_dist_lat - $latlong_dist_dist / 69;
         //
         if ($max_lat < $min_lat) {
             $max_lat2 = $min_lat;
             $min_lat = $max_lat;
             $max_lat = $max_lat2;
         }
         if ($max_long < $min_long) {
             $max_long2 = $min_long;
             $min_long = $max_long;
             $max_long = $max_long2;
         }
         // Lat and Long Fields
         $sql = "SELECT listingsformelements_field_name FROM " . $config['table_prefix'] . "listingsformelements WHERE listingsformelements_field_type  = 'lat'";
         $recordSet = $conn->Execute($sql);
         if (!$recordSet) {
             $misc->log_error($sql);
         }
         $lat_field = $recordSet->fields['listingsformelements_field_name'];
         $sql = "SELECT listingsformelements_field_name FROM " . $config['table_prefix'] . "listingsformelements WHERE listingsformelements_field_type  = 'long'";
         $recordSet = $conn->Execute($sql);
         if (!$recordSet) {
             $misc->log_error($sql);
         }
         $long_field = $recordSet->fields['listingsformelements_field_name'];
         if ($lat_field != '' & $long_field != '') {
             $tablelist[] = $lat_field;
             $tablelist[] = $long_field;
             if ($searchresultSQL != '') {
                 $searchresultSQL .= ' AND ';
             }
             $searchresultSQL .= "(`{$lat_field}`.listingsdbelements_field_name = '{$lat_field}' AND `{$lat_field}`.listingsdbelements_field_value+0 <= '{$max_lat}')";
             if ($searchresultSQL != '') {
                 $searchresultSQL .= ' AND ';
             }
             $searchresultSQL .= "(`{$lat_field}`.listingsdbelements_field_name = '{$lat_field}' AND `{$lat_field}`.listingsdbelements_field_value+0 >= '{$min_lat}')";
             if ($searchresultSQL != '') {
                 $searchresultSQL .= ' AND ';
             }
             $searchresultSQL .= "(`{$long_field}`.listingsdbelements_field_name = '{$long_field}' AND `{$long_field}`.listingsdbelements_field_value+0 <= '{$max_long}')";
             if ($searchresultSQL != '') {
                 $searchresultSQL .= ' AND ';
             }
             $searchresultSQL .= "(`{$long_field}`.listingsdbelements_field_name = '{$long_field}' AND `{$long_field}`.listingsdbelements_field_value+0 >= '{$min_long}')";
         }
     }
     // Handle Sorting
     // sort the listings
     // this is the main SQL that grabs the listings
     // basic sort by title..
     $group_order_text = '';
     $sortby = '';
     $sorttype = '';
     if ($config["special_sortby"] != 'none') {
         $sortby = $config["special_sortby"] . ',';
         $sorttype = $config["special_sorttype"] . ',';
     }
     if (!isset($_GET['sortby'])) {
         $_GET['sortby'] = $config["sortby"];
     }
     if (!isset($_GET['sorttype'])) {
         $_GET['sorttype'] = $config["sorttype"];
     }
     $sortby .= $_GET['sortby'];
     $sorttype .= $_GET['sorttype'];
     $sql_sort_type = '';
     $sortby_array = explode(',', $sortby);
     $sorttype_array = explode(',', $sorttype);
     $sort_text = '';
     $order_text = '';
     $group_order_text = '';
     $tablelist_nosort = $tablelist;
     $sort_count = count($sortby_array);
     for ($x = 0; $x < $sort_count; $x++) {
         //make sure user input is sanitized before adding to query string
         $sortby_array[$x] = $misc->sanitize($sortby_array[$x]);
         $sorttype_array[$x] = $misc->sanitize($sorttype_array[$x], 4);
         //limit length to 4 characters as sorttype can only be ASC or DESC
         if ($sorttype_array[$x] != 'ASC' && $sorttype_array[$x] != 'DESC') {
             $sorttype_array[$x] = '';
         }
         if ($sortby_array[$x] == 'listingsdb_id') {
             if ($x == 0) {
                 $order_text .= 'ORDER BY listingsdb_id ' . $sorttype_array[$x];
             } else {
                 $order_text .= ',listingsdb_id ' . $sorttype_array[$x];
             }
         } elseif ($sortby_array[$x] == 'listingsdb_title') {
             if ($x == 0) {
                 $order_text .= 'ORDER BY listingsdb_title ' . $sorttype_array[$x];
             } else {
                 $order_text .= ',listingsdb_title ' . $sorttype_array[$x];
             }
         } elseif ($sortby_array[$x] == 'random') {
             if ($x == 0) {
                 $order_text .= 'ORDER BY rand() ' . $sorttype_array[$x];
             } else {
                 $order_text .= ',rand() ' . $sorttype_array[$x];
             }
         } elseif ($sortby_array[$x] == 'listingsdb_featured') {
             if ($x == 0) {
                 $order_text .= 'ORDER BY listingsdb_featured ' . $sorttype_array[$x];
             } else {
                 $order_text .= ',listingsdb_featured ' . $sorttype_array[$x];
             }
         } elseif ($sortby_array[$x] == 'listingsdb_last_modified') {
             if ($x == 0) {
                 $order_text .= 'ORDER BY listingsdb_last_modified ' . $sorttype_array[$x];
             } else {
                 $order_text .= ',listingsdb_last_modified ' . $sorttype_array[$x];
             }
         } elseif ($sortby_array[$x] == 'pclass') {
             if ($searchresultSQL != '') {
                 $searchresultSQL .= ' AND ';
             }
             $searchresultSQL .= $config['table_prefix_no_lang'] . 'classlistingsdb.listingsdb_id = ' . $config['table_prefix'] . 'listingsdb.listingsdb_id AND ' . $config['table_prefix_no_lang'] . 'classlistingsdb.class_id = ' . $config['table_prefix'] . 'class.class_id ';
             $tablelist_fullname[] = $config['table_prefix_no_lang'] . "classlistingsdb";
             $tablelist_fullname[] = $config['table_prefix'] . 'class';
             if ($x == 0) {
                 $order_text .= 'ORDER BY ' . $config['table_prefix'] . 'class.class_name ' . $sorttype_array[$x];
             } else {
                 $order_text .= ',' . $config['table_prefix'] . 'class.class_name ' . $sorttype_array[$x];
             }
         } else {
             // Check if field is a number or price field and cast the order.
             $sort_by_field = $misc->make_db_extra_safe($sortby_array[$x]);
             $sql_sort_type = 'SELECT listingsformelements_field_type FROM ' . $config['table_prefix'] . 'listingsformelements WHERE listingsformelements_field_name = ' . $sort_by_field;
             $recordSet_sort_type = $conn->Execute($sql_sort_type);
             if (!$recordSet_sort_type) {
                 $misc->log_error($sql_sort_type);
             }
             $field_type = $recordSet_sort_type->fields['listingsformelements_field_type'];
             if ($field_type == 'price' || $field_type == 'number' || $field_type == 'decimal') {
                 $tablelist[] = 'sort' . $x;
                 $sort_text .= 'AND (sort' . $x . '.listingsdbelements_field_name = ' . $sort_by_field . ') ';
                 global $db_type;
                 if ($db_type == 'mysql') {
                     if ($x == 0) {
                         $order_text .= ' ORDER BY CAST(sort' . $x . '.listingsdbelements_field_value as signed) ' . $sorttype_array[$x];
                         $group_order_text .= ',sort' . $x . '.listingsdbelements_field_value';
                     } else {
                         $order_text .= ',CAST(sort' . $x . '.listingsdbelements_field_value as signed) ' . $sorttype_array[$x];
                         $group_order_text .= ',sort' . $x . '.listingsdbelements_field_value';
                     }
                 } else {
                     if ($x == 0) {
                         $order_text .= ' ORDER BY CAST(sort' . $x . '.listingsdbelements_field_value as int4) ' . $sorttype_array[$x];
                         $group_order_text .= ',sort' . $x . '.listingsdbelements_field_value';
                     } else {
                         $order_text .= ',CAST(sort' . $x . '.listingsdbelements_field_value as int4) ' . $sorttype_array[$x];
                         $group_order_text .= ',sort' . $x . '.listingsdbelements_field_value';
                     }
                 }
             } else {
                 $tablelist[] = 'sort' . $x;
                 $sort_text .= 'AND (sort' . $x . '.listingsdbelements_field_name = ' . $sort_by_field . ') ';
                 if ($x == 0) {
                     $order_text .= ' ORDER BY sort' . $x . '.listingsdbelements_field_value ' . $sorttype_array[$x];
                 } else {
                     $order_text .= ', sort' . $x . '.listingsdbelements_field_value ' . $sorttype_array[$x];
                 }
                 $group_order_text .= ',sort' . $x . '.listingsdbelements_field_value';
             }
         }
     }
