function ajax() { switch (func::GET('act')) { case 'item-u-update': $this->input->postm(array('id' => TYPE_UINT, 'uid' => TYPE_UINT, 'p' => TYPE_STR), $p); $nUserID = $this->security->getUserID(); $nItemID = $p['id']; if (!$nItemID || empty($p['p']) || !$nUserID) { $this->ajaxResponse(Errors::ACCESSDENIED); } $aItem = $this->db->one_array('SELECT id, cat1_id FROM ' . TABLE_BBS_ITEMS . ' WHERE id = ' . $nItemID . ' AND status = ' . BBS_STATUS_NEW . ' AND pass = '******'p'])); if (!empty($aItem)) { $this->db->execute('UPDATE ' . TABLE_BBS_ITEMS . ' SET user_id = ' . $nUserID . ' WHERE id = ' . $nItemID); // закрепляем за пользователем $this->db->execute('UPDATE ' . TABLE_USERS . ' SET items = items+1 WHERE user_id = ' . $nUserID); // обновляем счетчик объявлений пользователя } $sUID = $this->security->getUID(false, 'post'); $bPayPublication = !$this->checkFreePublicationsLimit($aItem['cat1_id'], $nUserID, $sUID); $this->ajaxResponse(array('res' => !empty($aItem), 'pp' => $bPayPublication)); break; case 'item-edit-pass': $p = $this->input->postm(array('id' => TYPE_UINT, 'pass' => TYPE_STR)); $aResponse = array(); do { if (!$p['id']) { $this->errors->set(Errors::IMPOSSIBLE); break; } if (empty($p['pass'])) { $this->errors->set('editpass_empty'); break; } if ($this->isEditPassGranted($p['id'])) { $aResponse['result'] = true; break; } $aData = $this->db->one_array('SELECT id, user_id FROM ' . TABLE_BBS_ITEMS . ' WHERE id = ' . $p['id'] . ' AND pass = '******'pass'])); if (empty($aData)) { $this->errors->set(Errors::ACCESSDENIED); break; } else { if ($aData['user_id'] > 0) { $userID = $this->security->getUserID(); if ($userID > 0) { if ($aData['user_id'] != $userID) { $this->errors->set('editpass_not_owner'); } else { $aResponse['result'] = true; break; } } else { $this->errors->set('editpass_auth'); } } else { $this->grantEditPass($p['id']); $aResponse['result'] = true; } } } while (false); $aResponse['errno'] = $this->errors->no(); $this->ajaxResponse($aResponse); break; case 'item-claim': $p = $this->input->postm(array('id' => TYPE_UINT, 'reasons' => TYPE_ARRAY_UINT, 'comment' => TYPE_STR, 'captcha' => TYPE_STR)); $p['comment'] = func::cleanComment($p['comment']); $aResponse = array(); do { if (!$p['id']) { $this->errors->set(Errors::IMPOSSIBLE); break; } if (empty($p['reasons']) && $p['comment'] == '') { $this->errors->set('enter_claim_reason'); break; } $nUserID = $this->security->getUserID(); if (!$nUserID) { $oProtection = new CCaptchaProtection(); if (!$oProtection->valid(isset($_SESSION['c2']) ? $_SESSION['c2'] : '', $p['captcha'])) { $aResponse['captcha_wrong'] = 1; $this->errors->set('claim_wrong_captcha'); break; } } unset($_SESSION['c2']); $nReasons = array_sum($p['reasons']); $res = $this->db->execute('INSERT INTO ' . TABLE_BBS_ITEMS_CLAIMS . ' (item_id, user_id, comment, reasons, ip, created) VALUES(' . $p['id'] . ', ' . $nUserID . ', ' . $this->db->str2sql($p['comment']) . ', ' . $nReasons . ', :ip, ' . $this->db->getNOW() . ') ', array(':ip' => func::getRemoteAddress())); if ($res) { config::saveCount('bbs_items_claims', 1); bff::sendMailTemplate(array('user' => !$nUserID ? 