public function squery($sql)
 {
     if (!preg_match("/^SELECT/i", $sql)) {
         $fp = fopen(LOG_FILE, 'a');
         fwrite($fp, "{$sql}\n");
         fclose($fp);
     }
     return parent::squery($sql);
 }
 /**
  * Добавление Комментария/Сообщения
  *
  */
 function addComment()
 {
     $DB = new DB('master');
     if ($_SESSION['last_comment_add'] + 5 > time()) {
         return false;
     }
     $_SESSION['last_comment_add'] = time();
     /* Данные комментария */
     $blog = $_POST['blogID'];
     $user = get_uid();
     $parent = $_POST['parent'];
     $alert = array();
     if (strlen($_POST['msg']) > blogs::MAX_DESC_CHARS) {
         $error_flag = 1;
         $alert[2] = "Максимальный размер сообщения " . blogs::MAX_DESC_CHARS . " символов!";
         $msg =& $_POST['msg'];
     } else {
         $msg = $_POST['msg'];
         $msg = preg_replace("/<ul.*>/Ui", "<ul>", $msg);
         $msg = preg_replace("/<li.*>/Ui", "<li>", $msg);
         $msg = change_q_x_a(antispam($msg), false, false);
     }
     $msg_name = substr(change_q_x(antispam($_POST['title']), true), 0, 96);
     $yt_link = substr(change_q_x(antispam(str_replace('watch?v=', 'v/', $_POST['yt_link'])), true), 0, 128);
     if ($yt_link != '') {
         if (strpos($yt_link, 'http://ru.youtube.com/v/') !== 0 && strpos($yt_link, 'http://youtube.com/v/') !== 0 && strpos($yt_link, 'http://www.youtube.com/v/') !== 0) {
             $error_flag = 1;
             $alert[4] = "Неверная ссылка.";
         }
     }
     if (is_empty_html($msg)) {
         $msg = '';
     }
     // загрузка файлов
     $attach = $_FILES['attach'];
     if (is_array($attach) && sizeof($attach) <= 10) {
         if (is_array($attach) && !empty($attach['name'])) {
             foreach ($attach['name'] as $key => $v) {
                 if (!$attach['name'][$key]) {
                     continue;
                 }
                 $files[] = new CFile(array('name' => $attach['name'][$key], 'type' => $attach['type'][$key], 'tmp_name' => $attach['tmp_name'][$key], 'error' => $attach['error'][$key], 'size' => $attach['size'][$key]));
             }
         }
         if ($group == 7) {
             $max_image_size = array('width' => 400, 'height' => 600, 'less' => 0);
         } else {
             $max_image_size = array('width' => 470, 'height' => 1000, 'less' => 0);
         }
         list($files, $alert_, $error_flag___) = self::uploadFile($files, $max_image_size);
         $error_flag = max($error_flag___, $error_flag);
         if (is_array($alert_)) {
             $alert = array_merge($alert, $alert_);
         }
     } else {
         if (is_array($attach) && !empty($attach['name'])) {
             $error_flag = 1;
             $alert[2] = "Файлов не должно быть больше 10";
         }
     }
     if (!$msg && !count($files)) {
         $error_flag = 1;
         $alert[2] = "Поле заполнено некорректно";
     }
     if (($msg || $files['f_name'][0]) && get_uid() && !$error_flag) {
         //if($files['f_name'][0])
         //error_reporting(E_ALL);
         $eUser = $DB->row("SELECT email, uid FROM corporative_blog LEFT JOIN users ON users.uid = corporative_blog.id_user WHERE corporative_blog.id = ?", $parent);
         $e_user = new users();
         $e_user->GetUser($e_user->GetField($eUser['uid'], $ee, 'login'));
         $sql = "INSERT INTO corporative_blog (title, yt_link, msg, id_blog, id_user, id_reply) VALUES(?, ?, ?, ?, ?, ?) RETURNING id;";
         $res = $DB->row($sql, $msg_name, $yt_link, $msg, $blog, $user, $parent);
         $idCom = $res['id'];
         //            $idCom =  front::og("db")->select("SELECT id FROM corporative_blog WHERE title = ? AND msg = ? AND id_blog = ? AND id_user = ?", $msg_name, $msg, $blog, $user)->fetchOne();
         if (substr($e_user->subscr, 2, 1) == '1' && $idCom && $eUser['uid'] != $user) {
             $p_user = new users();
