/** * Добавляем сессию. * * @param $session */ public function addNewSession($session = false) { if (!$session) { $session = $this->createSessionID(); } array_push($this->session, __paramValue('string', $session)); }
function savewysiwygAction() { $db = front::og("db"); $alias = front::$_req["alias"]; // проверяем права (могут быть разные для разных страниц) switch ($alias) { default: $permission = null; } if (!$permission || !hasPermissions($permission)) { return; } $text = front::$_req["form"]["n_text"]; $text = iconv('UTF-8', 'CP1251', $text); $text = __paramValue('ckedit', $text); $title = front::$_req["form"]["title"]; $title = iconv('UTF-8', 'CP1251', $title); $title = __paramValue('string', $title); $save = array("title" => $title, "n_text" => $text); if ($alias) { $aff = $db->update("UPDATE static_pages SET ?s WHERE (alias = ?)", $save, $alias); if (!$aff) { $save["alias"] = $alias; $db->insert("static_pages", $save, false); } } echo json_encode(array("success" => true, "alias" => $alias)); }
public function savewysiwygAction() { $db = front::og('db'); $alias = front::$_req['alias']; // проверяем права (могут быть разные для разных страниц) switch ($alias) { default: $permission = null; } if (!$permission || !hasPermissions($permission)) { return; } $text = front::$_req['form']['n_text']; $text = iconv('UTF-8', 'CP1251', $text); $text = __paramValue('ckedit', $text); $title = front::$_req['form']['title']; $title = iconv('UTF-8', 'CP1251', $title); $title = __paramValue('string', $title); $save = array('title' => $title, 'n_text' => $text); if ($alias) { $aff = $db->update('UPDATE static_pages SET ?s WHERE (alias = ?)', $save, $alias); if (!$aff) { $save['alias'] = $alias; $db->insert('static_pages', $save, false); } } echo json_encode(array('success' => true, 'alias' => $alias)); }
/** * Инициализация блока. * * @param string $name @see self::$name * @param string $link @see self::$name * @param string $text @see self::$name */ public function initBlock($name = null, $link = null, $text = null) { $this->name = stripcslashes(__paramValue('string', $name)); $this->link = stripslashes(__paramValue('string', $link)); $this->text = stripcslashes(__paramValue($this->isWysiwyg() ? 'ckeditor' : 'html', $text)); if (!$this->validateLink()) { $this->_error['link'] = true; } }
/** * Прослушиваем входящие запросы * В настоящий момент входящий запрос один. * * @param type $request */ public function listener($request) { if ($request['msisdn'] == '') { header('HTTP/1.0 400 Bad Request'); exit; } $insert = array('msisdn' => __paramValue('string', $request['msisdn']), 'data' => __paramValue('string', $request['data']), 'dlr_status' => sms_gate::STATUS_DELIVERED); $sms_id = $this->_db->insert('sms_gate_server', $insert, 'id'); echo $sms_id; // $params = array( // 'sms_id' => $sms_id, // 'dlr_status' => $insert['dlr_status'] // ); // $this->report($params, 'dlr'); }
/** * Добавляет жалобу на проект. * * @param integer $project_id ID проекта * @param integer $user_id ID пользователя * @param integer $type тип жалобы * @param string $msg текст жалобы * @param string $files имена загруженных скриншотов * * @return xajax responce */ function SendComplain($project_id, $type, $msg, $files) { global $session; session_start(); require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/uploader/uploader.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/projects_complains.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/userecho.php'; $objResponse = new xajaxResponse(); $project_id = (int) $project_id; $user_id = get_uid(false); $type = (int) $type; $msg = __paramValue('htmltext', $msg); $error = false; $project = new projects(); $prj = $project->GetPrj(0, $project_id, 1); $file_list = array(); if ($files != '') { $files = uploader::sgetFiles($files); if (!empty($files)) { $emp = new users(); $emp->GetUser($emp->GetField($prj['user_id'], $ee, 'login')); $dir = 'users/' . substr($emp->login, 0, 2) . '/' . $emp->login . '/upload/'; foreach ($files as $file) { $copy = uploader::remoteCopy($file['id'], 'file_projects', $dir); $rfiles[] = $copy->name; $file_list[] = array('name' => $copy->original_name, 'link' => WDCPREFIX . '/' . $copy->path . $copy->name); } $files = implode(',', $rfiles); } else { $files = ''; } } if (!$files) { $files = ''; } if (projects::IsHaveComplainType($project_id, $user_id, $type)) { // Уже жаловался return $objResponse; } $projects_complains = new projects_complains(); $type_name = $projects_complains->GetComplainType($type); $project_url = getAbsUrl(getFriendlyURL('project', $project_id)); $is_moder = $projects_complains->isComplainTypeModer($type); if ($is_moder) { $userEcho = new UserEcho(); $topic_message = $userEcho->constructMessage($project_url, $prj['name'], $msg, $file_list); $topicUrl = $userEcho->newTopicComplain($type_name, $topic_message, $file_list); if ($topicUrl) { messages::sendProjectComplain($user_id, $project_url, $prj['name'], $msg, $topicUrl); } else { $error = true; } } if (!$error) { $error = projects::AddComplain($project_id, $user_id, $type, $msg, $files, $is_moder && $topicUrl); } if ($error) { $objResponse->script("\$('abuse_project_popup').toggleClass('b-shadow_hide');"); if ($is_moder) { $objResponse->script("\$('abuse-cause-error').removeClass('b-layout__txt_hide'); abuseResetSelection();"); } else { $objResponse->script("\$\$('.abuse-btn-send').removeClass('b-button_rectangle_color_disable')"); } } else { $upl = array('umask' => uploader::umask('prj_abuse'), 'validation' => array('allowedExtensions' => array('jpg', 'gif', 'png', 'jpeg'), 'restrictedExtensions' => array()), 'text' => array('uploadButton' => iconv('cp1251', 'utf8', 'Прикрепить файлы'))); $objResponse->script("\n \$('abuse{$type}').addClass('abuse-checked');\n \$('abuse{$type}').getChildren().each(function(el) { \$(el).addClass('abuse-checked'); });\n "); $objResponse->script("uploader.create('abuse_uploader', " . json_encode($upl) . ');'); $objResponse->script("\$('prj_abuse_msg').set('value', '')"); $objResponse->script("\$\$('.abuse-btn-send').removeClass('b-button_disabled')"); $objResponse->script("\$('abuse_project_popup').toggleClass('b-shadow_hide');"); $objResponse->script("\$('project_abuse_success').removeClass('b-layout__txt_hide');"); $objResponse->script("\$('form_abuse').hide();"); $objResponse->script("setTimeout(\"\$('project_abuse_success').addClass('b-layout__txt_hide')\", 5000);"); if ($is_moder) { $objResponse->script("\$('abuse-cause-error').addClass('b-layout__txt_hide');"); } } return $objResponse; }
/** * Обработка данных в шаге порфтоило * * @return string */ public function actionProcessingPortfolio() { $error = array(); $type = __paramInit('int', null, 'spec_column_id'); $spec = __paramInit('int', null, 'spec_db_id'); $spec_name = __paramInit('string', null, 'spec'); if ($type == 0) { $error['spec'] = 'Вы должны выбрать свою специализацию'; } else { $data['spec_orig'] = professions::GetProfessionOrigin($spec); } $data['spec'] = $spec; $data['exp'] = __paramInit('int', null, 'exp'); $data['cost_hour'] = __paramInit('float', null, 'cost_hour'); $data['cost_type_hour'] = __paramInit('int', null, 'currency_hour_db_id'); $curr_hour_name = __paramInit('string', null, 'currency_hour'); $data['cost_month'] = __paramInit('float', null, 'cost_month'); $data['cost_type_month'] = __paramInit('int', null, 'currency_month_db_id'); $curr_month_name = __paramInit('string', null, 'currency_month'); $data['resume'] = __paramInit('int', null, 'resume_id'); $data['info'] = stripslashes(__paramInit('string', null, 'info', '')); if (strlen($data['info']) > 4000) { $error['info'] = 'Исчерпан лимит символов для этого поля (4000 символов)'; } $data['in_office'] = $_POST['in_office'] == 1 ? 