$thisurl = strtolower($_SERVER['QUERY_STRING']);
$thisurl = strtoupper(urldecode($thisurl));
//if($_SERVER["HTTP_CF_CONNECTING_IP"]) $_SERVER["REMOTE_ADDR"]=$_SERVER["HTTP_CF_CONNECTING_IP"];
/* last-ditch code to thwat SQL injection - this will kill request data if known SQL query fragments are seen */
if(strpos($thisurl,"CONCAT("))
{
$_POST=[];
$_GET=[];
$_REQUEST=[];
header("location: /");
exit();
}
if(strpos($thisurl,"SLEEP("))
{
$_POST=[];
$_GET=[];
$_REQUEST=[];
header("location: /");
exit();
}
if(strpos($thisurl,"(SELECT"))
{
$_POST=[];
$_GET=[];
$_REQUEST=[];
header("location: /");
exit();
}
require("template.php");
require("mysql.php");
require("currency_exchange_class.php");
ini_set('session.gc_maxlifetime', 86400 * 2); // 2 day
$link = opendb();
$lang = "en";
// refresh order
if($_SERVER["HTTP_HOST"]!='localhost')
{
ini_set('memcached.sess_prefix', 'memc.sess.key.');
ini_set('session.cookie_domain', '.minfind.com' );
}
session_start();
// temp
$_COOKIE["light"]="light";
if(!$_COOKIE["light"])
{
$_COOKIE["light"]="dark";
}
if(($_REQUEST["mode"]=="light")||($_COOKIE["light"]=="light"))
{
$_SESSION["light"]=1;
setcookie("light", "light", time()+(3600*24*365));
$_COOKIE["light"]="light";
}
if(($_REQUEST["mode"]=="dark")||($_COOKIE["light"]=="dark"))
{
unset($_SESSION["light"]);
setcookie("light", "dark", time()+(3600*24*365));
$_COOKIE["light"]="dark";
}
if(isset($_SESSION["user"]))
{
$sess=$_SESSION["sess_id"];
mysql_query("update mv_cart set mct_refreshed=now() where mct_session_id='$sess'",$link);
}
$ce = new currencyExchange();
$ce->getData();
// check for login
$c=0;
$e=0;
if(isset($_POST["login_email"]))
{
$e = $_POST["login_email"];
$p = $_POST["login_password"];
$c = $_POST["login_remember"];
} else
if(isset($_COOKIE["login_email"]))
{
$e = $_COOKIE["login_email"];
$p = $_COOKIE["login_password"];
}
if($c)
{
setcookie("login_email",stripslashes($e),time()+60*60*24*365,"/");
setcookie("login_password",stripslashes($p),time()+60*60*24*365,"/");
}
if($e)
{
$login_email = $e;
$sql = "select * from mv_users where mus_email='$e' and mus_password='$p'";
$res = mysql_query($sql,$link);
$row = mysql_fetch_object($res);
if($row)
{
$_SESSION["user"]=$row;
} else // login has failed
{
$login_failedmessage=T("Your login failed. Please check your username and password and try again.");
}
} else //
{
}
/*
if($_SESSION["LANG"])
{
$lang = $_SESSION["LANG"];
}
*/
if(isset($_GET["locale"]))
$lang = $_GET["locale"];
else
$lang="en";
$_SESSION["LANG"]=$lang;
// manage currencies
if(isset($_REQUEST["cur"]))
{
$_SESSION["CUR"]=$_REQUEST["cur"];
} else
{
if(!isset($_SESSION["CUR"])) $_SESSION["CUR"]="USD";
}
$sql = "select * from mv_currencies where mcu_cid=\"".mysql_real_escape_string($_SESSION["CUR"])."\"";
$res = mysql_query($sql,$link);
$CURRENCYROW = mysql_fetch_object($res);
require("text_$lang.php");
require("cform/cform.php");
function searchurl()
{
if(!$_GET["qs"]) return "#";
$url = "search.php?qs=".urlencode($_GET["qs"]);
if($mf=$_GET["minfilter"]) $url.="&minfilter=".urlencode($mf);
if($cf=$_GET["countryfilter"]) $url.="&countryfilter=".urlencode($cf);
if($df=$_GET["dealerfilter"]) $url.="&dealerfilter=".urlencode($df);
if($pf=$_GET["pricefilter"]) $url.="&pricefilter=".urlencode($pf);
if($ob=$_GET["orderby"]) $url.="&orderby=".urlencode($ob);
return($url);
}
function quicksql($sql)
{
global $link;
$return = array();
$res = mysql_query($sql,$link);
while($row = mysql_fetch_row($res))
{
$return[$row[0]]=$row[1];
}
mysql_free_result($res);
return($return);
}
function SQLE($sql)
{
print "
";
print $sql;
print "
";
print mysql_error();
exit();
}
function T($key)
{
global $link;
global $lang;
global $T;
if($T[$key]) return $T[$key];
return($key);
$skey = mysql_real_escape_string($key);
$sql = "select mte_content from mv_text where mte_key='$skey' and (mte_language='$lang' or mte_language='en') order by mte_language='en'";
$res = mysql_query($sql,$link) or die(SQLE($sql));
$row = mysql_fetch_row($res);
if(!$row)
{
// we have a new entry!
