function storeData($title, $meanings, $synonyms)
{
    global $insert_count, $db;
    $meanings_str = finalClean(join("\n", $meanings));
    $synonyms_str = finalClean(join("\n", $synonyms));
    $query = sprintf("INSERT INTO wiktionary (headword, meanings, synonyms) VALUES ('%s', '%s', '%s')", addslashes($title), myaddslashes($meanings_str), myaddslashes($synonyms_str));
    $db->query($query);
    $insert_count++;
    #print "<p>$title:<br>&nbsp;MEAN:".join(',', $meanings)."<br>";
    #print "&nbsp;SYNO:".join(',', $synonyms);
}

function openthesaurus_searchSynonyms($query)
{
    $start = getmicrotime();
    $items = array();
    $query_str = sprintf("\n\t\tSELECT words.id AS word_id, word, meaning_id\n\t\tFROM words, word_meanings, meanings\n\t\tWHERE \n\t\t\tword = '%s' AND\n\t\t\twords.id = word_meanings.word_id AND\n\t\t\tword_meanings.meaning_id = meanings.id AND\n\t\t\tmeanings.hidden = 0\n\t\n\t\tUNION\n\n\t\tSELECT words.id AS word_id, word, meaning_id\n\t\tFROM words, word_meanings, meanings\n\t\tWHERE \n\t\t\tlookup = '%s' AND\n\t\t\twords.id = word_meanings.word_id AND\n\t\t\tword_meanings.meaning_id = meanings.id AND\n\t\t\tmeanings.hidden = 0\n\n\t\tORDER BY word", myaddslashes($query), myaddslashes($query), myaddslashes($query), myaddslashes($query));
    $db = new DB_Thesaurus();
    $db->query($query_str);
    $synmatches = 1;
    if ($db->nf() == 0) {
        $item['words'] = array();
        $items[] = $item;
    }
    while ($db->next_record()) {
        $mid = $db->f('meaning_id');
        $item['words'] = getSynsetWithUsage($db->f('meaning_id'), 1);
        $items[] = $item;
    }
    $_GET['search'] = 1;
    # otherwise logSearch ignores the search
    logSearch($db, $query, $db->nf(), 0, getEndTimer(), 1);
    XMLRPC_response(XMLRPC_prepare($items), KD_XMLRPC_USERAGENT);
}

    }
    $query = "";
    if ($auth->auth['uname'] == 'admin') {
        $query = sprintf("UPDATE meanings\n\t\t\tSET subject_id = %s,\n\t\t\t\t%s\n\t\t\t\thidden = %s\n\t\t\tWHERE\n\t\t\t\tid = %d", $new_id, $distinction_sql, myaddslashes($new_hidden), myaddslashes(uservar('mid')));
    } else {
        $query = sprintf("UPDATE meanings\n\t\t\tSET subject_id = %s\n\t\t\tWHERE\n\t\t\t\tid = %d", $new_id, myaddslashes(uservar('mid')));
    }
    $db->query($query);
    $query = sprintf("SELECT subject FROM subjects WHERE id = %d", $new_id);
    $db->query($query);
    $db->next_record();
    $new_subject = $db->f('subject');
    doLog(getSynsetString(uservar('mid'), 3), uservar('mid'), CHANGE_SUBJECT, uservar('oldsubject') . "->" . $new_subject);
    $changed = 1;
}
$query = sprintf("SELECT id, subject_id, distinction, hidden\n\tFROM meanings\n\tWHERE id = %d", myaddslashes(uservar('mid')));
$db->query($query);
if ($db->nf() == 0) {
    print "ID not found";
    return;
}
$db->next_record();
$subject_id = $db->f('subject_id');
$title = sprintf(_("Details for synset '%s'"), getSynsetString(uservar('mid'), 3));
function popdownlist()
{
    global $db, $subject_id;
    $query = "SELECT id, subject FROM subjects ORDER By subject";
    $db->query($query);
    $i = 0;
    print '<select name="subject_id">';

include "../include/phplib/prepend.php3";
$cancel_login = 1;
page_open(array("sess" => "Thesaurus_Session", "auth" => "Thesaurus_Default_Auth"));
include "../include/tool.php";
$db = new DB_Thesaurus();
$title = _("All words A-Z");
$stop_robots = 1;
include "../include/top.php";
?>

