/**
* Добавляем сессию.
*
* @param $session
*/
public function addNewSession($session = false)
{
if (!$session) {
$session = $this->createSessionID();
}
array_push($this->session, __paramValue('string', $session));
}
function savewysiwygAction()
{
$db = front::og("db");
$alias = front::$_req["alias"];
// проверяем права (могут быть разные для разных страниц)
switch ($alias) {
default:
$permission = null;
}
if (!$permission || !hasPermissions($permission)) {
return;
}
$text = front::$_req["form"]["n_text"];
$text = iconv('UTF-8', 'CP1251', $text);
$text = __paramValue('ckedit', $text);
$title = front::$_req["form"]["title"];
$title = iconv('UTF-8', 'CP1251', $title);
$title = __paramValue('string', $title);
$save = array("title" => $title, "n_text" => $text);
if ($alias) {
$aff = $db->update("UPDATE static_pages SET ?s WHERE (alias = ?)", $save, $alias);
if (!$aff) {
$save["alias"] = $alias;
$db->insert("static_pages", $save, false);
}
}
echo json_encode(array("success" => true, "alias" => $alias));
}
public function savewysiwygAction()
{
$db = front::og('db');
$alias = front::$_req['alias'];
// проверяем права (могут быть разные для разных страниц)
switch ($alias) {
default:
$permission = null;
}
if (!$permission || !hasPermissions($permission)) {
return;
}
$text = front::$_req['form']['n_text'];
$text = iconv('UTF-8', 'CP1251', $text);
$text = __paramValue('ckedit', $text);
$title = front::$_req['form']['title'];
$title = iconv('UTF-8', 'CP1251', $title);
$title = __paramValue('string', $title);
$save = array('title' => $title, 'n_text' => $text);
if ($alias) {
$aff = $db->update('UPDATE static_pages SET ?s WHERE (alias = ?)', $save, $alias);
if (!$aff) {
$save['alias'] = $alias;
$db->insert('static_pages', $save, false);
}
}
echo json_encode(array('success' => true, 'alias' => $alias));
}
/**
* Инициализация блока.
*
* @param string $name @see self::$name
* @param string $link @see self::$name
* @param string $text @see self::$name
*/
public function initBlock($name = null, $link = null, $text = null)
{
$this->name = stripcslashes(__paramValue('string', $name));
$this->link = stripslashes(__paramValue('string', $link));
$this->text = stripcslashes(__paramValue($this->isWysiwyg() ? 'ckeditor' : 'html', $text));
if (!$this->validateLink()) {
$this->_error['link'] = true;
}
}
/**
* Прослушиваем входящие запросы
* В настоящий момент входящий запрос один.
*
* @param type $request
*/
public function listener($request)
{
if ($request['msisdn'] == '') {
header('HTTP/1.0 400 Bad Request');
exit;
}
$insert = array('msisdn' => __paramValue('string', $request['msisdn']), 'data' => __paramValue('string', $request['data']), 'dlr_status' => sms_gate::STATUS_DELIVERED);
$sms_id = $this->_db->insert('sms_gate_server', $insert, 'id');
echo $sms_id;
// $params = array(
// 'sms_id' => $sms_id,
// 'dlr_status' => $insert['dlr_status']
// );
// $this->report($params, 'dlr');
}
/**
* Добавляет жалобу на проект.
*
* @param integer $project_id ID проекта
* @param integer $user_id ID пользователя
* @param integer $type тип жалобы
* @param string $msg текст жалобы
* @param string $files имена загруженных скриншотов
*
* @return xajax responce
*/
function SendComplain($project_id, $type, $msg, $files)
{
global $session;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/uploader/uploader.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/projects_complains.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/userecho.php';
$objResponse = new xajaxResponse();
$project_id = (int) $project_id;
$user_id = get_uid(false);
$type = (int) $type;
$msg = __paramValue('htmltext', $msg);
$error = false;
$project = new projects();
$prj = $project->GetPrj(0, $project_id, 1);
$file_list = array();
if ($files != '') {
$files = uploader::sgetFiles($files);
if (!empty($files)) {
$emp = new users();
$emp->GetUser($emp->GetField($prj['user_id'], $ee, 'login'));
$dir = 'users/' . substr($emp->login, 0, 2) . '/' . $emp->login . '/upload/';
foreach ($files as $file) {
$copy = uploader::remoteCopy($file['id'], 'file_projects', $dir);
$rfiles[] = $copy->name;
$file_list[] = array('name' => $copy->original_name, 'link' => WDCPREFIX . '/' . $copy->path . $copy->name);
}
$files = implode(',', $rfiles);
} else {
$files = '';
}
}
if (!$files) {
$files = '';
}
if (projects::IsHaveComplainType($project_id, $user_id, $type)) {
// Уже жаловался
return $objResponse;
}
$projects_complains = new projects_complains();
$type_name = $projects_complains->GetComplainType($type);
$project_url = getAbsUrl(getFriendlyURL('project', $project_id));
$is_moder = $projects_complains->isComplainTypeModer($type);
if ($is_moder) {
$userEcho = new UserEcho();
$topic_message = $userEcho->constructMessage($project_url, $prj['name'], $msg, $file_list);
$topicUrl = $userEcho->newTopicComplain($type_name, $topic_message, $file_list);
if ($topicUrl) {
messages::sendProjectComplain($user_id, $project_url, $prj['name'], $msg, $topicUrl);
} else {
$error = true;
}
}
if (!$error) {
$error = projects::AddComplain($project_id, $user_id, $type, $msg, $files, $is_moder && $topicUrl);
}
if ($error) {
$objResponse->script("\$('abuse_project_popup').toggleClass('b-shadow_hide');");
if ($is_moder) {
$objResponse->script("\$('abuse-cause-error').removeClass('b-layout__txt_hide'); abuseResetSelection();");
} else {
$objResponse->script("\$\$('.abuse-btn-send').removeClass('b-button_rectangle_color_disable')");
}
} else {
$upl = array('umask' => uploader::umask('prj_abuse'), 'validation' => array('allowedExtensions' => array('jpg', 'gif', 'png', 'jpeg'), 'restrictedExtensions' => array()), 'text' => array('uploadButton' => iconv('cp1251', 'utf8', 'Прикрепить файлы')));
$objResponse->script("\n \$('abuse{$type}').addClass('abuse-checked');\n \$('abuse{$type}').getChildren().each(function(el) { \$(el).addClass('abuse-checked'); });\n ");
$objResponse->script("uploader.create('abuse_uploader', " . json_encode($upl) . ');');
$objResponse->script("\$('prj_abuse_msg').set('value', '')");
$objResponse->script("\$\$('.abuse-btn-send').removeClass('b-button_disabled')");
$objResponse->script("\$('abuse_project_popup').toggleClass('b-shadow_hide');");
$objResponse->script("\$('project_abuse_success').removeClass('b-layout__txt_hide');");
$objResponse->script("\$('form_abuse').hide();");
$objResponse->script("setTimeout(\"\$('project_abuse_success').addClass('b-layout__txt_hide')\", 5000);");
if ($is_moder) {
$objResponse->script("\$('abuse-cause-error').addClass('b-layout__txt_hide');");
}
}
return $objResponse;
}
/**
* Обработка данных в шаге порфтоило
*
* @return string
*/
public function actionProcessingPortfolio()
{
$error = array();
$type = __paramInit('int', null, 'spec_column_id');
$spec = __paramInit('int', null, 'spec_db_id');
$spec_name = __paramInit('string', null, 'spec');
if ($type == 0) {
$error['spec'] = 'Вы должны выбрать свою специализацию';
} else {
$data['spec_orig'] = professions::GetProfessionOrigin($spec);
}
$data['spec'] = $spec;
$data['exp'] = __paramInit('int', null, 'exp');
$data['cost_hour'] = __paramInit('float', null, 'cost_hour');
$data['cost_type_hour'] = __paramInit('int', null, 'currency_hour_db_id');
$curr_hour_name = __paramInit('string', null, 'currency_hour');
$data['cost_month'] = __paramInit('float', null, 'cost_month');
$data['cost_type_month'] = __paramInit('int', null, 'currency_month_db_id');
$curr_month_name = __paramInit('string', null, 'currency_month');
$data['resume'] = __paramInit('int', null, 'resume_id');
$data['info'] = stripslashes(__paramInit('string', null, 'info', ''));
if (strlen($data['info']) > 4000) {
$error['info'] = 'Исчерпан лимит символов для этого поля (4000 символов)';
}
$data['in_office'] = $_POST['in_office'] == 1 ? 1 : 0;
if ($data['resume'] > 0) {
$resume = new CFile($data['resume']);
}
if ($data['exp'] < 0 || $data['exp'] > step_freelancer::MAX_YEAR_VALUE) {
$error['exp'] = 'Недопустимое значение. Опыт работы должен быть в пределе от 0 до ' . step_freelancer::MAX_YEAR_VALUE . '.';
}
if ($data['cost_hour'] < 0 || $data['cost_hour'] > $this->MAX_COST_HOUR[$data['cost_type_hour']]) {
$error['cost_hour'] = 'Недопустимое значение. Стоимость часа работы должна быть в пределе ' . view_range_cost2(0, $this->MAX_COST_HOUR[$data['cost_type_hour']], '', '', false, $data['cost_type_hour'] . '.');
}
if ($data['cost_month'] < 0 || $data['cost_month'] > $this->MAX_COST_MONTH[$data['cost_type_month']]) {
$error['cost_month'] = 'Недопустимое значение. Стоимость месяца работы должна быть в пределе ' . view_range_cost2(0, $this->MAX_COST_MONTH[$data['cost_type_month']], '', '', false, $data['cost_type_month']) . '.';