// $fh = fopen("text_en.php","a");
// fwrite($fh,"<"."? \$T[\"$key\"]=\"$key\";\r\n?".">");
// fclose($fh);
return($key);
}
return($row[0]);
}
function getmindaturl()
{
if($_SERVER["HTTP_HOST"]=="minfind.awj.mine.nu") return ("mindat.awj.mine.nu");
return("www.mindat.org");
}
function getmins($m,$l)
{
$data = file_get_contents("http://kubrick.mindat.org/mvtest.php?m=$m&l=$l");
$lines = explode("\r\n",$data);
foreach($lines as $line)
{
$bits = explode(" ",$line);
minbox($bits[0],$bits[1],$bits[2]);
}
}
function hashphoto($row)
{
global $link;
if($row->mph_hash) return;
return;
$fn =$row->mph_filename;
$length = @filesize("mfopics/$fn");
if($length)
{
$hash = md5_file("mfopics/$fn");
mysql_query("update mv_photo set mph_hash='$hash' where mph_id='$row->mph_id'",$link);
}
$u = getmindaturl();
$u = str_replace("www","kubrick");
$json = file_get_contents("https://$u/api/getminidfromphoto?apikey=TEST&hash=$hash&length=$length");
$result = json_decode($json);
if($result->pid) mysql_query("update mv_photo set mph_mindat_pid='$result->pid' where mph_id='$row2->mph_id'",$link);
$minid = $result->minid;
if($minid)
{
$f = mysql_real_escape_string(unformatminid($minid));
mysql_query("update mv_sales set msa_minid='$f' where msa_id='$row->mph_msa_id'",$link);
}
return($minid);
}
function addminid($id)
{
global $link;
$sql="select * from mv_sales where msa_id='$id'";
$res = mysql_query($sql,$link);
$row = mysql_fetch_object($res);
if($row->msa_minid) return;
$sql = "select * from mv_photo where mph_msa_id='$row->msa_id'";
$res2 = mysql_query($sql,$link);
while($row2 = mysql_fetch_object($res2))
{
if(hashphoto($row2)) return;
}
$specimen = array();
$mins = $row->msa_min_ids;
$mins = explode(',',$mins);
$specimen["title"]=$row->msa_name_en;
$specimen["locality"]=array("name"=>$row->msa_locality_en,"id"=>$row->msa_locality_id);
$specimen["dimensions"]=array("width"=>$row->msa_w,"height"=>$row->msa_h,"depth"=>$row->msa_d,"units"=>"mm");
$specimen["weight"]=array("weight"=>$row->msa_weight,"units"=>"g");
$specimen["description"]=$row->msa_desc_en;
$specimen['minerals']=array();
foreach($mins as $k=>$v)
{
$specimen['minerals'][]=array('id'=>$v);
}
$json = json_encode($specimen);
$u = getmindaturl();
$url = "https://$u/api/createminid";
$fields = array("apikey"=>"mineraldesk2015",
"data"=>$json);
//url-ify the data for the POST
foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
rtrim($fields_string, '&');
//open connection
$ch = curl_init();
//set the url, number of POST vars, POST data
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_POST, count($fields));
curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
curl_setopt($ch,CURLOPT_POSTFIELDS, $fields_string);
//execute post
$result = curl_exec($ch);
//close connection
curl_close($ch);
$r = json_decode($result,true);
$minid = $r["minid"];
$minid = mysql_real_escape_string(unformatminid($minid));
if($minid) mysql_query($sql="update mv_sales set msa_minid='$minid' where msa_id='$row->msa_id'",$link);
}
function opendb()
{
global $link;
global $mysqli;
if(!$link)
{
if(!($link=@mysql_connect('localhost','mindat_user','b0g0sity!9elephant78143')))
