<?php if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') { header('Content-Type: text/javascript; charset=utf-8'); $Products = new Products(); if (isset($_POST['action'])) { if ($_POST['action'] == "clear") { $Product->ClearPopular(); } if (isset($_POST['id_product']) && isset($_POST['id_category'])) { if ($_POST['action'] == "add" && checkNumeric($_POST, array('id_product', 'id_category'))) { $Product->SetPopular($_POST['id_product'], $_POST['id_category']); } elseif ($_POST['action'] == "del" && checkNumeric($_POST, array('id_product', 'id_category'))) { $Product->DelPopular($_POST['id_product'], $_POST['id_category']); } else { exit; } $t = ob_get_clean(); G::LogerE($t, "ajax.html", "w"); /* ob_start(); $t = ob_get_clean(); G::LogerE($t, "ajax.html", "w"); */ $arr['id_product'] = $_POST["id_product"]; $arr['id_category'] = $_POST["id_category"]; $txt = json_encode($arr); echo $txt; exit; } }
function validateNewArtistProfile($form) { if (checkEmpty($form['bandname'])) { $msg = str_replace('field', _LBL_ARTIST_OR_BAND, _ALRT_REQUIRED_FIELD); return $msg; } if (!checkEmpty($form['bandname']) && !checkLength($form['bandname'], 200)) { $msg = str_replace('%field%', _LBL_ARTIST_OR_BAND, _ALRT_CHECK_LENGTH); return $msg; } if (!checkEmpty($form['genre']) && !checkLength($form['genre'], 25)) { $msg = str_replace('%field%', _LBL_GENRE, _ALRT_CHECK_LENGTH); return $msg; } if (!checkEmpty($form['highfee']) && !checkNumeric($form['highfee'])) { $msg = str_replace('%field%', _LBL_HIGH_FEES, _ALRT_CHECK_NUMERIC); return $msg; } if (!checkEmpty($form['highfee']) && !checkNumericRange($form['highfee'], 'double', 12)) { $msg = str_replace('%field%', _LBL_HIGH_FEES, _ALRT_CHECK_LENGTH); return $msg; } if (!checkEmpty($form['lowfee']) && !checkNumeric($form['lowfee'])) { $msg = str_replace('%field%', _LBL_LOW_FEES, _ALRT_CHECK_NUMERIC); return $msg; } if (!checkEmpty($form['lowfee']) && ($form['lowfee'] > 0 && $form['lowfee'] < 250)) { $msg = '$250 Minimum. YOU ARE WORTH IT! xebura Talent may not list a fee less than $250. <br>You can still receive and accept offers of any amount.'; return $msg; } if (!checkEmpty($form['lowfee']) && !checkNumericRange($form['lowfee'], 'double', 12)) { $msg = str_replace('%field%', _LBL_LOW_FEES, _ALRT_CHECK_LENGTH); return $msg; } if ($form['lowfee'] > $form['highfee']) { $msg = _ALRT_HIGN_VER_LOW1; return $msg; } if (checkEmpty($form['type_entertainment'])) { $msg = str_replace('field', _LBL_TYPE_OF_ENT, _ALRT_REQUIRED_FIELD); return $msg; } if (checkEmpty($form['yearfound'])) { $msg = str_replace('field', _LBL_YR_FOUNDED, _ALRT_REQUIRED_FIELD); return $msg; } if (!checkEmpty($form['yearfound']) && !checkLength($form['yearfound'], 4)) { $msg = str_replace('%field%', _LBL_YR_FOUNDED, _ALRT_CHECK_LENGTH); return $msg; } if (!checkEmpty($form['yearfound']) && !checkValidYear($form['yearfound'])) { $msg = str_replace('field', _LBL_YR_FOUNDED, _ALRT_VALID_FIELD); return $msg; } if (checkEmpty($form['firstname'])) { $msg = str_replace('field', _LBL_FIRST_NAME, _ALRT_REQUIRED_FIELD); return $msg; } if (!checkEmpty($form['firstname']) && !checkLength($form['firstname'], 255)) { $msg = str_replace('%field%', _LBL_FIRST_NAME, _ALRT_CHECK_LENGTH); return $msg; } if (checkEmpty($form['lastname'])) { $msg = str_replace('field', _LBL_LAST_NAME, _ALRT_REQUIRED_FIELD); return $msg; } if (!checkEmpty($form['lastname']) && !checkLength($form['lastname'], 255)) { $msg = str_replace('%field%', _LBL_LAST_NAME, _ALRT_CHECK_LENGTH); return $msg; } if (!checkEmpty($form['phone']) && !checkLength($form['phone'], 20)) { $msg = str_replace('%field%', _LBL_PH_NO, _ALRT_CHECK_LENGTH); return $msg; } if (!checkEmpty($form['phone']) && !validatePhone($form['phone'])) { $msg = str_replace('%field%', _LBL_PH_NO, _ALRT_CHECK_PHONE); return $msg; } if (!checkEmpty($form['fax']) && !checkLength($form['fax'], 20)) { $msg = str_replace('%field%', _LBL_FAX_NO, _ALRT_CHECK_LENGTH); return $msg; } if (!checkEmpty($form['fax']) && !validateFax($form['fax'])) { $msg = str_replace('%field%', _LBL_FAX_NO, _ALRT_CHECK_VALID); return $msg; } if (!checkEmpty($form['web']) && !checkLength($form['web'], 200)) { $msg = str_replace('%field%', _LBL_ARTIST_WEB, _ALRT_CHECK_LENGTH); return $msg; } if (!checkEmpty($form['web']) && !validateURL($form['web'])) { $msg = str_replace('%field%', _LBL_ARTIST_WEB, _ALRT_CHECK_URL); return $msg; } if (checkEmpty($form['city'])) { $msg = str_replace('field', _CITY, _ALRT_REQUIRED_FIELD); return $msg; } if (!checkEmpty($form['city']) && !checkLength($form['city'], 80)) { $msg = str_replace('%field%', _CITY, _ALRT_CHECK_LENGTH); return $msg; } if (checkEmpty($form['state'])) { $msg = str_replace('field', _LBL_STATE, _ALRT_REQUIRED_FIELD); $show_tab_type = 'CONTACT_INFO'; return $msg; } if (!checkEmpty($form['state']) && !checkLength($form['state'], 80)) { $msg = str_replace('%field%', _LBL_STATE, _ALRT_CHECK_LENGTH); return $msg; } if (checkEmpty($form['zip'])) { $msg = str_replace('field', _LBL_ZIP_POSTALCODE, _ALRT_REQUIRED_FIELD); return $msg; } if (!checkEmpty($form['zip']) && !checkLength($form['zip'], 15)) { $msg = str_replace('%field%', _LBL_ZIP_POSTALCODE, _ALRT_CHECK_LENGTH); return $msg; } if (!checkEmpty($form['zip']) && !validateZip($form['zip'])) { $msg = str_replace('%field%', _LBL_ZIP_POSTALCODE, _ALRT_CHECK_ZIP); return $msg; } return true; }
case"add_product": if(isset($_POST['id_product'])){ if(checkNumeric($_POST, array('id_product'))){ $Product->AddToAssort($_POST['id_product'], isset($_POST['id_supplier'])?$_POST['id_supplier']:$_SESSION['member']['id_user']); $arr['id_product'] = $_POST['id_product']; $arr['action'] = "add"; echo json_encode($arr); }else{ exit(); } } ; break; case"switchactive_product": if(isset($_POST['id_product']) && isset($_POST['active'])){ if(checkNumeric($_POST, array('id_product','active'))){ $Product->SwitchActiveEDInAssort($_POST['id_product'], $_POST['active']); $arr['id_product'] = $_POST['id_product']; $arr['active'] = $_POST['active']; echo json_encode($arr); }else{ exit(); } } ; break; case"sale_status": if($Status->UpdateStatus_Sale($_POST['id_product'], $_POST['status'])){ $arr['id_product'] = $_POST['id_product']; $arr['id_status'] = $_POST['status']; echo json_encode($arr);
$_POST['uid'] = checkNumeric($_POST['uid']); } if (isset($_POST['room'])) { $_POST['room'] = checkNumeric($_POST['room']); } if (isset($_POST['addRoom'])) { $_POST['addRoom'] = checkNumeric($_POST['addRoom']); } if (isset($_POST['newRoomOwner'])) { $_POST['newRoomOwner'] = checkNumeric($_POST['newRoomOwner']); } if (isset($_POST['status'])) { $_POST['status'] = checkNumeric($_POST['status']); } if (isset($_POST['status'])) { $_POST['status'] = checkNumeric($_POST['status']); } if (isset($_POST['umessage'])) { // if admin command if ($_POST['umessage'] == 'KICK' || $_POST['umessage'] == 'BAN') { if (getAdmin($_SESSION['username']) == '1' || getModerator($_SESSION['username']) == '1') { // prevents admins from kicking each other if (getAdmin($_POST['toname']) != '1') { // ban/kick user banKickUser($_POST['umessage'], $_POST['toname']); } } else { die("incorrect permissions"); } // check user is room owner if ($_POST['umessage'] == 'KICK' && getRoomOwner($_SESSION['room'])) {
<?if($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest'){ $Suppliers = new Suppliers(); $Products = new Products(); if(isset($_POST['action'])){ switch($_POST['action']){ case 'toggleSinglePrice': // Переключение единой цены у поставщика if(isset($_POST['single_price']) && isset($_POST['id_supplier'])){ $Suppliers->UpdateSinglePrice($_POST['id_supplier'], $_POST['single_price']); $txt = json_encode('ok'); } break; case 'exclusiveProduct': if(isset($_POST['id_product']) && isset($_POST['active']) && isset($_POST['id_supplier'])){ if(checkNumeric($_POST, array('id_product','active','id_supplier'))){ $Product->SetExclusiveSupplier($_POST['id_product'], $_POST['id_supplier'], $_POST['active']); $arr['id_product'] = $_POST['id_product']; $arr['id_supplier'] = $_POST['id_supplier']; $arr['active'] = $_POST['active']; echo json_encode($arr); } } break; case 'updateAssort': if(isset($_POST['mode']) && isset($_POST['id_product'])){ $_POST['id_supplier'] = ($_SESSION['member']['gid']==_ACL_SUPPLIER_)?$_SESSION['member']['id_user']:$_POST['id_supplier']; $Products->UpdateAssort($_POST); $arr['id_product'] = $_POST["id_product"]; $arr['error'] = false; $arr['opt'] = $_POST['mode'] == 'mopt'?0:1; $txt = json_encode($arr);
<?php if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') { header('Content-Type: text/javascript; charset=utf-8'); $News = new News(); ob_start(); if (isset($_POST['action'])) { if (isset($_POST['Id_coment']) && checkNumeric($_POST, array('Id_coment'))) { if ($_POST['action'] == "show") { $News->ShowComent($_POST['Id_coment']); } elseif ($_POST['action'] == "hide") { $News->HideComent($_POST['Id_coment']); } elseif ($_POST['action'] == "drop") { $News->DropComent($_POST['Id_coment']); } else { exit; } $t = ob_get_clean(); G::LogerE($t, "ajax.html", "w"); $arr['Id_coment'] = $_POST["Id_coment"]; $txt = json_encode($arr); echo $txt; exit; } } } exit; function checkNumeric($arr, $fields) { $fl = true; foreach ($fields as $f) {