/** * Handles database insertion if the user tries to submit a new week. * * @param $db * The database reference. */ function week_post_handler(&$db) { if (isset($_POST)) { return; } global $success_message; global $error_message; global $WEEK_TYPE_DICT; if (!check_post_values_set(array('week_number', 'week_type', 'week_season', 'week_start_date', 'week_end_date'))) { $error_message = "Missing expected POST week values."; return; } if (!is_valid_number($_POST['week_number'])) { $error_message = "Illegal week number detected."; return; } $week_number = intval($_POST['week_number']); if (!is_valid_number($_POST['week_season'])) { $error_message = "Season is invalid."; return; } $week_season_id = intval($_POST['week_season']); if (!is_valid_number($_POST['week_type'])) { $error_message = "Unexpected week type."; return; } $week_type = intval($_POST['week_type']); if ($week_type < 0 || $week_type >= count($WEEK_TYPE_DICT)) { $error_message = "Unexpected week type number enumeration (outside range)."; return; } if (!is_valid_date($_POST['week_start_date'])) { $error_message = "Invalid start date, is it in YYYY-MM-DD form?"; return; } $start_date = $_POST['week_start_date']; if (!is_valid_date($_POST['week_end_date'])) { $error_message = "Invalid end date, is it in YYYY-MM-DD form?"; return; } $end_date = $_POST['week_end_date']; if ($start_date > $end_date) { $error_message = "Start date is after the end date."; return; } if (!week_in_season_range($start_date, $end_date, $db)) { $error_message = "This week is not in any season date range. Cannot figure out what season it belongs to."; return; } try { $stmt = $db->prepare('INSERT INTO weeks(fk_season_id, number, type, start_date, end_date) VALUES(:sid, :wnum, :wtype, :sdate, :edate)'); $stmt->execute(array("sid" => $week_season_id, "wnum" => $week_number, "wtype" => $week_type, "sdate" => $start_date, "edate" => $end_date)); $success_message = "Successful week addition."; } catch (PDOException $e) { $error_message = "Error adding week: " . $e->getMessage(); } }
function date_to_mysqldate($date) { if (is_mysql_date($date)) { return $date; } else { if (is_valid_date($date)) { $ndate = explode('/', $date, 3); return $ndate[2] . '-' . $ndate[1] . '-' . $ndate[0]; } else { return false; } } }
if (!isset($_POST['suppress_response_codes'])) { header('HTTP/1.1 403 Forbidden'); } else { echo generate_error($api_session->format, 'Invalid description paramater, max length could be 160 characters.', $_SERVER['REQUEST_URI'], $api_session->callback); } exit; } if (isset($_POST['location']) && mb_strlen($_POST['location']) > 30) { if (!isset($_POST['suppress_response_codes'])) { header('HTTP/1.1 403 Forbidden'); } else { echo generate_error($api_session->format, 'Invalid location paramater, max length could be 30 characters.', $_SERVER['REQUEST_URI'], $api_session->callback); } exit; } if (isset($_POST['birthdate']) && !is_valid_date($_POST['birthdate'])) { if (!isset($_POST['suppress_response_codes'])) { header('HTTP/1.1 403 Forbidden'); } else { echo generate_error($api_session->format, 'Invalid birthdate paramater, the birth date should be in YYYY-DD-MM format.', $_SERVER['REQUEST_URI'], $api_session->callback); } exit; } if (isset($_POST['gender']) && ($_POST['gender'] != 'm' && $_POST['gender'] != 'f')) { if (!isset($_POST['suppress_response_codes'])) { header('HTTP/1.1 403 Forbidden'); } else { echo generate_error($api_session->format, 'Invalid gender paramater, it could be m or f.', $_SERVER['REQUEST_URI'], $api_session->callback); } exit; }
function tzs_edit_shipment($id) { $sh_active = get_param_def('sh_active', '0'); $sh_date_from = get_param('sh_date_from'); $sh_date_to = get_param('sh_date_to'); $sh_city_from = get_param('sh_city_from'); $sh_city_to = get_param('sh_city_to'); $comment = get_param('comment'); $sh_descr = get_param('sh_descr'); $sh_weight = get_param_def('sh_weight', '0'); $sh_volume = get_param_def('sh_volume', '0'); $sh_type = get_param('sh_type'); $trans_type = get_param('trans_type'); $trans_count = get_param('trans_count'); $set_dim = isset($_POST['set_dim']); $sh_length = get_param('sh_length'); $sh_height = get_param('sh_height'); $sh_width = get_param('sh_width'); $cost = get_param_def('cost', '0'); $price = get_param_def('price', '0'); $cost_curr = get_param_def('cost_curr', '1'); $prepayment = get_param('prepayment'); $price_query = isset($_POST['price_query']) ? 1 : 0; $cash = isset($_POST['cash']) ? 1 : 0; $nocash = isset($_POST['nocash']) ? 1 : 0; $way_ship = isset($_POST['way_ship']) ? 1 : 0; $way_debark = isset($_POST['way_debark']) ? 1 : 0; $soft = isset($_POST['soft']) ? 1 : 0; $way_prepay = isset($_POST['way_prepay']) ? 1 : 0; // Контроль пересечения дат $sh_date_from_str = date("Ymd", strtotime($sh_date_from)); $sh_date_to_str = date("Ymd", strtotime($sh_date_to)); $sh_date_from = is_valid_date($sh_date_from); $sh_date_to = is_valid_date($sh_date_to); // Замена "," на точку "." в числах $sh_weight = str_replace(',', '.', $sh_weight); $sh_volume = str_replace(',', '.', $sh_volume); $sh_length = str_replace(',', '.', $sh_length); $sh_height = str_replace(',', '.', $sh_height); $sh_width = str_replace(',', '.', $sh_width); $cost = str_replace(',', '.', $cost); $price = str_replace(',', '.', $price); $prepayment = str_replace(',', '.', $prepayment); $errors = array(); if ($price_query && !is_valid_num_zero($cost) || !$price_query && !is_valid_num($cost)) { array_push($errors, "Неверно задана стоимость."); } if ($price_query && !is_valid_num_zero($price) || !$price_query && !is_valid_num($price)) { array_push($errors, "Неверно задана цена."); } if (!is_valid_num($cost_curr) || !isset($GLOBALS['tzs_curr'][intval($cost_curr)])) { array_push($errors, "Неверно задана валюта."); } if ($way_prepay && (!is_valid_num($prepayment) || floatval($prepayment) > 100)) { array_push($errors, "Неверно задан размер предоплаты."); } if (!$price_query && !$cash && !$nocash && !$way_ship && !$way_debark && !$soft && !$way_prepay) { array_push($errors, "Необходимо выбрать хотя бы один способ в блоке \"Форма расчета\"."); } if ($sh_date_from == null || $sh_date_to == null) { array_push($errors, "Неверный формат даты"); } // Контроль пересечения дат if ($sh_date_to_str < $sh_date_from_str) { array_push($errors, "Дата выгрузки не может быть РАНЬШЕ даты погрузки."); } if (!is_valid_city($sh_city_from)) { array_push($errors, "Неверный пункт погрузки"); } if (!is_valid_city($sh_city_to)) { array_push($errors, "Неверный пункт разгрузки"); } if (strlen($sh_descr) < 2) { array_push($errors, "Введите описание груза"); } if (!is_valid_num_zero($sh_weight)) { array_push($errors, "Неверно задан вес"); } if (!is_valid_num_zero($sh_volume)) { array_push($errors, "Неверно задан объем"); } if (strlen($trans_count) == 0) { $trans_count = '1'; } if (!is_valid_num($trans_count)) { array_push($errors, "Неверно задано количество машин"); } if (!is_numeric($sh_type) || intval($sh_type) < 1) { array_push($errors, "Неверно задан тип груза"); } if (!is_numeric($trans_type) || intval($trans_type) < 0) { array_push($errors, "Неверно задан тип ТС"); } if ($set_dim) { if (!is_valid_num($sh_length)) { array_push($errors, "Неверно задана длина груза"); } if (!is_valid_num($sh_width)) { array_push($errors, "Неверно задана ширина груза"); } if (!is_valid_num($sh_height)) { array_push($errors, "Неверно задана высота груза"); } } else { $sh_length = '0'; $sh_width = '0'; $sh_height = '0'; } $user_id = get_current_user_id(); $from_info = null; $to_info = null; if (count($errors) == 0) { $from_info = tzs_yahoo_convert($sh_city_from); if (isset($from_info["error"])) { array_push($errors, "Не удалось распознать населенный пункт погрузки: " . $from_info["error"]); } $to_info = tzs_yahoo_convert($sh_city_to); if (isset($to_info["error"])) { array_push($errors, "Не удалось распознать населенный пункт выгрузки: " . $to_info["error"]); } } if (count($errors) > 0) { tzs_print_shipment_form($errors, $id > 0); } else { global $wpdb; $sh_date_from = date('Y-m-d', mktime(0, 0, 0, $sh_date_from['month'], $sh_date_from['day'], $sh_date_from['year'])); $sh_date_to = date('Y-m-d', mktime(0, 0, 0, $sh_date_to['month'], $sh_date_to['day'], $sh_date_to['year'])); $temp = $from_info['city_id']; $sql = "SELECT lat,lng FROM " . TZS_CITIES_TABLE . " WHERE city_id={$temp};"; $row1 = $wpdb->get_row($sql); $temp = $to_info['city_id']; $sql = "SELECT lat,lng FROM " . TZS_CITIES_TABLE . " WHERE city_id={$temp};"; $row2 = $wpdb->get_row($sql); //print("http://maps.googleapis.com/maps/api/distancematrix/json?origins=$lng1,$lat1&destinations=$lng2,$lat2&language=en-EN&sensor=false"); //print("http://maps.googleapis.com/maps/api/distancematrix/json?origins=$row1->lng,$row1->lat&destinations=$row2->lng,$row2->lat&language=ru-RU&sensor=false");echo '<br>'; /* $data = file_get_contents("http://maps.googleapis.com/maps/api/distancematrix/json?origins=$row1->lat,$row1->lng&destinations=$row2->lat,$row2->lng&language=ru-RU&sensor=false"); $data = json_decode($data); $dis = $data->rows[0]->elements[0]->distance->value / 1000; */ /* Не срабатывает это: $sh_distance = get_param('sh_distance'); */ // А теперь на срабатывает это //$sh_distance = get_param('length'); $sh_distance = get_param('sh_distance'); //echo 'Дистанция - '+$sh_distance+'<br>'; if ($id == 0) { $sql = $wpdb->prepare("INSERT INTO " . TZS_SHIPMENT_TABLE . " (time, last_edited, user_id, sh_date_from, sh_date_to, sh_city_from, sh_city_to, sh_descr, sh_weight, sh_volume, sh_length, sh_height, sh_width, trans_count, trans_type, sh_type, active, comment, distance, from_cid, from_rid, from_sid, to_cid, to_rid, to_sid, price, price_val, cost, cash, nocash, way_ship, way_debark, soft, way_prepay, prepayment, price_query)" . " VALUES (now(), NULL, %d, %s, %s, %s, %s, %s, %f, %f, %f, %f, %f, %d, %d, %d, %d, %s, %d, %d, %d, %d, %d, %d, %d, %f, %d, %f, %d, %d, %d, %d, %d, %d, %f, %d);", $user_id, $sh_date_from, $sh_date_to, stripslashes_deep($sh_city_from), stripslashes_deep($sh_city_to), stripslashes_deep($sh_descr), floatval($sh_weight), floatval($sh_volume), floatval($sh_length), floatval($sh_height), floatval($sh_width), intval($trans_count), intval($trans_type), intval($sh_type), intval($sh_active), stripslashes_deep($comment), $sh_distance, $from_info["country_id"], $from_info["region_id"], $from_info["city_id"], $to_info["country_id"], $to_info["region_id"], $to_info["city_id"], floatval($price), intval($cost_curr), floatval($cost), intval($cash), intval($nocash), intval($way_ship), intval($way_debark), intval($soft), intval($way_prepay), floatval($prepayment), intval($price_query)); if (false === $wpdb->query($sql)) { array_push($errors, "Не удалось опубликовать Ваш груз. Свяжитесь, пожалуйста, с администрацией сайта"); array_push($errors, $wpdb->last_error); //$errors = array_merge($errors, $dis['errors']); tzs_print_shipment_form($errors, false); } else { //print_errors($dis['errors']); echo "Ваш груз опубликован!"; echo "<br/>"; //echo '<pre>'.print_r($_POST,true).'