public function likeAction($id) { $article = new Articles($this->context, $id); if (!isset($article->ID) || $article->ID == null) { $error = 'Статьи не существует.'; } elseif ($article->IsActive != '1') { $error = 'Статья в черновике.'; } else { $userid = GetUserID(); $UnknownUserGUID = GetUnknownUserGUID(); $query = "INSERT INTO ArticleLikes (UserID, ArticleID, UnknownUserGUID) " . "VALUES ({$userid}, {$article->ID}, '{$UnknownUserGUID}');"; $this->db->exec($query); die(1); } die(json_encode(array('error' => $error))); }
} if (empty($ErrorText)) { if (!isset($_SESSION['auth']) || empty($_SESSION['auth']['firstname'])) { $UserName = strip_tags(POSTStrAsSQLStr('UserNameEdt')); } else { $UserName = $_SESSION['auth']['firstname']; } unset($_POST['ajax_AddCommentBtn']); unset($_POST['UserNameEdt']); unset($_POST['CommentEdt']); if (isset($_SESSION['auth'])) { $vUserID = $_SESSION['auth']['id']; $vUnknownUserGUID = ""; } else { $vUserID = "0"; $vUnknownUserGUID = (string) GetUnknownUserGUID(); } $sql = "select ID " . "from CatalogComments " . "where (CatalogItemID = {$id}) " . "and (UnknownUserGUID = '{$vUnknownUserGUID}') " . "and (UserID = {$vUserID}) " . "and (Text = '{$Comment}');"; $rec = GetMainConnection()->query($sql)->fetch(); if (empty($rec['ID'])) { $sql = "insert into CatalogComments(CatalogItemID, UserID, UnknownUserGUID, CreateDate, UserName, Text) " . "values({$id}, {$vUserID}, '{$vUnknownUserGUID}', '" . GetLocalDateTimeAsSQLStr() . "', '{$UserName}', '{$Comment}');"; GetMainConnection()->exec($sql); } else { $ErrorText = 'Такой отзыв уже существует.'; } } // Формат ответа: 1 позиция текст ошибки, 2 позиция кол-во комментов, 3-html для перезаполнения таблицы комментов if (empty($ErrorText)) { $sql = "select CreateDate, UserID, UserName, Text " . "from CatalogComments " . "where (CatalogItemID = {$id}) " . "and (IsDeleted = 0) " . "order by CreateDate desc;"; $Comments = GetMainConnection()->query($sql)->fetchAll(); echo '||' . count($Comments) . '||' . GetCatalogCommentsHTML($Comments);
public function contactusAction() { $email = Tools::getValue('email'); $name = Tools::getValue('name'); $subject = Tools::getValue('subject'); $question = Tools::getValue('question'); if (empty($name)) { $name = $email; } if (Tools::isPost()) { if (isset($_SESSION['auth'])) { $vUserID = $_SESSION['auth']['id']; $vUnknownUserGUID = "null"; } else { $vUserID = "null"; $vUnknownUserGUID = "'" . (string) GetUnknownUserGUID() . "'"; } $RecordID = DBInsertRecord($this->db, "ContactUs"); $sql = "update ContactUs " . "set StateID = 1, " . "UserID = {$vUserID}, " . "UnknownUserGUID = {$vUnknownUserGUID}, " . "CreateDate = '" . GetLocalDateTimeAsSQLStr() . "', " . "UserName = '******', " . "UserEmail = '{$email}', " . "MessageSubject = '{$subject}', " . "MessageText = '{$question}' " . "where (ID = {$RecordID});"; $this->db->exec($sql); $content = array('title' => $subject, 'template' => 'contactus', 'data' => array('[year]' => date("Y", time()), '[name]' => $name, '[email]' => $email, '[question]' => $question, '[ticketlink]' => URL . "admincp/index.php?mod=ContactUsItem&id=" . $RecordID)); //$vSendResult = Mailer::send('*****@*****.