Paste2.org - Viewing Paste D0B9b9hw

<?
include_once("configure.php");
include_once("check_msg_function.php");
include_once "language.php";
function RTESafe($strText) {
//returns safe code for preloading in the RTE
$tmpString = trim($strText);
//convert all types of single quotes
$tmpString = str_replace(chr(145), chr(39), $tmpString);
$tmpString = str_replace(chr(146), chr(39), $tmpString);
$tmpString = str_replace("'", "'", $tmpString);
//convert all types of double quotes
$tmpString = str_replace(chr(147), chr(34), $tmpString);
$tmpString = str_replace(chr(148), chr(34), $tmpString);
// $tmpString = str_replace("\"", "\"", $tmpString);
//replace carriage returns & line feeds
$tmpString = str_replace(chr(10), " ", $tmpString);
$tmpString = str_replace(chr(13), " ", $tmpString);
return $tmpString;
}
$errcnt=0;
if(count($_POST)<>0) //IF SOME FORM WAS POSTED DO VALIDATION
{
/////////---getting config---------
$esq_con='select * from esb2b_config where es_id=1';
$esrow_con=mysql_fetch_array(mysql_query($esq_con));
$esq_gro='select * from esb2b_groups where es_memtype='.$_SESSION["esb2b_memtype"];
$esrow_gro=mysql_fetch_array(mysql_query($esq_gro));
/////////--------------getting information bout user's privious postings
$esq_off="select * from esb2b_offers_buy where es_uid=".$_SESSION["esb2b_userid"];
$esbuy_count=mysql_num_rows(mysql_query($esq_off));
//////////////////////////////////---------------------------
if( $esbuy_count >= $esrow_gro["es_buy_cnt"] )
{
echo "dhdhhdhhdhd";
?><script language="javascript" type="text/javascript">
location.href="<?=$domain_url?>/gen_confirm_mem.html?file=buy_offers&subfile=post_buy&err=post_offer_buy&errmsg=<?=urlencode(" $Sorry_some_error_occurred_and_unable_to_post_buy_offer;")?>">
</script>
<?
// header("Location: gen_confirm_mem.php?file=buy_offers&subfile=post_buy&err=post_offer_buy&errmsg=".urlencode("<? echo $Sorry_some_error_occurred_and_unable_to_post_buy_offer;"));
//die();
}
////////////////////--------------------
$es_cat_list=str_replace(";",",",$_REQUEST["category"]);
$cid_list=str_replace(";",",",$_REQUEST["cid"]);
$cat=explode(",",$cid_list);
// $cat_name=explode(",",$_REQUEST["category"]);
$es_title=$_REQUEST["es_title"];
$es_description=$_REQUEST["es_description"];
$es_quantity=$_REQUEST["es_quantity"];
$es_keywords=$_REQUEST["es_keywords"];
$key=explode(",",$es_keywords);
$es_price_cur_id=$_REQUEST["es_price_cur_id"];
$es_price=$_REQUEST["es_price"];
if( $cid_list == '' )
{
$errs[$errcnt]="$Atleast_one_Category_must_be_provided";
$errcnt++;
}
elseif(count($cat) > $esrow_gro["es_cat_cnt"])
{
$errs[$errcnt]="$Too_many_Categories_provided";
$errcnt++;
}
if ( strlen(trim($es_title)) == 0 )
{
$errs[$errcnt]="$Title_must_be_provided";
$errcnt++;
}
elseif(preg_match ("/[<>&]/", $es_title))
{
$errs[$errcnt]="$Title_can_not_have_any_special_character";
$errcnt++;
}
if ( strlen(trim($es_description)) == 0 )
{
$errs[$errcnt]="$Description_Must_be_provided";
$errcnt++;
}
elseif ( strlen(strip_tags($es_description)) > $esrow_con['es_description_length'] )
{
$errs[$errcnt]="$Description_length_must_not_exceed ".$esrow_con['es_description_length']." $characters";
$errcnt++;
}
elseif( $esrow_con["es_approval_type_offer"] == 'auto')
{
if ( check_msg($es_description,0) == 'yes' )
{
$errs[$errcnt]="$Description_must_not_contain_bad_words";
$errcnt++;
}
}
if ( !is_numeric($es_quantity) || ($es_quantity <= 0) )
{
$errs[$errcnt]="$Quantity_must_be_non_zero_positive_integer";
$errcnt++;
}
if ( strlen(trim($es_keywords)) == 0 )
{
$errs[$errcnt]="$Keywords_must_be_provided";
$errcnt++;
}
elseif(preg_match ("/[<>&]/", $es_keywords))
{
$errs[$errcnt]="$Keywords_can_not_have_any_special_character";