'Аноним' : $this->security->getUserEmail(), 'claim' => $this->getItemClaimText($nReasons, nl2br($p['comment'])), 'item_url' => SITEURL . '/item/' . $p['id']), 'admin_bbs_claim', config::get('mail_admin', BFF_EMAIL_SUPPORT)); } } while (false); $aResponse['result'] = $this->errors->no(); $this->ajaxResponse($aResponse); break; case 'img-upload': $aFailResponse = array('success' => false); $nUserID = $this->security->getUserID(); $nItemID = $this->input->post('id', TYPE_UINT); if ($nItemID > 0) { $aData = $this->db->one_array('SELECT user_id, uid, img, imgcnt, status, moderated FROM ' . TABLE_BBS_ITEMS . ' WHERE id = ' . $nItemID); if (empty($aData)) { $aFailResponse['error'] = 'Редактируемое объявление не найдено'; $this->ajaxResponse($aFailResponse); } if ($aData['status'] == BBS_STATUS_BLOCKED && $aData['moderated'] == 0) { $aFailResponse['error'] = 'Объявление ожидает проверки модератора'; $this->ajaxResponse($aFailResponse); } // доступ к редактированию объявления возможен только по паролю if ($aData['user_id'] == 0) { if (!$this->isEditPassGranted($nItemID)) { $aFailResponse['error'] = 'В доступе отказано'; $this->ajaxResponse($aFailResponse); } } else { // автор объявления = загеристрированный пользователь if (!$nUserID || $nUserID > 0 && $aData['user_id'] != $nUserID) { $aFailResponse['error'] = 'Вы не является владельцем данного объявления.'; $this->ajaxResponse($aFailResponse); } } } else { // грузить новые фотографии(без привязки к объявлению) можно пока без ограничений // вернее с ограничением swfuploader'a, до перезагрузки :) } $uploadResult = Upload::swfuploadStart(true); if (!is_array($uploadResult)) { $sErrorMessage = $uploadResult; $this->ajaxResponse(array('success' => false, 'error' => $uploadResult), 1); } $sFilename = $this->initImages()->saveImageFileCustom($this->items_images_path, $nItemID, $uploadResult); if (!empty($sFilename) && $nItemID > 0) { $aData['img'] .= (!empty($aData['img']) ? ',' : '') . $sFilename; $this->db->execute('UPDATE ' . TABLE_BBS_ITEMS . ' SET imgcnt = imgcnt+1, img = ' . $this->db->str2sql($aData['img']) . ' WHERE id = ' . $nItemID); } $this->ajaxResponse(array('success' => true, 'filename' => $sFilename, 'id' => $nItemID), 1); break; case 'img-delete': $nUserID = $this->security->getUserID(); $nItemID = $this->input->id('id', 'p'); if ($nItemID > 0) { $aData = $this->db->one_array('SELECT user_id, uid, img, imgcnt, status, moderated FROM ' . TABLE_BBS_ITEMS . ' WHERE id = ' . $nItemID); if (empty($aData)) { $aFailResponse['error'] = 'Редактируемое объявление не найдено'; $this->ajaxResponse($aFailResponse); } if ($aData['status'] == BBS_STATUS_BLOCKED && $aData['moderated'] == 0) { $aFailResponse['error'] = 'Объявление ожидает проверки модератора'; $this->ajaxResponse($aFailResponse); } // доступ к редактированию объявления возможен только по паролю if ($aData['user_id'] == 0) { if (!$this->isEditPassGranted($nItemID)) { $aFailResponse['error'] = 'В доступе отказано'; $this->ajaxResponse($aFailResponse); } } else { // автор объявления = загеристрированный пользователь if (!$nUserID || $nUserID > 0 && $aData['user_id'] != $nUserID) { $aFailResponse['error'] = 'Вы не является владельцем данного объявления.'; $this->ajaxResponse($aFailResponse); } } } else { // удалять фотографии(без привязки к объявлению) можно без ограничений } if (!($sFilename = func::POST('filename'))) { $this->ajaxResponse(Errors::IMPOSSIBLE); } $this->initImages()->deleteImageFileCustom($this->items_images_path, $nItemID, $sFilename); $this->ajaxResponse(Errors::SUCCESS); break; case 'regions': $p = $this->input->postm(array('pid' => TYPE_UINT, 'form' => TYPE_STR, 'empty' => TYPE_STR)); if (!$p['pid']) { break; } $result = false; if ($p['form'] == 'options') { $result = $this->regionsOptions(0, $p['pid'], true, !empty($p['empty']) ? $p['empty'] : 'Выбрать...'); } $this->ajaxResponse($result); break; case 'sub-cats': $p = $this->input->postm(array('pid' => TYPE_UINT, 'dp' => TYPE_BOOL, 'dp_form' => TYPE_STR, 'format' => TYPE_STR, 'type' => TYPE_STR)); if (!