}
if (count($error) <= 0) {
$insert['portfolio'] = serialize($data);
$this->parent->saveFieldsInfo($insert);
}
// Обрабатываем порфтолио
if (is_array($_POST['name'])) {
foreach ($_POST['name'] as $k => $value) {
$value = __paramValue('string', stripslashes($value));
$descr = __paramValue('string', stripslashes($_POST['descr'][$k]));
$id = __paramValue('int', $_POST['id'][$k]);
// id работы, если он есть
$link = __paramValue('string', stripslashes($_POST['link'][$k]));
$link = preg_replace("/^http:\\/\\//", "", trim($link));
if ($value == '' && $descr == '' && $link == '' && empty($_POST['pict_id'][$k])) {
continue;
}
if (is_empty_html($value)) {
$error['portf' . $k]['name'] = "Введите название работы";
}
if (strlen($descr) > 1500) {
$error['descr' . $k]['name'] = "Исчерпан лимит символов для этого поля (1500 символов)";
}
if ($link != '' && !url_validate($link)) {
$error['portf' . $k]['link'] = "Поле заполнено некорректно";
}
$portf_insert[] = array("name" => $value, "pict_id" => $_POST['pict_id'][$k] > 0 ? intval($_POST['pict_id'][$k]) : null, "link" => $link, "prof_id" => $spec, "wiz_uid" => $this->getWizardUserID(), "descr" => $descr, "id" => $id);
}
}
if (count($error) <= 0) {
if (count($portf_insert) > 0) {
$ids = $this->createWorks($portf_insert);
}
$this->parent->setCompliteStep(true);
$this->parent->setNextStep($this->parent->getPosition() + 1);
header("Location: /wizard/registration/");
exit;
}
$this->request = $data;
$this->portf_insert = $portf_insert;
return $error;
}
/**
* Сохранение поста в сообществах
*
* @param object $objResponse xajaxResponse
* @param string $rec_id идентификатор записи
* @param string $rec_type тип записи
* @param array $aForm массив данных
* @param string $sDrawFunc имя функции для выполнения после сохранения
*/
function _admEditCommunityPostSaveForm(&$objResponse, $rec_id = '', $rec_type = '', $aForm = array(), $sDrawFunc = '')
{
// инициализация
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/commune.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/attachedfiles.php';
$aForm['title'] = antispam(change_q_x($aForm['title'], true, false));
$aForm['title'] = substr($aForm['title'], 0, 256);
$aForm['title'] = $aForm['title'] === false ? '' : $aForm['title'];
$aForm['youtube_link'] = change_q_x($aForm['youtube_link'], false, true, null, false, false);
$aForm['question'] = trim(change_q_x($aForm['question'], true));
$aForm['close_comments'] = isset($aForm['close_comments']) ? $aForm['close_comments'] : 0;
$aForm['is_private'] = isset($aForm['is_private']) ? $aForm['is_private'] : 0;
$aForm['answers'] = is_array($aForm['answers']) ? $aForm['answers'] : array();
$aForm['answers_exists'] = is_array($aForm['answers_exists']) ? $aForm['answers_exists'] : array();
$question = change_q_x_a(antispam(preg_replace('/&/', '&', $aForm['question'])), false, false, '');
$multiple = (bool) $aForm['multiple'];
$answers = array();
$answers_exists = array();
$acount = 0;
$alert = array();
$attachedfiles = new attachedfiles($aForm['attachedfiles_session']);
if (commune::IS_NEW_WYSIWYG) {
$aForm['msgtext'] = __paramValue('ckedit', antispam($aForm['msgtext']));
$aForm['msgtext'] = stripslashes($aForm['msgtext']);
} else {
$aForm['msgtext'] = __paramValue('wysiwyg_tidy', antispam($aForm['msgtext']));
}
if ($aForm['answers'] && is_array($aForm['answers'])) {
foreach ($aForm['answers'] as $key => $answer) {
if (($t = substr_entity(change_q_x_a(antispam(preg_replace('/&/', '&', trim((string) $answer))), false, false, ''), 0, commune::POLL_ANSWER_CHARS_MAX * 2, true)) != '') {
$answers[] = $t;
++$acount;
} else {
unset($aForm['answers'][$key]);
}
}
}
if ($aForm['answers_exists'] && is_array($aForm['answers_exists'])) {
foreach ($aForm['answers_exists'] as $key => $answer) {
if (intval($key) && ($t = substr_entity(change_q_x_a(antispam(preg_replace('/&/', '&', trim((string) $answer))), false, false, ''), 0, commune::POLL_ANSWER_CHARS_MAX * 2, true)) != '') {
$answers_exists[intval($key)] = $t;
++$acount;
}
}
}
if (strlen_real($question) > commune::POLL_QUESTION_CHARS_MAX) {
$len = strlen($question);
$rlen = strlen_real($question);
$question = substr($question, 0, $len - ($rlen - commune::POLL_QUESTION_CHARS_MAX));
}
// валидация
if (strlen($_POST['title']) > commune::MSG_TITLE_MAX_LENGTH) {
$alert[1] = 'Количество символов превышает допустимое (' . commune::MSG_TITLE_MAX_LENGTH . ')';
}
if ($aForm['youtube_link'] != '') {
if ($video = video_validate($aForm['youtube_link'])) {
$aForm['youtube_link'] = $video;
} else {
$alert[2] = 'Неверная ссылка';
}
}
if ($acount > 0 && $question == '') {
$alert[3] = 'Введите текст вопроса';
} elseif ($acount > commune::POLL_ANSWERS_MAX && $question != '') {
$alert[3] = 'Вы можете указать максимум ' . commune::POLL_ANSWERS_MAX . ' ответов';
} elseif ($acount < 2 && $question != '') {
$alert[3] = 'Нужно указать минимум 2 варианта ответа';
}
$files_info = $attachedfiles->calcFiles();
if (is_empty_html($aForm['msgtext']) && $question == '' && empty($alert) && !$files_info['count'] && $aForm['youtube_link'] == '') {
$alert[4] = 'Поле заполнено некорректно';
$aForm['msgtext'] = '';
} elseif (strlen($aForm['msgtext']) > commune::MSG_TEXT_MAX_LENGTH) {
$alert[4] = 'Количество символов превышает допустимое';
}
if (!$alert) {
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/messages.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/user_content.php';
commune::CreateMessage($aForm, $aForm['commune_id'], $_SESSION['uid'], $rec_id, null, $question, $answers, $answers_exists, $multiple);
commune::DeleteMarkedAttach($rec_id);
// прикрепленные файлы
$attachedfiles_files = $attachedfiles->getFiles(array(1, 3, 4));
commune::addAttachedFiles($attachedfiles_files, $rec_id, $aForm['user_login'], false);
$attachedfiles->clear();
// !!!TODO: https://beta.free-lance.ru/mantis/view.php?id=19174
$sReason = _parseReason($aForm['user_id'], $aForm['adm_edit_text']);
messages::communityModifiedNotification($rec_id, $rec_type, $aForm['user_login'], $aForm['user_uname'], $aForm['user_usurname'], $sReason);
$content_id = user_content::MODER_COMMUNITY;
_admEditAfterAll($objResponse, $content_id, $rec_id, $rec_type, $sDrawFunc, $aForm);
} else {
_setErrors($objResponse, $alert, array(1 => 'title', 2 => 'youtube_link', 3 => 'question', 4 => 'msg'), $sDrawFunc);
}
}
curl_setopt($ch, CURLOPT_USERPWD, BASIC_AUTH);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
ob_start();
$res = curl_exec($ch);
$complete = ob_get_clean();
header('Location: /bill/');
exit;
}
$_SESSION['post_payment'] = $_POST;
$_SESSION['referer'] = $_SERVER['HTTP_REFERER'];
?>
<h2>Тестовая оплата Веб.Кошелек</h2>
<p>
Оплата услуг аккаунт <?php
echo __paramValue('string', $_POST['nickname']);
?>
, сумма оплаты <?php
echo to_money($_POST['amount'], 2);
?>
рублей
</p>
<form method="POST" />
<input type="submit" name="success" value="Оплатить" />
<input type="submit" name="cancel" value="Отмена" />
<input type="hidden" name="u_token_key" value="<?php
echo $_SESSION['rand'];
?>
"/>
</form>
function MsgDelFile($cid, $file_id)
{
session_start();
$cid = __paramValue('int', $cid);
$file_id = __paramValue('int', $file_id);
// if(!isset($_SESSION['uid'])) return;
$objResponse = new xajaxResponse();
if ($result = commune::DeleteAttach($cid, $file_id, true)) {
$uploaded = commune::GetAttach($cid, true);
$mess['user_login'] = $_SESSION['login'];
$page = TPL_COMMUNE_PATH . '/uploaded_files.php';
ob_start();
include $page;
$html = ob_get_contents();
ob_end_clean();
$objResponse->assign('uploaded_list', 'innerHTML', $html);
$objResponse->script('$("files_block").style.display = "block"');
}
// $objResponse->assign('uploaded_list', 'innerHTML', $error);
return $objResponse;
}
public function prepareRequest($params)
{
foreach ($params as $name => $value) {
switch ($name) {
case 'portf_text':
$params[$name] = __paramValue('html_save_ul_li_b_p_i', trim($params['portf_text']));
break;
case 'old_portf_text':
$params[$name] = __paramValue('html_save_ul_li_b_p_i', trim($params['old_portf_text']));
break;
case 'prof_cost_type_hour_db_id':
case 'prof_cost_type_db_id':
case 'prof_time_type_db_id':
case 'prof_time_from':
case 'prof_time_to':
case 'on_preview':
$params[$name] = intval($value);
break;
case 'prof_cost_hour':
case 'prof_cost_to':
case 'prof_cost_from':
case 'prof_cost1000':
$params[$name] = intval($value * 100) / 100;
break;
}
}
return $params;
}
/**
* Преобработка данных, которые будут использоваться в запросе добавления/редактирования комментария.