1 : 0; if ($data['resume'] > 0) { $resume = new CFile($data['resume']); } if ($data['exp'] < 0 || $data['exp'] > step_freelancer::MAX_YEAR_VALUE) { $error['exp'] = 'Недопустимое значение. Опыт работы должен быть в пределе от 0 до ' . step_freelancer::MAX_YEAR_VALUE . '.'; } if ($data['cost_hour'] < 0 || $data['cost_hour'] > $this->MAX_COST_HOUR[$data['cost_type_hour']]) { $error['cost_hour'] = 'Недопустимое значение. Стоимость часа работы должна быть в пределе ' . view_range_cost2(0, $this->MAX_COST_HOUR[$data['cost_type_hour']], '', '', false, $data['cost_type_hour'] . '.'); } if ($data['cost_month'] < 0 || $data['cost_month'] > $this->MAX_COST_MONTH[$data['cost_type_month']]) { $error['cost_month'] = 'Недопустимое значение. Стоимость месяца работы должна быть в пределе ' . view_range_cost2(0, $this->MAX_COST_MONTH[$data['cost_type_month']], '', '', false, $data['cost_type_month']) . '.'; } if (count($error) <= 0) { $insert['portfolio'] = serialize($data); $this->parent->saveFieldsInfo($insert); } // Обрабатываем порфтолио if (is_array($_POST['name'])) { foreach ($_POST['name'] as $k => $value) { $value = __paramValue('string', stripslashes($value)); $descr = __paramValue('string', stripslashes($_POST['descr'][$k])); $id = __paramValue('int', $_POST['id'][$k]); // id работы, если он есть $link = __paramValue('string', stripslashes($_POST['link'][$k])); $link = preg_replace("/^http:\\/\\//", "", trim($link)); if ($value == '' && $descr == '' && $link == '' && empty($_POST['pict_id'][$k])) { continue; } if (is_empty_html($value)) { $error['portf' . $k]['name'] = "Введите название работы"; } if (strlen($descr) > 1500) { $error['descr' . $k]['name'] = "Исчерпан лимит символов для этого поля (1500 символов)"; } if ($link != '' && !url_validate($link)) { $error['portf' . $k]['link'] = "Поле заполнено некорректно"; } $portf_insert[] = array("name" => $value, "pict_id" => $_POST['pict_id'][$k] > 0 ? intval($_POST['pict_id'][$k]) : null, "link" => $link, "prof_id" => $spec, "wiz_uid" => $this->getWizardUserID(), "descr" => $descr, "id" => $id); } } if (count($error) <= 0) { if (count($portf_insert) > 0) { $ids = $this->createWorks($portf_insert); } $this->parent->setCompliteStep(true); $this->parent->setNextStep($this->parent->getPosition() + 1); header("Location: /wizard/registration/"); exit; } $this->request = $data; $this->portf_insert = $portf_insert; return $error; }
/** * Сохранение поста в сообществах * * @param object $objResponse xajaxResponse * @param string $rec_id идентификатор записи * @param string $rec_type тип записи * @param array $aForm массив данных * @param string $sDrawFunc имя функции для выполнения после сохранения */ function _admEditCommunityPostSaveForm(&$objResponse, $rec_id = '', $rec_type = '', $aForm = array(), $sDrawFunc = '') { // инициализация require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/commune.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/attachedfiles.php'; $aForm['title'] = antispam(change_q_x($aForm['title'], true, false)); $aForm['title'] = substr($aForm['title'], 0, 256); $aForm['title'] = $aForm['title'] === false ? '' : $aForm['title']; $aForm['youtube_link'] = change_q_x($aForm['youtube_link'], false, true, null, false, false); $aForm['question'] = trim(change_q_x($aForm['question'], true)); $aForm['close_comments'] = isset($aForm['close_comments']) ? $aForm['close_comments'] : 0; $aForm['is_private'] = isset($aForm['is_private']) ? $aForm['is_private'] : 0; $aForm['answers'] = is_array($aForm['answers']) ? $aForm['answers'] : array(); $aForm['answers_exists'] = is_array($aForm['answers_exists']) ? $aForm['answers_exists'] : array(); $question = change_q_x_a(antispam(preg_replace('/&/', '&', $aForm['question'])), false, false, ''); $multiple = (bool) $aForm['multiple']; $answers = array(); $answers_exists = array(); $acount = 0; $alert = array(); $attachedfiles = new attachedfiles($aForm['attachedfiles_session']); if (commune::IS_NEW_WYSIWYG) { $aForm['msgtext'] = __paramValue('ckedit', antispam($aForm['msgtext'])); $aForm['msgtext'] = stripslashes($aForm['msgtext']); } else { $aForm['msgtext'] = __paramValue('wysiwyg_tidy', antispam($aForm['msgtext'])); } if ($aForm['answers'] && is_array($aForm['answers'])) { foreach ($aForm['answers'] as $key => $answer) { if (($t = substr_entity(change_q_x_a(antispam(preg_replace('/&/', '&', trim((string) $answer))), false, false, ''), 0, commune::POLL_ANSWER_CHARS_MAX * 2, true)) != '') { $answers[] = $t; ++$acount; } else { unset($aForm['answers'][$key]); } } } if ($aForm['answers_exists'] && is_array($aForm['answers_exists'])) { foreach ($aForm['answers_exists'] as $key => $answer) { if (intval($key) && ($t = substr_entity(change_q_x_a(antispam(preg_replace('/&/', '&', trim((string) $answer))), false, false, ''), 0, commune::POLL_ANSWER_CHARS_MAX * 2, true)) != '') { $answers_exists[intval($key)] = $t; ++$acount; } } } if (strlen_real($question) > commune::POLL_QUESTION_CHARS_MAX) { $len = strlen($question); $rlen = strlen_real($question); $question = substr($question, 0, $len - ($rlen - commune::POLL_QUESTION_CHARS_MAX)); } // валидация if (strlen($_POST['title']) > commune::MSG_TITLE_MAX_LENGTH) { $alert[1] = 'Количество символов превышает допустимое (' . commune::MSG_TITLE_MAX_LENGTH . ')'; } if ($aForm['youtube_link'] != '') { if ($video = video_validate($aForm['youtube_link'])) { $aForm['youtube_link'] = $video; } else { $alert[2] = 'Неверная ссылка'; } } if ($acount > 0 && $question == '') { $alert[3] = 'Введите текст вопроса'; } elseif ($acount > commune::POLL_ANSWERS_MAX && $question != '') { $alert[3] = 'Вы можете указать максимум ' . commune::POLL_ANSWERS_MAX . ' ответов'; } elseif ($acount < 2 && $question != '') { $alert[3] = 'Нужно указать минимум 2 варианта ответа'; } $files_info = $attachedfiles->calcFiles(); if (is_empty_html($aForm['msgtext']) && $question == '' && empty($alert) && !$files_info['count'] && $aForm['youtube_link'] == '') { $alert[4] = 'Поле заполнено некорректно'; $aForm['msgtext'] = ''; } elseif (strlen($aForm['msgtext']) > commune::MSG_TEXT_MAX_LENGTH) { $alert[4] = 'Количество символов превышает допустимое'; } if (!$alert) { require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/messages.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/user_content.php'; commune::CreateMessage($aForm, $aForm['commune_id'], $_SESSION['uid'], $rec_id, null, $question, $answers, $answers_exists, $multiple); commune::DeleteMarkedAttach($rec_id); // прикрепленные файлы $attachedfiles_files = $attachedfiles->getFiles(array(1, 3, 4)); commune::addAttachedFiles($attachedfiles_files, $rec_id, $aForm['user_login'], false); $attachedfiles->clear(); // !!!TODO: https://beta.free-lance.ru/mantis/view.php?id=19174 $sReason = _parseReason($aForm['user_id'], $aForm['adm_edit_text']); messages::communityModifiedNotification($rec_id, $rec_type, $aForm['user_login'], $aForm['user_uname'], $aForm['user_usurname'], $sReason); $content_id = user_content::MODER_COMMUNITY; _admEditAfterAll($objResponse, $content_id, $rec_id, $rec_type, $sDrawFunc, $aForm); } else { _setErrors($objResponse, $alert, array(1 => 'title', 2 => 'youtube_link', 3 => 'question', 4 => 'msg'), $sDrawFunc); } }
curl_setopt($ch, CURLOPT_USERPWD, BASIC_AUTH); curl_setopt($ch, CURLOPT_POSTFIELDS, $post); ob_start(); $res = curl_exec($ch); $complete = ob_get_clean(); header('Location: /bill/'); exit; } $_SESSION['post_payment'] = $_POST; $_SESSION['referer'] = $_SERVER['HTTP_REFERER']; ?> <h2>Тестовая оплата Веб.Кошелек</h2> <p> Оплата услуг аккаунт <?php echo __paramValue('string', $_POST['nickname']); ?> , сумма оплаты <?php echo to_money($_POST['amount'], 2); ?> рублей </p> <form method="POST" /> <input type="submit" name="success" value="Оплатить" /> <input type="submit" name="cancel" value="Отмена" /> <input type="hidden" name="u_token_key" value="<?php echo $_SESSION['rand']; ?> "/> </form>
function MsgDelFile($cid, $file_id) { session_start(); $cid = __paramValue('int', $cid); $file_id = __paramValue('int', $file_id); // if(!isset($_SESSION['uid'])) return; $objResponse = new xajaxResponse(); if ($result = commune::DeleteAttach($cid, $file_id, true)) { $uploaded = commune::GetAttach($cid, true); $mess['user_login'] = $_SESSION['login']; $page = TPL_COMMUNE_PATH . '/uploaded_files.php'; ob_start(); include $page; $html = ob_get_contents(); ob_end_clean(); $objResponse->assign('uploaded_list', 'innerHTML', $html); $objResponse->script('$("files_block").style.display = "block"'); } // $objResponse->assign('uploaded_list', 'innerHTML', $error); return $objResponse; }
