<?
if(ISSET($vehid)){$vehid=xss_prepare($vehid, 1);if($vehid=="[$$##]"){Header("Location: /sitemap.php");}}
if(ISSET($carid)){$vehid=xss_prepare($carid, 1);if($carid=="[$$##]"){Header("Location: /sitemap.php");}}
if(ISSET($ajaxsearch)){$ajaxsearch=xss_prepare($vehid, 3);if($ajaxsearch=="[$$##]"){$ajaxsearch="";}}
if(ISSET($leaf)){$leaf=xss_prepare($leaf, 1);if($leaf=="[$$##]"){$leaf=1;}}
if(ISSET($total)){$total=xss_prepare($total, 1);if($total=="[$$##]"){$total=0;}}
if(ISSET($filter)){$filter=xss_prepare($filter, 2);if($filter=="[$$##]"){$filter="";}}
if(ISSET($bodytype)){$bodytype=xss_prepare($bodytype, 3);if($bodytype=="[$$##]"){$bodytype="";}}
if(ISSET($transmission)){$transmission=xss_prepare($transmission, 2);if($transmission=="[$$##]"){$transmission="";}}
if(ISSET($make)){$make=xss_prepare($make, 3);if($make=="[$$##]"){$make="";}}
if(ISSET($model)){$model=xss_prepare($model, 3);if($model=="[$$##]"){$model="";}}
if(ISSET($modtext)){$modtext=xss_prepare($modtext, 3);if($modtext=="[$$##]"){$modtext="";}}
if(ISSET($derivative)){$derivative=xss_prepare($derivative, 3);if($derivative=="[$$##]"){$derivative="";}}

if(ISSET($calemail)){$calemail=xss_prepare($calemail, 4);if($calemail=="[$$##]"){Header("Location: /sitemap.php");}}
if(ISSET($tagfind)){$tagfind=xss_prepare($tagfind, 3);if($tagfind=="[$$##]"){Header("Location: /sitemap.php");}}
if(ISSET($prid)){$prid=xss_prepare($prid, 3);if($prid=="[$$##]"){Header("Location: /sitemap.php");}}
if(ISSET($cmsr)){$cmsr=xss_prepare($cmsr, 3);if($cmsr=="[$$##]"){$cmsr="";}}
if(ISSET($height)){$height=xss_prepare($height, 1);if($height=="[$$##]"){$height=350;}}
if(ISSET($width)){$width=xss_prepare($width, 3);if($width=="[$$##]"){$width=584;}}
if(ISSET($TB_iframe)){$TB_iframe=xss_prepare($TB_iframe, 2);if($TB_iframe=="[$$##]"){$TB_iframe="true";}}

if(ISSET($register)){$register=xss_prepare($register, 1);if($register=="[$$##]"){$register=1;}}
if(ISSET($uname)){$uname=xss_prepare($uname, 4);if($uname=="[$$##]"){$uname="";}}
if(ISSET($pword)){$pword=xss_prepare($pword, 3);if($pword=="[$$##]"){$pword="";}}
if(ISSET($vehicle)){$vehicle=xss_prepare($vehicle, 2);if($vehicle=="[$$##]"){$vehicle="car";}}
if(ISSET($type)){$type=xss_prepare($type, 2);if($type=="[$$##]"){$type="business";}}
if(ISSET($budget)){$budget=xss_prepare($budget, 5);if($budget=="[$$##]"){$budget="";}}
if(ISSET($emissions)){$emissions=xss_prepare($emissions, 2);if($emissions=="[$$##]"){$emissions="";}}
if(ISSET($doors)){$doors=xss_prepare($doors, 1);if($doors=="[$$##]"){$doors="";}}
if(ISSET($fuel)){$fuel=xss_prepare($fuel, 2);if($fuel=="[$$##]"){$fuel="";}}
if(ISSET($vgredirect)){$vgredirect=xss_prepare($vgredirect, 3);if($vgredirect=="[$$##]"){$vgredirect="";}}
if(ISSET($bodystyle)){$bodystyle=xss_prepare($bodystyle, 2);if($bodystyle=="[$$##]"){$bodystyle="";}}
if(ISSET($monthly)){$monthly=xss_prepare($monthly, 1);if($monthly=="[$$##]"){$monthly="0";}}

if(ISSET($busmonthly)){$busmonthly=xss_prepare($busmonthly, 7);if($busmonthly=="[$$##]"){$busmonthly="0";}}
if(ISSET($permonthly)){$permonthly=xss_prepare($permonthly, 7);if($permonthly=="[$$##]"){$permonthly="0";}}