**', $content, $subject, null, $email); $vSendResult = SendEmailSMTP($email, $name, '*****@*****.**', $content, null, SMTP_CC); if ($vSendResult !== true) { return AddAlertMessage('danger', 'Ошибка при отправке письма!', '/'); } else { return AddAlertMessage('success', 'Ваше сообщение было отправлено!', '/'); } } $this->view->breadcrumbs = array(array('url' => '/auth/contactus', 'title' => 'Свяжитесь с нами')); $this->view->meta = array('meta_title' => 'Свяжитесь с нами', 'meta_description' => 'Свяжитесь с нами', 'meta_keywords' => ''); $this->view->generate(); }
<?php try { ini_set('display_errors', 1); error_reporting(E_ALL & ~E_NOTICE); session_start(); define('PATH_SITE_ROOT', __DIR__ . '/'); require_once 'config.php'; require_once 'connection.php'; require_once 'core/global.php'; InitDebugLog(); GetUnknownUserGUID(); // Создание GUID для каждого пользователя и сохранение его в cookies (для идентификации незалогинившихся пользователей) $context = new stdClass(); $path = explode('/', GetURLPath()); if (!empty($path[1]) && strtolower($path[1]) == 'index.php') { array_splice($path, 1, 1); } //AddDebugLog('Start block 1'); // Основная база данных проекта $context->db = GetMainConnection(); //AddDebugLog('Start block 2'); // Register files require_once DIR_CORE . 'Model.php'; require_once DIR_CORE . 'View.php'; require_once DIR_CORE . 'Controller.php'; require_once DIR_CORE . 'Tools.php'; //AddDebugLog('Start block 3'); /*if (DIR_MODELS != null && is_dir(DIR_MODELS)) { $dir = opendir(DIR_MODELS);
public function itemAction($id = null) { if (empty($id)) { return AddAlertMessage('danger', 'Организации не существует.', '/'); } $CanSubmit = CanSubmit_CheckTokenForPreventDoubleSubmit(); $ActiveTab = "uslugi"; /*if (($CanSubmit == true) && (filter_input(INPUT_POST, 'AddCommentBtn') !== NULL)) { $ActiveTab = "comments"; $MsgUserName = POSTStrAsSQLStr('MsgUserName'); $MsgText = POSTStrAsSQLStr('MsgText'); unset($_POST['AddCommentBtn']); unset($_POST['MsgUserName']); unset($_POST['MsgText']); if (!empty($MsgUserName) && !empty($MsgText)) { if (isset($_SESSION['auth'])) { $vUserID = $_SESSION['auth']['id']; $vUnknownUserGUID = "null"; } else { $vUserID = "null"; $vUnknownUserGUID = "'".(string)GetUnknownUserGUID()."'"; } $sql = "insert into CatalogComments(CatalogItemID, UserID, UnknownUserGUID, CreateDate, UserName, Text) ". "values($id, $vUserID, $vUnknownUserGUID, '".GetLocalDateTimeAsSQLStr()."', '$MsgUserName', '$MsgText');"; $this->db->exec($sql); } }*/ if ($CanSubmit == true && filter_input(INPUT_POST, 'AddRaitingBtn') !== NULL) { $ActiveTab = "raiting"; $Rating1 = POSTStrAsSQLStr('uslovjEdt'); $Rating2 = POSTStrAsSQLStr('personalEdt'); $Rating3 = POSTStrAsSQLStr('uvagaEdt'); unset($_POST['AddRaitingBtn']); unset($_POST['uslovjEdt']); unset($_POST['personalEdt']); unset($_POST['uvagaEdt']); if (isset($_SESSION['auth'])) { $vUserIDForIns = $_SESSION['auth']['id']; $vUnknownUserGUIDForIns = "null"; $vUserID = "=" . $_SESSION['auth']['id']; $vUnknownUserGUID = "is null"; } else { $vUserIDForIns = "null"; $vUnknownUserGUIDForIns = "'" . (string) GetUnknownUserGUID() . "'"; $vUserID = "is null"; $vUnknownUserGUID = "='" . (string) GetUnknownUserGUID() . "'"; } $sql = "insert into CatalogRatings(CatalogItemID, UserID, UnknownUserGUID, Rating1, Rating2, Rating3) " . "select * from (select {$id} as C1, {$vUserIDForIns} as C2, {$vUnknownUserGUIDForIns} as C3, {$Rating1} as C4, {$Rating2} as C5, {$Rating3} as C6) AS tmp " . "where not exists ( " . "select ID " . "from CatalogRatings " . "where (CatalogItemID = {$id}) " . "and (UserID {$vUserID}) " . "and (UnknownUserGUID {$vUnknownUserGUID}) " . ") limit 1;"; $this->db->exec($sql); } $sql = "select CI.ID, CI.id_pod_cat, CI.name, L.ShortName as LocalityName, CONCAT_WS(', ', L.Name, CI.adress) as FullAddress, CI.adress, CI.foto, CI.kont_tell, " . "CI.site_url, CP.name as SubCategoryName, CI.MetaKeywords, (CI.Rating1+CI.Rating2+CI.Rating3)/3 as TotalRating, " . "CI.Rating1, CI.Rating2, CI.Rating3, CI.CountRatings, CI.uslugi, CI.MapX, CI.MapY, L.RegionName, L.LocalityName as OriginalLocalityName " . "from Catalog_item as CI " . "left outer join view_LocalitiesWithRegion as L on ((CI.LocalityID = L.ID) and (CI.RegionID = L.RegionID)) " . "left outer join Catalog_pod as CP on (CI.id_pod_cat = CP.ID) " . "where CI.ID = {$id} " . "and CI.IsDeleted = 0"; $item = $this->db->query($sql)->fetch(); $sql = "select PI.foto, CONCAT_WS(' ', PI.famil, PI.name, PI.othestvo) as Name, PP.Name as JobTitleName, PI.tell_kont, PI.rabot_graf " . "from Personal_item as PI " . "left outer join Personal_pod as PP on (PI.id_pod_cat = PP.ID) " . "where (PI.CatalogItemID = {$id}) " . "and (PI.IsDeleted = 0) " . "order by PI.famil, PI.name, PI.othestvo;"; $personal = $this->db->query($sql)->fetchAll(); $sql = "select Photo " . "from Catalog_item_images " . "where (CatalogItemID = {$id}) " . "order by ID;"; $photos = $this->db->query($sql)->fetchAll(); $sql = "select CreateDate, UserID, UserName, Text " . "from CatalogComments " . "where (CatalogItemID = {$id}) " . "and (IsDeleted = 0) " . "order by CreateDate desc;"; $comments = $this->db->query($sql)->fetchAll(); if (isset($_SESSION['auth'])) { $vUserID = "=" . $_SESSION['auth']['id']; $vUnknownUserGUID = "is null"; } else { $vUserID = "is null"; $vUnknownUserGUID = "='" . (string) GetUnknownUserGUID() . "'"; } $sql = "select ID " . "from CatalogRatings " . "where (CatalogItemID = {$id}) " . "and (UserID {$vUserID}) " . "and (UnknownUserGUID {$vUnknownUserGUID}) " . "limit 1;"; $rec = $this->db->query($sql)->fetch(); $RaitingID = $rec['ID']; $this->view->setVars(array('id' => $id, 'item' => $item, 'personal' => $personal, 'photos' => $photos, 'comments' => $comments, 'ActiveTab' => $ActiveTab, 'RaitingID' => $RaitingID)); $this->view->breadcrumbs = array(array('url' => '/catalog/', 'title' => 'Каталог организаций'), array('url' => '/catalog/p-' . $item['id_pod_cat'], 'title' => $item['SubCategoryName']), array('url' => '/catalog/i-' . $id, 'title' => $item['name'])); $this->view->meta = array('meta_title' => 'Организация: ' . $item['name'], 'meta_description' => 'Организация: ' . $item['name'], 'meta_keywords' => $item['MetaKeywords']); SetTokenForPreventDoubleSubmit(); $this->view->generate(); }