<br />

<?php 
$start_chars = "";
if (array_key_exists('start', $_GET) && $_GET['start']) {
    $start_chars = myaddslashes($_GET['start']);
} else {
    $start_chars = "A";
}
$chars = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z');
$subchar = "";
// first level:
$i = 0;
print "<div class=\"allchars\">";
foreach ($chars as $char) {
    if ($i > 0) {
        print " | ";
    }
    if ($start_chars && strpos($start_chars, $char) === 0) {
        print "<strong>" . $char . "</strong>";
        $subchar = $char;

function setNewAntonym($thisWMID, $newWMID)
{
    global $db;
    $this_id = myaddslashes($thisWMID);
    $new_antonym_id = myaddslashes($newWMID);
    $query = sprintf("SELECT id FROM antonyms\n\t\tWHERE word_meaning_id1 = %d OR word_meaning_id2 = %d", $this_id, $this_id);
    #print $query."<p>";
    $db->query($query);
    if ($db->nf() == 0) {
        $next_id = $db->nextid("antonyms");
        # The INSERT statement can lead to an duplicate key error if the new antonym
        # is already connected to a different word as its antonym, so check before:
        $query = sprintf("SELECT * FROM antonyms WHERE word_meaning_id1 = %d OR word_meaning_id2 = %d", myaddslashes($newWMID), myaddslashes($newWMID));
        $db->query($query);
        if ($db->nf() > 0) {
            print T_("Error: the antonym you selected is already connected to a different word.");
            exit;
        }
        $query = sprintf("INSERT INTO antonyms (id, word_meaning_id1, word_meaning_id2)\n\t\t\tVALUES (%d, %d, %d)", $next_id, myaddslashes($newWMID), myaddslashes($thisWMID));
        #print $query;
        $db->query($query);
        // Logging:
        // FIXME: should be moved before the INSERT query is executed, but the
        // INSERT can lead to an error and we don't want to log the action in that case:
        list($word1, $mid) = getAntonymWord($this_id, $db);
        list($word2, $mid) = getAntonymWord($newWMID, $db);
        doLog(join(', ', getSynset($this_id, 3)), $mid, ADD_ANTONYM, $word1 . "<->" . $word2);
    } else {
        if ($db->nf() == 1) {
            // Logging:
            list($word1, $mid) = getAntonymWord($this_id, $db);
            list($word2, $mid) = getAntonymWord($newWMID, $db);
            doLog(join(', ', getSynset($this_id, 3)), $mid, CHANGE_ANTONYM, $word1 . "<->" . $word2);
            # one of the next two UPDATE statements will succeed:
            $query = sprintf("UPDATE antonyms\n\t\t\tSET word_meaning_id2 = %d\n\t\t\tWHERE word_meaning_id1 = %d", $newWMID, $this_id);
            #print $query."<p>";
            $db->query($query);
            $query = sprintf("UPDATE antonyms\n\t\t\tSET word_meaning_id1 = %d\n\t\t\tWHERE word_meaning_id2 = %d", $newWMID, $this_id);
            #print $query."<p>";
            $db->query($query);
        } else {
            print "Internal error: more than one match for {$query}";
            return;
        }
    }
}

function MakeSemiSafe($UnsafeSource)
{
    return myaddslashes(removeEvilTags(trim($UnsafeSource)));
}

            ?>
. <a href="../add.php?word=<?php 
            print urlencode($word_org);
            ?>
"><?php 
            print escape($word_org);
            ?>
</a><br />
		<?php 
        }
    }
    print "<br><br>{$i} words";
    print "<h2>Unknown word forms</h2>";
    reset($words);
    while (list($count, $word) = each($words)) {
        $query = sprintf("SELECT word\n\t\t\tFROM word_forms\n\t\t\tWHERE word = '%s'", myaddslashes($word));
        $db->query($query);
        if ($db->nf() == 0) {
            print $word;
            print " ";
        } else {
            # MySQL 'select' is case-insensitive, so make sure also those words
            # are displayed as unknown that exist in the table but with different
            # upper/lowercase spelling:
            $same_case = 0;
            while ($db->next_record()) {
                if ($db->f('word') == $word) {
                    $same_case = 1;
                    break;
                }
            }

