function save() { $text = clear("text"); $add_comment = clear("add_comment"); $del = clear("del"); $edit_ok = clear("edit_ok"); $edit_id = clear("edit_id"); $is_spoiler = checkbox_value(clear("is_spoiler")); //pridavani prispevku if ($add_comment) { if (!$this->uid) { go_out(); } if (!$text) { $this->msg->set_text($this->l->t("empty_comment"), "error"); return 0; } //kontrola pripadne minimalni delky if ($this->short_posts != 'allowed') { $len = strlen(no_dia($text)); if ($len < 100) { $this->msg->set_text($this->l->t("short_comment", $len), "error"); $this->show_text = "yes"; return 0; } } //pokud jde o knihu, kontrola zda-li j*z nejaky komentar nevlozil if ($this->type == 'book' || $this->type == 'author' || $this->type == 'selfpublishing') { $sql = sql_query("select id from comments\n\t\t where (item = '" . $this->item . "'\n\t\t and type = '" . $this->type . "'\n\t\t and user = '******')"); $data = sql_fetch_object($sql); if ($data->id) { $this->msg->set_text($this->l->t("comment_exists"), "error"); $this->show_text = "yes"; return 0; } } //pokud jde o selfpublishing, kontrolujeme ze knihu koupil if ($this->type == 'selfpublishing') { if ($this->has_selfpublishing_bought()) { $this->msg->set_text($this->l->t("not_bought"), "error"); $this->show_text = "yes"; return 0; } } $sql = sql_query("insert into comments\n (type, item, user, text, time, is_spoiler)\n values\n ('" . $this->type . "', '" . $this->item . "',\n '" . $this->uid . "', '" . $text . "', '" . time() . "', '" . $is_spoiler . "')"); if ($sql) { //oznameni vsem kteri sleduji komentare $comment_id = mysql_insert_id(); $this->msg->set_text($this->l->t("add_ok")); if ($this->type == 'book') { $this->sent_notice($comment_id); } //pridame body add_points($this->uid, 3, 'comments'); } } //mazani prispevku if ($del) { //kontrola zda-li je jeho a nenni starsi nez 24 hodin $sql = sql_query("select user, time\n from comments\n where (id = '{$del}')"); $data = sql_fetch_object($sql); if ($data->user == $this->uid) { //mazani $sql = sql_query("delete from comments\n where (id = '{$del}')"); if ($sql) { $this->msg->set_text($this->l->t("del_ok")); //odebrani bodu add_points($this->uid, -3, "comments"); } } } //uprava prispevku if ($edit_ok) { //kontrola zda-li je jeho a nenni starsi nez 24 hodin $sql = sql_query("select user, time\n from comments\n where (id = '{$edit_id}')"); $data = sql_fetch_object($sql); $time = time() - 24 * 3600; // && $time < $data->time - moznost mazani pouze 24 hodin po napsani prozatim zrusena if ($data->user == $this->uid) { if ($this->short_posts != 'allowed') { $len = strlen(no_dia($text)); if ($len < 100) { $this->msg->set_text($this->l->t("short_comment", $len), "error"); $this->show_text = "yes"; return 0; } } //uprava $sql = sql_query("update comments\n set text = '{$text}', is_spoiler = '{$is_spoiler}'\n where (id = '{$edit_id}')"); if ($sql) { $this->msg->set_text($this->l->t("edit_ok")); $this->show_text = ''; $_GET['edit'] = ''; } } } //ulozeni / zruseni zasilani novych komentaru $notice_on = clear("notice_on"); $notice_off = clear("notice_off"); if ($notice_on && $this->type == 'book' && $this->uid) { //pripadne smazani kdyby slo o opakovany request $sql = sql_query("delete from comments_notice\n where (user = '******' and book = '" . $this->item . "')"); $sql = sql_query("insert into comments_notice\n (user, book)\n values\n ('" . $this->uid . "', '" . $this->item . "')"); if ($sql) { $this->msg->set_text($this->l->t("notice_on_msg")); } } if ($notice_off && $this->type == 'book' && $this->uid) { $sql = sql_query("delete from comments_notice\n where (user = '******' and book = '" . $this->item . "')"); if ($sql) { $this->msg->set_text($this->l->t("notice_off_msg")); } } }
function get_order_data() { $this->i_name = $_POST["i_name"]; $this->i_street = $_POST["i_street"]; $this->i_city = $_POST["i_city"]; $this->i_zip = $_POST["i_zip"]; $this->i_country = $_POST["i_country"]; $this->note = $_POST["note"]; $this->is_company = checkbox_value(clear("is_company")); if ($this->is_company) { $this->company_name = $_POST["company_name"]; $this->company_ic = $_POST["company_ic"]; $this->company_dic = $_POST["company_dic"]; } else { $this->company_name = ""; $this->company_ic = ""; $this->company_dic = ""; } /* $this->pay_method = clear("pay_method"); $this->pay_method_type = clear("pay_type"); */ }