{
print "Fatal Error - Unable to connect to database.";
exit();
}
if(!mysql_select_db('mindat'))
{
print "Fatal Error - Unable to select database.";
exit();
}
}
mysql_query("SET character_set_results = NULL",$link);
mysql_query("SET character_set_database = none",$link);
mysql_query("SET character_set_server = none",$link);
mysql_query("SET NAMES UTF8",$link);
if(!$mysqli)
{
if(!($mysqli=mysqli_connect('localhost','mindat_user','b0g0sity!9elephant78143')))
{
print "Fatal Error - Unable to connect to database.";
exit();
}
if(!$mysqli->select_db('mindat'))
{
print "Fatal Error - Unable to select database.";
exit();
}
}
$mysqli->query("SET character_set_results = NULL");
$mysqli->query("SET character_set_database = none");
$mysqli->query("SET character_set_server = none");
$mysqli->query("SET NAMES UTF8");
return($link);
}
function fistart($txt)
{
?>
}
function fiend()
{
?>
}
/*
function fihr()
{
?>
}
function inserttextitem($content,$tag,$msa_id,$nulang="en")
{
global $link;
$sql = "insert into mv_text(mte_key,mte_language,mte_content,mte_msa_id,mte_datetime) values (
'$tag','$nulang','$content','$msa_id',now())";
$res = mysql_query($sql,$link);
}
*/
function loc2txt($id)
{
global $link;
$id = (int) $id;
if($id==0) return("");
$res2 = mysql_query("select localities.txt from localities where id = $id",$link);
$row2 = mysql_fetch_object($res2);
$name = $row2->txt;
$name = mb_convert_encoding($name, "UTF-8", "ISO-8859-1");
mysql_free_result($res2);
return($name);
}
function min2id($name)
{
global $link;
$aname = mysql_real_escape_string(english($name));
$sql = "select id from minerals where sortname = '$aname'";
$res = mysql_query($sql,$link);
$row = mysql_fetch_object($res);
if(!$row) return(0);
$id = desynonym($row->id,$link);
return($id);
}
// this function removes synonyms.
function desynonym($id)
{
$id = (int) $id;
if($id==0) return(0);
global $link;
$res = mysql_query("select id,synid from minerals where id = $id",$link);
$row = mysql_fetch_object($res);
while($row->synid)
{
$res = mysql_query("select id,synid from minerals where id = $row->synid",$link);
$row = mysql_fetch_object($res);
}
return($row->id);
}
function id2min($id)
{
$id = (int) $id;
if($id==0) return("");
global $link;
$res2 = mysql_query("select minerals.name from minerals where id = $id",$link);
$row2 = mysql_fetch_object($res2);
$name = $row2->name;
mysql_free_result($res2);
return($name);
}
function get_thumb($src,$w,$h,$col="FFFFFF")
{
$col = strtoupper($col);
$file="/mfthumbs/".abs($w)."_".abs($h)."_{$col}_{$src}";
$filename = $_SERVER["DOCUMENT_ROOT"].$file;
$sq=1;
if(!file_exists($filename))
{
if($w<0)
{
$w = 0 - $w;
$mw = 0;
$sq=0;
} else $mw=$w;
if($h<0)
{
$h = 0 - $h;
$mh = 0;
$sq=0;
} else $mh=$h;
if($sq)
resize_square($_SERVER["DOCUMENT_ROOT"]."/mfopics/$src",$filename,$mw,$w,$mh,$h,78,$col);
else
resize_pic($_SERVER["DOCUMENT_ROOT"]."/mfopics/$src",$filename,$mw,$w,$mh,$h,78,$col);
}
return($file);
}
function resize_square($src,$dest,$minw,$maxw,$minh,$maxh,$cmp=78,$null=0)
{
if(substr($src,-1)=="/") return(0);
$data = file_get_contents($src);
