if(ISSET($vehid)){$vehid=xss_prepare($vehid, 1);if($vehid=="[$$##]"){Header("Location: /sitemap.php");}}
if(ISSET($carid)){$vehid=xss_prepare($carid, 1);if($carid=="[$$##]"){Header("Location: /sitemap.php");}}
if(ISSET($ajaxsearch)){$ajaxsearch=xss_prepare($vehid, 3);if($ajaxsearch=="[$$##]"){$ajaxsearch="";}}
if(ISSET($leaf)){$leaf=xss_prepare($leaf, 1);if($leaf=="[$$##]"){$leaf=1;}}
if(ISSET($total)){$total=xss_prepare($total, 1);if($total=="[$$##]"){$total=0;}}
if(ISSET($filter)){$filter=xss_prepare($filter, 2);if($filter=="[$$##]"){$filter="";}}
if(ISSET($bodytype)){$bodytype=xss_prepare($bodytype, 3);if($bodytype=="[$$##]"){$bodytype="";}}
if(ISSET($transmission)){$transmission=xss_prepare($transmission, 2);if($transmission=="[$$##]"){$transmission="";}}
if(ISSET($make)){$make=xss_prepare($make, 3);if($make=="[$$##]"){$make="";}}
if(ISSET($model)){$model=xss_prepare($model, 3);if($model=="[$$##]"){$model="";}}
if(ISSET($modtext)){$modtext=xss_prepare($modtext, 3);if($modtext=="[$$##]"){$modtext="";}}
if(ISSET($derivative)){$derivative=xss_prepare($derivative, 3);if($derivative=="[$$##]"){$derivative="";}}
if(ISSET($calemail)){$calemail=xss_prepare($calemail, 4);if($calemail=="[$$##]"){Header("Location: /sitemap.php");}}
if(ISSET($tagfind)){$tagfind=xss_prepare($tagfind, 3);if($tagfind=="[$$##]"){Header("Location: /sitemap.php");}}
if(ISSET($prid)){$prid=xss_prepare($prid, 3);if($prid=="[$$##]"){Header("Location: /sitemap.php");}}
if(ISSET($cmsr)){$cmsr=xss_prepare($cmsr, 3);if($cmsr=="[$$##]"){$cmsr="";}}
if(ISSET($height)){$height=xss_prepare($height, 1);if($height=="[$$##]"){$height=350;}}
if(ISSET($width)){$width=xss_prepare($width, 3);if($width=="[$$##]"){$width=584;}}
if(ISSET($TB_iframe)){$TB_iframe=xss_prepare($TB_iframe, 2);if($TB_iframe=="[$$##]"){$TB_iframe="true";}}
if(ISSET($register)){$register=xss_prepare($register, 1);if($register=="[$$##]"){$register=1;}}
if(ISSET($uname)){$uname=xss_prepare($uname, 4);if($uname=="[$$##]"){$uname="";}}
if(ISSET($pword)){$pword=xss_prepare($pword, 3);if($pword=="[$$##]"){$pword="";}}
if(ISSET($vehicle)){$vehicle=xss_prepare($vehicle, 2);if($vehicle=="[$$##]"){$vehicle="car";}}
if(ISSET($type)){$type=xss_prepare($type, 2);if($type=="[$$##]"){$type="business";}}
if(ISSET($budget)){$budget=xss_prepare($budget, 5);if($budget=="[$$##]"){$budget="";}}
if(ISSET($emissions)){$emissions=xss_prepare($emissions, 2);if($emissions=="[$$##]"){$emissions="";}}
if(ISSET($doors)){$doors=xss_prepare($doors, 1);if($doors=="[$$##]"){$doors="";}}
if(ISSET($fuel)){$fuel=xss_prepare($fuel, 2);if($fuel=="[$$##]"){$fuel="";}}
if(ISSET($vgredirect)){$vgredirect=xss_prepare($vgredirect, 3);if($vgredirect=="[$$##]"){$vgredirect="";}}
if(ISSET($bodystyle)){$bodystyle=xss_prepare($bodystyle, 2);if($bodystyle=="[$$##]"){$bodystyle="";}}
if(ISSET($monthly)){$monthly=xss_prepare($monthly, 1);if($monthly=="[$$##]"){$monthly="0";}}
if(ISSET($busmonthly)){$busmonthly=xss_prepare($busmonthly, 7);if($busmonthly=="[$$##]"){$busmonthly="0";}}
