public function __construct($municipio)
{
parent::__construct();
if ($municipio == null || $municipio == "") {
}
$divisao = explode('_', $this->retira_acentos($municipio));
$this->nomeCru = $divisao[0];
$stringTratada = cidade_anti_sql_injection(str_replace('-', ' ', $divisao[0]));
$this->UrlNome = $stringTratada;
if (sizeof($divisao) > 1) {
$this->ufCru = $divisao[1];
$stringUfTratada = cidade_anti_sql_injection(str_replace('-', ' ', $divisao[1]));
$this->UrlUf = $stringUfTratada;
}
$this->read();
}
public function __construct($municipio1Arvore, $municipio2Arvore)
{
if ($municipio1Arvore == 'nulo' || $municipio2Arvore != 'nulo') {
$this->divisao2 = explode('/', $municipio2Arvore);
$this->espac2 = $this->divisao2[0];
$this->divisaoMun2 = explode('_', $this->divisao2[1]);
//Explode Municipio 2
$stringTratada2 = cidade_anti_sql_injection(str_replace('-', ' ', $this->divisaoMun2[0]));
$this->nomeTratadoMun2 = $stringTratada2;
$this->uf2Cru = $this->divisaoMun2[1];
$stringUf2Tratada = cidade_anti_sql_injection(str_replace('-', ' ', $this->divisaoMun2[1]));
$this->UrlUf2 = $stringUf2Tratada;
$this->Ano2 = $this->divisaoMun2[2];
if (isset($this->divisaoMun2[3])) {
$this->Ideal2 = $this->divisaoMun2[3];
} else {
$this->Ideal2 = false;
}
}
if ($municipio1Arvore != 'nulo' || $municipio2Arvore == 'nulo') {
$this->divisao1 = explode('/', $municipio1Arvore);
$this->espac1 = $this->divisao1[0];
$this->divisaoMun1 = explode('_', $this->divisao1[1]);
//Explode Municipio 1
$stringTratada1 = cidade_anti_sql_injection(str_replace('-', ' ', $this->divisaoMun1[0]));
$this->nomeTratadoMun1 = $stringTratada1;
$this->uf1Cru = $this->divisaoMun1[1];
$stringUf1Tratada = cidade_anti_sql_injection(str_replace('-', ' ', $this->divisaoMun1[1]));
$this->UrlUf1 = $stringUf1Tratada;
$this->Ano1 = $this->divisaoMun1[2];
if (isset($this->divisaoMun1[3])) {
$this->Ideal1 = $this->divisaoMun1[3];
} else {
$this->Ideal1 = false;
}
}
$this->idAnos();
$this->read();
}
//==========================================================================
//Load variables
//==========================================================================
$db = new bd();
$search = $_POST['s'];
$tabela = $_POST['_in'];
//==========================================================================
//Unset globals variables
//==========================================================================
unset($_POST);
//==========================================================================
//Tramento anti sql injection
//==========================================================================
$stringTratada = "";
$search = replaceTags(" (", ")", "", $search);
$stringTratada = retira_acentos(cidade_anti_sql_injection($search));
//==========================================================================
//Consulta
//==========================================================================
switch ($tabela) {
case TABELA_MUNICIPIO:
$SQL1 = "SELECT municipio.nome,estado.uf,municipio.id FROM municipio\n INNER JOIN estado ON (estado.id = municipio.fk_estado)\n WHERE sem_acento(municipio.nome) ILIKE '{$stringTratada}%' ORDER BY municipio.nome LIMIT 9";
break;
case TABELA_REGIAOMETROPOLITANA:
// $SQL1 = "SELECT rm.nome, estado.uf, rm.id FROM rm
// INNER JOIN estado ON (estado.id = rm.fk_estado)
// WHERE sem_acento(rm.nome) ILIKE '$stringTratada%' ORDER BY rm.nome LIMIT 9";
$SQL1 = "SELECT rm.nome as nome, 0 as uf, rm.id FROM rm\n WHERE sem_acento(rm.nome) ILIKE '{$stringTratada}%' AND rm.ativo = TRUE ORDER BY rm.nome LIMIT 9";
break;
case TABELA_ESTADO:
$SQL1 = "SELECT nome, 0 as uf, id FROM estado\n WHERE sem_acento(nome) ILIKE '{$stringTratada}%' ORDER BY nome LIMIT 9";
function anti_sql_injection_bool($str)
{
return mb_convert_case($str, MB_CASE_LOWER, "UTF-8") != cidade_anti_sql_injection($str);
}
<?php
if (empty($_SERVER['HTTP_X_REQUESTED_WITH']) || strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) != 'xmlhttprequest') {
header("Location: {$path_dir}404");
}
require_once '../../../config/config_path.php';
require_once '../../../config/config_gerais.php';
require_once '../util/protect_sql_injection.php';
ini_set("display_errors", 0);
ob_start("ob_gzhandler");
function retira_acentos($texto)
{
$array1 = array("á", "à", "â", "ã", "ä", "é", "è", "ê", "ë", "í", "ì", "î", "ï", "ó", "ò", "ô", "õ", "ö", "ú", "ù", "û", "ü", "ç", "Á", "À", "Â", "Ã", "Ä", "É", "È", "Ê", "Ë", "Í", "Ì", "Î", "Ï", "Ó", "Ò", "Ô", "Õ", "Ö", "Ú", "Ù", "Û", "Ü", "Ç");
$array2 = array("a", "a", "a", "a", "a", "e", "e", "e", "e", "i", "i", "i", "i", "o", "o", "o", "o", "o", "u", "u", "u", "u", "c", "A", "A", "A", "A", "A", "E", "E", "E", "E", "I", "I", "I", "I", "O", "O", "O", "O", "O", "U", "U", "U", "U", "C");
return str_replace($array1, $array2, $texto);
}
$consulta = $_POST["consulta"];
//==========================================================================
//Tramento anti sql injection
//==========================================================================
$stringTratada = "";
$stringTratada = retira_acentos(cidade_anti_sql_injection($consulta));
//==========================================================================
//Consulta
//==========================================================================
$sql_lugares = "";
$sql_indicadores = "";
if (file_exists("../preconsultas/{$stringTratada}.json")) {
include "../preconsultas/{$stringTratada}.json";
}
