/**
* Сохранение профиля юзера
*
* @param object $objResponse xajaxResponse
* @param string $rec_id идентификатор записи
* @param string $rec_type тип записи
* @param array $aForm массив данных
* @param string $sDrawFunc имя функции для выполнения после сохранения
*/
function _admEditProfileSaveForm(&$objResponse, $rec_id = '', $rec_type = '', $aForm = array(), $sDrawFunc = '')
{
$error = '';
$bNew = true;
setlocale(LC_ALL, 'ru_RU.CP1251');
switch ($aForm['p_ucolumn']) {
case 'uname':
$new_val = change_q(substr(trim($aForm['new_val']), 0, 21), true);
if (!preg_match("/^[-a-zA-Zа-яёА-ЯЁ]+\$/", $new_val)) {
$error = 'Поле заполнено некорректно';
}
break;
case 'usurname':
$new_val = change_q(substr(trim($aForm['new_val']), 0, 21), true);
if (!preg_match("/^[-a-zA-Zа-яёА-ЯЁ]+\$/", $new_val)) {
$error = 'Поле заполнено некорректно';
}
break;
case 'pname':
$new_val = change_q(substr(trim(stripslashes($aForm['new_val'])), 0, 100), true);
break;
case 'spec_text':
$ab_text_max_length = 500;
$new_val = stripslashes(trim($aForm['new_val']));
$new_val = preg_replace("|[\t]+|", " ", $new_val);
$new_val = preg_replace("|[ ]+|", " ", $new_val);
$original_text = $new_val;
$newlines = intval(substr_count($new_val, "\r"));
$new_val = change_q_x_a(substr($new_val, 0, $ab_text_max_length + $newlines), false, false, "b|i|p|ul|li{1}");
if (strlen($original_text) > $ab_text_max_length + $newlines) {
$error = 'Допустимо максимум ' . $ab_text_max_length . ' знаков.';
}
break;
case 'resume_file':
case 'photo':
case 'logo':
$del_file = intval($aForm['del_file']);
$dir = $aForm['login'];
$dir2 = $aForm['p_ucolumn'] == 'resume_file' ? 'resume' : ($aForm['p_ucolumn'] == 'photo' ? 'foto' : 'logo');
if ($del_file || $aForm['new_val']) {
$new_val = $del_file ? '' : substr(change_q_new(trim(stripslashes($aForm['new_val']))), 0, 1500);
if ($aForm['old_val']) {
$oCFile = new CFile();
$oCFile->Delete(0, 'users/' . substr($dir, 0, 2) . '/' . $dir . '/' . $dir2 . '/', $aForm['old_val']);
if ($aForm['p_ucolumn'] == 'photo' || $aForm['p_ucolumn'] == 'logo') {
$oCFile->Delete(0, 'users/' . substr($dir, 0, 2) . '/' . $dir . '/' . $dir2 . '/', 'sm_' . $aForm['old_val']);
}
}
} else {
// админ нажал "Сохранить" не зааплоадив файл - считаем что утвердил тот что есть
$bNew = false;
}
break;
case 'resume':
$new_val = str_replace("\r\n", "\r", $aForm['new_val']);
if (strlen($new_val) > 4000) {
$error = 'Допустимо максимум 4000 знаков.';
}
$new_val = change_q(substr(trim($new_val), 0, 4000), false, 25);
break;
case 'konk':
if (strlen($aForm['new_val']) > 4000) {
$error = 'Допустимо максимум 4000 знаков.';
}
$new_val = change_q(substr(trim($aForm['new_val']), 0, 4000), false, 90);
break;
case 'company':
if (strlen($aForm['new_val']) > 500) {
$error = 'Допустимо максимум 500 знаков.';
}
$new_val = substr(change_q_x($aForm['new_val'], false, true, null, false, false), 0, 500);
break;
case 'status_text':
$new_val = addslashes(substr(stripslashes(trim($aForm['new_val'])), 0, 200));
close_tags($new_val, 's');
$new_val = htmlspecialchars(htmlspecialchars_decode(change_q_x(trim($new_val), true, false), ENT_QUOTES), ENT_QUOTES);
break;
case 'compname':
$new_val = change_q_x($aForm['new_val'], true);
break;
default:
setlocale(LC_ALL, 'en_US.UTF-8');
return false;
break;
}
setlocale(LC_ALL, 'en_US.UTF-8');
if (!$error) {
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/messages.php';
if ($bNew) {
$sReason = _parseReason($rec_id, $aForm['adm_edit_text']);
messages::profileModifiedNotification($rec_id, $aForm['p_ucolumn'], $aForm['p_utable'], $sReason);
if ($sDrawFunc == 'stream0' || $sDrawFunc == 'stream1' || $sDrawFunc == 'stream2') {
user_content::editProfile($aForm['p_change_id'], $new_val);
}
}
$objResponse->script('adm_edit_content.cancel();');
if ($sDrawFunc == 'stream0' || $sDrawFunc == 'stream1' || $sDrawFunc == 'stream2') {
$objResponse->script('parent.adm_edit_content.cancel();');
resolveContent($aForm['p_content_id'], $aForm['p_stream_id'], user_content::MODER_PROFILE . '_' . $aForm['p_change_id'] . '_0', 1, $rec_id, $aForm['p_content_cnt'], $aForm['p_status'], $aForm['p_is_sent'], '', $objResponse);
} else {
// действие после редактирования по умолчанию
if ($bNew) {
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/' . $aForm['p_utable'] . '.php';
$user = new $aForm['p_utable']();
$user->{$aForm}['p_ucolumn'] = $new_val;
$user->moduser_id = $_SESSION['uid'];
$user->Update($rec_id, $res);
}
if ($sDrawFunc == 'suspect') {
// шерстим все профили на наличие контактов в админке