static function registration($type, $in_order = false) { $nick = clear("nick"); $pass = clear("pass"); $mail = clear("mail"); $lang = clear("lang"); $ver = clear("ver"); $city = clear("city"); $is_newsletter = checkbox_value(clear("is_newsletter")); $l = new lang("registration", $_SESSION["my_lang_ui"]); $msg = $_SESSION["msg"]; if (strlen($pass) < 5) { $msg->set_text($l->t("pass_short"), "error"); $msg->set_specific_text($l->t("pass_short"), "pass", "error"); } //prilis dlouhy nick if (strlen($nick) > 21) { $msg->set_specific_text($l->t("nick_long"), "nick", "error"); } //verifikace proti robotum if (!lang::is_lang_supported(lang::strict_lang_by_user_agent())) { if ($ver != 4) { $msg->set_text($l->t("invalid_ver"), "error"); } } //zjisteni jeslti uz v db neni nekdo se stejnym nickem $sql = sql_query("select id from users\n\t\t\t\t\t\t\t\t\t\t\t\t\twhere (nick = '{$nick}')"); $num = sql_num_rows($sql); if ($num) { $msg->set_specific_text($l->t("nick_exists"), "nick", "error"); } //zjisteni jeslti uz v db neni nekdo se stejnym nickem mailem $sql = sql_query("select id from users\n\t\t\t\t\t\t\t\t\t\t\t\t\twhere (mail = '{$mail}')"); $num = sql_num_rows($sql); if ($num) { $msg->set_specific_text($l->t("mail_exists") . " " . my_link($l->l("ztracene-heslo"), $l->t("lost_password")), "mail", "error"); } if (!$nick || !$pass || !$mail) { $msg->set_text($l->t("empty_data"), "error"); } $test_mail = preg_match('~^[_a-zA-Z0-9-]+(\\.[_a-zA-Z0-9-]+)*@[a-zA-Z0-9-]+(\\.[a-zA-Z0-9-]+)*$~i', $mail); if (!$test_mail) { $msg->set_specific_text($l->t("invalid_email"), "mail", "error"); } //pokud je vse v poradku if ($msg->is_empty()) { $sec_pass = $pass; $pass = md5(md5(md5(md5(md5($pass))))); $names = explode(" ", $nick); if (count($names) > 1) { $surname = $names[count($names) - 1]; } if (!$lang) { $lang = $_SESSION["my_lang"]; } $sql = sql_query("insert into users\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t(nick, pass, mail, register_time, photo,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tshow_readed, booklists_style, virtual_surname, city, is_newsletter,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tlang, lang_ui, registration_source)\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t('{$nick}', '{$pass}', '{$mail}', '" . time() . "', 'no',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'yes', 'default', '" . $surname . "', '" . $city . "', '" . $is_newsletter . "',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'" . $lang . "', '" . $lang . "', '" . $type . "')"); if ($sql) { $id = mysql_insert_id(); //v pripade ze ma ulozeny trackovaci cookie, ulozime udaj $tracking = $_COOKIE["a_campaign"]; if ($tracking) { $s = sql_query("insert into registrations_sources\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t(user, time, source)\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t('" . $id . "', '" . time() . "', '" . $tracking . "')"); } //ulozime pripadne nastavene zajmy $sql_i = sql_query("select name, interest_id from interests\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\twhere (lang = '" . $_SESSION["my_lang"] . "')\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\torder by name asc"); $interests[] = array(); while ($data_i = sql_fetch_object($sql_i)) { $temp = clear("interest_" . $data_i->interest_id); if (isset($interests[(string) $data_i->interest_id])) { continue; } if ($temp) { $interests[$data_i->interest_id] = 1; $s = sql_query("insert into users_interests\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t(user, interest)\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t('" . $id . "', '" . $data_i->interest_id . "')"); } } //zaslani registracniho emailu $text = strip_tags($l->t("reg_mail_text", $nick, $sec_pass) . "\n" . $l->t("web_url")); $sent = mail($mail, $l->t("reg_subject"), $text, "From: info@cbdb.cz \nContent-Type: text/plain; charset=utf-8"); if ($sent) { if (!$in_order) { $msg->set_text($l->t("reg_ok") . "<br />"); } else { } //prihlasime usera ----------------------- $my_login = new my_login(); $my_login->log_in("ok", $nick, $sec_pass); } } } }