// Clean vars $clean = array('catid', 'brandid', 'startnumber'); foreach ($clean as $var) { $_GET[$var] = $_REQUEST[$var] = (int)$_REQUEST[$var]; } $path="../"; include($path."includes/header.inc.php"); $db = new sql(); $page_title = 'Browse'; if ($_REQUEST['catid'] != "" && is_numeric($_REQUEST['catid']) && $_REQUEST['catid'] != 0) { $db->query('SELECT `name` FROM `categories` WHERE `id` = "'.intval($_REQUEST['catid']).'"'); if($db->num_rows() > 0) { $row = $db->fetch_array(); $page_title = stripslashes($row['name']); $description = $page_title.' - Jelli - Representing Europe\'s finest designer children\'s wear'; $keywords = $page_title; } } elseif ($_REQUEST['brandid'] != "" && is_numeric($_REQUEST['brandid']) && $_REQUEST['brandid'] != 0) { $db->query('SELECT `name` FROM `brands` WHERE `id` = "'.intval($_REQUEST['brandid']).'"'); if($db->num_rows() > 0) { $row = $db->fetch_array(); $page_title = stripslashes($row['name']); $description = $page_title.' - Jelli - Representing Europe\'s finest designer children\'s wear'; $keywords = $page_title; } } $page='browse'; // $description=''; // $keywords=''; include($path.'templates/header.html.php'); $browse_query = "SELECT DISTINCT items.id from items LEFT JOIN items_brands ON items_brands.item_id = items.id LEFT JOIN items_categories ON items_categories.item_id = items.id LEFT JOIN item_ages ON item_ages.item_id = items.id WHERE 1"; if($_REQUEST['catid'] != "" && is_numeric($_REQUEST['catid']) && $_REQUEST['catid'] != 0) { $browse_query .= " AND items_categories.cat_id = '$_REQUEST[catid]'"; } if($_REQUEST['brandid'] != "" && is_numeric($_REQUEST['brandid']) && $_REQUEST['brandid'] != 0) { $browse_query .= " AND items_brands.brand_id = '$_REQUEST[brandid]'"; } if($_REQUEST['sexid'] != "" && in_array($_REQUEST['sexid'], array("m", "f", "u", "c"))) { $browse_query .= " AND (items.sex = '$_REQUEST[sexid]' OR items.sex='u')"; } if($_REQUEST['ageid'] != "" && is_numeric($_REQUEST['ageid']) && $_REQUEST['ageid'] != 0) { $browse_query .= " AND item_ages.age_id = '$_REQUEST[ageid]'"; } if(isset($_REQUEST['sale']) && $_REQUEST['sale'] == "on") { $browse_query .= " AND items.price_original > items.price"; } if(isset($_REQUEST['s'])) { $search = clean_db($_REQUEST['s']); $browse_query .= " AND CONCAT(items.name, ' ', items.description) LIKE '%".$search."%'"; } $browse_query .= " AND items.hidden = '0' "; if(isset($_REQUEST['sort'])) { switch($_REQUEST['sort']): case("hl"): $browse_query .= " ORDER BY `price` DESC"; break; case("lh"): $browse_query .= " ORDER BY `price` ASC"; break; case("new"): $browse_query .= " ORDER BY `id` DESC"; break; endswitch; } else { $browse_query .= " ORDER BY `src_added` DESC"; } $limit = MAX_PER_PAGE; $startno = 0; $limit_query = ''; $show_all = false; if($_REQUEST['startnumber'] == 'a') { $show_all = true; } if(isset($_REQUEST['startnumber']) && is_numeric($_REQUEST['startnumber']) && $_REQUEST['startnumber'] >= 0) { $startno = $_REQUEST['startnumber'] -1; if($startno < 0) $startno = 0; $startno = $startno * $limit; $limit_query = " LIMIT $startno, $limit"; } $browse = new sql(); $browse->query($browse_query.$limit_query); ?>