public function itemsAction($id = null)
{
if (empty($id)) {
return AddAlertMessage('danger', 'Категории не существует.', '/');
}
$current_page = GETAsStrOrDef('page', 1);
$SearchText = "";
if (filter_input(INPUT_POST, 'SearchText') !== NULL) {
$SearchText = filter_input(INPUT_POST, 'SearchText');
}
$regions = $this->db->query("select ID, ShortName as Name from Regions order by Name;")->fetchAll();
$SelectedRegionID = GETAsStrOrDef('reg', '0');
$sql = "select ID, Name from view_Localities where (RegionID = " . (empty($SelectedRegionID) ? "0" : $SelectedRegionID) . ") order by Name;";
$localities = $this->db->query($sql)->fetchAll();
$SelectedLocalityID = GETAsStrOrDef('loc', '0');
$pod = $this->db->query('select name from Catalog_pod where ID=' . $id)->fetch();
$SubCategoryName = $pod["name"];
$WhereStr = "where CI.id_pod_cat = {$id} " . "and CI.IsDeleted=0 " . "and CI.IsActive=1 ";
if ($SelectedRegionID != '0') {
$WhereStr .= "and CI.RegionID = " . $SelectedRegionID . " ";
}
if ($SelectedLocalityID != '0') {
$WhereStr .= "and CI.LocalityID = " . $SelectedLocalityID . " ";
}
if (!empty($SearchText)) {
$WhereStr .= "and ((CI.name like '%{$SearchText}%') or (CI.adress like '%{$SearchText}%')) ";
}
$sql = "select count(*) as RecordCount " . "from Catalog_item as CI " . $WhereStr;
$rec = $this->db->query($sql)->fetch();
$RecordsPerPage = 15;
$total_pages = ceil($rec["RecordCount"] / $RecordsPerPage);
$sql = "select CI.ID, CI.name, CI.adress, CI.kont_tell, CI.CountComments, L.Name as Locality, R.ShortName as RegionName, " . "(CI.Rating1+CI.Rating2+CI.Rating3)/3 as TotalRating " . "from Catalog_item as CI " . "left outer join view_ShortLocalities as L on (CI.LocalityID = L.ID) " . "left outer join Regions as R on (CI.RegionID = R.ID) " . $WhereStr . "order by CI.name " . "limit " . ($current_page - 1) * $RecordsPerPage . ", " . $RecordsPerPage;
$items = $this->db->query($sql)->fetchAll();
$this->view->setVars(array('id' => $id, 'items' => $items, 'pagination' => array('total_pages' => $total_pages, 'current' => $current_page, 'perpage' => $RecordsPerPage), 'SubCategoryName' => $SubCategoryName, 'regions' => $regions, 'SelectedRegionID' => $SelectedRegionID, 'localities' => $localities, 'SelectedLocalityID' => $SelectedLocalityID, 'SearchText' => $SearchText));
$this->view->breadcrumbs = array(array('url' => '/catalog/', 'title' => 'Каталог организаций'), array('url' => '/catalog/p-' . $id, 'title' => $SubCategoryName));
$this->view->meta = array('meta_title' => 'Каталог организаций: ' . $SubCategoryName, 'meta_description' => 'Каталог организаций: ' . $SubCategoryName, 'meta_keywords' => 'организации, спорт, образование, праздник, здоровье, школа, детский сад, роддом, танцы, кружки, досуг, молочные кухни');
$this->view->generate();
}
<?php
echo "<script> alert(' Комментарий добавлен! ');</script>";
$RecordID = GETAsStrOrDef("id", "0");
Redirect("/market/cardtovar");
public function resetpasswordAction()
{
if (!Tools::isPost()) {
// если открыли форму ссылкой из письма
$Email = GETAsStrOrDef('m', '');
$PasswordHash = GETAsStrOrDef('h', '');
if (empty($Email) || empty($PasswordHash)) {
return AddAlertMessage('danger', 'Неверный запрос на восстановление пароля!', '/');
}
$Email = empty($Email) ? '' : Decrypt_Blowfish($Email);
$PasswordHash = empty($PasswordHash) ? '' : Decrypt_Blowfish($PasswordHash);
$sql = "select PasswordHash " . "from Users " . "where (Email = '{$Email}');";
$user = $this->db->query($sql)->fetch();
if ($PasswordHash != $user['PasswordHash']) {
return AddAlertMessage('danger', 'Неверный код восстановления пароля!', '/');
}
$this->view->setVars(array('Email' => $Email, 'EncryptedEmail' => GETAsStrOrDef('m', ''), 'EncryptedPasswordHash' => GETAsStrOrDef('h', '')));
} else {
$NewPassword = POSTStrAsSQLStr('password');
