<?
if(ISSET($vehid)){$vehid=xss_prepare($vehid, 1);if($vehid=="[$$##]"){Header("Location: /sitemap.php");}}
if(ISSET($carid)){$vehid=xss_prepare($carid, 1);if($carid=="[$$##]"){Header("Location: /sitemap.php");}}
if(ISSET($ajaxsearch)){$ajaxsearch=xss_prepare($vehid, 3);if($ajaxsearch=="[$$##]"){$ajaxsearch="";}}
if(ISSET($leaf)){$leaf=xss_prepare($leaf, 1);if($leaf=="[$$##]"){$leaf=1;}}
if(ISSET($total)){$total=xss_prepare($total, 1);if($total=="[$$##]"){$total=0;}}
if(ISSET($filter)){$filter=xss_prepare($filter, 2);if($filter=="[$$##]"){$filter="";}}
if(ISSET($bodytype)){$bodytype=xss_prepare($bodytype, 3);if($bodytype=="[$$##]"){$bodytype="";}}
if(ISSET($transmission)){$transmission=xss_prepare($transmission, 2);if($transmission=="[$$##]"){$transmission="";}}
if(ISSET($make)){$make=xss_prepare($make, 3);if($make=="[$$##]"){$make="";}}
if(ISSET($model)){$model=xss_prepare($model, 3);if($model=="[$$##]"){$model="";}}
if(ISSET($modtext)){$modtext=xss_prepare($modtext, 3);if($modtext=="[$$##]"){$modtext="";}}
if(ISSET($derivative)){$derivative=xss_prepare($derivative, 3);if($derivative=="[$$##]"){$derivative="";}}

if(ISSET($calemail)){$calemail=xss_prepare($calemail, 4);if($calemail=="[$$##]"){Header("Location: /sitemap.php");}}
if(ISSET($tagfind)){$tagfind=xss_prepare($tagfind, 3);if($tagfind=="[$$##]"){Header("Location: /sitemap.php");}}
if(ISSET($prid)){$prid=xss_prepare($prid, 3);if($prid=="[$$##]"){Header("Location: /sitemap.php");}}
if(ISSET($cmsr)){$cmsr=xss_prepare($cmsr, 3);if($cmsr=="[$$##]"){$cmsr="";}}
if(ISSET($height)){$height=xss_prepare($height, 1);if($height=="[$$##]"){$height=350;}}
if(ISSET($width)){$width=xss_prepare($width, 3);if($width=="[$$##]"){$width=584;}}
if(ISSET($TB_iframe)){$TB_iframe=xss_prepare($TB_iframe, 2);if($TB_iframe=="[$$##]"){$TB_iframe="true";}}

if(ISSET($register)){$register=xss_prepare($register, 1);if($register=="[$$##]"){$register=1;}}
if(ISSET($uname)){$uname=xss_prepare($uname, 4);if($uname=="[$$##]"){$uname="";}}
if(ISSET($pword)){$pword=xss_prepare($pword, 3);if($pword=="[$$##]"){$pword="";}}
if(ISSET($vehicle)){$vehicle=xss_prepare($vehicle, 2);if($vehicle=="[$$##]"){$vehicle="car";}}
if(ISSET($type)){$type=xss_prepare($type, 2);if($type=="[$$##]"){$type="business";}}
if(ISSET($budget)){$budget=xss_prepare($budget, 5);if($budget=="[$$##]"){$budget="";}}
if(ISSET($emissions)){$emissions=xss_prepare($emissions, 2);if($emissions=="[$$##]"){$emissions="";}}
if(ISSET($doors)){$doors=xss_prepare($doors, 1);if($doors=="[$$##]"){$doors="";}}
if(ISSET($fuel)){$fuel=xss_prepare($fuel, 2);if($fuel=="[$$##]"){$fuel="";}}
if(ISSET($vgredirect)){$vgredirect=xss_prepare($vgredirect, 3);if($vgredirect=="[$$##]"){$vgredirect="";}}
if(ISSET($bodystyle)){$bodystyle=xss_prepare($bodystyle, 2);if($bodystyle=="[$$##]"){$bodystyle="";}}
if(ISSET($monthly)){$monthly=xss_prepare($monthly, 1);if($monthly=="[$$##]"){$monthly="0";}}

