function edit($s) { $_SESSION['last_commercial_id'] = (isset($_SESSION['last_commercial_id'])) ? $_SESSION['last_commercial_id'] : -1; $id = intval($_REQUEST['id']); $commercial = new Commercial(); $commercial->getFull($id); if ($commercial->tenement_id > 0) $commercial->number = $commercial->tnum; //загрузка дома if (empty($_POST) && $commercial->id>0) { if (isset($_SESSION["admin"])) $_SESSION['last_commercial_id'] = $id; if ($id!=$_SESSION['last_commercial_id'] && !$_SESSION['user_id'] && !$_SESSION["admin"]) { header("Location: /index.html"); exit(); } if (isset($_SESSION['user_id']) && $commercial->user_id != $_SESSION['user_id'] && !$_SESSION["admin"] && $id!=$_SESSION['last_commercial_id']) { header("Location: /index.html"); exit(); } $block_html = Html::pageCommercialEdit($commercial); $s->assign("YANDEX_KEY",YANDEX_KEY); $s->assign("city_id",$commercial->city_id); $s->assign("city",$commercial->city); $s->assign("street_id",$commercial->street_id); if (!$commercial->tenement_id) $commercial->street = $commercial->street_name; $s->assign("street",$commercial->street); if (isset($_SESSION['admin'])) $s->assign("is_admin",$_SESSION['admin']); $s->assign("block_html",$block_html); $s->display("commercial_add.tpl"); } //обновление elseif (isset($_POST) && $_REQUEST['id']>0) { $commercial = new Commercial(); $errors = $commercial->checkForm($_REQUEST); $id = intval($_REQUEST['id']); if ($id!=$_SESSION['last_commercial_id'] && !$_SESSION['user_id'] && !$_SESSION["admin"]) { header("Location: /index.html"); exit(); } //Дом уже есть в бд if (isset($_POST['tenement_id']) && $_POST['tenement_id']>0) { $tenement_id = intval($_POST['tenement_id']); $tenement = new Tenement(); $tenement->find($tenement_id); if (!$tenement->id) { echo "Дом не найден"; exit(); } } if (!isset($_SESSION['user_id'])) { $commercial->getFull($id); } else { $commercial->getFull($id,"h.user_id='{$_SESSION['user_id']}'"); if ($commercial->user_id != $_SESSION['user_id'] && !$_SESSION["admin"] && $id!=$_SESSION['last_commercial_id']) { header("Location: /index.html"); exit(); } } if (!isset($errors['is_error']) && $commercial->id > 0) { $commercial->update($_POST); //добавляем новые фото if (isset($_POST['photo_commercial']) && is_array($_POST['photo_commercial'])) { $photo_commercial_path = $commercial->getPhotoPath(); if (!is_dir($photo_commercial_path)) { mkdir($photo_commercial_path,0777); chmod($photo_commercial_path,0777); } foreach ($_POST['photo_commercial'] as $fname) { $fname = clearTextData($fname); if ($fname!='') $commercial->addPhoto($fname,$_POST); } } //редактируем существующие фото if (isset($_POST['photo_'.COMMERCIAL.'_exist']) && is_array($_POST['photo_'.COMMERCIAL.'_exist'])) { $photo_commercial_path = $commercial->getPhotoPath(); if (!is_dir($photo_commercial_path)) { mkdir($photo_commercial_path,0777); chmod($photo_commercial_path,0777); } foreach ($_POST['photo_'.COMMERCIAL.'_exist'] as $fname) { $fname = clearTextData($fname); if ($fname!='') $commercial->editPhoto($fname,$_POST); } } header("Location: /commercial.html?action=view&id=".$commercial->id); exit(); } else { echo "error"; $id = intval($_REQUEST['id']); $commercial->getFull($id); $block_html = Html::pageCommercialEdit($commercial,$errors); $s->assign("YANDEX_KEY",YANDEX_KEY); $s->assign("is_admin",$_SESSION['admin']); $s->assign("block_html",$block_html); $s->display("commercial_edit.tpl"); } } else { echo "error"; } }