', $string); $string = str_replace ('&', '&', $string); $string = str_replace (' ', ' ', $string); $string = stripslashes($string); return $string; } function myrssclean_string ($string, $maxchars=16500) { $space = array(" ","
","
","
","
","\r\n","\r","\n","\t","\v"); $tags = array("applet","meta","xml","blink","link","style","script","embed","object","iframe","frame","frameset","ilayer","layer","bgsound","title","base"); $string = myrssunhtmlspecialchars($string); $string = str_replace($space, ' ', $string); $string = str_replace("&039;", ' ', $string); foreach ($tags as $tag) { $string = preg_replace("@<".$tag."[^>]*?>.*?@si", "", $string); } $string = preg_replace('#[\x00-\x1F\"\']#i',"",$string); $string = preg_replace('#[\x7F-\xFF\"\']#i',"",$string); $string = strip_tags($string); $string = stripslashes($string); $string = ereg_replace("[^[:blank:][:alnum:]\+,;.!:$%&@?/)(_-]", " ", $string); $string = preg_replace('/\s+/'," ",$string); $string = trim($string); $words = explode(" ",$string); $string = array(); $single_chars = array("+",",",";",".","!",":","$","%","&","@","?","/",")","(","_","-"); foreach ($words as $word) { foreach ($single_chars as $single_char) { $pattern = "/\\".$single_char."+/"; $word = preg_replace("$pattern",$single_char,$word); } if (strlen($word)==1 && !preg_match('/^[aAiIxX\+\-]/',$word)) continue; $string[]=$word; } $string = implode(" ",$string); // array to string $maxchars = (strlen($string)>$maxchars) ? $maxchars : strlen($string); $string = substr($string,0,$maxchars); $string = implode(" ",explode(" ",$string,str_word_count($string)-1)); return $string; } function getSqlNumber($sqlQuery) { $query=@mysql_query($sqlQuery); $result=@mysql_num_rows($query); @mysql_free_result($query); return $result; } function getSqlRow($query) { $result = mysql_query($query) or die(mysql_error()); $row = mysql_fetch_array($result); mysql_free_result($result); return $row; } function getSqlField($sqlQuery,$field) { $isQuery = getSqlNumber($sqlQuery); $query = @mysql_query($sqlQuery) or die (mysql_error()."
INVALID QUERY: ".$sqlQuery); if ($isQuery>0) { $result=@mysql_result($query,0,$field); } else $result="n/a"; @mysql_free_result($query); return $result; } function main_category($category_id) { (int) $result = 0; if ($category_id > 0) { $main_category = $category_id; while ($main_category > 0) { $result = $main_category; $main_category = getSqlField("SELECT name FROM " . DB_PREFIX . "categories WHERE category_id='" . $main_category . "'", 'name'); } } return $main_category; } ### Data Cleaning Functions function remSpecialChars($string) { $string = stripslashes($string); $string = eregi_replace("'","'",$string); $string = eregi_replace('"','"',$string); return $string; } function addSpecialChars($string, $noQuotes = FALSE) { $string = eregi_replace("&","&",$string); if (!$noQuotes) $string = eregi_replace("'","'",$string); $string = eregi_replace('"','"',$string); $string = eregi_replace('<','<',$string); $string = eregi_replace('>','>',$string); $string = eregi_replace(' ',' ',$string); return $string; } ### Category Function function get_path($node) { global $db; $path = array(); $row = $db->get_sql_row("SELECT parent_id,name FROM " . DB_PREFIX . "categories WHERE category_id='".$node."'"); if ($row['parent_id']>0) { $path[] = $row['name']; $path = array_merge(get_path($row['parent_id']), $path); } return $path; } ### Definitions if ($_GET["owner"]!