if(ISSET($busmonthly)){$busmonthly=xss_prepare($busmonthly, 7);if($busmonthly=="[$$##]"){$busmonthly="0";}}
if(ISSET($permonthly)){$permonthly=xss_prepare($permonthly, 7);if($permonthly=="[$$##]"){$permonthly="0";}}



if(ISSET($funder)){$funder=xss_prepare($funder, 1);if($funder=="[$$##]"){$funder="0";}}
if(ISSET($initialpayment)){$initialpayment=xss_prepare($initialpayment, 1);if($initialpayment=="[$$##]"){$initialpayment="6";}}
if(ISSET($httpreferrer)){$httpreferrer=xss_prepare($httpreferrer, 3);if($httpreferrer=="[$$##]"){$httpreferrer="";}}
if(ISSET($term)){$term=xss_prepare($term, 1);if($term=="[$$##]"){$term="48";}}
if(ISSET($mileage)){$mileage=xss_prepare($mileage, 1);if($mileage=="[$$##]"){$mileage="10000";}}
if(ISSET($maintenance)){$maintenance=xss_prepare($maintenance, 2);if($maintenance=="[$$##]"){$maintenance="No";}}
if(ISSET($lo)){$lo=xss_prepare($lo, 4);if($lo=="[$$##]"){$lo="";}}
if(ISSET($spid)){$lo=xss_prepare($spid, 1);if($spid=="[$$##]"){$spid="0";}}
//if(ISSET($_SESSION["MYACCOUNT"])){$_SESSION["MYACCOUNT"]=xss_prepare($_SESSION["MYACCOUNT"], 1);if($_SESSION["MYACCOUNT"]=="[$$##]"){Header("Location: /logout.php");}}
if(ISSET($submitted)){$submitted=xss_prepare($submitted, 1);if($submitted=="[$$##]"){$submitted="0";}}
if(ISSET($jback)){$jback=xss_prepare($jback, 1);if($jback=="[$$##]"){$jback="0";}}
if(ISSET($srmessage)){$srmessage=xss_prepare($srmessage, 1);if($srmessage=="[$$##]"){$srmessage="0";}}
if(ISSET($showid)){$showid=xss_prepare($showid, 1);if($showid=="[$$##]"){$showid="0";}}
if(ISSET($varoptions)){$varoptions=xss_prepare($varoptions, 2);if($varoptions=="[$$##]"){$varoptions="";}}
?><?
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
//THIS SHOULD ONLY BE SET ONCE AT THE START OF THE SESSION.  
//SET WITH ALPHANUMERIC VARIABLE THAT IS NEVER LIKELY TO BE USED AS A PAGE NAME. 
//THIS WILL MEAN THAT THE USER TRACKING IS UPDATED AFTER THAT IS SET TO THE REAL PAGE NAME
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
 		$arppc=0;//default to 0 as will only be 1 when landing page or ppc campaign is active
if (!ISSET($_SESSION['ENTSET'])) {$_SESSION['ENTSET'] = "d1c52cab917f79";}
if ( (!ISSET($_SESSION['CCSID'])) OR (EMPTY($_SESSION['CCSID'])) )
{ //make sure ccsid is set and not empty otherwise we need to set it.


	//add create db entry for user.  This should only be done once per session. This coding should appear on all pages that you wish to track.  
	//$PN IS THE PAGE NAME AND COMES FROM THE CODE.PHP FILE WHICH LISTS ALL THE PAGES ON THE WEB SITE AND THE NAMES ASSIGNED TO EACH ONE.
	//There is no reason why you should get any sessions created on stages number 3 and 4 but its worth adding as a catch all

		$_SESSION['CCSID'] = SESSION_ID(); 