*
* @return array
*/
function _new_preMsgSql()
{
$msg = $this->post_msg;
$msg['id'] = intvalPgSql($msg['id']);
$msg['msgtext'] = pg_escape_string(__paramValue('ckeditor', $msg['msgtext']));
//pg_escape_string(change_q_x($msg['msgtext'], false, false, 'b|br|i|p|s|ul|li|h[1-6]')); // !!! вернуть все теги потом.
$msg['yt_link'] = pg_escape_string(change_q_x($msg['yt_link'], true, false));
$msg['parent_id'] = (int) $msg['parent_id'] ? (int) $msg['parent_id'] : 'NULL';
return $msg;
}
/**
* Проверяем контакты введенные пользователем.
*
* @param type $post_contacts
* @param type $contacts
*
* @return string
*/
public static function validateContacts($post_contacts, &$contacts)
{
$error = array();
foreach ($post_contacts as $name => $value) {
if (!isset($contacts[$name])) {
continue;
}
switch ($name) {
case 'phone':
// if (!preg_match('/^[+]*?[0-9\\s]{9,17}$/', $value) && trim($value) != '') {
// $error["contact_{$name}"] = 'Поле заполнено некорректно';
// }
break;
case 'site':
if (!url_validate(ltrim(ltrim($value, 'http://'), 'https://')) && trim($value) != '') {
$error["contact_{$name}"] = 'Поле заполнено некорректно';
}
if (strpos($value, 'htt') === false && trim($value) != '') {
$value = 'http://' . $value;
}
break;
case 'email':
if (!is_email($value) && trim($value) != '') {
$error["contact_{$name}"] = 'Поле заполнено некорректно';
}
break;
}
$contacts[$name]['value'] = __paramValue('htmltext', stripslashes($value));
}
return $error;
}
/**
* Обработка входящих данных на запись рассылки
*
* @param array $post Входящие данные $_POST
* @return array Обработканные данные для записи array(name=>value) где name - имя поля в таблице value - значение поля
*/
public function initPost($post)
{
$insert = array();
if ($post['attachedfiles_session']) {
$attachedfiles = new attachedfiles($post['attachedfiles_session']);
$attachedfiles_files = $attachedfiles->getFiles(array(1, 3, 4));
if (count($attachedfiles_files) > 0) {
$insert['is_attached'] = true;
$_POST['attachedfiles_files'] = $attachedfiles_files;
} else {
$insert['is_attached'] = false;
}
}
$insert['in_draft'] = (int) $post['in_draft'] == 0 ? 'false' : 'true';
if (isset($post['status_sending'])) {
$insert['status_sending'] = (int) $post['status_sending'];
}
if (isset($post['status_message'])) {
$insert['status_message'] = (int) $post['status_message'];
}
if (!is_empty_html($post['subject'])) {
$insert['subject'] = __paramValue('string', addslashes($post['subject']));
} else {
$insert['subject'] = 'Рассылка Free-lance.ru';
//$this->error['subject'] = 'Введите заголовок письма';
}
if (!is_empty_html($post['message'])) {
//$insert['message'] = addslashes(__paramValue('ckedit', stripslashes($post['message']) ));
$insert['message'] = $post['message'];
} else {
$this->error['message'] = 'Введите текст письма';
}
if ($post['type_sending']) {
$post['type_sending'] = array_map('intval', $post['type_sending']);
$insert['type_sending'] = (string) implode("", array((int) $post['type_sending'][0], (int) $post['type_sending'][1]));
}
if ($post['type_regular']) {
$insert['type_regular'] = __paramValue('int', $post['type_regular']);
}
if ($post['type_send_regular']) {
$insert['type_send_regular'] = __paramValue('int', $post['type_send_regular']);
}
if (!is_empty_html($post['time_sending'])) {
$time = __paramValue('string', $post['time_sending']) . ":00";
if (is_empty_html($post['date_sending'])) {
$insert['date_sending'] = date('Y-m-d ' . $time);
}
} elseif ($insert['type_regular'] == 2) {
$this->error['time_sending'] = 'Введите время отправки рассылки';
}
if (!is_empty_html($post['date_sending'])) {
$time = "00:00";
if (!is_empty_html($post['time_sending'])) {
$time = __paramValue('string', $post['time_sending']) . ":00";
}
$insert['date_sending'] = date('Y-m-d ' . $time, strtotime($post['date_sending']));
} elseif ($insert['type_regular'] != 2) {
$this->error['date_sending'] = 'Введите дату отправки рассылки';
}
// Обработка фильтра Работодателя
if ($post['filter_emp']) {
// Записываем фильтр
$insert['filter_emp'] = $this->initPostEmpFilter($post);
}
if ($post['filter_frl']) {
// Записываем фильтр
$insert['filter_frl'] = $this->initPostFrlFilter($post);
}
if ($post['filter_file']) {
$insert['filter_file'] = true;
} else {
$insert['filter_file'] = '';
}
$insert['user_id'] = get_uid();
//$insert['count_recipients'] = 0;
return $insert;
}
<?php
define('NO_CSRF', true);
$post = $_POST;
$get = $_GET;
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/stdf.php";
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/pskb.php";
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/log.php";
$src = __paramValue('int', $get['res']);
$state = __paramValue('int', $post['state']);
$lc_id = __paramValue('int', $post['account']);
$log_data = array('GET' => $get, 'POST' => $post);
if (!pskb::validateCardRequest($post)) {
$src = 2;
$state = -999;
$log_data['err'] = array('src' => $src, 'state' => $state);
}
$log = new log("pskb_cards/income-" . SERVER . '-%d%m%Y.log', 'a', '%d.%m.%Y %H:%M:%S : ' . $_SERVER['REMOTE_ADDR'] . ' : ');
$log->writevar($log_data);
$pskb = new pskb();
$_lc = $pskb->getLCbyLCId($lc_id);
$err_msg = "Неизвестная ошибка";
if ($src == 2) {
if ($state && in_array($state, array_keys(pskb::$card_messages))) {
$err_msg = pskb::$card_messages[$state];
}
if (!in_array($state, array(2, -999))) {
$pskb->upLC(array('state' => 'err', 'stateReason' => $err_msg), $_lc['lc_id']);
}
}
if ($src === 1 && defined('PSKB_TEST_MODE')) {
/**
* Задаем текущий активный шаг
*/
public function setLastStep()
{
if (!isset($_COOKIE[$this->_cookie_names['step']])) {
$this->_step = current(array_keys($this->steps));
setcookie($this->_cookie_names['step'], $this->_step, $this->_lifeTimeCookie(), '/', $GLOBALS['domain4cookie']);
} else {
$this->_step = __paramValue('int', $_COOKIE[$this->_cookie_names['step']]);
}
}
} else {
$subcat = $freelancer->spec;
$cat = professions::GetGroupIdByProf($subcat);
$cats[] = array('category_id' => $cat, 'subcategory_id' => $subcat);
$tmpPrj->setCategories($cats);
}
$tmpPrj->setProjectField('country', __paramValue('int', $_POST['project_location_columns'][0]));
$tmpPrj->setProjectField('city', __paramValue('int', $_POST['project_location_columns'][1]));
}
if ($project['kind'] == projects::KIND_PROJECT) {
$tmpPrj->setProjectField('pro_only', 't');
} else {
$tmpPrj->setProjectField('pro_only', __paramInit('bool', NULL, 'pro_only') ? 't' : 'f');
}
$tmpPrj->setProjectField('verify_only', __paramInit('bool', NULL, 'verify_only') ? 't' : 'f');
$tmpPrj->setProjectField('videolnk', __paramValue('html', antispam($_POST['videolnk']), 60, true));
$tmpPrj->setProjectField('strong_top', __paramInit('int', NULL, 'strong_top'));
$tmpPrj->setProjectField('prefer_sbr', __paramInit('bool', NULL, 'prefer_sbr') ? 't' : 'f');
$tmpPrj->setAddedTopDays(__paramInit('bool', NULL, 'top_ok') ? __paramInit('int', NULL, 'top_days', 0) : 0);
$tmpPrj->setProjectField('link', substr(__paramInit('string', NULL, 'link'), 0, 100));
$oproject = $project;
$project = $tmpPrj->getProject();
//Данные о ранее купленных услугах "Срочный" и "Скрытый"
//Если редактирование, то берем старое значение. иначе false
if ($tmpPrj->isEdit()) {
$tmpPrj->setProjectField('o_hide', $oproject['hide']);
$tmpPrj->setProjectField('o_urgent', $oproject['urgent']);
} else {
$tmpPrj->setProjectField('o_hide', 'f');
$tmpPrj->setProjectField('o_urgent', 'f');
}
/**
* Инициализируем тип оплаты на странице.
