public function callAction()
{
$data = array_intersect_key($_POST, array_flip(array('phone', 'fio', 'formid')));
// Validate data
$validator = new Validator($data);
$validator->rule('empty', 'formid')->message('Некорректный идентификатор формы');
$validator->rule('required', 'phone')->message('Поле не заполнено');
$validator->rule('phone', 'phone')->message('Некорректный номер телефона');
if ($validator->validate()) {
if (empty($data['fio'])) {
$data['fio'] = 'Личный номер';
}
unset($data['formid']);
// Send to subscribers
$mailers = MSCore::db()->getCol('SELECT mail FROM `' . PRFX . 'mailer` WHERE type = ' . self::TARGET_CALL . ' OR type = 0');
$data['date'] = date('Y-m-d H:i:s');
MSCore::db()->insert(PRFX . 'order_call', $data);
if (is_array($mailers) && !empty($mailers)) {
// Send email
$sendMail = new SendMail();
$sendMail->init();
$sendMail->setSubject('Обратный звонок на ' . DOMAIN);
$sendMail->setFrom('noreply@' . DOMAIN, 'Первая кровельная');
// Prepare body
$message = template('email/call', array('data' => $data));
$sendMail->setMessage($message);
foreach ($mailers as $_email) {
$sendMail->setTo($_email);
$sendMail->send();
}
unset($sendMail);
}
$content = template('ajax/success/call');
$this->addData(array('content' => $content));
} else {
$errors = $validator->errors();
foreach ($errors as $_name => $_error) {
if (is_array($_error)) {
$errors[$_name] = reset($_error);
}
}
$this->errorAction(1001, 'Некорректно заполненные поля', array('errors' => $errors));
}
}
<?php
require_once '../config.php';
checkAjax();
include '../../includes/validation.php';
$return_data = array('status' => 0);
$service = secure_data($_POST['service']);
$service_type = secure_data($_POST['type']);
if ($service && in_array($service_type, array(1, 2))) {
$v = new Validator($_POST, array(), 'en', DOC_ORG_ROOT . 'lang/');
$v->rule('required', 'job')->message('{field} is required')->label('Job Name');
$v->rule('required', ['days_to_complete', 'price']);
$v->rule('numeric', ['price']);
if ($v->validate()) {
$job_id = secure_data($_POST['package']);
$fields = array('job', 'required_data', 'deliverable', 'days_to_complete', 'price');
$fields_enc = array('required_data', 'deliverable');
$insert_data = array();
$update_data = '';
foreach ($fields as $field) {
if (in_array($field, $fields_enc)) {
$insert_data[$field] = secure_data(htmlspecialchars($_POST[$field]));
} else {
$insert_data[$field] = secure_data($_POST[$field]);
}
$update_data .= $update_data !== '' ? ", " : "";
$update_data .= "`{$field}` = '{$insert_data[$field]}'";
}
if ($job_id) {
// Update
$where = " WHERE id = '{$job_id}' AND service_id = '{$service}'";
<?php
include '../config.php';
include '../includes/validation.php';
$return_data = array('status' => 0);
/*$rules_array = array(
'message'=>array('type'=>'string', 'required'=>true, 'trim'=>true),
'days'=>array('type'=>'numeric', 'required'=>true, 'trim'=>true)
);*/
$v = new Validator($_POST, array(), 'en', DOC_ORG_ROOT . 'lang/');
$v->rule('required', ['message', 'days']);
if ($v->validate()) {
$message = secure_data($_POST['message']);
$days = secure_data($_POST['days']);
$insert_data = array('message' => $message, 'days' => $days);
$attachment_update = secure_data($_POST['attachment_update']);
if ($attachment_update == 1) {
$attachment = secure_data($_POST['attachment']);
$insert_data['attachment'] = $attachment;
if ($attachment) {
$src = UPLOAD_ROOT . 'temp/' . $attachment;
$des = UPLOAD_ROOT . 'attachment/' . $attachment;
rename($src, $des);
}
}
$insert_data['sender_id'] = $_SESSION['agent'];
$insert_data['msg_type'] = 1;
$insert_data['payment_id'] = secure_data($_POST['pi']);
// Insert
insertDB($insert_data, 'messages');
// Update
