function doSaveComment()
{
try {
if ($_SESSION['security_code'] == $_POST['security_code'] && !empty($_SESSION['security_code'])) {
unset($_SESSION['security_code']);
} else {
die("ERROR_SECURITY_CODE");
}
$validate = new Validate();
if ($validate->check_submit(1, array("article_id", "comment_ten", "comment_url", "comment_noidung")) == false) {
die('ERROR_SYSTEM');
}
$article_id = $_POST["article_id"];
$ten = $_POST["comment_ten"];
$url = $_POST["comment_url"];
if ($url == null) {
$url = '#';
}
$noidung = $_POST["comment_noidung"];
if ($validate->check_null(array($article_id, $ten, $noidung)) == false) {
die('ERROR_SYSTEM');
}
$this->setModel('comment');
$this->comment->id = null;
$this->comment->ten = $ten;
$this->comment->url = $url;
$this->comment->article_id = $article_id;
$this->comment->noidung = $noidung;
$this->comment->ngaypost = GetDateSQL();
$this->comment->insert();
echo 'DONE';
} catch (Exception $e) {
echo 'ERROR_SYSTEM';
}
}
function doEdit()
{
try {
$duan_id = mysql_real_escape_string($_POST['duan_id']);
if ($duan_id == null) {
die('ERROR_SYSTEM');
}
$myprojects = array();
if (isset($_SESSION['myprojects'])) {
$myprojects = $_SESSION['myprojects'];
}
if (in_array($duan_id, $myprojects) == false) {
$this->checkLogin(true);
$this->checkActive(true);
$this->checkLock(true);
die('ERROR_SYSTEM');
}
$tenduan = $_POST['duan_tenduan'];
$alias = $_POST['duan_alias'];
$linhvuc_id = $_POST['duan_linhvuc_id'];
$tinh_id = $_POST['duan_tinh_id'];
$ngayketthuc = $_POST['duan_ngayketthuc'];
$costmin = $_POST['duan_costmin'];
$costmax = $_POST['duan_costmax'];
$thongtinchitiet = $_POST['duan_thongtinchitiet'];
$duan_email = $_POST['duan_email'];
$duan_sodienthoai = $_POST['duan_sodienthoai'];
$isbid = $_POST['duan_isbid'];
//Validate
if (isset($_POST['duan_skills'])) {
if (isset($_POST['duan_skills'][MAX_SKILL])) {
die('ERROR_MAXSKILL');
}
}
$validate = new Validate();
if ($validate->check_null(array($duan_id, $tenduan, $alias, $linhvuc_id, $tinh_id, $ngayketthuc, $costmin, $costmax, $thongtinchitiet, $isbid, $duan_email, $duan_sodienthoai)) == false) {
die('ERROR_SYSTEM');
}
if ($validate->check_length($tenduan, 101)) {
die('ERROR_SYSTEM');
}
if ($validate->check_date($ngayketthuc) == false) {
die('ERROR_SYSTEM');
}
$ngayketthuc = SQLDate($ngayketthuc);
//End validate
$this->duan->id = $duan_id;
$data = $this->duan->search('id,ngaypost,ngayketthuc,data_id');
if (empty($data)) {
die('ERROR_SYSTEM');
}
$ngaypost = $data['duan']['ngaypost'];
$data_id = $data['duan']['data_id'];
$file_id = null;
//Get upload attach file_id
global $cache;
$ma = time();
if ($_FILES['duan_filedinhkem']['name'] != NULL) {
$str = $_FILES['duan_filedinhkem']['tmp_name'];
$size = $_FILES['duan_filedinhkem']['size'];
if ($size == 0) {
echo 'ERROR_FILESIZE';
} else {
$dir = ROOT . DS . 'public' . DS . 'upload' . DS . 'files' . DS;
$filename = preg_replace("/[&' +-]/", "_", $_FILES['duan_filedinhkem']['name']);
move_uploaded_file($_FILES['duan_filedinhkem']['tmp_name'], $dir . $filename);
//die($filename);
$sFileType = '';
$i = strlen($filename) - 1;
while ($i >= 0) {
if ($filename[$i] == '.') {
break;
}
$sFileType = $filename[$i] . $sFileType;
$i--;
}
$str = $dir . $filename;
$fname = $ma . '_' . $filename;
$arrType = $cache->get('fileTypes');
if (!in_array(strtolower($sFileType), $arrType)) {
unlink($str);
die('ERROR_WRONGFORMAT');
} else {
$str2 = $dir . $fname;
rename($str, $str2);
$this->setModel('file');
$this->file->id = null;
$this->file->filename = $filename;
$this->file->fileurl = BASE_PATH . '/upload/files/' . $fname;