$errcnt++;
}
elseif(count($key) > $esrow_gro["es_keyword_cnt"])
{
$errs[$errcnt]="$Too_many_keywords_provided";
$errcnt++;
}
if ( !is_numeric($es_price_cur_id) || ($es_price_cur_id == 0) )
{
$errs[$errcnt]="$Price_currency_must_be_selected";
$errcnt++;
}
if ( !is_numeric($es_price) || ($es_price <= 0) )
{
$errs[$errcnt]="$Price_must_be_non_zero_positive_number";
$errcnt++;
}
if($errcnt==0)
{
if(!get_magic_quotes_gpc())
{
$es_title=str_replace("$","\$",addslashes($es_title));
$es_description=str_replace("$","\$",addslashes($es_description));
$es_quantity=str_replace("$","\$",addslashes($es_quantity));
$es_keywords=str_replace("$","\$",addslashes($es_keywords));
$logo=str_replace("$","\$",addslashes($logo));
}
else
{
$es_offer_type=str_replace("$","\$",$es_offer_type);
$es_title=str_replace("$","\$",$es_title);
$es_description=str_replace("$","\$",$es_description);
$es_quantity=str_replace("$","\$",$es_quantity);
$es_keywords=str_replace("$","\$",$es_keywords);
$logo=str_replace("$","\$",$logo);
}
$es_price_cur_id=(int)$es_price_cur_id;
$es_price=$es_price;
$es_postedon=date("YmdHis",time());
$es_approved='yes';
$es_uid=$_SESSION["esb2b_userid"];
// $es_expireson=;
// $esq_con='select * from esb2b_config where es_id=1';
// $esrow_con=mysql_fetch_array(mysql_query($esq_con));
if($esrow_con['es_approval_type_offer']=='auto')
{
$es_new='no';
$es_approved='yes';
$es_msg="$Your_buy_offer_has_been_posted_successfully";
}
else
{
$es_new='yes';
$es_approved='no';
$es_msg="$Your_buy_offer_has_been_sent_for_admin_approval";
}
$esqi_off="Insert into `esb2b_offers_buy` (es_uid, es_title, es_description, es_quantity, es_postedon, es_keywords, es_price_cur_id, es_price, es_approved, es_new) values ($es_uid, '$es_title', '$es_description', $es_quantity, $es_postedon, '$es_keywords', $es_price_cur_id, $es_price, '$es_approved', '$es_new')";
// die($esqi_off);
mysql_query($esqi_off);
if(!$logo=="")
{
$img_url=(string)$logo;
$esqi_off_img="Insert into `esb2b_offer_buy_images`(es_offer_id, es_img_url) values ($es_offer_id, '$img_url')";
mysql_query($esqi_off_img);
}
if(mysql_affected_rows()>0)
{
///-adding to categories
$esq_off="select max(es_id) as max_id from esb2b_offers_buy where 1";
$esrow_off=mysql_fetch_array(mysql_query($esq_off));
$es_offer_id=$esrow_off["max_id"];
foreach($cat as $es_value)
{
$esq_off_cat="select * from esb2b_offer_cats_buy where es_offer_id=$es_offer_id and es_cid=$es_value";
//echo $esq_off_cat;
// $esrs_off_cat=
if( mysql_num_rows(mysql_query($esq_off_cat)) > 0 )
continue; //skips if record already exists
$esqi_off_cat="insert into esb2b_offer_cats_buy (es_offer_id, es_cid) values ($es_offer_id, $es_value)";
mysql_query($esqi_off_cat);
///////////////////////////////////////////////////--------------------------
////////////////////////////////////-----------------------------------------
////--------mail to member/admin if approval is not auto
if($esrow_con['es_approval_type_offer']<>'auto')
{
//SENDING MAIL TO MEMBER////////////////////////
// $esq_res="select * from esrrs_resources where esres_id=$esres_id";
// $esrow_res=mysql_fetch_array(mysql_query($esq_res));
$esq_mem="select * from esb2b_members where es_id=".$_SESSION["esb2b_userid"];
$esrow_mem=mysql_fetch_array(mysql_query($esq_mem));
$rs_con=mysql_fetch_array(mysql_query("select * from esb2b_config where es_id=1"));
$es_null_char=$rs_con["es_null_char"];
$login_url=$rs_con["es_site_root"]."/signin.php";
// $esresource_url=$rs_con["essite_addr"]."/details_res.php?esres_id=$esres_id";
//Reads email to be sebt
$esq_mail="SELECT * FROM esb2b_mails where es_mailid=6";
$esrs_mail=mysql_query($esq_mail);
if ( $esrow_mail=mysql_fetch_array($esrs_mail) )
{
