<?
/******************************************************************************
DSB: Dating Site Builder
===============================================================================
File:                       search_process.php
File Version:               2.0
Software by:                Etown21 (http://www.etown21.com)
Copyright by:               Etown21 (http://www.etown21.com)
Support at:                 http://www.etown21.com/forum
*******************************************************************************
* See the "softwarelicense.txt" file for details of the DSB license.          *
******************************************************************************/

session_cache_limiter('nocache');
session_start();
require_once("includes/templates.inc.php");
require_once("includes/site_functions.inc.php");
require_once("includes/vars.inc.php");
db_connect(_DBHOSTNAME_,_DBUSERNAME_,_DBPASSWORD_,_DBNAME_,_PCONN_);
// check_login_member();

$topass=array();
$message="";
$_SESSION['foundmembers']='';
$_SESSION['foundads']='';
if (isset($_REQUEST['searchtype']) && !empty($_REQUEST['searchtype'])) {
	$searchtype=addslashes_mq($_REQUEST['searchtype'],true);
	$from="accounts b LEFT JOIN user_details a ON b.user_id=a.fk_user_id LEFT JOIN user_settings c ON b.user_id=c.fk_user_id";
	$where="c.hide_me<>1 AND b.status="._STATUSACTIVE_;
	if ($searchtype=='quick') {
		$guestval="";
		if (isset($_REQUEST['guestval'])) {
			$guestval=addslashes_mq($_REQUEST['guestval']);
		}
		// check_login_member(_GUESTLEVEL_);
		$gender=addslashes_mq($_REQUEST['gender']);
		if (($gender!=_ANY_) && ($gender!=_NDISCLOSED_)) {
			$where.=" AND a.gender='$gender'";
		}
		$age_min=addslashes_mq($_REQUEST['age_min']);
		$age_max=addslashes_mq($_REQUEST['age_max']);
		$where.=" AND a.birthdate BETWEEN (now()-INTERVAL ".($age_max+1)." YEAR) AND (now()-INTERVAL $age_min YEAR)";
		$looking_for=addslashes_mq($_REQUEST['looking_for']);
		if (($looking_for!=_ANY_) && ($looking_for!=_NDISCLOSED_)) {
			$where.=" AND (a.looking_for='$looking_for' OR a.looking_for='"._ANY_."')";
		}
		$connection=addslashes_mq($_REQUEST['connection']);
		if (($connection!=_ANY_) && ($connection!=_NDISCLOSED_)) {
			$where.=" AND (a.connection='$connection' OR a.connection='"._ANY_."')";
		}
		$country=addslashes_mq($_REQUEST['country']);
		if (($country!=_ANY_) && ($country!=_NDISCLOSED_)) {
			$where.=" AND a.country='$country'";
		}
		if ($country==1) {
			if (isset($_REQUEST['zip']) && !empty($_REQUEST['zip'])) {
				$zip=addslashes_mq($_REQUEST['zip']);
				if ($mycoords=get_zip_coords($zip)) {
					$max_distance=addslashes_mq($_REQUEST['max_distance']);
					$from.=" LEFT JOIN zipcodes d ON a.zip=d.zipcode";
					// 60*1.1515=69.09
					$where.=" AND (69.09*DEGREES(ACOS(SIN(RADIANS(".$mycoords[0]."))*SIN(RADIANS(d.latit))+COS(RADIANS(".$mycoords[0]."))*COS(RADIANS(d.latit))*COS(RADIANS(".$mycoords[1]."-d.longit)))))<=$max_distance";
				} else {
					trigger_error($_messages['core'][155],E_USER_ERROR);
				}
			}
		}