$objResponse->script("window.location = '/siteadmin/suspicious_contacts/?site={$aForm['p_site']}&action=resolve&sid={$aForm['p_sid']}&page={$aForm['p_page']}'");
return 0;
}
$objResponse->script('window.location.reload(true)');
}
} else {
$sParent = $sDrawFunc == 'stream0' || $sDrawFunc == 'stream1' || $sDrawFunc == 'stream2' ? 'parent.' : '';
$objResponse->script("{$sParent}\$('adm_edit_err_new_val').set('html', '{$error}');");
$objResponse->script("{$sParent}\$('div_adm_edit_err_new_val').setStyle('display', '');");
$objResponse->script("{$sParent}adm_edit_content.disabled = false; {$sParent}adm_edit_content.button();");
}
}
/**
* Редактировать комментарий
*
* @param integer $id ИД редактируемого комментария
* @return array [коды ошибок, описание ошибок] (по умолчанию оба занчения null)
*/
function editComment($id)
{
$DB = new DB('master');
$blog = $_POST['blogID'];
$user = get_uid();
$IDEdit = $id;
//intval($this->uri[3]);
$alert = array();
$deleted_attach = $_POST['editattach'];
if ($deleted_attach) {
foreach ($deleted_attach as $key => $val) {
if ($val == 1) {
front::og("db")->delete("DELETE FROM corporative_blog_attach WHERE id = ?n", $key);
}
}
}
if (strlen($_POST['msg']) > blogs::MAX_DESC_CHARS) {
$error_flag = 1;
$alert[2] = "Максимальный размер сообщения " . blogs::MAX_DESC_CHARS . " символов!";
$msg =& $_POST['msg'];
} else {
$msg = $_POST['msg'];
$msg = preg_replace("/<ul.*>/Ui", "<ul>", $msg);
$msg = preg_replace("/<li.*>/Ui", "<li>", $msg);
$msg = change_q_x_a(antispam($msg), false, false);
}
$msg_name = substr(change_q_x(antispam($_POST['title']), true), 0, 96);
$yt_link = substr(change_q_x(antispam(str_replace('watch?v=', 'v/', $_POST['yt_link'])), true), 0, 128);
if ($yt_link != '') {
if (strpos($yt_link, 'http://ru.youtube.com/v/') !== 0 && strpos($yt_link, 'http://youtube.com/v/') !== 0 && strpos($yt_link, 'http://www.youtube.com/v/') !== 0) {
$error_flag = 1;
$alert[4] = "Неверная ссылка.";
}
}
if (is_empty_html($msg)) {
$msg = '';
}
// загрузка файлов
$attach = $_FILES['attach'];
if (is_array($attach) && sizeof($attach) <= 10) {
if (is_array($attach) && !empty($attach['name'])) {
foreach ($attach['name'] as $key => $v) {
if (!$attach['name'][$key]) {
continue;
}
$files[] = new CFile(array('name' => $attach['name'][$key], 'type' => $attach['type'][$key], 'tmp_name' => $attach['tmp_name'][$key], 'error' => $attach['error'][$key], 'size' => $attach['size'][$key]));
}
}
if ($group == 7) {
$max_image_size = array('width' => 400, 'height' => 600, 'less' => 0);
} else {
$max_image_size = array('width' => 470, 'height' => 1000, 'less' => 0);
}
list($files, $alert_, $error_flag___) = self::uploadFile($files, $max_image_size);
$error_flag = max($error_flag___, $error_flag);
if (is_array($alert_)) {
$alert = array_merge($alert, $alert_);
}
} else {
if (is_array($attach) && !empty($attach['name'])) {
$error_flag = 1;
$alert[2] = "Файлов не должно быть больше 10";
}
}
if (!$msg && !count($files)) {
$error_flag = 1;
$alert[2] = "Поле заполнено некорректно";
}
if (($msg || $files['f_name'][0]) && get_uid() && !$error_flag) {
$upd = array("title" => $msg_name, "yt_link" => $yt_link, "msg" => $msg, "id_modified" => get_uid(), "id_deleted" => 0, "date_change" => date("Y-m-d H:i:s"));
front::og("db")->update("UPDATE corporative_blog SET ?s WHERE (id = ?n)", $upd, $IDEdit);
if (is_array($files)) {
$asql = '';
for ($i = 0; $i < count($files['f_name']); $i++) {
if ($files['f_name'][$i]) {
$asql .= ", ({$IDEdit}, '{$files['f_name'][$i]}', '{$files['tn'][$i]}')";
}
}
if ($asql) {
$asql = substr($asql, 2);
}
}
if ($asql) {
$DB->query("INSERT INTO corporative_blog_attach(msg_id, \"name\", small) VALUES {$asql}");
}
$tags = $_POST['tags'];
if ($tags) {
$tags_arr = $tags;
//explode(",", $tags);
array_unique($tags_arr);
$this->tagsDelete($IDEdit);
$tg = tags::Add($tags_arr);
$this->tagsAdd($IDEdit, $tg);
}
}
front::og("tpl")->ederror_flag = $error_flag;
front::og("tpl")->edalert = $alert;
front::og("tpl")->edpost = array("blog" => $blog, "user" => $user, "parent" => $parent, "msg" => $msg, "title" => $msg_name, "yt_link" => $yt_link);
return array($error_flag, $error);
}
$cost_month = intval(str_replace(" ", "", $_POST['cost_month']) * 100) / 100;
$cost_type_hour = intval($_POST['cost_type_hour']);
$cost_type_month = intval($_POST['cost_type_month']);
$in_office = intval($_POST['in_office']) == 1 ? 't' : 'f';
$prefer_sbr = intval($_POST['prefer_sbr']) == 1 ? 't' : 'f';
// Разбиваем длинные слова.