$allowed_domains = array('localhost', 'basekit-staging.digibuzz24.net');
$ref_domain = '';
$referrer = @$_SERVER['HTTP_REFERER'];
if ($referrer) {
$parse = parse_url($referrer);
$ref_domain = preg_replace('#^www\\.(.+\\.)#i', '$1', $parse['host']);
}
if ($ref_domain && in_array($ref_domain, $allowed_domains) && $post_data['access'] === md5('basekit-to-dmexpert-api')) {
$job_type = isset($bkodata['ostatus']) && $bkodata['ostatus'] ? $bkodata['ostatus'] : '';
$user_data = mysql_get_rows('users', array('where' => "email = '{$post_data['email']}'"), 1);
if ($user_data) {
$payment_data = mysql_get_rows('payments', array('where' => "bkid = '{$bkodata['pi']}' AND user_id = '{$user_data['id']}'"), 1);
if ($payment_data) {
$v = new Validator($bkodata, array(), 'en', DOC_ORG_ROOT . 'lang/');
if (!in_array($job_type, array(5, 6))) {
$v->rule('required', ['message']);
}
if ($v->validate()) {
$msg_type = 0;
if ($job_type !== '') {
if ($job_type == 2 && $payment_data['order_started'] == 0) {
$msg_type = 2;
} elseif ($job_type == 4 && in_array($payment_data['job_status'], array(3))) {
$msg_type = 4;
} elseif ($job_type == 5 && in_array($payment_data['job_status'], array(3))) {
$msg_type = 5;
} elseif ($job_type == 6) {
$msg_type = 6;
}
}
$insert_data = array();
<?php
include '../config.php';
include '../includes/validation.php';
$data = json_decode(file_get_contents('../admin/data/home.txt'));
$return_data = array('status' => 0);
$v = new Validator($_POST, array(), 'en', DOC_ORG_ROOT . 'lang/');
$v->rule('required', ['username', 'email', 'password']);
$v->rule('email', 'email');
if ($v->validate()) {
$email = secure_data($_POST['email']);
$is_exists = mysql_get_rows('users', array('where' => "email = '{$email}'"), 1);
if (!$is_exists) {
$username = secure_data($_POST['username']);
$password = secure_data($_POST['password']);
// Password must be in md5
$insert_data = array('username' => $username, 'email' => $email, 'password' => $password, 'type' => 2, 'status' => 1, 'created_at' => date('Y-m-d H:i:s'));
insertDB($insert_data, 'users');
}
$return_data['status'] = 1;
}
echo json_encode($return_data);
public function orderAction()
{
if (isset($_POST)) {
$data = [];
try {
if (!isset($_POST['name'])) {
throw new Exception('name');
}
$data['name'] = htmlspecialchars($_POST['name']);
if (!isset($_POST['phone'])) {
throw new Exception('phone');
}
$data['phone'] = htmlspecialchars($_POST['phone']);
if (!isset($_POST['comment'])) {
throw new Exception('comment');
}
$data['comment'] = htmlspecialchars($_POST['comment']);
if (!isset($_POST['path'])) {
throw new Exception('path');
}
$data['path'] = htmlspecialchars($_POST['path']);
if (!isset($_POST['address'])) {
throw new Exception('honeyPot');
}
$honeyPot = htmlspecialchars($_POST['address']);
$data['honeyPot'] = $honeyPot;
// Проверка на бота
if ($honeyPot != '') {
$this->errorAction(1001, 'Custom system error', ['honeyPot' => 'honeyPot']);
}
// Валидация
$v = new Validator(['name' => $data['name'], 'phone' => $data['phone'], 'comment' => $data['comment']]);
$v->rule('required', 'comment')->message('comment!');
$v->rule('required', 'name')->message('name!');
$v->rule('regex', 'name', '/^([a-zа-я\\s\\-]+)$/iu')->message('name!!');
$v->rule('required', 'phone')->message('phone!');
$v->rule('phone', 'phone')->message('phone!!');
if ($v->validate()) {
if (!empty($data['path'])) {
$query = new MSTable('{www}');
$query->setFields(['title_page']);
$query->setFilter('path_id = ' . $data['path']);
$data['path'] = $query->getItem();
$data['path'] = $data['path']['title_page'];
}
// Проверяем есть ли файл в наличии
$type = 'modal';
if (isset($_SESSION['uploaded'][$type]['directory'])) {
$path = $_SESSION['uploaded'][$type]['directory'];