public function prepareRequest($params) { foreach ($params as $name => $value) { switch ($name) { case 'portf_text': $params[$name] = __paramValue('html_save_ul_li_b_p_i', trim($params['portf_text'])); break; case 'old_portf_text': $params[$name] = __paramValue('html_save_ul_li_b_p_i', trim($params['old_portf_text'])); break; case 'prof_cost_type_hour_db_id': case 'prof_cost_type_db_id': case 'prof_time_type_db_id': case 'prof_time_from': case 'prof_time_to': case 'on_preview': $params[$name] = intval($value); break; case 'prof_cost_hour': case 'prof_cost_to': case 'prof_cost_from': case 'prof_cost1000': $params[$name] = intval($value * 100) / 100; break; } } return $params; }
/** * Преобработка данных, которые будут использоваться в запросе добавления/редактирования комментария. * * @return array */ function _new_preMsgSql() { $msg = $this->post_msg; $msg['id'] = intvalPgSql($msg['id']); $msg['msgtext'] = pg_escape_string(__paramValue('ckeditor', $msg['msgtext'])); //pg_escape_string(change_q_x($msg['msgtext'], false, false, 'b|br|i|p|s|ul|li|h[1-6]')); // !!! вернуть все теги потом. $msg['yt_link'] = pg_escape_string(change_q_x($msg['yt_link'], true, false)); $msg['parent_id'] = (int) $msg['parent_id'] ? (int) $msg['parent_id'] : 'NULL'; return $msg; }
/** * Проверяем контакты введенные пользователем. * * @param type $post_contacts * @param type $contacts * * @return string */ public static function validateContacts($post_contacts, &$contacts) { $error = array(); foreach ($post_contacts as $name => $value) { if (!isset($contacts[$name])) { continue; } switch ($name) { case 'phone': // if (!preg_match('/^[+]*?[0-9\\s]{9,17}$/', $value) && trim($value) != '') { // $error["contact_{$name}"] = 'Поле заполнено некорректно'; // } break; case 'site': if (!url_validate(ltrim(ltrim($value, 'http://'), 'https://')) && trim($value) != '') { $error["contact_{$name}"] = 'Поле заполнено некорректно'; } if (strpos($value, 'htt') === false && trim($value) != '') { $value = 'http://' . $value; } break; case 'email': if (!is_email($value) && trim($value) != '') { $error["contact_{$name}"] = 'Поле заполнено некорректно'; } break; } $contacts[$name]['value'] = __paramValue('htmltext', stripslashes($value)); } return $error; }
/** * Обработка входящих данных на запись рассылки * * @param array $post Входящие данные $_POST * @return array Обработканные данные для записи array(name=>value) где name - имя поля в таблице value - значение поля */ public function initPost($post) { $insert = array(); if ($post['attachedfiles_session']) { $attachedfiles = new attachedfiles($post['attachedfiles_session']); $attachedfiles_files = $attachedfiles->getFiles(array(1, 3, 4)); if (count($attachedfiles_files) > 0) { $insert['is_attached'] = true; $_POST['attachedfiles_files'] = $attachedfiles_files; } else { $insert['is_attached'] = false; } } $insert['in_draft'] = (int) $post['in_draft'] == 0 ? 'false' : 'true'; if (isset($post['status_sending'])) { $insert['status_sending'] = (int) $post['status_sending']; } if (isset($post['status_message'])) { $insert['status_message'] = (int) $post['status_message']; } if (!is_empty_html($post['subject'])) { $insert['subject'] = __paramValue('string', addslashes($post['subject'])); } else { $insert['subject'] = 'Рассылка Free-lance.ru'; //$this->error['subject'] = 'Введите заголовок письма'; } if (!is_empty_html($post['message'])) { //$insert['message'] = addslashes(__paramValue('ckedit', stripslashes($post['message']) )); $insert['message'] = $post['message']; } else { $this->error['message'] = 'Введите текст письма'; } if ($post['type_sending']) { $post['type_sending'] = array_map('intval', $post['type_sending']); $insert['type_sending'] = (string) implode("", array((int) $post['type_sending'][0], (int) $post['type_sending'][1])); } if ($post['type_regular']) { $insert['type_regular'] = __paramValue('int', $post['type_regular']); } if ($post['type_send_regular']) { $insert['type_send_regular'] = __paramValue('int', $post['type_send_regular']); } if (!is_empty_html($post['time_sending'])) { $time = __paramValue('string', $post['time_sending']) . ":00"; if (is_empty_html($post['date_sending'])) { $insert['date_sending'] = date('Y-m-d ' . $time); } } elseif ($insert['type_regular'] == 2) { $this->error['time_sending'] = 'Введите время отправки рассылки'; } if (!is_empty_html($post['date_sending'])) { $time = "00:00"; if (!is_empty_html($post['time_sending'])) { $time = __paramValue('string', $post['time_sending']) . ":00"; } $insert['date_sending'] = date('Y-m-d ' . $time, strtotime($post['date_sending'])); } elseif ($insert['type_regular'] != 2) { $this->error['date_sending'] = 'Введите дату отправки рассылки'; } // Обработка фильтра Работодателя if ($post['filter_emp']) { // Записываем фильтр $insert['filter_emp'] = $this->initPostEmpFilter($post); } if ($post['filter_frl']) { // Записываем фильтр $insert['filter_frl'] = $this->initPostFrlFilter($post); } if ($post['filter_file']) { $insert['filter_file'] = true; } else { $insert['filter_file'] = ''; } $insert['user_id'] = get_uid(); //$insert['count_recipients'] = 0; return $insert; }
<?php define('NO_CSRF', true); $post = $_POST; $get = $_GET; require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/stdf.php"; require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/pskb.php"; require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/log.php"; $src = __paramValue('int', $get['res']); $state = __paramValue('int', $post['state']); $lc_id = __paramValue('int', $post['account']); $log_data = array('GET' => $get, 'POST' => $post); if (!pskb::validateCardRequest($post)) { $src = 2; $state = -999; $log_data['err'] = array('src' => $src, 'state' => $state); } $log = new log("pskb_cards/income-" . SERVER . '-%d%m%Y.log', 'a', '%d.%m.%Y %H:%M:%S : ' . $_SERVER['REMOTE_ADDR'] . ' : '); $log->writevar($log_data); $pskb = new pskb(); $_lc = $pskb->getLCbyLCId($lc_id); $err_msg = "Неизвестная ошибка"; if ($src == 2) { if ($state && in_array($state, array_keys(pskb::$card_messages))) { $err_msg = pskb::$card_messages[$state]; } if (!in_array($state, array(2, -999))) { $pskb->upLC(array('state' => 'err', 'stateReason' => $err_msg), $_lc['lc_id']); } } if ($src === 1 && defined('PSKB_TEST_MODE')) {
/** * Задаем текущий активный шаг */ public function setLastStep() { if (!isset($_COOKIE[$this->_cookie_names['step']])) { $this->_step = current(array_keys($this->steps)); setcookie($this->_cookie_names['step'], $this->_step, $this->_lifeTimeCookie(), '/', $GLOBALS['domain4cookie']); } else { $this->_step = __paramValue('int', $_COOKIE[$this->_cookie_names['step']]); } }
} else { $subcat = $freelancer->spec; $cat = professions::GetGroupIdByProf($subcat); $cats[] = array('category_id' => $cat, 'subcategory_id' => $subcat); $tmpPrj->setCategories($cats); } $tmpPrj->setProjectField('country', __paramValue('int', $_POST['project_location_columns'][0])); $tmpPrj->setProjectField('city', __paramValue('int', $_POST['project_location_columns'][1])); } if ($project['kind'] == projects::KIND_PROJECT) { $tmpPrj->setProjectField('pro_only', 't'); } else { $tmpPrj->setProjectField('pro_only', __paramInit('bool', NULL, 'pro_only') ? 't' : 'f'); } $tmpPrj->setProjectField('verify_only', __paramInit('bool', NULL, 'verify_only') ? 't' : 'f'); $tmpPrj->setProjectField('videolnk', __paramValue('html', antispam($_POST['videolnk']), 60, true)); $tmpPrj->setProjectField('strong_top', __paramInit('int', NULL, 'strong_top')); $tmpPrj->setProjectField('prefer_sbr', __paramInit('bool', NULL, 'prefer_sbr') ? 't' : 'f'); $tmpPrj->setAddedTopDays(__paramInit('bool', NULL, 'top_ok') ? __paramInit('int', NULL, 'top_days', 0) : 0); $tmpPrj->setProjectField('link', substr(__paramInit('string', NULL, 'link'), 0, 100)); $oproject = $project; $project = $tmpPrj->getProject(); //Данные о ранее купленных услугах "Срочный" и "Скрытый" //Если редактирование, то берем старое значение. иначе false if ($tmpPrj->isEdit()) { $tmpPrj->setProjectField('o_hide', $oproject['hide']); $tmpPrj->setProjectField('o_urgent', $oproject['urgent']); } else { $tmpPrj->setProjectField('o_hide', 'f'); $tmpPrj->setProjectField('o_urgent', 'f'); }