     $group_order_text = $group_order_text . ' ' . $order_text;
     if ($imageonly == true || $vtoursonly == true) {
         $order_text = "GROUP BY " . $config['table_prefix'] . "listingsdb.listingsdb_id, " . $config['table_prefix'] . "listingsdb.listingsdb_title " . $group_order_text;
     }
     if ($DEBUG_SQL) {
         echo '<strong>Sort Type SQL:</strong> ' . $sql_sort_type . '<br />';
         echo '<strong>Sort Text:</strong> ' . $sort_text . '<br />';
         echo '<strong>Order Text:</strong> ' . $order_text . '<br />';
     }
     $guidestring_with_sort = $guidestring_with_sort . $guidestring;
     // End of Sort
     $arrayLength = count($tablelist);
     if ($DEBUG_SQL) {
         echo '<strong>Table List Array Length:</strong> ' . $arrayLength . '<br />';
     }
     $string_table_list = '';
     for ($i = 0; $i < $arrayLength; $i++) {
         $string_table_list .= ' ,' . $config['table_prefix'] . 'listingsdbelements `' . $tablelist[$i] . '`';
     }
     $arrayLength = count($tablelist_nosort);
     $string_table_list_no_sort = '';
     for ($i = 0; $i < $arrayLength; $i++) {
         $string_table_list_no_sort .= ' ,' . $config['table_prefix'] . 'listingsdbelements `' . $tablelist[$i] . '`';
     }
     $arrayLength = count($tablelist_fullname);
     if ($DEBUG_SQL) {
         echo '<strong>Table List Array Length:</strong> ' . $arrayLength . '<br />';
     }
     for ($i = 0; $i < $arrayLength; $i++) {
         $string_table_list .= ' ,' . $tablelist_fullname[$i];
         $string_table_list_no_sort .= ' ,' . $tablelist_fullname[$i];
     }
     if ($DEBUG_SQL) {
         echo '<strong>Table List String:</strong> ' . $string_table_list . '<br />';
     }
     $arrayLength = count($tablelist);
     $string_where_clause = '';
     for ($i = 0; $i < $arrayLength; $i++) {
         $string_where_clause .= ' AND (' . $config['table_prefix'] . 'listingsdb.listingsdb_id = `' . $tablelist[$i] . '`.listingsdb_id)';
     }
     $arrayLength = count($tablelist_nosort);
     $string_where_clause_nosort = '';
     for ($i = 0; $i < $arrayLength; $i++) {
         $string_where_clause_nosort .= ' AND (' . $config['table_prefix'] . 'listingsdb.listingsdb_id = `' . $tablelist[$i] . '`.listingsdb_id)';
     }
     if ($imageonly) {
         $searchSQL = "SELECT distinct(" . $config['table_prefix'] . "listingsdb.listingsdb_id), " . $config['table_prefix'] . "listingsdb.userdb_id, " . $config['table_prefix'] . "listingsdb.listingsdb_title FROM " . $config['table_prefix'] . "listingsdb, " . $config['table_prefix'] . "listingsimages " . $string_table_list . " WHERE (listingsdb_active = 'yes') " . $string_where_clause . " AND (" . $config['table_prefix'] . "listingsimages.listingsdb_id = " . $config['table_prefix'] . "listingsdb.listingsdb_id) ";
         $searchSQLCount = "SELECT COUNT(distinct(" . $config['table_prefix'] . "listingsdb.listingsdb_id)) as total_listings FROM " . $config['table_prefix'] . "listingsdb, " . $config['table_prefix'] . "listingsimages " . $string_table_list_no_sort . " WHERE (listingsdb_active = 'yes') " . $string_where_clause_nosort . " AND (" . $config['table_prefix'] . "listingsimages.listingsdb_id = " . $config['table_prefix'] . "listingsdb.listingsdb_id) ";
     } elseif ($vtoursonly) {
         $searchSQL = "SELECT distinct(" . $config['table_prefix'] . "listingsdb.listingsdb_id), " . $config['table_prefix'] . "listingsdb.userdb_id, " . $config['table_prefix'] . "listingsdb.listingsdb_title FROM " . $config['table_prefix'] . "listingsdb, " . $config['table_prefix'] . "vtourimages " . $string_table_list . " WHERE (listingsdb_active = 'yes') " . $string_where_clause . " AND (" . $config['table_prefix'] . "vtourimages.listingsdb_id = " . $config['table_prefix'] . "listingsdb.listingsdb_id) ";
         $searchSQLCount = "SELECT COUNT(distinct(" . $config['table_prefix'] . "listingsdb.listingsdb_id)) as total_listings FROM " . $config['table_prefix'] . "listingsdb, " . $config['table_prefix'] . "vtourimages " . $string_table_list_no_sort . " WHERE (listingsdb_active = 'yes') " . $string_where_clause_nosort . " AND (" . $config['table_prefix'] . "vtourimages.listingsdb_id = " . $config['table_prefix'] . "listingsdb.listingsdb_id) ";
     } else {
         $searchSQL = "SELECT distinct(" . $config['table_prefix'] . "listingsdb.listingsdb_id), " . $config['table_prefix'] . "listingsdb.userdb_id,  " . $config['table_prefix'] . "listingsdb.listingsdb_title FROM " . $config['table_prefix'] . "listingsdb " . $string_table_list . " WHERE (listingsdb_active = 'yes') " . $string_where_clause;
         $searchSQLCount = "SELECT COUNT(distinct(" . $config['table_prefix'] . "listingsdb.listingsdb_id)) as total_listings FROM " . $config['table_prefix'] . "listingsdb " . $string_table_list_no_sort . " WHERE (listingsdb_active = 'yes') " . $string_where_clause_nosort;
     }
     if ($searchresultSQL != '') {
         $searchSQL .= " AND " . $searchresultSQL;
         $searchSQLCount .= " AND " . $searchresultSQL;
     }
     if ($config['use_expiration'] == 1) {
         $searchSQL .= " AND (listingsdb_expiration > " . $conn->DBDate(time()) . ")";
         $searchSQLCount .= " AND (listingsdb_expiration > " . $conn->DBDate(time()) . ")";
     }
     $sql = $searchSQL . " {$sort_text} {$order_text}";
     $searchSQLCount = $searchSQLCount;
     // We now have a complete SQL Query. Now grab the results
     $recordSet = $conn->Execute($searchSQLCount);
     if ($DEBUG_SQL) {
         echo '<strong>Listing Count:</strong> ' . $searchSQLCount . '<br />';
     }
     if (!$recordSet) {
         $misc->log_error($searchSQLCount);
     }
     // We have the results so now we need to stack them in arrays to use with the search_result.html template file
     // Load the templste
     require_once $config['basepath'] . '/include/class/template/core.inc.php';
     $page = new page_user();
     if (count($_GET['pclass']) == 1 && file_exists($config['template_path'] . '/search_results_class_' . $_GET['pclass'][0] . '.html')) {
         $page->load_page($config['template_path'] . '/search_results_class_' . $_GET['pclass'][0] . '.html');
     } else {
         $page->load_page($config['template_path'] . '/' . $config['search_result_template']);
     }
     // Get header section
     $header_section = $page->get_template_section('search_result_header');
     $search_result = '';
     // Ok we have the header section now get the result section
     $search_result_section = $page->get_template_section('search_result_dataset');
     // Get the number of rows(records) we have.
     // $num_rows = $recordSet->RecordCount();
     $num_rows = $recordSet->fields['total_listings'];
     if ($return_ids_only === true) {
         // If we are returning IDs only for the notify listing then get the id and move on.
         $id = array();
         $resultRecordSet = $conn->Execute($sql);
         if (!$resultRecordSet) {
             $misc->log_error($sql);
         }
         if ($DEBUG_SQL) {
             echo '<strong>Search SQL:</strong> ' . $sql . '<br />';
         }
         while (!$resultRecordSet->EOF) {
             $id[] = $resultRecordSet->fields['listingsdb_id'];
             $resultRecordSet->MoveNext();
         }
         // while
         return $id;
     } elseif ($return_ids_only === 'perpage') {
         $id = array();
         if (!isset($_GET['cur_page'])) {
             $_GET['cur_page'] = 0;
         }
         $limit_str = intval($_GET['cur_page']) * $config['listings_per_page'];
         $resultRecordSet = $conn->SelectLimit($sql, $config['listings_per_page'], $limit_str);
         if (!$resultRecordSet) {
             $misc->log_error($sql);
         }
         if ($DEBUG_SQL) {
             echo '<strong>Search SQL:</strong> ' . $sql . '<br />';
         }
         while (!$resultRecordSet->EOF) {
             $id[] = $resultRecordSet->fields['listingsdb_id'];
             $resultRecordSet->MoveNext();
         }
         // while
         return $id;
     } else {
         if ($num_rows > 0) {
             if (!isset($_GET['cur_page'])) {
                 $_GET['cur_page'] = 0;
             }
             // build the string to select a certain number of listings per page
             $limit_str = intval($_GET['cur_page']) * $config['listings_per_page'];
             $num_records = $config['listings_per_page'];
             $some_num = intval($_GET['cur_page']) + 1;
             $this_page_max = $some_num * $config['listings_per_page'];
             // Check if we're setting a maximum number of search results
             if ($config["max_search_results"] > 0) {
                 // Check if we've reached the max number of listings setting.
