/*
* Add navigation buttons
*/
include ("buttons_wide.inc.php");
?>
if ($names == "Recent")
{
if ($noBuy == 1)
{
get_recent_sold(0, $cars, $user);
}
else
{
get_sp_fp($cars, $user, 100);
}
}
else
{
/* ***************************
* Protect against sql
* injection attacks.
* ***************************/
$startC = $names[0];
$endC = $names[1];
if ( (($startC < 'A') || ($startC > 'Z')) || (($endC < 'A') || ($endC > 'Z')) || ($endC < $startC) )
{
$startC = 'A';
$endC = 'D';
}
$constraints = null;
$query = "SELECT DISTINCT car_id, name FROM cars WHERE buyer_ln REGEXP \"^[" . $startC . "-" . $endC . "]\" AND special_person = \"1\" AND deleted = \"0\" ORDER BY date_sold;";
$cars = get_records_from_query("car", $query);
}
if ($cars)
{
$car = $cars[array_rand($cars)];
$car->lookup();
?>
= $car->get_full_title() ?>
foreach ($cars as $car)
{
$car->lookup();
?>
'">
" onmouseover="return overlib('get_image_href("mid", "ext", $noBuy) ?>\'>',OFFSETX,10,OFFSETY,20,BGCOLOR,'#111111',BORDER,3,CELLPAD,0,FOLLOWMOUSE,VAUTO);" onmouseout="nd();"> " height="42px" width="62px" hspace="0px" vspace="0px" border="0px">
}
?>
}
else
{
?>
}
?>