    // username exists already
    header("Location: remind.php?email=" . urlencode(uservar('email')));
    return;
}
$username = uservar('email');
$pwd = generatePassword(5);
$to = uservar('email');
$from = "dontreply@" . DOMAIN;
$subject = T_("Registered on ") . DOMAIN;
$message = "\n" . _("You have succesfully registered on ") . HOMEPAGE . "\n" . _("Username: ") . "{$username}\n" . _("Password: ") . "{$pwd}\n";
$ret = mail($to, $subject, $message, "From: {$from}");
if (!$ret) {
    print "Error: could not send mail";
    return;
}
$query = sprintf("INSERT INTO auth_user \n\t(user_id, username, password, perms, subs_date, blocked)\n\tVALUES ('%s', '%s', '%s', 'user', '%s', 0)", myaddslashes(escape(uservar('email'))), myaddslashes(escape(uservar('email'))), $pwd, date("Y-m-d H:i:s"));
$db->query($query);
if (MAILING_LIST_SUBSCRIBE && uservar('list') == 1) {
    $to = MAILING_LIST_SUBSCRIBE;
    $from = uservar('email');
    $subject = "subscribe";
    $message = "";
    $ret = mail($to, $subject, $message, "From: {$from}");
    if (!$ret) {
        print "Error: could not send mailing list subscription mail";
        return;
    }
}
function generatePassword($length)
{
    // generate a random password:

function logSearch($db, $term, $matches, $submatch, $searchtime, $webservice = 0)
{
    $searchform = 0;
    if (array_key_exists('search', $_GET) && $_GET['search'] == 1) {
        // only log explicit searches (not clicks on links)
        $searchform = 1;
    } else {
        if (array_key_exists('search', $_GET) && $_GET['search'] == 2) {
            // also log searches via Firefox (Sherlock) search:
            $searchform = 2;
        }
    }
    $query = sprintf("INSERT INTO\n\t\t\tsearch_log (term, date, matches, submatch, ip, searchtime, searchform, webservice)\n\t\t\tVALUES ('%s', '%s', %d, %d, '%s', %s, %d, %d)", myaddslashes(trim($term)), date("Y-m-d H:i:s"), $matches, $submatch, getenv('REMOTE_ADDR'), $searchtime, $searchform, $webservice);
    $db->query($query);
}

// NOTE: this file is UTF-8!
$start = getmicrotime();
$queryterm = trim($_GET['word']);
$links = array();
function wiktionaryClean($s)
{
    $s = preg_replace("/:(\\[[\\d,]+\\])/", "<span class=\"wiktionarymeaning\">\$1</span>", $s);
    $s = preg_replace("/\\[\\[/", "", $s);
    $s = preg_replace("/\\]\\]/", "", $s);
    $s = preg_replace("/&lt;sup&gt;(.*)&lt;\\/sup&gt;/", "<span class=\"wiktionarymeaningref\">\$1</span>", $s);
    return $s;
}
$match = 0;
if ($queryterm != "") {
    $query = sprintf("SELECT headword, meanings, synonyms FROM wiktionary WHERE headword = '%s'", myaddslashes($queryterm));
    //myaddslashes(iconv("latin1", "utf8", $queryterm)));
    $db->query($query);
    $match = $db->next_record();
    $wikiword = $db->f('headword');
    $wikilink = "http://de.wiktionary.org/w/index.php?title=" . urlencode($wikiword);
    $wikilink_history = "http://de.wiktionary.org/w/index.php?title=" . urlencode($wikiword) . "&amp;action=history";
    $wikilink_edit = "http://de.wiktionary.org/w/index.php?title=" . urlencode($wikiword) . "&amp;action=edit";
    #$wikiword = iconv("utf8", "latin1", $wikiword);
    if (!$match) {
        $wikilink = "http://de.wiktionary.org/";
    }
    ?>
	<p class="compact"><strong><a href="http://de.wiktionary.org">Wiktionary</a></strong>:</p>
	<ul class="compact">
	<?php 