$from =$esrow_mail["es_fromid"];
$to = $esrow_mem["es_email"];
$subject =$esrow_mail["es_subject"];
$header="From:" . $from . "\r\n" ."Reply-To:". $from ;
$body=str_replace("%email%", $esrow_mem["es_email"],str_replace("%password%",$esrow_mem["es_password"],str_replace("%lname%", $esrow_mem["es_lastname"],str_replace("%fname%",$esrow_mem["es_firstname"],str_replace("%username%",$esrow_mem["es_username"], $esrow_mail["es_mail"]) ))));
$body=str_replace("%signup_url%",$es_null_char,str_replace("%login_url%",$login_url,$body));
$body=str_replace("%message_text%",$es_null_char,str_replace("%message_title%",$es_null_char,str_replace("%sender_username%",$es_null_char,str_replace("%message_date%",$es_null_char,$body))));
$body=str_replace("%visitor_name%",$es_null_char,$body);
$body=str_replace("%offer_title%",$es_title,str_replace("%offer_url%",$es_null_char,str_replace("%offer_id%",$es_null_char,$body)));
if(isset($esrow_mail["es_html_format"])&&($esrow_mail["es_html_format"]=="yes"))
{
$header .= "MIME-Version: 1.0\r\n";
$header .= "Content-type: text/html; charset=iso-8859-1\r\n";
// $body=str_replace("\n","%br%",$body);
}
// echo "--from:-$from----to:-$to---sub:-$subject----head:-$header----";
// echo "<pre>$body</pre>";
// die();
if( $esrow_mail["es_status"]=='yes')
mail($to,$subject,$body,$header);
}
//////////////////////////////////////////////////////////
///// Sending mail to admin
$rs0=mysql_fetch_array(mysql_query("select * from esb2b_config where es_id=1"));
//$login_url=$site_root[0]."/signinform.php";
//Reads email to be sebt
$esq_mail="SELECT * FROM esb2b_mails where es_mailid=7";
$esrs_mail=mysql_query($esq_mail);
if ( $esrow_mail=mysql_fetch_array($esrs_mail) )
{
$from =$esrow_mail["es_fromid"];
$to = $rs0["es_admin_email"];
$subject =$esrow_mail["es_subject"];
$header="From:" . $from . "\r\n" ."Reply-To:". $from ;
// $body=$rs["mail"];
$body=str_replace("%email%", $esrow_mem["es_email"],str_replace("%password%",$es_null_char,str_replace("%lname%", $esrow_mem["es_lastname"],str_replace("%fname%",$esrow_mem["es_firstname"],str_replace("%username%",$esrow_mem["es_username"], $esrow_mail["es_mail"]) ))));
$body=str_replace("%signup_url%",$es_null_char,str_replace("%login_url%",$login_url,$body));
$body=str_replace("%message_text%",$es_null_char,str_replace("%message_title%",$es_null_char,str_replace("%sender_username%",$es_null_char,str_replace("%message_date%",$es_null_char,$body))));
$body=str_replace("%visitor_name%",$es_null_char,$body);
$body=str_replace("%offer_title%",$es_title,str_replace("%offer_url%",$es_null_char,str_replace("%offer_id%",$es_null_char,$body)));
if(isset($esrow_mail["es_html_format"])&&($esrow_mail["es_html_format"]=="yes"))
{
$header .= "MIME-Version: 1.0\r\n";
$header .= "Content-type: text/html; charset=iso-8859-1\r\n";
// $body=str_replace("\n","%br%",$body);
}
// echo "--from:-$from----to:-$to---sub:-$subject----head:-$header----";
// echo "<pre>$body</pre>";
// die();
if( $esrow_mail["es_status"]=='yes')
mail($to,$subject,$body,$header);
}
} //end if approval <> 'auto'
elseif($esrow_con['es_approval_type_offer']=='auto')
{ //////-------mail to fav cats but if approval is auto 'coz otherwise it would be unapproved
// echo "----------hello----------";
$esq_mail="SELECT * FROM esb2b_mails where es_mailid=24";
$esrs_mail=mysql_query($esq_mail);
if ( ($esrow_mail=mysql_fetch_array($esrs_mail)) && ($esrow_mail['es_status']=='yes'))
{
////////----------getting full path ids
$cat_query=mysql_query("Select * from esb2b_categories where es_id in ($cid_list)");
$temp_cid_list=-1;
while ($rs=mysql_fetch_array($cat_query))
{
$temp_cid_list .=",".$rs["es_id"];
$cid=$rs["es_id"];