setlocale(LC_ALL, 'ru_RU.CP1251');
$text = stripslashes(trim($_POST['ab_text']));
# $text = preg_replace("|[\s]+|", " ", $text);
$text = preg_replace("|[\t]+|", " ", $text);
$text = preg_replace("|[ ]+|", " ", $text);
$original_text = $text;
$cat_show = !empty($_POST['cat_show']) && (int) $_POST['cat_show'] > 0;
// Обрезаем.
$newlines = intval(substr_count($text, "\r"));
$text = antispam(change_q_x_a(substr($text, 0, $ab_text_max_length + $newlines), false, false, "b|i|p|ul|li{1}"));
/**
* Проверка значений.
*/
if (strlen($original_text) > $ab_text_max_length + $newlines) {
$error_serv .= ($error_serv == '' ? '' : '<br />') . 'Количество знаков превышает допустимое значение. Допустимо максимум ' . $ab_text_max_length . ' знаков для поля "Уточнения к услугам в портфолио"';
}
if ($exp < 0 || $exp > $max_exp_years) {
$error_serv .= ($error_serv == '' ? '' : '<br />') . 'Недопустимое значение. Опыт работы должен быть в пределе от 0 до ' . $max_exp_years . '.';
}
if ($cost_hour < 0 || $cost_hour > $max_cost_hour[$_POST['cost_type_hour']]) {
$error_serv .= ($error_serv == '' ? '' : '<br />') . 'Недопустимое значение. Стоимость часа работы должна быть в пределе ' . view_range_cost2(0, $max_cost_hour[$_POST['cost_type_hour']], '', '', false, $_POST['cost_type_hour'] . '.');
}
if ($cost_month < 0 || $cost_month > $max_cost_month[$_POST['cost_type_month']]) {
$error_serv .= ($error_serv == '' ? '' : '<br />') . 'Недопустимое значение. Стоимость месяца работы должна быть в пределе ' . view_range_cost2(0, $max_cost_month[$_POST['cost_type_month']], '', '', false, $_POST['cost_type_month']) . '.';
}
function saveAction()
{
$db = front::og("db");
$form = front::$_req["form"];
$id_comm = front::$_req["comment"];
$parent = front::$_req["parent"];
if (!$id_comm) {
$id_comm = false;
}
// global $session;
$validate_errors = array();
$save = array();
if (($str = trim($form['title'])) && mb_strlen($str) >= 3) {
$save['title'] = change_q_x_a(antispam($str), 0, 96);
} else {
$validate_errors['title'] = 'Заголовок короче 3 символов';
}
if (($str = trim($form['msg'])) && mb_strlen($str) >= 3) {
$save['msg'] = change_q_x_a(antispam($str), false, false);
} else {
$validate_errors['msg'] = 'Текст короче 3 символов';
}
if (strlen($form['msg']) > blogs::MAX_DESC_CHARS) {
$validate_errors['msg'] = "Максимальный размер сообщения " . blogs::MAX_DESC_CHARS . " символов!";
} else {
$save['msg'] = change_q_x_a(antispam($form['msg']), false, false);
}
$yt_link = substr(change_q_x(antispam(str_replace('watch?v=', 'v/', $form['yt_link'])), true), 0, 128);
if ($yt_link != '') {
if (strpos($yt_link, 'http://ru.youtube.com/v/') !== 0 && strpos($yt_link, 'http://youtube.com/v/') !== 0 && strpos($yt_link, 'http://www.youtube.com/v/') !== 0) {
$validate_errors['yt_link'] = "Неверная ссылка.";
}
}
if (sizeof($validate_errors) > 0) {
echo json_encode(array("success" => 0, "validate" => $validate_errors));
exit(1);
}
$save = front::toWin(array("title" => $form["title"], "msg" => $form["msg"], "yt_link" => $yt_link));
$id = intval($id = front::$_req["id"]);
if ($id_comm) {
// if($parent > 0) {
//
// } else {
$save["id_blog"] = $parent;
$save["id_reply"] = $id;
$save["id_user"] = get_uid();
$id = $db->insert("corporative_blog", $save);
// }
//if($id_comm && $id > 0) {
// $save["id_blog"] = $id;
// $save["id_reply"] = $id;
// }
} else {
if ($id > 0) {