//now on to handle the source variables  
			if(!ISSET($_SESSION['EVIAN']))
			{//if not set then see what value we should give it
    				if( (ISSET($source)) AND (!EMPTY($source)) )
    				{ //if source tag is set and not empty then we'll tag it with source but must check to see if prefix of 'ppc_'
    						if(substr($source, 0, 4)=="ppc_")
    						{//if prefix with ppc_ then from a campaign and should be tracked accordingly
    						$arppc=1;//mark as a campaign so we can track
    						$arkeyword=substr($source, 4, 100);//pull in the keyword used on PPC so we can run into reports
    						$_SESSION['EVIAN'] = substr($source, 4, 100);//remove the ppc_ prefix and save source
    						}
    						else
    						{//normal source so just tag
    						$_SESSION['EVIAN'] = $source;
    						}
    				} 
    				else if (ISSET($cstracker))
    				{//if we have a landing page then pull in tracker and set evian to the tracking id - also mark arppc
    				$arppc=1;//mark as a campaign so we can track
    				$arkeyword=$cstracker;
    				$_SESSION['EVIAN'] = $cstracker;
    				}
    				else
    				{//if evian not set source not set, tracker not set then default 
    				$_SESSION['EVIAN'] = "N/A"; 
    				} 
			}
			else if(EMPTY($_SESSION['EVIAN'])) 
			{//a simple catch all  in case evian is set and is empty we default to NA
			$_SESSION['EVIAN'] = "N/A";
			}

		
}
//echo $_SERVER["HTTP_REFERER"];
if($_SESSION['ENTSET']!=="$pn")
{//this means we can add the page into tracking - however first check on ip addresses

$io = mysqli_query($link,"SELECT ip_address FROM settings_ipblock WHERE ip_address='" . $_SERVER["REMOTE_ADDR"] . "' LIMIT 1");
		if(mysqli_num_rows($io) == 0)
					{//this nothing found so we insert a record - otherwise we do nothing
					//echo "not blocked";
              		$artemistime = date("G:i:s");//set time - date comes from uberdate
              		$arorigin = array("'", "\" ", ";", ":", "|", "<", ">", "\"", "/", ".");
              		$arneworigin = array("", "", "", "", "", "", "", "", "", "");
              		
              	$arqstring=array();//make sure array is empty
              	$arqstring=explode("&", $_SERVER["HTTP_REFERER"]);//break up query string
              	$arqueue=explode("?", $arqstring[0]);//just break up the first string (normally includes the URL just in case an variables still lurking
              	array_unshift($arqstring, $arqueue[0], $arqueue[1]);
              	
                    for ( $adf = 0; $adf <= count($arqstring); ++$adf)
                    {
                    $arqkeyval=array();
                    $arqkeyval=explode("=", $arqstring[$adf]);
                    if($arqkeyval[0]=="q"){$arkeyword=$arqkeyval[1];}//if q is set then keyword found hurrah!
                    //other keyword finders can be added here as well
                    }//loop through and split on = find q
              
              		$arreferrer="";//make sure it is empty
              		$qareferrer=explode("/",  $_SERVER["HTTP_REFERER"]);//split the referrerer and pull out the URL only
              		if($qareferrer[2]!=substr($wpath,7,200)){$arreferrer=$qareferrer[2];}
              		if(EMPTY($qareferrer[0])){$arreferrer=substr($wpath,7,200);}
              //echo $arreferrer;
              //echo substr($wpath,7,136);
              //work out browser name
              $useragent=$_SERVER['HTTP_USER_AGENT'];
              
              if (preg_match( '|Opera/([0-9].[0-9]{1,2})|',$useragent,$matched)) {
                   $arbrowser_version=$matched[1];
                   $arbrowser = 'Opera';
               } elseif (preg_match('|MSIE ([0-9].[0-9]{1,2})|',$useragent,$matched)) {
                   $arbrowser_version=$matched[1];
                   $arbrowser = 'IE';
               } elseif(preg_match('|Firefox/([0-9\.]+)|',$useragent,$matched)) {
                       $arbrowser_version=$matched[1];
                       $arbrowser = 'Firefox';
               } elseif(preg_match('|Chrome/([0-9\.]+)|',$useragent,$matched)) {
                       $arbrowser_version=$matched[1];
                       $arbrowser = "Chrome";
               } elseif(preg_match('|Safari/([0-9\.]+)|',$useragent,$matched)) {
                       $arbrowser_version=$matched[1];
                       $arbrowser = "Safari";
               } else {
                       // browser not recognized!
                   $arbrowser_version="";
                   $arbrowser="Other";
               }		


