function doSaveComment() { try { if ($_SESSION['security_code'] == $_POST['security_code'] && !empty($_SESSION['security_code'])) { unset($_SESSION['security_code']); } else { die("ERROR_SECURITY_CODE"); } $validate = new Validate(); if ($validate->check_submit(1, array("article_id", "comment_ten", "comment_url", "comment_noidung")) == false) { die('ERROR_SYSTEM'); } $article_id = $_POST["article_id"]; $ten = $_POST["comment_ten"]; $url = $_POST["comment_url"]; if ($url == null) { $url = '#'; } $noidung = $_POST["comment_noidung"]; if ($validate->check_null(array($article_id, $ten, $noidung)) == false) { die('ERROR_SYSTEM'); } $this->setModel('comment'); $this->comment->id = null; $this->comment->ten = $ten; $this->comment->url = $url; $this->comment->article_id = $article_id; $this->comment->noidung = $noidung; $this->comment->ngaypost = GetDateSQL(); $this->comment->insert(); echo 'DONE'; } catch (Exception $e) { echo 'ERROR_SYSTEM'; } }
function doEdit() { try { $duan_id = mysql_real_escape_string($_POST['duan_id']); if ($duan_id == null) { die('ERROR_SYSTEM'); } $myprojects = array(); if (isset($_SESSION['myprojects'])) { $myprojects = $_SESSION['myprojects']; } if (in_array($duan_id, $myprojects) == false) { $this->checkLogin(true); $this->checkActive(true); $this->checkLock(true); die('ERROR_SYSTEM'); } $tenduan = $_POST['duan_tenduan']; $alias = $_POST['duan_alias']; $linhvuc_id = $_POST['duan_linhvuc_id']; $tinh_id = $_POST['duan_tinh_id']; $ngayketthuc = $_POST['duan_ngayketthuc']; $costmin = $_POST['duan_costmin']; $costmax = $_POST['duan_costmax']; $thongtinchitiet = $_POST['duan_thongtinchitiet']; $duan_email = $_POST['duan_email']; $duan_sodienthoai = $_POST['duan_sodienthoai']; $isbid = $_POST['duan_isbid']; //Validate if (isset($_POST['duan_skills'])) { if (isset($_POST['duan_skills'][MAX_SKILL])) { die('ERROR_MAXSKILL'); } } $validate = new Validate(); if ($validate->check_null(array($duan_id, $tenduan, $alias, $linhvuc_id, $tinh_id, $ngayketthuc, $costmin, $costmax, $thongtinchitiet, $isbid, $duan_email, $duan_sodienthoai)) == false) { die('ERROR_SYSTEM'); } if ($validate->check_length($tenduan, 101)) { die('ERROR_SYSTEM'); } if ($validate->check_date($ngayketthuc) == false) { die('ERROR_SYSTEM'); } $ngayketthuc = SQLDate($ngayketthuc); //End validate $this->duan->id = $duan_id; $data = $this->duan->search('id,ngaypost,ngayketthuc,data_id'); if (empty($data)) { die('ERROR_SYSTEM'); } $ngaypost = $data['duan']['ngaypost']; $data_id = $data['duan']['data_id']; $file_id = null; //Get upload attach file_id global $cache; $ma = time(); if ($_FILES['duan_filedinhkem']['name'] != NULL) { $str = $_FILES['duan_filedinhkem']['tmp_name']; $size = $_FILES['duan_filedinhkem']['size']; if ($size == 0) { echo 'ERROR_FILESIZE'; } else { $dir = ROOT . DS . 'public' . DS . 'upload' . DS . 'files' . DS; $filename = preg_replace("/[&' +-]/", "_", $_FILES['duan_filedinhkem']['name']); move_uploaded_file($_FILES['duan_filedinhkem']['tmp_name'], $dir . $filename); //die($filename); $sFileType = ''; $i = strlen($filename) - 1; while ($i >= 0) { if ($filename[$i] == '.') { break; } $sFileType = $filename[$i] . $sFileType; $i--; } $str = $dir . $filename; $fname = $ma . '_' . $filename; $arrType = $cache->get('fileTypes'); if (!in_array(strtolower($sFileType), $arrType)) { unlink($str); die('ERROR_WRONGFORMAT'); } else { $str2 = $dir . $fname; rename($str, $str2); $this->setModel('file'); $this->file->id = null; $this->file->filename = $filename; $this->file->fileurl = BASE_PATH . '/upload/files/' . $fname; $this->file->status = 1; $file_id = $this->file->insert(true); } } } //End $this->setModel('data'); $sIndex = "{$tenduan} " . strip_tags($thongtinchitiet); $sIndex = strtolower(remove_accents($sIndex)); $this->data->id = $data_id; $this->data->data = $sIndex; $this->data->update(); $this->setModel('duan'); $this->duan->id = $duan_id; $this->duan->tenduan = $tenduan; $this->duan->alias = $alias; $this->duan->linhvuc_id = $linhvuc_id; $this->duan->tinh_id = $tinh_id; $this->duan->costmin = $costmin; $this->duan->costmax = $costmax; $this->duan->isbid = $isbid; if ($file_id != 0) { $this->duan->file_id = $file_id; } $this->duan->thongtinchitiet = $thongtinchitiet; $currentDate = GetDateSQL(); $this->duan->timeupdate = $currentDate; $this->duan->ngayketthuc = $ngayketthuc; $this->duan->duan_email = $duan_email; $this->duan->duan_sodienthoai = $duan_sodienthoai; if ($data['duan']['ngayketthuc'] > $currentDate) { $this->duan->nhathau_id = ''; } $this->duan->update(); $this->setModel('duanskill'); $this->duanskill->custom("delete from duanskills where duan_id = {$duan_id}"); if (isset($_POST['duan_skills'])) { $lstSkill = $_POST['duan_skills']; foreach ($lstSkill as $skill_id) { $this->duanskill->id = null; $this->duanskill->duan_id = $duan_id; $this->duanskill->skill_id = $skill_id; $this->duanskill->insert(); } } echo 'DONE'; } catch (Exception $e) { echo 'ERROR_SYSTEM'; } }
function updateStatistics() { $this->setModel('ppl_online'); $now = GetDateSQL(); if (!isset($_SESSION['online'])) { $this->ppl_online->id = null; if (!isset($_SERVER['HTTP_REFERER'])) { $this->ppl_online->refurl = null; } $this->ppl_online->activity = $now; $this->ppl_online->access_time = $now; $this->ppl_online->ip_address = $_SERVER['REMOTE_ADDR']; $this->ppl_online->account_id = null; $this->ppl_online->user_agent = $_SERVER['HTTP_USER_AGENT']; $id = $this->ppl_online->insert(true); $_SESSION['online'] = $id; // đăng ký một biến session } else { if (isset($_SESSION['account'])) { $this->ppl_online->id = $_SESSION['online']; $this->ppl_online->activity = $now; $this->ppl_online->account_id = $_SESSION['account']['id']; $this->ppl_online->update(); } } if (isset($_SESSION['online'])) { // nếu là registered. $this->ppl_online->id = $_SESSION['online']; $this->ppl_online->activity = $now; $this->ppl_online->update(); } $limit_time = time() - 300; $data = $this->ppl_online->custom("SELECT count(*) as nOnline FROM ppl_onlines WHERE UNIX_TIMESTAMP(activity) >= {$limit_time}"); global $cache; $statistics = $cache->get('statistics'); $statistics['nOnlines'] = $data[0]['']['nOnline']; $cache->set('statistics', $statistics); }
function doAddMoiThau($account_id = null, $duan_id = null) { if ($duan_id == null || $account_id == null) { die('ERROR_SYSTEM'); } try { $this->checkLogin(true); $this->checkActive(true); $this->checkLock(true); $this->setModel('moithau'); $employer_id = $_SESSION['account']['id']; $account_id = mysql_real_escape_string($account_id); $duan_id = mysql_real_escape_string($duan_id); $this->nhathau->showHasOne(array('account')); $this->nhathau->where(" and `status`=1 and account_id={$account_id}"); $data = $this->nhathau->search('nhathau.id,username'); if (empty($data)) { die('ERROR_SYSTEM'); } $email = $data[0]['account']['username']; $this->setModel('duan'); $this->duan->showHasOne(array('linhvuc')); $this->duan->id = $duan_id; $this->duan->where(" and duan.active=1 and approve = 1 and duan.nhathau_id is null and ngayketthuc>now() and account_id={$employer_id}"); $data = $this->duan->search('duan.id,tenduan,costmax,costmin,tenlinhvuc'); if (empty($data)) { die('ERROR_SYSTEM'); } $chiphi = formatMoney($data["duan"]["costmin"]) . ' đến ' . formatMoney($data["duan"]["costmax"]); $linkmoithau = BASE_PATH . '/moithau/viewMyLetters'; $linkmoithau = "<a href='{$linkmoithau}'>{$linkmoithau}</a>"; global $cache; $content = $cache->get('mail_moithau'); $search = array('#TENDUAN#', '#CHIPHI#', '#LINHVUC#', '#LINKMOITHAU#'); $replace = array($data['duan']['tenduan'], $chiphi, $data['linhvuc']['tenlinhvuc'], $linkmoithau); $content = str_replace($search, $replace, $content); $this->setModel('moithau'); $this->moithau->where(" and duan_id={$duan_id} and account_id={$account_id}"); $data = $this->moithau->search('id'); if (!empty($data)) { die('ERROR_INVITED'); } $this->moithau->id = null; $this->moithau->account_id = $account_id; $this->moithau->duan_id = $duan_id; $this->moithau->time = GetDateSQL(); $this->moithau->hadread = 0; $this->moithau->insert(); //Gui mail_moithau $priSenders = $cache->get('priSenders'); $sender = $priSenders[mt_rand(0, count($priSenders) - 1)]; include ROOT . DS . 'library' . DS . 'sendmail.php'; $mail = new sendmail(); $mail->send($email, 'Bạn Được Mời Thầu 1 Dự Án Trên JobBid.vn!', $content, $sender); echo 'DONE'; } catch (Exception $e) { echo 'ERROR_SYSTEM'; } }
function savePage() { //die("ERROR_NOTLOGIN"); $this->checkAdmin(true); try { $id = $_POST["page_id"]; $title = $_POST["page_title"]; $alias = $_POST["page_alias"]; $menu_id = $_POST["page_menu"]; $content = $_POST["page_content"]; if ($id == null) { //insert $this->page->id = null; $this->page->title = $title; $this->page->alias = $alias; $this->page->content = $content; $this->page->datemodified = GetDateSQL(); $this->page->usermodified = $_SESSION["account"]["username"]; $this->page->menu_id = $menu_id; $this->page->active = 1; } else { //update $this->page->id = $id; $this->page->title = $title; $this->page->alias = $alias; $this->page->content = $content; $this->page->datemodified = GetDateSQL(); $this->page->usermodified = $_SESSION["account"]["username"]; $this->page->menu_id = $menu_id; } $html = new HTML(); $value = "{'datemodified':'" . $html->format_date($this->page->datemodified, 'd/m/Y H:i:s') . "','usermodified':'" . $this->page->usermodified . "'}"; $id = $this->page->save(); if (isEmpty($menu_id) == false) { $this->setModel("menu"); $this->menu->id = $menu_id; $this->menu->url = BASE_PATH . "/page/view/" . $id . "/" . $alias; $this->menu->save(); global $cache; $this->menu->where('AND active=1'); $this->menu->orderBy('order', 'ASC'); $data = $this->menu->search(); $cache->set("menuList", $data); } print $value; } catch (Exception $e) { echo 'ERROR_SYSTEM'; } }
function submit_login_box() { if (!isset($_SESSION['submit_login_times'])) { $_SESSION['submit_login_times'] = 0; } if ($_SESSION['submit_login_times'] >= MAX_SUBMIT_LOGIN_TIMES) { die('ERROR_MANYTIMES'); } $_SESSION['submit_login_times'] = $_SESSION['submit_login_times'] + 1; $validate = new Validate(); if ($validate->check_submit(1, array('username', 'password')) == false) { die('ERROR_SYSTEM'); } $password = $_POST['password']; $email = $_POST['username']; if ($validate->check_null(array($password, $email)) == false) { die('ERROR_SYSTEM'); } $strWhere = "AND username='******' AND active>=0"; $this->account->where($strWhere); $account = $this->account->search(); if (empty($account)) { die('ERROR_NOTEXIST'); } else { if (strcmp(md5($password), $account[0]['account']['password']) != 0) { die('ERROR_WRONGPASSWORD'); } else { //Login thanh cong $_SESSION['account'] = $account[0]['account']; $this->account->id = $account[0]['account']['id']; $this->account->lastlogin = GetDateSQL(); $this->account->save(); $this->setModel('nhathau'); $this->nhathau->where('and status>=0 and account_id=' . $account[0]['account']['id']); $nhathau = $this->nhathau->search('id,displayname,account_id,diemdanhgia,nhathau_alias'); if (!empty($nhathau)) { $_SESSION['nhathau'] = $nhathau[0]['nhathau']; } echo 'OK'; } } }