$this->file->status = 1;
$file_id = $this->file->insert(true);
}
}
}
//End
$this->setModel('data');
$sIndex = "{$tenduan} " . strip_tags($thongtinchitiet);
$sIndex = strtolower(remove_accents($sIndex));
$this->data->id = $data_id;
$this->data->data = $sIndex;
$this->data->update();
$this->setModel('duan');
$this->duan->id = $duan_id;
$this->duan->tenduan = $tenduan;
$this->duan->alias = $alias;
$this->duan->linhvuc_id = $linhvuc_id;
$this->duan->tinh_id = $tinh_id;
$this->duan->costmin = $costmin;
$this->duan->costmax = $costmax;
$this->duan->isbid = $isbid;
if ($file_id != 0) {
$this->duan->file_id = $file_id;
}
$this->duan->thongtinchitiet = $thongtinchitiet;
$currentDate = GetDateSQL();
$this->duan->timeupdate = $currentDate;
$this->duan->ngayketthuc = $ngayketthuc;
$this->duan->duan_email = $duan_email;
$this->duan->duan_sodienthoai = $duan_sodienthoai;
if ($data['duan']['ngayketthuc'] > $currentDate) {
$this->duan->nhathau_id = '';
}
$this->duan->update();
$this->setModel('duanskill');
$this->duanskill->custom("delete from duanskills where duan_id = {$duan_id}");
if (isset($_POST['duan_skills'])) {
$lstSkill = $_POST['duan_skills'];
foreach ($lstSkill as $skill_id) {
$this->duanskill->id = null;
$this->duanskill->duan_id = $duan_id;
$this->duanskill->skill_id = $skill_id;
$this->duanskill->insert();
}
}
echo 'DONE';
} catch (Exception $e) {
echo 'ERROR_SYSTEM';
}
}
function updateStatistics()
{
$this->setModel('ppl_online');
$now = GetDateSQL();
if (!isset($_SESSION['online'])) {
$this->ppl_online->id = null;
if (!isset($_SERVER['HTTP_REFERER'])) {
$this->ppl_online->refurl = null;
}
$this->ppl_online->activity = $now;
$this->ppl_online->access_time = $now;
$this->ppl_online->ip_address = $_SERVER['REMOTE_ADDR'];
$this->ppl_online->account_id = null;
$this->ppl_online->user_agent = $_SERVER['HTTP_USER_AGENT'];
$id = $this->ppl_online->insert(true);
$_SESSION['online'] = $id;
// đăng ký một biến session
} else {
if (isset($_SESSION['account'])) {
$this->ppl_online->id = $_SESSION['online'];
$this->ppl_online->activity = $now;
$this->ppl_online->account_id = $_SESSION['account']['id'];
$this->ppl_online->update();
}
}
if (isset($_SESSION['online'])) {
// nếu là registered.
$this->ppl_online->id = $_SESSION['online'];
$this->ppl_online->activity = $now;
$this->ppl_online->update();
}
$limit_time = time() - 300;
$data = $this->ppl_online->custom("SELECT count(*) as nOnline FROM ppl_onlines WHERE UNIX_TIMESTAMP(activity) >= {$limit_time}");
global $cache;
$statistics = $cache->get('statistics');
$statistics['nOnlines'] = $data[0]['']['nOnline'];
$cache->set('statistics', $statistics);
}
function doAddMoiThau($account_id = null, $duan_id = null)
{
if ($duan_id == null || $account_id == null) {
die('ERROR_SYSTEM');
}
try {
$this->checkLogin(true);
$this->checkActive(true);
$this->checkLock(true);
$this->setModel('moithau');
$employer_id = $_SESSION['account']['id'];
$account_id = mysql_real_escape_string($account_id);
$duan_id = mysql_real_escape_string($duan_id);
$this->nhathau->showHasOne(array('account'));
$this->nhathau->where(" and `status`=1 and account_id={$account_id}");
$data = $this->nhathau->search('nhathau.id,username');
if (empty($data)) {
die('ERROR_SYSTEM');
}
$email = $data[0]['account']['username'];
$this->setModel('duan');
$this->duan->showHasOne(array('linhvuc'));
$this->duan->id = $duan_id;
$this->duan->where(" and duan.active=1 and approve = 1 and duan.nhathau_id is null and ngayketthuc>now() and account_id={$employer_id}");