</pre>'; echo '<a href="/view-shipment/?id=' . tzs_find_latest_shipment_rec() . '&spis=new">Просмотреть груз</a>'; $new_url = get_site_url() . '/my-shipments'; echo '<meta http-equiv="refresh" content="0; url=' . $new_url . '">'; } } else { $sql = $wpdb->prepare("UPDATE " . TZS_SHIPMENT_TABLE . " SET " . " last_edited=now(), sh_date_from=%s, sh_date_to=%s, sh_city_from=%s, sh_city_to=%s, sh_descr=%s, sh_weight=%f, sh_volume=%f, sh_length=%f, sh_height=%f, sh_width=%f, trans_count=%d, trans_type=%d, sh_type=%d, active=%d, comment=%s, distance=%d, " . " from_cid=%d,from_rid=%d,from_sid=%d,to_cid=%d,to_rid=%d,to_sid=%d, price=%f, price_val=%d," . " cost=%f, cash=%d, nocash=%d, way_ship=%d, way_debark=%d, soft=%d, way_prepay=%d, prepayment=%f, price_query=%d" . " WHERE id=%d AND user_id=%d;", $sh_date_from, $sh_date_to, stripslashes_deep($sh_city_from), stripslashes_deep($sh_city_to), stripslashes_deep($sh_descr), floatval($sh_weight), floatval($sh_volume), floatval($sh_length), floatval($sh_height), floatval($sh_width), intval($trans_count), intval($trans_type), intval($sh_type), intval($sh_active), stripslashes_deep($comment), round($dis['distance'] / 1000), $from_info["country_id"], $from_info["region_id"], $from_info["city_id"], $to_info["country_id"], $to_info["region_id"], $to_info["city_id"], floatval($price), intval($cost_curr), floatval($cost), intval($cash), intval($nocash), intval($way_ship), intval($way_debark), intval($soft), intval($way_prepay), floatval($prepayment), intval($price_query), $id, $user_id); if (false === $wpdb->query($sql)) { array_push($errors, "Не удалось изменить Ваш груз. Свяжитесь, пожалуйста, с администрацией сайта"); array_push($errors, $wpdb->last_error); $errors = array_merge($errors, $dis['errors']); tzs_print_shipment_form($errors, true); } else { //print_errors($dis['errors']); echo "Ваш груз изменен"; echo "<br/>"; echo '<a href="/view-shipment/?id=' . $id . '&spis=new">Просмотреть груз</a>'; $new_url = get_site_url() . '/my-shipments'; echo '<meta http-equiv="refresh" content="0; url=' . $new_url . '">'; } } } }
function valid_date($date) { return is_valid_date($date); }
/** * 检查类型约束 * @param string $type 需要约束的类型 * @param string $value 需要约束的值 * @return mixed */ public function checkTypeContraint($type, $value) { switch ($type) { case 'TINYINT': case 'SMALLINT': case 'INT': case 'BIGINT': if (!isint($value)) { return $this->resultReturn(false, 'int'); } break; case 'FLOAT': case 'DOUBLE': if (!isdouble($value)) { return $this->resultReturn(false, 'double'); } break; case 'date': if (!is_valid_date($value)) { return $this->resultReturn(false, 'date'); } break; } return $this->resultReturn(true); }
function doUpdate(&$argsObj, $basehref) { $date_format_cfg = config_get('date_format'); $obj = new stdClass(); $descr_prefix = lang_get('Milestone') . TITLE_SEP; $obj = $this->edit($argsObj); $obj->user_feedback = 'ok'; $obj->template = null; $dummy = $this->milestone_mgr->get_by_id($argsObj->id); $originalMilestone = $dummy[$argsObj->id]; $op_ok = 1; // Check name do not exists $name_exists = $this->milestone_mgr->check_name_existence($originalMilestone['testplan_id'], $argsObj->name, $argsObj->id); if ($name_exists) { $obj->user_feedback = sprintf(lang_get('milestone_name_already_exists'), $argsObj->name); $op_ok = 0; } // BUGID 3716 // are the dates valid? if ($op_ok) { // start date is optional $op_ok = is_valid_date($argsObj->target_date_original, $date_format_cfg) && ($argsObj->start_date_original == '' || is_valid_date($argsObj->start_date_original, $date_format_cfg)); if (!$op_ok) { $obj->user_feedback = lang_get('warning_invalid_date'); } } // target date changed ? if ($op_ok) { $timestamp = array(); $timestamp['target'] = strtotime($argsObj->target_date . " 23:59:59"); $timestamp['original_target'] = strtotime($originalMilestone['target_date'] . " 23:59:59"); $timestamp['now'] = strtotime("now"); if ($timestamp['target'] != $timestamp['original_target'] && $timestamp['target'] < $timestamp['now']) { $op_ok = 0; $obj->user_feedback = lang_get('warning_milestone_date'); } } // BUGID 3829 - check target date > start date if ($op_ok && isset($argsObj->start_date)) { $timestamp['target'] = strtotime($argsObj->target_date . " 23:59:59"); $timestamp['start'] = strtotime($argsObj->start_date . " 23:59:59"); // target must be chronologically after start if ($timestamp['target'] < $timestamp['start']) { $op_ok = 0; $obj->user_feedback = lang_get('warning_target_before_start'); } } if ($op_ok) { // BUGID 3907 - start date is optional -> if empty set to default date if (!isset($argsObj->start_date) || $argsObj->start_date == "") { $argsObj->start_date = "0000-00-00"; } $op_ok = $this->milestone_mgr->update($argsObj->id, $argsObj->name, $argsObj->target_date, $argsObj->start_date, $argsObj->low_priority_tcases, $argsObj->medium_priority_tcases, $argsObj->high_priority_tcases); } if ($op_ok) { $obj->main_descr = ''; $obj->action_descr = ''; $obj->template = $basehref . $this->viewAction . "?tproject_id=" . $argsObj->tproject_id . "&tplan_id=" . $argsObj->tplan_id; logAuditEvent(TLS("audit_milestone_saved", $argsObj->tplan_name, $argsObj->name), "SAVE", $argsObj->id, "milestones"); } else { // Action has failed => no change done on DB. $obj->main_descr = $descr_prefix . $originalMilestone['name']; } return $obj; }
function validateFields($fields, $rules) { $errors = array(); // loop through rules for ($i = 0; $i < count($rules); $i++) { // split row into component parts $row = explode(",", $rules[$i]); // while the row begins with "if:..." test the condition. If true, strip the if:..., part and // continue evaluating the rest of the line. Keep repeating this while the line begins with an // if-condition. If it fails any of the conditions, don't bother validating the rest of the line $satisfies_if_conditions = true; while (preg_match("/^if:/", $row[0])) { $condition = preg_replace("/^if:/", "", $row[0]); // check if it's a = or != test $comparison = "equal"; $parts = array(); if (preg_match("/!=/", $condition)) { $parts = explode("!=", $condition); $comparison = "not_equal"; } else { $parts = explode("=", $condition); } $field_to_check = $parts[0]; $value_to_check = $parts[1]; // if the VALUE is NOT the same, we don't need to validate this field. Return. if ($comparison == "equal" && $fields[$field_to_check] != $value_to_check) { $satisfies_if_conditions = false; break; } else { if ($comparison == "not_equal" && $fields[$field_to_check] == $value_to_check) { $satisfies_if_conditions = false; break; } else { array_shift($row); } } // remove this if-condition from line, and continue validating line } if (!$satisfies_if_conditions) { continue; } $requirement = $row[0]; $field_name = $row[1]; // depending on the validation test, store the incoming strings for use later... if (count($row) == 6) { $field_name2 = $row[2]; $field_name3 = $row[3]; $date_flag = $row[4]; $error_message = $row[5]; } else { if (count($row) == 5) { $field_name2 = $row[2]; $field_name3 = $row[3]; $error_message = $row[4]; } else { if (count($row) == 4) { $field_name2 = $row[2]; $error_message = $row[3]; } else { $error_message = $row[2]; } } } // everything else! // if the requirement is "length=...", rename requirement to "length" for switch statement if (preg_match("/^length/", $requirement)) { $length_requirements = $requirement; $requirement = "length"; } // if the requirement is "range=...", rename requirement to "range" for switch statement if (preg_match("/^range/", $requirement)) { $range_requirements = $requirement; $requirement = "range"; } // now, validate whatever is required of the field switch ($requirement) { case "required": if (!isset($fields[$field_name]) || $fields[$field_name] == "") { $errors[] = $error_message; } break; case "digits_only": if (isset($fields[$field_name]) && preg_match("/\\D/", $fields[$field_name])) { $errors[] = $error_message; } break; case "letters_only": if (isset($fields[$field_name]) && preg_match("/[^a-zA-Z]/", $fields[$field_name])) { $errors[] = $error_message; } break; // doesn't fail if field is empty // doesn't fail if field is empty case "valid_email": if (!LoginUtils::IsEmailValid($fields[$field_name])) { $errors[] = $error_message; } break; case "length": $comparison_rule = ""; $rule_string = ""; if (preg_match("/length=/", $length_requirements)) { $comparison_rule = "equal"; $rule_string = preg_replace("/length=/", "", $length_requirements); } else { if (preg_match("/length>=/", $length_requirements)) { $comparison_rule = "greater_than_or_equal"; $rule_string = preg_replace("/length>=/", "", $length_requirements); } else { if (preg_match("/length<=/", $length_requirements)) { $comparison_rule = "less_than_or_equal"; $rule_string = preg_replace("/length<=/", "", $length_requirements); } else { if (preg_match("/length>/", $length_requirements)) { $comparison_rule = "greater_than"; $rule_string = preg_replace("/length>/", "", $length_requirements); } else { if (preg_match("/length</", $length_requirements)) { $comparison_rule = "less_than"; $rule_string = preg_replace("/length</", "", $length_requirements); } } } } } switch ($comparison_rule) { case "greater_than_or_equal": if (!(strlen($fields[$field_name]) >= $rule_string)) { $errors[] = $error_message; } break; case "less_than_or_equal": if (!(strlen($fields[$field_name]) <= $rule_string)) { $errors[] = $error_message; } break; case "greater_than": if (!(strlen($fields[$field_name]) > $rule_string)) { $errors[] = $error_message; } break; case "less_than": if (!