$save["id_modified"] = get_uid();
$save["id_deleted"] = 0;
$save["date_change"] = date("Y-m-d H:i:s");
$aff = $db->update("UPDATE corporative_blog SET ?s WHERE (id = ?n)", $save, $id);
} else {
$save["id_user"] = get_uid();
$id = $db->insert("corporative_blog", $save);
}
}
if ($form["files_deleted"] != "") {
$form["files_deleted"] = preg_replace('/\\\\\\"/', '"', $form["files_deleted"]);
$filesBefore = json_decode($form["files_deleted"]);
$login = $_SESSION['login'];
foreach ($filesBefore as $file) {
if (!$file->db_id) {
continue;
}
front::og("db")->delete("DELETE FROM corporative_blog_attach WHERE id = ?n", $file->db_id);
}
}
if ($form["files"] != "") {
//$filesBefore = explode(";", $form["files"]);
// vardump($form["files"]);
$form["files"] = preg_replace('/\\\\\\"/', '"', $form["files"]);
$filesBefore = json_decode($form["files"]);
if ($group == 7) {
$max_image_size = array('width' => 400, 'height' => 600, 'less' => 0);
} else {
$max_image_size = array('width' => 470, 'height' => 1000, 'less' => 0);
}
$login = $_SESSION["login"];
if ($filesBefore) {
foreach ($filesBefore as $file) {
if (!$file->temp) {
continue;
}
$b_file = new CFile("temp/" . $file->id);
if ($b_file->id > 0) {
$b_file->Rename("users/" . substr($login, 0, 2) . "/" . $login . "/upload" . "/" . $file->id);
$ext = $b_file->getext();
if (in_array($ext, $GLOBALS['graf_array'])) {
$is_image = TRUE;
} else {
$is_image = FALSE;
}
$b_file->max_size = blogs::MAX_FILE_SIZE;
$b_file->proportional = 1;
if (!isNulArray($file->error)) {
// $error_flag = 1;
//print_r($file->error);
$alert[3] = "Один или несколько файлов не удовлетворяют условиям загрузки.";
// break;
} else {
if ($is_image && $ext != 'swf' && $ext != 'flv') {
if (!$b_file->image_size['width'] || !$b_file->image_size['height']) {
// $error_flag = 1;
$alert[3] = 'Невозможно уменьшить картинку';
break;
}
if (!$error_flag && ($b_file->image_size['width'] > $max_image_size['width'] || $b_file->image_size['height'] > $max_image_size['height'])) {
if (!$b_file->img_to_small("sm_" . $file->id, $max_image_size)) {
// $error_flag = 1;
$alert[3] = 'Невозможно уменьшить картинку.';
break;
} else {
$b_file->tn = 2;
$b_file->p_name = "sm_" . $file->id;
}
} else {
$b_file->tn = 1;
}
} else {
if ($ext == 'flv') {
$b_file->tn = 2;
} else {
$b_file->tn = 0;
}
}
if ($alert[3]) {
$validate_errors['files'] = $alert[3];
}
$files[] = $b_file;
}
}
}
}
}
//global $session;
if (is_array($files) && sizeof($files)) {
$asql = '';
foreach ($files as $file) {
//currval('corporative_blog_id_seq')
if ($file->name) {
$asql .= ", ({$id}, '{$file->name}', '{$file->tn}')";
}
}
if ($asql) {
$asql = substr($asql, 2);
}
}
//echo $asql;
if ($asql) {
pg_query(DBConnect(), "INSERT INTO corporative_blog_attach(msg_id, \"name\", small) VALUES {$asql}");
}
$htmlMode = front::$_req["htmlMode"];
if ($htmlMode == "inPostPage") {
front::og("tpl")->blog = front::og("db")->select("SELECT cb.*, u.login, u.uname, u.usurname, u.role, u.is_pro, u.is_pro_test, u.boss_rate FROM corporative_blog as cb, users as u WHERE cb.id = ? AND u.uid = cb.id_user;", $id)->fetchRow();
$attach_blog = front::og("db")->select("SELECT * FROM corporative_blog_attach WHERE msg_id = ?", $id)->fetchAll();
if ($attach_blog) {
front::og("tpl")->attach_blog = $attach_blog;
}
// front::og("tpl")->usbank = $usr;
// front::og("tpl")->comment = $comm;
//front::og("tpl")->blog = $blog;