*
* @todo: более данный механизм не используется, хотя можно было на его базе попробовать использовать ЯДКассу
*
* @param string $type_payment Название тип оплаты (передается в $_GET['type'])
*/
public function setPaymentMethod($type_payment)
{
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/exrates.php';
switch ($type_payment) {
case 'sber_print':
$this->payment_template = 'bank/tpl.bank_fiz_print.php';
$this->type_menu_block = 'bank';
$this->payment_type = exrates::BANK;
break;
case 'sber':
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/bank_payments.php';
$this->payment_template = 'bank/tpl.bank_fiz.php';
$this->type_menu_block = 'bank';
$this->payment_type = exrates::BANK;
$this->pm = new bank_payments();
$this->pm->bank_code = __paramInit('int', null, 'bc', bank_payments::BC_SB);
$this->pm->sum = __paramInit('float', null, 'Sum');
$bp_reqv = bank_payments::GetLastReqv($this->pm->bank_code, $this->user['uid']);
$this->pm->fio = $bp_reqv['fio'];
$this->pm->address = $bp_reqv['address'];
if (!$this->pm->bill_num) {
$this->pm->bill_num = bank_payments::GenBillNum($this->pm->bank_code, $this->user['uid'], $this->acc['id']);
}
if (isset($_POST['action']) && $_POST['action'] == 'payment') {
$this->pm->fio = substr(__paramInit('string', null, 'fio'), 0, 128);
$this->pm->is_gift = false;
$this->pm->address = substr(__paramInit('string', null, 'address'), 0, 255);
$this->pm->bank_code = __paramInit('int', null, 'bc');
$this->pm->sum = __paramInit('float', null, 'sum');
setlocale(LC_ALL, 'en_US.UTF-8');
// гребанная бета! (это не мое)
$this->pm->fm_sum = $bp->sum / EXCH_TR;
$id = __paramInit('int', null, 'id');
if ($this->pm->sum < 10) {
$alert['sum'] = 'Минимальная сумма платежа 10 рублей';
}
if (!$this->pm->fio) {
$alert['fio'] = 'Поле заполнено некорректно.';
}
if (!$this->pm->address) {
$alert['address'] = 'Поле заполнено некорректно.';
}
if (!$alert) {
if ($id) {
$this->pm->bank_code = null;
$this->pm->Update($id, " AND user_id = {$this->user['uid']} AND accepted_time IS NULL");
} else {
$this->pm->bill_num = bank_payments::GenBillNum($this->pm->bank_code, $this->user['uid'], $this->acc['id']);
$this->pm->user_id = $this->user['uid'];
$this->pm->op_code = 12;
$id = $this->pm->Add($error, true);
}
if (!$error) {
$prepare = $this->preparePayments($this->getTotalAmmountOrders());
if ($prepare) {
header("Location: /bill/payment/print/?type=sber_print&id={$id}");
exit;
}
}
}
$this->error = $alert;
}
$this->bank = bank_payments::GetBank($bp->bank_code);
break;
case 'bank_print':
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/reqv.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/reqv_ordered.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/city.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/country.php';
if ($_GET['order'] > 0) {
$this->payment_template = 'bank/tpl.bank_jur_transfer.php';
$this->tid = intval($_GET['order']);
} else {
$this->payment_template = 'bank/tpl.bank_jur_print.php';
}
$this->type_menu_block = 'bank';
$this->payment_type = exrates::BANK;
$this->bank_sum = $_SESSION['sum_bank_print'];
$this->bank_id = $_SESSION['id_bank_print'];
unset($_SESSION['sum_bank_print'], $_SESSION['id_bank_print']);
break;
case 'bank':
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/reqv.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/reqv_ordered.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/city.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/country.php';
$this->payment_template = 'bank/tpl.bank_jur.php';
$this->type_menu_block = 'bank';
$this->payment_type = exrates::BANK;
$this->pm = new reqv();
$reqvByUid = $this->pm->GetByUid($this->user['uid']);
$reqvs_ord = new reqv_ordered();
$this->pm->billNum = sizeof($reqvs_ord->GetByUid($this->user['uid']));
$this->pm->BindRequest($reqvByUid[0]);
if (isset($_POST['action']) && $_POST['action'] == 'payment') {
$_POST['country'] = country::getCountryName($_POST['country_db_id']);
$_POST['city'] = city::getCityName($_POST['city_db_id']);
$this->pm->BindRequest($_POST);
$this->error = $this->pm->CheckInput();
if ($_POST['sum'] < 10) {
$this->error['sum'] = 'Минимальная сумма платежа 10 рублей';
}
if (!$this->error) {
$this->pm->user_id = $this->user['uid'];
if ($reqvByUid[0]['id'] > 0) {
$id = $reqvByUid[0]['id'];
$this->pm->Update($id, " AND user_id= {$this->user['uid']}");
} else {
$id = $this->pm->Add($err, true);
}
$prepare = $this->preparePayments($this->getTotalAmmountOrders());
if ($prepare) {
$_SESSION['id_bank_print'] = $id;
$_SESSION['sum_bank_print'] = intval($_POST['sum']);
header('Location: /bill/payment/print/?type=bank_print');
exit;
}
}
}
break;
case 'alphabank':
$this->payment_template = 'bank/tpl.alphabank.php';
$this->type_menu_block = 'bank';
$this->payment_type = exrates::BANK;
if (isset($_POST['action']) && $_POST['action'] == 'reserve') {
header('Location: /bill/');
exit;
}
break;
case 'card':
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/settings.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/card_account.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/cardpay.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/city.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/sbr_meta.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/onlinedengi_cards.php';
$this->payment_template = 'card/tpl.card.php';
$this->type_menu_block = 'card';
$this->payment_type = exrates::CARD;
$this->card_merchant = settings::GetVariable('billing', 'card_merchant');
if ($this->card_merchant) {
$card_account = new card_account();
$card_account->account_id = $this->acc['id'];
$this->pm = new onlinedengi_cards();
if (!$this->not_init_pm) {
$this->pm->order_id = $card_account->Add();
}
} else {
$this->pm = new card_account();
$this->pm->account_id = $this->acc['id'];
if (!$this->not_init_pm) {
$this->pm->order_id = $this->pm->Add();
}
$this->pm->reqv = sbr_meta::getUserReqvs($this->user['uid']);
}
break;
case 'qiwi':
$this->payment_template = 'terminal/tpl.qiwi.php';
case 'svyasnoy':
$this->payment_template = $this->payment_template ? $this->payment_template : 'terminal/tpl.svyasnoy.php';
case 'euroset':
$this->payment_template = $this->payment_template ? $this->payment_template : 'terminal/tpl.euroset.php';
$this->type_menu_block = 'terminal';
$this->payment_type = exrates::OSMP;
if ($_POST['action'] == 'osmp') {
$prepare = $this->preparePayments($this->getTotalAmmountOrders());
if (!$this->test && $prepare !== false) {
header('Location: /bill/');
exit;
}
} else {
$this->error = 'Ошибка создания списка оплаты';
}
break;
case 'megafon_mobile':
$this->payment_template = 'mobile/tpl.m_megafon.php';
case 'beeline_mobile':
$this->payment_template = $this->payment_template ? $this->payment_template : 'mobile/tpl.m_beeline.php';
case 'mts_mobile':
$this->payment_template = $this->payment_template ? $this->payment_template : 'mobile/tpl.m_mts.php';
case 'matrix_mobile':
$this->payment_template = $this->payment_template ? $this->payment_template : 'mobile/tpl.m_matrix.php';
$this->type_menu_block = 'mobilesys';
$this->payment_type = exrates::MOBILE;
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/qiwipay.php';
$this->pm = new qiwipay($this->user['uid']);
if ($_POST['operator'] == 'megafon' || $_POST['operator'] == 'beeline' || $_POST['operator'] == 'mts' || $_POST['operator'] == 'matrix') {
$phone = __paramValue('string', $_POST['phone']);
$phone = str_replace(array('+7', '+77'), '', $phone);
$err = 0;
switch ($_POST['operator']) {
case 'megafon':
if (!(strpos($phone, '34') === 0 || strpos($phone, '62') === 0 || strpos($phone, '82') === 0 || strpos($phone, '92') === 0 || strpos($phone, '35') === 0 || strpos($phone, '63') === 0 || strpos($phone, '83') === 0 || strpos($phone, '93') === 0 || strpos($phone, '69') === 0 || strpos($phone, '99') === 0)) {
$this->error['phone'] = 'Проверьте, верно ли выбран оператор. Указанный номер не относится в сети Мегафон';
$err = 1;
}
break;
case 'beeline':
if (!(strpos($phone, '90') === 0 || strpos($phone, '96') === 0)) {
$this->error['phone'] = 'Проверьте, верно ли выбран оператор. Указанный номер не относится в сети Beeline';
$err = 1;
}
break;
case 'mts':
if (!(strpos($phone, '91') === 0 || strpos($phone, '98') === 0)) {
$this->error['phone'] = 'Проверьте, верно ли выбран оператор. Указанный номер не относится в сети МТС';
$err = 1;
}
break;
case 'matrix':
if (!(strpos($phone, '958') === 0)) {
$this->error['phone'] = 'Проверьте, верно ли выбран оператор. Указанный номер не относится в сети Matrix';
$err = 1;
}
break;
}
if (!$err) {
$sum = __paramValue('float', $_POST['sum']);
$request = array('phone' => $phone, 'sum' => $sum, 'oper_code' => $_POST['operator']);
$created = $this->pm->createBill($request);
if (!$created) {
$prepare = $this->preparePayments($this->getTotalAmmountOrders());
if (!$this->test && $prepare !== false) {
header('Location: /bill/');
exit;
}
} else {
$this->error = $created;
}
}
}
break;
case 'webpay':
$this->type_menu_block = 'psys';
$this->payment_type = exrates::WEBM;
$this->payment_template = 'psys/tpl.webpay.php';
break;
case 'qiwipurse':
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/qiwipay.php';
$this->pm = new qiwipay($this->user['uid']);
$this->type_menu_block = 'psys';
$this->payment_type = exrates::QIWIPURSE;
$this->payment_template = 'psys/tpl.qiwipurse.php';
if ($_POST['action'] == 'qiwipurse') {
$phone = __paramValue('string', $_POST['phone']);
$phone = str_replace(array('+7', '+77'), '', $phone);
$sum = __paramValue('float', $_POST['sum']);
$request = array('phone' => $phone, 'sum' => $sum);
$created = $this->pm->createBill($request);
if (!$created) {
$prepare = $this->preparePayments($this->getTotalAmmountOrders());
if (!$this->test && $prepare !== false) {
header('Location: /bill/');
exit;
}
} else {
$this->error = $created;
}
}
break;
case 'yandex':
$this->type_menu_block = 'psys';
$this->payment_type = exrates::YM;
$this->payment_template = 'psys/tpl.yandex.php';
break;
case 'webmoney':
$this->type_menu_block = 'psys';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/pmpay.php';
$this->payment_type = exrates::WMR;
$this->payment_template = 'psys/tpl.webmoney.php';
$this->pm = new pmpay();
break;
case 'okpay':
$this->type_menu_block = 'psys';
$this->payment_type = exrates::OKPAY;
$this->payment_template = 'psys/tpl.okpay.php';
break;
}
$this->type_payment = $type_payment;
}
/**
* формирует превью проекта на главной странице.