$im = imagecreatefromstring($data);
if(!$im) return(0);
$iw = imagesx($im);
$ih = imagesy($im);
if($iw>$ih)
{
// print "A\r\n";
$scale = $maxh/$ih;
$scalew = $iw * $scale;
$scaleh = $maxh;
$offw = ($scalew-$maxw)/2/$scale;
$offh=0;
$nh = $ih;
$nw = $nh * ($maxw/$maxh);
} else
{
// print "B\r\n";
$scale = $maxw/$iw;
$scaleh = $ih * $scale;
$scalew = $maxw;
$offh = ($scaleh-$maxh)/2/$scale;
$nw = $iw;
$nh = $nw * ($maxh/$maxw);
$offw=0;
}
$dim = imagecreatetruecolor($maxw,$maxh);
/*
print " Source $iw x $ih\r\n";
print " Dest $maxw x $maxh\r\n";
print " Scale: $scale\r\n";
print " Scaled: $scalew x $scaleh\r\n";
print " offset: $offw : $offh\r\n";
print " nScaled: $nw x $nh\r\n";
*/
imagecopyresampled($dim,$im,0,0,$offw,$offh,$maxh,$maxw,$nw,$nh);
imagejpeg($dim,$dest,$cmp);
return(1);
}
function resize_pic($src,$dest,$minw,$maxw,$minh,$maxh,$cmp=78,$col="FFFFFF")
{
if(substr($src,-1)=="/") return(0);
$tim= time()-filectime($src);
// print "TIM $tim";
// if($tim<500) return(0);
$data = file_get_contents($src);
$im = imagecreatefromstring($data);
if(!$im) return(0);
$ix = imagesx($im);
$iy = imagesy($im);
$oix = $ix;
$oiy = $iy;
// is image in correct dimensions already?
if(($ix>=$minw)&&($ix<=$maxw)&&($iy>=$minh)&&($iy<=$maxh))
{
imagejpeg($im,$dest,$cmp);
return(1);
} else
{
if($ix>$maxw)
{
$iy = $maxw * $oiy / $oix;
$ix = $maxw;
}
/*
if($ix<$minw)
{
$iy = $minw * $oiy / $oix;
$ix = $minw;
}
*/
if($iy>$maxh)
{
$ix = $maxh * $oix / $oiy;
$iy = $maxh;
}
/*
if($iy<$minh)
{
$ix = $minh * $oix / $oiy;
$iy = $minh;
}
*/
// are we going to a fixed size?
$cr = hexdec(substr($col,0,2));
$cg = hexdec(substr($col,2,2));
$cb = hexdec(substr($col,4,2));
if(($minw==$maxw)&&($minh==$maxh))
{
$rgb = imagecolorat($im,0,0);
$avg = floor(hexdec(substr($rgb,0,2))+
hexdec(substr($rgb,2,2))+
hexdec(substr($rgb,4,2)))/3;
if($avg>200)
$avg=255;
else
$avg=0;
$dim = imagecreatetruecolor($maxw,$maxh);
$col = imagecolorallocate($dim,$avg,$avg,$avg);
imagefilledrectangle($dim,0,0,$maxw-1,$maxh-1,$col);
imagecopyresampled($dim,$im,($maxw-$ix)/2,($maxh-$iy)/2,0,0,$ix,$iy,$oix,$oiy);
} else
{
$dim = imagecreatetruecolor($ix,$iy);
imagecopyresampled($dim,$im,0,0,0,0,$ix,$iy,$oix,$oiy);
}
imagejpeg($dim,$dest,$cmp);
return(1);
}
}
function dosearch($base="")
{
global $CURRENCYROW;
global $maxdate;
global $order;
global $link;
global $min;
global $minid;
global $loc;
global $locid;
global $T;
global $catid;
global $regrow;
global $pricemin;
global $pricemax;
global $limit;
global $format;
global $qs;
global $country;
global $partner;
global $dateadd;
global $nopage;
global $sizes;
global $col;
global $ce;
global $datelimit;
global $top;
global $searchcur;
global $folded;
global $orderby;
global $minchange;
global $countrychange;
global $pricechange;
global $dealerchange;
global $mylist;
global $subdealerr;
global $hp;
if(isset($_SESSION["EVERYTHING"])) $EVERYTHING=$_SESSION["EVERYTHING"];
$zf = new cform("searcher");
$sql = "select distinct mv_sales.*,mv_partners.*";
if($catid) $sql.=", mv_cat_links.*";
$sql.= " from mv_sales,mv_partners";
if($catid) $sql.=", mv_cat_links";