$html = front::og("tpl")->fetch("my_corporative_post_item.tpl");
} elseif ($htmlMode == "normal") {
$blog = front::og("db")->select("SELECT * FROM corporative_blog WHERE id_blog = 0 AND (id_deleted IS NULL OR id_deleted = 0) AND id = ?n", $id)->fetchRow();
$bids = array($id => $id);
$uids = array($blog["id_user"] => $blog["id_user"]);
$comm = front::get_hash(front::og("db")->select("SELECT COUNT(id_blog) as count, id_blog FROM corporative_blog WHERE id_blog IN(?a) GROUP BY id_blog", $bids)->fetchAll(), "id_blog", "count");
$user = front::og("db")->select("SELECT uname, usurname, login, uid, role, is_pro, is_pro_test, boss_rate FROM users WHERE uid IN(?a)", $uids)->fetchAll();
//, "uid", "usname");
$cid[$blog['id']] = $blog['id'];
if ($cid) {
$attach = front::og("db")->select("SELECT * FROM corporative_blog_attach WHERE msg_id IN(?a)", $cid)->fetchAll();
}
if ($attach) {
foreach ($attach as $key => $val) {
$res_attach[$val['msg_id']][] = $val;
}
front::og("tpl")->attach = $res_attach;
}
foreach ($user as $k => $v) {
$usr[$v['uid']] = $v;
}
front::og("tpl")->usbank = $usr;
front::og("tpl")->comment = $comm;
front::og("tpl")->blog = $blog;
$html = front::og("tpl")->fetch("my_corporative_item.tpl");
}
echo json_encode(array("success" => true, "id" => $id, "html" => front::toUtf($html)));
}
/**
* Сохранение информации по конкретному разделу для конкретного фрилансера.
*
* @param integer $fid код фрилансера
* @param integer $prof_id код раздела
* @param float $cost_from стоимость от
* @param float $cost_to стоимость до
* @param float $cost_hour оценка стоимости часа работы
* @param integer $time_from срок в днях от
* @param integer $time_to срок в днях до
* @param string $text пояснительный текст к разделу
* @param integer $moduser_id UID изменяющего пользователя (админа). если null - то берется $fid
* @param string $modified_reason причина редактирования
* @return string текст ошибки или пустая строка
*/
function UpdateProfDesc($fid, $prof_id, $cost_from, $cost_to, $cost_hour, $cost_1000, $cost_type, $cost_type_hour, $time_type, $time_from, $time_to, $text, &$errorProfText, $moduser_id = null, $modified_reason = '')
{
global $DB;
$id = intval($fid);
$prof_id = intval($prof_id);
$cost_from = intval($cost_from * 100) / 100;
$cost_to = intval($cost_to * 100) / 100;
$cost_hour = intval($cost_hour * 100) / 100;
$cost_1000 = intval($cost_1000 * 100) / 100;
$cost_type = intval($cost_type);
$cost_type_hour = intval($cost_type_hour);
$time_type = intval($time_type);
if ($time_type < 0) {
$time_type = 0;
}
if ($time_type > 3) {
$time_type = 2;
}
$time_from = intval($time_from);
$time_to = intval($time_to);
$error = '';
$moduser_id = $moduser_id ? $moduser_id : $id;
if (isset($text) && $text != '') {
$text = trim(preg_replace_callback("|(\\w{70,})|", create_function('$matches', 'return wordwrap($matches[1], 64, " ", 1);'), $text));
// $text = preg_replace("|[\s]+|", " ", $text);
$text = preg_replace("|[\t]+|", " ", $text);
$text = preg_replace("|[ ]+|", " ", $text);
$text = stripslashes(change_q_x_a($text, false, false, "b|i|p|ul|li{1}"));
if (strlen($text) > 300) {
$error .= ($error == '' ? '' : '<br />') . 'Максимальная длина уточнения к разделу 300 символов';
$errorProfText = $text;
// нужен чтобы подставить в textarea
}
}
if ($text == '') {
$text = "NULL";
} else {
$text = "'" . $text . "'";
}
/**
* Проверка.
