/**
* удаляем материал
*/
function deleteOrdersAction()
{
// удаляем из таблицы
$_sql = 'DELETE FROM `orders` WHERE (`id`="' . $_GET['id_order'] . '")';
$result = mysql::just_query($_sql, 0);
// сообщение
$this->msg = general::messages(1, v::getI18n('backend_after_delete'));
return self::newAction();
}
/**
* удаляем материал
*/
function deleteAction()
{
$this->table_name = $_GET['tablename'];
// удаляем из таблицы
$_sql = 'DELETE FROM ' . $this->table_name . ' WHERE (`id`="' . $_GET['id'] . '")';
$result = mysql::just_query($_sql, 0);
// сообщение
$this->msg = general::messages(1, v::getI18n('backend_after_delete'));
return self::indexAction();
}
/**
* удаляем материал
*/
function deleteAction()
{
// удаляем фото новости
self::deletephotoAction();
// удаляем из таблицы NEWS
$_sql = 'DELETE FROM `' . $this->tablename . '` WHERE (`id`="' . $_GET['id'] . '")';
$result = mysql::just_query($_sql, 0);
// сообщение
$this->msg = general::messages(1, v::getI18n('backend_after_delete'));
return self::indexAction();
}
/**
* удаляем материал
*/
function deleteAction()
{
// удаляем из таблицы NEWS
$_sql = 'SELECT * FROM `' . $this->tablename . '` WHERE (`id`="' . $_GET['id'] . '")';
$result = mysql::query_one($_sql, 0);
// удаляем файл
if (file_exists(HOST . PRICE_LIST_PATH . '/' . $result->pole)) {
unlink(HOST . PRICE_LIST_PATH . '/' . $result->pole);
}
// удаляем из таблицы NEWS
$_sql = 'DELETE FROM `' . $this->tablename . '` WHERE (`id`="' . $_GET['id'] . '")';
$result = mysql::just_query($_sql, 0);
// сообщение
$this->msg = general::messages(1, v::getI18n('backend_after_delete'));
return self::indexAction();
}
/**
* мультиредактирование
*/
function authorizeAction()
{
//echo "<pre>".print_r($_POST['kt_where'] ,1)."</pre>";
foreach ($_POST['kt_where'] as $key => $value) {
//echo '<div style="width:200px; border: solid 0px red; color:#000000; background: yellow; padding: 2px; margin-left: 15px;"><b>'.$key.'</b> - '.$value.'</div>';
if ($_POST['st'] == 1) {
// авторизовуем
$_sql = "UPDATE `" . $this->tablename . "` SET `status`='1' WHERE (`id`='" . $value . "')";
$result = mysql::just_query($_sql, 0);
} else {
if ($_POST['st'] == 2) {
// авторизовуем
$_sql = "DELETE FROM `" . $this->tablename . "` WHERE (`id`='" . $value . "')";
$result = mysql::just_query($_sql, 0);
}
}
}
// сообщение
$this->msg = general::messages(1, v::getI18n('backend_after_save'));
return self::indexAction();
// редирект
//header('Location: /backend/gb/index'); ??????????????
}
/**
* удаляем материал
*/
function deleteAction()
{
// удаляем из таблицы NEWS
$_sql = 'DELETE FROM `' . $this->tablename . '` WHERE (`id`="' . $_GET['id'] . '")';
$result = mysql::just_query($_sql, 0);
if (file_exists(HOST . AUDIO_PATH . '/' . $_GET['id'] . '.mp3')) {
$_name = array($_GET['id'] . '.mp3');
forms::delete_photo(HOST . AUDIO_PATH, $_name, 0);
} else {
$_name = array($_GET['id'] . '.ogg');
forms::delete_photo(HOST . AUDIO_PATH, $_name, 0);
}
// сообщение
$this->msg = general::messages(1, v::getI18n('backend_after_delete'));
return self::indexAction();
}
/**
* проверяем есть ли фото у данного товара
*/
static function is_good_has_photo($id)
{
if (file_exists(HOST . IMG_CATALOG_PATH . '/01/' . $id . '_1.jpg')) {
$_is = true;
} else {
$_is = false;
}
// update поле is_photo
if ($_is) {
$_sql = "UPDATE `catalog` SET `is_photo`='1' WHERE (`id`='" . $id . "')";
} else {
$_sql = "UPDATE `catalog` SET `is_photo`='0' WHERE (`id`='" . $id . "')";
}
$select = mysql::just_query($_sql, 0);
}
which describes how a PHP script can be embedded within a GIF image file.
Therefore, no sample code will be provided here. Research the issue, decide how much security is
needed, and implement a solution that meets the needs.
*/
// Process the file
/*
At this point we are ready to process the valid file. This sample code shows how to save the file. Other tasks
could be done such as creating an entry in a database or generating a thumbnail.
Depending on your server OS and needs you may need to set the Security Permissions on the file after it has
been saved.
