File: /home/mckernan/public_html/iJournal/includes/client/contactlist.php
<?php
// contact list
$types = array(0 => 'Phone', 1 => 'FAX', 2 => 'Email', 3 => 'Website');
// init database name
$database = DB_PREFIX;
// process request
if ($sid != '')
{
// sid check
require "includes/session/sidck.php";
// init return value
$rv = '<root>' . PHP_EOL;
$rv .= '<contacts>' . PHP_EOL;
// fetch database name / open db
$db = '';
if ( isset($_POST['db']) ) $db = $_POST['db'];
if ( isset($_GET['db']) ) $db = $_GET['db'];
if ($db == '') die();
$database .= $db;
require "includes/db.php";
// fetch list
$query = "SELECT * FROM contacts WHERE c_active = 1 ORDER BY c_type ASC, c_descrip ASC";
if ($result = $db->query($query))
{
if ($db->affected_rows > 0)
{
while ($row = $result->fetch_assoc())
{
if ($row['c_type'] < 2)
{
$details = substr($row['c_details'], 0, 3) . '-' . substr($row['c_details'], 3, 3) . '-' . substr($row['c_details'], 6, 4);
if (strlen($row['c_details']) > 10)
{
$details .= ' x ' . substr($row['c_details'], 10);
}
}
else
{
$details = $row['c_details'];
}
$rv .= '<contact>' . PHP_EOL;
$rv .= '<id>' . $row['c_id'] . '</id>' . PHP_EOL;
$rv .= '<type>' . $types[$row['c_type']] . '</type>' . PHP_EOL;
$rv .= '<descr>' . $row['c_descrip'] . '</descr>' . PHP_EOL;
$rv .= '<details>' . $details . '</details>' . PHP_EOL;
$rv .= '<comments>' . $row['c_comments'] . '</comments>' . PHP_EOL;
$rv .= '</contact>' . PHP_EOL;
}
}
}
// finish output
$rv .= '</contacts>' . PHP_EOL;
$rv .= '</root>' . PHP_EOL;
// return data
echo $rv;
die;
}
else
{
header('Server: ');
header('X-Powered-By: ');
header("HTTP/1.0 404 Not Found");
}
?>