/** * Инициализируем тип оплаты на странице. * * @todo: более данный механизм не используется, хотя можно было на его базе попробовать использовать ЯДКассу * * @param string $type_payment Название тип оплаты (передается в $_GET['type']) */ public function setPaymentMethod($type_payment) { require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/exrates.php'; switch ($type_payment) { case 'sber_print': $this->payment_template = 'bank/tpl.bank_fiz_print.php'; $this->type_menu_block = 'bank'; $this->payment_type = exrates::BANK; break; case 'sber': require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/bank_payments.php'; $this->payment_template = 'bank/tpl.bank_fiz.php'; $this->type_menu_block = 'bank'; $this->payment_type = exrates::BANK; $this->pm = new bank_payments(); $this->pm->bank_code = __paramInit('int', null, 'bc', bank_payments::BC_SB); $this->pm->sum = __paramInit('float', null, 'Sum'); $bp_reqv = bank_payments::GetLastReqv($this->pm->bank_code, $this->user['uid']); $this->pm->fio = $bp_reqv['fio']; $this->pm->address = $bp_reqv['address']; if (!$this->pm->bill_num) { $this->pm->bill_num = bank_payments::GenBillNum($this->pm->bank_code, $this->user['uid'], $this->acc['id']); } if (isset($_POST['action']) && $_POST['action'] == 'payment') { $this->pm->fio = substr(__paramInit('string', null, 'fio'), 0, 128); $this->pm->is_gift = false; $this->pm->address = substr(__paramInit('string', null, 'address'), 0, 255); $this->pm->bank_code = __paramInit('int', null, 'bc'); $this->pm->sum = __paramInit('float', null, 'sum'); setlocale(LC_ALL, 'en_US.UTF-8'); // гребанная бета! (это не мое) $this->pm->fm_sum = $bp->sum / EXCH_TR; $id = __paramInit('int', null, 'id'); if ($this->pm->sum < 10) { $alert['sum'] = 'Минимальная сумма платежа 10 рублей'; } if (!$this->pm->fio) { $alert['fio'] = 'Поле заполнено некорректно.'; } if (!$this->pm->address) { $alert['address'] = 'Поле заполнено некорректно.'; } if (!$alert) { if ($id) { $this->pm->bank_code = null; $this->pm->Update($id, " AND user_id = {$this->user['uid']} AND accepted_time IS NULL"); } else { $this->pm->bill_num = bank_payments::GenBillNum($this->pm->bank_code, $this->user['uid'], $this->acc['id']); $this->pm->user_id = $this->user['uid']; $this->pm->op_code = 12; $id = $this->pm->Add($error, true); } if (!$error) { $prepare = $this->preparePayments($this->getTotalAmmountOrders()); if ($prepare) { header("Location: /bill/payment/print/?type=sber_print&id={$id}"); exit; } } } $this->error = $alert; } $this->bank = bank_payments::GetBank($bp->bank_code); break; case 'bank_print': require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/reqv.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/reqv_ordered.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/city.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/country.php'; if ($_GET['order'] > 0) { $this->payment_template = 'bank/tpl.bank_jur_transfer.php'; $this->tid = intval($_GET['order']); } else { $this->payment_template = 'bank/tpl.bank_jur_print.php'; } $this->type_menu_block = 'bank'; $this->payment_type = exrates::BANK; $this->bank_sum = $_SESSION['sum_bank_print']; $this->bank_id = $_SESSION['id_bank_print']; unset($_SESSION['sum_bank_print'], $_SESSION['id_bank_print']); break; case 'bank': require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/reqv.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/reqv_ordered.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/city.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/country.php'; $this->payment_template = 'bank/tpl.bank_jur.php'; $this->type_menu_block = 'bank'; $this->payment_type = exrates::BANK; $this->pm = new reqv(); $reqvByUid = $this->pm->GetByUid($this->user['uid']); $reqvs_ord = new reqv_ordered(); $this->pm->billNum = sizeof($reqvs_ord->GetByUid($this->user['uid'])); $this->pm->BindRequest($reqvByUid[0]); if (isset($_POST['action']) && $_POST['action'] == 'payment') { $_POST['country'] = country::getCountryName($_POST['country_db_id']); $_POST['city'] = city::getCityName($_POST['city_db_id']); $this->pm->BindRequest($_POST); $this->error = $this->pm->CheckInput(); if ($_POST['sum'] < 10) { $this->error['sum'] = 'Минимальная сумма платежа 10 рублей'; } if (!$this->error) { $this->pm->user_id = $this->user['uid']; if ($reqvByUid[0]['id'] > 0) { $id = $reqvByUid[0]['id']; $this->pm->Update($id, " AND user_id= {$this->user['uid']}"); } else { $id = $this->pm->Add($err, true); } $prepare = $this->preparePayments($this->getTotalAmmountOrders()); if ($prepare) { $_SESSION['id_bank_print'] = $id; $_SESSION['sum_bank_print'] = intval($_POST['sum']); header('Location: /bill/payment/print/?type=bank_print'); exit; } } } break; case 'alphabank': $this->payment_template = 'bank/tpl.alphabank.php'; $this->type_menu_block = 'bank'; $this->payment_type = exrates::BANK; if (isset($_POST['action']) && $_POST['action'] == 'reserve') { header('Location: /bill/'); exit; } break; case 'card': require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/settings.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/card_account.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/cardpay.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/city.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/sbr_meta.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/onlinedengi_cards.php'; $this->payment_template = 'card/tpl.card.php'; $this->type_menu_block = 'card'; $this->payment_type = exrates::CARD; $this->card_merchant = settings::GetVariable('billing', 'card_merchant'); if ($this->card_merchant) { $card_account = new card_account(); $card_account->account_id = $this->acc['id']; $this->pm = new onlinedengi_cards(); if (!$this->not_init_pm) { $this->pm->order_id = $card_account->Add(); } } else { $this->pm = new card_account(); $this->pm->account_id = $this->acc['id']; if (!$this->not_init_pm) { $this->pm->order_id = $this->pm->Add(); } $this->pm->reqv = sbr_meta::getUserReqvs($this->user['uid']); } break; case 'qiwi': $this->payment_template = 'terminal/tpl.qiwi.php'; case 'svyasnoy': $this->payment_template = $this->payment_template ? $this->payment_template : 'terminal/tpl.svyasnoy.php'; case 'euroset': $this->payment_template = $this->payment_template ? $this->payment_template : 'terminal/tpl.euroset.php'; $this->type_menu_block = 'terminal'; $this->payment_type = exrates::OSMP; if ($_POST['action'] == 'osmp') { $prepare = $this->preparePayments($this->getTotalAmmountOrders()); if (!$this->test && $prepare !== false) { header('Location: /bill/'); exit; } } else { $this->error = 'Ошибка создания списка оплаты'; } break; case 'megafon_mobile': $this->payment_template = 'mobile/tpl.m_megafon.php'; case 'beeline_mobile': $this->payment_template = $this->payment_template ? $this->payment_template : 'mobile/tpl.m_beeline.php'; case 'mts_mobile': $this->payment_template = $this->payment_template ? $this->payment_template : 'mobile/tpl.m_mts.php'; case 'matrix_mobile': $this->payment_template = $this->payment_template ? $this->payment_template : 'mobile/tpl.m_matrix.php'; $this->type_menu_block = 'mobilesys'; $this->payment_type = exrates::MOBILE; require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/qiwipay.php'; $this->pm = new qiwipay($this->user['uid']); if ($_POST['operator'] == 'megafon' || $_POST['operator'] == 'beeline' || $_POST['operator'] == 'mts' || $_POST['operator'] == 'matrix') { $phone = __paramValue('string', $_POST['phone']); $phone = str_replace(array('+7', '+77'), '', $phone); $err = 0; switch ($_POST['operator']) { case 'megafon': if (!(strpos($phone, '34') === 0 || strpos($phone, '62') === 0 || strpos($phone, '82') === 0 || strpos($phone, '92') === 0 || strpos($phone, '35') === 0 || strpos($phone, '63') === 0 || strpos($phone, '83') === 0 || strpos($phone, '93') === 0 || strpos($phone, '69') === 0 || strpos($phone, '99') === 0)) { $this->error['phone'] = 'Проверьте, верно ли выбран оператор. Указанный номер не относится в сети Мегафон'; $err = 1; } break; case 'beeline': if (!(strpos($phone, '90') === 0 || strpos($phone, '96') === 0)) { $this->error['phone'] = 'Проверьте, верно ли выбран оператор. Указанный номер не относится в сети Beeline'; $err = 1; } break; case 'mts': if (!