$val){ $_POST[$key]=mysql_escape_string($val); } //print_r($_POST); switch($_REQUEST['action']){ case "prop_search": prop_search($_REQUEST['info'], $_REQUEST['siteType']); break; case "get_prop_class": write_table('SELECT * FROM tblPropertyClasses where Description!="" and ClassID '.(($_POST[siteType]=='C')? 'not': '').' between 200 and 280 order by ClassID'); break; case "get_styles": write_table("SELECT * FROM tblBuildingStyles where Description!='' order by Description"); break; case "get_uses": write_table("SELECT DISTINCT UsedAsCd FROM tblComUse where UsedAsCd!='' order by UsedAsCd"); break; case "get_zones": write_table(' select ZoneCd as Description from sites where ZoneCd!="" and Swis in ("'.str_replace(',','","',$_POST[swis]).'") group by ZoneCd order by ZoneCd'); break; case "get_schools": write_table("SELECT * FROM tblSchools order by Description"); break; case "sales_search": sales_search($_REQUEST); break; case "sales_search_comm": sales_search_comm($_POST); break; case "get_com_use": com_use($_POST['swis'], $_POST['sbl']); break; } function prop_search($str,$type){ $sid=session_id(); $ip=$_SERVER["REMOTE_ADDR"]; $r=mysql_fetch_row(mysql_query("SELECT uid from drupal.sessions where sid='$sid' AND hostname='$ip'")); $user=$r[0]; $info=get_table($str); $a=$info[0]; /*if($a['num'] == 'undefined' or $a['num'] == 'Number') { $a['num'] = ''; }*/ mysql_query("insert into `usage` (userid, Num, Name, Ext, Zip, Swis) values ('$user', '$a[num]', '$a[street]', '$a[ext]', '$a[zip]', '$a[SWIS]')"); //print_r($info); $pm=new PropertyManager(); //print $pm->BruteForceSearch($info[0]); $sql=$pm->check_how_many($info[0],$type); //print $sql; $result = mysql_query($sql); $res=mysql_fetch_row($result); /*if($res[0] == 0 && $a['num']) { $info[0]['num'] = ''; $res=mysql_fetch_row(mysql_query($pm->check_how_many($info[0],$type))); }*/ if($res[0]<250){ $sql = $pm->BruteForceSearch($info[0],$type); //echo $sql; write_table($sql); } else{ print "ERROR"; } } function sales_search(&$post){ $sid=session_id(); $ip=$_SERVER["REMOTE_ADDR"]; $r=mysql_fetch_row(mysql_query("SELECT uid from drupal.sessions where sid='$sid' AND hostname='$ip'")); $user=$r[0]; $info=get_table($post[ranges]); $num = str_replace('||', ' - ', $info[0]['number']); mysql_query("insert into `usage` (userid, Num, Name, Swis) values ('$user', '$num', '$post[street]', '$post[swis]')"); //$str_post = serialize($post); //mysql_query("insert into investigate (user_id, data) values ('$user','$str_post')"); $pm=new PropertyManager(); if($post['searchType']=='sales'){ $pm->joinsales=true; } $sql=$pm->check_how_many_sales($post); //prop_log('sales_search: '. $sql); //print $sql; $result = mysql_query($sql); //prop_log('error: '. mysql_error()); //$res=mysql_num_rows($result); $res = mysql_fetch_array($result); $res = $res[0]; //print mysql_error(); //print $res[0]. 'hey'; if($res<250){ //print $pm->SalesSearch($post); write_table($pm->SalesSearch($post)); }else{ print "ERROR"; } } function sales_search_comm(&$post){ $sid=session_id(); $ip=$_SERVER["REMOTE_ADDR"]; $r=mysql_fetch_row(mysql_query("SELECT uid from drupal.sessions where sid='$sid' AND hostname='$ip'")); $user=$r[0]; $info=get_table($post[ranges]); $num = str_replace('||', ' - ', $info[0]['number']); mysql_query("insert into `usage` (userid, Num, Name, Swis) values ('$user', '$num', '$post[street]', '$post[swis]')"); $pm=new PropertyManager(); if($post['searchType']=='sales'){ $pm->joinsales=true; } $sql=$pm->check_how_many_sales_com($post); //print $sql; if($sql){ $res=mysql_query($sql); prop_log($sql); prop_log(mysql_error()); if(mysql_num_rows($res)<250){ //$s = $pm->SalesSearchCom($post); //print_r($_POST); //print $s; write_table($sql); }else{ print "ERROR"; } } } function com_use($swis,$sbl){ $sql="select * from tblComUse where Swis='$swis' and SBL='$sbl' and SalesParcelInd='P'"; write_table($sql); }