if(ISSET($permonthly)){$permonthly=xss_prepare($permonthly, 7);if($permonthly=="[$$##]"){$permonthly="0";}}
if(ISSET($funder)){$funder=xss_prepare($funder, 1);if($funder=="[$$##]"){$funder="0";}}
if(ISSET($initialpayment)){$initialpayment=xss_prepare($initialpayment, 1);if($initialpayment=="[$$##]"){$initialpayment="6";}}
if(ISSET($httpreferrer)){$httpreferrer=xss_prepare($httpreferrer, 3);if($httpreferrer=="[$$##]"){$httpreferrer="";}}
if(ISSET($term)){$term=xss_prepare($term, 1);if($term=="[$$##]"){$term="48";}}
if(ISSET($mileage)){$mileage=xss_prepare($mileage, 1);if($mileage=="[$$##]"){$mileage="10000";}}
if(ISSET($maintenance)){$maintenance=xss_prepare($maintenance, 2);if($maintenance=="[$$##]"){$maintenance="No";}}
if(ISSET($lo)){$lo=xss_prepare($lo, 4);if($lo=="[$$##]"){$lo="";}}
if(ISSET($spid)){$lo=xss_prepare($spid, 1);if($spid=="[$$##]"){$spid="0";}}
//if(ISSET($_SESSION["MYACCOUNT"])){$_SESSION["MYACCOUNT"]=xss_prepare($_SESSION["MYACCOUNT"], 1);if($_SESSION["MYACCOUNT"]=="[$$##]"){Header("Location: /logout.php");}}
if(ISSET($submitted)){$submitted=xss_prepare($submitted, 1);if($submitted=="[$$##]"){$submitted="0";}}
if(ISSET($jback)){$jback=xss_prepare($jback, 1);if($jback=="[$$##]"){$jback="0";}}
if(ISSET($srmessage)){$srmessage=xss_prepare($srmessage, 1);if($srmessage=="[$$##]"){$srmessage="0";}}
if(ISSET($showid)){$showid=xss_prepare($showid, 1);if($showid=="[$$##]"){$showid="0";}}
if(ISSET($varoptions)){$varoptions=xss_prepare($varoptions, 2);if($varoptions=="[$$##]"){$varoptions="";}}
?>
if(ISSET($cmsr))
{//cmsr comes from htaccess redirect so we pull out cms_pn (file name) from cms based on redirect name - hence why redirect name can not be duplicated
if(ISSET($gparentnav))
{//this means it is a sub sub menu
//echo "SELECT DISTINCT cms_nav, cms_sub FROM cms WHERE cms_redirect='" . $cmsr . "' LIMIT 1
";
//die();
// echo "SELECT DISTINCT cms_nav, cms_sub FROM cms WHERE cms_redirect='" . $cmsr . "' and cms_nav>0 AND cms_sub>0 LIMIT 1
";
$result = mysqli_query($link,"SELECT DISTINCT cms_nav, cms_sub FROM cms WHERE cms_redirect='" . $cmsr . "' and cms_nav>0 AND cms_sub>0 AND cms_location=$udlocation LIMIT 1");
if(mysqli_num_rows($result) > 0) {while ( $row = mysqli_fetch_array($result) ){$cmsnav=$row["cms_nav"]; $cmssub=$row["cms_sub"];}}else{$cmsnav=0;$cmssub=0;}
//echo "SELECT DISTINCT cms_id FROM cms WHERE cms_redirect='" . $gparentnav . "' and cms_nav=" . $cmsnav . "
";
$tresult = mysqli_query($link,"SELECT DISTINCT cms_id FROM cms WHERE cms_redirect='" . $gparentnav . "' and cms_nav=" . $cmsnav . " AND cms_location=$udlocation LIMIT 1");
if(mysqli_num_rows($tresult) > 0)
{
while ( $trow = mysqli_fetch_array($tresult) )
{
if(ISSET($parentnav))
{
//echo "SELECT DISTINCT cms_id FROM cms WHERE cms_redirect='" . $parentnav . "' and cms_nav=" . $row["cms_nav"] . " LIMIT 1
";
$tresult = mysqli_query($link,"SELECT DISTINCT cms_id FROM cms WHERE cms_redirect='" . $parentnav . "' and cms_nav=" . $cmsnav . " AND cms_location=$udlocation LIMIT 1");