             $p_user->GetUser($p_user->GetField($user, $ee, 'login'));
             $smail = new smail();
             $link = "http://free-lance.ru/about/corporative/post/{$blog}/link/{$idCom}/#c{$idCom}";
             $smail->CorporativeBlogNewComment(array("title" => $msg_name, "msgtext" => $msg), $p_user, $e_user, $link);
         }
         if (is_array($files)) {
             $asql = '';
             for ($i = 0; $i < count($files['f_name']); $i++) {
                 if ($files['f_name'][$i]) {
                     $asql .= ", (currval('corporative_blog_id_seq'), '{$files['f_name'][$i]}', '{$files['tn'][$i]}')";
                 }
             }
             if ($asql) {
                 $asql = substr($asql, 2);
             }
         }
         if ($asql) {
             $DB->squery("INSERT INTO corporative_blog_attach(msg_id, \"name\", small) VALUES {$asql}");
         }
         $tags = $_POST['tags'];
         if ($tags) {
             $tags_arr = $tags;
             //explode(",", $tags);
             array_unique($tags_arr);
             $this->tagsDelete($idCom);
             $tg = tags::Add($tags_arr);
             $this->tagsAdd($idCom, $tg);
         }
         //Уведомление о комментарии
         //list($alert1, $error_flag, $error) = $sql_error;
         //list($alert1, $error_flag, $error) = $blog_obj->NewThread(get_uid(), $gr, $base, $name, $msg, $files, getRemoteIP(), $mod, 0, $tags, $yt_link, $ontop);
     }
     //if ($alert1) $alert = $alert + $alert1;
     //vardump($alert);
     front::og("tpl")->error_flag = $error_flag;
     //
     front::og("tpl")->alert = $alert;
     front::og("tpl")->post = array("blog" => $blog, "user" => $user, "parent" => $parent, "msg" => $msg, "title" => $msg_name, "yt_link" => $yt_link, "tags" => $_POST['tags']);
     return array($error_flag, $error, $idCom);
 }
Beispiel #3
0
 /**
  * Восстановление удаленного комментария
  * 
  * @param integer $id  ИД комментария 
  * @param integer $author UID автора комментария 
  * @return boolean 
  */
 public function restore($id, $author = 0)
 {
     $DB = new DB('master');
     $model = $this->model();
     if ($this->_options['readonly']) {
         return false;
     }
     if (!isset($model['comments']['fields']['deleted'])) {
         return false;
     }
     $sql[] = "UPDATE " . $model['comments']['table'] . " SET ";
     $flds = $model['comments']['fields']['deleted'] . " = NULL";
     if (isset($model['comments']['fields']['deleted_time'])) {
         $flds .= ", " . $model['comments']['fields']['deleted_time'] . " = NULL";
     }
     if (($author == get_uid(false) || !$model['permissions']) && !empty($model['comments']['fields']['moderator_status']) && !is_pro()) {
         $flds .= ', ' . $model['comments']['fields']['moderator_status'] . ' = 0';
     }
     $sql[] = $flds;
     $sql[] = "WHERE " . $model['comments']['fields']['id'] . " = " . $id;
     $sql[] = "RETURNING " . $model['comments']['fields']['id'] . ', ' . $model['comments']['fields']['msgtext'];
     $sql = implode(" ", $sql);
     if (($res = $DB->squery($sql)) && pg_affected_rows($res)) {
         list($newid, $msgtext) = pg_fetch_row($res);
         if (($author == get_uid(false) || !$model['permissions']) && !empty($model['comments']['fields']['moderator_status']) && !is_pro(true, $author)) {
             /*require_once( $_SERVER['DOCUMENT_ROOT'] . '/classes/stop_words.php' );
               $stop_words    = new stop_words();
               $nStopWordsCnt = $stop_words->calculate( $msgtext );
               $nSortOrder    = !empty($model['moderation_sort_order']) ? $model['moderation_sort_order'] : 3;
               $GLOBALS['DB']->insert( 'moderation', array('rec_id' => $id, 'rec_type' => $model['moderation_rec_type'], 'stop_words_cnt' => $nStopWordsCnt, 'sort_order' => $nSortOrder) );*/
         }
         return $newid;
     }
     return false;
 }