(strlen($fields[$field_name]) < $rule_string)) { $errors[] = $error_message; } break; case "equal": // if the user supplied two length fields, make sure the field is within that range if (preg_match("/-/", $rule_string)) { list($start, $end) = explode("-", $rule_string); if (strlen($fields[$field_name]) < $start || strlen($fields[$field_name]) > $end) { $errors[] = $error_message; } } else { if (strlen($fields[$field_name]) != $rule_string) { $errors[] = $error_message; } } break; } break; case "range": $comparison_rule = ""; $rule_string = ""; if (preg_match("/range=/", $range_requirements)) { $comparison_rule = "equal"; $rule_string = preg_replace("/range=/", "", $range_requirements); } else { if (preg_match("/range>=/", $range_requirements)) { $comparison_rule = "greater_than_or_equal"; $rule_string = preg_replace("/range>=/", "", $range_requirements); } else { if (preg_match("/range<=/", $range_requirements)) { $comparison_rule = "less_than_or_equal"; $rule_string = preg_replace("/range<=/", "", $range_requirements); } else { if (preg_match("/range>/", $range_requirements)) { $comparison_rule = "greater_than"; $rule_string = preg_replace("/range>/", "", $range_requirements); } else { if (preg_match("/range</", $range_requirements)) { $comparison_rule = "less_than"; $rule_string = preg_replace("/range</", "", $range_requirements); } } } } } switch ($comparison_rule) { case "greater_than": if (!($fields[$field_name] > $rule_string)) { $errors[] = $error_message; } break; case "less_than": if (!($fields[$field_name] < $rule_string)) { $errors[] = $error_message; } break; case "greater_than_or_equal": if (!($fields[$field_name] >= $rule_string)) { $errors[] = $error_message; } break; case "less_than_or_equal": if (!($fields[$field_name] <= $rule_string)) { $errors[] = $error_message; } break; case "equal": list($start, $end) = explode("-", $rule_string); if ($fields[$field_name] < $start || $fields[$field_name] > $end) { $errors[] = $error_message; } break; } break; case "same_as": if ($fields[$field_name] != $fields[$field_name2]) { $errors[] = $error_message; } break; case "valid_date": // this is written for future extensibility of isValidDate function to allow // checking for dates BEFORE today, AFTER today, IS today and ANY day. $is_later_date = false; if ($date_flag == "later_date") { $is_later_date = true; } else { if ($date_flag == "any_date") { $is_later_date = false; } } if (!is_valid_date($fields[$field_name], $fields[$field_name2], $fields[$field_name3], $is_later_date)) { $errors[] = $error_message; } break; case "is_alpha": if (preg_match('/[^A-Za-z0-9]/', $fields[$field_name])) { $errors[] = $error_message; } break; case "custom_alpha": $chars = array(); $chars["L"] = "[A-Z]"; $chars["V"] = "[AEIOU]"; $chars["l"] = "[a-z]"; $chars["v"] = "[aeiou]"; $chars["D"] = "[a-zA-Z]"; $chars["F"] = "[aeiouAEIOU]"; $chars["C"] = "[BCDFGHJKLMNPQRSTVWXYZ]"; $chars["x"] = "[0-9]"; $chars["c"] = "[bcdfghjklmnpqrstvwxyz]"; $chars["X"] = "[1-9]"; $chars["E"] = "[bcdfghjklmnpqrstvwxyzBCDFGHJKLMNPQRSTVWXYZ]"; $reg_exp_str = ""; for ($j = 0; $j < strlen($field_name2); $j++) { if (array_key_exists($field_name2[$j], $chars)) { $reg_exp_str .= $chars[$field_name2[$j]]; } else { $reg_exp_str .= $field_name2[$j]; } } if (!empty($fields[$field_name]) && !preg_match("/{$reg_exp_str}/", $fields[$field_name])) { $errors[] = $error_message; } break; case "reg_exp": $reg_exp_str = $field_name2; // rather crumby, but... if (count($row) == 5) { $reg_exp = "/" . $reg_exp_str . "/" . $row[3]; } else { $reg_exp = "/" . $reg_exp_str . "/"; } if (!empty($fields[$field_name]) && !preg_match($reg_exp, $fields[$field_name])) { $errors[] = $error_message; } break; default: die("Unknown requirement flag in validate_fields(): {$requirement}"); break; } } return $errors; }
function offer_seats() { if (!is_logged_in()) { redirect('login'); } $this->init_scripts = array('frontend/_partials/google_script'); if ($this->input->is_ajax_request()) { $this->load->model('rides_model'); try { $this->db->trans_begin(); if (!get_current_user_id()) { throw new Exception("Your session is expired."); } $form = $this->security->xss_clean($this->input->post()); //Enter rides data $rides = array(); $rides['user_id'] = get_current_user_id(); $rides['origin_name'] = $form['origin_name']; $rides['origin_latlng'] = $form['origin_latlng']; $rides['origin_address'] = $form['origin_address']; $rides['dest_name'] = $form['dest_name']; $rides['dest_latlng'] = $form['dest_latlng']; $rides['dest_address'] = $form['dest_address']; $rides['schedule_type'] = 'OT'; $rides['ride_type'] = $form['ride_type'] == 'up_down' ? 'R' : 'S'; $ride_id = $this->rides_model->insert($rides); if (!$ride_id) { throw new Exception("Database error."); } //Enter Ride Details $ride_details = array(); $ride_details['ride_id'] = $ride_id; $ride_details['seat_count'] = $form['seat_count']; $ride_details['description'] = $form['ride_details']; $ride_details['luggage'] = $form['luggage']; $ride_details['schedule_flexibility'] = $form['schedule_flexibility']; $ride_details['detour_flexibility'] = $form['detour_flexibility']; $ride_details['total_dist'] = $form['total_dist']; $ride_details['total_time'] = $form['total_time']; $this->rides_model->insert($ride_details, 'ride_details'); //Schedules $dep_date = $this->input->post('dep_date'); if (!is_valid_date($dep_date, 'Y-m-d H:i')) { throw new Exception("Deaprture date is invalid."); } $ride_schedules = array(); $ride_schedules['ride_id'] = $ride_id; $ride_schedules['ride_day'] = date('w', strtotime($dep_date)); $ride_schedules['ride_start_time'] = date('H:i', strtotime($dep_date)); $ride_schedules['schedule_start_date'] = date('Y-m-d', strtotime($dep_date)); $ride_schedules['schedule_end_date'] = date('Y-m-d', strtotime($dep_date)); $ride_schedules['towards'] = 'up'; $this->rides_model->insert($ride_schedules, 'ride_schedules'); if ($this->input->post('ride_type') == 'up_down') { $ret_date = $this->input->post('ret_date'); if (!is_valid_date($ret_date, 'Y-m-d H:i')) { throw new Exception("Return date is invalid."); } $ride_schedules = array(); $ride_schedules['ride_id'] = $ride_id; $ride_schedules['ride_day'] = date('w', strtotime($ret_date)); $ride_schedules['ride_start_time'] = date('H:i', strtotime($ret_date)); $ride_schedules['schedule_start_date'] = date('Y-m-d', strtotime($ret_date)); $ride_schedules['schedule_end_date'] = date('Y-m-d', strtotime($ret_date)); $ride_schedules['towards'] = 'down'; $this->rides_model->insert($ride_schedules, 'ride_schedules'); } //Waypoints $waypoints = $this->input->post('waypoints'); if (isset($waypoints) && is_array($waypoints)) { foreach ($waypoints as $waypoint) { $temp = array(); $temp['ride_id'] = $ride_id; $temp['wp_name'] = $waypoint['name']; $temp['wp_address'] = $waypoint['address']; $temp['wp_latlng'] = $waypoint['latlng']; $this->rides_model->insert($temp, 'ride_waypoints'); } } if ($this->db->trans_status() === FALSE) { throw new Exception("Database error."); } $this->db->trans_commit(); $status = 'success'; $message = 'Published successfully.'; } catch (Exception $e) { $status = 'error'; $message = $e->getMessage(); $this->db->trans_rollback(); } $output = array('status' => $status, 'message' => $message); $this->_ajax_output($output, TRUE); } $this->data['tmenu'] = $this->load->view('frontend/_partials/top-menu', $this->data, TRUE); $this->layout->view('frontend/home/offer_seats'); }
public function dispatch() { global $awpcp_plugin_path; global $start_date; global $end_date; global $import_date_format; global $date_sep; global $time_sep; global $auto_cat; global $assign_user; global $assigned_user; global $test_import; global $import_count; global $reject_count; global $pic_import_count; global $import_errors; $do_import = awpcp_post_param('do_import'); $do_test_import = awpcp_post_param('do_test_import'); if (!empty($do_import)) { $import_type = 'Import'; } else { if (!empty($do_test_import)) { $import_type = 'Test Import'; } else { $import_type = false; } } $test_import = strcmp($import_type, "Test Import") === 0; $start_date = awpcp_post_param("startDate", ''); $end_date = awpcp_post_param("endDate", ''); $import_date_format = awpcp_post_param("date_fmt", 'us_date'); $date_sep = awpcp_post_param("sep_date", '/'); $time_sep = awpcp_post_param("sep_time", ':'); $auto_cat = awpcp_post_param("auto_cat", 0); $assign_user = awpcp_post_param('assign_user', 0); $assigned_user = intval(awpcp_post_param('user', 0)); // Original implementation used a global var to pass errors. // That is still used until I got a change to refactor the // existing functions to use an errors array passed by reference. // The messages array is only used to report when a new user // is created. $errors = array(); $messages = array(); $form_errors = array(); $importer = null; if (!empty($import_type)) { $msg = __('There was an error with your CSV file: %s', 'AWPCP'); list($csv_error, $message) = awpcp_uploaded_file_error($_FILES['import']); if (!in_array($csv_error, array(UPLOAD_ERR_OK))) { $form_errors['import'] = sprintf($msg, $message); } else { $csv_file_name = $_FILES['import']['name']; $ext = trim(strtolower(substr(strrchr($csv_file_name, "."), 1))); if ($ext != "csv") { $form_errors['import'] = sprintf($msg, __('Please upload a valid CSV file.', 'AWPCP')); } } $msg = __('There was an error with your ZIP file: %s', 'AWPCP'); list($zip_error, $message) = awpcp_uploaded_file_error($_FILES['import_zip']); if (!in_array($zip_error, array(UPLOAD_ERR_OK, UPLOAD_ERR_NO_FILE))) { $form_errors['import_zip'] = sprintf($msg, $message); } else { if ($zip_error === UPLOAD_ERR_OK) { $zip_file_name = $_FILES['import_zip']['name']; $ext = trim(strtolower(substr(strrchr($zip_file_name, "."), 1))); if ($ext != "zip") { $form_errors['import_zip'] = sprintf($msg, __('Please upload a valid ZIP file.', 'AWPCP')); } } } if (!empty($start_date)) { $date_arr = explode("/", $start_date); if (!is_valid_date($date_arr[0], $date_arr[1], $date_arr[2])) { $form_errors['startDate'] = __('Invalid Start Date.', 'AWPCP'); } else { if (strlen($date_arr[2]) != 4) { $form_errors['startDate'] = __('Invalid Start Date -- Year Must be of Four Digit.', 'AWPCP'); } } } if (!empty($end_date)) { $date_arr = explode("/", $end_date); if (!is_valid_date($date_arr[0], $date_arr[1], $date_arr[2])) { $form_errors['endDate'] = __('Invalid End Date.', 'AWPCP'); } else { if (strlen($date_arr[2]) != 4) { $form_errors['endDate'] = __('Invalid End Date -- Year Must be of Four Digit.', 'AWPCP'); } } } if (empty($form_errors)) { if (empty($errors)) { $csv = $_FILES['import']['tmp_name']; $zip = $_FILES['import_zip']['tmp_name']; $importer = new AWPCP_CSV_Importer(array('start-date' => $start_date, 'end-date' => $end_date, 'date-format' => $import_date_format, 'date-separator' => $date_sep, 'time-separator' => $time_sep, 'autocreate-categories' => $auto_cat, 'assign-user' => $assign_user, 'default-user' => $assigned_user, 'test-import' => $test_import)); $importer->import($csv, $zip, $errors, $messages); } } } ob_start(); include AWPCP_DIR . '/admin/templates/admin-panel-csv-importer.tpl.php'; $html = ob_get_contents(); ob_end_clean(); echo $html; }