if(mysqli_num_rows($tresult) > 0) {while ( $trow = mysqli_fetch_array($tresult) ){$cmsrparent=" AND cms_nav=" . $cmsnav . " AND cms_sub=" . $cmssub. "";}}else{$cmsrparent=" AND (cms_nav=0 AND cms_sub=0)";}
}
//$cmsrparent=" AND cms_nav=" . $row["cms_nav"] . " AND cms_sub=" . $row["cms_sub"]. "";
}
}else{$cmsrparent=" AND (cms_nav=0 AND cms_sub=0)";}
}
else if(ISSET($parentnav))
{
//echo "2. SELECT DISTINCT cms_nav, cms_sub FROM cms WHERE cms_redirect='" . $cmsr . "' and cms_nav>0 LIMIT 1
";
$result = mysqli_query($link,"SELECT DISTINCT cms_nav, cms_sub FROM cms WHERE cms_redirect='" . $cmsr . "' and cms_nav>0 and cms_navmain=0 AND cms_location=$udlocation LIMIT 1");
if(mysqli_num_rows($result) > 0) {while ( $row = mysqli_fetch_array($result) ){$cmsnav=$row["cms_nav"]; $cmssub=$row["cms_sub"];}}else{$cmsnav=254780;$cmssub=0;}
//echo "SELECT DISTINCT cms_id FROM cms WHERE cms_redirect='" . $parentnav . "' and cms_nav=" . $cmsnav . " LIMIT 1";
$result = mysqli_query($link,"SELECT DISTINCT cms_id FROM cms WHERE cms_redirect='" . $parentnav . "' and cms_nav=" . $cmsnav . " and cms_sub=" . $cmssub . " AND cms_location=$udlocation LIMIT 1");
if(mysqli_num_rows($result) > 0) {while ( $row = mysqli_fetch_array($result) ){$cmsrparent=" AND cms_nav=" . $cmsnav . " AND cms_sub=" . $cmssub. "";}}else{$cmsrparent=" AND (cms_nav=254780 AND cms_sub=0)";}
}
else
{
//$cmsrparent=" AND (cms_nav=0 AND cms_sub=0)";
//echo "3. SELECT DISTINCT cms_nav, cms_sub, cms_navmain FROM cms WHERE cms_redirect='" . $cmsr . "' and cms_nav>0 LIMIT 1
";
$result = mysqli_query($link,"SELECT DISTINCT cms_nav, cms_sub, cms_navmain FROM cms WHERE cms_redirect='" . $cmsr . "' and cms_nav>0 AND cms_location=$udlocation LIMIT 1");
if(mysqli_num_rows($result) > 0) {while ( $row = mysqli_fetch_array($result) ){$cmsnavmain=$row["cms_navmain"];$cmsnav=$row["cms_nav"]; $cmssub=$row["cms_sub"];}}else{$cmsnav=0;$cmssub=0;}
if($cmsnavmain==0){$cmsrparent=" AND (cms_nav=0 AND cms_sub=0)";}else{$cmsrparent=" AND cms_nav=$cmsnav";}
//echo "$cmsnav - $cmssub
";
}
//echo "SELECT DISTINCT cms_pn, cms_id FROM cms WHERE cms_redirect='" . $cmsr . "'" . $cmsrparent . " LIMIT 1";
$result = mysqli_query($link,"SELECT DISTINCT cms_pn, cms_id FROM cms WHERE cms_redirect='" . $cmsr . "'" . $cmsrparent . " AND cms_location=$udlocation LIMIT 1");
if(mysqli_num_rows($result) > 0)
{
while ( $row = mysqli_fetch_array($result) )
{
$pnv=$row["cms_pn"];$pnvc=strtoupper($row["cms_pn"]);$cmsid=$row["cms_id"];//we set pnv and pnvc. pnv is used within the page if user is paginating for example. pnvc is used to get page details
}
}
else
{//if nothing is found in the database then we assume that pnv has been set directly - perhaps for pagination purposes
//check to see if a wrong redirect
$result = mysqli_query($link,"SELECT DISTINCT cms_nav, cms_sub FROM cms WHERE cms_redirect='" . $cmsr . "' AND cms_location=$udlocation LIMIT 1");
if(mysqli_num_rows($result) > 0) { while ( $row = mysqli_fetch_array($result) ){$cmsnav=$row["cms_nav"];$cmssub=$row["cms_sub"];}}