$cat_query1=mysql_query("Select * from esb2b_categories where es_id=" . $cid );
while ($rs1=mysql_fetch_array($cat_query1))
{
$temp_cid_list.="," .$rs1["es_id"];
$cat_query1=mysql_query("Select * from esb2b_categories where es_id=" . $rs1["es_pid"] );
}
}
$cid_list=$temp_cid_list;
//echo "<br>cats----".$temp_cid_list."----<br>";
//die();
//////-----------------------------------------
$rs_con=mysql_fetch_array(mysql_query("select * from esb2b_config where es_id=1"));
$es_null_char=$rs_con["es_null_char"];
$login_url=$rs_con["es_site_root"]."/signin.php";
$es_offer_url=$rs_con["es_site_root"]."/offers_buy.php?id=$es_offer_id&prod=buy";
// foreach($cat as $es_value)
// {
$esq3_cat="select * from esb2b_categories where es_id=$es_value";
$esrow3_cat=mysql_fetch_array(mysql_query($esq3_cat));
$es_cat_name=$esrow3_cat["es_cat_name"];
$esuser_id_list="-1";
$esq_fav_cat="select * from esb2b_fav_cats where es_type='buy' and cid in ($cid_list)";
//echo $esq_off_cat;
$esrs_fav_cat=mysql_query($esq_fav_cat);
while($esrow_fav_cat=mysql_fetch_array($esrs_fav_cat))
{
$esuser_id_list.=",".$esrow_fav_cat["mid"];
}
$esq3_mem="select * from esb2b_members where es_id in ($esuser_id_list)";
$esrs3_mem=mysql_query($esq3_mem);
while($esrow3_mem=mysql_fetch_array($esrs3_mem))
{ //send mail
//////---getting category name only first matching cat for a user
$esq1_fav_cat="select * from esb2b_fav_cats where cid in ($cid_list) and mid=".$esrow3_mem["es_id"];
//echo $esq_off_cat;
$esrs1_fav_cat=mysql_query($esq1_fav_cat);
$esrow_fav_cat=mysql_fetch_array($esrs1_fav_cat);
$esq4_cat="select * from esb2b_categories where es_id=".$esrow_fav_cat["cid"];
//echo $esq_off_cat;
$esrow4_cat=mysql_fetch_array(mysql_query($esq4_cat));
$es_cat_name=$esrow4_cat["es_cat_name"];
///////----------------------
$from =$esrow_mail["es_fromid"];
$to = $esrow3_mem["es_email"];
$subject =$esrow_mail["es_subject"];
$header="From:" . $from . "\r\n" ."Reply-To:". $from ;
$body=str_replace("%email%", $es_null_char,str_replace("%password%",$es_null_char,str_replace("%lname%", $esrow3_mem["es_lastname"],str_replace("%fname%",$esrow3_mem["es_firstname"],str_replace("%username%",$esrow3_mem["es_username"], $esrow_mail["es_mail"]) ))));
$body=str_replace("%signup_url%",$es_null_char,str_replace("%login_url%",$login_url,$body));
$body=str_replace("%message_text%",$es_null_char,str_replace("%message_title%",$es_null_char,str_replace("%sender_username%",$es_null_char,str_replace("%message_date%",$es_null_char,$body))));
$body=str_replace("%visitor_name%",$es_null_char,$body);
$body=str_replace("%offer_title%",$es_title,str_replace("%offer_url%",$es_offer_url,str_replace("%offer_id%",$es_offer_id,$body)));
$body=str_replace("%category%",$es_cat_name,$body);
if(isset($esrow_mail["es_html_format"])&&($esrow_mail["es_html_format"]=="yes"))
{
$header .= "MIME-Version: 1.0\r\n";
$header .= "Content-type: text/html; charset=iso-8859-1\r\n";
// $body=str_replace("\n","<br>",$body);
}
// echo "--from:-$from----to:-$to---sub:-$subject----head:-$header----";
// echo "<pre>$body</pre>";
// die();
if( $esrow_mail["es_status"]=='yes')
mail($to,$subject,$body,$header);
} //end while esrow3_mem
//////////////////////////////////////////////////////////
} // end if
//die();
} //end if approval == auto
///////////-----------------
//////////////////////////////////////////////-------------------------------
/////////////////////////////////////----------------------------------------
}
if($es_approved=="yes")
{
?><script language="javascript" type="text/javascript">
location.href="<?=$domain_url?>/gen_confirm_mem.html?file=buy_offers&es_type=2&id=<?=$es_offer_id?>&subfile=post_buy&errmsg=<?=urlencode($es_msg)?>";
</script>
<?