$p['pid']) { break; } $returnTypes = 0; $returnSubTypes = 0; // Dirty. We get here category for our custom subtype if ($p['type'] == 'type') { $type = $this->db->select('SELECT T.cat_id FROM ' . TABLE_BBS_CATEGORIES_TYPES . ' T WHERE T.id = ' . $p['pid'] . ' LIMIT 1'); $p['pid'] = $type[0]['cat_id']; } $aParentInfo = $this->db->one_array('SELECT id, numlevel, numleft, numright, prices, prices_sett, regions FROM ' . TABLE_BBS_CATEGORIES . ' WHERE id = ' . $p['pid']); $aDynprops = array(); $aCats = $this->db->select('SELECT id, title, numlevel FROM ' . TABLE_BBS_CATEGORIES . ' WHERE pid = ' . $p['pid'] . ' AND enabled = 1 ORDER BY numleft'); if ($p['type'] == 'type') { $aCats = array(); } if (empty($aCats)) { $returnTypes = 1; $tableName = TABLE_BBS_CATEGORIES_TYPES; if ($p['type'] == 'type') { $tableName = TABLE_BBS_CATEGORIES_SUBTYPES; $returnTypes = 0; $returnSubTypes = 1; } //если категории не найдены, пытаемся получить "типы" $aCats = $this->db->select('SELECT T.id, T.title FROM ' . $tableName . ' T, ' . TABLE_BBS_CATEGORIES . ' C WHERE ((C.numleft <= ' . $aParentInfo['numleft'] . ' AND C.numright > ' . $aParentInfo['numright'] . ') OR (C.id = ' . $p['pid'] . ')) AND C.id = T.cat_id AND T.enabled = 1 GROUP BY T.id ORDER BY C.numleft, T.num'); if ($p['dp']) { $sDynpropsForm = ''; switch ($p['dp_form']) { case 'add': $sDynpropsForm = 'dynprops.form.add.php'; break; } $aDynprops = $this->initDynprops()->form($p['pid'], false, true, array(), 'dp', $sDynpropsForm, $this->module_dir_tpl); } } if ($aParentInfo['prices']) { $aParentInfo['prices_sett'] = unserialize($aParentInfo['prices_sett']); if (is_array($aParentInfo['prices_sett'])) { unset($aParentInfo['prices_sett']['ranges']); } } $this->ajaxResponse(array('cats' => $aCats, 'is_types' => $returnTypes, 'is_subtypes' => $returnSubTypes, 'dp' => $aDynprops, 'regions' => $aParentInfo['regions'], 'prices' => $aParentInfo['prices'], 'prices_sett' => $aParentInfo['prices_sett'])); break; case 'dp-child': $p = $this->input->postm(array('dp_id' => TYPE_UINT, 'dp_value' => TYPE_UINT)); if (empty($p['dp_id']) && empty($p['dp_value'])) { $this->ajaxResponse(''); } $aChildDynpropForm = $this->initDynprops()->formChildAdd($p['dp_id'], $p['dp_value'], 'dynprops.form.child.php', $this->module_dir_tpl); $this->ajaxResponse($aChildDynpropForm); break; case 'dp-child-filter': $p = $this->input->postm(array('dp_id' => TYPE_UINT, 'dp_value' => TYPE_UINT)); do { if (!$p['dp_id'] || !$p['dp_value']) { break; } $aPairs = array(array('parent_id' => $p['dp_id'], 'parent_value' => $p['dp_value'])); $dp = $this->initDynprops(); $aResult = array(); $aDynprops = $dp->getByParentIDValuePairs($aPairs, true); if (!empty($aDynprops[$p['dp_id']])) { $aDynprop = current($aDynprops[$p['dp_id']]); $aResult = $dp->formChildEdit($aDynprop, 'search.dp.child.php', $this->module_dir_tpl); } else { $aResult['form'] = ''; } $aResult['pid'] = $p['dp_id']; $aResult['vid'] = $p['dp_value']; $this->ajaxResponse(array('form' => $aResult, 'res' => true)); } while (false); $this->ajaxResponse(array('form' => array(), 'res' => false)); break; case 'item-publicate2': $bSave = $this->input->post('save', TYPE_BOOL); $nItemID = $this->input->post('item', TYPE_UINT); $nUserID = $this->security->getUserID(); if (!$nItemID) { $this->ajaxResponse(Errors::IMPOSSIBLE); } if (!