// если нажали на кнопку "Изменить пароль"
if ($NewPassword != POSTStrAsSQLStr('confirmpassword')) {
// проверка на всякий случай, но основная работа будет в validation.js ($('#ResetPasswordBtn').click(function(){)
return AddAlertMessage('danger', 'Пароли не совпадают', '/auth/resetpassword?m=' . $_POST['EncryptedEmail'] . '&h=' . $_POST['EncryptedPasswordHash']);
}
$vEmail = Decrypt_Blowfish(POSTStrAsSQLStr('EncryptedEmail'));
$sql = "update Users set PasswordHash = '" . EncryptPassword($NewPassword) . "' where Email = '{$vEmail}';";
$this->db->exec($sql);
return AddAlertMessage('success', 'Пароль успешно изменен!', '/');
}
$this->view->breadcrumbs = array(array('url' => '/auth/password', 'title' => 'Изменение пароля'));
$this->view->meta = array('meta_title' => 'Изменение пароля', 'meta_description' => 'Изменение пароля', 'meta_keywords' => '');
$this->view->generate();
}
public function SaveNewTovar()
{
//берем поля из формы
$sale_bye = $_POST['sel_bay'];
//купить или продать s- продать b- купить
$zag = $_POST['zag'];
//заголовок
$cat = $_POST['for_cat'];
//выбор категории для товара
$s_desc = $_POST['desc_sh'];
//короткое описание
$l_desc = $_POST['full_sh'];
// длинное описание
$cost = $_POST['cost'];
// цена
if ($sale_bye === 's' or $sale_bye === 'b') {
$taba = '`tovar_market`';
$taba2 = 'tovar_image_market';
}
if ($sale_bye === 'g' or $sale_bye === 'c') {
$taba = '`change_market`';
$taba2 = 'change_image_market';
}
$condition = $_POST['face'];
//состояние товара
$gender = $_POST['sex'];
//пол ребенка
$cont_face = $_POST['cont_face'];
//контактное лицо
$cont_email = $_POST['cont_email'];
//контактное email
$cont_tel = $_POST['cont_tel'];
//контактный телефон
$cont_skype = $_POST['cont_skype'];
// skype
$cont_city = $_POST['cont_city'];
//город
$datas = time();
$reg = $_POST['termin'];
if ($reg == 'unreg') {
$dataf = $datas + 2629743;
$for_adv = "1 месяц";
}
if ($reg == 'reg') {
$dataf = $datas + 15778463;
$for_adv = "6 месяцев";
}
if ($reg == '2reg') {
$dataf = $datas + 5259486;
$for_adv = "2 месяца";
}
if ($reg == '3reg') {
$dataf = $datas + 7889229;
$for_adv = "3 месяца";
}
$RecordID = GETAsStrOrDef("id", "0");
$vWaterMarkPosition = "";
$hash = time();
$APath = DIR_DBIMAGES . 'comission/' . $hash . '/';
$query = "insert into {$taba}\n (`id_podcat`, `name_tovar`,\n `gender`, `wish`, `price`, `desc_tovar`, `short_desc`, `user`, `user_ph`,`user_em`, `user_sk`, `kind`, `city`, `datas`, `dataf` ) \n values ('{$cat}','{$zag}', '{$gender}', '{$sale_bye}', '{$cost}', '{$l_desc}', '{$s_desc}', '{$cont_face}', '{$cont_tel}', '{$cont_email}', '{$cont_skype}', '{$condition}' , '{$cont_city}', '{$datas}', '{$dataf}')";
$this->db->exec($query);
$id_t = array($this->db->lastInsertId());
$vWaterMarkPosition = 'BL';
$vWaterMarkSubDir = '../admincp/public/img/watermarks/';
if (!empty($_FILES)) {
if ($_FILES['AddImageEdt'] !== NULL) {
$numer = 0;
// Проверяем массив, т.к. в некоторых случаях можем грузить больше чем одно фото (для универсальности)
foreach ($_FILES["AddImageEdt"]["error"] as $key => $error) {
$numer++;
$ArticleImageID = $numer;
// DBInsertRecord($context->db, "ArticleImages");
$tmp_name = $_FILES["AddImageEdt"]["tmp_name"][$key];
$file_info = new SplFileInfo($_FILES["AddImageEdt"]["name"][$key]);
$file_ext = $file_info->getExtension();
// получить расширение файла
list($ErrorMsg, $FileRelativeURL) = UploadTovarImage('', $APath, 'ai_' . $ArticleImageID, 600, 600, $vWaterMarkPosition, $vWaterMarkSubDir . 'l_' . $vWaterMarkPosition . '.png', $tmp_name, $file_ext);
$img = $APath . 'ai_' . $ArticleImageID . "." . $file_ext;
$query_img = "insert into {$taba2} (`tovar_id`, `img`) values ('{$id_t['0']}', '{$img}')";
$this->db->exec($query_img);
}
} else {
$test = " Нет файла";
}
} else {
$test = " Какой то не такой файл";
}
return $id_t;
}