                 if ($this_page_max > $config["max_search_results"]) {
                     $num_records = $this_page_max - $config["max_search_results"];
                 }
                 // Failsafe check in case the max search results was set lower than the listings per page setting.
                 if ($config["max_search_results"] < $config['listings_per_page']) {
                     $num_records = $config["max_search_results"];
                 }
                 // Adjust the $num_rows for the next_prev function to show at the max the max results setting
                 if ($num_rows > $config["max_search_results"]) {
                     $num_rows = $config["max_search_results"];
                 }
             }
             if ($config['show_next_prev_listing_page'] == 1) {
                 // ************added for next prev navigation***********
                 $newurl = '';
                 foreach ($_GET as $k => $v) {
                     if ($v && $k != 'cur_page' && $k != 'PHPSESSID' && $k != 'action') {
                         if (is_array($v)) {
                             foreach ($v as $vitem) {
                                 $newurl .= '&amp;' . urlencode("{$k}") . '[]=' . urlencode("{$vitem}");
                             }
                         } else {
                             $newurl .= '&amp;' . urlencode("{$k}") . '=' . urlencode("{$v}");
                         }
                     }
                 }
                 $rtest = $conn->Execute($sql);
                 if (!$rtest) {
                     $misc->log_error($sql);
                 }
                 $_SESSION['results'] = array();
                 $_SESSION['titles'] = array();
                 while (!$rtest->EOF) {
                     $ID = $rtest->fields['listingsdb_id'];
                     $url_title = $rtest->fields['listingsdb_title'];
                     $url_title = str_replace("/", "", $url_title);
                     $url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title));
                     $url_title = str_replace(" ", "+", $url_title);
                     $_SESSION['results'][] = $ID;
                     $_SESSION['titles'][] = $url_title;
                     $rtest->MoveNext();
                 }
                 $_SESSION['cur_page'] = intval($_GET['cur_page']);
                 $_SESSION['searchstring'] = $newurl;
                 $_SESSION['count'] = $num_rows;
                 // ************added for next prev navigation***********
             }
             // Store the next_prev code as a variable to place in the template
             $next_prev = $misc->next_prev($num_rows, intval($_GET['cur_page']), $guidestring_with_sort);
             $next_prev_bottom = $misc->next_prev($num_rows, intval($_GET['cur_page']), $guidestring_with_sort, 'bottom');
             $resultRecordSet = $conn->SelectLimit($sql, $num_records, $limit_str);
             if (!$resultRecordSet) {
                 $misc->log_error($sql);
             }
             if ($DEBUG_SQL) {
                 echo '<strong>Search SQL:</strong> ' . $sql . '<br />';
             }
             // Get the the fields marked as browseable.
             $sql = "SELECT listingsformelements_id, listingsformelements_field_caption, listingsformelements_field_name, listingsformelements_display_priv, listingsformelements_search_result_rank FROM " . $config['table_prefix'] . "listingsformelements WHERE (listingsformelements_display_on_browse = 'Yes') AND (listingsformelements_field_type <> 'textarea') ORDER BY listingsformelements_search_result_rank";
             $recordSet = $conn->Execute($sql);
             $num_columns = $recordSet->RecordCount();
             // Get header_title
             $field_caption = $lang['title'];
             $field_name = "listingsdb_title";
             $sorttypestring = '';
             $sort_type_count = 0;
             foreach ($sortby_array as $sortby) {
                 if ($sortby == $field_name) {
                     if (!isset($sorttype_array[$sort_type_count]) || $sorttype_array[$sort_type_count] == 'DESC') {
                         $reverse_sort = 'ASC';
                     } else {
                         $reverse_sort = 'DESC';
                     }
                     $sorttypestring = 'sorttype=' . $reverse_sort;
                 }
                 $sort_type_count++;
             }
             if ($sorttypestring == '') {
                 $sorttypestring = "sorttype=ASC";
             }
             // This is header_title it is the lang variable for title
             $header_title = '<a href="index.php?action=searchresults&amp;sortby=' . $field_name . '&amp;' . $sorttypestring . $guidestring . '">' . $field_caption . '</a>';
             $header_title_no_sort = $field_caption;
             // Get header_title
             $field_caption = $lang['header_pclass'];
             $field_name = "pclass";
             $sorttypestring = '';
             $sort_type_count = 0;
             foreach ($sortby_array as $sortby) {
                 if ($sortby == $field_name) {
                     if (!isset($sorttype_array[$sort_type_count]) || $sorttype_array[$sort_type_count] == 'DESC') {
                         $reverse_sort = 'ASC';
                     } else {
                         $reverse_sort = 'DESC';
                     }
                     $sorttypestring = 'sorttype=' . $reverse_sort;
                 }
                 $sort_type_count++;
             }
             if ($sorttypestring == '') {
                 $sorttypestring = "sorttype=ASC";
             }
             // This is header_title it is the lang variable for title
             $header_pclass = '<a href="index.php?action=searchresults&amp;sortby=' . $field_name . '&amp;' . $sorttypestring . $guidestring . '">' . $field_caption . '</a>';
             $header_pclass_no_sort = $field_caption;
             $field = array();
             $field_no_sort = array();
             while (!$recordSet->EOF) {
                 $x = $misc->make_db_unsafe($recordSet->fields['listingsformelements_search_result_rank']);
                 // Check for Translations if needed
                 if (!isset($_SESSION["users_lang"])) {
                     $field_caption = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_caption']);
                 } else {
                     $listingsformelements_id = $recordSet->fields['listingsformelements_id'];
                     $lang_sql = "SELECT listingsformelements_field_caption FROM " . $config['lang_table_prefix'] . "listingsformelements WHERE listingsformelements_id = {$listingsformelements_id}";
                     $lang_recordSet = $conn->Execute($lang_sql);
                     if (!$lang_recordSet) {
                         $misc->log_error($lang_sql);
                     }
                     if ($DEBUG_SQL) {
                         echo '<strong>ML: Field Caption SQL:</strong> ' . $lang_sql . '<br />';
                     }
                     $field_caption = $misc->masearch_result_datasetke_db_unsafe($lang_recordSet->fields['listingsformelements_field_caption']);
                 }
                 $field_name = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_name']);
                 $display_priv = $misc->make_db_unsafe($recordSet->fields['listingsformelements_display_priv']);
                 $display_status = false;
                 if ($display_priv == 1) {
                     $display_status = login::loginCheck('Member', true);
                 } elseif ($display_priv == 2) {
                     $display_status = login::loginCheck('Agent', true);
                 } else {
                     $display_status = true;
                 }
                 if ($display_status === true) {
                     $sorttypestring = '';
                     $sort_type_count = 0;
                     foreach ($sortby_array as $sortby) {
                         if ($sortby == $field_name) {
                             if (!isset($sorttype_array[$sort_type_count]) || $sorttype_array[$sort_type_count] == 'DESC') {
                                 $reverse_sort = 'ASC';
                             } else {
                                 $reverse_sort = 'DESC';
                             }
                             $sorttypestring = 'sorttype=' . $reverse_sort;
                         }
                         $sort_type_count++;
                     }
                     if ($sorttypestring == '') {
                         $sorttypestring = "sorttype=ASC";
                     }
                     $field[$x] = '<a href="index.php?action=searchresults&amp;sortby=' . $field_name . '&amp;' . $sorttypestring . $guidestring . '">' . $field_caption . '</a>';
                     $field_no_sort[$x] = $field_caption;
                 }
                 $recordSet->MoveNext();
             }
             // end while
             // We have all the header information so we can now parse that section
             $header_section = $page->parse_template_section($header_section, 'header_title', $header_title);
             $header_section = $page->parse_template_section($header_section, 'header_title_no_sort', $header_title_no_sort);
             $header_section = $page->parse_template_section($header_section, 'header_pclass', $header_pclass);
             $header_section = $page->parse_template_section($header_section, 'header_pclass_no_sort', $header_pclass_no_sort);
             foreach ($field as $x => $f) {
                 $header_section = $page->parse_template_section($header_section, 'header_' . $x, $f);
             }
             foreach ($field_no_sort as $x => $f) {
                 $header_section = $page->parse_template_section($header_section, 'header_' . $x . '_no_sort', $f);
             }
             // We have the title now we need the image
             $num_columns = $num_columns + 1;
             // add one for the image
             $count = 0;
             while (!$resultRecordSet->EOF) {
                 // Start a new section for each listing.
