cacert-webdb/www/ac.php
2006-04-20 20:48:35 +00:00

37 lines
1.1 KiB
PHP

<?
header('Content-Type: text/html; charset=UTF-8');
if($_REQUEST['i'] != "")
echo "<html><body><script language=\"JavaScript\"><!--\n";
$s = mysql_real_escape_string($_REQUEST['s']);
$id = intval($_REQUEST['id']);
echo "parent._ac_rpc('$id',";
$bits = explode(",", $s);
$loc = trim(mysql_real_escape_string($bits['0']));
$reg = trim(mysql_real_escape_string($bits['1']));
$ccname = trim(mysql_real_escape_string($bits['2']));
$query = "select `locations`.`id` as `locid`, `locations`.`name` as `locname`, `regions`.`name` as `regname`,
`countries`.`name` as `ccname` from `locations`, `regions`, `countries` where
`locations`.`name` like '$loc%' and `regions`.`name` like '$reg%' and `countries`.`name` like '$ccname%' and
`locations`.`regid`=`regions`.`id` and `locations`.`ccid`=`countries`.`id`
order by `locations`.`name` limit 10";
$res = mysql_query($query);
while($row = mysql_fetch_assoc($res))
{
$rc++;
if($rc > 1)
echo ",";
echo '"'.$row['locname'].', '.$row['regname'].', '.$row['ccname'].'", "'.$row['locid'].'"';
}
echo ");";
if($_REQUEST['i'] != "")
echo "\n\n// -->\n</script></body></html>";
exit;
?>