(strpos($phone, '91') === 0 || strpos($phone, '98') === 0)) { $this->error['phone'] = 'Проверьте, верно ли выбран оператор. Указанный номер не относится в сети МТС'; $err = 1; } break; case 'matrix': if (!(strpos($phone, '958') === 0)) { $this->error['phone'] = 'Проверьте, верно ли выбран оператор. Указанный номер не относится в сети Matrix'; $err = 1; } break; } if (!$err) { $sum = __paramValue('float', $_POST['sum']); $request = array('phone' => $phone, 'sum' => $sum, 'oper_code' => $_POST['operator']); $created = $this->pm->createBill($request); if (!$created) { $prepare = $this->preparePayments($this->getTotalAmmountOrders()); if (!$this->test && $prepare !== false) { header('Location: /bill/'); exit; } } else { $this->error = $created; } } } break; case 'webpay': $this->type_menu_block = 'psys'; $this->payment_type = exrates::WEBM; $this->payment_template = 'psys/tpl.webpay.php'; break; case 'qiwipurse': require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/qiwipay.php'; $this->pm = new qiwipay($this->user['uid']); $this->type_menu_block = 'psys'; $this->payment_type = exrates::QIWIPURSE; $this->payment_template = 'psys/tpl.qiwipurse.php'; if ($_POST['action'] == 'qiwipurse') { $phone = __paramValue('string', $_POST['phone']); $phone = str_replace(array('+7', '+77'), '', $phone); $sum = __paramValue('float', $_POST['sum']); $request = array('phone' => $phone, 'sum' => $sum); $created = $this->pm->createBill($request); if (!$created) { $prepare = $this->preparePayments($this->getTotalAmmountOrders()); if (!$this->test && $prepare !== false) { header('Location: /bill/'); exit; } } else { $this->error = $created; } } break; case 'yandex': $this->type_menu_block = 'psys'; $this->payment_type = exrates::YM; $this->payment_template = 'psys/tpl.yandex.php'; break; case 'webmoney': $this->type_menu_block = 'psys'; require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/pmpay.php'; $this->payment_type = exrates::WMR; $this->payment_template = 'psys/tpl.webmoney.php'; $this->pm = new pmpay(); break; case 'okpay': $this->type_menu_block = 'psys'; $this->payment_type = exrates::OKPAY; $this->payment_template = 'psys/tpl.okpay.php'; break; } $this->type_payment = $type_payment; }
/** * формирует превью проекта на главной странице. */ function GetPreview($data) { $objResponse = new xajaxResponse(); require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/projects.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/attachedfiles.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/CFile.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/HTML/projects_lenta.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/project_exrates.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/memBuff2.php'; $kind = 1; $memBuff = new memBuff(); $htmlLenta = $memBuff->get('projectsLentaHTML'); if (!$htmlLenta) { $prj = new new_projects(); $prjs = $prj->getProjects($num_prjs, -1, 1, false, null, true); foreach ($prjs as &$proj) { // стираем принадлежность проекта к пользователю, чтобы не появилось кнопок РЕДАКТИРОВАТЬ и пр. unset($proj['user_id']); } unset($proj); $htmlPrj = new HTMLProjects(); $htmlPrj->template = '/projects/tpl.lenta.new.php'; $prj_content = $htmlPrj->ShowProjects($num_prjs, $prjs, 1, 1, null, true); $prfs = new professions(); $profs = $prfs->GetAllProfessions('', 0, 1); // подложка с лентой проектов ob_start(); include $_SERVER['DOCUMENT_ROOT'] . '/templates/main.php'; $htmlLenta = ob_get_clean(); // кэшируем ленту проектов $memBuff->set('projectsLentaHTML', $htmlLenta, 1800); } // подготавливаем данные для шаблона в ленту проектов $row = array(); $row['kind'] = __paramValue('int', $data['kind']); $row['cost'] = __paramValue('int', $data['cost']); $row['currency'] = __paramValue('int', $data['currency_db_id']); $row['priceby'] = __paramValue('int', $data['priceby_db_id']); $row['name'] = stripslashes(__paramValue('html', $data['name'], null, true)); $contacts = array('phone' => array('name' => 'Телефон', 'value' => ''), 'site' => array('name' => 'Сайт', 'value' => ''), 'icq' => array('name' => 'ICQ', 'value' => ''), 'skype' => array('name' => 'Skype', 'value' => ''), 'email' => array('name' => 'E-mail', 'value' => '')); if (isset($data['contacts'])) { foreach ($data['contacts'] as $name => $value) { if (!isset($contacts[$name])) { continue; } switch ($name) { case 'site': if (!url_validate(ltrim(ltrim($value, 'http://'), 'https://')) && trim($value) != '') { $error["contact_{$name}"] = 'Поле заполнено некорректно'; } if (strpos($value, 'htt') === false && trim($value) != '') { $value = 'http://' . $value; } break; case 'email': if (!is_email($value) && trim($value) != '') { $error["contact_{$name}"] = 'Поле заполнено некорректно'; } break; } $contacts[$name]['value'] = __paramValue('htmltext', stripslashes($value)); } $row['contacts'] = serialize($contacts); } $descrFull = stripslashes(__paramValue('html', $data['descr'], null, true)); $descr = preg_replace('/^ /', "", $descrFull); $descr = preg_replace("/(\n) /", "\$1", $descr); $descr = reformat(strip_tags(htmlspecialchars(LenghtFormatEx(htmlspecialchars_decode($descr, ENT_QUOTES), 180), ENT_QUOTES), '<br />'), 50, 1, 0, 1); $descr = preg_replace("//", ' ', $descr); $row['descr'] = $descr; $row['t_is_payed'] = $data['logo_ok'] || $data['top_ok']; $row['t_is_ontop'] = __paramValue('bool', $data['top_ok']); $row['t_pro_only'] = $data['pro_only'] ? 't' : 'f'; $row['t_verify_only'] = $data['verify_only'] ? 't' : 'f'; $row['t_urgent'] = $data['urgent'] ? 't' : 'f'; $row['t_hide'] = $data['hide'] ? 't' : 'f'; $row['create_date'] = date('Y-m-d H:i', strtotime(date('Y-m-d H:i:s')) - 120); // делаем дату публикации 2 минуты назад $row['end_date'] = __paramValue('string', $data['end_date']); $row['win_date'] = __paramValue('string', $data['win_date']); $row['country'] = __paramValue('int', $data['project_location_columns'][0]); $row['city'] = __paramValue('int', $data['project_location_columns'][1]); list($row['country_name'], $row['city_name']) = explode(': ', __paramValue('string', $data['location'])); $logoOK = __paramValue('bool', $data['logo_ok']); $topOK = __paramValue('bool', $data['top_ok']); $row['link'] = __paramValue('string', $data['link']); if ($logoOK) { $logoAttach = new attachedfiles($data['logo_attachedfiles_session']); $logoFiles = $logoAttach->getFiles(array(1)); if (count($logoFiles)) { $logoFile = array_pop($logoFiles); // загружено может быть несколько файлов, берем последний $logoCFile = new CFile($logoFile['id']); } elseif (__paramValue('int', $data['logo_file_id'])) { $logoCFile = new CFile(__paramValue('int', $data['logo_file_id'])); } $row['logo_name'] = $logoCFile->name; $row['logo_path'] = $logoCFile->path; } $is_ajax = true; // подготовка данных для подробной страницы проекта $project = $row; $categories = array(); for ($i = 0; $i < 3; ++$i) { $categoryID = __paramValue('int', $data['project_profession' . $i . '_columns'][0]); $subcategoryID = __paramValue('int', $data['project_profession' . $i . '_spec_columns'][0]); if ($categoryID || $subcategoryID) { $categories[] = array('category_id' => $categoryID, 'subcategory_id' => $subcategoryID); } } $project['spec_txt'] = projects::_getSpecsStr($categories, ' / ', ', ', true); $project['ico_payed'] = $logoOK; $project['is_upped'] = $topOK; $project['descr'] = $descrFull; $project['logo_id'] = $logoCFile->id; $project['prefer_sbr'] = __paramValue('bool', $data['prefer_sbr']) ? 't' : 'f'; $project['urgent'] = __paramValue('bool', $data['urgent']) ? 't' : 'f'; $project['hide'] = __paramValue('bool', $data['hide']) ? 't' : 'f'; if (trim($project['contacts']) != '') { $contacts_employer = unserialize($project['contacts']); $empty_contacts_employer = 0; foreach ($contacts_employer as $name => $contact) { if (trim($contact['value']) == '') { $empty_contacts_employer++; } } $is_contacts_employer_empty = count($contacts_employer) == $empty_contacts_employer; } $isPreview = true; $project_exRates = project_exrates::GetAll(); $translate_exRates = array(0 => 2, 1 => 3, 2 => 4, 3 => 1); ob_start(); include $_SERVER['DOCUMENT_ROOT'] . '/public/new/tpl.preview.php'; ?> <?php $htmlProject = ob_get_clean(); $objResponse->assign('project_preview_lenta', 'innerHTML', $htmlLenta); $objResponse->assign('project_preview_content', 'innerHTML', $htmlProject); $objResponse->script('Public.showPreview()'); return $objResponse; }