function tzs_validate_search_parameters() { $errors = array(); $res = array(); // get parameters from _POST $country_from = get_param_def('country_from', '0'); $country_to = get_param_def('country_to', '0'); $region_from = get_param_def('region_from', '0'); $region_to = get_param_def('region_to', '0'); $cargo_city_from = isset($_POST['cargo_city_from']); $cargo_city_to = isset($_POST['cargo_city_to']); $cargo_cityname_from = $cargo_city_from ? get_param('cargo_cityname_from') : null; $cargo_cityname_to = $cargo_city_to ? get_param('cargo_cityname_to') : null; $data_from = get_param_def('data_from', null); $data_to = get_param_def('data_to', null); $weight_from = get_param_def('weight_from', '0'); $weight_to = get_param_def('weight_to', '0'); $volume_from = get_param_def('volume_from', '0'); $volume_to = get_param_def('volume_to', '0'); $trans_type = get_param_def('trans_type', '0'); $sh_type = get_param_def('sh_type', '0'); $cargo_city_from_radius_check = isset($_POST['cargo_city_from_radius_check']); $cargo_city_from_radius_value = get_param_def('cargo_city_from_radius_value', 0); $price_from = get_param_def('price_from', '0'); $price_to = get_param_def('price_to', '0'); $price_km_from = get_param_def('price_km_from', '0'); $price_km_to = get_param_def('price_km_to', '0'); $sh_descr = get_param('sh_descr'); // validate and parse parameters if (is_valid_num_zero($cargo_city_from_radius_value)) { $cargo_city_from_radius_value = intval($cargo_city_from_radius_value); } else { array_push($errors, "Неверно выбран радиус"); } if (is_valid_num_zero($country_from)) { // use float not int because ID can be long $country_from = floatval($country_from); } else { array_push($errors, "Неверно выбрана страна погрузки"); } if (is_valid_num_zero($country_to)) { // use float not int because ID can be long $country_to = floatval($country_to); } else { array_push($errors, "Неверно выбрана страна выгрузки"); } if (is_valid_num_zero($region_from)) { // use float not int because ID can be long $region_from = floatval($region_from); } else { array_push($errors, "Неверно выбран регион погрузки"); } if (is_valid_num_zero($region_to)) { // use float not int because ID can be long $region_to = floatval($region_to); } else { array_push($errors, "Неверно выбран регион выгрузки"); } if ($cargo_cityname_from != null && strlen($cargo_cityname_from) == 0) { $cargo_cityname_from = null; } if ($cargo_cityname_to != null && strlen($cargo_cityname_to) == 0) { $cargo_cityname_to = null; } if ($data_from != null && strlen($data_from) > 0) { $data_from = is_valid_date($data_from); if ($data_from == null) { array_push($errors, "Неверный формат даты (с)"); } } else { $data_from = null; } if ($data_to != null && strlen($data_to) > 0) { $data_to = is_valid_date($data_to); if ($data_to == null) { array_push($errors, "Неверный формат даты (по)"); } } else { $data_to = null; } if (is_valid_num_zero($weight_from)) { $weight_from = intval($weight_from); } else { array_push($errors, "Неверно выбрана масса (от)"); } if (is_valid_num_zero($weight_to)) { $weight_to = intval($weight_to); } else { array_push($errors, "Неверно выбрана масса (до)"); } if (is_valid_num_zero($volume_from)) { $volume_from = intval($volume_from); } else { array_push($errors, "Неверно выбран объем (от)"); } if (is_valid_num_zero($volume_to)) { $volume_to = intval($volume_to); } else { array_push($errors, "Неверно выбран объем (до)"); } if (is_valid_num_zero($trans_type)) { $trans_type = intval($trans_type); } else { array_push($errors, "Неверно выбран тип транспорта"); } if (is_valid_num_zero($sh_type)) { $sh_type = intval($sh_type); } else { array_push($errors, "Неверно выбран тип груза"); } $cargo_cityname_from_ids = null; if ($cargo_cityname_from != null && count($errors) == 0) { $r = tzs_city_to_ids($cargo_cityname_from, $region_from, $country_from); if (isset($r['error'])) { array_push($errors, $r['error']); } else { $cargo_cityname_from_ids = isset($r['ids']) ? $r['ids'] : null; } } if (is_valid_num_zero($price_from)) { $price_from = intval($price_from); } else { array_push($errors, "Неверно выбрана стоимость (от)"); } if (is_valid_num_zero($price_to)) { $price_to = intval($price_to); } else { array_push($errors, "Неверно выбрана стоимость (до)"); } if (is_valid_num_zero($price_km_from)) { $price_km_from = intval($price_km_from); } else { array_push($errors, "Неверно выбрана цена 1 км (от)"); } if (is_valid_num_zero($price_km_to)) { $price_km_to = intval($price_km_to); } else { array_push($errors, "Неверно выбрана цена 1 км (до)"); } // KSK - добавляем выбор ids для городов в радиусе $cargo_city_from_radius_ids = null; if ($cargo_city_from_radius_check && $cargo_cityname_from != null && count($errors) == 0) { $r = tzs_city_from_radius_to_ids($cargo_cityname_from, $region_from, $country_from, $cargo_city_from_radius_value); if (isset($r['error'])) { array_push($errors, $r['error']); } else { $cargo_city_from_radius_ids = isset($r['ids']) ? $r['ids'] : null; } } $cargo_cityname_to_ids = null; if ($cargo_cityname_to != null && count($errors) == 0) { $r = tzs_city_to_ids($cargo_cityname_to, $region_to, $country_to); if (isset($r['error'])) { array_push($errors, $r['error']); } else { $cargo_cityname_to_ids = isset($r['ids']) ? $r['ids'] : null; } } if ($sh_descr != null && strlen($sh_descr) == 0) { $sh_descr = null; } if (count($errors) == 0) { if ($country_from > 0) { $res['country_from'] = $country_from; } if ($country_to > 0) { $res['country_to'] = $country_to; } if ($region_from > 0) { $res['region_from'] = $region_from; } if ($region_to > 0) { $res['region_to'] = $region_to; } if ($cargo_cityname_from != null) { $res['cargo_cityname_from'] = $cargo_cityname_from; } if ($cargo_cityname_to != null) { $res['cargo_cityname_to'] = $cargo_cityname_to; } if ($data_from != null) { $res['data_from'] = $data_from; $res['data_from_str'] = get_param('data_from'); } if ($data_to != null) { $res['data_to'] = $data_to; $res['data_to_str'] = get_param('data_to'); } if ($weight_from > 0) { $res['weight_from'] = $weight_from; } if ($weight_to > 0) { $res['weight_to'] = $weight_to; } if ($volume_from > 0) { $res['volume_from'] = $volume_from; } if ($volume_to > 0) { $res['volume_to'] = $volume_to; } if ($trans_type > 0) { $res['trans_type'] = $trans_type; } if ($sh_type > 0) { $res['sh_type'] = $sh_type; } if ($cargo_cityname_from_ids != null) { $res['cargo_cityname_from_ids'] = $cargo_cityname_from_ids; } if ($cargo_cityname_to_ids != null) { $res['cargo_cityname_to_ids'] = $cargo_cityname_to_ids; } if ($cargo_city_from_radius_ids != null) { $res['cargo_city_from_radius_ids'] = $cargo_city_from_radius_ids; } if ($cargo_city_from_radius_value != null) { $res['cargo_city_from_radius_value'] = $cargo_city_from_radius_value; } if ($price_from > 0) { $res['price_from'] = $price_from; } if ($price_to > 0) { $res['price_to'] = $price_to; } if ($price_km_from > 0) { $res['price_km_from'] = $price_km_from; } if ($price_km_to > 0) { $res['price_km_to'] = $price_km_to; } if ($sh_descr != null) { $res['sh_descr'] = $sh_descr; } } $res['errors'] = $errors; return $res; }
$Type = 'title'; } // What are we looking for? Let's make sure it isn't dangerous. if (isset($_GET['search'])) { $Search = trim($_GET['search']); } else { $Search = ''; } $ThreadAfterDate = db_string($_GET['thread_created_after']); $ThreadBeforeDate = db_string($_GET['thread_created_before']); if (!empty($ThreadAfterDate) && !is_valid_date($ThreadAfterDate) || !empty($ThreadBeforeDate) && !is_valid_date($ThreadBeforeDate)) { error("Incorrect topic created date"); } $PostAfterDate = db_string($_GET['post_created_after']); $PostBeforeDate = db_string($_GET['post_created_before']); if (!empty($PostAfterDate) && !is_valid_date($PostAfterDate) || !empty($PostBeforeDate) && !is_valid_date($PostBeforeDate)) { error("Incorrect post created date"); } // Searching for posts by a specific user if (!empty($_GET['user'])) { $User = trim($_GET['user']); $DB->query("\n\t\tSELECT ID\n\t\tFROM users_main\n\t\tWHERE Username = '******'"); list($AuthorID) = $DB->next_record(); if ($AuthorID === null) { $AuthorID = 0; //this will cause the search to return 0 results. //workaround in line 276 to display that the username was wrong. } } else { $User = ''; }
function setPermitRegistrationDates($reg_date, $exp_date, $for_year) { if (is_valid_date($reg_date) && is_valid_date($exp_date) && is_numeric($for_year)) { $this->m_tsRegDate = $reg_date; $this->m_tsExpDate = $exp_date; $this->m_nForYear = $for_year; return true; } else { $this->debug("Invalid param value on calling method setPermitRegistration( {$reg_date}, {$exp_date}, {$for_year} )"); return false; } }
function check_web_service_params($params) { if (!empty($params['digitized'])) { if (!in_array($params['digitized'], array(0, 1))) { return 'digitized value can be only 1 or 0'; } } if (!empty($params['modified_date'])) { if (!is_valid_date($params['modified_date'])) { return 'modified_date should be in YYYYMMDD'; } } if (!empty($params['page'])) { if (!is_numeric($params['page'])) { return 'page must be integer.'; } } return 'valid'; }
<?php $PerPage = POSTS_PER_PAGE; list($Page, $Limit) = Format::page_limit($PerPage); $CanEdit = check_perms('users_mod'); if ($CanEdit && isset($_POST['perform'])) { authorize(); if ($_POST['perform'] === 'add' && !empty($_POST['message'])) { $Message = db_string($_POST['message']); $Author = db_string($_POST['author']); $Date = db_string($_POST['date']); if (!is_valid_date($Date)) { $Date = sqltime(); } $DB->query("\n\t\t\tINSERT INTO changelog (Message, Author, Time)\n\t\t\tVALUES ('{$Message}', '{$Author}', '{$Date}')"); $ID = $DB->inserted_id(); // SiteHistory::add_event(sqltime(), "Change log $ID", "tools.php?action=change_log", 1, 3, "", $Message, $LoggedUser['ID']); } if ($_POST['perform'] === 'remove' && !empty($_POST['change_id'])) { $ID = (int) $_POST['change_id']; $DB->query("\n\t\t\tDELETE FROM changelog\n\t\t\tWHERE ID = '{$ID}'"); } } $DB->query("\n\tSELECT\n\t\tSQL_CALC_FOUND_ROWS\n\t\tID,\n\t\tMessage,\n\t\tAuthor,\n\t\tDate(Time) as Time2\n\tFROM changelog\n\tORDER BY Time DESC\n\tLIMIT {$Limit}"); $ChangeLog = $DB->to_array(); $DB->query('SELECT FOUND_ROWS()'); list($NumResults) = $DB->next_record(); View::show_header('Gazelle Change Log', 'datetime_picker', 'datetime_picker'); ?> <div class="thin"> <h2>Gazelle Change Log</h2>