*/
function GetPreview($data)
{
$objResponse = new xajaxResponse();
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/projects.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/attachedfiles.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/CFile.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/HTML/projects_lenta.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/project_exrates.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/memBuff2.php';
$kind = 1;
$memBuff = new memBuff();
$htmlLenta = $memBuff->get('projectsLentaHTML');
if (!$htmlLenta) {
$prj = new new_projects();
$prjs = $prj->getProjects($num_prjs, -1, 1, false, null, true);
foreach ($prjs as &$proj) {
// стираем принадлежность проекта к пользователю, чтобы не появилось кнопок РЕДАКТИРОВАТЬ и пр.
unset($proj['user_id']);
}
unset($proj);
$htmlPrj = new HTMLProjects();
$htmlPrj->template = '/projects/tpl.lenta.new.php';
$prj_content = $htmlPrj->ShowProjects($num_prjs, $prjs, 1, 1, null, true);
$prfs = new professions();
$profs = $prfs->GetAllProfessions('', 0, 1);
// подложка с лентой проектов
ob_start();
include $_SERVER['DOCUMENT_ROOT'] . '/templates/main.php';
$htmlLenta = ob_get_clean();
// кэшируем ленту проектов
$memBuff->set('projectsLentaHTML', $htmlLenta, 1800);
}
// подготавливаем данные для шаблона в ленту проектов
$row = array();
$row['kind'] = __paramValue('int', $data['kind']);
$row['cost'] = __paramValue('int', $data['cost']);
$row['currency'] = __paramValue('int', $data['currency_db_id']);
$row['priceby'] = __paramValue('int', $data['priceby_db_id']);
$row['name'] = stripslashes(__paramValue('html', $data['name'], null, true));
$contacts = array('phone' => array('name' => 'Телефон', 'value' => ''), 'site' => array('name' => 'Сайт', 'value' => ''), 'icq' => array('name' => 'ICQ', 'value' => ''), 'skype' => array('name' => 'Skype', 'value' => ''), 'email' => array('name' => 'E-mail', 'value' => ''));
if (isset($data['contacts'])) {
foreach ($data['contacts'] as $name => $value) {
if (!isset($contacts[$name])) {
continue;
}
switch ($name) {
case 'site':
if (!url_validate(ltrim(ltrim($value, 'http://'), 'https://')) && trim($value) != '') {
$error["contact_{$name}"] = 'Поле заполнено некорректно';
}
if (strpos($value, 'htt') === false && trim($value) != '') {
$value = 'http://' . $value;
}
break;
case 'email':
if (!is_email($value) && trim($value) != '') {
$error["contact_{$name}"] = 'Поле заполнено некорректно';
}
break;
}
$contacts[$name]['value'] = __paramValue('htmltext', stripslashes($value));
}
$row['contacts'] = serialize($contacts);
}
$descrFull = stripslashes(__paramValue('html', $data['descr'], null, true));
$descr = preg_replace('/^ /', "", $descrFull);
$descr = preg_replace("/(\n) /", "\$1", $descr);
$descr = reformat(strip_tags(htmlspecialchars(LenghtFormatEx(htmlspecialchars_decode($descr, ENT_QUOTES), 180), ENT_QUOTES), '<br />'), 50, 1, 0, 1);
$descr = preg_replace("//", ' ', $descr);
$row['descr'] = $descr;
$row['t_is_payed'] = $data['logo_ok'] || $data['top_ok'];
$row['t_is_ontop'] = __paramValue('bool', $data['top_ok']);
$row['t_pro_only'] = $data['pro_only'] ? 't' : 'f';
$row['t_verify_only'] = $data['verify_only'] ? 't' : 'f';
$row['t_urgent'] = $data['urgent'] ? 't' : 'f';
$row['t_hide'] = $data['hide'] ? 't' : 'f';
$row['create_date'] = date('Y-m-d H:i', strtotime(date('Y-m-d H:i:s')) - 120);
// делаем дату публикации 2 минуты назад
$row['end_date'] = __paramValue('string', $data['end_date']);
$row['win_date'] = __paramValue('string', $data['win_date']);
$row['country'] = __paramValue('int', $data['project_location_columns'][0]);
$row['city'] = __paramValue('int', $data['project_location_columns'][1]);
list($row['country_name'], $row['city_name']) = explode(': ', __paramValue('string', $data['location']));
$logoOK = __paramValue('bool', $data['logo_ok']);
$topOK = __paramValue('bool', $data['top_ok']);
$row['link'] = __paramValue('string', $data['link']);
if ($logoOK) {
$logoAttach = new attachedfiles($data['logo_attachedfiles_session']);
$logoFiles = $logoAttach->getFiles(array(1));
if (count($logoFiles)) {
$logoFile = array_pop($logoFiles);
// загружено может быть несколько файлов, берем последний
$logoCFile = new CFile($logoFile['id']);
} elseif (__paramValue('int', $data['logo_file_id'])) {
$logoCFile = new CFile(__paramValue('int', $data['logo_file_id']));
}
$row['logo_name'] = $logoCFile->name;
$row['logo_path'] = $logoCFile->path;
}
$is_ajax = true;
// подготовка данных для подробной страницы проекта
$project = $row;
$categories = array();
for ($i = 0; $i < 3; ++$i) {
$categoryID = __paramValue('int', $data['project_profession' . $i . '_columns'][0]);
$subcategoryID = __paramValue('int', $data['project_profession' . $i . '_spec_columns'][0]);
if ($categoryID || $subcategoryID) {
$categories[] = array('category_id' => $categoryID, 'subcategory_id' => $subcategoryID);
}
}
$project['spec_txt'] = projects::_getSpecsStr($categories, ' / ', ', ', true);
$project['ico_payed'] = $logoOK;
$project['is_upped'] = $topOK;
$project['descr'] = $descrFull;
$project['logo_id'] = $logoCFile->id;
$project['prefer_sbr'] = __paramValue('bool', $data['prefer_sbr']) ? 't' : 'f';
$project['urgent'] = __paramValue('bool', $data['urgent']) ? 't' : 'f';
$project['hide'] = __paramValue('bool', $data['hide']) ? 't' : 'f';
if (trim($project['contacts']) != '') {
$contacts_employer = unserialize($project['contacts']);
$empty_contacts_employer = 0;
foreach ($contacts_employer as $name => $contact) {
if (trim($contact['value']) == '') {
$empty_contacts_employer++;
}
}
$is_contacts_employer_empty = count($contacts_employer) == $empty_contacts_employer;
}
$isPreview = true;
$project_exRates = project_exrates::GetAll();
$translate_exRates = array(0 => 2, 1 => 3, 2 => 4, 3 => 1);
ob_start();
include $_SERVER['DOCUMENT_ROOT'] . '/public/new/tpl.preview.php';
?>
<?php
$htmlProject = ob_get_clean();
$objResponse->assign('project_preview_lenta', 'innerHTML', $htmlLenta);
$objResponse->assign('project_preview_content', 'innerHTML', $htmlProject);
$objResponse->script('Public.showPreview()');
return $objResponse;
}
}
}
}
} elseif (strlen($img->tmp_name) != 0) {
$err = 'Пустой файл';
$error = true;
} elseif ($img->error) {
$err = $img->error[0];
$error = true;
}
}
if ($error) {
$js_error_callback_func = "parent.upload.error('{$err}')";
} else {
$link = WDCPREFIX . '/' . $dir . $pictname;
$name = __paramValue('string', $_FILES['upload_file']['name']);
$maxLen = 25;
// сокращаем название файла, сохраняя расширение
if (strlen($name) > $maxLen) {
$arr = explode('.', $name);
$ext = array_pop($arr);
$name = preg_replace("/.{$ext}\$/", '', $name);
$name = substr($name, 0, $maxLen) . '...';
$name = $name . '.' . $ext;
}
$js_callback_func = "parent.upload.view('{$name}', '{$link}', '{$id_upload}')";
}
break;
default:
break;
}
public function getNamePageUri($uri)
{
$url = @parse_url($uri);
if ($url['path'] == '/') {
return '';
}
$page = explode('/', $url['path']);
$page = $page[0] != '' ? $page[0] : $page[1];
return __paramValue('string', $page);
}
$delete = array();
foreach ($_POST['name'] as $cTypeKey => $cTypeName) {
if (!trim($cTypeName)) {
continue;
}
$ctID = __paramValue('int', $_POST['id'][$cTypeKey]);
$ctName = trim(__paramValue('string', $_POST['name'][$cTypeKey]));
$ctTextarea = __paramValue('bool', $_POST['textarea'][$cTypeKey]);
$ctRequired = __paramValue('bool', $_POST['required'][$cTypeKey]);
$ctPos = __paramValue('int', $_POST['pos'][$cTypeKey]);
if ($ctPos > 99) {
$ctPos = 99;
} elseif ($ctPos < -99) {
$ctPos = -99;
} elseif (!$ctPos) {
$ctPos = 1;
}
$ctDel = __paramValue('int', $_POST['del'][$cTypeKey]);