//header ("Location: gen_confirm_mem.html?file=buy_offers&subfile=post_buy&es_type=2&id=$es_offer_id&errmsg=".urlencode($es_msg));
}
else
{
?><script language="javascript" type="text/javascript">
location.href="<?=$domain_url?>/gen_confirm_mem.html?file=buy_offers&subfile=post_buy&errmsg=<?=urlencode($es_msg)?>";
</script>
<?
// header ("Location: gen_confirm_mem.html?file=buy_offers&subfile=post_buy&errmsg=".urlencode($es_msg));
}
//die();
}// if inserted
else
{
?><script language="javascript" type="text/javascript">
location.href="<?=$domain_url?>/gen_confirm_mem.html?file=buy_offers&subfile=post_buy&err=post_offer_buy&errmsg=<?=urlencode("$Sorry_some_error_occurred_and_unable_to_post_buy_offer")?>";
</script>
<?
// header("Location: gen_confirm_mem.html?file=buy_offers&subfile=post_buy&err=post_offer_buy&errmsg=".urlencode(" echo $Sorry_some_error_occurred_and_unable_to_post_buy_offer;"));
//die();
}
}// if no errors
}// if form posted
else
{
/////////---getting config---------
$esq_con='select * from esb2b_config where es_id=1';
$esrow_con=mysql_fetch_array(mysql_query($esq_con));
$esq_gro='select * from esb2b_groups where es_memtype='.$_SESSION["esb2b_memtype"];
$esrow_gro=mysql_fetch_array(mysql_query($esq_gro));
/////////--------------getting information bout user's privious postings
$esq_off="select * from esb2b_offers_buy where es_uid=".$_SESSION["esb2b_userid"];
$esbuy_count=mysql_num_rows(mysql_query($esq_off));
//////////////////////////////////---------------------------
if( $esbuy_count >= $esrow_gro["es_buy_cnt"] )
{
?><script language="javascript" type="text/javascript">
location.href="<?=$domain_url?>/gen_confirm_mem.html?file=buy_offers&subfile=post_buy&err=post_offer_buy&errmsg=<?=urlencode("$You_have_already_posted_maximum_allowed_buy_offers")?>";
</script>
<?
//header("Location: gen_confirm_mem.html?file=buy_offers&subfile=post_buy&err=post_offer_buy&errmsg=".urlencode("$You_have_already_posted_maximum_allowed_buy_offers"));
}
$cid_list='';
$es_cat_list='';
$es_title='';
$es_description='';
$es_quantity='';
$es_keywords='';
$es_price_cur_id='';
$es_price='';
}
function main ()
{
?>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td valign="top" bgcolor="#F1F1F1" style="width:180px;">
<? include($_SESSION['lang'].".php");
global $domain_url,$domain_url,$esbuy_count, $esrow_con, $esrow_gro, $errs, $errcnt, $cid_list, $es_cat_list, $es_title, $es_description, $es_quantity, $es_keywords, $es_price_cur_id, $es_price;
$showform="";
include "buy_left.php";
?>
</td>
<td>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="89%" valign="top" style="padding-left:10px; padding-right:10px;">
<table align="right" border="0" cellpadding="0" cellspacing="0" width="98%">
<tr><td> </td></tr>
<tr>
<td align="center">
<? ShowAdvertisement('468x60')?>
</td>
</tr>
<tr>
<td align="center"><br />
<table dwcopytype="CopyTableCell" border="0" cellpadding="0" cellspacing="0" width="100%">
<tr align="center">
<td align="right" valign="top"><?