function tzs_edit_product($id) { $errors = array(); $file_error_message = array(0 => 'Ошибок не возникло, файл был успешно загружен на сервер', 1 => 'Размер принятого файла превысил максимально допустимый размер, который задан директивой upload_max_filesize конфигурационного файла php.ini', 2 => 'Размер загружаемого файла превысил значение MAX_FILE_SIZE, указанное в HTML-форме', 3 => 'Загружаемый файл был получен только частично', 4 => 'Файл не был загружен', 5 => '', 6 => 'Отсутствует временная папка', 7 => 'Не удалось записать файл на диск', 8 => 'PHP-расширение остановило загрузку файла'); $user_id = get_current_user_id(); // Проверим защиту nonce if (isset($_POST['pr_type_id_nonce']) && wp_verify_nonce($_POST['pr_type_id_nonce'], 'pr_type_id')) { $pr_active = get_param_def('pr_active', '0'); $pr_type_id = get_param_def('pr_type_id', '0'); $pr_sale_or_purchase = get_param_def('pr_sale_or_purchase', '0'); $pr_fixed_or_tender = get_param_def('pr_fixed_or_tender', '0'); $pr_title = get_param('pr_title'); $pr_description = get_param('pr_description'); $pr_copies = get_param_def('pr_copies', '0'); $pr_unit = get_param_def('pr_unit', '0'); $pr_currency = get_param_def('pr_currency', '0'); $pr_price = get_param_def('pr_price', '0'); $pr_city_from = get_param('pr_city_from'); $pr_comment = get_param('pr_comment'); $pr_expiration = get_param('pr_expiration'); $cash = isset($_POST['cash']) ? 1 : 0; $nocash = isset($_POST['nocash']) ? 1 : 0; $nds = isset($_POST['nds']) ? 1 : 0; $nonds = isset($_POST['nonds']) ? 1 : 0; $pr_payment = $cash && $nocash ? 11 : ($cash && !$nocash ? 10 : (!$cash && $nocash ? 1 : 0)); $pr_nds = nds && $nonds ? 11 : (nds && !$nondsh ? 10 : (!nds && $nonds ? 1 : 0)); //$image_id_lists = get_param('image_id_lists'); //$main_image = get_param_def('main_image', '0'); $image_id_lists = array(); $main_image = 0; if (is_valid_date($pr_expiration) === null) { array_push($errors, "Неверный формат даты."); } else { $cur_date = new DateTime(); $exp_date = new DateTime($pr_expiration); $interval = date_diff($cur_date, $exp_date); if ($interval->days < TZS_PR_PUBLICATION_MIN_DAYS) { array_push($errors, "Минимальный срок публикации " . TZS_PR_PUBLICATION_MIN_DAYS . " дней."); } } $pr_expiration = is_valid_date($pr_expiration); if (!is_valid_city($pr_city_from)) { array_push($errors, "Не указан пункт местонахождения товара."); } if (strlen($pr_title) < 2) { array_push($errors, "Не указано наименование товара."); } if (strlen($pr_description) < 2) { array_push($errors, "Не указано описание товара."); } if (!is_valid_num_zero($pr_type_id)) { array_push($errors, "Не указана категория товара."); } if (!is_valid_num_zero($pr_sale_or_purchase)) { array_push($errors, "Не указан тип операции."); } if (!is_valid_num_zero($pr_fixed_or_tender)) { array_push($errors, "Не указан тип ценового предложения."); } if (!is_valid_num_zero($pr_active)) { array_push($errors, "Не указан статус товара."); } if (!is_valid_num_zero($pr_copies)) { array_push($errors, "Не указано количество экземпляров товара."); } if (!is_valid_num_zero($pr_unit)) { array_push($errors, "Не указана единица измерения количества экземпляров товара."); } if (!is_valid_num_zero($pr_currency)) { array_push($errors, "Не указана валюта."); } if (!is_valid_num_zero($pr_price)) { array_push($errors, "Не указана стоимость товара."); } if (!$cash && !$nocash && !$nds && !$nonds) { array_push($errors, "Необходимо выбрать хотя бы один способ в блоке \"Форма расчета\"."); } } else { array_push($errors, "Проверка формы не пройдена. Свяжитесь, пожалуйста, с администрацией сайта."); } $from_info = null; if (count($errors) == 0) { $from_info = tzs_yahoo_convert($pr_city_from); if (isset($from_info["error"])) { array_push($errors, "Не удалось распознать населенный пункт: " . $from_info["error"]); } } if (count($errors) > 0) { tzs_print_product_form($errors, $id > 0); } else { global $wpdb; // Если выбран тип заявки "Покупка" - то только "Тендерное предложение" // Проверка и присвоение сделаны для перестраховки, на случай если не сработает JS if ($pr_sale_or_purchase == 2) { $pr_fixed_or_tender = 2; } $pr_expiration = date('Y-m-d', mktime(0, 0, 0, $pr_expiration['month'], $pr_expiration['day'], $pr_expiration['year'])); // Обработка изображений for ($i = 1; $i <= 3; $i++) { $add_image_index = 'image' . $i . '_load'; $del_image_index = 'image_id_' . $i; // Удаление изображения if (count($errors) === 0 && isset($_POST[$del_image_index]) && strlen($_FILES[$add_image_index]['name']) > 0) { if (false === wp_delete_attachment($_POST[$del_image_index], true)) { array_push($errors, "Не удалось удалить файл с изображением: " . $_POST[$del_image_index]->get_error_message()); } } elseif (count($errors) === 0 && isset($_POST[$del_image_index]) && strlen($_FILES[$add_image_index]['name']) == 0) { $image_id_lists[] = $_POST[$del_image_index]; } // Добавление изображения if (count($errors) === 0 && strlen($_FILES[$add_image_index]['name']) > 0) { if ($_FILES[$add_image_index]['error']) { array_push($errors, "Не удалось загрузить файл с изображением: " . $file_error_message[$_FILES[$add_image_index]['error']]); } else { // Позволим WordPress перехватить загрузку. // не забываем указать атрибут name поля input $attachment_id = media_handle_upload($add_image_index, 0); if (is_wp_error($attachment_id)) { array_push($errors, "Не удалось загрузить файл с изображением: " . $attachment_id->get_error_message()); } else { $image_id_lists[] = $attachment_id; } } } } $main_image = isset($image_id_lists[0]) ? $image_id_lists[0] : 0; // Обработка изображений - END if ($id == 0) { $sql = $wpdb->prepare("INSERT INTO " . TZS_PRODUCTS_TABLE . " (type_id, user_id, sale_or_purchase, \tfixed_or_tender, title, description, copies, unit, currency, price, payment, nds, city_from, from_cid, from_rid, from_sid, created, comment, last_edited, active, expiration, image_id_lists, main_image_id)" . " VALUES (%d, %d, %d, %d, %s, %s, %d, %d, %d, %f, %d, %d, %s, %d, %d, %d, now(), %s, NULL, %d, %s, %s, %d);", intval($pr_type_id), $user_id, intval($pr_sale_or_purchase), intval($pr_fixed_or_tender), stripslashes_deep($pr_title), stripslashes_deep($pr_description), intval($pr_copies), intval($pr_unit), intval($pr_currency), floatval($pr_price), intval($pr_payment), intval($pr_nds), stripslashes_deep($pr_city_from), $from_info["country_id"], $from_info["region_id"], $from_info["city_id"], stripslashes_deep($pr_comment), intval($pr_active), $pr_expiration, implode(';', $image_id_lists), intval($main_image)); if (false === $wpdb->query($sql)) { array_push($errors, "Не удалось опубликовать Ваш товар/услугу. Свяжитесь, пожалуйста, с администрацией сайта"); array_push($errors, $wpdb->last_error); tzs_print_product_form($errors, false); } else { echo "<div>"; echo "<h2>Ваш товар/услуга опубликован !</h2>"; echo "<br/>"; echo '<a href="/view-product/?id=' . tzs_find_latest_product_rec() . '&spis=new">Просмотреть товар/услугу</a>'; //echo "<h3>Сейчас будет открыта страница для добавления изображений !</h3>"; //echo "<div>"; //$new_url = get_site_url().'/edit-images-pr/?id='.tzs_find_latest_product_rec().'&form_type=product'; $new_url = get_site_url() . '/my-products'; echo '<meta http-equiv="refresh" content="0; url=' . $new_url . '">'; } } else { $sql = $wpdb->prepare("UPDATE " . TZS_PRODUCTS_TABLE . " SET " . " last_edited=now(), type_id=%d, sale_or_purchase=%d, fixed_or_tender=%d, title=%s, description=%s, copies=%d, unit=%d, currency=%d, price=%f, payment=%d, nds=%d, " . " city_from=%s, from_cid=%d, from_rid=%d, from_sid=%d, comment=%s, active=%d, expiration=%s, image_id_lists=%s, main_image_id=%d" . " WHERE id=%d AND user_id=%d;", intval($pr_type_id), intval($pr_sale_or_purchase), intval($pr_fixed_or_tender), stripslashes_deep($pr_title), stripslashes_deep($pr_description), intval($pr_copies), intval($pr_unit), intval($pr_currency), floatval($pr_price), intval($pr_payment), intval($pr_nds), stripslashes_deep($pr_city_from), $from_info["country_id"], $from_info["region_id"], $from_info["city_id"], stripslashes_deep($pr_comment), intval($pr_active), $pr_expiration, implode(';', $image_id_lists), intval($main_image), $id, $user_id); if (false === $wpdb->query($sql)) { array_push($errors, "Не удалось изменить Ваш товар/услугу. Свяжитесь, пожалуйста, с администрацией сайта"); array_push($errors, $wpdb->last_error); tzs_print_product_form($errors, true); } else { echo "<div>"; echo "<h2>Ваш товар/услуга изменен !</h2>"; echo "<br/>"; echo '<a href="/view-product/?id=' . $id . '">Просмотреть товар/услугу</a>'; //echo "<h3>Сейчас будет открыта страница для добавления изображений !</h3>"; //echo "<div>"; //$new_url = get_site_url().'/edit-images-pr/?id='.$id.'&form_type=product'; $new_url = get_site_url() . '/my-products'; echo '<meta http-equiv="refresh" content="0; url=' . $new_url . '">'; } } } }
<?php require_once '../core.php'; define('SEASON_NAME_MAX_CHARS', 128); $db = get_database_connection(); $error_message = NULL; $developer_error_message = NULL; $success_message = NULL; // Look for any POST data that we could process. if (isset($_POST)) { // Make sure all fields are available and valid before committing a new season. if (check_post_values_set(array('season_name', 'season_start_date', 'season_end_date'))) { if (preg_match('/[-a-zA-Z0-9_. ]+/', $_POST['season_name'])) { if (strlen($_POST['season_name']) < SEASON_NAME_MAX_CHARS) { if (is_valid_date($_POST['season_start_date'])) { if (is_valid_date($_POST['season_end_date'])) { if ($_POST['season_start_date'] < $_POST['season_end_date']) { $season_name = $_POST['season_name']; $start_date = $_POST['season_start_date']; $end_date = $_POST['season_end_date']; try { $stmt = $db->prepare('INSERT INTO seasons(name, start_date, end_date) VALUES(:sname, :sdate, :edate)'); $stmt->execute(array("sname" => $season_name, "sdate" => $start_date, "edate" => $end_date)); $success_message = "Successful season addition."; } catch (PDOException $e) { $error_message = "Error adding season: " . $e->getMessage(); } } else { $error_message = "Start date is after the end date."; } } else {