if($country) $sql.=" left join localities on localities.id=msa_locality_id ";
$sql.=" where mpa_id=msa_mpa_id ";
if(!$EVERYTHING) $sql.=" and msa_status='Available' ";
if($catid) $sql.=" and mcl_msa_id=msa_id and mcl_mca_id='$catid' ";
if($dateadd) $sql.=" and msa_dateadd='".mysql_real_escape_string($dateadd)."' ";
if(substr($qs,0,5)=="From:")
{
$b = explode(":",$qs);
$datelimit = $b[1];
$qs="";
}
if($datelimit) $sql.=" and msa_dateadd>='".mysql_real_escape_string($datelimit)."' ";
if($partner) $sql.=" and msa_mpa_id='$partner' ";
if($subdealerr) $sql.=" and msa_subdealer='$subdealerr' ";
if($regrow)
{
$pat = str_replace("*","%",$regrow->mre_locs);
$bits = explode(",",$pat);
$sql.=" and (0";
foreach($bits as $bit)
{
$sql.=" or msa_locality_en like '$bit' ";
}
$sql.=") ";
}
if($min)
{
$emin = mysql_real_escape_string($min);
$sql.=" and msa_name_en like '%$emin%'";
}
if($mylist)
{
$list = explode("\r\n",$mylist);
$sql.=" and (0";
foreach($list as $k)
{
$k = mysql_real_escape_string(trim($k));
if($k) $sql.=" or msa_name_en like '%$k%'";
}
$sql.=") ";
}
if($minid) $sql.=" and msa_min_ids like '%,".mysql_real_escape_string($minid).",%'";
if($loc) $sql.=" and msa_locality_en like '%".mysql_real_escape_string($loc)."%'";
if($col) $sql.=" and msa_collection like '%".mysql_real_escape_string($col)."%'";
if($country)
{
$ec = mysql_real_escape_string($country);
$sql.=" and ( msa_locality_en like '%$ec' or localities.txt like '%$ec') ";
}
if($locid) $sql.=" and msa_locality_id = '$locid' ";
if(!$searchcur) $searchcur="USD";
if($pricechange)
{
$b = explode(":",$pricechange);
$pricemin=$b[0];
$pricemax=$b[1];
}
$s = "select * from mv_currencies";
$r = mysql_query($s,$link);
while($ro=mysql_fetch_object($r))
{
$exrate[$ro->mcu_cid] = $ce->Convert($ro->mcu_cid,"USD",1);
}
if($pricemin)
{
$sql.=" and (0 ";
foreach($exrate as $cu=>$rate)
{
if($rate)
{
$sql.=" or (msa_price>='".($pricemin/$rate)."' and msa_currency='$cu') ";
}
}
$sql.=" ) ";
}
if($pricemax)
{
$sql.=" and (0 ";
foreach($exrate as $cu=>$rate)
{
if($rate)
{
$sql.=" or (msa_price<='".($pricemax/$rate)."' and msa_currency='$cu') ";
}
}
$sql.=" ) ";
}
if($sizes)
{
$bits = explode("-",$sizes);
$smin = $bits[0];
$smax = $bits[1];
$maxdim = "if(msa_w>msa_h,if(msa_w>msa_d,msa_w,msa_d),if(msa_h>msa_d,msa_h,msa_d))";
$sql.=" and $maxdim>='$smin' and $maxdim<='$smax' ";
}
if($qs)
{
$eqs = mysql_real_escape_string($qs);
$sql.=" and (mpa_name='$eqs' ";
if($minid = min2id($qs))
{
$sql.=" or msa_min_ids like '%,$minid,%' ";
}
$sql.=" or (1";
$bits = explode(" ",$eqs);
foreach($bits as $qs)
{
$qs2 = str_replace("-","",$qs);
if($qs!="from") $sql.=" and (msa_id = '$qs' or msa_locality_en like '%$qs%' or msa_collection like '%$qs%' or msa_name_en like '%$qs%' or msa_reference like '%$qs%' or msa_minid='$qs2') ";
}
$sql.=") ) ";
}
if($minchange)
{
$minchange = mysql_real_escape_string($minchange);
$sql.=" and msa_min_ids like '%,$minchange,%' ";
}
if($countrychange)
{
$countrychange=mysql_real_escape_string($countrychange);
$sql.=" and msa_country='$countrychange' ";
}
if($dealerchange)
{
$dealerchange=mysql_real_escape_string($dealerchange);
$sql.=" and msa_mpa_id='$dealerchange' ";
