// get matching ads
//if ($_REQUEST[county]=='Armstrong') {
//$ads = '';
//$ads .= '';
//} else {
/*include_once('/var/db/db.connect.news.php');
include_once('/var/www/html/cars.triblive.com/inc/func.sql_cache.php');*/
include('/www/db/db.connect.php');
include('/www/db/db.connect.classifieds.php');
$_GET = array_map('strip_tags', $_GET);
$_GET = array_map('cleanHex', $_GET);
$_POST = array_map('strip_tags', $_POST);
$_POST = array_map('cleanHex', $_POST);
$_POST = array_map('mysql_real_escape_string',$_POST);
$_GET = array_map('mysql_real_escape_string',$_GET);
$_POST = array_map('cleanSQL',$_POST);
$_GET = array_map('cleanSQL',$_GET);
function cleanHex($input){
$clean = $input;
$clean = preg_replace("![\][xX]([A-Fa-f0-9]{1,3})!", "",$clean);
return $clean;
}
function cleanSQL($input){
$clean = $input;
$clean=stripslashes($clean);
$clean=htmlentities($clean);
$clean=strip_tags($clean);
$clean=mysql_real_escape_string($clean);
return $clean;
}
echo "";
if (is_numeric($_GET['county'])){
$ads="";
foreach($ad_results as $row){
$ads.="";
}#end foreach
$ads.="";
} else {
$ads="
To view Armstrong Sheriff Sale listings you will need Adobe Acrobat Reader.
Sorry, no results in $_REQUEST[county] County for \"$_POST[keyword]\"
"; $ads.=""; } else { $select="SELECT ad_text FROM sherrifsales WHERE county='$_GET[county]'"; if($_POST[keyword]) $where=" AND MATCH (ad_text) AGAINST ('$_POST[keyword]' IN BOOLEAN MODE)"; $orderby=" ORDER BY order_by"; $sql=$select.$where.$orderby; $ad_results=mysql_query_cached($sql); if($ad_results[0]!="") $count=count($ad_results); // get header & footer for results $sql="SELECT content,field FROM sherrifsale_info WHERE county='$_REQUEST[county]'"; $result=mysql_query_cached($sql); echo mysql_error(); foreach($result as $row) { $details[$row[field]]=$row[content]; } // if results, create put them into the $ads variable if($count>0) { $ads="$count results in $_REQUEST[county] County"; if($_POST[keyword]) $ads.=" for \"$_POST[keyword]\""; $ads.="
"; $ads.="$details[header]
$row[ad_text]
$details[footer]
Sorry, no results in $_REQUEST[county] County for \"$_POST[keyword]\"
"; $ads.=""; } } //} ?>