All mysql_-statments replaced by their corresponding mysqli_-statements
[cacert-devel.git] / pages / wot / 13.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 if(array_key_exists('location',$_REQUEST) && $_REQUEST['location'] != "") {
20 if(intval($_REQUEST['location']) == 0)
21 {
22 $bits = explode(",", $_REQUEST['location']);
23
24 $loc = trim(mysqli_real_escape_string($_SESSION['mconn'], $bits['0']));
25 $reg = ''; if(array_key_exists('1',$bits)) $reg=trim(mysqli_real_escape_string($_SESSION['mconn'], $bits['1']));
26 $ccname = ''; if(array_key_exists('2',$bits)) $ccname=trim(mysqli_real_escape_string($_SESSION['mconn'], $bits['2']));
27 $query = "select `locations`.`id` as `locid` from `locations`, `regions`, `countries` where
28 `locations`.`name` like '$loc%' and `regions`.`name` like '$reg%' and `countries`.`name` like '$ccname%' and
29 `locations`.`regid`=`regions`.`id` and `locations`.`ccid`=`countries`.`id`
30 order by `locations`.`name` limit 1";
31 $res = mysqli_query($_SESSION['mconn'], $query);
32 if($reg != "" && $ccname == "" && mysqli_num_rows($res) <= 0)
33 {
34 $query = "select `locations`.`id` as `locid` from `locations`, `regions`, `countries` where
35 `locations`.`name` like '$loc%' and `countries`.`name` like '$reg%' and
36 `locations`.`regid`=`regions`.`id` and `locations`.`ccid`=`countries`.`id`
37 order by `locations`.`name` limit 1";
38 $res = mysqli_query($_SESSION['mconn'], $query);
39 }
40 if(mysqli_num_rows($res) <= 0)
41 die("Unable to find suitable location");
42
43 $row = mysqli_fetch_assoc($res);
44 $_REQUEST['location'] = $row['locid'];
45 }
46
47 $locid = intval($_REQUEST['location']);
48 $query = "select * from `locations` where `id`='$locid'";
49 $res = mysqli_query($_SESSION['mconn'], $query);
50 if(mysqli_num_rows($res) > 0)
51 {
52 $loc = mysqli_fetch_assoc($res);
53 $_SESSION['profile']['ccid'] = $loc['ccid'];
54 $_SESSION['profile']['regid'] = $loc['regid'];
55 $_SESSION['profile']['locid'] = $loc['id'];
56 $query = "update `users` set `locid`='$loc[id]', `regid`='$loc[regid]', `ccid`='$loc[ccid]' where `id`='".$_SESSION['profile']['id']."'";
57 mysqli_query($_SESSION['mconn'], $query);
58 echo "<p>"._("Your location has been updated")."</p>\n";
59 } else {
60 echo "<p>"._("I was unable to match your location with places in my database.")."</p>\n";
61 }
62 }
63
64 $query = "select `name` from `locations` where `id`='".$_SESSION['profile']['locid']."'";
65 $res = mysqli_query($_SESSION['mconn'], $query);
66 $loc = mysqli_fetch_assoc($res);
67 $query = "select `name` from `regions` where `id`='".$_SESSION['profile']['regid']."'";
68 $res = mysqli_query($_SESSION['mconn'], $query);
69 $reg = mysqli_fetch_assoc($res);
70 $query = "select `name` from `countries` where `id`='".$_SESSION['profile']['ccid']."'";
71 $res = mysqli_query($_SESSION['mconn'], $query);
72 $cc = mysqli_fetch_assoc($res);
73 ?>
74 <script language="javascript" src="/ac.js"></script>
75 <script language="javascript">
76 <!--
77 function oncomplete() {
78 document.f.submit();
79 }
80 // -->
81 </script>
82 <p><?=_("Please enter your town or suburb name, followed by region or state or province and then the country (please separate by commas)")?><br />
83 <?=_("eg Sydney, New South Wales, Australia")?></p>
84 <p><?=_("This is an AJAX form which depends heavily on javascript for auto-complete functionality and while it will work without javascript the usability will be heavily degraded.")?></p>
85 <p><?=sprintf(_("Your current location is set as: %s"), "$loc[name], $reg[name], $cc[name]")?></p>
86 <form name="f" action="wot.php" method="post">
87 <input type='hidden' name='id' value='13' />
88 <table>
89 <tr>
90 <td align=right valign=middle><?=_("Location:")?></td>
91 <td><input autocomplete="off" type="text" id="location" name="location" value="" size="50" /> <?=_("(hit enter to submit)")?></td>
92 </tr>
93 </table>
94
95 </form>
96 <script language="javascript">
97 <!--
98 var ac1 = new AC('location', 'location', oncomplete);
99 ac1.enable_unicode();
100 document.f.location.focus();
101 // -->
102 </script>