}
$sqlf = $sql;
//print $sql;
if(!$nopage)
{
switch($orderby)
{
case 2:
$order="msa_id";
break;
case 5:
$order="if(msa_w>msa_h,if(msa_w>msa_d,msa_w,msa_d),msa_h)=0, if(msa_w>msa_h,if(msa_w>msa_d,msa_w,msa_d),msa_h)";
break;
case 6:
$order="if(msa_w>msa_h,if(msa_w>msa_d,msa_w,msa_d),msa_h) desc";
break;
case 1:
$order="msa_id desc";
break;
default:
$lastweek = date("Y-m-d",strtotime("now - 7 days"));
$order="(mpa_expiry>now()) desc, (msa_dateadd>='$lastweek') desc, rand()";
break;
case 3:
case 4:
$order=" (0";
foreach($exrate as $cu=>$exc)
{
if($exc)
{
$order.=" + if(msa_currency='$cu',msa_price * $exc, 0) ";
}
}
$order.=") ";
if($orderby==3) $order.=" desc ";
break;
}
} else
{
$t7days = date("Y-m-d",strtotime("last week"));
$order= "msa_dateadd<'$t7days', rand()";
$sql.=" and mpa_expiry>now() ";
}
if($order) $sql.=" order by $order";
if(!$limit) $limit=20;
if($format=="list") $limit=25;
$res = $zf->setresultsperpage($limit);
$res = $zf->mysqlquery($sql,$link);
if(!$nopage)
{
$dealers = array();
$mins = array();
$prices = array();
$countries=array();
switch($_SESSION["CUR"])
{
case "JPY":
$pricebands = array(0,2500,5000,10000,20000,50000,9999999999);
break;
case "CNY":
case "HKD":
$pricebands = array(0,500,1000,2500,5000,10000,20000,50000,9999999999);
break;
default:
$pricebands = array(0,100,250,500,1000,2000,5000,9999999999);
break;
}
if($_SESSION["CUR"]<>"USD")
{
foreach($pricebands as $p)
{
$valuebands[] = $ce->Convert($_SESSION["CUR"],"USD",$p);
}
} else $valuebands=$pricebands;
$res2 = mysql_query($sqlf,$link);
while($row2 = mysql_fetch_object($res2))
{
$price = $row2->msa_price;
if($row2->msa_currency<>$_SESSION["CUR"])
{
$price = $ce->Convert($row2->msa_currency,$_SESSION["CUR"],$price);
}
if($row2->msa_country)
{
$countries[$row2->msa_country]++;
}
for($k=1;$k<=count($pricebands);$k++)
{
$min=$pricebands[$k-1];
$max=$pricebands[$k];
if(($price>=$min)&&($price<$max))
{
$prices[$k]++;
}
}
$dealers[$row2->msa_mpa_id]++;
$k = $row2->msa_min_ids;
$bs = explode(",",$k);
foreach($bs as $b)
{
$b = (int) $b;
if($b) $mins[$b]++;
}
}
// var_dump($_REQUEST);
print "Filter Options: ";
$zf->setjschange("quicksearch()");
if(count($mins)>1)
{
$name = array();
$minid = array();
foreach($mins as $k=>$v)
{
$minname[$k]=id2min($k);
$minid[$k]=$k;
}
array_multisort($minname,$mins,$minid);
foreach($mins as $k=>$v)
{
//print $minname[$k]."=$v ";
$name[]=$minname[$k]." ($v)";
}
$zf->addselectai("minchange",array_merge(array("- Any Mineral -"),$name),array_merge(array(0),$minid));
} else $zf->addhidden("minchange");
if(count($countries)>1)
{
$val = array();
$hits = array();
$dealerid = array();
foreach($countries as $k=>$v)
{
$k2 = explode("(",$k);
$k=trim($k2[0]);
$cou[]="$k ($v)";
$val[]=$k;
$hits[]=$v;
}
array_multisort($hits,SORT_DESC,$cou,$val);
$zf->addselectai("countrychange",array_merge(array("- Any Country -"),$cou),array_merge(array(0),$val));
} else $zf->addhidden("countrychange");
if(count($dealers)>1)
{
foreach($dealers as $d=>$v)
{
$dealername[$d]=getdealername($d)." ($v)";
$dealerid[$d]=$d;
}
array_multisort($dealers,SORT_DESC,$dealername,$dealerid);