$data = $this->duan->search('duan.id,tenduan,costmax,costmin,tenlinhvuc');
if (empty($data)) {
die('ERROR_SYSTEM');
}
$chiphi = formatMoney($data["duan"]["costmin"]) . ' đến ' . formatMoney($data["duan"]["costmax"]);
$linkmoithau = BASE_PATH . '/moithau/viewMyLetters';
$linkmoithau = "<a href='{$linkmoithau}'>{$linkmoithau}</a>";
global $cache;
$content = $cache->get('mail_moithau');
$search = array('#TENDUAN#', '#CHIPHI#', '#LINHVUC#', '#LINKMOITHAU#');
$replace = array($data['duan']['tenduan'], $chiphi, $data['linhvuc']['tenlinhvuc'], $linkmoithau);
$content = str_replace($search, $replace, $content);
$this->setModel('moithau');
$this->moithau->where(" and duan_id={$duan_id} and account_id={$account_id}");
$data = $this->moithau->search('id');
if (!empty($data)) {
die('ERROR_INVITED');
}
$this->moithau->id = null;
$this->moithau->account_id = $account_id;
$this->moithau->duan_id = $duan_id;
$this->moithau->time = GetDateSQL();
$this->moithau->hadread = 0;
$this->moithau->insert();
//Gui mail_moithau
$priSenders = $cache->get('priSenders');
$sender = $priSenders[mt_rand(0, count($priSenders) - 1)];
include ROOT . DS . 'library' . DS . 'sendmail.php';
$mail = new sendmail();
$mail->send($email, 'Bạn Được Mời Thầu 1 Dự Án Trên JobBid.vn!', $content, $sender);
echo 'DONE';
} catch (Exception $e) {
echo 'ERROR_SYSTEM';
}
}
function savePage()
{
//die("ERROR_NOTLOGIN");
$this->checkAdmin(true);
try {
$id = $_POST["page_id"];
$title = $_POST["page_title"];
$alias = $_POST["page_alias"];
$menu_id = $_POST["page_menu"];
$content = $_POST["page_content"];
if ($id == null) {
//insert
$this->page->id = null;
$this->page->title = $title;
$this->page->alias = $alias;
$this->page->content = $content;
$this->page->datemodified = GetDateSQL();
$this->page->usermodified = $_SESSION["account"]["username"];
$this->page->menu_id = $menu_id;
$this->page->active = 1;
} else {
//update
$this->page->id = $id;
$this->page->title = $title;
$this->page->alias = $alias;
$this->page->content = $content;
$this->page->datemodified = GetDateSQL();
$this->page->usermodified = $_SESSION["account"]["username"];
$this->page->menu_id = $menu_id;
}
$html = new HTML();
$value = "{'datemodified':'" . $html->format_date($this->page->datemodified, 'd/m/Y H:i:s') . "','usermodified':'" . $this->page->usermodified . "'}";
$id = $this->page->save();
if (isEmpty($menu_id) == false) {
$this->setModel("menu");
$this->menu->id = $menu_id;
$this->menu->url = BASE_PATH . "/page/view/" . $id . "/" . $alias;
$this->menu->save();
global $cache;
$this->menu->where('AND active=1');
$this->menu->orderBy('order', 'ASC');
$data = $this->menu->search();
$cache->set("menuList", $data);
}
print $value;
} catch (Exception $e) {
echo 'ERROR_SYSTEM';
}
}
function submit_login_box()
{
if (!isset($_SESSION['submit_login_times'])) {
$_SESSION['submit_login_times'] = 0;
}
if ($_SESSION['submit_login_times'] >= MAX_SUBMIT_LOGIN_TIMES) {
die('ERROR_MANYTIMES');
}
$_SESSION['submit_login_times'] = $_SESSION['submit_login_times'] + 1;
$validate = new Validate();
if ($validate->check_submit(1, array('username', 'password')) == false) {
die('ERROR_SYSTEM');
}
$password = $_POST['password'];
$email = $_POST['username'];
if ($validate->check_null(array($password, $email)) == false) {
die('ERROR_SYSTEM');
}
$strWhere = "AND username='******' AND active>=0";
$this->account->where($strWhere);
$account = $this->account->search();
if (empty($account)) {
die('ERROR_NOTEXIST');
} else {
if (strcmp(md5($password), $account[0]['account']['password']) != 0) {
die('ERROR_WRONGPASSWORD');
} else {