                 $search_result .= $search_result_section;
                 // alternate the colors
                 if ($count == 0) {
                     $count = $count + 1;
                 } else {
                     $count = 0;
                 }
                 $Title = $misc->make_db_unsafe($resultRecordSet->fields['listingsdb_title']);
                 $current_ID = $resultRecordSet->fields['listingsdb_id'];
                 $or_owner = $resultRecordSet->fields['userdb_id'];
                 if ($config['url_style'] == '1') {
                     $url = '<a href="index.php?action=listingview&amp;listingID=' . $current_ID . '">';
                 } else {
                     $url_title = str_replace("/", "", $Title);
                     $url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title));
                     $url = '<a href="listing-' . misc::urlencode_to_sef($url_title) . '-' . $current_ID . '.html">';
                 }
                 $field_title = $url . $Title . '</a>';
                 // Insert the title as we grabbed it earlier
                 $search_result = $page->parse_template_section($search_result, 'field_title', $field_title);
                 $search_result = $page->parse_template_section($search_result, 'listingid', $current_ID);
                 $search_result = $page->replace_listing_field_tags($current_ID, $search_result);
                 //get distance for postal code distance searches
                 if (isset($_GET['postalcode_dist_dist'])) {
                     $sql3 = "SELECT listingsdbelements_field_value FROM " . $config['table_prefix'] . "listingsdbelements WHERE ((listingsdb_id = {$current_ID}) AND (listingsdbelements_field_name = '" . $config['map_zip'] . "'))";
                     $recordSet3 = $conn->Execute($sql3);
                     $sql4 = 'SELECT zipdist_latitude, zipdist_longitude FROM ' . $config['table_prefix_no_lang'] . 'zipdist WHERE zipdist_zipcode =' . $recordSet3->fields['listingsdbelements_field_value'];
                     $recordSet4 = $conn->Execute($sql4);
                     $postalcode_distance = round($this->calculate_mileage($postalcode_dist_lat, $recordSet4->fields['zipdist_latitude'], $postalcode_dist_long, $recordSet4->fields['zipdist_longitude']), 2) . ' ' . $lang['postalcode_miles_away'];
                     $search_result = $page->parse_template_section($search_result, 'postalcode_search_distance', $postalcode_distance);
                 }
                 // grab the rest of the listing's data
                 $sql2 = "SELECT listingsdbelements_field_name, listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_display_priv, listingsformelements_search_result_rank  FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((listingsdb_id = {$current_ID}) AND (listingsformelements_display_on_browse = 'Yes')  " . "AND (listingsdbelements_field_name = listingsformelements_field_name)) ORDER BY listingsformelements_search_result_rank";
                 $recordSet2 = $conn->Execute($sql2);
                 if ($DEBUG_SQL) {
                     echo '<strong>Listing Data:</strong> ' . $sql2 . '<br />';
                 }
                 if (!$recordSet2) {
                     $misc->log_error($sql2);
                 }
                 $field = array();
                 $textarea = array();
                 while (!$recordSet2->EOF) {
                     $field_name = $misc->make_db_unsafe($recordSet2->fields['listingsdbelements_field_name']);
                     $field_value = $misc->make_db_unsafe($recordSet2->fields['listingsdbelements_field_value']);
                     $field_type = $misc->make_db_unsafe($recordSet2->fields['listingsformelements_field_type']);
                     $display_priv = $misc->make_db_unsafe($recordSet2->fields['listingsformelements_display_priv']);
                     $x = $misc->make_db_unsafe($recordSet2->fields['listingsformelements_search_result_rank']);
                     $display_status = false;
                     if ($display_priv == 1) {
                         $display_status = login::loginCheck('Member', true);
                     } elseif ($display_priv == 2) {
                         $display_status = login::loginCheck('Agent', true);
                     } else {
                         $display_status = true;
                     }
                     if ($display_status === true) {
                         switch ($field_type) {
                             case 'textarea':
                                 if ($config['add_linefeeds'] === "1") {
                                     $textarea[$x] = nl2br($field_value);
                                 } else {
                                     $textarea[$x] = $field_value;
                                 }
                                 break;
                             case "select-multiple":
                             case "option":
                             case "checkbox":
                                 // handle field types with multiple options
                                 $feature_index_list = explode("||", $field_value);
                                 $field[$x] = '';
                                 foreach ($feature_index_list as $feature_list_item) {
                                     $field[$x] .= $feature_list_item;
                                     $field[$x] .= $config['feature_list_separator'];
                                 }
                                 break;
                             case "price":
                                 $sql3 = "SELECT listingsdbelements_field_value FROM " . $config['table_prefix'] . "listingsdbelements WHERE ((listingsdb_id = {$current_ID}) AND (listingsdbelements_field_name = 'status'))";
                                 $recordSet3 = $conn->Execute($sql3);
                                 if (!$recordSet3) {
                                     $misc->log_error($sql3);
                                 }
                                 if ($DEBUG_SQL) {
                                     echo '<strong>Status Lookup for price field:</strong> ' . $sql3 . '<br />';
                                 }
                                 $status = $misc->make_db_unsafe($recordSet3->fields['listingsdbelements_field_value']);
                                 $recordSet3->Close();
                                 if ($field_value == "" && $config["zero_price"] == "1") {
                                     $money_amount = $misc->international_num_format($field_value, $config['number_decimals_price_fields']);
                                     if ($status == 'Sold') {
                                         $field[$x] = "<span style=\"text-decoration: line-through\">";
                                         $field[$x] .= "</span><br /><span style=\"color:red;\"><strong>{$lang['mark_as_sold']}</strong></span>";
                                     } elseif ($status == 'Pending') {
                                         $field[$x] .= "<br /><span style=\"color:green;\"><strong>{$lang['mark_as_pending']}</strong></span>";
                                     } else {
                                         $field[$x] = $lang['call_for_price'];
                                     }
                                 } else {
                                     $money_amount = $misc->international_num_format($field_value, $config['number_decimals_price_fields']);
                                     if ($status == 'Sold') {
                                         $field[$x] = "<span style=\"text-decoration: line-through\">";
                                         $field[$x] .= $misc->money_formats($money_amount);
                                         $field[$x] .= "</span><br /><span style=\"color:red;\"><strong>{$lang['mark_as_sold']}</strong></span>";
                                     } elseif ($status == 'Pending') {
                                         $field[$x] = $misc->money_formats($money_amount);
                                         $field[$x] .= "<br /><span style=\"color:green;\"><strong>{$lang['mark_as_pending']}</strong></span>";
                                     } else {
                                         $field[$x] = $misc->money_formats($money_amount);
                                     }
                                 }
                                 // end else
                                 break;
                             case "select":
                                 if ($field_name == "Mi_business") {
                                     $sql4 = "SELECT listingsdbelements_field_value FROM " . $config['table_prefix'] . "listingsdbelements WHERE ((listingsdb_id = {$current_ID}) AND (listingsdbelements_field_name = 'Mi_business'))";
                                     $recordSet4 = $conn->Execute($sql4);
                                     if (!$recordSet4) {
                                         $misc->log_error($sql4);
                                     } else {
                                         $requiredMigration = $misc->make_db_unsafe($recordSet4->fields['listingsdbelements_field_value']);
                                         $recordSet4->Close();
                                         if ($requiredMigration == 'Yes') {
                                             $field[$x] = '<strong style="color:red">Business Migration Ready 能用作投资移民申请</strong>';
                                         } else {
                                             $field[$x] = '';
                                         }
                                     }
                                 } else {
                                     $field[$x] = "{$field_value}";
                                 }
                                 break;
                             case "number":
                                 $field[$x] = $misc->international_num_format($field_value, $config['number_decimals_number_fields']);
                                 break;
                             case "url":
                                 $field[$x] = "<a href=\"{$field_value}\" target=\"_blank\">{$field_value}</a>";
                                 break;
                             case "email":
                                 $field[$x] = "<a href=\"mailto:{$field_value}\">{$field_value}</a>";
                                 break;
                             case "date":
                                 if ($config['date_format'] == 1) {
                                     $format = "m/d/Y";
                                 } elseif ($config['date_format'] == 2) {
                                     $format = "Y/d/m";
                                 } elseif ($config['date_format'] == 3) {
                                     $format = "d/m/Y";
                                 }
                                 if ($field_value > 0) {
                                     $field_value = date($format, "{$field_value}");
                                 }
                                 $field[$x] = "{$field_value}";
                                 break;