if(ISSET($funder)){$funder=xss_prepare($funder, 1);if($funder=="[$$##]"){$funder="0";}}
if(ISSET($initialpayment)){$initialpayment=xss_prepare($initialpayment, 1);if($initialpayment=="[$$##]"){$initialpayment="6";}}
if(ISSET($httpreferrer)){$httpreferrer=xss_prepare($httpreferrer, 3);if($httpreferrer=="[$$##]"){$httpreferrer="";}}
if(ISSET($term)){$term=xss_prepare($term, 1);if($term=="[$$##]"){$term="48";}}
if(ISSET($mileage)){$mileage=xss_prepare($mileage, 1);if($mileage=="[$$##]"){$mileage="10000";}}
if(ISSET($maintenance)){$maintenance=xss_prepare($maintenance, 2);if($maintenance=="[$$##]"){$maintenance="No";}}
if(ISSET($lo)){$lo=xss_prepare($lo, 4);if($lo=="[$$##]"){$lo="";}}
if(ISSET($spid)){$lo=xss_prepare($spid, 1);if($spid=="[$$##]"){$spid="0";}}
//if(ISSET($_SESSION["MYACCOUNT"])){$_SESSION["MYACCOUNT"]=xss_prepare($_SESSION["MYACCOUNT"], 1);if($_SESSION["MYACCOUNT"]=="[$$##]"){Header("Location: /logout.php");}}
if(ISSET($submitted)){$submitted=xss_prepare($submitted, 1);if($submitted=="[$$##]"){$submitted="0";}}
if(ISSET($jback)){$jback=xss_prepare($jback, 1);if($jback=="[$$##]"){$jback="0";}}
if(ISSET($srmessage)){$srmessage=xss_prepare($srmessage, 1);if($srmessage=="[$$##]"){$srmessage="0";}}
if(ISSET($showid)){$showid=xss_prepare($showid, 1);if($showid=="[$$##]"){$showid="0";}}
if(ISSET($varoptions)){$varoptions=xss_prepare($varoptions, 2);if($varoptions=="[$$##]"){$varoptions="";}}
?><?
	if(ISSET($cmsr))
		{//cmsr comes from htaccess redirect so we pull out cms_pn (file name) from cms based on redirect name - hence why redirect name can not be duplicated
			if(ISSET($gparentnav))
			{//this means it is a sub sub menu
			//echo "SELECT DISTINCT cms_nav, cms_sub FROM cms WHERE cms_redirect='" . $cmsr . "' LIMIT 1<BR>";
			//die();
	//	echo "SELECT DISTINCT cms_nav, cms_sub FROM cms WHERE cms_redirect='" . $cmsr . "' and cms_nav>0 AND cms_sub>0 LIMIT 1<BR>";
        			$result = mysqli_query($link,"SELECT DISTINCT cms_nav, cms_sub FROM cms WHERE cms_redirect='" . $cmsr . "' and cms_nav>0 AND cms_sub>0 AND cms_location=$udlocation LIMIT 1");
        			if(mysqli_num_rows($result) > 0)	{while ( $row = mysqli_fetch_array($result) ){$cmsnav=$row["cms_nav"]; $cmssub=$row["cms_sub"];}}else{$cmsnav=0;$cmssub=0;}


                  			//echo "SELECT DISTINCT cms_id FROM cms WHERE cms_redirect='" . $gparentnav . "' and cms_nav=" . $cmsnav . "<BR>";
                  			$tresult = mysqli_query($link,"SELECT DISTINCT cms_id FROM cms WHERE cms_redirect='" . $gparentnav . "' and cms_nav=" . $cmsnav . " AND cms_location=$udlocation LIMIT 1");
                  			if(mysqli_num_rows($tresult) > 0)	
                  					{
                  						while ( $trow = mysqli_fetch_array($tresult) )
                  							{
                  							
                          							if(ISSET($parentnav))
                                  			{
                                  			//echo "SELECT DISTINCT cms_id FROM cms WHERE cms_redirect='" . $parentnav . "' and cms_nav=" . $row["cms_nav"] . " LIMIT 1<BR>";
                                  			$tresult = mysqli_query($link,"SELECT DISTINCT cms_id FROM cms WHERE cms_redirect='" . $parentnav . "' and cms_nav=" . $cmsnav . " AND cms_location=$udlocation LIMIT 1");
                                  			if(mysqli_num_rows($tresult) > 0)	{while ( $trow = mysqli_fetch_array($tresult) ){$cmsrparent=" AND cms_nav=" . $cmsnav . " AND cms_sub=" .  $cmssub. "";}}else{$cmsrparent=" AND (cms_nav=0 AND cms_sub=0)";}			
                                  			}
                  			
                  								//$cmsrparent=" AND cms_nav=" . $row["cms_nav"] . " AND cms_sub=" .  $row["cms_sub"]. "";
                  							}
                  					}else{$cmsrparent=" AND (cms_nav=0 AND cms_sub=0)";}		