function tzs_edit_product($id) { $errors = array(); $user_id = get_current_user_id(); // Проверим защиту nonce if (isset($_POST['pr_type_id_nonce']) && wp_verify_nonce($_POST['pr_type_id_nonce'], 'pr_type_id')) { $pr_active = get_param_def('pr_active', '0'); $pr_type_id = get_param_def('pr_type_id', '0'); $pr_sale_or_purchase = get_param_def('pr_sale_or_purchase', '0'); $pr_fixed_or_tender = get_param_def('pr_fixed_or_tender', '0'); $pr_title = get_param('pr_title'); $pr_description = get_param('pr_description'); $pr_copies = get_param_def('pr_copies', '0'); $pr_unit = get_param_def('pr_unit', '0'); $pr_currency = get_param_def('pr_currency', '0'); $pr_price = get_param_def('pr_price', '0'); $pr_payment = get_param_def('pr_payment', '0'); $pr_nds = get_param_def('pr_nds', '0'); $pr_city_from = get_param('pr_city_from'); $pr_comment = get_param('pr_comment'); $pr_expiration = get_param('pr_expiration'); if (is_valid_date($pr_expiration) === null) { array_push($errors, "Неверный формат даты"); } else { $cur_date = new DateTime(); $exp_date = new DateTime($pr_expiration); $interval = date_diff($cur_date, $exp_date); if ($interval->days < TZS_PR_PUBLICATION_MIN_DAYS) { array_push($errors, "Минимальный срок публикации " . TZS_PR_PUBLICATION_MIN_DAYS . " дней"); } } $pr_expiration = is_valid_date($pr_expiration); if (!is_valid_city($pr_city_from)) { array_push($errors, "Неверный населенный пункт"); } if (strlen($pr_title) < 2) { array_push($errors, "Введите наименование товара"); } if (strlen($pr_description) < 2) { array_push($errors, "Введите описание товара"); } if (!is_valid_num_zero($pr_type_id)) { array_push($errors, "Неверно задана категория товара"); } if (!is_valid_num_zero($pr_sale_or_purchase)) { array_push($errors, "Неверно задан тип операции"); } if (!is_valid_num_zero($pr_fixed_or_tender)) { array_push($errors, "Неверно задан тип ценового предложения"); } if (!is_valid_num_zero($pr_active)) { array_push($errors, "Неверно задан статус товара"); } if (!is_valid_num_zero($pr_copies)) { array_push($errors, "Неверно задано количество экземпляров товара"); } if (!is_valid_num_zero($pr_unit)) { array_push($errors, "Неверно задана единица измерения количества экземпляров товара"); } if (!is_valid_num_zero($pr_currency)) { array_push($errors, "Неверно задана валюта"); } if (!is_valid_num_zero($pr_payment)) { array_push($errors, "Неверно задана форма оплаты"); } if (!is_valid_num_zero($pr_nds)) { array_push($errors, "Неверно задан переключатель наличия НДС"); } if (!is_valid_num_zero($pr_price)) { array_push($errors, "Неверно задана стоимость товара"); } } else { array_push($errors, "Проверка формы не пройдена. Свяжитесь, пожалуйста, с администрацией сайта."); } $from_info = null; if (count($errors) == 0) { $from_info = tzs_yahoo_convert($pr_city_from); if (isset($from_info["error"])) { array_push($errors, "Не удалось распознать населенный пункт: " . $from_info["error"]); } } if (count($errors) > 0) { tzs_print_product_form($errors, $id > 0); } else { global $wpdb; // Если выбран тип заявки "Покупка" - то только "Тендерное предложение" // Проверка и присвоение сделаны для перестраховки, на случай если не сработает JS if ($pr_sale_or_purchase == 2) { $pr_fixed_or_tender = 2; } $pr_expiration = date('Y-m-d', mktime(0, 0, 0, $pr_expiration['month'], $pr_expiration['day'], $pr_expiration['year'])); if ($id == 0) { $sql = $wpdb->prepare("INSERT INTO " . TZS_PRODUCTS_TABLE . " (type_id, user_id, sale_or_purchase, \tfixed_or_tender, title, description, copies, unit, currency, price, payment, nds, city_from, from_cid, from_rid, from_sid, created, comment, last_edited, active, expiration)" . " VALUES (%d, %d, %d, %d, %s, %s, %d, %d, %d, %f, %d, %d, %s, %d, %d, %d, now(), %s, NULL, %d, %s);", intval($pr_type_id), $user_id, intval($pr_sale_or_purchase), intval($pr_fixed_or_tender), stripslashes_deep($pr_title), stripslashes_deep($pr_description), intval($pr_copies), intval($pr_unit), intval($pr_currency), floatval($pr_price), intval($pr_payment), intval($pr_nds), stripslashes_deep($pr_city_from), $from_info["country_id"], $from_info["region_id"], $from_info["city_id"], stripslashes_deep($pr_comment), intval($pr_active), $pr_expiration); if (false === $wpdb->query($sql)) { array_push($errors, "Не удалось опубликовать Ваш товар/услугу. Свяжитесь, пожалуйста, с администрацией сайта"); array_push($errors, $wpdb->last_error); tzs_print_product_form($errors, false); } else { echo "<div>"; echo "<h2>Ваш товар/услуга опубликован !</h2>"; echo "<br/>"; //echo '<a href="/view-product/?id='.tzs_find_latest_product_rec().'&spis=new">Просмотреть товар/услугу</a>'; echo "<h3>Сейчас будет открыта страница для добавления изображений !</h3>"; echo "<div>"; $new_url = get_site_url() . '/edit-images-pr/?id=' . tzs_find_latest_product_rec() . '&form_type=product'; echo '<meta http-equiv="refresh" content="0; url=' . $new_url . '">'; } } else { $sql = $wpdb->prepare("UPDATE " . TZS_PRODUCTS_TABLE . " SET " . " last_edited=now(), type_id=%d, sale_or_purchase=%d, fixed_or_tender=%d, title=%s, description=%s, copies=%d, unit=%d, currency=%d, price=%f, payment=%d, nds=%d, " . " city_from=%s, from_cid=%d, from_rid=%d, from_sid=%d, comment=%s, active=%d, expiration=%s" . " WHERE id=%d AND user_id=%d;", intval($pr_type_id), intval($pr_sale_or_purchase), intval($pr_fixed_or_tender), stripslashes_deep($pr_title), stripslashes_deep($pr_description), intval($pr_copies), intval($pr_unit), intval($pr_currency), floatval($pr_price), intval($pr_payment), intval($pr_nds), stripslashes_deep($pr_city_from), $from_info["country_id"], $from_info["region_id"], $from_info["city_id"], stripslashes_deep($pr_comment), intval($pr_active), $pr_expiration, $id, $user_id); if (false === $wpdb->query($sql)) { array_push($errors, "Не удалось изменить Ваш товар/услугу. Свяжитесь, пожалуйста, с администрацией сайта"); array_push($errors, $wpdb->last_error); tzs_print_product_form($errors, true); } else { echo "<div>"; echo "<h2>Ваш товар/услуга изменен !</h2>"; echo "<br/>"; //echo '<a href="/view-product/?id='.$id.'">Просмотреть товар/услугу</a>'; echo "<h3>Сейчас будет открыта страница для добавления изображений !</h3>"; echo "<div>"; $new_url = get_site_url() . '/edit-images-pr/?id=' . $id . '&form_type=product'; echo '<meta http-equiv="refresh" content="0; url=' . $new_url . '">'; } } } }
public function _validate_birthdate($date) { $this->form_validation->set_message('_validate_birthdate', 'The %s must be in format: mm/dd/yyyy'); return is_valid_date($date, 'm/d/Y'); }
function tzs_edit_truck($id) { $tr_active = get_param_def('tr_active', '0'); $tr_date_from = get_param('tr_date_from'); $tr_date_to = get_param('tr_date_to'); $tr_city_from = get_param('tr_city_from'); $tr_city_to = get_param('tr_city_to'); $comment = get_param('comment'); $sh_descr = get_param('sh_descr'); $tr_weight = get_param_def('tr_weight', '0'); $tr_volume = get_param_def('tr_volume', '0'); $trans_type = get_param('trans_type'); $tr_type = get_param_def('tr_type', '0'); $trans_count = get_param('trans_count'); $set_dim = isset($_POST['set_dim']); $tr_length = get_param('tr_length'); $tr_height = get_param('tr_height'); $tr_width = get_param('tr_width'); // Контроль пересечения дат $tr_date_from_str = date("Ymd", strtotime($tr_date_from)); $tr_date_to_str = date("Ymd", strtotime($tr_date_to)); $tr_date_from = is_valid_date($tr_date_from); $tr_date_to = is_valid_date($tr_date_to); // Замена "," на точку "." в числах $tr_weight = str_replace(',', '.', $tr_weight); $tr_volume = str_replace(',', '.', $tr_volume); $tr_length = str_replace(',', '.', $tr_length); $tr_height = str_replace(',', '.', $tr_height); $tr_width = str_replace(',', '.', $tr_width); $errors = array(); // cost $price = get_param_def('set_price', '0') == '1'; $price_json = array(); $price_json['set_price'] = $price ? 1 : 0; if ($price) { $price_val = get_param_def('price', '0'); if (!is_valid_num($price_val)) { array_push($errors, "Неверно задана стоимость"); } else { $price_json['price'] = floatval($price_val); } $cost_curr = get_param_def('cost_curr', '0'); if (!is_valid_num($cost_curr) || !isset($GLOBALS['tzs_curr'][intval($cost_curr)])) { array_push($errors, "Неверно задана валюта"); } else { $price_json['cost_curr'] = intval($cost_curr); } $payment = get_param_def('payment', null); if ($payment != null) { if ($payment != 'nocash' && $payment != 'cash' && $payment != 'mix_cash' && $payment != 'soft' && $payment != 'conv' && $payment != 'on_card') { array_push($errors, "Неверно задана форма оплаты"); } else { $price_json['payment'] = $payment; } } if (isset($_POST['payment_way_nds'])) { $price_json['payment_way_nds'] = true; } if (isset($_POST['payment_way_ship'])) { $price_json['payment_way_ship'] = true; } if (isset($_POST['payment_way_debark'])) { $price_json['payment_way_debark'] = true; } if (isset($_POST['payment_way_barg'])) { $price_json['payment_way_barg'] = true; } if (isset($_POST['payment_way_prepay'])) { $price_json['payment_way_prepay'] = true; $prepayment = get_param_def('prepayment', '0'); if (!is_valid_num($prepayment) || floatval($prepayment) > 100) { array_push($errors, "Неверно задан размер предоплаты"); } else { $price_json['prepayment'] = floatval($prepayment); } } } else { if (isset($_POST['price_query'])) { $price_json['price_query'] = true; } } // ---- if ($tr_date_from == null || $tr_date_to == null) { array_push($errors, "Неверный формат даты"); } // Контроль пересечения дат if ($tr_date_to_str < $tr_date_from_str) { array_push($errors, "Дата выгрузки не может быть РАНЬШЕ даты погрузки"); } if (!is_valid_city($tr_city_from)) { array_push($errors, "Неверный пункт погрузки"); } if (!is_valid_city($tr_city_to)) { array_push($errors, "Неверный пункт разгрузки"); } if (!is_valid_num_zero($tr_weight)) { array_push($errors, "Неверно задан вес"); } if (!is_valid_num_zero($tr_volume)) { array_push($errors, "Неверно задан объем"); } if (strlen($trans_count) == 0) { $trans_count = '1'; } if (!is_valid_num($trans_count)) { array_push($errors, "Неверно задано количество машин"); } if (!is_numeric($trans_type) || intval($trans_type) < 1) { array_push($errors, "Неверно задан тип ТС"); } if (!is_numeric($tr_active) || intval($tr_active) < 0) { array_push($errors, "Неверно задан статус заявки"); } if (!is_numeric($tr_type) || intval($tr_type) < 0 || intval($tr_type) > 3) { array_push($errors, "Неверно задан тип"); } if ($set_dim) { if (!is_valid_num($tr_length)) { array_push($errors, "Неверно задана длина