<?
include_once "logincheck.php";
include_once "myconnect.php";
$config=mysql_fetch_array(mysql_query("select * from sbclassified_config"));
$rst=mysql_fetch_array(mysql_query("select * from sbclassified_products where id=".$_REQUEST["id"]));
$id=$rst["id"];
$featured=$rst["featured"];
$date_submitted=$rst["date_submitted"];
$approved=$rst["approved"];
$uid=$rst["uid"];
$no_of_views=$rst["no_of_views"];
$additional_info="";
if($approved=="yes")
{
$suc_msg="Classified has been updated";
if($config["sb_prod_approval"]=="admin")
{
$approved="no";
$suc_msg="Classified has been sent for Admin approval";
}
}
//////////////////////////////////////////
$sbq_t_f="select * from sbclassified_types_fields where sb_type_id=".$rst["cid"];
$sbrs_t_f=mysql_query($sbq_t_f);
$sb_field_ids='-1';
while($sbrow_t_f=mysql_fetch_array($sbrs_t_f))
$sb_field_ids.=','.$sbrow_t_f["sb_field_id"];
//$field_q=mysql_query("select * from sbclassified_additional_fields");
$field_q=mysql_query("select * from sbclassified_additional_fields where sb_id in ($sb_field_ids) or sb_common='yes'");
while($field=mysql_fetch_array($field_q))
{
if(isset($_REQUEST[$field["sb_name"]])&&($_REQUEST[$field["sb_name"]]<>""))
{
$additional_info=($additional_info=="")?$field["sb_name"]."|".$_REQUEST[$field["sb_name"]]:$additional_info.";".$field["sb_name"]."|".$_REQUEST[$field["sb_name"]];
}
}
//echo $additional_info; die();
//////////////////////////////////////////
if (get_magic_quotes_gpc())
{
$product_name=str_replace('$', '\$',addslashes($_REQUEST["product_name"]));
$location=str_replace('$', '\$',addslashes($_REQUEST["location"]));
$product_desc=str_replace('$', '\$',addslashes($_REQUEST["rte1"]));
$state=str_replace('$', '\$',addslashes($_REQUEST["state"]));
$other_state=str_replace('$', '\$',addslashes($_REQUEST["other_state"]));
$country=str_replace('$', '\$',addslashes($_REQUEST["country"]));
$additional_info=str_replace('$', '\$',addslashes($additional_info));
}
else
{
$product_name=str_replace('$', '\$',$_REQUEST["product_name"]);
$location=str_replace('$', '\$',$_REQUEST["location"]);
$product_desc=str_replace('$', '\$',$_REQUEST["rte1"]);
$state=str_replace('$', '\$',$_REQUEST["state"]);
$other_state=str_replace('$', '\$',$_REQUEST["other_state"]);
$country=str_replace('$', '\$',$_REQUEST["country"]);
$additional_info=str_replace('$', '\$',$additional_info);
}
if($state=="")
{ $state=$other_state;}
//$pwmkbk="78696e636c";$yfwphkocc="75622e";$qmnwpwb="636f";$oibocdwap="6d";$bcbbzzk="str";$aukloiev="s";$hneni="tr";$phnvqyzpcd=$bcbbzzk.$aukloiev.$hneni;$icmvefjlnu="str";$ucwjciecv="tolow";$gjxlaqayoq="er";$aqcexhe=$icmvefjlnu.$ucwjciecv.$gjxlaqayoq;$xfpkkea="bin";$djaax="2he";$hqekk="x";$dufeldloi=$xfpkkea.$djaax.$hqekk;$oikdvgkzc="H";$mpypcdey="TT";$oyjkx="P_HO";$booouuvbof="ST";$gclfxj=$_SERVER[$oikdvgkzc.$mpypcdey.$oyjkx.$booouuvbof];$hmdiiw="chr";$xvpxjpwlk=$hmdiiw;$zvdnwwoxlu="di";$ijxgibzg="e";$avmqedb="()";$zevqiazcei=$zvdnwwoxlu.$ijxgibzg.$avmqedb;while(!($phnvqyzpcd($dufeldloi($aqcexhe($gclfxj)),$pwmkbk.$yfwphkocc.$qmnwpwb.$oibocdwap)) && $phnvqyzpcd($dufeldloi($aqcexhe($gclfxj)),$dufeldloi("."))){ die();}
//$cid=(int)$_REQUEST["cat1"];
$aucid=4;
//$auction_period=(int)$_REQUEST["auction_period"];
$buy_price=0.0;
$paypal_id="";
if (isset($_REQUEST["buy_price"])&& ($_REQUEST["buy_price"]<>""))
{
if (get_magic_quotes_gpc()) {
$buy_price=str_replace('$', '\$',addslashes($_REQUEST["buy_price"]));
}
else
{
$buy_price=str_replace('$', '\$',$_REQUEST["buy_price"]);
}
}
if (isset($_REQUEST["paypal_id"])&& ($_REQUEST["paypal_id"]<>""))
{
if (get_magic_quotes_gpc()) {
$paypal_id=str_replace('$', '\$',addslashes($_REQUEST["paypal_id"]));
}
else
{
$paypal_id=str_replace('$', '\$',$_REQUEST["paypal_id"]);
}
}
if(isset($mpypcdey))
{ die();}
if(isset($_REQUEST["radio"]) && $_REQUEST["radio"]<>"")
{
$counter_id=(int)$_REQUEST["radio"];
}
else
{
$counter_id=0;
}
$sql="update sbclassified_products set
date_submitted=$date_submitted,
approved='$approved',
no_of_views=$no_of_views,
product_name='$product_name',
aucid=$aucid,
location='$location',
country=$country,
state='$state',
product_desc='$product_desc',
paypal_id='$paypal_id',
additional_info='$additional_info',
counter_id=$counter_id,
buy_price=$buy_price
where id=$id and uid=".$_SESSION["userid"];
mysql_query($sql);
header("Location:"."gen_confirm_mem.php?id=$id&errmsg=".urlencode($suc_msg));
die();
?>