if (count($_POST)>0)
{
$cid_list=$_POST["cid"];
$es_cat_list=$_POST["category"];
if ( $errcnt <> 0 )
{
?>
<table width="100%" border="0" align="center" cellpadding="2" cellspacing="0" class="errorstyle">
<tr>
<td colspan="2"><strong> <? echo "$Your_Request_cannot_be_processed_due_to_following_Reasons" ?></strong></td>
</tr>
<tr height="10">
<td colspan="2"></td>
</tr>
<?
for ($i=0;$i<$errcnt;$i++)
{
?>
<tr valign="top">
<td width="6%"> <?php echo $i+1;?></td>
<td width="94%"><?php echo $errs[$i]; ?></td>
</tr>
<?
}
?>
</table>
<?
}
}
if ($showform<>"No")
{
?>
<script language=JavaScript src='wysiwyg/scripts/innovaeditor.js'></script>
<script language="JavaScript">
function add_category()
{
if(document.form123.cats.value!=0)
{
var id=document.form123.cats.selectedIndex;
//////-------checking duplicate category
var cid_list=form123.cid.value.split(";");
var cnt=0;
var posted="no";
while(cnt<cid_list.length)
{
if(cid_list[cnt]==document.form123.cats.value)
{ posted="yes";}
cnt++;
}
if(posted=="yes")
{
alert('This category is already in the list');
return false;
}
//////-------end checking duplicate category
//////-------checking max no. of categories
var eslength;
if(document.form123.category.value == "")
eslength=0;
else
eslength=cid_list.length
if( eslength >= <?php echo $esrow_gro["es_cat_cnt"]; ?> )
{
alert("You can't choose more than <?php echo ($esrow_gro["es_cat_cnt"]==1)?$esrow_gro["es_cat_cnt"].' category':$esrow_gro["es_cat_cnt"].' categories'; ?>");
return false;
}
//////-------checking max no. of categories
if(document.form123.category.value=="")
{
document.form123.cid.value=document.form123.cats.value;
document.form123.category.value=document.form123.cats.options[id].text;
document.form123.category.focus();
document.form123.cats.selectedIndex=0;
}
else
{
document.form123.cid.value=document.form123.cid.value+";"+document.form123.cats.value;
document.form123.category.value=document.form123.category.value+";"+document.form123.cats.options[id].text;
document.form123.category.focus();
document.form123.cats.selectedIndex=0;
}
}
else
{
alert('Choose a Category to add');
}
}
function remove_category()
{
var s1=window.document.form123.category.value;
var s2=s1.split(";");
var i=0;
var id=document.form123.cats.selectedIndex;
var s3=document.form123.cats.options[id].text;
var id_list=document.form123.cid.value;
var id_split=id_list.split(";");
var rem_id=document.form123.cats.value;
window.document.form123.category.value="";
window.document.form123.cid.value="";
while(i<s2.length)
{
//alert('Checking '+s2[i]+' nnn with'+s3+' mm');
if(s3==s2[i])
{
//continue;
// alert('Removing'+s3);
}
else
{
if(document.form123.category.value=="")
{
document.form123.category.value=s2[i];
}
else
{
document.form123.category.value=document.form123.category.value+";"+s2[i];
}
}
if(rem_id==id_split[i])
{
//continue;
// alert('Removing'+s3);
}
else
{
if(document.form123.cid.value=="")
{
document.form123.cid.value=id_split[i];
}
else
{
document.form123.cid.value=document.form123.cid.value+";"+id_split[i];
}
}
i++;
}
//window.document.form123.related.value="";
//window.document.form123.rel_id.value="";
}
function validate_form(frm)
{
updateRTEs();
if(frm.cid.value=='')
{
alert('Please choose atleast one category');
frm.cats.focus();
return(false);
}
if(frm.es_title.value=='')
{
alert('Please specify Title');
frm.es_title.focus();
return(false);
}
else if(frm.es_title.value.match(/[&<>]+/))
{
alert("Please remove special characters from Title i.e. & < >");
frm.es_title.focus();
frm.es_title.select();
return(false);
}