			}
			
			else if(ISSET($parentnav))
			{
//echo "2. SELECT DISTINCT cms_nav, cms_sub FROM cms WHERE cms_redirect='" . $cmsr . "' and cms_nav>0  LIMIT 1<BR>";

        			$result = mysqli_query($link,"SELECT DISTINCT cms_nav, cms_sub FROM cms WHERE cms_redirect='" . $cmsr . "' and cms_nav>0 and cms_navmain=0 AND cms_location=$udlocation LIMIT 1");
        			if(mysqli_num_rows($result) > 0)	{while ( $row = mysqli_fetch_array($result) ){$cmsnav=$row["cms_nav"]; $cmssub=$row["cms_sub"];}}else{$cmsnav=254780;$cmssub=0;}
   //echo "SELECT DISTINCT cms_id FROM cms WHERE cms_redirect='" . $parentnav . "' and cms_nav=" . $cmsnav . " LIMIT 1";     			
							$result = mysqli_query($link,"SELECT DISTINCT cms_id FROM cms WHERE cms_redirect='" . $parentnav . "' and cms_nav=" . $cmsnav . "  and cms_sub=" . $cmssub . " AND cms_location=$udlocation LIMIT 1");
							if(mysqli_num_rows($result) > 0)	{while ( $row = mysqli_fetch_array($result) ){$cmsrparent=" AND cms_nav=" . $cmsnav . " AND cms_sub=" .  $cmssub. "";}}else{$cmsrparent=" AND (cms_nav=254780 AND cms_sub=0)";}			
			
			}
			else
			{
			//$cmsrparent=" AND (cms_nav=0 AND cms_sub=0)";
			//echo "3. SELECT DISTINCT cms_nav, cms_sub, cms_navmain FROM cms WHERE cms_redirect='" . $cmsr . "' and cms_nav>0  LIMIT 1<BR>";
        			$result = mysqli_query($link,"SELECT DISTINCT cms_nav, cms_sub, cms_navmain FROM cms WHERE cms_redirect='" . $cmsr . "' and cms_nav>0 AND cms_location=$udlocation LIMIT 1");
        			if(mysqli_num_rows($result) > 0)	{while ( $row = mysqli_fetch_array($result) ){$cmsnavmain=$row["cms_navmain"];$cmsnav=$row["cms_nav"]; $cmssub=$row["cms_sub"];}}else{$cmsnav=0;$cmssub=0;}			
        			
        			if($cmsnavmain==0){$cmsrparent=" AND (cms_nav=0 AND cms_sub=0)";}else{$cmsrparent=" AND cms_nav=$cmsnav";}
        			//echo "$cmsnav - $cmssub<BR>";
			}
			
	
		//echo "SELECT DISTINCT cms_pn, cms_id FROM cms WHERE cms_redirect='" . $cmsr . "'" . $cmsrparent . " LIMIT 1";
			$result = mysqli_query($link,"SELECT DISTINCT cms_pn, cms_id FROM cms WHERE cms_redirect='" . $cmsr . "'" . $cmsrparent . " AND cms_location=$udlocation LIMIT 1");
			if(mysqli_num_rows($result) > 0) 
			{
					while ( $row = mysqli_fetch_array($result) )
						{
						$pnv=$row["cms_pn"];$pnvc=strtoupper($row["cms_pn"]);$cmsid=$row["cms_id"];//we set pnv and pnvc. pnv is used within the page if user is paginating for example. pnvc is used to get page details
						}
			}
			else
			{//if nothing is found in the database then we assume that pnv has been set directly - perhaps for pagination purposes
			
			//check to see if a wrong redirect
			$result = mysqli_query($link,"SELECT DISTINCT cms_nav, cms_sub FROM cms WHERE cms_redirect='" . $cmsr . "' AND cms_location=$udlocation LIMIT 1");
	  		if(mysqli_num_rows($result) > 0)	{	while ( $row = mysqli_fetch_array($result) ){$cmsnav=$row["cms_nav"];$cmssub=$row["cms_sub"];}}


      			if(ISSET($pnv)){$pnvc=strtoupper($pnv);}else{$pnvc="SOBORNOST";	}//if not set then 
      			header("HTTP/1.0 404 Not Found"); //don't find anything and redirect as 404
      			//Header("Location: /sitemap.php", true, 301);
                			$result = mysqli_query($link,"SELECT DISTINCT cms_pn FROM cms WHERE cms_id=194 LIMIT 1");
                			if(mysqli_num_rows($result) > 0) 
                			{//pull out site map stuff now
                					while ( $row = mysqli_fetch_array($result) )
                						{
                						$pnv=$row["cms_pn"];$pnvc=strtoupper($row["cms_pn"]);$cmsid=$preconfigureid;//we set pnv and pnvc. pnv is used within the page if user is paginating for example. pnvc is used to get page details
                						}
                			}
  		}