function chonhoso() { try { $duan_id = $_GET["duan_id"]; $strWhere = ''; $myprojects = array(); if (isset($_SESSION['myprojects'])) { $myprojects = $_SESSION['myprojects']; } if (in_array($duan_id, $myprojects) == false) { $this->checkLogin(true); $this->checkActive(true); $this->checkLock(true); $account_id = $_SESSION["account"]["id"]; $strWhere = " and duan.account_id = {$account_id}"; } $hosothau_id = $_GET["hosothau_id"]; if ($duan_id == null || $hosothau_id == null) { die('ERROR_SYSTEM'); } $hosothau_id = mysql_real_escape_string($hosothau_id); $duan_id = mysql_real_escape_string($duan_id); $this->hosothau->id = $hosothau_id; $data = $this->hosothau->search("nhathau_id,hosothau_email"); if (empty($data)) { die("ERROR_SYSTEM"); } $nhathau_id = $data["hosothau"]["nhathau_id"]; $freelancerMail = $data["hosothau"]["hosothau_email"]; $this->hosothau->id = $hosothau_id; $this->hosothau->trangthai = 2; $this->hosothau->update(); $this->setModel("duan"); $this->duan->id = $duan_id; $this->duan->where($strWhere); $data = $this->duan->search("id,tenduan,alias,linhvuc_id,duan_email,duan_sodienthoai"); if (empty($data)) { die("ERROR_SYSTEM"); } $this->duan->id = $duan_id; $this->duan->nhathau_id = $nhathau_id; $this->duan->hosothau_id = $hosothau_id; $this->duan->timeupdate = GetDateSQL(); $this->duan->update(); $this->duan->showHasOne(array('nhathau', 'hosothau', 'linhvuc')); $this->duan->orderBy('timeupdate', 'desc'); $this->duan->setPage(1); $this->duan->setLimit(7); $this->duan->where(" and duan.active = 1 and approve = 1 and duan.nhathau_id is not null"); $finishedProjects = $this->duan->search("duan.id,tenduan,alias,linhvuc_id,tenlinhvuc,giathau,prior,bidcount,displayname,duan.nhathau_id,duan.active,nhathau_alias"); global $cache; $cache->set('finishedProjects', $finishedProjects); //Send mail cho ung vien trung thau $linkduan = BASE_PATH . '/duan/view/' . $data["duan"]["id"] . '/' . $data["duan"]["alias"]; $tenduan = $data["duan"]["tenduan"]; $linktenduan = "<a href='{$linkduan}'>{$tenduan}</a>"; $linkduan = "<a href='{$linkduan}'>{$linkduan}</a>"; $content = $cache->get('mail_win'); $search = array('#LINKTENDUAN#', '#EMAIL#', '#SODIENTHOAI#', '#LINKDUAN#'); $replace = array($linktenduan, $data['duan']['duan_email'], $data['duan']['duan_sodienthoai'], $linkduan); $content = str_replace($search, $replace, $content); $this->setModel('sendmail'); $this->sendmail->id = null; $this->sendmail->to = $freelancerMail; $this->sendmail->subject = 'JobBid.vn - Chúc Mừng Bạn Đã Thắng Thầu!!!'; $this->sendmail->content = $content; $this->sendmail->isprior = 1; $this->sendmail->insert(); //Cap nhat so du an cua linh vuc $linhvuc_id = $data["duan"]["linhvuc_id"]; $this->duan->where(" and active = 1 and approve = 1 and nhathau_id is null and ngayketthuc > now() and linhvuc_id = '{$linhvuc_id}'"); $data = $this->duan->search("count(*) as soduan"); $this->setModel("linhvuc"); $this->linhvuc->id = $linhvuc_id; $this->linhvuc->soduan = $data[0][""]["soduan"]; $this->linhvuc->update(); echo "DONE"; } catch (Exception $e) { echo 'ERROR_SYSTEM'; } }