     // $return_action = "list";
     // include('templates/back_button.responders.php');
 } elseif ($action == "do_update") {
     if (!ResponderExists($Responder_ID)) {
         admin_redirect();
     }
     $Resp_Name = MakeSemiSafe($_REQUEST['Resp_Name']);
     $Resp_Desc = MakeSemiSafe($_REQUEST['Resp_Desc']);
     $Reply_To = MakeSafe($_REQUEST['Reply_To']);
     $Owner_Name = MakeSafe($_REQUEST['Owner_Name']);
     $Owner_Email = MakeSafe($_REQUEST['Owner_Email']);
     $OptMethod = MakeSafe($_REQUEST['OptMethod']);
     $OptInRedir = MakeSafe($_REQUEST['OptInRedir']);
     $OptOutRedir = MakeSafe($_REQUEST['OptOutRedir']);
     $OptInDisp = myaddslashes($_REQUEST['OptInDisplay']);
     $OptOutDisp = myaddslashes($_REQUEST['OptOutDisplay']);
     $NotifyOwner = MakeSemiSafe($_REQUEST['NotifyOwner']);
     if ($OptMethod != "Double") {
         $OptMethod = "Single";
     }
     if ($NotifyOwner != "1") {
         $NotifyOwner = "0";
     }
     $query = "UPDATE " . $infresponders . "\n\t\t\tSET Name = '{$Resp_Name}',\n\t\t\tResponderDesc = '{$Resp_Desc}',\n\t\t\tOwnerEmail = '{$Owner_Email}',\n\t\t\tOwnerName = '{$Owner_Name}',\n\t\t\tReplyToEmail = '{$Reply_To}',\n\t\t\tOptMethod = '{$OptMethod}',\n\t\t\tOptInRedir = '{$OptInRedir}',\n\t\t\tOptOutRedir = '{$OptOutRedir}',\n\t\t\tOptInDisplay = '{$OptInDisp}',\n\t\t\tOptOutDisplay = '{$OptOutDisp}',\n\t\t\tNotifyOwnerOnSub = '{$NotifyOwner}'\n\t\t\tWHERE ResponderID = '{$Responder_ID}'";
     $DB_result = mysql_query($query) or die("Invalid query: " . mysql_error());
     # MOD set message and return to list
     $_SESSION['inf_resp_msg'] = "Responder Saved!";
     $action = "list";
     # Done!
     // print "<H3 style=\"color : #003300\">Responder Saved!</H3> \n";
     // print "<font size=4 color=\"#666666\">Return to list. <br></font> \n";

    }else{
        $_SESSION['sent'] = 1;
        $_SESSION['sent_text'] = "Вы робот!";
        $refer = $_SERVER['HTTP_REFERER'];
        echo '<script> document.location.href = "'.$refer.'"; </script>';
        exit();
    }
}



if($act=="subscriber")
{

    if($_REQUEST['name']==''){
        $email = myaddslashes($_REQUEST['email']);

        $currtime = time();

        $sql = "INSERT INTO $par->subscriberstable SET `date`=$currtime, `email`='$email'";
        mysql_query($sql);

        $lastid = mysql_insert_id();
        $sql = "UPDATE $par->subscriberstable SET `prior`=$lastid WHERE id=$lastid";
        mysql_query($sql);

        $body = "Email: $email";
        mailer($par->adminemail,$par->adminemail,$par->server." Нова підписка на новини",$body);

        $mess = $_REQUEST['mess'];
        $_SESSION['sent'] = 1;

					print '<strong><a href="word_detail.php?wmid='
						.$db->f('wmid').'" title="'.
						_("Modify word properties").'">'.$word_displ.'</a></strong>';
				} else {
					print "<strong>".$word_displ."</strong>";
				}
				?>
				<?php
				$term_ids = array();
				// having two queries is faster then "... word = ... OR lookup = ...":
				$inner_query = sprintf("SELECT id FROM words WHERE word = '%s'", myaddslashes($orig_word));
				$inner_db->query($inner_query);
				while( $inner_db->next_record() ) {
					array_push($term_ids, $inner_db->f("id"));
				}
				$inner_query = sprintf("SELECT id FROM words WHERE lookup = '%s'", myaddslashes($orig_word));
				$inner_db->query($inner_query);
				while( $inner_db->next_record() ) {
					array_push($term_ids, $inner_db->f("id"));
				}
				$inner_query = sprintf("
					SELECT word_meanings.id
						FROM word_meanings, meanings
						WHERE
							(word_meanings.word_id IN (%s) AND
							meanings.id = word_meanings.meaning_id AND
							meanings.hidden = 0)",
					join(", ", $term_ids));
				$inner_db->query($inner_query);
				if( $inner_db->nf() > 1 || ($hidden && $inner_db->nf() == 1) ) {
					?>

<?
$q = $_REQUEST['q'];
$q2 = myaddslashes($q);

$searchtitle = 'Поиск: '.htmlspecialchars($_REQUEST['q']);