                             default:
                                 $field[$x] = "{$field_value}";
                                 break;
                         }
                         // end switch
                     }
                     $recordSet2->MoveNext();
                 }
                 // end while
                 foreach ($field as $x => $f) {
                     $search_result = $page->parse_template_section($search_result, 'field_' . $x, $f);
                 }
                 //Form URLS for TextArea
                 if ($config['url_style'] == '1') {
                     $preview = '... <a href="index.php?action=listingview&amp;listingID=' . $current_ID . '">' . $lang['more_info'] . '</a>';
                 } else {
                     $url_title = str_replace("/", "", $Title);
                     $url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title));
                     $preview = '... <a href="listing-' . misc::urlencode_to_sef($url_title) . '-' . $current_ID . '.html">' . $lang['more_info'] . '</a>';
                 }
                 foreach ($textarea as $x => $f) {
                     // Normal Textarea
                     $search_result = $page->parse_template_section($search_result, 'textarea_' . $x, $f);
                     // Short textarea of first number of characters defined in site config with link to the listing
                     $p = substr(strip_tags($f), 0, $config['textarea_short_chars']);
                     $p = substr($p, 0, strrpos($p, ' '));
                     $search_result = $page->parse_template_section($search_result, 'textarea_' . $x . '_short', $p . '' . $preview);
                 }
                 //Cleanup Textareas
                 $search_result = preg_replace('/{textarea_(.*?)_short}/', $preview, $search_result);
                 $search_result = preg_replace('/{textarea_(.*?)}/', '', $search_result);
                 // Show Vtour indicator Image if vtour exists
                 require_once $config['basepath'] . '/include/vtour.inc.php';
                 $vtour_link = vtours::rendervtourlink($current_ID, true);
                 $search_result = $page->parse_template_section($search_result, 'vtour_button', $vtour_link);
                 // Show Creation Date
                 require_once $config['basepath'] . '/include/listing.inc.php';
                 $get_creation_date = listing_pages::get_creation_date($current_ID);
                 $search_result = $page->parse_template_section($search_result, 'get_creation_date', $get_creation_date);
                 // Show Featured
                 require_once $config['basepath'] . '/include/listing.inc.php';
                 $get_featured = listing_pages::get_featured($current_ID, 'no');
                 $search_result = $page->parse_template_section($search_result, 'get_featured', $get_featured);
                 // Show Featured Raw
                 require_once $config['basepath'] . '/include/listing.inc.php';
                 $get_featured_raw = listing_pages::get_featured($current_ID, 'yes');
                 $search_result = $page->parse_template_section($search_result, 'get_featured_raw', $get_featured_raw);
                 // Show Modified Date
                 require_once $config['basepath'] . '/include/listing.inc.php';
                 $get_modified_date = listing_pages::get_modified_date($current_ID);
                 $search_result = $page->parse_template_section($search_result, 'get_modified_date', $get_modified_date);
                 // Start {isfavorite} search result template section tag
                 if (isset($_SESSION['userID'])) {
                     $userID = $misc->make_db_safe($_SESSION['userID']);
                     $sql1 = "SELECT listingsdb_id FROM " . $config['table_prefix'] . "userfavoritelistings WHERE ((listingsdb_id = {$current_ID}) AND (userdb_id={$userID}))";
                     $recordSet1 = $conn->Execute($sql1);
                     if ($recordSet1 === false) {
                         $misc->log_error($sql1);
                     }
                     $favorite_listingsdb_id = $misc->make_db_unsafe($recordSet1->fields['listingsdb_id']);
                     if ($favorite_listingsdb_id !== $current_ID) {
                         $isfavorite = "no";
                         $search_result = $page->parse_template_section($search_result, 'isfavorite', $isfavorite);
                     } else {
                         $isfavorite = "yes";
                         $search_result = $page->parse_template_section($search_result, 'isfavorite', $isfavorite);
                     }
                 }
                 // End {isfavorite} search result template section tag
                 // Show Delete From Favorites Link if needed
                 $delete_from_fav = '';
                 if (isset($_SESSION['userID'])) {
                     $userID = $misc->make_db_safe($_SESSION['userID']);
                     $sql = "SELECT listingsdb_id FROM " . $config['table_prefix'] . "userfavoritelistings WHERE ((listingsdb_id = {$current_ID}) AND (userdb_id={$userID}))";
                     $recordSet = $conn->Execute($sql);
                     if (!$recordSet) {
                         $misc->log_error($sql);
                     }
                     if ($DEBUG_SQL) {
                         echo '<strong>Delete Favorite Lookup:</strong> ' . $sql . '<br />';
                     }
                     $num_rows = $recordSet->RecordCount();
                     if ($num_rows > 0) {
                         $delete_from_fav = '<a href="index.php?action=delete_favorites&amp;listingID=' . $current_ID . '" onclick="return confirmDelete()">' . $lang['delete_from_favorites'] . '</a>';
                     }
                 }
                 // Instert link into section
                 $search_result = $page->parse_template_section($search_result, 'delete_from_favorite', $delete_from_fav);
                 //Show Add To Favorites
                 $link_add_favorites = '';
                 if (isset($_SESSION['userID'])) {
                     $userID = $misc->make_db_safe($_SESSION['userID']);
                     $sql = "SELECT listingsdb_id FROM " . $config['table_prefix'] . "userfavoritelistings WHERE ((listingsdb_id = {$current_ID}) AND (userdb_id={$userID}))";
                     $recordSet = $conn->Execute($sql);
                     if (!$recordSet) {
                         $misc->log_error($sql);
                     }
                     if ($DEBUG_SQL) {
                         echo '<strong>Add Favorite Lookup:</strong> ' . $sql . '<br />';
                     }
                     $num_rows = $recordSet->RecordCount();
                     if ($num_rows == 0) {
                         $link_add_favorites = listing_pages::create_add_favorite_link();
                     }
                 } else {
                     $link_add_favorites = listing_pages::create_add_favorite_link();
                 }
                 // Instert link into section
                 $search_result = $page->parse_template_section($search_result, 'link_add_favorites', $link_add_favorites);
                 // Insert row number
                 $search_result = $page->parse_template_section($search_result, 'row_num_even_odd', $count);
                 $resultRecordSet->MoveNext();
                 // Replace Edit Listing links
                 require_once $config['basepath'] . '/include/listing.inc.php';
                 $edit_link = listing_pages::edit_listing_link();
                 $search_result = $page->parse_template_section($search_result, 'link_edit_listing', $edit_link);
                 $edit_link = listing_pages::edit_listing_link('yes');
                 $search_result = $page->parse_template_section($search_result, 'link_edit_listing_url', $edit_link);
                 // Replace addon fields.
                 $addon_fields = $page->get_addon_template_field_list($addons);
                 $search_result = $page->parse_addon_tags($search_result, $addon_fields);
                 $search_result = $page->cleanup_fields($search_result);
                 $search_result = $page->cleanup_images($search_result);
             }
             // end while
             $page->replace_template_section('search_result_header', $header_section);
             $page->replace_template_section('search_result_dataset', $search_result);
             $page->replace_permission_tags();
             $page->cleanup_template_sections($next_prev, $next_prev_bottom);
             $display = $page->return_page();
         } else {
             if (!isset($_GET['cur_page'])) {
                 $_GET['cur_page'] = 0;
             }
             // This search has no results. Display an error message and the search page again.
             $display .= search_page::create_searchpage(false, true);
         }
         return $display;
     }
 }
Пример #7
0
 function render_templated_files($ID, $type, $template)
 {
     global $conn, $lang, $config, $db_type;
     //Load the Core Template class and the Misc Class
     require_once $config['basepath'] . '/include/class/template/core.inc.php';
     $page = new page_user();
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     $folderid = $ID;
     $ID = $misc->make_db_extra_safe($ID);
     //Declare an empty display variable to hold all output from function.
     $display = '';
     if ($type == 'listing') {
         $file_upload_path = $config['listings_file_upload_path'];
         $file_view_path = $config['listings_view_file_path'];
         $sqltype = 'listings';
     } else {
         $file_upload_path = $config['users_file_upload_path'];
         $file_view_path = $config['users_view_file_path'];
         $sqltype = 'user';
     }
     $sql = "SELECT " . $type . "sfiles_id, " . $type . "sfiles_caption, " . $type . "sfiles_description, " . $type . "sfiles_file_name FROM " . $config['table_prefix'] . "" . $type . "sfiles WHERE (" . $sqltype . "db_id = {$ID}) ORDER BY " . $type . "sfiles_rank";
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     $num_files = $recordSet->RecordCount();
     if ($num_files >= 1) {
         //Load the File Template specified by the calling tag unless a template was specified in the calling template tag.
         $page->load_page($config['template_path'] . '/files_' . $type . '_' . $template . '.html');
         // Determine if the template uses rows.
         // First item in array is the row conent second item is the number of block per block row
         $file_template_row = $page->get_template_section_row('file_block_row');
         if (is_array($file_template_row)) {
             $row = $file_template_row[0];
             $col_count = $file_template_row[1];
             $uses_rows = true;
             $x = 1;
             //Create an empty array to hold the row contents
             $new_row_data = array();
         } else {
             $uses_rows = false;
         }
         $file_template_section = '';
         while (!$recordSet->EOF) {
             if ($uses_rows == true && $x > $col_count) {
                 //We are at then end of a row. Save the template section as a new row.