if (!$ctID && !$ctDel) {
$add[] = array('name' => $ctName, 'textarea' => $ctTextarea, 'required' => $ctRequired, 'pos' => $ctPos);
} elseif ($ctDel && $ctID) {
$delete[] = array('id' => $ctID);
} elseif ($ctID && !$ctDel) {
$edit[] = array('id' => $ctID, 'name' => $ctName, 'textarea' => $ctTextarea, 'required' => $ctRequired, 'pos' => $ctPos);
}
}
projects_complains::updateTypes($add, $edit, $delete, $moder);
}
$complainTypes = projects_complains::getTypes($moder, false);
$css_file = array('moderation.css', 'nav.css');
include $rpath . 'template.php';
/**
* Сохранение проекта в черновики (новый шаблон)
*
* @param array $prj Информация о проекте
* @return array ['id'] - ID черновика, ['date'] - дата сохранения черновика
*/
function SaveProjectNew($prj, $attachedfiles_files = false)
{
global $DB;
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/attachedfiles.php";
$categories = "";
$check = array();
for ($i = 0; $i <= 2; $i++) {
$catID = __paramValue('int', $prj['project_profession' . $i . '_columns'][0]);
$subcatID = __paramValue('int', $prj['project_profession' . $i . '_spec_columns'][0]);
if ($catID || $subcatID) {
$categories .= $catID . '|' . $subcatID . ',';
}
}
$categories = preg_replace("/,\$/", "", $categories);
if ($prj['name'] === false) {
$prj['name'] = '';
}
if ($prj['descr'] === false) {
$prj['descr'] = '';
}
if (!$prj['end_date']) {
$prj['end_date'] = NULL;
}
if (!$prj['win_date']) {
$prj['win_date'] = NULL;
}
$prj['budget_type'] = intval($prj['budget_type']);
if (!intval($prj['draft_prj_id'])) {
$prj['prj_id'] = NULL;
} else {
$prj['prj_id'] = $prj['draft_prj_id'];
}
$prj['draft_id'] = intval($prj['draft_id']);
if (!isset($prj['kind'])) {
$prj['kind'] = 7;
}
$prj['cost'] = $prj['agreement'] ? 0 : floatval($prj['cost']);
$date = date("Y-m-d H:i:s");
$prj['strong_top'] = hasPermissions('projects') ? (int) $prj['strong_top'] : 0;
$prj['verify_only'] = (bool) $prj['verify_only'];
// платные опции
$prj['urgent'] = (bool) $prj['urgent'];
$prj['hide'] = (bool) $prj['hide'];
$topDays = $prj['top_ok'] ? $prj['top_days'] : 0;
if ($prj['logo_ok']) {
$logoAttach = new attachedfiles($prj['logo_attachedfiles_session']);
$logoFiles = $logoAttach->getFiles();
if (is_array($logoFiles) && count($logoFiles)) {
$logoFile = array_pop($logoFiles);
// файлов может быть несколько, берем последний
$logoAttach->setStatusTo3($logoFile['id']);
$logoFileID = $logoFile['id'];
} elseif ($prj['logo_file_id']) {
$logoFileID = $prj['logo_file_id'];
}
$logoLink = $prj['link'];
}
if (self::isDraftExists($prj['draft_id'], $prj['uid'], 1, $prj['prj_id'])) {
$sql = "UPDATE draft_projects SET \n name = ?u,\n descr = ?u,\n cost = ?,\n currency = ?i,\n kind = ?i,\n pro_only = ?,\n strong_top = ?i,\n end_date = ?,\n win_date = ?,\n country = ?i,\n city = ?i,\n categories = ?,\n date = ?,\n prj_id = ?,\n priceby = ?i,\n prefer_sbr = ?,\n budget_type = ?i,\n verify_only = ?,\n urgent = ?,\n hide = ?,\n top_days = ?i,\n logo_id = ?,\n logo_link = ?,\n contacts = ?\n WHERE (id=? OR prj_id=?)AND uid=?i";
$DB->query($sql, $prj['name'], $prj['descr'], $prj['cost'], $prj['currency_db_id'], $prj['kind'], $prj['pro_only'] == 1 ? 't' : 'f', $prj['strong_top'], $prj['end_date'], $prj['win_date'], (int) $prj['project_location_columns'][0], (int) $prj['project_location_columns'][1], $categories, $date, $prj['prj_id'], intval($prj['priceby_db_id']), $prj['prefer_sbr'] == 1 ? 't' : 'f', $prj['budget_type'], $prj['verify_only'], $prj['urgent'], $prj['hide'], $topDays, $logoFileID, $logoLink, $prj['contacts'], $prj['draft_id'], $prj['prj_id'], $prj['uid']);
$id = $prj['draft_id'];
} else {
$new_draft = true;
$sql = "INSERT INTO draft_projects (\n name,\n descr,\n cost,\n currency,\n kind,\n pro_only,\n end_date,\n win_date,\n country,\n city,\n categories,\n date,\n uid,\n prj_id,\n priceby,\n prefer_sbr,\n budget_type,\n strong_top,\n verify_only,\n urgent,\n hide, \n top_days,\n logo_id,\n logo_link,\n contacts\n ) VALUES (\n ?u,\n ?u,\n ?,\n ?i,\n ?i,\n ?,\n ?,\n ?,\n ?i,\n ?i,\n ?,\n ?,\n ?i,\n ?,\n ?i,\n ?,\n ?i,\n ?i,\n ?,\n ?,\n ?,\n ?i,\n ?,\n ?,\n ?\n ) RETURNING id;";
$id = $DB->val($sql, $prj['name'], $prj['descr'], $prj['cost'], $prj['currency_db_id'], $prj['kind'], $prj['pro_only'] == 1 ? 't' : 'f', $prj['end_date'], $prj['win_date'], (int) $prj['project_location_columns'][0], (int) $prj['project_location_columns'][1], $categories, $date, $prj['uid'], $prj['prj_id'], intval($prj['priceby_db_id']), $prj['prefer_sbr'] == 1 ? 't' : 'f', $prj['budget_type'], (int) $prj['strong_top'], $prj['verify_only'], $prj['urgent'], $prj['hide'], $topDays, $logoFileID, $logoLink, $prj['contacts']);
}
// - BEGIN атачи
if (!$attachedfiles_files) {
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes//uploader/uploader.php";
$mask_files = array(1, 3);
$uploader = new uploader(current($prj['IDResource']));
$attachedfiles_files = $uploader->getFiles($mask_files);
}
$file_id = array();
// массив с ID файлов которые не надо удалять
$noDeletedFiles = array();
foreach ($attachedfiles_files as $attachedfiles_file) {
$noDeletedFiles[] = $attachedfiles_file['id'];
// старые файлы не трогаем
if ($attachedfiles_file['status'] == 3) {
continue;
}
if (in_array($f->id, $file_id)) {
continue;
}
// Чтобы не было дублей
$file_id[] = $f->id;
$f = new CFile($attachedfiles_file['id']);
$f->table = 'file';
$f->makeLink();
$sql = "INSERT INTO draft_attaches(draft_id, draft_type, file_id) VALUES(?i, 4, ?i)";
$DB->hold()->query($sql, $id, $f->id);
}
if ($DB->sqls) {
$DB->query();
}
if ($uploader && $attachedfiles_files) {
$uploader->setStatusFiles(uploader::STATUS_CREATE, uploader::STATUS_ADDED);
}
$sqlNoDeletedFiles = count($noDeletedFiles) ? $DB->parse('AND file_id NOT IN (?l)', $noDeletedFiles) : '';
$sql = "SELECT * FROM draft_attaches WHERE draft_id = ?i AND draft_type = 4 {$sqlNoDeletedFiles};";
$files = $DB->rows($sql, $id, $noDeletedFiles);
if ($files) {
foreach ($files as $f) {
$cf = new CFile($f['file_id']);
$cf->table = 'file';
$cf->Delete($cf->id);
}
}
$sql = "DELETE FROM draft_attaches WHERE draft_id = ?i AND draft_type = 4 {$sqlNoDeletedFiles};";
$DB->query($sql, $id, array());
// - END атачи
$_SESSION['drafts_count'] = drafts::getCount($msg['uid']);
return array('id' => $id, 'date' => $date);
}
}
// если задана определенная ширина изображения
if ($sharpImageWidth && $cFile->image_size['width'] != $sharpImageWidth) {
$file['error'] = "Ширина изображения не соответствует требуемой";
}
if ($cFile->size == 0) {
$file['error'] = "Пустой файл";
}
if (!$file['error']) {
$cFile->MoveUploadedFile($dir);
if ($cFile->id) {
if ($file['error']) {
$cFile->Delete($cFile->id);
} else {
$fileinfo = $attachedfiles->add($cFile);
$file['orig_name'] = __paramValue('string', $fileinfo['orig_name']);
$file['id'] = md5($fileinfo['id']);
$file['name'] = $fileinfo['name'];
$file['path'] = $fileinfo['path'];
$file['size'] = $fileinfo['size'];
$file['tsize'] = ConvertBtoMB($fileinfo['size']);
$file['type'] = $fileinfo['type'];
$file['session'] = $sess;
}
} else {
if ($_FILES['attachedfiles_file']['size'] > $max_files_size) {
$file['error'] = "Максимальный объем файлов: " . ConvertBtoMB($max_files_size);
} else {
$file['error'] = $cFile->error;
}
}
/**
* ƒобавить название проекта дл¤ публикации с лендинга
*
* @param type $name
* @return type
*/
public function addLandingProject($name)
{
$name = __paramValue('html', $name, 60, true);
return $this->db()->insert($this->TABLE, array('name' => $name), 'id');
}
}
$id = __paramInit('html', null, 'id');
$article = articles::getArticle($id, $uid);
$_POST['title'] = iconv('UTF-8', 'CP1251', $_POST['title']);
$_POST['short'] = iconv('UTF-8', 'CP1251', $_POST['short']);