$nUserID) { $this->ajaxResponse(Errors::ACCESSDENIED); } $aItem = $this->db->one_array('SELECT id, user_id, status, moderated, publicated, publicated_to, cat_id, cat1_id, cat2_id, cat_type FROM ' . TABLE_BBS_ITEMS . ' WHERE id = ' . $nItemID . ' AND status != ' . BBS_STATUS_NEW . ' AND user_id = ' . $nUserID); if (empty($aItem)) { $this->ajaxResponse(Errors::IMPOSSIBLE); } if ($aItem['status'] == BBS_STATUS_BLOCKED) { $this->errors->set('Невозможно продлить публикацию, поскольку объявление ' . ($aItem['moderated'] == 0 ? 'ожидает проверки' : 'отклонено')); $this->ajaxResponse(null); } if ($aItem['status'] == BBS_STATUS_PUBLICATED) { $this->errors->set('Невозможно продлить публикацию, поскольку объявление опубликовано'); $this->ajaxResponse(null); } if (!empty($bSave)) { $nPeriod = $this->input->post('period', TYPE_UINT); //проверяем корректность периода публикации if (!($nPeriod >= 1 && $nPeriod <= 6)) { $this->errors->set('wrong_publicated_period'); $this->ajaxResponse(null); } $publicateTo = $this->preparePublicatePeriodTo($nPeriod, $aItem['status'] == BBS_STATUS_PUBLICATED_OUT ? time() : strtotime($aItem['publicated_to'])); if ($aItem['status'] == BBS_STATUS_PUBLICATED_OUT) { $toOld = strtotime($aItem['publicated_to']); /* если разница между датой снятия с публикации и текущей датой * более 3 дней, тогда поднимаем объявление вверх. * в противном случае: оставлем дату старта публикации(pulicated) и дату порядка публикации(publicated_order) прежними */ $bUpdatePublicatedOrder = time() - $toOld > 259200; //60*60*24*3 $sqlNOW = $this->db->getNOW(); $res = $this->db->execute('UPDATE ' . TABLE_BBS_ITEMS . ' SET publicated_to = ' . $this->db->str2sql($publicateTo) . ', ' . ($bUpdatePublicatedOrder ? ' publicated = ' . $sqlNOW . ', publicated_order = ' . $sqlNOW . ',' : '') . ' status_prev = status, status = ' . BBS_STATUS_PUBLICATED . ', moderated = 0 WHERE id = ' . $nItemID . ' '); if (!empty($res)) { # накручиваем счетчики кол-ва опубликованных объявлений: # в категориях и типах: $this->itemsCounterUpdate(array($aItem['cat1_id'], $aItem['cat2_id'], $aItem['cat_id']), !empty($aItem['cat_type']) ? array($aItem['cat_type']) : array(), true, true); } } else { // продление опубликованных пока НЕ делаем // $res = $this->db->execute('UPDATE '.TABLE_BBS_ITEMS.' // SET publicated_to = '.$this->db->str2sql( $publicateTo ).' // WHERE id = '.$nItemID.' // '); } $this->ajaxResponse(array('res' => $this->errors->no())); } $aResponse['res'] = $this->errors->no(); $aResponse['popup'] = $this->tplFetchPHP($aItem, 'items.publicate2.popup.php'); $this->ajaxResponse($aResponse); break; } $this->ajaxResponse(Errors::IMPOSSIBLE); }
function ajax() { if (bff::$isAjax) { switch (func::GETPOST('act')) { case 'subscribe': /* * При подписке: * - email выступает в дальнейшем в качестве логина * - пароль генерируется автоматически */ $sName = $this->input->post('name', TYPE_NOHTML); $sEmail = mb_strtolower($this->input->post('email', TYPE_NOHTML)); $response = ''; do { if (empty($sEmail) || !func::IsEmailAddress($sEmail)) { $response = 0; break; // некорректно указан email } $isSubscribed = $this->db->one_data('SELECT user_id FROM ' . TABLE_USERS . ' WHERE login='******'email' - для рассылки, 'login' - для авторизации $nUserID = $this->userCreate(array('login' => $sEmail, 'email' => $sEmail, 'password' => $sPassword, 'name' => $sName, 'subscribed' => 1, 'ip_reg' => func::getRemoteAddress(true)), self::GROUPID_MEMBER); if ($nUserID) { $response = 1; // успешно подписались # высылаем письмо (ставим в очередь на рассылку) CMail::SendQueue('subscribe', array('user_id' => $nUserID)); } else { $response = 4; // системная ошибка } } while (false); $this->ajaxResponse(array('result' => $response)); break; case 