//Login thanh cong
$_SESSION['account'] = $account[0]['account'];
$this->account->id = $account[0]['account']['id'];
$this->account->lastlogin = GetDateSQL();
$this->account->save();
$this->setModel('nhathau');
$this->nhathau->where('and status>=0 and account_id=' . $account[0]['account']['id']);
$nhathau = $this->nhathau->search('id,displayname,account_id,diemdanhgia,nhathau_alias');
if (!empty($nhathau)) {
$_SESSION['nhathau'] = $nhathau[0]['nhathau'];
}
echo 'OK';
}
}
}
function chonhoso()
{
try {
$duan_id = $_GET["duan_id"];
$strWhere = '';
$myprojects = array();
if (isset($_SESSION['myprojects'])) {
$myprojects = $_SESSION['myprojects'];
}
if (in_array($duan_id, $myprojects) == false) {
$this->checkLogin(true);
$this->checkActive(true);
$this->checkLock(true);
$account_id = $_SESSION["account"]["id"];
$strWhere = " and duan.account_id = {$account_id}";
}
$hosothau_id = $_GET["hosothau_id"];
if ($duan_id == null || $hosothau_id == null) {
die('ERROR_SYSTEM');
}
$hosothau_id = mysql_real_escape_string($hosothau_id);
$duan_id = mysql_real_escape_string($duan_id);
$this->hosothau->id = $hosothau_id;
$data = $this->hosothau->search("nhathau_id,hosothau_email");
if (empty($data)) {
die("ERROR_SYSTEM");
}
$nhathau_id = $data["hosothau"]["nhathau_id"];
$freelancerMail = $data["hosothau"]["hosothau_email"];
$this->hosothau->id = $hosothau_id;
$this->hosothau->trangthai = 2;
$this->hosothau->update();
$this->setModel("duan");
$this->duan->id = $duan_id;
$this->duan->where($strWhere);
$data = $this->duan->search("id,tenduan,alias,linhvuc_id,duan_email,duan_sodienthoai");
if (empty($data)) {
die("ERROR_SYSTEM");
}
$this->duan->id = $duan_id;
$this->duan->nhathau_id = $nhathau_id;
$this->duan->hosothau_id = $hosothau_id;
$this->duan->timeupdate = GetDateSQL();
$this->duan->update();
$this->duan->showHasOne(array('nhathau', 'hosothau', 'linhvuc'));
$this->duan->orderBy('timeupdate', 'desc');
$this->duan->setPage(1);
$this->duan->setLimit(7);
$this->duan->where(" and duan.active = 1 and approve = 1 and duan.nhathau_id is not null");
$finishedProjects = $this->duan->search("duan.id,tenduan,alias,linhvuc_id,tenlinhvuc,giathau,prior,bidcount,displayname,duan.nhathau_id,duan.active,nhathau_alias");
global $cache;
$cache->set('finishedProjects', $finishedProjects);
//Send mail cho ung vien trung thau
$linkduan = BASE_PATH . '/duan/view/' . $data["duan"]["id"] . '/' . $data["duan"]["alias"];
$tenduan = $data["duan"]["tenduan"];
$linktenduan = "<a href='{$linkduan}'>{$tenduan}</a>";
$linkduan = "<a href='{$linkduan}'>{$linkduan}</a>";
$content = $cache->get('mail_win');
$search = array('#LINKTENDUAN#', '#EMAIL#', '#SODIENTHOAI#', '#LINKDUAN#');
$replace = array($linktenduan, $data['duan']['duan_email'], $data['duan']['duan_sodienthoai'], $linkduan);
$content = str_replace($search, $replace, $content);
$this->setModel('sendmail');
$this->sendmail->id = null;
$this->sendmail->to = $freelancerMail;
$this->sendmail->subject = 'JobBid.vn - Chúc Mừng Bạn Đã Thắng Thầu!!!';
$this->sendmail->content = $content;
$this->sendmail->isprior = 1;
$this->sendmail->insert();
//Cap nhat so du an cua linh vuc
$linhvuc_id = $data["duan"]["linhvuc_id"];
$this->duan->where(" and active = 1 and approve = 1 and nhathau_id is null and ngayketthuc > now() and linhvuc_id = '{$linhvuc_id}'");
$data = $this->duan->search("count(*) as soduan");
$this->setModel("linhvuc");
$this->linhvuc->id = $linhvuc_id;
$this->linhvuc->soduan = $data[0][""]["soduan"];
$this->linhvuc->update();
echo "DONE";
} catch (Exception $e) {
echo 'ERROR_SYSTEM';
}
}