                 $new_row_data[] = $page->replace_template_section('file_block', $file_template_section, $row);
                 //$new_row_data[] = $file_template_section;
                 $file_template_section = $page->get_template_section('file_block');
                 $x = 1;
             } else {
                 $file_template_section .= $page->get_template_section('file_block');
             }
             $file_caption = $misc->make_db_unsafe($recordSet->fields[$type . 'sfiles_caption']);
             $file_filename = $misc->make_db_unsafe($recordSet->fields[$type . 'sfiles_file_name']);
             $file_id = $misc->make_db_unsafe($recordSet->fields[$type . 'sfiles_id']);
             $file_url = $file_view_path . '/' . $folderid . '/' . $file_filename;
             $file_download_url = 'index.php?action=create_download&amp;ID=' . $folderid . '&amp;file_id=' . $file_id . '&amp;type=' . $type;
             $file_description = urldecode($misc->make_db_unsafe($recordSet->fields[$type . 'sfiles_description']));
             $file_icon_height = $config["file_icon_height"];
             $file_icon_width = $config["file_icon_width"];
             if ($file_filename != "" && file_exists("{$file_upload_path}/{$folderid}/{$file_filename}")) {
                 $ext = substr(strrchr($file_filename, '.'), 1);
                 $filesize = filesize($file_upload_path . '/' . $folderid . '/' . $file_filename);
                 if ($caption != '') {
                     $alt = $caption;
                 } else {
                     $alt = $thumb_file_name;
                 }
                 $iconpath = $config["file_icons_path"] . '/' . $ext . '.png';
                 if (file_exists($iconpath)) {
                     $file_icon = $config["listings_view_file_icons_path"] . '/' . $ext . '.png';
                 } else {
                     $file_icon = $config["listings_view_file_icons_path"] . '/default.png';
                 }
                 $file_filesize = $this->bytesize($filesize);
             }
             $file_template_section = $page->parse_template_section($file_template_section, 'file_url', $file_url);
             $file_template_section = $page->parse_template_section($file_template_section, 'file_download_url', $file_download_url);
             $file_template_section = $page->parse_template_section($file_template_section, 'file_filename', $file_filename);
             $file_template_section = $page->parse_template_section($file_template_section, 'file_caption', $file_caption);
             $file_template_section = $page->parse_template_section($file_template_section, 'file_description', $file_description);
             $file_template_section = $page->parse_template_section($file_template_section, 'file_icon', $file_icon);
             $file_template_section = $page->parse_template_section($file_template_section, 'file_icon_height', $file_icon_height);
             $file_template_section = $page->parse_template_section($file_template_section, 'file_icon_width', $file_icon_width);
             $file_template_section = $page->parse_template_section($file_template_section, 'file_filesize', $file_filesize);
             $recordSet->MoveNext();
             if ($uses_rows == true) {
                 $x++;
             }
         }
         //END while (!$recordSet->EOF)
         if ($uses_rows == true) {
             $file_template_section = $page->cleanup_template_block('file', $file_template_section);
             $new_row_data[] = $page->replace_template_section('file_block', $file_template_section, $row);
             $replace_row = '';
             foreach ($new_row_data as $rows) {
                 $replace_row .= $rows;
             }
             $page->replace_template_section_row('file_block_row', $replace_row);
         } else {
             $page->replace_template_section('file_block', $file_template_section);
         }
         $page->replace_permission_tags();
         $display .= $page->return_page();
     }
     return $display;
 }
 function renderNotifyListings($listingIDArray, $search_title, $user_name, $email)
 {
     global $conn, $lang, $config, $db_type, $current_ID;
     //Load the Core Template class and the Misc Class
     require_once $config['basepath'] . '/include/class/template/core.inc.php';
     $page = new page_user();
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     require_once $config['basepath'] . '/include/listing.inc.php';
     $listingclass = new listing_pages();
     //Declare an empty display variable to hold all output from function.
     $display = '';
     //If We have a $current_ID save it
     $old_current_ID = '';
     if ($current_ID != '') {
         $old_current_ID = $current_ID;
     }
     //Load the Notify Listing Template specified in the Site Config
     $page->load_page($config['template_path'] . '/' . $config['notify_listings_template']);
     // Determine if the template uses rows.
     // First item in array is the row conent second item is the number of block per block row
     $notify_template_row = $page->get_template_section_row('notify_listing_block_row');
     if (is_array($notify_template_row)) {
         $row = $notify_template_row[0];
         $col_count = $notify_template_row[1];
         $user_rows = true;
         $x = 1;
         //Create an empty array to hold the row conents
         $new_row_data = array();
     } else {
         $user_rows = false;
     }
     $notify_template_section = '';
     foreach ($listingIDArray as $current_ID) {
         if ($user_rows == true && $x > $col_count) {
             //We are at then end of a row. Save the template section as a new row.
             $new_row_data[] = $page->replace_template_section('notify_listing_block', $notify_template_section, $row);
             //$new_row_data[] = $notify_template_section;
             $notify_template_section = $page->get_template_section('notify_listing_block');
             $x = 1;
         } else {
             $notify_template_section .= $page->get_template_section('notify_listing_block');
         }
         $listing_title = $listingclass->get_title($current_ID);
         if ($config['url_style'] == '1') {
             $notify_url = $config['baseurl'] . '/index.php?action=listingview&amp;listingID=' . $current_ID;
             // #####
         } else {
             $url_title = str_replace("/", "", $listing_title);
             $url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title));
             $notify_url = $config['baseurl'] . '/listing-' . misc::urlencode_to_sef($url_title) . '-' . $current_ID . '.html';
             // #####
         }
         $notify_template_section = $page->replace_listing_field_tags($current_ID, $notify_template_section);
         $notify_template_section = $page->replace_listing_field_tags($current_ID, $notify_template_section);
         $notify_template_section = $page->parse_template_section($notify_template_section, 'notify_url', $notify_url);
         $notify_template_section = $page->parse_template_section($notify_template_section, 'listingid', $current_ID);
         // Setup Image Tags
         $sql2 = "SELECT listingsimages_thumb_file_name,listingsimages_file_name\n\t\t\t\t\tFROM " . $config['table_prefix'] . "listingsimages\n\t\t\t\t\tWHERE (listingsdb_id = {$current_ID})\n\t\t\t\t\tORDER BY listingsimages_rank";
         $recordSet2 = $conn->SelectLimit($sql2, 1, 0);
         if ($recordSet2 === false) {
             $misc->log_error($sql2);
         }
         if ($recordSet2->RecordCount() > 0) {
             $thumb_file_name = $misc->make_db_unsafe($recordSet2->fields['listingsimages_thumb_file_name']);
             $file_name = $misc->make_db_unsafe($recordSet2->fields['listingsimages_file_name']);
             if ($thumb_file_name != "" && file_exists("{$config['listings_upload_path']}/{$thumb_file_name}")) {
                 // gotta grab the thumbnail image size
                 $imagedata = GetImageSize("{$config['listings_upload_path']}/{$thumb_file_name}");
                 $imagewidth = $imagedata[0];
                 $imageheight = $imagedata[1];
                 $shrinkage = $config['thumbnail_width'] / $imagewidth;
                 $notify_thumb_width = $imagewidth * $shrinkage;
                 $notify_thumb_height = $imageheight * $shrinkage;
                 $notify_thumb_src = $config['listings_view_images_path'] . '/' . $thumb_file_name;
                 // gotta grab the thumbnail image size
                 $imagedata = GetImageSize("{$config['listings_upload_path']}/{$file_name}");
                 $imagewidth = $imagedata[0];
                 $imageheight = $imagedata[1];
                 $notify_width = $imagewidth;
                 $notify_height = $imageheight;
                 $notify_src = $config['listings_view_images_path'] . '/' . $file_name;
             }
         } else {
             if ($config['show_no_photo'] == 1) {
                 $imagedata = GetImageSize($config['basepath'] . "/images/nophoto.gif");
                 $imagewidth = $imagedata[0];
                 $imageheight = $imagedata[1];
                 $shrinkage = $config['thumbnail_width'] / $imagewidth;
                 $notify_thumb_width = $imagewidth * $shrinkage;
                 $notify_thumb_height = $imageheight * $shrinkage;
                 $notify_thumb_src = $config['baseurl'] . '/images/nophoto.gif';
                 $notify_width = $notify_thumb_width;
                 $notify_height = $notify_thumb_height;
                 $notify_src = $config['baseurl'] . '/images/nophoto.gif';
             } else {
                 $notify_thumb_width = '';
                 $notify_thumb_height = '';
                 $notify_thumb_src = '';
                 $notify_width = '';
                 $notify_height = '';
                 $notify_src = '';
             }
         }
         if (!empty($notify_thumb_src)) {
             $notify_template_section = $page->parse_template_section($notify_template_section, 'notify_thumb_src', $notify_thumb_src);
             $notify_template_section = $page->parse_template_section($notify_template_section, 'notify_thumb_height', $notify_thumb_height);
             $notify_template_section = $page->parse_template_section($notify_template_section, 'notify_thumb_width', $notify_thumb_width);
             $notify_template_section = $page->cleanup_template_block('notify_img', $notify_template_section);