'enter': if ($this->security->isLogined()) { $this->ajaxResponse(array('result' => 'login-ok')); } $aData = $this->input->postm(array('email' => TYPE_STR, 'pass' => TYPE_STR, 'reg' => TYPE_BOOL)); if (!func::IsEmailAddress($aData['email'])) { $this->errors->set('wrong:email'); break; //email не корректный } if ($this->security->checkBan(false, func::getRemoteAddress(), $aData['email'], true)) { $this->errors->set(Errors::ACCESSDENIED); break; //не прошли бан-фильтр } if ($aData['reg']) { //регистрация if (empty($aData['pass']) || strlen($aData['pass']) < 3) { $this->errors->set('password_short'); break; //пароль слишком короткий } $aData['email_hash'] = func::getEmailHash($aData['email']); if ($this->isEmailExists($aData['email_hash'])) { $this->errors->set('email_exist'); break; //email уже занят } $this->getActivationInfo($sCode, $sLink); $nUserID = $this->userCreate(array('login' => $aData['email'], 'email' => $aData['email'], 'email_hash' => $aData['email_hash'], 'password' => $aData['pass'], 'ip_reg' => Func::getRemoteAddress(true), 'activatekey' => $sCode, 'activated' => 0), self::GROUPID_MEMBER); if ($nUserID) { //$this->userAUTH($aData['email'], $aData['pass'], null, true); $res = bff::sendMailTemplate(array('password' => $aData['pass'], 'email' => $aData['email'], 'activate_link' => "<a href=\"{$sLink}\">{$sLink}</a>"), 'member_registration', $aData['email']); $this->ajaxResponse(array('result' => 'reg-ok')); } else { $this->ajaxResponse(Errors::IMPOSSIBLE); } } else { //авторизация $nResult = $this->userAUTH($aData['email'], $aData['pass'], null, true); if ($nResult == 1) { //$this->security->setRememberMe('u', $aData['email'], $aData['pass']); bff::i()->Bbs_getFavorites(true); $bReload = false; if (!empty($_SERVER['HTTP_REFERER'])) { if (stripos($_SERVER['HTTP_REFERER'], '/item/') !== FALSE || stripos($_SERVER['HTTP_REFERER'], '/items/fav') !== FALSE) { $bReload = true; } } $userMenu = $this->tplFetch('user.menu.tpl'); $this->ajaxResponse(array('result' => 'login-ok', 'usermenu' => $userMenu, 'reload' => $bReload)); } else { $mResponse = null; switch ($nResult) { case 0: $this->errors->set('email_or_pass_incorrect'); break; case -3: $this->errors->set('activate_first'); break; //активируйте ваш аккаунт //активируйте ваш аккаунт case -2: $this->errors->set(Errors::ACCESSDENIED); break; //удален } if (is_array($nResult)) { if ($nResult['res'] == -1) { $this->errors->set('Аккаунт заблокирован.' . (!empty($nResult['reason']) ? ' <br/><b>Причина:</b>' . nl2br($nResult['reason']) : '')); } } } } break; } } $this->ajaxResponse(null); }
function mod_add() { if (!$this->haveAccessTo('users-edit')) { return $this->showAccessDenied(); } $this->input->postm(array('login' => TYPE_STR, 'avatar' => TYPE_STR, 'name' => TYPE_STR, 'email' => TYPE_STR, 'password' => TYPE_STR, 'password2' => TYPE_STR, 'balance' => TYPE_NUM, 'skype' => TYPE_STR, 'email2' => TYPE_STR, 'phone' => TYPE_STR, 'group_id' => TYPE_ARRAY_INT, 'cat' => TYPE_ARRAY_UINT), $aData); $aData['admin'] = 0; if (bff::$isPost) { do { // if($aData['city_id']<=0) { // $this->errors->set('wrong:city'); break; // } $aData['email_hash'] = func::getEmailHash($aData['email']); if (!$aData['login']) { $this->errors->set('empty:login'); break; } if (!$aData['email']) { $this->errors->set('empty:email'); break; } elseif (!Func::IsEmailAddress($aData['email'])) { $this->errors->set('wrong:email'); break; } if ($this->isLoginExists($aData['login'])) { $this->errors->set('login_exist'); break; } if ($this->isEmailExists($aData['email_hash'])) { $this->errors->set('email_exist'); break; } if (!