function like()
{
$event_id = (int) $_POST['ids'];
$plus = $_POST['plus'] === 'true';
if ($event_id > 0) {
if (CurrentUser::$id) {
if ($plus) {
Badges::progressAction(CurrentUser::$id, Badges::ACTION_TYPE_LIKE);
Database::query('INSERT INTO `event_likes` SET user_id=' . CurrentUser::$id . ', event_id=' . $event_id . ', `time`=' . time() . '
ON DUPLICATE KEY UPDATE `time`=' . time());
} else {
Database::query('DELETE FROM `event_likes` WHERE user_id=' . CurrentUser::$id . ' AND event_id=' . $event_id);
}
}
}
}
function addEventComment()
{
$parent_id = isset($_POST['parent_id']) ? (int) $_POST['parent_id'] : 0;
$event_id = (int) $_POST['object_id'];
$object_type = Config::COMMENT_OBJECT_ALBUM_EVENT;
$user_id = CurrentUser::$id;
$text = htmlspecialchars($_POST['text']);
if ($user_id && $event_id && trim($text)) {
$album_id = (int) Database::sql2single('SELECT album_id FROM album_events WHERE `id`=' . $event_id);
if (!$parent_id) {
Database::query('INSERT INTO `comments` SET
`parent_id`=' . $parent_id . ',
`object_type`=' . $object_type . ',
`object_id`=' . $event_id . ',
`user_id`=' . $user_id . ',
`time`=' . time() . ',
`text`=' . Database::escape($text));
header('Location: /album/' . $album_id . '/event/' . $event_id . '#comment-' . Database::lastInsertId());
} else {
// parent
$thread = Database::sql2single('SELECT `thread` FROM `comments` WHERE `id`=' . $parent_id);
$thread = $thread ? $thread : $parent_id;
Database::query('INSERT INTO `comments` SET
`parent_id`=' . $parent_id . ',
`object_type`=' . $object_type . ',
`object_id`=' . $event_id . ',
`user_id`=' . $user_id . ',
`thread`=' . $thread . ',
`time`=' . time() . ',
`text`=' . Database::escape($text));
header('Location: /album/' . $album_id . '/event/' . $event_id . '#comment-' . Database::lastInsertId());
}
Database::query('UPDATE `album_events` SET `comments_count` =
(SELECT COUNT(1) FROM `comments` WHERE `object_type`=' . Config::COMMENT_OBJECT_ALBUM_EVENT . ' AND `object_id`=' . $event_id . ') WHERE `id`=' . $event_id);
$owner_id = (int) Database::sql2single('SELECT `creator_id` FROM album_events WHERE `id`=' . $event_id);
if ($owner_id !== CurrentUser::$id) {
Badges::progressAction($user_id, Badges::ACTION_TYPE_COMMENT);
Badges::progressAction($owner_id, Badges::ACTION_TYPE_COMMENTED);
}
}
}
function register()
{
$error = array();
if (!valid_email_address($_POST['email'])) {
$error['email'] = 'неправильный E-mail';
}
if (!trim($_POST['password'])) {
$error['password'] = '******';
}
if (!isset($_POST['agree'])) {
$error['agree'] = 'Примите условия пользовательского соглашения';
}
if (count($error)) {
Site::passWrite('error_register', $error);
return;
} else {
try {
$fields = array();
$data['email'] = strtolower(trim($_POST['email']));
$data['nickname'] = $this->getUniqueNickname(strtolower(trim($_POST['nickname'])), $_POST['email']);
$data['password'] = md5(trim($_POST['password']));
$data['registerTime'] = $data['lastAccessTime'] = time();
$data['role'] = User::ROLE_UNVERIFIED;
$data['hash'] = md5(time() . '-' . rand(1, 10));
foreach ($data as $f => $v) {
$fields[] = '`' . $f . '`=' . Database::escape($v);
}
Database::query('INSERT INTO `user` SET ' . implode(',', $fields));
$uid = Database::lastInsertId();
try {
Site::passWrite('success', true);
} catch (Exception $e) {
$error['email'] = $e->getMessage();
Site::passWrite('error_register', $error);
return;
}
$this->sendRegisterEmail($data['email'], '', $uid . '-' . $data['hash']);
Badges::progressAction($uid, Badges::ACTION_TYPE_REGISTER);
} catch (Exception $e) {
$error['email'] = 'E-mail уже используется, укажите другой';
Site::passWrite('error_register', $error);
return;
}
CurrentUser::set_cookie($uid);
}
}
function editEvent()
{
$error = array();
$album_id = (int) $_POST['album_id'];
if (isset($_POST['id'])) {
$event_id = max(0, (int) $_POST['id']);
$template_id = Database::sql2single('SELECT `template_id` FROM `album_events` AE
JOIN `lib_events` LE ON LE.id=AE.event_id WHERE AE.`id`=' . $event_id);
} else {
if (isset($_POST['template_id'])) {
$template_id = max(0, (int) $_POST['template_id']);
}
}
$event_event_id = 0;
if (isset($_POST['event_id'])) {
$template_id = Database::sql2single('SELECT `template_id` FROM `lib_events` LE
WHERE LE.`id`=' . (int) $_POST['event_id']);
$event_event_id = (int) $_POST['event_id'];
}
if (!$template_id) {
$template_id = 1;
}
$q = $q_ = array();
Database::query('START TRANSACTION');
if (!$event_id) {
$event_data = Database::sql2row('SELECT * FROM `lib_events` WHERE `id`=' . (int) $event_event_id);