="all") { $owner = $_GET["owner"]; $user = getSqlRow("SELECT user_id, username FROM probid_users WHERE username = '".mysql_escape_string($_GET['owner'])."'"); if (!$user) { echo "\n"; echo "\n"; echo "\n"; echo ""; echo "\n"; echo "".$setts['site_path']."\n"; echo "\n"; echo "\n"; echo "".$setts['site_path']."images/probidlogo.gif\n"; echo "\n"; echo "".$setts['site_path']."\n"; echo "\n"; echo "en-us\n"; echo "\n"; echo "\n"; echo "\n"; die(); } else { $query = "SELECT * FROM probid_auctions WHERE active=1 and closed=0 AND deleted!=1 AND owner_id=".$user['user_id']." ORDER BY start_time DESC LIMIT 8"; } } else { $owner = 'all'; $query = "SELECT * FROM probid_auctions WHERE active=1 and closed=0 AND deleted!=1 AND owner_id>0 ORDER BY start_time DESC LIMIT 8"; } ### Build Feed $auctionstofeed = mysql_query("$query"); $result = mysql_fetch_array($auctionstofeed); $storename = getSqlField("SELECT shop_name FROM probid_users WHERE user_id='".$result['owner_id']."'","shop_name"); $storedesc = getSqlField("SELECT shop_about FROM probid_users WHERE user_id='".$result['owner_id']."'","shop_about"); $storeimg = getSqlField("SELECT shop_logo_path FROM probid_users WHERE user_id='".$result['owner_id']."'","shop_logo_path"); if ($result) { // $photo = getSqlNumber("SELECT 1 FROM probid_auction_media WHERE auction_id='".$result['auction_id']."'"); // $feedback = user_pics($result['owner_id'],true); // $rept = calc_reputation($result['owner_id']); // $reputation_output ->calc_reputation(30); echo "\n"; echo "\n"; echo "\n"; echo ""; echo "\n"; echo "".$setts['site_path']."\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "".$setts['site_path']."\n"; echo "\n"; echo "en-us\n"; echo "\n"; do { $auction_cat = get_path($result['category_id']); $auction_cata = $db->implode_array($auction_cat); $auction_cata = addSpecialChars($auction_cata); $auction_cata = main_category($result['category_id']); $photo = getSqlNumber("SELECT media_id FROM probid_auction_media WHERE auction_id='".$result['auction_id']."'"); $user = getSqlField("SELECT username FROM probid_users WHERE user_id='".$result['owner_id']."'","username"); $country = getSqlField("SELECT name FROM probid_countries WHERE id='".$result['country']."'","name"); if ($photo) { $photodetails = getSqlRow("SELECT * FROM probid_auction_media WHERE auction_id='".$result['auction_id']."' LIMIT 1"); $acer = $setts['site_path']."thumbnail.php?pic=".$photodetails['media_url']."&w=100&sq=Y&b=Y"; } else { $acer = $setts['site_path']."thumbnail.php?pic=".$setts['site_path']."images/noimg.gif&w=100&sq=Y&b=Y"; } echo "\n"; echo "".$result['start_time']."\n"; if ($result['buyout_price']) { echo "".addSpecialChars($result['name'])."
Seller: ".$user." ".$result['currency']." ".$result['start_price']."
Category: ".$auction_cata."
Buy Now | Add to watch list]]>\n"; } else { echo "".addSpecialChars($result['name'])."
Seller: ".$user." ".$result['currency']." ".$result['start_price']."
Category: ".$auction_cata."
Bid now | Add to watch list]]>\n"; } echo "\n"; } while ($result = mysql_fetch_array($auctionstofeed)); echo "\n"; echo "\n"; die(); } else { echo "\n"; echo "\n"; echo "\n"; echo ""; echo "\n"; echo "".$setts['site_path']."\n"; echo "\n"; echo "\n"; echo "".$setts['site_path']."images/probidlogo.gif\n"; echo "\n"; echo "".$setts['site_path']."\n"; echo "\n"; echo "en-us\n"; echo "\n"; echo "\n"; echo "\n"; } ?>