--- a/displayContract.php
+++ b/displayContract.php
@@ -1,44 +1,87 @@
-<?php
-
-include_once("./lib/common.inc.php");
-include_header("Contract");
-$query = sprintf("SELECT *
-FROM `contractnotice`
-WHERE  CNID = '%d'", mysql_real_escape_string($_REQUEST['CNID']));
-
-$result = mysql_query($query);
-while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
-setlocale(LC_MONETARY, 'en_US');
-foreach (array_filter($row) as $key => $value) {
-	echo "<b>$key</b>&nbsp;";
-switch ($key) {
-case "supplierName":
-case "supplierABN":
-	echo '<a href="displaySupplier.php?supplier='.$row['supplierABN'].'-'.urlencode($row['supplierName']).'">'.$value."</a>";
-	break;
-case "agencyName":
-	echo '<a href="displayAgency.php?agency='.urlencode($value).'">'.$value."</a>";
-	break;
-case "value":
-	echo "$".number_format(doubleval($value),2);
-	break;
-default:
-	echo str_replace("  ","<br>",$value);
-}
-echo "<br>";
-}
-}
-echo '<br><a href="https://www.tenders.gov.au/?event=public.advancedsearch.keyword&keyword=CN'.$_REQUEST['CNID'].'"> View original record @ tenders.gov.au</a><br>';
-
-mysql_free_result($result);
-
-$query = "SELECT * FROM `heuristic_results` where CNID = ".$_REQUEST['CNID'];
-$result = mysql_query($query);
-if (!$result) echo mysql_error().$query;
-while ($r = mysql_fetch_array($result, MYSQL_ASSOC)) {
-	echo "<b>{$r['heuristic_name']}</b>: {$r['heuristic_value']} (raw value: {$r['raw_value']}, mean: {$r['mean']}, stddev: {$r['stddev']})<br>";
-}
-
-include_footer();
-?>
+<?php
 
+include_once("./lib/common.inc.php");
+$query = 'SELECT *
+FROM contractnotice
+WHERE  "CNID" = :CNID LIMIT 1';
+
+$query = $conn->prepare($query);
+$query->bindParam(":CNID", $_REQUEST['CNID']);
+$query->execute();
+$contractResult = $query->fetch(PDO::FETCH_ASSOC);
+if (!$contractResult) {
+  header("Status: 404 Not Found");
+    header("HTTP/1.0 404 Not Found");
+include_header("Contract Not Found");
+ echo "<center><h1>No Contract Notice with that ID found</h1></center>";
+databaseError($conn->errorInfo());
+} else {
+$description = ucsmart($contractResult["description"]);
+include_header($description);
+ echo '<center><h1>'.$description.'</h1></center>
+     <div about="http://contracts.disclosurelo.gs/displayContract.php?CNID='.$contractResult["CNID"].'" typeof="pc:Contract">';
+databaseError($conn->errorInfo());
+    setlocale(LC_MONETARY, 'en_US');
+    foreach (array_filter($contractResult) as $key => $value) {
+        echo "<b>$key</b>&nbsp;";
+        switch ($key) {
+            case "supplierABN":
+            break;
+            case "supplierName":
+                echo '
+                    <a href="displaySupplier.php?supplier=' . $contractResult['supplierABN'] . '-' . urlencode($contractResult['supplierName']) . '">
+                        <span rel="pc:contractingAuthority" typeof="gr:BusinessEntity">
+                        <span property="gr:legalName">' 
+                    . $contractResult['supplierName'] . 
+                    '</span>'.
+                    (isset($contractResult['supplierABN']) && $contractResult['supplierABN'] != '' ? ' (ABN: <span property="br:officialNumber" lang="">'.$contractResult['supplierABN'].'</span>)' : '')
+                        .'</span></a>';
+                break;
+            case "CNID":
+                echo '<span property="pc:referenceNumber" lang="">'.$value.'</span>';
+                break;
+            case "categoryUNSPSC":
+                break;
+            case "category":
+                echo '<span rel="pc:mainObject" resource="[unspsc:'.$contractResult["categoryUNSPSC"].']">'.$value.'</span>';
+                break;
+            case "agencyName":
+                echo '<a href="displayAgency.php?agency=' . urlencode($value) . '">' . $value . "</a>";
+                break;
+            case "contractStart":
+                echo '<span property="pc:startDate" content="'.$value.'" datatype="xsd:date">'.$value.'</span>';
+                break;
+            case "contractEnd":
+                echo '<span property="pc:endDate" content="'.$value.'" datatype="xsd:date">'.$value.'</span>';
+                break;
+            case "value":
+                echo '<span rel="pc:agreedPrice" typeof="gr:PriceSpecification">
+                     <span property="gr:hasCurrency" content="AUD" lang="">$ </span>
+                     <span property="gr:hasCurrencyValue" content="'.doubleval($value).'" datatype="xsd:float">' . number_format(doubleval($value), 2)
+                    .'</span></span>';
+                break;
+            case "description":
+                echo '<span property="dcterms:title">'.$value.'</span>';
+            default:
+                echo str_replace("  ", "<br>", ucsmart($value));
+        }
+        echo "<br>\n";
+    }
+echo '<br><a href="https://www.tenders.gov.au/?event=public.advancedsearch.keyword&keyword=CN' . $_REQUEST['CNID'] . '"> View original record @ tenders.gov.au</a><br>
+    
+</div>';
+
+
+$query = 'SELECT * FROM heuristic_results where "CNID" = :CNID';
+$query = $conn->prepare($query);
+$agencyName = $input . '%';
+$query->bindParam(":CNID", $_REQUEST['CNID']);
+$query->execute();
+databaseError($conn->errorInfo());
+foreach ($query->fetchAll() as $r) {
+    echo "<b>{$r['heuristic_name']}</b>: {$r['heuristic_value']} (raw value: {$r['raw_value']}, mean: {$r['mean']}, stddev: {$r['stddev']})<br>";
+}
+}
+include_footer();
+?>
+