} } } } elseif (strlen($img->tmp_name) != 0) { $err = 'Пустой файл'; $error = true; } elseif ($img->error) { $err = $img->error[0]; $error = true; } } if ($error) { $js_error_callback_func = "parent.upload.error('{$err}')"; } else { $link = WDCPREFIX . '/' . $dir . $pictname; $name = __paramValue('string', $_FILES['upload_file']['name']); $maxLen = 25; // сокращаем название файла, сохраняя расширение if (strlen($name) > $maxLen) { $arr = explode('.', $name); $ext = array_pop($arr); $name = preg_replace("/.{$ext}\$/", '', $name); $name = substr($name, 0, $maxLen) . '...'; $name = $name . '.' . $ext; } $js_callback_func = "parent.upload.view('{$name}', '{$link}', '{$id_upload}')"; } break; default: break; }
public function getNamePageUri($uri) { $url = @parse_url($uri); if ($url['path'] == '/') { return ''; } $page = explode('/', $url['path']); $page = $page[0] != '' ? $page[0] : $page[1]; return __paramValue('string', $page); }
$delete = array(); foreach ($_POST['name'] as $cTypeKey => $cTypeName) { if (!trim($cTypeName)) { continue; } $ctID = __paramValue('int', $_POST['id'][$cTypeKey]); $ctName = trim(__paramValue('string', $_POST['name'][$cTypeKey])); $ctTextarea = __paramValue('bool', $_POST['textarea'][$cTypeKey]); $ctRequired = __paramValue('bool', $_POST['required'][$cTypeKey]); $ctPos = __paramValue('int', $_POST['pos'][$cTypeKey]); if ($ctPos > 99) { $ctPos = 99; } elseif ($ctPos < -99) { $ctPos = -99; } elseif (!$ctPos) { $ctPos = 1; } $ctDel = __paramValue('int', $_POST['del'][$cTypeKey]); if (!$ctID && !$ctDel) { $add[] = array('name' => $ctName, 'textarea' => $ctTextarea, 'required' => $ctRequired, 'pos' => $ctPos); } elseif ($ctDel && $ctID) { $delete[] = array('id' => $ctID); } elseif ($ctID && !$ctDel) { $edit[] = array('id' => $ctID, 'name' => $ctName, 'textarea' => $ctTextarea, 'required' => $ctRequired, 'pos' => $ctPos); } } projects_complains::updateTypes($add, $edit, $delete, $moder); } $complainTypes = projects_complains::getTypes($moder, false); $css_file = array('moderation.css', 'nav.css'); include $rpath . 'template.php';
/** * Сохранение проекта в черновики (новый шаблон) * * @param array $prj Информация о проекте * @return array ['id'] - ID черновика, ['date'] - дата сохранения черновика */ function SaveProjectNew($prj, $attachedfiles_files = false) { global $DB; require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/attachedfiles.php"; $categories = ""; $check = array(); for ($i = 0; $i <= 2; $i++) { $catID = __paramValue('int', $prj['project_profession' . $i . '_columns'][0]); $subcatID = __paramValue('int', $prj['project_profession' . $i . '_spec_columns'][0]); if ($catID || $subcatID) { $categories .= $catID . '|' . $subcatID . ','; } } $categories = preg_replace("/,\$/", "", $categories); if ($prj['name'] === false) { $prj['name'] = ''; } if ($prj['descr'] === false) { $prj['descr'] = ''; } if (!$prj['end_date']) { $prj['end_date'] = NULL; } if (!$prj['win_date']) { $prj['win_date'] = NULL; } $prj['budget_type'] = intval($prj['budget_type']); if (!intval($prj['draft_prj_id'])) { $prj['prj_id'] = NULL; } else { $prj['prj_id'] = $prj['draft_prj_id']; } $prj['draft_id'] = intval($prj['draft_id']); if (!isset($prj['kind'])) { $prj['kind'] = 7; } $prj['cost'] = $prj['agreement'] ? 0 : floatval($prj['cost']); $date = date("Y-m-d H:i:s"); $prj['strong_top'] = hasPermissions('projects') ? (int) $prj['strong_top'] : 0; $prj['verify_only'] = (bool) $prj['verify_only']; // платные опции $prj['urgent'] = (bool) $prj['urgent']; $prj['hide'] = (bool) $prj['hide']; $topDays = $prj['top_ok'] ? $prj['top_days'] : 0; if ($prj['logo_ok']) { $logoAttach = new attachedfiles($prj['logo_attachedfiles_session']); $logoFiles = $logoAttach->getFiles(); if (is_array($logoFiles) && count($logoFiles)) { $logoFile = array_pop($logoFiles); // файлов может быть несколько, берем последний $logoAttach->setStatusTo3($logoFile['id']); $logoFileID = $logoFile['id']; } elseif ($prj['logo_file_id']) { $logoFileID = $prj['logo_file_id']; } $logoLink = $prj['link']; } if (self::isDraftExists($prj['draft_id'], $prj['uid'], 1, $prj['prj_id'])) { $sql = "UPDATE draft_projects SET \n name = ?u,\n descr = ?u,\n cost = ?,\n currency = ?i,\n kind = ?i,\n pro_only = ?,\n strong_top = ?i,\n end_date = ?,\n win_date = ?,\n country = ?i,\n city = ?i,\n categories = ?,\n date = ?,\n prj_id = ?,\n priceby = ?i,\n prefer_sbr = ?,\n budget_type = ?i,\n verify_only = ?,\n urgent = ?,\n hide = ?,\n top_days = ?i,\n logo_id = ?,\n logo_link = ?,\n contacts = ?\n WHERE (id=? OR prj_id=?)AND uid=?i"; $DB->query($sql, $prj['name'], $prj['descr'], $prj['cost'], $prj['currency_db_id'], $prj['kind'], $prj['pro_only'] == 1 ? 't' : 'f', $prj['strong_top'], $prj['end_date'], $prj['win_date'], (int) $prj['project_location_columns'][0], (int) $prj['project_location_columns'][1], $categories, $date, $prj['prj_id'], intval($prj['priceby_db_id']), $prj['prefer_sbr'] == 1 ? 't' : 'f', $prj['budget_type'], $prj['verify_only'], $prj['urgent'], $prj['hide'], $topDays, $logoFileID, $logoLink, $prj['contacts'], $prj['draft_id'], $prj['prj_id'], $prj['uid']); $id = $prj['draft_id']; } else { $new_draft = true; $sql = "INSERT INTO draft_projects (\n name,\n descr,\n cost,\n currency,\n kind,\n pro_only,\n end_date,\n win_date,\n country,\n city,\n categories,\n date,\n uid,\n prj_id,\n priceby,\n prefer_sbr,\n budget_type,\n strong_top,\n verify_only,\n urgent,\n hide, \n top_days,\n logo_id,\n logo_link,\n contacts\n ) VALUES (\n ?u,\n ?u,\n ?,\n ?i,\n ?i,\n ?,\n ?,\n ?,\n ?i,\n ?i,\n ?,\n ?,\n ?i,\n ?,\n ?i,\n ?,\n ?i,\n ?i,\n ?,\n ?,\n ?,\n ?i,\n ?,\n ?,\n ?\n ) RETURNING id;"; $id = $DB->val($sql, $prj['name'], $prj['descr'], $prj['cost'], $prj['currency_db_id'], $prj['kind'], $prj['pro_only'] == 1 ? 't' : 'f', $prj['end_date'], $prj['win_date'], (int) $prj['project_location_columns'][0], (int) $prj['project_location_columns'][1], $categories, $date, $prj['uid'], $prj['prj_id'], intval($prj['priceby_db_id']), $prj['prefer_sbr'] == 1 ? 't' : 'f', $prj['budget_type'], (int) $prj['strong_top'], $prj['verify_only'], $prj['urgent'], $prj['hide'], $topDays, $logoFileID, $logoLink, $prj['contacts']); } // - BEGIN атачи if (!$attachedfiles_files) { require_once $_SERVER['DOCUMENT_ROOT'] . "/classes//uploader/uploader.php"; $mask_files = array(1, 3); $uploader = new uploader(current($prj['IDResource'])); $attachedfiles_files = $uploader->getFiles($mask_files); } $file_id = array(); // массив с ID файлов которые не надо удалять $noDeletedFiles = array(); foreach ($attachedfiles_files as $attachedfiles_file) { $noDeletedFiles[] = $attachedfiles_file['id']; // старые файлы не трогаем if ($attachedfiles_file['status'] == 3) { continue; } if (in_array($f->id, $file_id)) { continue; } // Чтобы не было дублей $file_id[] = $f->id; $f = new CFile($attachedfiles_file['id']); $f->table = 'file'; $f->makeLink(); $sql = "INSERT INTO draft_attaches(draft_id, draft_type, file_id) VALUES(?i, 4, ?i)"; $DB->hold()->query($sql, $id, $f->id); } if ($DB->sqls) { $DB->query(); } if ($uploader && $attachedfiles_files) { $uploader->setStatusFiles(uploader::STATUS_CREATE, uploader::STATUS_ADDED); } $sqlNoDeletedFiles = count($noDeletedFiles) ? $DB->parse('AND file_id NOT IN (?l)', $noDeletedFiles) : ''; $sql = "SELECT * FROM draft_attaches WHERE draft_id = ?i AND draft_type = 4 {$sqlNoDeletedFiles};"; $files = $DB->rows($sql, $id, $noDeletedFiles); if ($files) { foreach ($files as $f) { $cf = new CFile($f['file_id']); $cf->table = 'file'; $cf->Delete($cf->id); } } $sql = "DELETE FROM draft_attaches WHERE draft_id = ?i AND draft_type = 4 {$sqlNoDeletedFiles};"; $DB->query($sql, $id, array()); // - END атачи $_SESSION['drafts_count'] = drafts::getCount($msg['uid']); return array('id' => $id, 'date' => $date); }
