$form = new ad(); $name = htmlspecialchars(strip_tags($_POST['name'])); if (!empty($name)) { $show = $_POST['vis'] ? 1 : 0; $new = $_POST['new'] ? 1 : 0; $bestseller = $_POST['bestseller'] ? 1 : 0; $presence = $_POST['presence'] ? 1 : 0; $article = htmlspecialchars(strip_tags($_POST['article'])); $event = $_POST['event'] ? 1 : 0; $dtNow = $dtClass->dtInDB(); $id = htmlspecialchars(strip_tags($_POST['id'])); $price = (double) strip_tags($_POST['price']); $price = number_format($price, 2, '.', ''); $priority = $_POST['priority']; $weight = htmlspecialchars(strip_tags($_POST['weight'])); $description = $form->replaceToInsert($_POST['description']); if ($_POST['action'] == 'edit') { $db->query("UPDATE dial SET \n vis = '" . $show . "',\n name = '" . $name . "',\n idUserUpdate = '" . $_SESSION['userID'] . "', \n dtUpdate = '" . $dtNow . "',\n description = '" . $description . "',\n price = '" . $price . "',\n priority = '" . $priority . "',weight='" . $weight . "',\n weight_val='" . $_POST['weight_val'] . "',\n new=" . $new . ",bestseller=" . $bestseller . ",event=" . $event . ",article='" . $article . "',\n presence=" . $presence . "\n WHERE id = " . $id); } if ($_POST['action'] == 'add') { $db->query("INSERT INTO dial (vis,name,idUserCreate,dtCreate,description,price,priority,weight,weight_val,new,bestseller,event,article,presence) VALUES (" . $show . ", '" . $name . "', '" . $_SESSION['userID'] . "', '" . $dtNow . "', '" . $description . "', '" . $price . "', " . $priority . ",'" . $weight . "','" . $_POST['weight_val'] . "'," . $new . "," . $bestseller . "," . $event . ",'" . $article . "'," . $presence . ")"); $id = $db->last(); } //удалим вес состав $sql_del_sostav = "DELETE FROM sostav WHERE id_dial=" . $id; $db->query($sql_del_sostav); //добавлем состав если есть $arrvalselected = array(); foreach ($_POST as $index => $val) { $expl = explode('sostav', $index); if ($expl[1]) {
$pack = htmlspecialchars(strip_tags($_POST['pack'])); $gmo = $_POST['gmo'] ? 1 : 0; $storageconditions = htmlspecialchars(strip_tags($_POST['storageconditions'])); $idFirm = htmlspecialchars(strip_tags($_POST['sfirms'])); $price = (double) strip_tags($_POST['price']); $price = number_format($price, 2, '.', ''); $presence = $_POST['presence']; $orderDay = $presence == 3 ? htmlspecialchars(strip_tags($_POST['orderDay'])) : 0; $newOrSecond = $_POST['newOrSecond'] ? 1 : 0; $new = $_POST['new'] ? 1 : 0; $bestseller = $_POST['bestseller'] ? 1 : 0; $event = $_POST['event'] ? 1 : 0; $priority = $_POST['priority']; $rating = $_POST['rating']; $ava = $_POST['ava']; $description = $form->replaceToInsert($_POST['description']); $grayText = $form->replaceToInsert($_POST['grayText']); $tags = $form->replaceToInsert($_POST['tags']); $attributes = $_POST['idsProducts']; $kkz = $_POST['kkz'] ? 1 : 0; $pricekkz = (double) strip_tags($_POST['pricekkz']); $pricekkz = number_format($pricekkz, 2, '.', ''); $weightkkz = (double) strip_tags($_POST['weightkkz']); $weightkkz = number_format($weightkkz, 2, '.', ''); $pricekkzed = htmlspecialchars(strip_tags($_POST['pricekkzed'])); $weightkkzed = htmlspecialchars(strip_tags($_POST['weightkkzed'])); $weight = htmlspecialchars(strip_tags($_POST['weight'])); if ($attributes) { $attributes = substr($attributes, strlen($attributes) - 1) != '~' ? $attributes : substr($attributes, 0, strlen($attributes) - 1); $attributes = substr($attributes, 0, 1) != '~' ? $attributes : substr($attributes, 1, strlen($attributes)); }