コード例 #1
0
 public function itemsAction($id = null)
 {
     if (empty($id)) {
         return AddAlertMessage('danger', 'Категории не существует.', '/');
     }
     $current_page = GETAsStrOrDef('page', 1);
     $SearchText = "";
     if (filter_input(INPUT_POST, 'SearchText') !== NULL) {
         $SearchText = filter_input(INPUT_POST, 'SearchText');
     }
     $regions = $this->db->query("select ID, ShortName as Name from Regions order by Name;")->fetchAll();
     $SelectedRegionID = GETAsStrOrDef('reg', '0');
     $sql = "select ID, Name from view_Localities where (RegionID = " . (empty($SelectedRegionID) ? "0" : $SelectedRegionID) . ") order by Name;";
     $localities = $this->db->query($sql)->fetchAll();
     $SelectedLocalityID = GETAsStrOrDef('loc', '0');
     $pod = $this->db->query('select name from Catalog_pod where ID=' . $id)->fetch();
     $SubCategoryName = $pod["name"];
     $WhereStr = "where CI.id_pod_cat = {$id} " . "and CI.IsDeleted=0 " . "and CI.IsActive=1 ";
     if ($SelectedRegionID != '0') {
         $WhereStr .= "and CI.RegionID = " . $SelectedRegionID . " ";
     }
     if ($SelectedLocalityID != '0') {
         $WhereStr .= "and CI.LocalityID = " . $SelectedLocalityID . " ";
     }
     if (!empty($SearchText)) {
         $WhereStr .= "and ((CI.name like '%{$SearchText}%') or (CI.adress like '%{$SearchText}%')) ";
     }
     $sql = "select count(*) as RecordCount " . "from Catalog_item as CI " . $WhereStr;
     $rec = $this->db->query($sql)->fetch();
     $RecordsPerPage = 15;
     $total_pages = ceil($rec["RecordCount"] / $RecordsPerPage);
     $sql = "select CI.ID, CI.name, CI.adress, CI.kont_tell, CI.CountComments, L.Name as Locality, R.ShortName as RegionName, " . "(CI.Rating1+CI.Rating2+CI.Rating3)/3 as TotalRating " . "from Catalog_item as CI " . "left outer join view_ShortLocalities as L on (CI.LocalityID = L.ID) " . "left outer join Regions as R on (CI.RegionID = R.ID) " . $WhereStr . "order by CI.name " . "limit " . ($current_page - 1) * $RecordsPerPage . ", " . $RecordsPerPage;
     $items = $this->db->query($sql)->fetchAll();
     $this->view->setVars(array('id' => $id, 'items' => $items, 'pagination' => array('total_pages' => $total_pages, 'current' => $current_page, 'perpage' => $RecordsPerPage), 'SubCategoryName' => $SubCategoryName, 'regions' => $regions, 'SelectedRegionID' => $SelectedRegionID, 'localities' => $localities, 'SelectedLocalityID' => $SelectedLocalityID, 'SearchText' => $SearchText));
     $this->view->breadcrumbs = array(array('url' => '/catalog/', 'title' => 'Каталог организаций'), array('url' => '/catalog/p-' . $id, 'title' => $SubCategoryName));
     $this->view->meta = array('meta_title' => 'Каталог организаций: ' . $SubCategoryName, 'meta_description' => 'Каталог организаций: ' . $SubCategoryName, 'meta_keywords' => 'организации, спорт, образование, праздник, здоровье, школа, детский сад, роддом, танцы, кружки, досуг, молочные кухни');
     $this->view->generate();
 }
コード例 #2
0
<?php

echo "<script> alert(' Комментарий добавлен! ');</script>";
$RecordID = GETAsStrOrDef("id", "0");
Redirect("/market/cardtovar");
コード例 #3
0
 public function resetpasswordAction()
 {
     if (!Tools::isPost()) {
         // если открыли форму ссылкой из письма
         $Email = GETAsStrOrDef('m', '');
         $PasswordHash = GETAsStrOrDef('h', '');
         if (empty($Email) || empty($PasswordHash)) {
             return AddAlertMessage('danger', 'Неверный запрос на восстановление пароля!', '/');
         }
         $Email = empty($Email) ? '' : Decrypt_Blowfish($Email);
         $PasswordHash = empty($PasswordHash) ? '' : Decrypt_Blowfish($PasswordHash);
         $sql = "select PasswordHash " . "from Users " . "where (Email = '{$Email}');";
         $user = $this->db->query($sql)->fetch();
         if ($PasswordHash != $user['PasswordHash']) {
             return AddAlertMessage('danger', 'Неверный код восстановления пароля!', '/');
         }
         $this->view->setVars(array('Email' => $Email, 'EncryptedEmail' => GETAsStrOrDef('m', ''), 'EncryptedPasswordHash' => GETAsStrOrDef('h', '')));
     } else {
         $NewPassword = POSTStrAsSQLStr('password');
         // если нажали на кнопку "Изменить пароль"
         if ($NewPassword != POSTStrAsSQLStr('confirmpassword')) {
             // проверка на всякий случай, но основная работа будет в validation.js ($('#ResetPasswordBtn').click(function(){)