транспортного средства"); } if (!is_valid_num($tr_width)) { array_push($errors, "Неверно задана ширина транспортного средства"); } if (!is_valid_num($tr_height)) { array_push($errors, "Неверно задана высота транспортного средства"); } } else { $tr_length = '0'; $tr_width = '0'; $tr_height = '0'; } $user_id = get_current_user_id(); $from_info = null; $to_info = null; if (count($errors) == 0) { $from_info = tzs_yahoo_convert($tr_city_from); if (isset($from_info["error"])) { array_push($errors, "Не удалось распознать населенный пункт погрузки: " . $from_info["error"]); } $to_info = tzs_yahoo_convert($tr_city_to); if (isset($to_info["error"])) { array_push($errors, "Не удалось распознать населенный пункт выгрузки: " . $to_info["error"]); } } if (count($errors) > 0) { tzs_print_truck_form($errors, $id > 0); } else { global $wpdb; $tr_date_from = date('Y-m-d', mktime(0, 0, 0, $tr_date_from['month'], $tr_date_from['day'], $tr_date_from['year'])); $tr_date_to = date('Y-m-d', mktime(0, 0, 0, $tr_date_to['month'], $tr_date_to['day'], $tr_date_to['year'])); //$dis = tzs_calculate_distance(array($tr_city_from, $tr_city_to)); $dis = get_param('length'); if ($id == 0) { $sql = $wpdb->prepare("INSERT INTO " . TZS_TRUCK_TABLE . " (time, last_edited, user_id, tr_date_from, tr_date_to, tr_city_from, tr_city_to, tr_weight, tr_volume, tr_length, tr_height, tr_width, trans_count, trans_type, active, tr_type, cost, comment, distance,from_cid,from_rid,from_sid,to_cid,to_rid,to_sid,price,price_val,sh_descr)" . " VALUES (now(), NULL, %d, %s, %s, %s, %s, %f, %f, %f, %f, %f, %d, %d, %d, %d, %s, %s, %d, %d,%d,%d,%d,%d,%d,%f,%d,%s);", $user_id, $tr_date_from, $tr_date_to, stripslashes_deep($tr_city_from), stripslashes_deep($tr_city_to), floatval($tr_weight), floatval($tr_volume), floatval($tr_length), floatval($tr_height), floatval($tr_width), intval($trans_count), intval($trans_type), intval($tr_active), intval($tr_type), stripslashes_deep(json_encode($price_json)), stripslashes_deep($comment), $dis, $from_info["country_id"], $from_info["region_id"], $from_info["city_id"], $to_info["country_id"], $to_info["region_id"], $to_info["city_id"], floatval($price_val), intval($cost_curr), stripslashes_deep($sh_descr)); if (false === $wpdb->query($sql)) { array_push($errors, "Не удалось опубликовать Ваш транспорт. Свяжитесь, пожалуйста, с администрацией сайта"); array_push($errors, $wpdb->last_error); // $errors = array_merge($errors, $dis['errors']); tzs_print_truck_form($errors, false); } else { // print_errors($dis['errors']); echo "Ваш транспорт опубликован!"; echo "<br/>"; echo '<a href="/view-truck/?id=' . tzs_find_latest_truck_rec() . '&spis=new">Просмотреть транспорт</a>'; } } else { $sql = $wpdb->prepare("UPDATE " . TZS_TRUCK_TABLE . " SET " . " last_edited=now(), tr_date_from=%s, tr_date_to=%s, tr_city_from=%s, tr_city_to=%s, tr_weight=%f, tr_volume=%f," . " tr_length=%f, tr_height=%f, tr_width=%f, trans_count=%d, trans_type=%d, tr_type=%d, cost=%s, comment=%s, distance=%d, " . " from_cid=%d,from_rid=%d,from_sid=%d,to_cid=%d,to_rid=%d,to_sid=%d, active=%d, price=%f, price_val=%d, sh_descr=%s" . " WHERE id=%d AND user_id=%d;", $tr_date_from, $tr_date_to, stripslashes_deep($tr_city_from), stripslashes_deep($tr_city_to), floatval($tr_weight), floatval($tr_volume), floatval($tr_length), floatval($tr_height), floatval($tr_width), intval($trans_count), intval($trans_type), intval($tr_type), stripslashes_deep(json_encode($price_json)), stripslashes_deep($comment), $dis, $from_info["country_id"], $from_info["region_id"], $from_info["city_id"], $to_info["country_id"], $to_info["region_id"], $to_info["city_id"], intval($tr_active), floatval($price_val), intval($cost_curr), stripslashes_deep($sh_descr), $id, $user_id); if (false === $wpdb->query($sql)) { array_push($errors, "Не удалось изменить Ваш транспорт. Свяжитесь, пожалуйста, с администрацией сайта"); array_push($errors, $wpdb->last_error); // $errors = array_merge($errors, $dis['errors']); tzs_print_truck_form($errors, true); } else { // print_errors($dis['errors']); echo "Ваш транспорт изменен"; echo "<br/>"; echo '<a href="/view-truck/?id=' . $id . '&spis=new">Просмотреть транспорт</a>'; } } } }
function tzs_validate_pr_search_parameters() { $errors = array(); $res = array(); // Проверим защиту nonce if (isset($_POST['type_id_nonce']) && wp_verify_nonce($_POST['type_id_nonce'], 'type_id')) { // get parameters from _POST $form_type = get_param_def('form_type', ''); $type_id = get_param_def('type_id', '0'); $cur_type_id = get_param_def('cur_type_id', '0'); $rootcategory = get_param_def('rootcategory', '0'); $sale_or_purchase = get_param_def('sale_or_purchase', '0'); $fixed_or_tender = get_param_def('fixed_or_tender', '0'); $payment = get_param_def('payment', '0'); $nds = get_param_def('nds', '0'); $country_from = get_param_def('country_from', '0'); $region_from = get_param_def('region_from', '0'); $cityname_from = get_param('cityname_from'); $pr_title = get_param('pr_title'); $price_from = get_param_def('price_from', '0'); $price_to = get_param_def('price_to', '0'); $data_from = get_param_def('data_from', null); $data_to = get_param_def('data_to', null); $auction_type = get_param_def('auction_type', '0'); $rate_from = get_param_def('rate_from', '0'); $rate_to = get_param_def('rate_to', '0'); // validate and parse parameters if (is_valid_num_zero($country_from)) { // use float not int because ID can be long $country_from = floatval($country_from); } else { array_push($errors, "Неверно выбрана страна"); } if (is_valid_num_zero($region_from)) { // use float not int because ID can be long $region_from = floatval($region_from); } else { array_push($errors, "Неверно выбран регион"); } if (is_valid_num_zero($price_from)) { $price_from = floatval($price_from); } else { array_push($errors, "Неверно указано начальное значение стоимости"); } if (is_valid_num_zero($price_to)) { $price_to = floatval($price_to); } else { array_push($errors, "Неверно указано конечное значение стоимости"); } if (is_valid_num_zero($rate_from)) { $rate_from = floatval($rate_from); } else { array_push($errors, "Неверно указано начальное значение ставки"); } if (is_valid_num_zero($rate_to)) { $rate_to = floatval($rate_to); } else { array_push($errors, "Неверно указано конечное значение ставки"); } if (is_valid_num_zero($type_id)) { $type_id = intval($type_id); } else { array_push($errors, "Неверно выбрана категория"); } if (is_valid_num_zero($cur_type_id)) { $cur_type_id = intval($cur_type_id); } else { array_push($errors, "Неверно выбрана категория"); } if (is_valid_num_zero($rootcategory)) { $rootcategory = intval($rootcategory); } else { array_push($errors, "Неверно выбрана категория"); } if (is_valid_num_zero($auction_type)) { $auction_type = intval($auction_type); } else { array_push($errors, "Неверно выбран тип тендера"); } if (is_valid_num_zero($sale_or_purchase)) { $sale_or_purchase = intval($sale_or_purchase); } else { array_push($errors, "Неверно выбран тип заявки"); } if (is_valid_num_zero($fixed_or_tender)) { $fixed_or_tender = intval($fixed_or_tender); } else { array_push($errors, "Неверно выбран тип тендера"); } if (is_valid_num_zero($payment)) { $payment = intval($payment); } else { array_push($errors, "Неверно выбран форма оплаты"); } if (is_valid_num_zero($nds)) { $nds = intval($nds); } else { array_push($errors, "Неверно выбран НДС"); } if ($cityname_from != null && strlen($cityname_from) == 0) { $cityname_from = null; } if ($pr_title != null && strlen($pr_title) == 0) { $pr_title = null; } if ($data_from != null && strlen($data_from) > 0) { $data_from = is_valid_date($data_from); if ($data_from == null) { array_push($errors, "Неверный формат даты (с)"); } } else { $data_from = null; } if ($data_to != null && strlen($data_to) > 0) { $data_to = is_valid_date($data_to); if ($data_to == null) { array_push($errors, "Неверный формат даты (по)"); } } else { $data_to = null; } $cityname_from_ids = null; if ($cityname_from != null && count($errors) == 0) { $r = tzs_city_to_ids($cityname_from, 0, 0); if (isset($r['error'])) { array_push($errors, $r['error']); } else { $cityname_from_ids = isset($r['ids']) ? $r['ids'] : null; } } // Если нет ошибок - то заполняем результирующий массив if (count($errors) == 0) { if ($country_from > 0) { $res['country_from'] = $country_from; } if ($region_from > 0) { $res['region_from'] = $region_from; } if ($cityname_from != null) { $res['cityname_from'] = $cityname_from; } if ($pr_title != null) { $res['pr_title'] = $pr_title; } if ($data_from != null) { $res['data_from'] = $data_from; $res['data_from_str'] = get_param('data_from'); } if ($data_to != null) { $res['data_to'] = $data_to; $res['data_to_str'] = get_param('data_to'); } if ($price_from > 0) { $res['price_from'] = $price_from; } if ($price_to > 0) { $res['price_to'] = $price_to; } if ($rate_from > 0) { $res['rate_from'] = $rate_from; } if ($rate_to > 0) { $res['rate_to'] = $rate_to; } if ($auction_type > 0) { $res['auction_type'] = $auction_type; } if ($type_id > 0) { $res['type_id'] = $type_id; } if ($cur_type_id > 0) { $res['cur_type_id'] = $cur_type_id; } if ($rootcategory > 0) { $res['rootcategory'] = $rootcategory; } if ($sale_or_purchase > 0) { $res['sale_or_purchase'] = $sale_or_purchase; } if ($fixed_or_tender > 0) { $res['fixed_or_tender'] = $fixed_or_tender; } if ($payment > 0) { $res['payment'] = $payment; } if ($nds > 0) { $res['nds'] = $nds; } if ($cityname_from_ids != null) { $res['cityname_from_ids'] = $cityname_from_ids; } } } else { array_push($errors, "Проверка формы не пройдена. Свяжитесь, пожалуйста, с администрацией сайта."); } $res['errors'] = $errors; return $res; }