if (isset($event_data['multiple']) && !$event_data['multiple']) {
// несколько раз нельзя
$exists = Database::sql2single('SELECT `id` FROM `album_events` WHERE `album_id`=' . $album_id . ' AND `event_id`=' . $event_data['id']);
if ($exists) {
throw new Exception('У Вас уже есть такое событие, и добавлять несколько копий этого события бессмысленно');
}
}
$query = 'INSERT INTO `album_events` SET id=NULL,createTime=' . time() . '';
Badges::progressAction(CurrentUser::$id, Badges::ACTION_TYPE_ADD_EVENT);
if ($template_id > 1) {
Badges::progressAction(CurrentUser::$id, Badges::ACTION_TYPE_ADD_THEMED_EVENT);
}
Database::query($query);
$event_id = Database::lastInsertId();
} else {
$check = Database::sql2single('SELECT `creator_id` FROM `album_events` WHERE `album_id`=' . $album_id . ' AND `id`=' . $event_id);
if ((int) $check !== (int) CurrentUser::$id) {
throw new Exception('It is not your event ' . $check . ' ' . CurrentUser::$id);
}
}
$template_fields = $this->getTemplateFields($template_id);
foreach ($template_fields as $eventName => $field) {
if (!isset($_POST[$eventName]) || !trim($_POST[$eventName])) {
if ($field['important'] && $field['type'] != 'photo') {
$error[$eventName] = 'Обязательно к заполнению';
}
if ($field['important'] && $field['type'] == 'photo') {
if (!isset($_FILES[$eventName])) {
$error[$eventName] = 'Обязательно к заполнению';
}
}
}
if ($field['type'] != 'photo') {
switch ($field['type']) {
case 'eventTitle':
$q_[] = '`title`=' . Database::escape(htmlspecialchars(trim($_POST[$eventName])));
$q[] = '(' . $event_id . ',' . $field['field_id'] . ',NULL,' . Database::escape(trim($_POST[$eventName])) . ',NULL)';
break;
case 'eventTime':
$_POST[$eventName] = date('Y-m-d H:i:s', strtotime($_POST[$eventName]));
$q_[] = '`eventTime`=' . Database::escape(htmlspecialchars(trim($_POST[$eventName])));
$q[] = '(' . $event_id . ',' . $field['field_id'] . ',NULL,' . Database::escape(trim($_POST[$eventName])) . ',NULL)';
break;
case 'description':
$q_[] = '`description`=' . Database::escape(htmlspecialchars(trim($_POST[$eventName])));
$q[] = '(' . $event_id . ',' . $field['field_id'] . ',NULL,NULL,' . Database::escape(trim($_POST[$eventName])) . ')';
break;
case 'height':
case 'eyecolor':
$q[] = '(' . $event_id . ',' . $field['field_id'] . ',' . Database::escape(trim($_POST[$eventName])) . ',NULL,NULL)';
break;
case 'weight':
$v = $_POST[$eventName] * 1000 / 1000;
if ($v > 200) {
$v = $v / 1000;
}
$q[] = '(' . $event_id . ',' . $field['field_id'] . ',' . Database::escape(trim($v)) . ',NULL,NULL)';
break;
default:
$q[] = '(' . $event_id . ',' . $field['field_id'] . ',NULL,' . Database::escape(trim($_POST[$eventName])) . ',NULL)';
break;
}
}
}
if (count($error)) {
Site::passWrite('error_', $error);
Site::passWrite('value', $_POST);
Database::query('ROLLBACK');
return false;
}
Database::query('COMMIT');
if (count($q)) {
$query = 'REPLACE INTO `album_events_fields`(event_id,field_id,value_int,value_varchar,value_text) VALUES ' . implode(',', $q);
Database::query($query);
}
if (count($q_)) {
$query = 'INSERT INTO `album_events` SET
`createTime`=' . time() . ',
`id`=' . ($event_id ? $event_id : 'NULL') . ',
`event_id`=' . $event_event_id . ',
`album_id`=' . $album_id . ',
`creator_id`=' . CurrentUser::$id . ',
' . implode(',', $q_) . '
ON DUPLICATE KEY UPDATE
`id`=' . ($event_id ? $event_id : 'NULL') . ',
`event_id`=' . $event_event_id . ',
`album_id`=' . $album_id . ',
`creator_id`=' . CurrentUser::$id . ',
' . implode(',', $q_) . '
';
Database::query($query);
$event_id = $event_id ? $event_id : Database::lastInsertId();
}
if (isset($_FILES['photo']) && $_FILES['photo']['tmp_name']) {
if (!$_FILES['photo']['error']) {
$old_image_id = Database::sql2single('SELECT `picture` FROM `album_events` WHERE `id`=' . $event_id);
$result = ImgStore::upload($_FILES['photo']['tmp_name'], Config::$sizes[Config::T_SIZE_PICTURE]);
Database::query('UPDATE `album_events` SET `picture`=' . $result . ' WHERE `id`=' . $event_id);
if ($old_image_id) {
Database::query('UPDATE `images` SET `deleted`=1 WHERE `image_id`=' . $old_image_id);
}
Badges::progressAction(CurrentUser::$id, Badges::ACTION_TYPE_ADD_PHOTO);
} else {
$error['photo'] = 'Недопустимый формат файла';
Site::passWrite('error_', $error);
Site::passWrite('value', $_POST);
return false;
}
}
if (isset($_FILES['photo']) && $_FILES['photo']['error'] != 4 && $_FILES['photo']['error']) {
$error['photo'] = 'Недопустимый формат файла';
Site::passWrite('error_', $error);
Site::passWrite('value', $_POST);
return false;
}
header('Location: /album/' . $album_id . '/event/' . $event_id);
}