if(ISSET($pnv)){$pnvc=strtoupper($pnv);}else{$pnvc="SOBORNOST"; }//if not set then
header("HTTP/1.0 404 Not Found"); //don't find anything and redirect as 404
//Header("Location: /sitemap.php", true, 301);
$result = mysqli_query($link,"SELECT DISTINCT cms_pn FROM cms WHERE cms_id=194 LIMIT 1");
if(mysqli_num_rows($result) > 0)
{//pull out site map stuff now
while ( $row = mysqli_fetch_array($result) )
{
$pnv=$row["cms_pn"];$pnvc=strtoupper($row["cms_pn"]);$cmsid=$preconfigureid;//we set pnv and pnvc. pnv is used within the page if user is paginating for example. pnvc is used to get page details
}
}
}
}
else if(ISSET($preconfigureid))
{//if cmsr is not set then page is likely to be preconfigured so lets pull out the pre-configured page info
$result = mysqli_query($link,"SELECT DISTINCT cms_pn, cms_id FROM cms WHERE cms_pc_value='" . $preconfigureid . "' AND cms_location=$udlocation LIMIT 1");
if(mysqli_num_rows($result) > 0)
{
while ( $row = mysqli_fetch_array($result) )
{
$pnv=$row["cms_pn"];$pnvc=strtoupper($row["cms_pn"]);$cmsid=$row["cms_id"];//we set pnv and pnvc. pnv is used within the page if user is paginating for example. pnvc is used to get page details
}
}
else
{//if nothing is found in the database then we assume that pnv has been set directly - perhaps for pagination purposes
if(ISSET($pnv)){$pnvc=strtoupper($pnv);}else{$pnvc="SOBORNOST"; }//just a catch all if db calls back with nothing
}
}
else
{//cmsr is not set nor is preconfigureid so we check if pnv is set and if so pull out pnvc or default to error page
if(ISSET($pnv)){$pnvc=strtoupper($pnv);}else{$pnvc="SOBORNOST";}
}
switch($pnvc)
{//pnvc is always set by this point so find page
case "SOBORNOST":
{
//this means that pnv is not set so we pull out the default page - this should be the homepage! If no default found pulls out our hardcoded default page - sobornost_inc.php
$result = mysqli_query($link,"SELECT DISTINCT cms_pn, cms_id FROM cms WHERE cms_default=1 AND cms_location=$udlocation ORDER BY cms_id DESC LIMIT 1");
if(mysqli_num_rows($result) > 0)
{while ( $row = mysqli_fetch_array($result) ){$pn=strtoupper($row["cms_title"]); $ptv=$row["cms_pn"];$pn="HOME";$cmsid=$row["cms_id"];}}else{$pn="HOME"; $ptv="sobornost_inc";}
break;
}
default:
{
//otherwise pnv is set and we must pull out the relevant page - catchall is left in if pnv is not found we show sobornost_inc.php
$result = mysqli_query($link,"SELECT DISTINCT cms_pn, cms_pageid, cms_id FROM cms WHERE cms_pn='" . strtolower($pnv) . "' AND cms_location=$udlocation LIMIT 1");
if(mysqli_num_rows($result) > 0)
{while ( $row = mysqli_fetch_array($result) ){$pn=strtoupper($row["cms_pageid"]); $ptv=$row["cms_pn"];$cmsid=$row["cms_id"];}}else{$pn="HOME"; $ptv="sobornost_inc";}
$break;
}
}
//$pn=dynamicontent($pn, $_GET, $_POST, 1); //check to see if pn is dynamic variable - will have [[ and ]] in it. THEN MAKE IT DYNAMIC!
$testoutput.="Page ID: $pn
File Name: $ptv";
?>bot