function doEdit()
{
try {
$duan_id = mysql_real_escape_string($_POST['duan_id']);
if ($duan_id == null) {
die('ERROR_SYSTEM');
}
$myprojects = array();
if (isset($_SESSION['myprojects'])) {
$myprojects = $_SESSION['myprojects'];
}
if (in_array($duan_id, $myprojects) == false) {
$this->checkLogin(true);
$this->checkActive(true);
$this->checkLock(true);
die('ERROR_SYSTEM');
}
$tenduan = $_POST['duan_tenduan'];
$alias = $_POST['duan_alias'];
$linhvuc_id = $_POST['duan_linhvuc_id'];
$tinh_id = $_POST['duan_tinh_id'];
$ngayketthuc = $_POST['duan_ngayketthuc'];
$costmin = $_POST['duan_costmin'];
$costmax = $_POST['duan_costmax'];
$thongtinchitiet = $_POST['duan_thongtinchitiet'];
$duan_email = $_POST['duan_email'];
$duan_sodienthoai = $_POST['duan_sodienthoai'];
$isbid = $_POST['duan_isbid'];
//Validate
if (isset($_POST['duan_skills'])) {
if (isset($_POST['duan_skills'][MAX_SKILL])) {
die('ERROR_MAXSKILL');
}
}
$validate = new Validate();
if ($validate->check_null(array($duan_id, $tenduan, $alias, $linhvuc_id, $tinh_id, $ngayketthuc, $costmin, $costmax, $thongtinchitiet, $isbid, $duan_email, $duan_sodienthoai)) == false) {
die('ERROR_SYSTEM');
}
if ($validate->check_length($tenduan, 101)) {
die('ERROR_SYSTEM');
}
if ($validate->check_date($ngayketthuc) == false) {
die('ERROR_SYSTEM');
}
$ngayketthuc = SQLDate($ngayketthuc);
//End validate
$this->duan->id = $duan_id;
$data = $this->duan->search('id,ngaypost,ngayketthuc,data_id');
if (empty($data)) {
die('ERROR_SYSTEM');
}
$ngaypost = $data['duan']['ngaypost'];
$data_id = $data['duan']['data_id'];
$file_id = null;
//Get upload attach file_id
global $cache;
$ma = time();
if ($_FILES['duan_filedinhkem']['name'] != NULL) {
$str = $_FILES['duan_filedinhkem']['tmp_name'];
$size = $_FILES['duan_filedinhkem']['size'];
if ($size == 0) {
echo 'ERROR_FILESIZE';
} else {
$dir = ROOT . DS . 'public' . DS . 'upload' . DS . 'files' . DS;
$filename = preg_replace("/[&' +-]/", "_", $_FILES['duan_filedinhkem']['name']);
move_uploaded_file($_FILES['duan_filedinhkem']['tmp_name'], $dir . $filename);
//die($filename);
$sFileType = '';
$i = strlen($filename) - 1;
while ($i >= 0) {
if ($filename[$i] == '.') {
break;
}
$sFileType = $filename[$i] . $sFileType;
$i--;
}
$str = $dir . $filename;
$fname = $ma . '_' . $filename;
$arrType = $cache->get('fileTypes');
if (!in_array(strtolower($sFileType), $arrType)) {
unlink($str);
die('ERROR_WRONGFORMAT');
} else {
$str2 = $dir . $fname;
rename($str, $str2);
$this->setModel('file');
$this->file->id = null;
$this->file->filename = $filename;
$this->file->fileurl = BASE_PATH . '/upload/files/' . $fname;
$this->file->status = 1;
$file_id = $this->file->insert(true);
}
}
}
//End
$this->setModel('data');
$sIndex = "{$tenduan} " . strip_tags($thongtinchitiet);
$sIndex = strtolower(remove_accents($sIndex));
$this->data->id = $data_id;
$this->data->data = $sIndex;
$this->data->update();
$this->setModel('duan');
$this->duan->id = $duan_id;
$this->duan->tenduan = $tenduan;
$this->duan->alias = $alias;
$this->duan->linhvuc_id = $linhvuc_id;
$this->duan->tinh_id = $tinh_id;
$this->duan->costmin = $costmin;
$this->duan->costmax = $costmax;
$this->duan->isbid = $isbid;
if ($file_id != 0) {
$this->duan->file_id = $file_id;
}
$this->duan->thongtinchitiet = $thongtinchitiet;
$currentDate = GetDateSQL();
$this->duan->timeupdate = $currentDate;
$this->duan->ngayketthuc = $ngayketthuc;
$this->duan->duan_email = $duan_email;
$this->duan->duan_sodienthoai = $duan_sodienthoai;
if ($data['duan']['ngayketthuc'] > $currentDate) {
$this->duan->nhathau_id = '';
}
$this->duan->update();
$this->setModel('duanskill');
$this->duanskill->custom("delete from duanskills where duan_id = {$duan_id}");
if (isset($_POST['duan_skills'])) {
$lstSkill = $_POST['duan_skills'];
foreach ($lstSkill as $skill_id) {
$this->duanskill->id = null;
$this->duanskill->duan_id = $duan_id;
$this->duanskill->skill_id = $skill_id;
$this->duanskill->insert();
}
}
echo 'DONE';
} catch (Exception $e) {
echo 'ERROR_SYSTEM';
}
}
function saveRaovat()
{
$this->checkAdmin(true);
try {
$id = $_POST['raovat_id'];
$tieude = $_POST['raovat_tieude'];
$alias = $_POST['raovat_alias'];
$email = $_POST['raovat_email'];
$sodienthoai = $_POST['raovat_sodienthoai'];
$noidung = $_POST['raovat_noidung'];
$isvip = $_POST['raovat_isvip'];
$expirevip = $_POST['raovat_expirevip'];
$expiredate = $_POST['raovat_expiredate'];
if ($isvip == 1) {
$expirevip = SQLDate($expirevip);
}
$expiredate = SQLDate($expiredate);
if ($id == null) {
//insert
die('ERROR_SYSTEM');
} else {
//update
$this->raovat->id = $id;
$this->raovat->tieude = $tieude;
$this->raovat->alias = $alias;
$this->raovat->raovat_email = $email;
$this->raovat->raovat_sodienthoai = $sodienthoai;
$this->raovat->noidung = $noidung;
$this->raovat->isvip = $isvip;
if ($isvip == 1) {
$this->raovat->expirevip = $expirevip;
}
$this->raovat->expiredate = $expiredate;
}
$this->raovat->save();
echo 'DONE';
} catch (Exception $e) {
echo 'ERROR_SYSTEM';
}
}