*/
switch ($cost_type) {
case 0:
// USD
if ($cost_1000 < 0 || $cost_1000 > PROF_COST_1000_USD) {
$error .= ($error == '' ? '' : '<br />') . 'Недопустимое значение. Стоимость 1000 знаков должна быть в пределе от 0 до ' . PROF_COST_1000_USD . ' $.';
}
break;
case 1:
// EU
if ($cost_1000 < 0 || $cost_1000 > PROF_COST_1000_EU) {
$error .= ($error == '' ? '' : '<br />') . 'Недопустимое значение. Стоимость 1000 знаков должна быть в пределе от 0 до ' . PROF_COST_1000_EU . ' евро.';
}
break;
case 2:
// RUB
if ($cost_1000 < 0 || $cost_1000 > PROF_COST_1000_RUB) {
$error .= ($error == '' ? '' : '<br />') . 'Недопустимое значение. Стоимость 1000 знаков должна быть в пределе от 0 до ' . PROF_COST_1000_RUB . ' рублей.';
}
break;
case 3:
// FM
if ($cost_1000 < 0 || $cost_1000 > PROF_COST_1000_FM) {
$error .= ($error == '' ? '' : '<br />') . 'Недопустимое значение. Стоимость 1000 знаков должна быть в пределе от 0 до ' . PROF_COST_1000_FM . ' FM.';
}
break;
}
switch ($cost_type_hour) {
case 0:
// USD
if ($cost_hour < 0 || $cost_hour > PROF_COST_HOUR_USD) {
$error .= ($error == '' ? '' : '<br />') . 'Недопустимое значение. Стоимость часа работы должна быть в пределе от 0 до ' . PROF_COST_HOUR_USD . ' $.';
}
break;
case 1:
// EU
if ($cost_hour < 0 || $cost_hour > PROF_COST_HOUR_EU) {
$error .= ($error == '' ? '' : '<br />') . 'Недопустимое значение. Стоимость часа работы должна быть в пределе от 0 до ' . PROF_COST_HOUR_EU . ' евро.';
}
break;
case 2:
// RUB
if ($cost_hour < 0 || $cost_hour > PROF_COST_HOUR_RUB) {
$error .= ($error == '' ? '' : '<br />') . 'Недопустимое значение. Стоимость часа работы должна быть в пределе от 0 до ' . PROF_COST_HOUR_RUB . ' рублей.';
}
break;
case 3:
// FM
if ($cost_hour < 0 || $cost_hour > PROF_COST_HOUR_FM) {
$error .= ($error == '' ? '' : '<br />') . 'Недопустимое значение. Стоимость часа работы должна быть в пределе от 0 до ' . PROF_COST_HOUR_FM . ' FM.';
}
break;
}
switch ($cost_type) {
case 0:
// USD
if ($cost_from < 0 || $cost_to > 100000 || $cost_from > 100000) {
$error .= ($error == '' ? '' : '<br />') . 'Недопустимое значение. Стоимость работ должна быть в пределе от 0 до ' . 100000 . ' $.';
}
break;
case 1:
// EU
if ($cost_from < 0 || $cost_to > 100000 || $cost_from > 100000) {
$error .= ($error == '' ? '' : '<br />') . 'Недопустимое значение. Стоимость работ должна быть в пределе от 0 до ' . 100000 . ' евро.';
}
break;
case 2:
// RUB
if ($cost_from < 0 || $cost_to > 5000000 || $cost_from > 5000000) {
$error .= ($error == '' ? '' : '<br />') . 'Недопустимое значение. Стоимость работ должна быть в пределе от 0 до ' . 5000000 . ' рублей.';
}
break;
case 3:
// FM
if ($cost_from < 0 || $cost_to > 100000 || $cost_from > 100000) {
$error .= ($error == '' ? '' : '<br />') . 'Недопустимое значение. Стоимость работ должна быть в пределе от 0 до ' . 100000 . ' FM.';
}
break;
}
if ($cost_from > 0 && $cost_to > 0 && $cost_to < $cost_from) {
$error .= ($error == '' ? '' : '<br />') . 'Недопустимое значение. Конечная стоимость не должна быть меньше начальной.';
}
if ($time_from < 0 || $time_from > PROF_TIME_FROM) {
$error .= ($error == '' ? '' : '<br />') . 'Недопустимое значение. Начальный срок должен быть в пределе от 0 до ' . PROF_TIME_FROM . '.';
}
if ($time_to < 0 || $time_to > PROF_TIME_TO) {
$error .= ($error == '' ? '' : '<br />') . 'Недопустимое значение. Конечный срок должен быть в пределе от 0 до ' . PROF_TIME_TO . '.';
}
if ($time_to < $time_from && $time_to > 0) {
$error .= ($error == '' ? '' : '<br />') . 'Недопустимое значение. Конечный срок не должен быть меньше начального.';
}
if ($prof_id && $id && $error == '') {
$sql .= "UPDATE portf_choise SET cost_from={$cost_from}, cost_to={$cost_to}, cost_hour={$cost_hour}, cost_1000={$cost_1000}, cost_type='{$cost_type}', cost_type_hour='{$cost_type_hour}', time_type={$time_type}, time_from={$time_from}, time_to={$time_to}, portf_text={$text}, moduser_id={$moduser_id}, modified = now(), modified_reason = '{$modified_reason}' WHERE (user_id='{$id}' AND prof_id='{$prof_id}'); ";
$DB->query($sql);
$error_db = pg_errormessage();
if ($error_db != '') {
$error .= ($error_serv == '' ? '' : '<br />') . 'Ошибка сохранения в БД.';