$aData['password']) { $this->errors->set('empty:password'); break; } elseif ($aData['password'] != $aData['password2']) { $this->errors->set('password_confirmation'); break; } if ($this->errors->no()) { $aGroupID = $aData['group_id']; //array $aData['member'] = 0; $aData['ip_reg'] = func::getRemoteAddress(true); $aData['activated'] = 1; $aData['cat'] = join(',', $aData['cat']); unset($aData['password2'], $aData['group_id']); $nRecordID = $this->userInsert($aData); if ($nRecordID > 0) { $avatar = new CAvatar(TABLE_USERS, USERS_AVATAR_PATH, 'avatar', 'user_id'); $avatar->update($nRecordID, false, true); if (empty($aGroupID)) { $aGroupID = array(USERS_GROUPS_MEMBER); } else { $this->assignUser2Groups($nRecordID, $aGroupID); } # обновляем, является ли юзер администратором $bIsAdmin = 0; if (!(count($aGroupID) == 1 && current($aGroupID) == self::GROUPID_MEMBER)) { if (in_array(self::GROUPID_SUPERADMIN, $aGroupID) || in_array(self::GROUPID_MODERATOR, $aGroupID)) { $bIsAdmin = 1; } else { $aUserGroups = $this->getGroups(null, $aGroupID); foreach ($aUserGroups as $v) { if ($v['adminpanel'] == 1) { $bIsAdmin = 1; break; } } } if ($bIsAdmin) { $this->db->execute('UPDATE ' . TABLE_USERS . ' SET admin=' . $bIsAdmin . ' WHERE user_id=' . $nRecordID); } } } $this->adminRedirect(Errors::SUCCESSFULL, (!$aData['member'] ? 'admin_' : '') . 'listing'); } } while (false); $this->input->postm(array('password2' => TYPE_STR, 'group_id' => TYPE_ARRAY_INT), $aData); func::array_2_htmlspecialchars($aData, null, true); $aActiveGroupsID = $aData['group_id']; } else { $aActiveGroupsID = array(); } $aData = array_merge($aData, array('password2' => '', 'user_id' => '')); //assign groups $exists_options = ''; $active_options = ''; $aGroups = $this->getGroups(array(USERS_GROUPS_MEMBER, USERS_GROUPS_SUPERADMIN)); for ($i = 0; $i < count($aGroups); $i++) { if (in_array($aGroups[$i]['group_id'], $aActiveGroupsID)) { $active_options .= '<option value="' . $aGroups[$i]['group_id'] . '" style="color:' . $aGroups[$i]['color'] . ';">' . $aGroups[$i]['title'] . '</option>'; } else { $exists_options .= '<option value="' . $aGroups[$i]['group_id'] . '" style="color:' . $aGroups[$i]['color'] . ';">' . $aGroups[$i]['title'] . '</option>'; } } $this->tplAssign('exists_options', $exists_options); $this->tplAssign('active_options', $active_options); //$aData['city_options'] = bff::i()->Sites_geoCityOptions($aData['city_id'], 'edit'); $aData['edit'] = false; $this->tplAssign('aCategories', $this->getBBSCategories($aData['cat'])); $this->tplAssignByRef('aData', $aData); return $this->tplFetch('admin.mod.form.tpl'); }
/** * Создание счета, тип: подарок * @param integer $nUserID ID пользователя * @param float $fUserBalance текущий баланс пользователя * @param float $fAmount сумма счета * @param string $sDescription описание * @return integer ID счета */ function createBill_InGift($nUserID, $fUserBalance, $fAmount, $sDescription = '') { $now = $this->db->getNOW(); $this->db->execute('INSERT INTO ' . TABLE_BILLS . ' (user_id, user_balance, type, status, amount, description, created, payed, ip) VALUES( ' . $nUserID . ', ' . $fUserBalance . ', ' . self::typeInGift . ', ' . self::statusCompleted . ', ' . $fAmount . ', :desc, ' . $now . ', ' . $now . ', :ip)', array(':desc' => $sDescription, ':ip' => func::getRemoteAddress())); $nBillID = $this->db->insert_id(TABLE_BILLS, 'id'); if (empty($nBillID)) { $this->log('Неудалось создать счет: подарок'); $nBillID = 0; } return $nBillID; }