$searchparams = Array(

     Array('tablename'=>$par->categorytable, 'act'=>'cat'),
     Array('tablename'=>$par->objectstable, 'act'=>'tovar','fields'=>'shorttext'),
     Array('tablename'=>$par->pagestable, 'act'=>'pages'),
     Array('tablename'=>$par->news1table, 'act'=>'novelty','fields'=>'shorttext'),

);

$sarr = Array();

foreach($searchparams AS $key=>$item)
{

    $add_search = "`title` LIKE '%$q2%' OR `text` LIKE '%$q2%'";

    if(isset($item["fields"])){
        $tmp = explode(";", $item["fields"]);
        foreach ($tmp as $fields_item) {
            $add_search.= " OR `".$fields_item."` LIKE '%$q2%'";            
        }
    }

    $sql = "SELECT * FROM".$item['tablename']." WHERE `hide`=0 AND (".$add_search.")";

print T_("Words and synsets added:");
?>
</td>
	<td>
		<?php 
$query = sprintf("SELECT count(*) AS ct FROM user_actions_log\n\t\t\tWHERE \n\t\t\t(type = '%s' OR type = '%s' OR type = 'h') AND\n\t\t\tuser_id = '%s'", ADD_WORD, ADD_SYNSET, myaddslashes($auth->auth['uname']));
$db->query($query);
$db->next_record();
print $db->f('ct');
?>
	</td>
</tr>
<tr>
	<td><?php 
print T_("Words and synsets removed:");
?>
</td>
	<td>
		<?php 
$query = sprintf("SELECT count(*) AS ct FROM user_actions_log\n\t\t\tWHERE \n\t\t\t(type = '%s' OR type = '%s') AND\n\t\t\tuser_id = '%s'", REMOVE_SYNONYM, REMOVE_SYNSET, myaddslashes($auth->auth['uname']));
$db->query($query);
$db->next_record();
print $db->f('ct');
?>
	</td>
</tr>
</table>

<?php 
include "include/bottom.php";
page_close();

<?php

$start = getmicrotime();
$word = $_GET['word'];
?>

<?php 
$query = sprintf("\n\tSELECT words.id AS word_id, word, meaning_id, super_id\n\tFROM words, word_meanings, meanings\n\tWHERE \n\t\tword = '%s' AND\n\t\twords.id = word_meanings.word_id AND\n\t\tword_meanings.meaning_id = meanings.id AND\n\t\tmeanings.hidden = 0 AND\n\t\tmeanings.id NOT IN (%s)\n\t\n\tUNION\n\n\tSELECT words.id AS word_id, word, meaning_id, super_id\n\tFROM words, word_meanings, meanings\n\tWHERE \n\t\tlookup = '%s' AND\n\t\twords.id = word_meanings.word_id AND\n\t\tword_meanings.meaning_id = meanings.id AND\n\t\tmeanings.hidden = 0 AND\n\t\tmeanings.id NOT IN (%s)\n\n\tORDER BY word", myaddslashes($word), HIDDEN_SYNSETS, myaddslashes($word), HIDDEN_SYNSETS);
$db->query($query);
$word_ids = array();
$words = array();
$prev_word_id = -1;
$prev_mid = -1;
$synmatches = 0;
if ($db->nf() == 0) {
    ?>
	<p class="firstcompact"><strong><?php 
    print _("No exact matches in OpenThesaurus. Did you mean...");
    ?>
</strong></p>
	<?php 
} else {
    ?>
	<p class="firstcompact"><strong><?php 
    print _("Synsets:");
    ?>
</strong></p>
	<ul class="compact">
	<?php 
}
while ($db->next_record()) {

	<input type="hidden" name="new_word" value="<?php 
    print escape($word);
    ?>
" />