$zf->addselectai("dealerchange",array_merge(array("- Any Seller -"),$dealername),array_merge(array(0),$dealerid));
} else $zf->addhidden("dealerchange");
if(count($prices)>1)
{
$pricenames[]="- Any Price -";
$pricevals[]="";
$priceord[]=0;
foreach($prices as $d=>$v)
{
$min = $pricebands[$d-1];
$max = $pricebands[$d];
$vmin = $valuebands[$d-1];
$vmax = $valuebands[$d];
$smin = sprintf($CURRENCYROW->mcu_format,$min);
$smax = sprintf($CURRENCYROW->mcu_format,$max);
if($min==0)
{
$str = "below $smax ($v)";
} else
if($max==9999999999)
{
$str = "$smin and over ($v)";
} else
{
$str = "$smin to $smax ($v)";
}
$pricenames[]=$str;
$pricevals[]="$vmin:$vmax";
$priceord[]=$max;
}
array_multisort($priceord,$pricenames,$pricevals);
$zf->addselectai("pricechange",$pricenames,$pricevals);
} else $zf->addhidden("pricechange");
print "
";
print "Order By: ";
$zf->addselect("orderby","Default","Newest First","Oldest First","Price high to low","Price low to high","Size small to large","Size large to small");
print "
";
if(($pricechange)||($dealerchange)||($minchange)||($countrychange))
{
print "
Clear Filter";
}
print "
";
}
if(!$res[0])
{
if(($pricechange)||($dealerchange)||($minchange)||($countrychange))
{
print "Sorry, nothing matches these filtering paramaters, please change and try again.
";
} else
{
print "".$T["No Search Results"]."
";
}
}
else
{
foreach($res as $row)
{
if($format=="list") showlistrow($row);
else showthumb($row);
}
if(!$nopage)
{
print "";
print $zf->prevnext("
< ".T("Previous Page")."".T("Next Page")." >".T("Page")." ".T("of")." ",$base);
print "
";
}
}
}
function largepic($row,$prow)
{
$filename = $prow->mph_filename;
$thumbname = get_thumb($filename,390,390,"111111");
$bigname = get_thumb($filename,-800,-600);
if($prow->mph_spin_id)
{
?>
} else
{
?>
}
}
function smallpic($row,$prow)
{
$filename = $prow->mph_filename;
$bigname = get_thumb($filename,-800,-600);
$thumbname = get_thumb($filename,180,180,"000000");
?>
}
function stranyreplace($needle,$new,$haystack)
{
$out = $haystack;
for($x=0;$x";
}
return($out);
}
function english($txt)
{
$out = "";
$in = strtoupper($txt);
$in = stranyreplace("\\- /'&()[].,?","",$in);
$in = stranyreplace("������������","A",$in);
$in = stranyreplace("��������","E",$in);
$in = stranyreplace("��������","I",$in);
$in = stranyreplace("������������","O",$in);
$in = stranyreplace("��","AE",$in);
$in = stranyreplace("��������","U",$in);
$in = stranyreplace("���","Y",$in);
$in = stranyreplace("��","C",$in);
$in = stranyreplace("��","N",$in);
$in = str_replace("�","SS",$in);
$in = str_replace("#945;","A",$in);
$in = str_replace("#946;","B",$in);
$in = str_replace("#269;","C",$in);
$in = str_replace("#268;","C",$in);
$in = str_replace("#353;","S",$in);
$in = str_replace("#345;","R",$in);
return($in);
}
function showlistrow($row)
{
global $link;
global $lang;
$res = mysql_query("select * from mv_photo where mph_msa_id='$row->msa_id' order by mph_pos limit 1",$link);
$prow = mysql_fetch_object($res);
?>
if($row->msa_w)
{
print $row->msa_w."mm";
if($row->msa_h) print " x {$row->msa_h}mm";
if($row->msa_d) print " x {$row->msa_d}mm";
}
?>