		if ($fields['users_state'][0]) {
			$state=isset($_REQUEST['state']) ? addslashes_mq($_REQUEST['state']) : _ANY_;
			if (($state!=_ANY_) && ($state!=_NDISCLOSED_) && isset($accepted_states[$country][$state])) {
				$where.=" AND a.state='$state'";
			}
		}
		if (isset($_REQUEST['city']) && !empty($_REQUEST['city'])) {
			$where.=" AND LOWER(a.city)='".strtolower(addslashes_mq($_REQUEST['city'],true))."'";
		}
		if (isset($_REQUEST['have_photo']) && !empty($_REQUEST['have_photo'])) {
			$where.=" AND a.photo<>''";
		}
		if (isset($_REQUEST['savesearch'])) {
			$query2="SELECT count(*) FROM user_seeking WHERE fk_user_id='".$_SESSION['user_id']."'";
			if (!($res=@mysql_query($query2))) {trigger_error(mysql_error(),E_USER_ERROR);}
			if (mysql_result($res,0,0)) {
				$query2="UPDATE user_seeking SET gender='$gender',connection='$connection',age_min='$age_min',age_max='$age_max',country='$country',state='$state' WHERE fk_user_id='".$_SESSION['user_id']."'";
			} else {
				$query2="INSERT INTO user_seeking SET fk_user_id='".$_SESSION['user_id']."',gender='$gender',connection='$connection',age_min='$age_min',age_max='$age_max',country='$country',state='$state'";
			}
			if (!($res=@mysql_query($query2))) {trigger_error(mysql_error(),E_USER_ERROR);}
			$message=$_messages['core'][156];
		}
	} elseif ($searchtype=="quickzip") {
		$access_level=_GUESTLEVEL_;
		$zip=addslashes_mq($_REQUEST['zip']);
		$max_distance=addslashes_mq($_REQUEST['max_distance']);
		if (isset($_REQUEST['zip']) && !empty($_REQUEST['zip'])) {
			$zip=addslashes_mq($_REQUEST['zip']);
			if ($mycoords=get_zip_coords($zip)) {
				$from.=" LEFT JOIN zipcodes d ON a.zip=d.zipcode";
				// 60*1.1515=69.09
				$where.=" AND (69.09*DEGREES(ACOS(SIN(RADIANS(".$mycoords[0]."))*SIN(RADIANS(d.latit))+COS(RADIANS(".$mycoords[0]."))*COS(RADIANS(d.latit))*COS(RADIANS(".$mycoords[1]."-d.longit)))))<=$max_distance";
			} else {
				trigger_error($_messages['core'][155],E_USER_ERROR);
			}
		} else {
			$topass['message']=$_messages['core'][157];
			redirect2page("index.php",$topass);
		}
	} elseif ($searchtype=="name") {
		check_login_member($access_matrix['search_name'][0]);
		if (isset($_REQUEST['name'])) {
			$name=addslashes_mq($_REQUEST['name']);
		}
		if (strlen($name)<3) {
			$topass=array('message'=>$_messages['core'][158]);
			redirect2page('search_basic.php',$topass);
		}
		if (strstr($name,'%') || strstr($name,'?') || strstr($name,'\'') || strstr($name,'"')) {
			$topass=array('message'=>$_messages['core'][159]);
			redirect2page('search_basic.php',$topass);
		}
		if (isset($name) && !empty($name)) {
			$where.=" AND a.name LIKE '%$name%'";
		}
	} elseif ($searchtype=="browse") {
		$gender=addslashes_mq($_REQUEST['gender']);
		$where.=" AND a.gender='$gender'";
	} elseif ($searchtype=="ethnic") {
		check_login_member($access_matrix['search_ethnic'][0]);
		if (isset($_REQUEST['ethnic'])) {
			$ethnic=addslashes_mq($_REQUEST['ethnic']);
			$where.=" AND a.ethnic='$ethnic'";
		}
	} elseif ($searchtype=="zodiac") {