if(frm.es_description.value=='')
{
alert('Please specify Description');
return(false);
}
if( isNaN(frm.es_quantity.value) || frm.es_quantity.value<=0)
{
alert('Please specify Quantity as a non-zero positive integer');
frm.es_quantity.focus();
frm.es_quantity.select();
return(false);
}
if(frm.es_keywords.value=='')
{
alert('Please specify Keywords');
frm.es_keywords.focus();
return(false);
}
else if(frm.es_keywords.value.match(/[&<>]+/))
{
alert("Please remove special characters from Keywords i.e. & < >");
frm.es_keywords.focus();
frm.es_keywords.select();
return(false);
}
else
{
var list=frm.es_keywords.value.split(",");
if( list.length > <?php echo $esrow_gro["es_keyword_cnt"]; ?> )
{
alert("You can't choose more than <?php echo ($esrow_gro["es_keyword_cnt"]==1)?$esrow_gro["es_keyword_cnt"].' keyword':$esrow_gro["es_keyword_cnt"].' keywords'; ?>");
frm.es_keywords.focus();
frm.es_keywords.select();
return(false);
}
}
if( frm.es_price_cur_id.value == 0)
{
alert('Please choose currency for Price');
frm.es_price_cur_id.focus();
return(false);
}
if( isNaN(frm.es_price.value) || frm.es_price.value<=0)
{
alert('Please specify Price as a non-zero positive number');
frm.es_price.focus();
frm.es_price.select();
return(false);
}
return(true);
}
function attachment(box,es_id)
{
//str="view_images.php?es_id="+es_id;
str="fileupload1.html?box="+ box+"&es_id="+es_id;
window.open(str,"Attachment","top=5,left=30,toolbars=no,maximize=yes,resize=yes,width=450,height=450,location=no,directories=no,scrollbars=yes");
}
function removeattachment(box)
{
window.document.form123.list1.value=""
}
</script>
<form name="form123" method="post" action="buy_offers_post_buy_offers.html" onSubmit="return validate_form(this);">
<table width="100%" border="0" align="center" cellpadding="0" cellspacing="0" class="onepxtable">
<tr>
<td class="titlestyle"> <? echo "$Post_Buy_Offer" ?></td>
</tr>
<tr>
<td><table border="0" align="center" cellpadding="2" cellspacing="5">
<tr>
<td colspan="3" class="innertablestyle"> <div align="center"><font class="normal">
<? echo "$Buy_Offers" ?> : <? echo "$Posted" ?> - <strong><font class="red"><?php echo $esbuy_count; ?></font></strong>
<? echo "$Maximum_Allowed_" ?>- <strong><font class="red"><?php echo $esrow_gro["es_buy_cnt"]; ?></font></strong></font></div></td>
</tr>
<tr valign="top">
<td width="25%" align="right" class="innertablestyle"><font class="normal"><strong><? echo "$Categories" ?><br>
</strong></font><font class="smalltext">(<font class="smalltext"><? echo "$Max" ?></font><strong><?php echo $esrow_gro["es_cat_cnt"]; ?></strong><?php echo ($esrow_gro["es_cat_cnt"]>1)?' categories':' category'; ?>)</font></td>
<td><font class="red">*</font></td>
<td> <font class="smalltext">
<textarea name="category" cols="37" rows="5" readonly="readonly" id="category"><? echo $es_cat_list;?></textarea>
<br>
<select name="cats" id="select2" >
<option value="0">Choose a category</option>
<?
$rs_query=mysql_query("select * from esb2b_categories order by es_pid");
while($rst=mysql_fetch_array($rs_query))
{
$cat_path="";
$child=mysql_fetch_array(mysql_query("select * from esb2b_categories where es_pid=".$rst["es_id"]));
if($child)
{
continue;
}
$cat_path.=$rst["es_cat_name"];
$par=mysql_query("select * from esb2b_categories where es_id=".$rst["es_pid"]);
while($parent=mysql_fetch_array($par))
{
$cat_path=$parent["es_cat_name"].">".$cat_path;
$par=mysql_query("select * from esb2b_categories where es_id=".$parent["es_pid"]);
}
?>
<option value="<? echo $rst["es_id"];?>" ><? echo $cat_path;?></option>
<?