} elseif ($id && $prof_id) {
$sId = $DB->val("SELECT id FROM portf_choise_change WHERE user_id = ?i AND prof_id = ?i AND ucolumn = 'text';", $id, $prof_id);
if ($id == $moduser_id && !hasPermissions('users')) {
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/stop_words.php';
$stop_words = new stop_words();
$nStopWordsCnt = $stop_words->calculate($text);
// сам юзер
if (!$sId && !empty($text) && $text != "NULL") {
$nModeratorStatus = is_pro() ? -2 : 0;
$sId = $DB->val("INSERT INTO portf_choise_change (user_id, prof_id, ucolumn, stop_words_cnt, old_val, moderator_status) \n VALUES (?i, ?i, 'text', ?i, ?, ?i) RETURNING id", $id, $prof_id, $nStopWordsCnt, $text, $nModeratorStatus);
if ($nModeratorStatus == 0) {
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/user_content.php';
$DB->insert('moderation', array('rec_id' => $sId, 'rec_type' => user_content::MODER_PORTF_CHOISE, 'stop_words_cnt' => $nStopWordsCnt));
}
} else {
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/user_content.php';
if ($sId && !empty($text) && $text != "NULL") {
$DB->query('UPDATE portf_choise_change SET stop_words_cnt = ?i WHERE id = ?i', $nStopWordsCnt, $sId);
$DB->query('UPDATE moderation SET stream_id = NULL, stop_words_cnt = ?i WHERE rec_id = ?i AND rec_type = ?i', $nStopWordsCnt, $sId, user_content::MODER_PORTF_CHOISE);
} else {
$DB->query('DELETE FROM portf_choise_change WHERE id = ?i;
DELETE FROM moderation WHERE rec_id = ?i AND rec_type = ?i', $sId, $sId, user_content::MODER_PORTF_CHOISE);
}
}
} elseif (hasPermissions('users')) {
if ($sId) {
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/user_content.php';
$DB->query('DELETE FROM portf_choise_change WHERE id = ?i;
DELETE FROM moderation WHERE rec_id = ?i AND rec_type = ?i', $sId, $sId, user_content::MODER_PORTF_CHOISE);
}
}
}
}
if ($error != '') {
$error = 'Данные не сохранены<br /><br />' . $error;
}
return $error;
}
public function saveAction()
{
$db = front::og('db');
$form = front::$_req['form'];
$id_comm = front::$_req['comment'];
$parent = front::$_req['parent'];
if (!$id_comm) {
$id_comm = false;
}
// global $session;
$validate_errors = array();
$save = array();
if (($str = trim($form['title'])) && mb_strlen($str) >= 3) {
$save['title'] = change_q_x_a(antispam($str), 0, 96);
} else {
$validate_errors['title'] = 'Заголовок короче 3 символов';
}
if (($str = trim($form['msg'])) && mb_strlen($str) >= 3) {
$save['msg'] = change_q_x_a(antispam($str), false, false);
} else {
$validate_errors['msg'] = 'Текст короче 3 символов';
}
if (strlen($form['msg']) > blogs::MAX_DESC_CHARS) {
$validate_errors['msg'] = 'Максимальный размер сообщения ' . blogs::MAX_DESC_CHARS . ' символов!';
} else {
$save['msg'] = change_q_x_a(antispam($form['msg']), false, false);
}
$yt_link = substr(change_q_x(antispam(str_replace('watch?v=', 'v/', $form['yt_link'])), true), 0, 128);
if ($yt_link != '') {
if (strpos($yt_link, 'http://ru.youtube.com/v/') !== 0 && strpos($yt_link, 'http://youtube.com/v/') !== 0 && strpos($yt_link, 'http://www.youtube.com/v/') !== 0) {
$validate_errors['yt_link'] = 'Неверная ссылка.';
}
}
if (sizeof($validate_errors) > 0) {
echo json_encode(array('success' => 0, 'validate' => $validate_errors));
exit(1);
}
$save = front::toWin(array('title' => $form['title'], 'msg' => $form['msg'], 'yt_link' => $yt_link));
$id = intval($id = front::$_req['id']);
if ($id_comm) {
// if($parent > 0) {
//
// } else {
$save['id_blog'] = $parent;
$save['id_reply'] = $id;
$save['id_user'] = get_uid();
$id = $db->insert('corporative_blog', $save);
// }
//if($id_comm && $id > 0) {
// $save["id_blog"] = $id;
// $save["id_reply"] = $id;
// }
} else {
if ($id > 0) {
$save['id_modified'] = get_uid();
$save['id_deleted'] = 0;
$save['date_change'] = date('Y-m-d H:i:s');
$aff = $db->update('UPDATE corporative_blog SET ?s WHERE (id = ?n)', $save, $id);
} else {
$save['id_user'] = get_uid();
$id = $db->insert('corporative_blog', $save);
}
}
if ($form['files_deleted'] != '') {
$form['files_deleted'] = preg_replace('/\\\\\\"/', '"', $form['files_deleted']);
$filesBefore = json_decode($form['files_deleted']);
$login = $_SESSION['login'];
foreach ($filesBefore as $file) {