	<?php 
    $word_query = "(";
    $parts = preg_split("/,/", $word);
    $i = 0;
    $word_regexp_array = array();
    foreach ($parts as $p) {
        if ($i > 0) {
            $word_query .= " OR ";
        }
        $p = trim($p);
        $word_query .= sprintf("word = '%s' OR lookup = '%s'", myaddslashes($p), myaddslashes($p));
        array_push($word_regexp_array, preg_quote($p, '/'));
        $i++;
    }
    $word_regexp = join('|', $word_regexp_array);
    $word_query .= ")";
    $query = sprintf("SELECT words.id AS word_id, word, meaning_id\n\t\tFROM words, word_meanings, meanings\n\t\tWHERE \n\t\t\t{$word_query} AND\n\t\t\twords.id = word_meanings.word_id AND\n\t\t\tword_meanings.meaning_id = meanings.id AND\n\t\t\tmeanings.hidden = 0 AND\n\t\t\tmeanings.id != %d\n\t\tORDER BY meaning_id", $_GET['meaning_id']);
    $db->query($query);
    $prev_word_id = -1;
    $prev_meaning_id = -1;
    while ($db->next_record()) {
        if ($db->f('meaning_id') == $prev_meaning_id) {
            # filter duplicates:
            $prev_meaning_id = $db->f('meaning_id');
            continue;
        }

<?php

$start = getmicrotime();
$queryterm = trim($_GET['word']);
$links = array();
$matches = 0;
if ($queryterm != "") {
    $query = sprintf("SELECT link, title FROM wikipedia_links, wikipedia_pages \n\t\tWHERE wikipedia_pages.title = '%s' AND wikipedia_pages.page_id = wikipedia_links.page_id", myaddslashes($queryterm));
    #print $query;
    $db->query($query);
    ?>
	<p class="compact"><strong>
		<a href="http://de.wikipedia.org">Wikipedia</a>-Links (<a href="faq.php#wikilinks">?</a>)</strong>:</p>
	<ul class="compact"><li>
	<?php 
    $wikilinks = array();
    while ($db->next_record()) {
        $link = $db->f("link");
        $realTitle = $db->f("title");
        if ($queryterm == $link || strpos($link, "(Begriffsklärung)") !== false) {
            continue;
        }
        if (in_array($link, $wikilinks)) {
            continue;
        }
        if ($matches > 0) {
            print ", ";
        }
        print "<a href=\"overview.php?word=" . urlencode(getLookupWord($db->f("link"))) . "\">" . $db->f("link") . "</a>";
        array_push($wikilinks, $link);
        $matches++;

<?


if($act=="add_comment")
{

        $name = myaddslashes($_REQUEST['name']);
        $text = myaddslashes($_REQUEST['text']);
        $product_id = myaddslashes($_REQUEST['product_id']);
        $email = myaddslashes($_REQUEST['email']);
        $rating = myaddslashes($_REQUEST['rating']);
          
        $currtime = time();

        $sql = "SELECT * FROM $par->commentstable WHERE `product_id`=$product_id";
        $res = mysql_query($sql);
        if ($line = mysql_fetch_array($res)){
                if($line['ip']==''){
                    $ip = "::".$_SERVER['REMOTE_ADDR']."::";
                }
                else{
                    $ip = $line['ip'].$_SERVER['REMOTE_ADDR']."::";
                }
        }

        $sql = "INSERT INTO $par->commentstable SET `ip`='$ip', `date`=$currtime, `rating`=$rating, `name`='$name',`hide`=1,`text`='$text',`email`='$email',`product_id`=$product_id";
        mysql_query($sql);

        // $sql = "UPDATE $par->objectstable SET `rating`= WHERE id=$product_id";
        // mysql_query($sql);

	}

    ///////////

    if (isset($_GET['artikul']) && $_GET['artikul'] != '')
    	$sql .= " and `artikul` = ".myaddslashes($_GET['artikul']);

    if (isset($_GET['shape_id']))
    	$sql .= " and `shape` = ".myaddslashes($_GET['shape_id']);

    if (isset($_GET['color_id']))
    	$sql .= " and colors LIKE '%:".$_GET['color_id'].":%'";

    if (isset($_GET['style_id'])){
    	foreach ($_GET['style_id'] as $key => $style_id) {
    		$sql .= " and `style` = ".myaddslashes($style_id);
    	}
    }

    $sql .= " ORDER by prior LIMIT $start, $objinpage";

    $res = mysql_query($sql);
    while($line = mysql_fetch_array($res,MYSQL_ASSOC)){
        $parent = $line['id'];
        $sql2 = "SELECT * FROM $par->fotorobjtable WHERE `reportid`=$parent ORDER by prior";
        $res2 = mysql_query($sql2);
        $line2 = mysql_fetch_array($res2,MYSQL_ASSOC);
        $img = img_check("products/product_",$line2['id']);
        $url = GetSeoUrl('tovar',$line['id'],$line);
        $line = LangProcess($line);