		check_login_member($access_matrix['search_zodiac'][0]);
		if (isset($_REQUEST['zodiac'])) {
			$zodiac=addslashes_mq($_REQUEST['zodiac']);
			$zdays=array_keys($zodiac_days,$zodiac);
			$joined_zdays=join("','",$zdays);
			$where.=" AND DAYOFYEAR(a.birthdate) IN ('$joined_zdays')";
		}
	} elseif ($searchtype=="recent") {
		check_login_member($access_matrix['search_basic'][0]);
		if (isset($_REQUEST['showgender']) && !empty($_REQUEST['showgender'])) {
			$gendcat=addslashes_mq($_REQUEST['showgender']);
			$where.=" AND a.gender='$gendcat'";
		}
		$inlasthowmany='0';
		if (isset($_REQUEST['howmanydays']) && !empty($_REQUEST['howmanydays'])) {
			$inlasthowmany=addslashes_mq($_REQUEST['howmanydays']);
		}
		$where.=" AND b.joindate>=now()-INTERVAL '$inlasthowmany' DAY";
	} elseif ($searchtype=="advanced") {
		$update_query="";
		check_login_member($access_matrix['search_advanced'][0]);
		$gender=addslashes_mq($_REQUEST['gender']);
		if (($gender!=_ANY_) && ($gender!=_NDISCLOSED_)) {
			$where.=" AND a.gender='$gender'";
			$update_query.="gender='$gender'";
		} else {
			$update_query.="gender="._ANY_;
		}
		$age_min=addslashes_mq($_REQUEST['age_min']);
		$age_max=addslashes_mq($_REQUEST['age_max']);
		$where.=" AND a.birthdate BETWEEN (now()-INTERVAL ".($age_max+1)." YEAR) AND (now()-INTERVAL $age_min YEAR)";
		$update_query.=",age_min='$age_min',age_max='$age_max'";
		$looking_for=addslashes_mq($_REQUEST['looking_for']);
		if (($looking_for!=_ANY_) && ($looking_for!=_NDISCLOSED_)) {
			$where.=" AND (a.looking_for='$looking_for' OR a.looking_for='"._ANY_."')";
			$update_query.=",looking_for='$looking_for'";
		} else {
			$update_query.=",looking_for="._ANY_;
		}
		$connection=addslashes_mq($_REQUEST['connection']);
		if (($connection!=_ANY_) && ($connection!=_NDISCLOSED_)) {
			$where.=" AND (a.connection='$connection' OR a.connection='"._ANY_."')";
			$update_query.=",connection='$connection'";
		} else {
			$update_query.=",connection="._ANY_;
		}
		$country=addslashes_mq($_REQUEST['country']);
		if (($country!=_ANY_) && ($country!=_NDISCLOSED_)) {
			$where.=" AND a.country='$country'";
			$update_query.=",country='$country'";
		} else {
			$update_query.=",country="._ANY_;
		}
		if ($fields['users_state'][0]) {
			$state=isset($_REQUEST['state']) ? addslashes_mq($_REQUEST['state']) : _ANY_;
			if (($state!=_ANY_) && ($state!=_NDISCLOSED_) && isset($accepted_states[$country][$state])) {
				$where.=" AND a.state='$state'";
				$update_query.=",state='$state'";
			} else {
				$update_query.=",state="._ANY_;
			}
		} else {
			$update_query.=",state="._ANY_;
		}
		if ($fields['users_city'][0]) {
			if (isset($_REQUEST['city']) && !empty($_REQUEST['city'])) {
				$city=strtolower(addslashes_mq($_REQUEST['city'],true));
				$where.=" AND LOWER(a.city)='$city'";
				$update_query.=",city='$city'";
			} else {
				$update_query.=",city=''";
			}
		} else {
			$update_query.=",city=''";
		}
		if ($fields['users_height'][0]) {
			$height_min=addslashes_mq($_REQUEST['height_min']);