              $arbot=0;//we assume visitor is not a bot
              
              $arspider = mysqli_query($link,"SELECT sd_id, sd_bot FROM settings_bots WHERE sd_live=1 order by sd_order");//only show front-end variables
							if(mysqli_num_rows($arspider) > 0)	{	while ( $grbot = mysqli_fetch_array($arspider) )	{$arbotid[]=$grbot["sd_id"];$arbotname[]=$grbot["sd_bot"];}}     
							//print_r($arbotname);         
             for ($ari = 0; $ari < count($arbotid); $ari++) {if(preg_match("/$arbotname[$ari]/", $useragent, $matches)) {$arbot=$arbotid[$ari];print "$arbotname[$ari]"; break;}}

              
              //if source has not been set by anything then set it to the referrer
              if($_SESSION['EVIAN'] == "N/A"){$_SESSION['EVIAN'] = $arreferrer;}
              
              		$query = "INSERT INTO artemis ( ar_sessid, ar_page, ar_date, ar_time, ar_ipaddress, ar_browser, ar_source, ar_referrer, ar_ppc, ar_querystring, ar_keyword, ar_browsername, ar_bot, ar_location) 
              		values ( '" . $_SESSION['CCSID'] . "', '$pn', '$uberdate', '$artemistime',  '" . $_SERVER['REMOTE_ADDR'] . "', '" . $useragent  . "', '" . $_SESSION['EVIAN'] . "', '" . $arreferrer . "', '$arppc', '" . $_SERVER["HTTP_REFERER"] . "', '" . str_replace(arorigin, arneworigin, urldecode($arkeyword)) . "', '$arbrowser $arbrowser_version', '$arbot','$udlocation')";
              //echo "<BR>" .$query;
               		if (! mysqli_query($link, $query) )	{ $dberror = mysql_error(); }
              		else
              			{
              			//NOW RESET ENTSET WITH THIS PAGE NAME - $PN.
              	      $_SESSION['ENTSET'] = "$pn";
              			}
              	//end of db entry
              		//echo $_SESSION['CCSID'];
          }//end of if clause for ip block
          else
          {//ip address is blocked so we don't do anything other than change the ENTSET so page can not be called again
          $_SESSION['ENTSET'] = "$pn";
          //echo "blocked";
          }

            
}
		$testoutput.="<BR>Session ID:" . $_SESSION['CCSID'] . "<BR>Source: " . $_SESSION['EVIAN'] . "<BR>";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
        <title>TCOM</title>
        <meta name="description" content="TCOM Page Descriptions" />
<meta name="keywords" content="TCOM Leasing" />
<meta name="robots" content="INDEX" />
<meta name="author" content="TCOM" />
<meta name="last-modified" content="01-01-2013" />
<meta name="modified-by" content="TCOM" />
<meta name="copyright" content="" />
<link rel="alternate" type="application/rss xml" title="RSS Feed (RSS 2.0)" href="/rss.xml"/>
<link rel="shortcut icon" type="image/x-icon" href="/favicon.ico" />
        <link href='//fonts.googleapis.com/css?family=Source+Sans+Pro:400,700' rel='stylesheet' type='text/css' />
            <link rel="stylesheet" type="text/css" href="css/styles.css" media="screen" />
            <link rel="stylesheet" type="text/css" href="css/thickbox.css" />
    </head>
    <body>
                <? include("main.php"); ?>

        <script type="text/javascript" src="js/submission.js"></script>
        <script src="js/jquery.min.js" type="text/javascript"></script>
        <script type="text/javascript" src="js/ajax.js"></script>
        <script type="text/javascript" src="js/hide.js"></script>
        <script type="text/javascript" src="js/thickbox.js"></script>
        <script type="text/javascript" src="js/jquery.idTabs.min.js"></script>	
        <script type="text/javascript" src="js/iframeResizer.contentWindow.min.js"></script> 
        <script type="text/javascript">

            $(document).ready(function () {


                $("#hp_dataexpand").click(function () {
                    $("#hp_datatext").show();
                    $("#hp_dataexpand").hide();
                    $("#hp_datapexpand").show();
                });
                $("#hp_datapexpand").click(function () {
                    $("#hp_datatext").hide();
                    $("#hp_dataexpand").show();
                    $("#hp_datapexpand").hide();
                });

            });

        </script>
        144
    </body>
</html>