} // если задана определенная ширина изображения if ($sharpImageWidth && $cFile->image_size['width'] != $sharpImageWidth) { $file['error'] = "Ширина изображения не соответствует требуемой"; } if ($cFile->size == 0) { $file['error'] = "Пустой файл"; } if (!$file['error']) { $cFile->MoveUploadedFile($dir); if ($cFile->id) { if ($file['error']) { $cFile->Delete($cFile->id); } else { $fileinfo = $attachedfiles->add($cFile); $file['orig_name'] = __paramValue('string', $fileinfo['orig_name']); $file['id'] = md5($fileinfo['id']); $file['name'] = $fileinfo['name']; $file['path'] = $fileinfo['path']; $file['size'] = $fileinfo['size']; $file['tsize'] = ConvertBtoMB($fileinfo['size']); $file['type'] = $fileinfo['type']; $file['session'] = $sess; } } else { if ($_FILES['attachedfiles_file']['size'] > $max_files_size) { $file['error'] = "Максимальный объем файлов: " . ConvertBtoMB($max_files_size); } else { $file['error'] = $cFile->error; } }
/** * ƒобавить название проекта дл¤ публикации с лендинга * * @param type $name * @return type */ public function addLandingProject($name) { $name = __paramValue('html', $name, 60, true); return $this->db()->insert($this->TABLE, array('name' => $name), 'id'); }
} $id = __paramInit('html', null, 'id'); $article = articles::getArticle($id, $uid); $_POST['title'] = iconv('UTF-8', 'CP1251', $_POST['title']); $_POST['short'] = iconv('UTF-8', 'CP1251', $_POST['short']); // $title = str_replace("\\", "\", $title); $title = __paramInit('htmltext', null, 'title', null, articles::ARTICLE_MAX_TITLELENGTH); $short = __paramInit('html', null, 'short'); //$short = change_q_x($short, false, true); // $msgtext = __paramInit('html', null, 'msgtext'); // $msgtext = change_q_x($_POST['msgtext'], FALSE, TRUE, "b|div.*?|meta|strong|br\s?\/?|i|em|p|ul|ol|li|s|h[1-6]{1}", false, false); $sAdmTags = hasPermissions('articles') ? '<img>' : ''; //$msgtext = $_POST['msgtext']; //$msgtext = strip_tags( $msgtext, '<p><b><strong><i><em><br><ul><li><ol><h1><h2><h3><h4><h5><h6><a><noindex><strike>' . $sAdmTags ); $msgtext = iconv('UTF-8', 'CP1251', $_POST['msgtext']); $msgtext = __paramValue('ckeditor', $msgtext); $image = __paramInit('html', null, 'attached'); $logo = __paramInit('html', null, 'logo'); $rmlogo = __paramInit('html', null, 'rmlogo'); $page_view = __paramInit('html', null, 'page_view'); if (trim($short) == '') { $alert['short'] = 'Поле не должно быть пустым!'; } if (trim($msgtext) == '') { $alert['msgtext'] = 'Поле не должно быть пустым!'; } if (trim($title) == '') { $alert['title'] = 'Поле не должно быть пустым!'; } if (!$image && !$logo) { $alert['logo'] = 'Вы должны загрузить изображение!';
function aClearCloneLogPSKB($lc_id, $query, $logname) { require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/sbr_meta.php'; $lc_id = __paramValue('int', $lc_id); $objResponse = new xajaxResponse(); if (!hasPermissions('sbr')) { return $objResponse; } $log_pskb = new log_pskb(); $clear = $log_pskb->clearCloneData($lc_id); if ($clear) { $objResponse->call('alert', 'Дублирующие записи удалены'); } else { $objResponse->call('alert', 'Ошибка удаления дублирующих записей'); } return aFindLogPSKB($lc_id, $query, $logname); }
/** * Сохраняет/редактирует направление * * @param array $info - данные * @return object xajaxResponse */ function saveDirectForm($info) { global $GLOBALS; session_start(); if (!hasPermissions('seo')) { return false; } $objResponse = new xajaxResponse(); $seo = new seo($_SESSION['subdomain']); if (trim($info['name_section']) == "") { $objResponse->script("alert('Введите название направления');"); $objResponse->script("\$('name_section').focus();"); return $objResponse; } if (preg_match('/[^A-Za-z0-9_\\-]/', $info['name_section_link']) || trim($info['name_section_link']) == "") { $objResponse->script("alert('Название ссылки должно содержать только латинские буквы, цифры, нижнее подчеркивание или тире');"); $objResponse->script("\$('name_section_link').focus();"); return $objResponse; } if ($seo->checkLink('direct', $info['name_section_link'], $info['id'])) { $objResponse->script("alert('Направление с такой ссылкой уже есть');"); $objResponse->script("\$('name_section_link').focus();"); return $objResponse; } $saved_disable_link_processing = $GLOBALS['disable_link_processing']; $GLOBALS['disable_link_processing'] = TRUE; $data = array("dir_name" => (string) change_q_x($info['name_section'], true), "name_section_link" => (string) change_q_x($info['name_section_link'], true), "meta_description" => (string) change_q_x($info['meta_description'], true), "meta_keywords" => (string) change_q_x($info['meta_keywords'], true), "page_content" => (string) __paramValue('ckeditor', $info['content'])); $GLOBALS['disable_link_processing'] = $saved_disable_link_processing; if (!$info['id']) { $data['date_create'] = 'NOW()'; } else { $data['date_modified'] = 'NOW()'; } $newid = $seo->saveDirection($data, $info['id']); if (!$info['id'] && $newid) { $url = array(); $url['direction'] = $newid; if ($info['name_section_link']) { $url['direction'] = $info['name_section_link']; } if ($_SESSION['subdomain']) { $url['subdomain'] = $_SESSION['subdomain']; } $url['msgok'] = 3; $url = "/catalog/admin/?" . http_build_query($url); $objResponse->redirect($url); } elseif ($info['id'] && $newid) { $url['direction'] = $info['name_section_link']; if ($_SESSION['subdomain']) { $url['subdomain'] = $_SESSION['subdomain']; } $url['msgok'] = 4; $url = "/catalog/admin/?" . http_build_query($url); $objResponse->redirect($url); } else { $objResponse->alert('Ошибка'); } return $objResponse; }
/** * Добавление предложения к проекту. * * @param integer $user_id id фрилансера * @param integer $prj_id id проекта * @param integer $cost_from цена ОТ * @param integer $cost_to цена ДО * @param integer $cost_type валюта цены * @param integer $time_from время ОТ * @param integer $time_to время ДО * @param integer $time_type тип времени (0 - часы, 1 - дни. 2 - месяцы) * @param string $text текст предложения * @param string $work1_id id 1 прикрепленной работы * @param string $work2_id id 2 прикрепленной работы * @param string $work3_id id 3 прикрепленной работы * @param string $work1_link ссылка на 1 прикрепленную работы * @param string $work2_link ссылка на 2 прикрепленную работы * @param string $work3_link ссылка на 3 прикрепленную работы * @param string $work1_name название 1 прикрепленной работы * @param string $work2_name название 2 прикрепленной работы * @param string $work3_name название 3 прикрепленной работы * @param array $work1_pict файл 1 работы * @param array $work2_pict файл 2 работы * @param array $work3_pict файл 3 работы * @param array $work1_prev_pict файл превью 1 работы * @param array $work2_prev_pict файл превью 2 работы * @param array $work3_prev_pict файл превью 3 работы * @param boolean $for_customer_only показывать предложение только работоадетлю * @param integer $dialogueId id ветки диалога * @param integer $emp_read прочитано работодателем или нет * @param boolean $prefer_sbr предпочитаю работать с СБР * @param boolean $auto 0 или ID автоответа (не обновляется) * @param integer $moduser_id UID пользователя (админа), изменяющего предложение. если null - то $user_id id фрилансера * @param string modified_reason Причина редактирования * * @return string текст ошибки в случае неуспеха */ public function AddOffer($user_id, $prj_id, $cost_from, $cost_to, $cost_type, $time_from, $time_to, $time_type, $text, $work1_id, $work2_id, $work3_id, $work1_link, $work2_link, $work3_link, $work1_name, $work2_name, $work3_name, $work1_pict, $work2_pict, $work3_pict, $work1_prev_pict, $work2_prev_pict, $work3_prev_pict, $for_customer_only = false, $dialogueId = 0, $emp_read = 0, $prefer_sbr = false, $is_color = false, $contacts = null, $payed_items = '0', $auto = 0, $moduser_id = null, $modified_reason = '') { global $DB; $obj_portfolio = new portfolio(); $obj_dialogue = new projects_offers_dialogue(); if ((int) $user_id <= 0 || (int) $prj_id <= 0) { return false; } $is_color = $is_color ? 't' : 'f'; if ($cost_from < 0 && $cost_from !== '') { $cost_from = 0; //$error = 'Начальная стоимость должна быть положительным числом.'; } if ($cost_to < 0 && $cost_to !== '') { $cost_to = 0; //$error = 'Конечная стоимость должна быть положительным числом.'; } if ($cost_to !== '' && $cost_from !== '' && ($cost_to < $cost_from && $cost_to > 0)) { $wrk = $cost_to; $cost_to = $cost_from; $cost_from = $wrk; } if ($time_from < 0 && $time_from !== '') { $time_from = 0; } if ($time_to < 0 && $time_to !