			$height_max=addslashes_mq($_REQUEST['height_max']);
			$where.=" AND a.height BETWEEN '$height_min' AND '$height_max'";
			$update_query.=",height_min='$height_min',height_max='$height_max'";
		} else {
			$update_query.=",height_min="._ANY_.",height_max="._ANY_;
		}
		if ($fields['users_weight'][0]) {
			$weight_min=addslashes_mq($_REQUEST['weight_min']);
			$weight_max=addslashes_mq($_REQUEST['weight_max']);
			$where.=" AND a.weight BETWEEN '$weight_min' AND '$weight_max'";
			$update_query.=",weight_min='$weight_min',weight_max='$weight_max'";
		} else {
			$update_query.=",weight_min="._ANY_.",weight_max="._ANY_;
		}
		if ($fields['users_looks'][0] && $_REQUEST['looks']!=_ANY_) {
			$looks=addslashes_mq($_REQUEST['looks']);
			$where.=" AND a.looks='$looks'";
			$update_query.=",looks='$looks'";
		} else {
			$update_query.=",looks="._ANY_;
		}
		if ($fields['users_ethnic'][0] && $_REQUEST['ethnic']!=_ANY_) {
			$ethnic=addslashes_mq($_REQUEST['ethnic']);
			$where.=" AND a.ethnic='$ethnic'";
			$update_query.=",ethnic='$ethnic'";
		} else {
			$update_query.=",ethnic="._ANY_;
		}
		if ($fields['users_body'][0] && $_REQUEST['body']!=_ANY_) {
			$body=addslashes_mq($_REQUEST['body']);
			$where.=" AND a.body='$body'";
			$update_query.=",body='$body'";
		} else {
			$update_query.=",body="._ANY_;
		}
		if ($fields['users_hair'][0] && $_REQUEST['hair']!=_ANY_) {
			$hair=addslashes_mq($_REQUEST['hair']);
			$where.=" AND a.hair='$hair'";
			$update_query.=",hair='$hair'";
		} else {
			$update_query.=",hair="._ANY_;
		}
		if ($fields['users_eyes'][0] && $_REQUEST['eyes']!=_ANY_) {
			$eyes=addslashes_mq($_REQUEST['eyes']);
			$where.=" AND a.eyes='$eyes'";
			$update_query.=",eyes='$eyes'";
		} else {
			$update_query.=",eyes="._ANY_;
		}
		if ($fields['users_maritalstatus'][0] && $_REQUEST['marital']!=_ANY_) {
			$maritalstatus=addslashes_mq($_REQUEST['marital']);
			$where.=" AND a.maritalstatus='$maritalstatus'";
			$update_query.=",maritalstatus='$maritalstatus'";
		} else {
			$update_query.=",maritalstatus="._ANY_;
		}
		if ($fields['users_children'][0] && $_REQUEST['children']!=_ANY_) {
			$children=addslashes_mq($_REQUEST['children']);
			$where.=" AND a.children='$children'";
			$update_query.=",children='$children'";
		} else {
			$update_query.=",children="._ANY_;
		}
		if ($fields['users_profession'][0] && $_REQUEST['profession']!=_ANY_) {
			$profession=addslashes_mq($_REQUEST['profession']);
			$where.=" AND a.profession='$profession'";
			$update_query.=",profession='$profession'";
		} else {
			$update_query.=",profession="._ANY_;
		}
		if ($fields['users_education'][0] && $_REQUEST['education']!=_ANY_) {
			$education=addslashes_mq($_REQUEST['education']);
			$where.=" AND a.education='$education'";
			$update_query.=",education='$education'";
		} else {
			$update_query.=",education="._ANY_;
		}
		if ($fields['users_religion'][0] && $_REQUEST['religion']!=_ANY_) {
			$religion=addslashes_mq($_REQUEST['religion']);
			$where.=" AND a.religion='$religion'";