         } else {
             $notify_template_section = $page->remove_template_block('notify_img', $notify_template_section);
         }
         if (!empty($notify_src)) {
             $notify_template_section = $page->parse_template_section($notify_template_section, 'notify_large_src', $notify_src);
             $notify_template_section = $page->parse_template_section($notify_template_section, 'notify_large_height', $notify_height);
             $notify_template_section = $page->parse_template_section($notify_template_section, 'notify_large_width', $notify_width);
             $notify_template_section = $page->cleanup_template_block('notify_img_large', $notify_template_section);
         } else {
             $notify_template_section = $page->remove_template_block('notify_img_large', $notify_template_section);
         }
         if ($user_rows == true) {
             $x++;
         }
     }
     if ($user_rows == true) {
         $notify_template_section = $page->cleanup_template_block('notify_listing', $notify_template_section);
         $new_row_data[] = $page->replace_template_section('notify_listing_block', $notify_template_section, $row);
         $replace_row = '';
         foreach ($new_row_data as $rows) {
             $replace_row .= $rows;
         }
         $page->replace_template_section_row('notify_listing_block_row', $replace_row);
     } else {
         $page->replace_template_section('notify_listing_block', $notify_template_section);
     }
     $page->replace_permission_tags();
     $page->replace_urls();
     $page->auto_replace_tags();
     $page->replace_lang_template_tags();
     $display .= $page->return_page();
     $current_ID = '';
     if ($old_current_ID != '') {
         $current_ID = $old_current_ID;
     }
     return $display;
 }
Пример #9
0
 function next_prev($num_rows, $cur_page, $guidestring = '', $template = '', $admin = FALSE)
 {
     global $lang, $config;
     require_once $config['basepath'] . '/include/class/template/core.inc.php';
     $page = new page_user();
     if (isset($template) && $template != '') {
         $template_file = 'next_prev_' . $template . '.html';
     } else {
         $template_file = 'next_prev.html';
     }
     if ($admin == TRUE) {
         $page->load_page($config['admin_template_path'] . '/' . $template_file);
     } else {
         $page->load_page($config['template_path'] . '/' . $template_file);
     }
     $guidestring = '';
     $guidestring_no_action = '';
     $guidestring_with_sort = '';
     // Save GET
     foreach ($_GET as $k => $v) {
         if ($v && $k != 'cur_page' && $k != 'PHPSESSID') {
             if (is_array($v)) {
                 foreach ($v as $vitem) {
                     $guidestring .= '&amp;' . urlencode("{$k}") . '[]=' . urlencode("{$vitem}");
                 }
             } else {
                 $guidestring .= '&amp;' . urlencode("{$k}") . '=' . urlencode("{$v}");
             }
         }
         if ($v && $k != 'cur_page' && $k != 'PHPSESSID' && $k != 'action') {
             if (is_array($v)) {
                 foreach ($v as $vitem) {
                     $guidestring_no_action .= '&amp;' . urlencode("{$k}") . '[]=' . urlencode("{$vitem}");
                 }
             } else {
                 $guidestring_no_action .= '&amp;' . urlencode("{$k}") . '=' . urlencode("{$v}");
             }
         }
     }
     $page->page = str_replace('{nextprev_guidestring}', $guidestring, $page->page);
     $page->page = str_replace('{nextprev_guidestring_no_action}', $guidestring_no_action, $page->page);
     if ($cur_page == "") {
         $cur_page = 0;
     }
     $page_num = $cur_page + 1;
     $page->page = str_replace('{nextprev_num_rows}', $num_rows, $page->page);
     if ($_GET['action'] == 'view_log') {
         $items_per_page = 25;
         $page->page = str_replace('{nextprev_page_type}', $lang['log'], $page->page);
         $page->page = str_replace('{nextprev_meet_your_search}', $lang['logs_meet_your_search'], $page->page);
         if ($num_rows == 1) {
             $page->page = $page->remove_template_block('!nextprev_num_of_rows_is_1', $page->page);
             $page->page = $page->cleanup_template_block('nextprev_num_of_rows_is_1', $page->page);
         } else {
             $page->page = $page->remove_template_block('nextprev_num_of_rows_is_1', $page->page);
             $page->page = $page->cleanup_template_block('!nextprev_num_of_rows_is_1', $page->page);
         }
     } elseif ($_GET['action'] == 'view_users') {
         $items_per_page = $config['users_per_page'];
         $page->page = str_replace('{nextprev_page_type}', $lang['agent'], $page->page);
         $page->page = str_replace('{nextprev_meet_your_search}', $lang['agents'], $page->page);
         if ($num_rows == 1) {
             $page->page = $page->remove_template_block('!nextprev_num_of_rows_is_1', $page->page);
             $page->page = $page->cleanup_template_block('nextprev_num_of_rows_is_1', $page->page);
         } else {
             $page->page = $page->remove_template_block('nextprev_num_of_rows_is_1', $page->page);
             $page->page = $page->cleanup_template_block('!nextprev_num_of_rows_is_1', $page->page);
         }
     } else {
         $items_per_page = $config['listings_per_page'];
         $page->page = str_replace('{nextprev_page_type}', $lang['listing'], $page->page);
         $page->page = str_replace('{nextprev_meet_your_search}', $lang['listings_meet_your_search'], $page->page);
         if ($num_rows == 1) {
             $page->page = $page->remove_template_block('!nextprev_num_of_rows_is_1', $page->page);
             $page->page = $page->cleanup_template_block('nextprev_num_of_rows_is_1', $page->page);
         } else {
             $page->page = $page->remove_template_block('nextprev_num_of_rows_is_1', $page->page);
             $page->page = $page->cleanup_template_block('!nextprev_num_of_rows_is_1', $page->page);
         }
     }
     $total_num_page = ceil($num_rows / $items_per_page);
     if ($total_num_page == 0) {
         $listing_num_min = 0;
         $listing_num_max = 0;
     } else {
         $listing_num_min = $cur_page * $items_per_page + 1;
         if ($page_num == $total_num_page) {
             $listing_num_max = $num_rows;
         } else {
             $listing_num_max = $page_num * $items_per_page;
         }
     }
     $page->page = str_replace('{nextprev_listing_num_min}', $listing_num_min, $page->page);
     $page->page = str_replace('{nextprev_listing_num_max}', $listing_num_max, $page->page);
     $prevpage = $cur_page - 1;
     $nextpage = $cur_page + 1;
     $next10page = $cur_page + 10;
     $prev10page = $cur_page - 10;
     $next_minus10page = $cur_page - 10;
     $page->page = str_replace('{nextprev_nextpage}', $nextpage, $page->page);
     $page->page = str_replace('{nextprev_prevpage}', $prevpage, $page->page);
     $page->page = str_replace('{nextprev_next10page}', $next10page, $page->page);
     $page->page = str_replace('{nextprev_prev10page}', $prev10page, $page->page);
     if ($_GET['action'] == 'searchresults') {
         $page->page = $page->cleanup_template_block('nextprev_show_save_search', $page->page);
     } else {
         $page->page = $page->remove_template_block('nextprev_show_save_search', $page->page);
     }
     if ($_GET['action'] == 'searchresults') {
         $page->page = $page->cleanup_template_block('nextprev_show_refine_search', $page->page);
     } else {
         $page->page = $page->remove_template_block('nextprev_show_refine_search', $page->page);
     }
     if ($page_num <= 1) {
         $page->page = $page->cleanup_template_block('nextprev_is_firstpage', $page->page);
         $page->page = $page->remove_template_block('!nextprev_is_firstpage', $page->page);
     }
     if ($page_num > 1) {
         $page->page = $page->cleanup_template_block('!nextprev_is_firstpage', $page->page);
         $page->page = $page->remove_template_block('nextprev_is_firstpage', $page->page);
     }
     //end if ($page_num > 10)
     // begin 10 page menu selection
     $count = $cur_page;
     //Determine Where to Start the Page Count At
     $count_start = $count - 10;
     if ($count_start < 0) {
         $count_start = 0;
         $real_count_start = 0;
     } else {
         while (!preg_match("/0\$/", $count_start)) {
             $count_start++;
         }
     }
     //echo 'Count Start '.$count_start.'<br />';
     //$count = ($count - $lastnum);
     $page_section_part = $page->get_template_section('nextprev_page_section');
     $page_section = '';
     $reverse_count = $count_start;
     while ($count > $count_start) {
         //echo 'Count '.$count.'<br />';
         //echo 'Reverse Count '.$reverse_count.'<br />';
         // If the last number is a zero, it's divisible by 10 check it...
         if (preg_match("/0\$/", $count)) {
             break;
         }
         $page_section .= $page_section_part;
         $disp_count = $reverse_count + 1;
         $page_section = str_replace('{nextprev_count}', $reverse_count, $page_section);
         $page_section = str_replace('{nextprev_disp_count}', $disp_count, $page_section);
         $page_section = $page->cleanup_template_block('nextprev_page_other', $page_section);
         $page_section = $page->remove_template_block('nextprev_page_current', $page_section);
         $count--;
         $reverse_count++;
     }
     $count = $cur_page;
     while ($count < $total_num_page) {
         $page_section .= $page_section_part;
         $disp_count = $count + 1;
         $page_section = str_replace('{nextprev_count}', $count, $page_section);
         $page_section = str_replace('{nextprev_disp_count}', $disp_count, $page_section);
         if ($page_num == $disp_count) {
             // the currently selected page
             $page_section = $page->cleanup_template_block('nextprev_page_current', $page_section);
             $page_section = $page->remove_template_block('nextprev_page_other', $page_section);
         } else {
             $page_section = $page->cleanup_template_block('nextprev_page_other', $page_section);
             $page_section = $page->remove_template_block('nextprev_page_current', $page_section);
         }
         $count++;
         // If the last number is a zero, it's divisible by 10 check it...