unset($_SESSION['uploaded'][$type]['directory']);
}
$title = "Заявка с сайта " . DOMAIN;
$msg = template('email/order', $data);
if (isset($path)) {
$files = str_replace('\\', '/', $path);
$from = "noreply@" . DOMAIN;
// Помещаем в базу
MSCore::db()->insert(PRFX . 'mails', ['subject' => $title, 'files' => $files, 'text' => $msg, 'from' => $from]);
$msg = template('email/order', $data + ['files' => $files]);
} else {
$mail = new SendMail();
$mail->init();
$mail->setEncoding("utf8");
$mail->setEncType("base64");
$mail->setSubject($title);
$mail->setMessage($msg);
$mail->setFrom("noreply@" . DOMAIN, "apstroy");
$emails = MSCore::db()->getCol('SELECT `mail` FROM `' . PRFX . 'mailer`');
foreach ($emails as $email) {
$mail->setTo($email);
$mail->send();
}
}
$sql = "\n INSERT INTO mp_list(`title`,`text`)\n VALUES('" . $title . "','" . $msg . "');\n ";
MSCore::db()->execute($sql);
$this->addData(['succes' => 'Ok']);
$this->successAction();
} else {
$errors = $v->errors();
foreach ($errors as $_name => $_error) {
if (is_array($_error)) {
$errors[$_name] = reset($_error);
}
}
$this->errorAction(1001, 'Custom system error', ['data' => $data, 'error' => $errors]);
}
} catch (Exception $exception) {
$error = $exception->getMessage();
$this->errorAction(1001, 'Custom system error', ['error' => $error, 'postArgument' => 'noPostArgument']);
}
}
}
public function callAction()
{
if (isset($_POST)) {
$data = [];
try {
if (!isset($_POST['name'])) {
throw new Exception('name');
}
$data['name'] = htmlspecialchars($_POST['name']);
if (!isset($_POST['phone'])) {
throw new Exception('phone');
}
$data['phone'] = htmlspecialchars($_POST['phone']);
if (!isset($_POST['email'])) {
throw new Exception('email');
}
$data['email'] = htmlspecialchars($_POST['email']);
if (!isset($_POST['comment'])) {
throw new Exception('comment');
}
$data['comment'] = htmlspecialchars($_POST['comment']);
if (!isset($_POST['address'])) {
throw new Exception('honeyPot');
}
$honeyPot = htmlspecialchars($_POST['address']);
$data['honeyPot'] = $honeyPot;
// Проверка на бота
if ($honeyPot != '') {
$this->errorAction(1001, 'Custom system error', ['honeyPot' => 'honeyPot']);
}
// Валидация
$v = new Validator(['name' => $data['name'], 'phone' => $data['phone'], 'email' => $data['email'], 'comment' => $data['comment']]);
$v->rule('required', 'comment')->message('comment!');
$v->rule('required', 'name')->message('name!');
$v->rule('regex', 'name', '/^([a-zа-я\\s\\-]+)$/iu')->message('name!!');
$v->rule('required', 'phone')->message('phone!');
$v->rule('phone', 'phone')->message('phone!!');
$v->rule('required', 'email')->message('email!');
$v->rule('email', 'email')->message('email!!');
if ($v->validate()) {
$msg = template('email/call', $data);
$title = "Вопрос с сайта " . DOMAIN;
$mail = new SendMail();
$mail->init();
$mail->setEncoding("utf8");
$mail->setEncType("base64");
$mail->setSubject($title);
$mail->setMessage($msg);
$mail->setFrom("noreply@" . DOMAIN, "eko");
$emails = MSCore::db()->getCol('SELECT `mail` FROM `' . PRFX . 'mailer`');
foreach ($emails as $email) {
$mail->setTo($email);
$mail->send();
}
$sql = "\n INSERT INTO mp_list(`title`,`text`)\n VALUES('" . $title . "','" . $msg . "');\n ";
MSCore::db()->execute($sql);
$this->addData(['succes' => 'Ok']);
$this->successAction();
} else {
$errors = $v->errors();
foreach ($errors as $_name => $_error) {
if (is_array($_error)) {
$errors[$_name] = reset($_error);
}
}
$this->errorAction(1001, 'Custom system error', ['data' => $data, 'error' => $errors]);
}
} catch (Exception $exception) {
$error = $exception->getMessage();
$this->errorAction(1001, 'Custom system error', ['error' => $error, 'postArgument' => 'noPostArgument']);
}
}
}