			$update_query.=",religion='$religion'";
		} else {
			$update_query.=",religion="._ANY_;
		}
		if ($fields['users_smoking'][0] && $_REQUEST['smoking']!=_ANY_) {
			$smoking=addslashes_mq($_REQUEST['smoking']);
			$where.=" AND a.smoking='$smoking'";
			$update_query.=",smoking='$smoking'";
		} else {
			$update_query.=",smoking="._ANY_;
		}
		if ($fields['users_drinking'][0] && $_REQUEST['drinking']!=_ANY_) {
			$drinking=addslashes_mq($_REQUEST['drinking']);
			$where.=" AND a.drinking='$drinking'";
			$update_query.=",drinking='$drinking'";
		} else {
			$update_query.=",drinking="._ANY_;
		}
		if ($fields['users_partying'][0] && $_REQUEST['partying']!=_ANY_) {
			$partying=addslashes_mq($_REQUEST['partying']);
			$where.=" AND a.partying='$partying'";
			$update_query.=",partying='$partying'";
		} else {
			$update_query.=",partying="._ANY_;
		}
		if ($fields['users_sexpractices'][0] && $_REQUEST['sexpractices']!=_ANY_) {
			$sexpractices=addslashes_mq($_REQUEST['sexpractices']);
			$where.=" AND a.sexpractices='$sexpractices'";
			$update_query.=",sexpractices='$sexpractices'";
		} else {
			$update_query.=",sexpractices="._ANY_;
		}
		if (isset($_REQUEST['have_photo']) && !empty($_REQUEST['have_photo'])) {
			$where.=" AND a.photo<>''";
			$update_query.=",have_photo=1";
		} else {
			$update_query.=",have_photo="._ANY_;
		}
		if ($_REQUEST['zodiac']!=_ANY_) {
			$zodiac=addslashes_mq($_REQUEST['zodiac']);
			$zdays=array_keys($zodiac_days,$zodiac);
			$joined_zdays=join("','",$zdays);
			$where.=" AND DAYOFYEAR(a.birthdate) IN ('$joined_zdays')";
		}
		if ($_REQUEST['reading']!=_ANY_) {
			$reading=addslashes_mq($_REQUEST['reading']);
			$where.=" AND a.reading='$reading'";
			$update_query.=",reading='$reading'";
		} else {
			$update_query.=",reading="._ANY_;
		}
		if ($_REQUEST['rellength']!=_ANY_) {
			$rellength=addslashes_mq($_REQUEST['rellength']);
			$where.=" AND a.rellength='$rellength'";
			$update_query.=",rellength='$rellength'";
		} else {
			$update_query.=",rellength="._ANY_;
		}
		if ($_REQUEST['sleptwith']!=_ANY_) {
			$sleptwith=addslashes_mq($_REQUEST['sleptwith']);
			$where.=" AND a.sleptwith='$sleptwith'";
			$update_query.=",sleptwith='$sleptwith'";
		} else {
			$update_query.=",sleptwith="._ANY_;
		}
		if ($_REQUEST['drugviews']!=_ANY_) {
			$drugviews=addslashes_mq($_REQUEST['drugviews']);
			$where.=" AND a.drugviews='$drugviews'";
			$update_query.=",drugviews='$drugviews'";
		} else {
			$update_query.=",drugviews="._ANY_;
		}
		if ($_REQUEST['marriageviews']!=_ANY_) {
			$marriageviews=addslashes_mq($_REQUEST['marriageviews']);
			$where.=" AND a.marriageviews='$marriageviews'";
			$update_query.=",marriageviews='$marriageviews'";
		} else {
			$update_query.=",marriageviews="._ANY_;
		}
		if ($_REQUEST['seriousrel']!=_ANY_) {
			$seriousrel=addslashes_mq($_REQUEST['seriousrel']);
			$where.=" AND a.seriousrel='$seriousrel'";
			$update_query.=",seriousrel='$seriousrel'";
		} else {
			$update_query.=",seriousrel="._ANY_;
		}
		if (isset($_REQUEST['savesearch'])) {