if (!$file->db_id) {
continue;
}
front::og('db')->delete('DELETE FROM corporative_blog_attach WHERE id = ?n', $file->db_id);
}
}
if ($form['files'] != '') {
//$filesBefore = explode(";", $form["files"]);
// vardump($form["files"]);
$form['files'] = preg_replace('/\\\\\\"/', '"', $form['files']);
$filesBefore = json_decode($form['files']);
if ($group == 7) {
$max_image_size = array('width' => 400, 'height' => 600, 'less' => 0);
} else {
$max_image_size = array('width' => 470, 'height' => 1000, 'less' => 0);
}
$login = $_SESSION['login'];
if ($filesBefore) {
foreach ($filesBefore as $file) {
if (!$file->temp) {
continue;
}
$b_file = new CFile('temp/' . $file->id);
if ($b_file->id > 0) {
$b_file->Rename('users/' . substr($login, 0, 2) . '/' . $login . '/upload' . '/' . $file->id);
$ext = $b_file->getext();
if (in_array($ext, $GLOBALS['graf_array'])) {
$is_image = true;
} else {
$is_image = false;
}
$b_file->max_size = blogs::MAX_FILE_SIZE;
$b_file->proportional = 1;
if (!isNulArray($file->error)) {
// $error_flag = 1;
//print_r($file->error);
$alert[3] = 'Один или несколько файлов не удовлетворяют условиям загрузки.';
// break;
} else {
if ($is_image && $ext != 'swf' && $ext != 'flv') {
if (!$b_file->image_size['width'] || !$b_file->image_size['height']) {
// $error_flag = 1;
$alert[3] = 'Невозможно уменьшить картинку';
break;
}
if (!$error_flag && ($b_file->image_size['width'] > $max_image_size['width'] || $b_file->image_size['height'] > $max_image_size['height'])) {
if (!$b_file->img_to_small('sm_' . $file->id, $max_image_size)) {
// $error_flag = 1;
$alert[3] = 'Невозможно уменьшить картинку.';
break;
} else {
$b_file->tn = 2;
$b_file->p_name = 'sm_' . $file->id;
}
} else {
$b_file->tn = 1;
}
} elseif ($ext == 'flv') {
$b_file->tn = 2;
} else {
$b_file->tn = 0;
}
if ($alert[3]) {
$validate_errors['files'] = $alert[3];
}
$files[] = $b_file;
}
}
}
}
}
//global $session;
if (is_array($files) && sizeof($files)) {
$asql = '';
foreach ($files as $file) {
//currval('corporative_blog_id_seq')
if ($file->name) {
$asql .= ", ({$id}, '{$file->name}', '{$file->tn}')";
}
}
if ($asql) {
$asql = substr($asql, 2);
}
}
//echo $asql;
if ($asql) {
pg_query(DBConnect(), "INSERT INTO corporative_blog_attach(msg_id, \"name\", small) VALUES {$asql}");
}
$htmlMode = front::$_req['htmlMode'];
if ($htmlMode == 'inPostPage') {
front::og('tpl')->blog = front::og('db')->select('SELECT cb.*, u.login, u.uname, u.usurname, u.role, u.is_pro, u.is_pro_test, u.boss_rate FROM corporative_blog as cb, users as u WHERE cb.id = ? AND u.uid = cb.id_user;', $id)->fetchRow();
$attach_blog = front::og('db')->select('SELECT * FROM corporative_blog_attach WHERE msg_id = ?', $id)->fetchAll();
if ($attach_blog) {
front::og('tpl')->attach_blog = $attach_blog;
}
// front::og("tpl")->usbank = $usr;
// front::og("tpl")->comment = $comm;
//front::og("tpl")->blog = $blog;
$html = front::og('tpl')->fetch('my_corporative_post_item.tpl');
} elseif ($htmlMode == 'normal') {
$blog = front::og('db')->select('SELECT * FROM corporative_blog WHERE id_blog = 0 AND (id_deleted IS NULL OR id_deleted = 0) AND id = ?n', $id)->fetchRow();
$bids = array($id => $id);
$uids = array($blog['id_user'] => $blog['id_user']);
$comm = front::get_hash(front::og('db')->select('SELECT COUNT(id_blog) as count, id_blog FROM corporative_blog WHERE id_blog IN(?a) GROUP BY id_blog', $bids)->fetchAll(), 'id_blog', 'count');
$user = front::og('db')->select('SELECT uname, usurname, login, uid, role, is_pro, is_pro_test, boss_rate FROM users WHERE uid IN(?a)', $uids)->fetchAll();
//, "uid", "usname");
$cid[$blog['id']] = $blog['id'];
if ($cid) {
$attach = front::og('db')->select('SELECT * FROM corporative_blog_attach WHERE msg_id IN(?a)', $cid)->fetchAll();
}
if ($attach) {
foreach ($attach as $key => $val) {
$res_attach[$val['msg_id']][] = $val;
}
front::og('tpl')->attach = $res_attach;
}
foreach ($user as $k => $v) {
$usr[$v['uid']] = $v;
}
front::og('tpl')->usbank = $usr;
front::og('tpl')->comment = $comm;
front::og('tpl')->blog = $blog;
$html = front::og('tpl')->fetch('my_corporative_item.tpl');
}
echo json_encode(array('success' => true, 'id' => $id, 'html' => front::toUtf($html)));
}