// $title = str_replace("\\", "\", $title);
$title = __paramInit('htmltext', null, 'title', null, articles::ARTICLE_MAX_TITLELENGTH);
$short = __paramInit('html', null, 'short');
//$short = change_q_x($short, false, true);
// $msgtext = __paramInit('html', null, 'msgtext');
// $msgtext = change_q_x($_POST['msgtext'], FALSE, TRUE, "b|div.*?|meta|strong|br\s?\/?|i|em|p|ul|ol|li|s|h[1-6]{1}", false, false);
$sAdmTags = hasPermissions('articles') ? '<img>' : '';
//$msgtext = $_POST['msgtext'];
//$msgtext = strip_tags( $msgtext, '<p><b><strong><i><em><br><ul><li><ol><h1><h2><h3><h4><h5><h6><a><noindex><strike>' . $sAdmTags );
$msgtext = iconv('UTF-8', 'CP1251', $_POST['msgtext']);
$msgtext = __paramValue('ckeditor', $msgtext);
$image = __paramInit('html', null, 'attached');
$logo = __paramInit('html', null, 'logo');
$rmlogo = __paramInit('html', null, 'rmlogo');
$page_view = __paramInit('html', null, 'page_view');
if (trim($short) == '') {
$alert['short'] = 'Поле не должно быть пустым!';
}
if (trim($msgtext) == '') {
$alert['msgtext'] = 'Поле не должно быть пустым!';
}
if (trim($title) == '') {
$alert['title'] = 'Поле не должно быть пустым!';
}
if (!$image && !$logo) {
$alert['logo'] = 'Вы должны загрузить изображение!';
function aClearCloneLogPSKB($lc_id, $query, $logname)
{
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/sbr_meta.php';
$lc_id = __paramValue('int', $lc_id);
$objResponse = new xajaxResponse();
if (!hasPermissions('sbr')) {
return $objResponse;
}
$log_pskb = new log_pskb();
$clear = $log_pskb->clearCloneData($lc_id);
if ($clear) {
$objResponse->call('alert', 'Дублирующие записи удалены');
} else {
$objResponse->call('alert', 'Ошибка удаления дублирующих записей');
}
return aFindLogPSKB($lc_id, $query, $logname);
}
/**
* Сохраняет/редактирует направление
*
* @param array $info - данные
* @return object xajaxResponse
*/
function saveDirectForm($info)
{
global $GLOBALS;
session_start();
if (!hasPermissions('seo')) {
return false;
}
$objResponse = new xajaxResponse();
$seo = new seo($_SESSION['subdomain']);
if (trim($info['name_section']) == "") {
$objResponse->script("alert('Введите название направления');");
$objResponse->script("\$('name_section').focus();");
return $objResponse;
}
if (preg_match('/[^A-Za-z0-9_\\-]/', $info['name_section_link']) || trim($info['name_section_link']) == "") {
$objResponse->script("alert('Название ссылки должно содержать только латинские буквы, цифры, нижнее подчеркивание или тире');");
$objResponse->script("\$('name_section_link').focus();");
return $objResponse;
}
if ($seo->checkLink('direct', $info['name_section_link'], $info['id'])) {
$objResponse->script("alert('Направление с такой ссылкой уже есть');");
$objResponse->script("\$('name_section_link').focus();");
return $objResponse;
}
$saved_disable_link_processing = $GLOBALS['disable_link_processing'];
$GLOBALS['disable_link_processing'] = TRUE;
$data = array("dir_name" => (string) change_q_x($info['name_section'], true), "name_section_link" => (string) change_q_x($info['name_section_link'], true), "meta_description" => (string) change_q_x($info['meta_description'], true), "meta_keywords" => (string) change_q_x($info['meta_keywords'], true), "page_content" => (string) __paramValue('ckeditor', $info['content']));
$GLOBALS['disable_link_processing'] = $saved_disable_link_processing;
if (!$info['id']) {
$data['date_create'] = 'NOW()';
} else {
$data['date_modified'] = 'NOW()';
}
$newid = $seo->saveDirection($data, $info['id']);
if (!$info['id'] && $newid) {
$url = array();
$url['direction'] = $newid;
if ($info['name_section_link']) {
$url['direction'] = $info['name_section_link'];
}
if ($_SESSION['subdomain']) {
$url['subdomain'] = $_SESSION['subdomain'];
}
$url['msgok'] = 3;
$url = "/catalog/admin/?" . http_build_query($url);
$objResponse->redirect($url);
} elseif ($info['id'] && $newid) {
$url['direction'] = $info['name_section_link'];
if ($_SESSION['subdomain']) {
$url['subdomain'] = $_SESSION['subdomain'];
}
$url['msgok'] = 4;
$url = "/catalog/admin/?" . http_build_query($url);
$objResponse->redirect($url);
} else {
$objResponse->alert('Ошибка');
}
return $objResponse;
}
/**
* Добавление предложения к проекту.
*
* @param integer $user_id id фрилансера
* @param integer $prj_id id проекта
* @param integer $cost_from цена ОТ
* @param integer $cost_to цена ДО
* @param integer $cost_type валюта цены
* @param integer $time_from время ОТ
* @param integer $time_to время ДО
* @param integer $time_type тип времени (0 - часы, 1 - дни. 2 - месяцы)
* @param string $text текст предложения
* @param string $work1_id id 1 прикрепленной работы
* @param string $work2_id id 2 прикрепленной работы
* @param string $work3_id id 3 прикрепленной работы
* @param string $work1_link ссылка на 1 прикрепленную работы
* @param string $work2_link ссылка на 2 прикрепленную работы
* @param string $work3_link ссылка на 3 прикрепленную работы
* @param string $work1_name название 1 прикрепленной работы
* @param string $work2_name название 2 прикрепленной работы
* @param string $work3_name название 3 прикрепленной работы
* @param array $work1_pict файл 1 работы
* @param array $work2_pict файл 2 работы
* @param array $work3_pict файл 3 работы
* @param array $work1_prev_pict файл превью 1 работы
* @param array $work2_prev_pict файл превью 2 работы
* @param array $work3_prev_pict файл превью 3 работы
* @param boolean $for_customer_only показывать предложение только работоадетлю
* @param integer $dialogueId id ветки диалога
* @param integer $emp_read прочитано работодателем или нет
* @param boolean $prefer_sbr предпочитаю работать с СБР
* @param boolean $auto 0 или ID автоответа (не обновляется)
* @param integer $moduser_id UID пользователя (админа), изменяющего предложение. если null - то $user_id id фрилансера
* @param string modified_reason Причина редактирования
*
* @return string текст ошибки в случае неуспеха
*/
public function AddOffer($user_id, $prj_id, $cost_from, $cost_to, $cost_type, $time_from, $time_to, $time_type, $text, $work1_id, $work2_id, $work3_id, $work1_link, $work2_link, $work3_link, $work1_name, $work2_name, $work3_name, $work1_pict, $work2_pict, $work3_pict, $work1_prev_pict, $work2_prev_pict, $work3_prev_pict, $for_customer_only = false, $dialogueId = 0, $emp_read = 0, $prefer_sbr = false, $is_color = false, $contacts = null, $payed_items = '0', $auto = 0, $moduser_id = null, $modified_reason = '')
{
global $DB;
$obj_portfolio = new portfolio();
$obj_dialogue = new projects_offers_dialogue();
if ((int) $user_id <= 0 || (int) $prj_id <= 0) {
return false;
}
$is_color = $is_color ? 't' : 'f';
if ($cost_from < 0 && $cost_from !== '') {
$cost_from = 0;
//$error = 'Начальная стоимость должна быть положительным числом.';
}
if ($cost_to < 0 && $cost_to !== '') {
$cost_to = 0;
//$error = 'Конечная стоимость должна быть положительным числом.';
}
if ($cost_to !== '' && $cost_from !== '' && ($cost_to < $cost_from && $cost_to > 0)) {
$wrk = $cost_to;
$cost_to = $cost_from;
$cost_from = $wrk;
}
if ($time_from < 0 && $time_from !== '') {
$time_from = 0;
}
if ($time_to < 0 && $time_to !== '') {
$time_to = 0;
}
if ($time_to !== '' && $time_from !== '' && $time_to < $time_from && intval($time_to) > 0) {
$wrk = $time_to;
$time_to = $time_from;
$time_from = $wrk;
}
$prj_id = intval($prj_id);
$user_id = intval($user_id);
$cost_from = floatval(str_replace(',', '.', str_replace(' ', '', $cost_from)));
$cost_to = floatval(str_replace(',', '.', str_replace(' ', '', $cost_to)));
$cost_type = intval($cost_type);
$time_from = intval($time_from);
$time_to = intval($time_to);
$time_type = intval($time_type);
