--- a/lib/common.inc.php +++ b/lib/common.inc.php @@ -1,4 +1,6 @@ <?php +date_default_timezone_set("Australia/ACT"); + require_once ('jpgraph/jpgraph.php'); require_once ('jpgraph/jpgraph_line.php'); require_once ('jpgraph/jpgraph_log.php'); @@ -8,6 +10,7 @@ require_once ('jpgraph/jpgraph_date.php'); error_reporting(E_ALL ^ E_NOTICE); + $link = mysql_connect('localhost', 'root', ''); if (!$link) { @@ -33,16 +36,17 @@ $totale += array_sum_all($value); return $totale; } +// magic query modifiers $agency = mysql_real_escape_string(stripslashes($_REQUEST['agency'])); -if ($agency != "") $agencyQ = "agencyName = '" . $agency . "' AND"; +if ($agency != "") $agencyQ = "agencyName = '" . $agency . "' AND "; $supplier = mysql_real_escape_string(stripslashes($_REQUEST['supplier'])); if ($supplier != "") { $supplierParts = explode("-", $supplier); - if ($supplierParts[0] > 0) $supplierQ = "supplierABN = '" . $supplierParts[0] . "' AND"; - else $supplierQ = "supplierName LIKE '%" . $supplierParts[1] . "%' AND"; + if ($supplierParts[0] > 0) $supplierQ = "supplierABN = '" . $supplierParts[0] . "' AND "; + else $supplierQ = "supplierName LIKE '%" . $supplierParts[1] . "%' AND "; } $year = mysql_real_escape_string(stripslashes($_REQUEST['year'])); -if ($year != "") $yearQ = "agencyName = '" . $agency . "' AND"; +if ($year != "") $yearQ = "YEAR(publishDate) = " . $year . " AND "; $start =0.0; @@ -86,7 +90,7 @@ <a href="displayProcurementMethod.php">procurement method</a> <a href="displayConfidentialities.php">contractual confidentiality</a> <a href="displayConsultancies.php">consultancies</a> - <a href="displayAmendments.php">consultancies</a> + <a href="displayAmendments.php">amendments</a> <a href="displayMap.php">postcodes</a> <div id="search"><form method="post" action="search.php" class="asholder"> <label for="searchKeyword">search</label>