function tzs_edit_truck($id) { $input_city = isset($_POST['input_city']) ? $_POST['input_city'] : array(); $path_segment_distance = get_param('path_segment_distance'); $tr_active = get_param_def('tr_active', '0'); $tr_date_from = get_param('tr_date_from'); $tr_date_to = get_param('tr_date_to'); $comment = get_param('comment'); $sh_descr = get_param('sh_descr'); if (count($input_city) > 1) { $tr_city_from = $input_city[0]; $tr_city_to = $input_city[count($input_city) - 1]; $path_segment_cities = implode(";", $input_city); } else { $tr_city_from = get_param('tr_city_from'); $tr_city_to = get_param('tr_city_to'); $path_segment_cities = ''; } $tr_weight = get_param_def('tr_weight', '0'); $tr_volume = get_param_def('tr_volume', '0'); $trans_type = get_param('trans_type'); $tr_type = get_param_def('tr_type', '0'); $trans_count = get_param('trans_count'); $set_dim = isset($_POST['set_dim']); $tr_length = get_param('tr_length'); $tr_height = get_param('tr_height'); $tr_width = get_param('tr_width'); $cost = get_param_def('cost', '0'); $price = get_param_def('price', '0'); $cost_curr = get_param_def('cost_curr', '1'); $prepayment = get_param('prepayment'); $price_query = isset($_POST['price_query']) ? 1 : 0; $cash = isset($_POST['cash']) ? 1 : 0; $nocash = isset($_POST['nocash']) ? 1 : 0; $way_ship = isset($_POST['way_ship']) ? 1 : 0; $way_debark = isset($_POST['way_debark']) ? 1 : 0; $soft = isset($_POST['soft']) ? 1 : 0; $way_prepay = isset($_POST['way_prepay']) ? 1 : 0; $top_loading = isset($_POST['top_loading']) ? 1 : 0; $side_loading = isset($_POST['side_loading']) ? 1 : 0; $back_loading = isset($_POST['back_loading']) ? 1 : 0; $full_movable = isset($_POST['full_movable']) ? 1 : 0; $remove_cross = isset($_POST['remove_cross']) ? 1 : 0; $remove_racks = isset($_POST['remove_racks']) ? 1 : 0; $without_gate = isset($_POST['without_gate']) ? 1 : 0; // Контроль пересечения дат $tr_date_from_str = date("Ymd", strtotime($tr_date_from)); $tr_date_to_str = date("Ymd", strtotime($tr_date_to)); $tr_date_from = is_valid_date($tr_date_from); $tr_date_to = is_valid_date($tr_date_to); // Замена "," на точку "." в числах $tr_weight = str_replace(',', '.', $tr_weight); $tr_volume = str_replace(',', '.', $tr_volume); $tr_length = str_replace(',', '.', $tr_length); $tr_height = str_replace(',', '.', $tr_height); $tr_width = str_replace(',', '.', $tr_width); $cost = str_replace(',', '.', $cost); $price = str_replace(',', '.', $price); $prepayment = str_replace(',', '.', $prepayment); $errors = array(); if ($price_query && !is_valid_num_zero($cost) || !$price_query && !is_valid_num($cost)) { array_push($errors, "Неверно задана стоимость"); } if ($price_query && !is_valid_num_zero($price) || !$price_query && !is_valid_num($price)) { array_push($errors, "Неверно задана цена"); } if (!is_valid_num($cost_curr) || !isset($GLOBALS['tzs_curr'][intval($cost_curr)])) { array_push($errors, "Неверно задана валюта"); } if ($way_prepay && (!is_valid_num($prepayment) || floatval($prepayment) > 100)) { array_push($errors, "Неверно задан размер предоплаты"); } if (!$price_query && !$cash && !$nocash && !way_ship && !way_debark) { array_push($errors, "Необходимо выбрать хотя бы один способ в блоке \"Форма расчета\"."); } if ($tr_date_from == null || $tr_date_to == null) { array_push($errors, "Неверный формат даты"); } // Контроль пересечения дат if ($tr_date_to_str < $tr_date_from_str) { array_push($errors, "Дата выгрузки не может быть РАНЬШЕ даты погрузки"); } if (count($input_city) > 1) { for ($i = 0; $i < count($input_city); $i++) { if (!is_valid_city($input_city[$i])) { array_push($errors, "Укажите пункт маршрута № " . ($i + 1)); } } } else { if (!is_valid_city($tr_city_from)) { array_push($errors, "Неверный пункт погрузки"); } if (!is_valid_city($tr_city_to)) { array_push($errors, "Неверный пункт разгрузки"); } } if (!is_valid_num_zero($tr_weight)) { array_push($errors, "Неверно задан вес"); } if (!is_valid_num_zero($tr_volume)) { array_push($errors, "Неверно задан объем"); } if (strlen($trans_count) == 0) { $trans_count = '1'; } if (!is_valid_num($trans_count)) { array_push($errors, "Неверно задано количество машин"); } if (!is_numeric($trans_type) || intval($trans_type) < 1) { array_push($errors, "Неверно задан тип транспортного средства"); } if (!is_numeric($tr_active) || intval($tr_active) < 0) { array_push($errors, "Неверно задан статус заявки"); } if (!is_numeric($tr_type) || intval($tr_type) < 0 || intval($tr_type) > 3) { array_push($errors, "Неверно задан тип"); } if ($set_dim) { if (!is_valid_num($tr_length)) { array_push($errors, "Неверно задана длина транспортного средства"); } if (!is_valid_num($tr_width)) { array_push($errors, "Неверно задана ширина транспортного средства"); } if (!is_valid_num($tr_height)) { array_push($errors, "Неверно задана высота транспортного средства"); } } else { $tr_length = '0'; $tr_width = '0'; $tr_height = '0'; } $user_id = get_current_user_id(); $from_info = null; $to_info = null; if (count($errors) == 0) { if (count($input_city) > 1) { for ($i = 0; $i < count($input_city); $i++) { $city_info = tzs_yahoo_convert($input_city[$i]); if (isset($city_info["error"])) { array_push($errors, "Не удалось распознать населенный пункт маршрута № " . ($i + 1) . ": " . $city_info["error"]); } if ($i == 0) { $from_info = $city_info; } if ($i == count($input_city) - 1) { $to_info = $city_info; } } } else { $from_info = tzs_yahoo_convert($tr_city_from); if (isset($from_info["error"])) { array_push($errors, "Не удалось распознать населенный пункт погрузки: " . $from_info["error"]); } $to_info = tzs_yahoo_convert($tr_city_to); if (isset($to_info["error"])) { array_push($errors, "Не удалось распознать населенный пункт выгрузки: " . $to_info["error"]); } } } if (count($errors) > 0) { tzs_print_truck_form($errors, $id > 0); } else { global $wpdb; $tr_date_from = date('Y-m-d', mktime(0, 0, 0, $tr_date_from['month'], $tr_date_from['day'], $tr_date_from['year'])); $tr_date_to = date('Y-m-d', mktime(0, 0, 0, $tr_date_to['month'], $tr_date_to['day'], $tr_date_to['year'])); $temp = $from_info['city_id']; $sql = "SELECT lat,lng FROM " . TZS_CITIES_TABLE . " WHERE city_id={$temp};"; $row1 = $wpdb->get_row($sql); $temp = $to_info['city_id']; $sql = "SELECT lat,lng FROM " . TZS_CITIES_TABLE . " WHERE city_id={$temp};"; $row2 = $wpdb->get_row($sql); //$dis = tzs_calculate_distance(array($tr_city_from, $tr_city_to)); //$dis = get_param('length'); $sh_distance = get_param('sh_distance'); if ($id == 0) { $sql = $wpdb->prepare("INSERT INTO " . TZS_TRUCK_TABLE . " (time, last_edited, user_id, tr_date_from, tr_date_to, tr_city_from, tr_city_to, tr_weight, tr_volume, tr_length, tr_height, tr_width, trans_count, trans_type, active, tr_type, comment, distance," . " from_cid,from_rid,from_sid,to_cid,to_rid,to_sid,price,price_val,sh_descr, cost, cash, nocash, way_ship, way_debark, soft, way_prepay, prepayment, price_query," . " top_loading, side_loading, back_loading, full_movable, remove_cross, remove_racks, without_gate, path_segment_cities, path_segment_distances)" . " VALUES (now(), NULL, %d, %s, %s, %s, %s, %f, %f, %f, %f, %f, %d, %d, %d, %d, %s, %d, %d, %d, %d, %d, %d, %d, %f, %d, %s, %f, %d, %d, %d, %d, %d, %d, %f, %d," . " %d, %d, %d, %d, %d, %d, %d, %s, %s);", $user_id, $tr_date_from, $tr_date_to, stripslashes_deep($tr_city_from), stripslashes_deep($tr_city_to), floatval($tr_weight), floatval($tr_volume), floatval($tr_length), floatval($tr_height), floatval($tr_width), intval($trans_count), intval($trans_type), intval($tr_active), intval($tr_type), stripslashes_deep($comment), floatval($sh_distance), $from_info["country_id"], $from_info["region_id"], $from_info["city_id"], $to_info["country_id"], $to_info["region_id"], $to_info["city_id"], floatval($price), intval($cost_curr), stripslashes_deep($sh_descr), floatval($cost), intval($cash), intval($nocash), intval($way_ship), intval($way_debark), intval($soft), intval($way_prepay), floatval($prepayment), intval($price_query), intval($top_loading), intval($side_loading), intval($back_loading), intval($full_movable), intval($remove_cross), intval($remove_racks), intval($without_gate), stripslashes_deep($path_segment_cities), stripslashes_deep($path_segment_distance)); if (false === $wpdb->query($sql)) { array_push($errors, "Не удалось опубликовать Ваш транспорт. Свяжитесь, пожалуйста, с администрацией сайта"); array_push($errors, $wpdb->last_error); // $errors = array_merge($errors, $dis['errors']); tzs_print_truck_form($errors, false); } else { // print_errors($dis['errors']); echo "Ваш транспорт опубликован!"; echo "<br/>"; echo '<a href="/view-truck/?id=' . tzs_find_latest_truck_rec() . '&spis=new">Просмотреть транспорт</a>'; $new_url = get_site_url() . '/my-trucks'; echo '<meta http-equiv="refresh" content="0; url=' . $new_url . '">'; } } else { $sql = $wpdb->prepare("UPDATE " . TZS_TRUCK_TABLE . " SET " . " last_edited=now(), tr_date_from=%s, tr_date_to=%s, tr_city_from=%s, tr_city_to=%s, tr_weight=%f, tr_volume=%f," . " tr_length=%f, tr_height=%f, tr_width=%f, trans_count=%d, trans_type=%d, tr_type=%d, comment=%s, distance=%d, " . " from_cid=%d,from_rid=%d,from_sid=%d,to_cid=%d,to_rid=%d,to_sid=%d, active=%d, price=%f, price_val=%d, sh_descr=%s," . " cost=%f, cash=%d, nocash=%d, way_ship=%d, way_debark=%d, soft=%d, way_prepay=%d, prepayment=%f, price_query=%d," . " top_loading=%d, side_loading=%d, back_loading=%d, full_movable=%d, remove_cross=%d, remove_racks=%d, without_gate=%d, path_segment_cities=%s, path_segment_distances=%s" . " WHERE id=%d AND user_id=%d;", $tr_date_from, $tr_date_to, stripslashes_deep($tr_city_from), stripslashes_deep($tr_city_to), floatval($tr_weight), floatval($tr_volume), floatval($tr_length), floatval($tr_height), floatval($tr_width), intval($trans_count), intval($trans_type), intval($tr_type), stripslashes_deep($comment), floatval($sh_distance), $from_info["country_id"], $from_info["region_id"], $from_info["city_id"], $to_info["country_id"], $to_info["region_id"], $to_info["city_id"], intval($tr_active), floatval($price), intval($cost_curr), stripslashes_deep($sh_descr), floatval($cost), intval($cash), intval($nocash), intval($way_ship), intval($way_debark), intval($soft), intval($way_prepay), floatval($prepayment), intval($price_query), intval($top_loading), intval($side_loading), intval($back_loading), intval($full_movable), intval($remove_cross), intval($remove_racks), intval($without_gate), stripslashes_deep($path_segment_cities), stripslashes_deep($path_segment_distance), $id, $user_id); if (false === $wpdb->query($sql)) { array_push($errors, "Не удалось изменить Ваш транспорт. Свяжитесь, пожалуйста, с администрацией сайта"); array_push($errors, $wpdb->last_error); // $errors = array_merge($errors, $dis['errors']); tzs_print_truck_form($errors, true); } else { // print_errors($dis['errors']); echo "Ваш транспорт изменен"; echo "<br/>"; echo '<a href="/view-truck/?id=' . $id . '&spis=new">Просмотреть транспорт</a>'; $new_url = get_site_url() . '/my-trucks'; echo '<meta http-equiv="refresh" content="0; url=' . $new_url . '">'; } } } }
public function addDate($date) { if (!is_valid_date($date)) { throw new RuntimeException('Invalid date for delivery'); } $this->date = $date; }