	}
	else if(ISSET($preconfigureid))
	{//if cmsr is not set then page is likely to be preconfigured so lets pull out the pre-configured page info

			$result = mysqli_query($link,"SELECT DISTINCT cms_pn, cms_id FROM cms WHERE cms_pc_value='" . $preconfigureid . "' AND cms_location=$udlocation LIMIT 1");
			if(mysqli_num_rows($result) > 0) 
			{
					while ( $row = mysqli_fetch_array($result) )
						{
						$pnv=$row["cms_pn"];$pnvc=strtoupper($row["cms_pn"]);$cmsid=$row["cms_id"];//we set pnv and pnvc. pnv is used within the page if user is paginating for example. pnvc is used to get page details
						}
			}
			else
			{//if nothing is found in the database then we assume that pnv has been set directly - perhaps for pagination purposes
			if(ISSET($pnv)){$pnvc=strtoupper($pnv);}else{$pnvc="SOBORNOST";	}//just a catch all if db calls back with nothing 
			}	
	
	}
	else
	{//cmsr is not set nor is preconfigureid so we check if pnv is set and if so pull out pnvc or default to error page
		if(ISSET($pnv)){$pnvc=strtoupper($pnv);}else{$pnvc="SOBORNOST";}
	}


switch($pnvc)
	{//pnvc is always set by this point so find page
	case "SOBORNOST":
			{
			//this means that pnv is not set so we pull out the default page - this should be the homepage! If no default found pulls out our hardcoded default page - sobornost_inc.php
				$result = mysqli_query($link,"SELECT DISTINCT cms_pn, cms_id FROM cms WHERE cms_default=1 AND cms_location=$udlocation ORDER BY cms_id DESC LIMIT 1");
				if(mysqli_num_rows($result) > 0)
				{while ( $row = mysqli_fetch_array($result) ){$pn=strtoupper($row["cms_title"]); $ptv=$row["cms_pn"];$pn="HOME";$cmsid=$row["cms_id"];}}else{$pn="HOME"; $ptv="sobornost_inc";}
			
			break;
			}
	default:
			{
			//otherwise pnv is set and we must pull out the relevant page - catchall is left in if pnv is not found we show sobornost_inc.php

				$result = mysqli_query($link,"SELECT DISTINCT cms_pn, cms_pageid, cms_id FROM cms WHERE cms_pn='" . strtolower($pnv) . "' AND cms_location=$udlocation LIMIT 1");
				if(mysqli_num_rows($result) > 0)
				{while ( $row = mysqli_fetch_array($result) ){$pn=strtoupper($row["cms_pageid"]); $ptv=$row["cms_pn"];$cmsid=$row["cms_id"];}}else{$pn="HOME"; $ptv="sobornost_inc";}

			$break;
			}
	}

	//$pn=dynamicontent($pn, $_GET, $_POST, 1);	//check to see if pn is dynamic variable - will have [[ and ]] in it. THEN MAKE IT DYNAMIC!

	


	$testoutput.="<b>Page ID:</b> $pn<BR><b>File Name:</b> $ptv";
?>bot<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<head><title>TCOM</title><meta name="description" content="TCOM Page Descriptions" />
<meta name="keywords" content="TCOM Leasing" />
<meta name="robots" content="INDEX" />
<meta name="author" content="TCOM" />
<meta name="last-modified" content="" />
<meta name="modified-by" content="TCOM" />
<meta name="copyright" content="" />
<link rel="alternate" type="application/rss xml" title="RSS Feed (RSS 2.0)" href="/rss.xml"/>
<link rel="shortcut icon" type="image/x-icon" href="/favicon.ico" />
<link href='http://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700' rel='stylesheet' type='text/css'>
	<link rel="stylesheet" type="text/css" href="css/styles.css" media="screen" />
		<link rel="stylesheet" type="text/css" href="css/thickbox.css" />

	<script type="text/javascript" src="js/submission.js"></script>
<script src="js/jquery-1.6.min.js" type="text/javascript"></script>

		<script type="text/javascript" src="js/ajax.js"></script>
	<script type="text/javascript" src="js/hide.js"></script>
	<script type="text/javascript" src="js/thickbox.js"></script>
<script type="text/javascript" src="js/jquery.idTabs.min.js"></script>	
<script type="text/javascript" src="/js/iframeResizer.contentWindow.min.js"></script> 
<script type="text/javascript">
 
			$(document).ready(function(){
			

$("#hp_dataexpand").click(function () {$("#hp_datatext").show();$("#hp_dataexpand").hide();$("#hp_datapexpand").show();}); 
$("#hp_datapexpand").click(function () {$("#hp_datatext").hide();$("#hp_dataexpand").show();$("#hp_datapexpand").hide();}); 
				
			});
 
		</script>
  
</head>

<body>
<? include("main.php"); ?>



   
</body>

</html>