== '') { $time_to = 0; } if ($time_to !== '' && $time_from !== '' && $time_to < $time_from && intval($time_to) > 0) { $wrk = $time_to; $time_to = $time_from; $time_from = $wrk; } $prj_id = intval($prj_id); $user_id = intval($user_id); $cost_from = floatval(str_replace(',', '.', str_replace(' ', '', $cost_from))); $cost_to = floatval(str_replace(',', '.', str_replace(' ', '', $cost_to))); $cost_type = intval($cost_type); $time_from = intval($time_from); $time_to = intval($time_to); $time_type = intval($time_type); $text = __paramValue('string', $text); $text = str_replace("\r\n", "\n", $text); // Cчитается как два символа -- поэтому надо заменить на один, чтобы при подсчете символов последние символы не обрезались //$text = preg_replace("/(\r\n|\r|\n){3,100}/i", "\r\n\r\n", $text);//trim(substr(change_q(trim($text), true, 90), 0, 3000)); $for_customer_only = $for_customer_only ? 't' : 'f'; $prefer_sbr = $prefer_sbr ? 't' : 'f'; $work1_id = intval($work1_id); $work2_id = intval($work2_id); $work3_id = intval($work3_id); $work1_pict = substr(change_q(trim($work1_pict), false, 25), 0, 24); $work2_pict = substr(change_q(trim($work2_pict), false, 25), 0, 24); $work3_pict = substr(change_q(trim($work3_pict), false, 25), 0, 24); $work1_prev_pict = substr(change_q(trim($work1_prev_pict), false, 30), 0, 29); $work2_prev_pict = substr(change_q(trim($work2_prev_pict), false, 30), 0, 29); $work3_prev_pict = substr(change_q(trim($work3_prev_pict), false, 30), 0, 29); $work1_pict = $work1_pict == '' && $work1_prev_pict != '' ? $work1_prev_pict : $work1_pict; $work2_pict = $work2_pict == '' && $work2_prev_pict != '' ? $work2_prev_pict : $work2_pict; $work3_pict = $work3_pict == '' && $work3_prev_pict != '' ? $work3_prev_pict : $work3_pict; $moduser_id = $moduser_id ? $moduser_id : $user_id; $payed_items = $payed_items == '1' ? $payed_items : '0'; $sql = "SELECT po.*, pb.id IS NOT NULL AS is_blocked \n FROM projects_offers AS po\n LEFT JOIN projects_offers_blocked pb ON pb.src_id = po.id\n WHERE po.project_id = '{$prj_id}' AND po.user_id = " . $user_id; $po = $DB->row($sql, $prj_id, $user_id); if ($DB->error) { return $DB->error; } $sql = 'SELECT e.is_pro FROM projects p INNER JOIN employer e ON e.uid = p.user_id WHERE p.id = ?i'; $emp_is_pro = $DB->val($sql, $prj_id); if ($po['is_blocked'] == 't' && $moduser_id == $user_id) { return 'OfferIsBlocked'; } $slashedText = addslashes($text); if ($po['id']) { if ($po['refused'] == 't' && $moduser_id == $user_id) { return 403; } $sql = ''; $sModer = ''; if ($emp_is_pro != 't' && $moduser_id == $user_id && !hasPermissions('projects') && !is_pro() && ($po['descr'] != $slashedText || $po['pict1'] != $work1_pict && !empty($work1_pict) || $po['pict2'] != $work2_pict && !empty($work2_pict) || $po['pict3'] != $work3_pict && !empty($work3_pict) || $po['prev_pict1'] != $work1_prev_pict && !empty($work1_prev_pict) || $po['prev_pict2'] != $work2_prev_pict && !empty($work2_prev_pict) || $po['prev_pict3'] != $work3_prev_pict && !empty($work3_prev_pict))) { // автор, не админ, не про меняет заголовок либо текст - отправить на модерирование require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/stop_words.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/user_content.php'; $stop_words = new stop_words(); $nStopWordsCnt = $stop_words->calculate($slashedText); $sModer = ' , moderator_status =' . ($nStopWordsCnt ? ' 0 ' : ' NULL '); if ($nStopWordsCnt) { // если есть что то подозрительное - на модерирование $DB->insert('moderation', array('rec_id' => $po['id'], 'rec_type' => user_content::MODER_PRJ_OFFERS, 'stop_words_cnt' => $nStopWordsCnt)); } else { // иначе на модерирование не отправляем $DB->query('DELETE FROM moderation WHERE rec_id = ?i AND rec_type = ?i;', $po['id'], user_content::MODER_PRJ_OFFERS); } } $sql .= "UPDATE projects_offers SET\n descr = '{$slashedText}',\n cost_from = {$cost_from},\n cost_to = {$cost_to},\n cost_type = {$cost_type},\n time_from = {$time_from},\n time_to = {$time_to},\n time_type = {$time_type},\n portf_id1 = '{$work1_id}',\n portf_id2 = '{$work2_id}',\n portf_id3 = '{$work3_id}',\n pict1 = '{$work1_pict}',\n pict2 = '{$work2_pict}',\n pict3 = '{$work3_pict}',\n prev_pict1 = '{$work1_prev_pict}',\n prev_pict2 = '{$work2_prev_pict}',\n prev_pict3 = '{$work3_prev_pict}',\n only_4_cust = '{$for_customer_only}',\n prefer_sbr = '{$prefer_sbr}',\n po_emp_read = '{$emp_read}',\n is_color = '{$is_color}',\n payed_items = B'{$payed_items}',\n moduser_id = {$moduser_id}, \n modified_reason = '{$modified_reason}',\n " . ($contacts !== null ? "offer_contacts = '{$contacts}'," : '') . "\n modified = now() \n {$sModer} \n WHERE id = {$po['id']} AND refused = false"; $this->offer_id = $po['id']; $DB->squery($sql); $error = $DB->error; if ($dialogueId) { $error .= $obj_dialogue->SaveDialogueMessage($user_id, $text, $dialogueId, 0, true, $moduser_id); $authorId = $DB->val('SELECT user_id FROM projects WHERE id = ?', $prj_id); $memBuff = new memBuff(); $memBuff->delete("prjEventsCnt{$authorId}"); } return $error; } else { $nStopWordsCnt = 0; if ($emp_is_pro != 't' && !is_pro()) { // если нужно считаем стоп-слова require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/stop_words.php'; $stop_words = new stop_words(); $nStopWordsCnt = $stop_words->calculate($slashedText); } include_once $_SERVER['DOCUMENT_ROOT'] . '/classes/projects_offers_answers.php'; $sModVal = !is_pro() && $emp_is_pro != 't' && $nStopWordsCnt ? '0' : 'NULL'; $sql = "INSERT INTO projects_offers (project_id, user_id, cost_from, cost_to, cost_type, time_from, time_to, time_type, portf_id1, portf_id2, portf_id3, pict1, pict2, pict3, prev_pict1, prev_pict2, prev_pict3, only_4_cust, prefer_sbr, po_emp_read, descr, is_color, payed_items, offer_contacts, po_frl_read, moderator_status, auto)\n ( SELECT {$prj_id}, {$user_id}, {$cost_from}, {$cost_to}, {$cost_type}, {$time_from}, {$time_to}, {$time_type}, '{$work1_id}', '{$work2_id}', '{$work3_id}', '{$work1_pict}', '{$work2_pict}', '{$work3_pict}', '{$work1_prev_pict}', '{$work2_prev_pict}', '{$work3_prev_pict}', '{$for_customer_only}', '{$prefer_sbr}', '{$emp_read}', '{$slashedText}', '{$is_color}', B'{$payed_items}', '{$contacts}', TRUE, {$sModVal}, {$auto} \n WHERE NOT EXISTS(SELECT 1 FROM projects_blocked WHERE project_id = {$prj_id}) ); \n SELECT currval('projects_offers_id_seq');"; $po_id = $DB->val($sql); $error = $DB->error; $this->offer_id = $po_id; if ($po_id) { if ($emp_is_pro != 't' && !is_pro() && $nStopWordsCnt) { require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/user_content.php'; $DB->insert('moderation', array('rec_id' => $po_id, 'rec_type' => user_content::MODER_PRJ_OFFERS, 'stop_words_cnt' => $nStopWordsCnt)); } $error .= $obj_dialogue->AddDialogueMessage($po_id, $user_id, $text, true, false, true); } if (!$error) { $_SESSION['po_count'] = (int) $_SESSION['po_count'] + 1; } return $error; } }
exit; } $result = array(); $result['success'] = false; $login = __paramInit('string', null, 'login'); $id = __paramInit('int', null, 'id'); $is_jury = intval($_POST['is_jury']) == 1 ? 't' : 'f'; include_once $_SERVER['DOCUMENT_ROOT'] . '/classes/users.php'; $user = new users(); $user->GetUser($login); // $txt = change_q_x(stripslashes($_POST['txt']), FALSE, false, 'b|br\s?\/?|i|p|ul|li|cut|s|h[1-6]{1}|img id="\d+"|p class="[qa]"', false, false); // $txt = pg_escape_string(stripslashes($_POST['txt'])); // // $txt = strip_tags($txt, '<p><b><strong><i><em><br><ul><li><ol><h1><h2><h3><h4><h5><h6><img><a><noindex>'); $txt = iconv('UTF-8', 'CP1251', $_POST['txt']); $txt = __paramValue('ckedit', $txt); if (!$login || !$user->uid) { $alert['login'] = '******'; } if (!$txt || $txt == '' || is_empty_html($txt)) { $alert['txt'] = 'Поле не должно быть пустым.'; } $attached = isset($_POST['attached']) ? $_POST['attached'] : array(); $rmfiles = isset($_POST['rmattaches']) && count($_POST['rmattaches']) ? $_POST['rmattaches'] : null; $int = new interview(); $files = new CFile(); if (!isset($alert)) { $interview = $int->getInterview($uid, $id); /* Обновление интервью */ if (!$int->updateInterview($id, $user->uid, $txt, $attached, $is_jury)) { $alert['alert'] = 'Невозможно изменить запись.';