             return AddAlertMessage('danger', 'Пароли не совпадают', '/auth/resetpassword?m=' . $_POST['EncryptedEmail'] . '&h=' . $_POST['EncryptedPasswordHash']);
         }
         $vEmail = Decrypt_Blowfish(POSTStrAsSQLStr('EncryptedEmail'));
         $sql = "update Users set PasswordHash = '" . EncryptPassword($NewPassword) . "' where Email = '{$vEmail}';";
         $this->db->exec($sql);
         return AddAlertMessage('success', 'Пароль успешно изменен!', '/');
     }
     $this->view->breadcrumbs = array(array('url' => '/auth/password', 'title' => 'Изменение пароля'));
     $this->view->meta = array('meta_title' => 'Изменение пароля', 'meta_description' => 'Изменение пароля', 'meta_keywords' => '');
     $this->view->generate();
 }
コード例 #4
0
 public function SaveNewTovar()
 {
     //берем поля из формы
     $sale_bye = $_POST['sel_bay'];
     //купить или продать s- продать b- купить
     $zag = $_POST['zag'];
     //заголовок
     $cat = $_POST['for_cat'];
     //выбор категории для товара
     $s_desc = $_POST['desc_sh'];
     //короткое описание
     $l_desc = $_POST['full_sh'];
     // длинное описание
     $cost = $_POST['cost'];
     // цена
     if ($sale_bye === 's' or $sale_bye === 'b') {
         $taba = '`tovar_market`';
         $taba2 = 'tovar_image_market';
     }
     if ($sale_bye === 'g' or $sale_bye === 'c') {
         $taba = '`change_market`';
         $taba2 = 'change_image_market';
     }
     $condition = $_POST['face'];
     //состояние товара
     $gender = $_POST['sex'];
     //пол ребенка
     $cont_face = $_POST['cont_face'];
     //контактное лицо
     $cont_email = $_POST['cont_email'];
     //контактное email
     $cont_tel = $_POST['cont_tel'];
     //контактный телефон
     $cont_skype = $_POST['cont_skype'];
     // skype
     $cont_city = $_POST['cont_city'];
     //город
     $datas = time();
     $reg = $_POST['termin'];
     if ($reg == 'unreg') {
         $dataf = $datas + 2629743;
         $for_adv = "1 месяц";
     }
     if ($reg == 'reg') {
         $dataf = $datas + 15778463;
         $for_adv = "6 месяцев";
     }
     if ($reg == '2reg') {
         $dataf = $datas + 5259486;
         $for_adv = "2 месяца";
     }
     if ($reg == '3reg') {
         $dataf = $datas + 7889229;
         $for_adv = "3 месяца";
     }
     $RecordID = GETAsStrOrDef("id", "0");
     $vWaterMarkPosition = "";
     $hash = time();
     $APath = DIR_DBIMAGES . 'comission/' . $hash . '/';
     $query = "insert into {$taba}\n            (`id_podcat`, `name_tovar`,\n            `gender`, `wish`, `price`, `desc_tovar`, `short_desc`, `user`, `user_ph`,`user_em`, `user_sk`, `kind`, `city`, `datas`, `dataf` ) \n            values ('{$cat}','{$zag}', '{$gender}', '{$sale_bye}', '{$cost}', '{$l_desc}', '{$s_desc}', '{$cont_face}', '{$cont_tel}', '{$cont_email}', '{$cont_skype}', '{$condition}' , '{$cont_city}', '{$datas}', '{$dataf}')";
     $this->db->exec($query);
     $id_t = array($this->db->lastInsertId());
     $vWaterMarkPosition = 'BL';
     $vWaterMarkSubDir = '../admincp/public/img/watermarks/';
     if (!empty($_FILES)) {
         if ($_FILES['AddImageEdt'] !== NULL) {
             $numer = 0;
             // Проверяем массив, т.к. в некоторых случаях можем грузить больше чем одно фото (для универсальности)
             foreach ($_FILES["AddImageEdt"]["error"] as $key => $error) {
                 $numer++;
                 $ArticleImageID = $numer;
                 // DBInsertRecord($context->db, "ArticleImages");
                 $tmp_name = $_FILES["AddImageEdt"]["tmp_name"][$key];
                 $file_info = new SplFileInfo($_FILES["AddImageEdt"]["name"][$key]);
                 $file_ext = $file_info->getExtension();
                 // получить расширение файла
                 list($ErrorMsg, $FileRelativeURL) = UploadTovarImage('', $APath, 'ai_' . $ArticleImageID, 600, 600, $vWaterMarkPosition, $vWaterMarkSubDir . 'l_' . $vWaterMarkPosition . '.png', $tmp_name, $file_ext);
                 $img = $APath . 'ai_' . $ArticleImageID . "." . $file_ext;
                 $query_img = "insert into {$taba2} (`tovar_id`, `img`) values ('{$id_t['0']}', '{$img}')";
                 $this->db->exec($query_img);
             }
         } else {
             $test = " Нет файла";
         }
     } else {
         $test = " Какой то не такой файл";
     }
     return $id_t;
 }