         if (!($count % 10)) {
             break;
         }
     }
     // end while ($count <= 10)
     $page->replace_template_section('nextprev_page_section', $page_section);
     if ($page_num >= $total_num_page) {
         $page->page = $page->cleanup_template_block('nextprev_lastpage', $page->page);
         $page->page = $page->remove_template_block('!nextprev_lastpage', $page->page);
     }
     if ($page_num < $total_num_page) {
         $diff = $total_num_page - $cur_page;
         $page->page = $page->cleanup_template_block('!nextprev_lastpage', $page->page);
         $page->page = $page->remove_template_block('nextprev_lastpage', $page->page);
     }
     //end if
     // search buttons
     if ($page_num >= 11) {
         // previous 10 page
         $page->page = $page->cleanup_template_block('nextprev_prev_100_button', $page->page);
         $page->page = $page->remove_template_block('!nextprev_prev_100_button', $page->page);
     } else {
         $page->page = $page->cleanup_template_block('!nextprev_prev_100_button', $page->page);
         $page->page = $page->remove_template_block('nextprev_prev_100_button', $page->page);
     }
     // Next 100 button
     if ($cur_page < $total_num_page - $config['listings_per_page'] && $total_num_page > 10) {
         $page->page = $page->cleanup_template_block('nextprev_next_100_button', $page->page);
         $page->page = $page->remove_template_block('!nextprev_next_100_button', $page->page);
     } else {
         $page->page = $page->cleanup_template_block('!nextprev_next_100_button', $page->page);
         $page->page = $page->remove_template_block('nextprev_next_100_button', $page->page);
     }
     if ($_GET['action'] == 'view_log' && $_SESSION['admin_privs'] == "yes") {
         $page->page = $page->cleanup_template_block('nextprev_clearlog', $page->page);
     } else {
         $page->page = $page->remove_template_block('nextprev_clearlog', $page->page);
     }
     return $page->page;
 }
 function edit_post_comments()
 {
     global $conn, $lang, $config;
     $security = login::loginCheck('can_access_blog_manager', true);
     $display = '';
     $blog_user_type = intval($_SESSION['blog_user_type']);
     if ($security === true) {
         require_once $config['basepath'] . '/include/misc.inc.php';
         $misc = new misc();
         //Load the Core Template
         require_once $config['basepath'] . '/include/class/template/core.inc.php';
         $page = new page_user();
         require_once $config['basepath'] . '/include/user.inc.php';
         $userclass = new user();
         require_once $config['basepath'] . '/include/blog_functions.inc.php';
         $blog_functions = new blog_functions();
         //Load TEmplate File
         $page->load_page($config['admin_template_path'] . '/blog_edit_comments.html');
         // Do we need to save?
         if (isset($_GET['id'])) {
             $post_id = intval($_GET['id']);
             //Get Blog Post Information
             $blog_title = $blog_functions->get_blog_title($post_id);
             $page->page = $page->parse_template_section($page->page, 'blog_title', $blog_title);
             $blog_author = $blog_functions->get_blog_author($post_id);
             $page->page = $page->parse_template_section($page->page, 'blog_author', $blog_author);
             $blog_date_posted = $blog_functions->get_blog_date($post_id);
             $page->page = $page->parse_template_section($page->page, 'blog_date_posted', $blog_date_posted);
             //Handle any deletions and comment approvals before we load the comments
             if (isset($_GET['caction']) && $_GET['caction'] == 'delete') {
                 if (isset($_GET['cid'])) {
                     $cid = intval($_GET['cid']);
                     //Do permission checks.
                     if ($blog_user_type < 4) {
                         //Throw Error
                         $display .= '<div class="error_message">' . $lang['blog_permission_denied'] . '</div><br />';
                         unset($_GET['caction']);
                         $display .= $this->edit_post_comments();
                         return $display;
                     }
                     //Delete
                     $sql = 'DELETE FROM ' . $config['table_prefix'] . 'blogcomments WHERE blogcomments_id = ' . $cid . ' AND blogmain_id = ' . $post_id;
                     //Load Record Set
                     $recordSet = $conn->Execute($sql);
                     if (!$recordSet) {
                         $misc->log_error($sql);
                     }
                 }
             }
             if (isset($_GET['caction']) && $_GET['caction'] == 'approve') {
                 if (isset($_GET['cid'])) {
                     $cid = intval($_GET['cid']);
                     //Do permission checks.
                     if ($blog_user_type < 4) {
                         //Throw Error
                         $display .= '<div class="error_message">' . $lang['blog_permission_denied'] . '</div><br />';
                         unset($_GET['caction']);
                         $display .= $this->edit_post_comments();
                         return $display;
                     }
                     //Delete
                     $sql = 'UPDATE ' . $config['table_prefix'] . 'blogcomments SET blogcomments_moderated = 1 WHERE blogcomments_id = ' . $cid . ' AND blogmain_id = ' . $post_id;
                     //Load Record Set
                     $recordSet = $conn->Execute($sql);
                     if (!$recordSet) {
                         $misc->log_error($sql);
                     }
                 }
             }
             //Ok Load the comments.
             $sql = 'SELECT * FROM ' . $config['table_prefix'] . 'blogcomments WHERE blogmain_id = ' . $post_id . ' ORDER BY blogcomments_timestamp ASC';
             //Load Record Set
             $recordSet = $conn->Execute($sql);
             if (!$recordSet) {
                 $misc->log_error($sql);
             }
             //Handle Next prev
             $num_rows = $recordSet->RecordCount();
             if (!isset($_GET['cur_page'])) {
                 $_GET['cur_page'] = 0;
             }
             $limit_str = $_GET['cur_page'] * $config['listings_per_page'];
             $recordSet = $conn->SelectLimit($sql, $config['listings_per_page'], $limit_str);
             if ($recordSet === false) {
                 $misc->log_error($sql);
             }
             $blog_comment_template = '';
             while (!$recordSet->EOF) {
                 //Load DB Values
                 $comment_author_id = $misc->make_db_unsafe($recordSet->fields['userdb_id']);
                 $blogcomments_id = $misc->make_db_unsafe($recordSet->fields['blogcomments_id']);
                 $blogcomments_moderated = $misc->make_db_unsafe($recordSet->fields['blogcomments_moderated']);
                 $blogcomments_timestamp = $misc->make_db_unsafe($recordSet->fields['blogcomments_timestamp']);
                 $blogcomments_text = html_entity_decode($misc->make_db_unsafe($recordSet->fields['blogcomments_text']), ENT_NOQUOTES, $config['charset']);
                 //Load Template Block
                 $blog_comment_template .= $page->get_template_section('blog_article_comment_item_block');
                 //Lookup Blog Author..
                 $author_type = $userclass->get_user_type($comment_author_id);
                 if ($author_type == 'member') {
                     $author_display = $userclass->get_user_name($comment_author_id);
                 } else {
                     $author_display = $userclass->get_user_last_name($comment_author_id) . ', ' . $userclass->get_user_first_name($comment_author_id);
                 }
                 $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_author', $author_display);
                 if ($config['date_format'] == 1) {
                     $format = "m/d/Y";
                 } elseif ($config['date_format'] == 2) {
                     $format = "Y/d/m";
                 } elseif ($config['date_format'] == 3) {
                     $format = "d/m/Y";
                 }
                 $blog_comment_date_posted = date($format, "{$blogcomments_timestamp}");
                 $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_date_posted', $blog_comment_date_posted);
                 $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_text', $blogcomments_text);
                 //Add Delete COmment Link
                 //{blog_comment_delete_url}
                 $blog_comment_delete_url = 'index.php?action=edit_blog_post_comments&id=' . $post_id . '&caction=delete&cid=' . $blogcomments_id;
                 $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_delete_url', $blog_comment_delete_url);
                 $blog_comment_approve_url = 'index.php?action=edit_blog_post_comments&id=' . $post_id . '&caction=approve&cid=' . $blogcomments_id;
                 $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_approve_url', $blog_comment_approve_url);
                 //Do Security Checks
                 if ($blog_user_type < 4) {
                     $blog_comment_template = $page->remove_template_block('blog_article_comment_approve', $blog_comment_template);
                     $blog_comment_template = $page->remove_template_block('blog_article_comment_delete', $blog_comment_template);
                 }
                 //Handle Moderation
                 if ($blogcomments_moderated == 1) {
                     $blog_comment_template = $page->remove_template_block('blog_article_comment_approve', $blog_comment_template);
                 } else {
                     $blog_comment_template = $page->cleanup_template_block('blog_article_comment_approve', $blog_comment_template);
                 }
                 $recordSet->MoveNext();
             }
             $page->replace_template_section('blog_article_comment_item_block', $blog_comment_template);
             $next_prev = $misc->next_prev($num_rows, $_GET['cur_page'], "", 'blog', TRUE);
             $page->replace_tag('next_prev', $next_prev);
             $page->replace_permission_tags();
             $page->auto_replace_tags('', true);
             $display .= $page->return_page();
         }
     }
     return $display;
 }