			$query2="SELECT count(*) FROM user_seeking WHERE fk_user_id='".$_SESSION['user_id']."'";
			if (!($res=@mysql_query($query2))) {trigger_error(mysql_error(),E_USER_ERROR);}
			if (mysql_result($res,0,0)) {
				$query2="UPDATE user_seeking SET $update_query WHERE fk_user_id='".$_SESSION['user_id']."'";
			} else {
				$query2="INSERT INTO user_seeking SET fk_user_id='".$_SESSION['user_id']."',$update_query";
			}
			if (!($res=@mysql_query($query2))) {trigger_error(mysql_error(),E_USER_ERROR);}
			$message=$_messages['core'][156];
			unset($_REQUEST['savesearch']);	// need this so it won't be propagated in QUERY_STRING
		}
	}
	// start processing the query
	$offset=(isset($_REQUEST['offset'])) ? (addslashes_mq($_REQUEST['offset'])) : ($offset=0);
	$results=(isset($_REQUEST['results']) && !empty($_REQUEST['results'])) ? addslashes_mq($_REQUEST['results']) : ($results=_RESULTS_);

	$guestlimit=0;
	$users=array();
	if ((!isset($_SESSION['user_id']) || empty($_SESSION['user_id']))) {
		$guestlimit=get_site_option('guestlimit');
		if (!empty($guestlimit)) {
			$query="SELECT a.fk_user_id FROM $from WHERE $where ORDER BY b.last_visit DESC";
			if (!($res=@mysql_query($query))) {trigger_error(mysql_error(),E_USER_ERROR);}
			for ($i=0;$i<mysql_num_rows($res);$i++) {
				if ($i==$guestlimit) {
					break;
				} else {
					$users[]=mysql_result($res,$i,0);
				}
			}
			$limited_users=join("','",$users);
			$where="a.fk_user_id IN ('$limited_users')";
			$message=$_messages['core'][160].$guestlimit." ".$_messages['core'][161].". ".$_messages['core'][162];
		}
	}

	$query="SELECT a.fk_user_id FROM $from WHERE $where ORDER BY b.last_visit DESC LIMIT $offset,$results";

// die($query);

	if (!($res=@mysql_query($query))) {trigger_error(mysql_error(),E_USER_ERROR);}
	$users=array();
	for ($i=0;$i<mysql_num_rows($res);$i++) {
		$users[]=mysql_result($res,$i,0);
	}

	$query="SELECT count(a.fk_user_id) FROM $from WHERE $where";
	if (!($res=@mysql_query($query))) {trigger_error(mysql_error(),E_USER_ERROR);}
	$totalrows=mysql_result($res,0,0);

	$_SESSION['link_back']="search_process.php?".array2qs(array_merge($_POST,$_GET));
	$tpl=new phemplate(_TPLPATH_.get_my_template().'/','remove_nonjs');
	$tpl->set_file('middlecontent','member_list.html');
	$foundmembers=array();
	if (!empty($totalrows)) {
		$foundmembers=userlist_tpl_array($users);
		$tpl->set_var('relative_path',$relative_path);
		$tpl->set_var('imagesurl',_THUMBSURL_);
		$tpl->set_var('pager1',create_pager($from,$where,$offset,$results));
		$tpl->set_var('pager2',create_pager($from,$where,$offset,$results));
	} else {
		$tpl->set_var('no_members_found',$_messages['core'][164]);
	}
	$tpl->set_loop('foundmembers',$foundmembers);
	$tpl->set_var('totalrows',$totalrows);
	$tpl->set_var('list_title',$_messages['core'][163]);
	$middle_content=$tpl->process('','middlecontent',TPL_FINISH | TPL_INCLUDE | TPL_LOOP);

	$title=$_messages['core'][165];
	include('content_left.php');
	include('content_right.php');
	include('content_frame.php');
}
?>