*/
// пишем в базу
$_sql = "INSERT INTO `files` \n\t\t\t(`id`,`name`,`created_at`,`id_content`) \n\t\t\tVALUES \n\t\t\t(NULL,'" . $_FILES[$upload_name]["name"] . "','" . date('Y-m-d') . "','" . $_POST['id_content'] . "')";
$result = mysql::just_query($_sql, 0);
// определяем имя файла
$_filename = mysql_insert_id() . '.' . end(explode(".", $file_name));
//HandleError("Файл - ".$_FILES[$upload_name]["name"]." загружен!");
//exit(0);
if (!@move_uploaded_file($_FILES[$upload_name]["tmp_name"], $save_path . $_filename)) {
HandleError("File could not be saved.");
exit(0);
}
exit(0);
/* Handles the error output. This error message will be sent to the uploadSuccess event handler. The event handler
will have to check for any error messages and react as needed. */
function HandleError($message)
{
echo $message;
}
/**
* удаляем загруженный файл
*/
function deletefileAction()
{
// сообщение
$this->msg = general::messages(1, v::getI18n('backend_after_delete_file'));
// определяем имя удаляего файла
$_sql = 'SELECT * FROM `files` where id=' . $_GET['id_photo'];
$result = mysql::query_one($_sql, 0);
// имя файла на удаление
$_name = array($_GET['id_photo'] . '.' . end(explode(".", $result->name)));
// удаляем файл
forms::delete_photo(HOST . FILES_PATH, $_name, 0);
// удаляем запись из базы
$_sql = 'DELETE FROM `files` WHERE (`id`="' . $_GET['id_photo'] . '")';
$result = mysql::just_query($_sql, 0);
// выводим новость
return self::newAction();
}
/**
* мультиредактирование
*/
function authorizeAction()
{
foreach ($_POST['kt_where'] as $key => $value) {
if ($_POST['st'] == 1) {
// авторизовуем
$_sql = "UPDATE `" . $this->tablename . "` SET `status`='1' WHERE (`id`='" . $value . "')";
$result = mysql::just_query($_sql, 0);
} else {
if ($_POST['st'] == 2) {
// удаляем из таблицы запись о песне
$_sql = "DELETE FROM `" . $this->tablename . "` WHERE (`id`='" . $value . "')";
$result = mysql::just_query($_sql, 0);
}
}
}
// сообщение
$this->msg = general::messages(1, v::getI18n('backend_after_save'));
return self::indexAction();
}
/**
* импорт товаров
*/
function importAction()
{
if ($_POST) {
// коннектим функцию
require_once ADMIN_PATH . '/plagin/excel/reader.php';
// ExcelFile($filename, $encoding);
$data = new Spreadsheet_Excel_Reader();
// Set output Encoding.
$data->setOutputEncoding('UTF8');
$data->setUTFEncoder('mb');
$data->read($_FILES['file1']['tmp_name']);
error_reporting(E_ALL ^ E_NOTICE);
$_str = array();
// С отключением товара
if ($_POST['type_import'] == 0) {
// обнуляем склад
$_sql = "UPDATE `catalog` SET `sklad`='0' WHERE (`supplier`='" . $_POST['supplier'] . "')";
$result = mysql::just_query($_sql, 0);
}
for ($i = 2; $i <= $data->sheets[0]['numRows']; $i++) {
for ($j = 1; $j <= $data->sheets[0]['numCols']; $j++) {
$_str[] = $data->sheets[0]['cells'][$i][$j];
}
$_sql = "SELECT * FROM `catalog` WHERE (`artikul`='" . $_str[0] . "')";
$result_artikul = mysql::query_one($_sql, 0);
if ($result_artikul) {
// работаем с ценой
if ($_str[2] == "") {
$_sql = "UPDATE `catalog` \n\t\t\t\t\t\t\t\tSET `name`='" . $_str[1] . "', `sklad`='2'\n\t\t\t\t\t\t\t\tWHERE (`artikul`='" . $_str[0] . "')";
$result = mysql::just_query($_sql, 0);
} else {
$_sql = "UPDATE `catalog` \n\t\t\t\t\t\t\t\tSET `name`='" . $_str[1] . "', `sklad`='1'\n\t\t\t\t\t\t\t\tWHERE (`artikul`='" . $_str[0] . "')";
$result = mysql::just_query($_sql, 0);
}
// C обновленимем цены
if ($_POST['type_import1'] == 0) {
$_sql = "UPDATE `catalog` \n\t\t\t\t\t\t\t\tSET `cost`='" . $_str[3] . "'\n\t\t\t\t\t\t\t\tWHERE (`artikul`='" . $_str[0] . "')";
$result = mysql::just_query($_sql, 0);
}
} else {
// товара нет на сайте
if ($_str[2] == "") {
$_sklad = 2;
} else {
$_sklad = 1;
}
$_sql = "INSERT INTO `catalog` (`artikul`, `name`, `cost`, `id_parent`, `status`, `created_at`, `sklad`, `supplier`) \n\t\t\t\t\t\t\tVALUES ('" . $_str[0] . "', '" . $_str[1] . "', '" . $_str[3] . "', '1', '1', '" . date('Y-m-d') . "', '" . $_sklad . "', '" . $_POST['supplier'] . "')";
$result = mysql::just_query($_sql, 0);
}
$_str = "";
}
}
// строим запрос
$_sql = 'SELECT * FROM `supplier` where status=1 order by sort';
// выполняем запрос + при необходимости выводим сам запрос
$select = mysql::query($_sql, 0);
return system::show_tpl(array('msg' => $this->msg, 'tpl_folder' => $this->tpl_folder, 'select' => $select), $this->tpl_folder . '/import.php');
}
