<?php
// modules/event/admin_write_save.php
header("content-type: text/html; charset=UTF-8");
// inint
include '../../bin/inint.php';
$ret = array();
// ตรวจสอบ referer และ สมาชิก
if (gcms::isReferer() && gcms::canConfig($config, 'event_can_write')) {
if (isset($_SESSION['login']['account']) && $_SESSION['login']['account'] == 'demo') {
$ret['error'] = 'EX_MODE_ERROR';
} else {
// ค่าที่ส่งมา
$save['topic'] = gcms::getTags($_POST['write_topic']);
$keywords = gcms::getTags($_POST['write_keywords']);
$save['keywords'] = $db->sql_clean(gcms::cutstring(preg_replace('/[\'\\"\\r\\n\\s]{1,}/isu', ' ', $keywords == '' ? $save['topic'] : $keywords), 149));
$description = trim(gcms::getVars($_POST, 'write_description', ''));
$save['description'] = $db->sql_trim_str(gcms::cutstring(gcms::html2txt($description == '' ? $_POST['write_detail'] : $description), 149));
$save['detail'] = gcms::ckDetail($_POST['write_detail']);
$save['published_date'] = $db->sql_trim_str($_POST, 'write_published_date');
$save['published'] = $_POST['write_published'] == '1' ? '1' : '0';
$save['begin_date'] = "{$_POST['write_d']} {$_POST['write_h']}:{$_POST['write_m']}:00";
$save['color'] = $db->sql_trim_str($_POST, 'write_color');
$id = gcms::getVars($_POST, 'write_id', 0);
if ($id > 0) {
// ตรวจสอบโมดูล หรือ เรื่องที่เลือก (แก้ไข)
$sql = "SELECT I.`module_id`,M.`module`";
$sql .= " FROM `" . DB_EVENTCALENDAR . "` AS I";
$sql .= " INNER JOIN `" . DB_MODULES . "` AS M ON M.`owner`='event' AND M.`id`=I.`module_id`";
$sql .= " WHERE I.`id`='{$id}'";
$sql .= " LIMIT 1";
$input = false;
$error = false;
$tab = false;
// details
$details = array();
$alias_topic = '';
foreach ($config['languages'] as $value) {
$topic = $db->sql_trim_str($_POST, "write_topic_{$value}");
$alias = gcms::aliasName($_POST["write_topic_{$value}"]);
$relate = $db->sql_trim($_POST, "write_relate_{$value}");
$keywords = gcms::getTags($_POST["write_keywords_{$value}"]);
$description = $db->sql_trim($_POST, "write_description_{$value}");
if ($topic != '') {
$save = array();
$save['topic'] = $topic;
$save['keywords'] = $db->sql_clean(gcms::cutstring(preg_replace('/[\'\\"\\r\\n\\s]{1,}/isu', ' ', $keywords == '' ? gcms::getTags($_POST["write_topic_{$value}"]) : $keywords), 255));
$save['description'] = gcms::cutstring(gcms::html2txt($description == '' ? $_POST["write_detail_{$value}"] : $description), 255);
$save['detail'] = gcms::ckDetail($_POST["write_detail_{$value}"]);
$save['language'] = $value;
$save['relate'] = $relate == '' ? $save['keywords'] : $relate;
$details[$value] = $save;
$alias_topic = $alias_topic == '' ? $alias : $alias_topic;
}
}
$save = array();
$save['alias'] = gcms::aliasName($_POST['write_alias']);
// id ที่แก้ไข
$id = gcms::getVars($_POST, 'write_id', 0);
$module_id = gcms::getVars($_POST, 'module_id', 0);
if ($id > 0) {
// ตรวจสอบโมดูล หรือ เรื่องที่เลือก (แก้ไข)
// หน้าที่แก้ไข
$sql = "SELECT I.`id`,I.`language`,I.`module_id` FROM `" . DB_INDEX . "` AS I";
$sql .= " INNER JOIN `" . DB_INDEX_DETAIL . "` AS D ON D.`id`=I.`id` AND D.`module_id`=I.`module_id` AND D.`language`=I.`language`";
$sql .= " WHERE I.`id`='{$id}' LIMIT 1";
$index = $db->customQuery($sql);
$index = sizeof($index) == 0 ? false : $index[0];
}
if ($id > 0 && !$index || !preg_match('/^[a-z]+$/', $owner) || !is_dir(ROOT_PATH . "modules/{$owner}")) {
$ret['error'] = 'ACTION_ERROR';
} else {
// ค่าที่ส่งมา
$language = $db->sql_trim_str($_POST, 'write_language');
$module = empty($_POST['write_module']) ? '' : strtolower($db->sql_trim_str($_POST, 'write_module', ''));
$detail_save['topic'] = $db->sql_trim_str($_POST, 'write_topic');
$keywords = gcms::getTags($_POST['write_keywords']);
$detail_save['keywords'] = $db->sql_clean(gcms::cutstring(preg_replace('/[\'\\"\\r\\n\\s]{1,}/isu', ' ', $keywords == '' ? gcms::getTags($_POST['write_topic']) : $keywords), 149));
$detail_save['detail'] = gcms::ckDetail($_POST['write_detail']);
$description = trim(gcms::getVars($_POST, 'write_description', ''));
$detail_save['description'] = $db->sql_trim_str(gcms::cutstring(gcms::html2txt($description == '' ? $_POST['write_detail'] : $description), 149));
$index_save['published_date'] = $db->sql_trim_str($_POST, 'write_published_date');
$index_save['published'] = $_POST['write_published'] == '0' ? '0' : '1';
// owner ที่สามารถใช้ซ้ำได้
if ($owner == 'index' || isset($config[$owner]['description'])) {
// ตรวจสอบชื่อโมดูล
if ($module == '') {
$ret['ret_write_module'] = 'MODULE_EMPTY';
$input = !$error ? 'write_module' : $input;
$error = !$error ? 'MODULE_EMPTY' : $error;
} elseif (!preg_match('/^[a-z0-9]{1,}$/', $module)) {
$ret['ret_write_module'] = 'EN_NUMBER_ONLY';
$input = !$error ? 'write_module' : $input;