$text = __paramValue('string', $text);
$text = str_replace("\r\n", "\n", $text);
// Cчитается как два символа -- поэтому надо заменить на один, чтобы при подсчете символов последние символы не обрезались
//$text = preg_replace("/(\r\n|\r|\n){3,100}/i", "\r\n\r\n", $text);//trim(substr(change_q(trim($text), true, 90), 0, 3000));
$for_customer_only = $for_customer_only ? 't' : 'f';
$prefer_sbr = $prefer_sbr ? 't' : 'f';
$work1_id = intval($work1_id);
$work2_id = intval($work2_id);
$work3_id = intval($work3_id);
$work1_pict = substr(change_q(trim($work1_pict), false, 25), 0, 24);
$work2_pict = substr(change_q(trim($work2_pict), false, 25), 0, 24);
$work3_pict = substr(change_q(trim($work3_pict), false, 25), 0, 24);
$work1_prev_pict = substr(change_q(trim($work1_prev_pict), false, 30), 0, 29);
$work2_prev_pict = substr(change_q(trim($work2_prev_pict), false, 30), 0, 29);
$work3_prev_pict = substr(change_q(trim($work3_prev_pict), false, 30), 0, 29);
$work1_pict = $work1_pict == '' && $work1_prev_pict != '' ? $work1_prev_pict : $work1_pict;
$work2_pict = $work2_pict == '' && $work2_prev_pict != '' ? $work2_prev_pict : $work2_pict;
$work3_pict = $work3_pict == '' && $work3_prev_pict != '' ? $work3_prev_pict : $work3_pict;
$moduser_id = $moduser_id ? $moduser_id : $user_id;
$payed_items = $payed_items == '1' ? $payed_items : '0';
$sql = "SELECT po.*, pb.id IS NOT NULL AS is_blocked \n FROM projects_offers AS po\n LEFT JOIN projects_offers_blocked pb ON pb.src_id = po.id\n WHERE po.project_id = '{$prj_id}' AND po.user_id = " . $user_id;
$po = $DB->row($sql, $prj_id, $user_id);
if ($DB->error) {
return $DB->error;
}
$sql = 'SELECT e.is_pro FROM projects p
INNER JOIN employer e ON e.uid = p.user_id WHERE p.id = ?i';
$emp_is_pro = $DB->val($sql, $prj_id);
if ($po['is_blocked'] == 't' && $moduser_id == $user_id) {
return 'OfferIsBlocked';
}
$slashedText = addslashes($text);
if ($po['id']) {
if ($po['refused'] == 't' && $moduser_id == $user_id) {
return 403;
}
$sql = '';
$sModer = '';
if ($emp_is_pro != 't' && $moduser_id == $user_id && !hasPermissions('projects') && !is_pro() && ($po['descr'] != $slashedText || $po['pict1'] != $work1_pict && !empty($work1_pict) || $po['pict2'] != $work2_pict && !empty($work2_pict) || $po['pict3'] != $work3_pict && !empty($work3_pict) || $po['prev_pict1'] != $work1_prev_pict && !empty($work1_prev_pict) || $po['prev_pict2'] != $work2_prev_pict && !empty($work2_prev_pict) || $po['prev_pict3'] != $work3_prev_pict && !empty($work3_prev_pict))) {
// автор, не админ, не про меняет заголовок либо текст - отправить на модерирование
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/stop_words.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/user_content.php';
$stop_words = new stop_words();
$nStopWordsCnt = $stop_words->calculate($slashedText);
$sModer = ' , moderator_status =' . ($nStopWordsCnt ? ' 0 ' : ' NULL ');
if ($nStopWordsCnt) {
// если есть что то подозрительное - на модерирование
$DB->insert('moderation', array('rec_id' => $po['id'], 'rec_type' => user_content::MODER_PRJ_OFFERS, 'stop_words_cnt' => $nStopWordsCnt));
} else {
// иначе на модерирование не отправляем
$DB->query('DELETE FROM moderation WHERE rec_id = ?i AND rec_type = ?i;', $po['id'], user_content::MODER_PRJ_OFFERS);
}
}
$sql .= "UPDATE projects_offers SET\n descr = '{$slashedText}',\n cost_from = {$cost_from},\n cost_to = {$cost_to},\n cost_type = {$cost_type},\n time_from = {$time_from},\n time_to = {$time_to},\n time_type = {$time_type},\n portf_id1 = '{$work1_id}',\n portf_id2 = '{$work2_id}',\n portf_id3 = '{$work3_id}',\n pict1 = '{$work1_pict}',\n pict2 = '{$work2_pict}',\n pict3 = '{$work3_pict}',\n prev_pict1 = '{$work1_prev_pict}',\n prev_pict2 = '{$work2_prev_pict}',\n prev_pict3 = '{$work3_prev_pict}',\n only_4_cust = '{$for_customer_only}',\n prefer_sbr = '{$prefer_sbr}',\n po_emp_read = '{$emp_read}',\n is_color = '{$is_color}',\n payed_items = B'{$payed_items}',\n moduser_id = {$moduser_id}, \n modified_reason = '{$modified_reason}',\n " . ($contacts !== null ? "offer_contacts = '{$contacts}'," : '') . "\n modified = now() \n {$sModer} \n WHERE id = {$po['id']} AND refused = false";
$this->offer_id = $po['id'];
$DB->squery($sql);
$error = $DB->error;
if ($dialogueId) {
$error .= $obj_dialogue->SaveDialogueMessage($user_id, $text, $dialogueId, 0, true, $moduser_id);
$authorId = $DB->val('SELECT user_id FROM projects WHERE id = ?', $prj_id);
$memBuff = new memBuff();
$memBuff->delete("prjEventsCnt{$authorId}");
}
return $error;
} else {
$nStopWordsCnt = 0;
if ($emp_is_pro != 't' && !is_pro()) {
// если нужно считаем стоп-слова
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/stop_words.php';
$stop_words = new stop_words();
$nStopWordsCnt = $stop_words->calculate($slashedText);
}
include_once $_SERVER['DOCUMENT_ROOT'] . '/classes/projects_offers_answers.php';
$sModVal = !is_pro() && $emp_is_pro != 't' && $nStopWordsCnt ? '0' : 'NULL';
$sql = "INSERT INTO projects_offers (project_id, user_id, cost_from, cost_to, cost_type, time_from, time_to, time_type, portf_id1, portf_id2, portf_id3, pict1, pict2, pict3, prev_pict1, prev_pict2, prev_pict3, only_4_cust, prefer_sbr, po_emp_read, descr, is_color, payed_items, offer_contacts, po_frl_read, moderator_status, auto)\n ( SELECT {$prj_id}, {$user_id}, {$cost_from}, {$cost_to}, {$cost_type}, {$time_from}, {$time_to}, {$time_type}, '{$work1_id}', '{$work2_id}', '{$work3_id}', '{$work1_pict}', '{$work2_pict}', '{$work3_pict}', '{$work1_prev_pict}', '{$work2_prev_pict}', '{$work3_prev_pict}', '{$for_customer_only}', '{$prefer_sbr}', '{$emp_read}', '{$slashedText}', '{$is_color}', B'{$payed_items}', '{$contacts}', TRUE, {$sModVal}, {$auto} \n WHERE NOT EXISTS(SELECT 1 FROM projects_blocked WHERE project_id = {$prj_id}) ); \n SELECT currval('projects_offers_id_seq');";
$po_id = $DB->val($sql);
$error = $DB->error;
$this->offer_id = $po_id;
if ($po_id) {
if ($emp_is_pro != 't' && !is_pro() && $nStopWordsCnt) {
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/user_content.php';
$DB->insert('moderation', array('rec_id' => $po_id, 'rec_type' => user_content::MODER_PRJ_OFFERS, 'stop_words_cnt' => $nStopWordsCnt));
}
$error .= $obj_dialogue->AddDialogueMessage($po_id, $user_id, $text, true, false, true);
}
if (!$error) {
$_SESSION['po_count'] = (int) $_SESSION['po_count'] + 1;
}
return $error;
}
}
exit;
}
$result = array();
$result['success'] = false;
$login = __paramInit('string', null, 'login');
$id = __paramInit('int', null, 'id');
$is_jury = intval($_POST['is_jury']) == 1 ? 't' : 'f';
include_once $_SERVER['DOCUMENT_ROOT'] . '/classes/users.php';
$user = new users();
$user->GetUser($login);
// $txt = change_q_x(stripslashes($_POST['txt']), FALSE, false, 'b|br\s?\/?|i|p|ul|li|cut|s|h[1-6]{1}|img id="\d+"|p class="[qa]"', false, false);
// $txt = pg_escape_string(stripslashes($_POST['txt']));
//
// $txt = strip_tags($txt, '<p><b><strong><i><em><br><ul><li><ol><h1><h2><h3><h4><h5><h6><img><a><noindex>');
$txt = iconv('UTF-8', 'CP1251', $_POST['txt']);
$txt = __paramValue('ckedit', $txt);
if (!$login || !$user->uid) {
$alert['login'] = '******';
}
if (!$txt || $txt == '' || is_empty_html($txt)) {
$alert['txt'] = 'Поле не должно быть пустым.';
}
$attached = isset($_POST['attached']) ? $_POST['attached'] : array();
$rmfiles = isset($_POST['rmattaches']) && count($_POST['rmattaches']) ? $_POST['rmattaches'] : null;
$int = new interview();
$files = new CFile();
if (!isset($alert)) {
$interview = $int->getInterview($uid, $id);
/* Обновление интервью */
if (!$int->updateInterview($id, $user->uid, $txt, $attached, $is_jury)) {
$alert['alert'] = 'Невозможно изменить запись.';