}
?>
</select>
<input name="cid" type="hidden" id="cid" value="<? echo $cid_list;?>">
<input class="btn btn-grey" name="add" type="button" id="add" value="<? echo "$Add" ?>" onClick="add_category()">
<input class="btn btn-grey" name="Remove" type="button" id="Remove" value="<? echo "$Remove" ?>" onClick="remove_category()">
</font></td>
</tr>
<tr valign="top">
<td align="right" class="innertablestyle"><font class="normal"><strong><? echo "$Title" ?></strong></font></td>
<td><font class="red">*</font></td>
<td><font face="Arial, Helvetica, sans-serif" size="2">
<input name="es_title" type="text" class=select id="es_title" value="<?php echo $es_title; ?>" size="30" maxlength="40">
</font></td>
</tr>
</table>
<div style="width:100%" class="titlestyle"><font class="normal"><strong><? echo "$Description" ?></strong></font></div>
<table width="100%" border="0" align="center" cellpadding="2" cellspacing="5">
<tr valign="top">
<td align="left" colspan='3' style="padding:0; margin:0;"></td>
</tr>
<tr valign="top">
<td valign="top" colspan="3" align="center"> <div align="center"><font class='normal'>
<textarea name="es_description" cols=30 rows=4 wrap="physical" id="es_description">
<?
function encodeHTML($sHTML)
{
$sHTML=ereg_replace("&","&",$sHTML);
$sHTML=ereg_replace("<","<",$sHTML);
$sHTML=ereg_replace(">",">",$sHTML);
return $sHTML;
}
if(isset($es_description))
{
$sContent=stripslashes($es_description); /*** remove (/) slashes ***/
echo encodeHTML($sContent);
}
?>
</textarea>
<script> //STEP 2: Replace the textarea (txtContent)
var oEdit1 = new InnovaEditor("oEdit1");
oEdit1.REPLACE("es_description");//Specify the id of the textarea here
</script>
</font>
</div></td>
</tr>
<tr valign="top">
<td width="22%" align="right" class="innertablestyle"><font class="normal"><strong><? echo "$Quantity" ?></strong></font></td>
<td><font class="red">*</font></td>
<td><font face="Arial, Helvetica, sans-serif" size="2">
<input name="es_quantity" type="text" class=select id="es_quantity" value="<?php echo $es_quantity; ?>" size="30" maxlength="40">
</font><font face="Arial, Helvetica, sans-serif" size="2"> 
</font></td>
</tr>
<tr valign="top">
<td align="right" class="innertablestyle"><font class="normal"><strong><? echo "$Keywords" ?><br>
</strong></font><font class="smalltext">(<? echo "$Max" ?> <strong><?php echo $esrow_gro["es_keyword_cnt"]; ?></strong><?php echo ($esrow_gro["es_keyword_cnt"]>1)?' keywords':' keyword'; ?>)</font><font class="normal"><strong>
</strong></font></td>
<td><font class="red">*</font></td>
<td><input name="es_keywords" type="text" class=select id="es_keywords" value="<?php echo $es_keywords; ?>" size="30" maxlength="40">
<br> <font class="smalltext"><? echo "$Please_specify_a_comma_seperated_list_of_keywords_related_to_your_product_Appropriate_keywords_will_lead_more_buyers_to_find_your_products" ?>.</font></td>
</tr>
<tr valign="top">
<td class="innertablestyle"> <div align="right"><strong><font class="normal"><? echo "$Price" ?></font></strong></div></td>
<td><font class="red">*</font></td>
<td><font face="Arial, Helvetica, sans-serif" size="2">
<select name="es_price_cur_id">
<option value="0"><? echo "$Select_Currency" ?></option>
<?
$rs_query=mysql_query("Select * from esb2b_currencies where 1" );
while ($rs=mysql_fetch_array($rs_query))
{
?>
<option value="<?php echo $rs["escur_id"]; ?>"
<?php
if ( $rs["escur_id"]==$es_price_cur_id)
{
echo " selected ";
}
?>
><?php echo $rs["escur_name"]; ?></option>
<?
}
?>
</select>
  
<input name="es_price" type="text" id="es_price" value="<?php echo $es_price; ?>" size="5" maxlength="30">
</font></td>
</tr>
<tr valign="top">
<td align="right" class="innertablestyle"> </td>
<td> </td>
<td><input class="btn btn-grey" name="submit" type="submit" value="<? echo "$Post_Now" ?>"></td>
</tr>
</table></td>
</tr>
</table>
</form>
<?
} ?>
<br />
</td>
</tr>
</table></td>
</tr>
</table></td>
<td width="21%" style="padding-top:4px" valign="top"></td>
</tr>
</table>
</td>
</tr>
</table>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td style="padding-top:4px"; ></td>
</tr>
</table>
<div style="clear: both;"></div>
<?
// end main
}
include_once("template1.php");
?>

Remove field validation for "quantity"