<?php
if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
header('Content-Type: text/javascript; charset=utf-8');
$Products = new Products();
if (isset($_POST['action'])) {
if ($_POST['action'] == "clear") {
$Product->ClearPopular();
}
if (isset($_POST['id_product']) && isset($_POST['id_category'])) {
if ($_POST['action'] == "add" && checkNumeric($_POST, array('id_product', 'id_category'))) {
$Product->SetPopular($_POST['id_product'], $_POST['id_category']);
} elseif ($_POST['action'] == "del" && checkNumeric($_POST, array('id_product', 'id_category'))) {
$Product->DelPopular($_POST['id_product'], $_POST['id_category']);
} else {
exit;
}
$t = ob_get_clean();
G::LogerE($t, "ajax.html", "w");
/*
ob_start();
$t = ob_get_clean();
G::LogerE($t, "ajax.html", "w");
*/
$arr['id_product'] = $_POST["id_product"];
$arr['id_category'] = $_POST["id_category"];
$txt = json_encode($arr);
echo $txt;
exit;
}
}
function validateNewArtistProfile($form)
{
if (checkEmpty($form['bandname'])) {
$msg = str_replace('field', _LBL_ARTIST_OR_BAND, _ALRT_REQUIRED_FIELD);
return $msg;
}
if (!checkEmpty($form['bandname']) && !checkLength($form['bandname'], 200)) {
$msg = str_replace('%field%', _LBL_ARTIST_OR_BAND, _ALRT_CHECK_LENGTH);
return $msg;
}
if (!checkEmpty($form['genre']) && !checkLength($form['genre'], 25)) {
$msg = str_replace('%field%', _LBL_GENRE, _ALRT_CHECK_LENGTH);
return $msg;
}
if (!checkEmpty($form['highfee']) && !checkNumeric($form['highfee'])) {
$msg = str_replace('%field%', _LBL_HIGH_FEES, _ALRT_CHECK_NUMERIC);
return $msg;
}
if (!checkEmpty($form['highfee']) && !checkNumericRange($form['highfee'], 'double', 12)) {
$msg = str_replace('%field%', _LBL_HIGH_FEES, _ALRT_CHECK_LENGTH);
return $msg;
}
if (!checkEmpty($form['lowfee']) && !checkNumeric($form['lowfee'])) {
$msg = str_replace('%field%', _LBL_LOW_FEES, _ALRT_CHECK_NUMERIC);
return $msg;
}
if (!checkEmpty($form['lowfee']) && ($form['lowfee'] > 0 && $form['lowfee'] < 250)) {
$msg = '$250 Minimum. YOU ARE WORTH IT! xebura Talent may not list a fee less than $250. <br>You can still receive and accept offers of any amount.';
return $msg;
}
if (!checkEmpty($form['lowfee']) && !checkNumericRange($form['lowfee'], 'double', 12)) {
$msg = str_replace('%field%', _LBL_LOW_FEES, _ALRT_CHECK_LENGTH);
return $msg;
}
if ($form['lowfee'] > $form['highfee']) {
$msg = _ALRT_HIGN_VER_LOW1;
return $msg;
}
if (checkEmpty($form['type_entertainment'])) {
$msg = str_replace('field', _LBL_TYPE_OF_ENT, _ALRT_REQUIRED_FIELD);
return $msg;
}
if (checkEmpty($form['yearfound'])) {
$msg = str_replace('field', _LBL_YR_FOUNDED, _ALRT_REQUIRED_FIELD);
return $msg;
}
if (!checkEmpty($form['yearfound']) && !checkLength($form['yearfound'], 4)) {
$msg = str_replace('%field%', _LBL_YR_FOUNDED, _ALRT_CHECK_LENGTH);
return $msg;
}
if (!checkEmpty($form['yearfound']) && !checkValidYear($form['yearfound'])) {
$msg = str_replace('field', _LBL_YR_FOUNDED, _ALRT_VALID_FIELD);
return $msg;
}
if (checkEmpty($form['firstname'])) {
$msg = str_replace('field', _LBL_FIRST_NAME, _ALRT_REQUIRED_FIELD);
return $msg;
}
if (!checkEmpty($form['firstname']) && !checkLength($form['firstname'], 255)) {
$msg = str_replace('%field%', _LBL_FIRST_NAME, _ALRT_CHECK_LENGTH);
return $msg;
}
if (checkEmpty($form['lastname'])) {
$msg = str_replace('field', _LBL_LAST_NAME, _ALRT_REQUIRED_FIELD);
return $msg;
}
if (!checkEmpty($form['lastname']) && !checkLength($form['lastname'], 255)) {
$msg = str_replace('%field%', _LBL_LAST_NAME, _ALRT_CHECK_LENGTH);
return $msg;
}
if (!checkEmpty($form['phone']) && !checkLength($form['phone'], 20)) {
$msg = str_replace('%field%', _LBL_PH_NO, _ALRT_CHECK_LENGTH);
return $msg;
}
if (!checkEmpty($form['phone']) && !validatePhone($form['phone'])) {
$msg = str_replace('%field%', _LBL_PH_NO, _ALRT_CHECK_PHONE);
return $msg;
}
if (!checkEmpty($form['fax']) && !checkLength($form['fax'], 20)) {
$msg = str_replace('%field%', _LBL_FAX_NO, _ALRT_CHECK_LENGTH);
return $msg;
}
if (!checkEmpty($form['fax']) && !validateFax($form['fax'])) {
$msg = str_replace('%field%', _LBL_FAX_NO, _ALRT_CHECK_VALID);
return $msg;
}
if (!checkEmpty($form['web']) && !checkLength($form['web'], 200)) {
$msg = str_replace('%field%', _LBL_ARTIST_WEB, _ALRT_CHECK_LENGTH);
return $msg;
}
if (!checkEmpty($form['web']) && !validateURL($form['web'])) {
$msg = str_replace('%field%', _LBL_ARTIST_WEB, _ALRT_CHECK_URL);
return $msg;
}
if (checkEmpty($form['city'])) {
$msg = str_replace('field', _CITY, _ALRT_REQUIRED_FIELD);
return $msg;
}
if (!checkEmpty($form['city']) && !checkLength($form['city'], 80)) {
$msg = str_replace('%field%', _CITY, _ALRT_CHECK_LENGTH);
return $msg;
}
if (checkEmpty($form['state'])) {
$msg = str_replace('field', _LBL_STATE, _ALRT_REQUIRED_FIELD);
$show_tab_type = 'CONTACT_INFO';
return $msg;
}
if (!checkEmpty($form['state']) && !checkLength($form['state'], 80)) {
$msg = str_replace('%field%', _LBL_STATE, _ALRT_CHECK_LENGTH);
return $msg;
}
if (checkEmpty($form['zip'])) {
$msg = str_replace('field', _LBL_ZIP_POSTALCODE, _ALRT_REQUIRED_FIELD);
return $msg;
}
if (!checkEmpty($form['zip']) && !checkLength($form['zip'], 15)) {
$msg = str_replace('%field%', _LBL_ZIP_POSTALCODE, _ALRT_CHECK_LENGTH);
return $msg;
}
if (!checkEmpty($form['zip']) && !validateZip($form['zip'])) {
$msg = str_replace('%field%', _LBL_ZIP_POSTALCODE, _ALRT_CHECK_ZIP);
return $msg;
}
return true;
}
case"add_product":
if(isset($_POST['id_product'])){
if(checkNumeric($_POST, array('id_product'))){
$Product->AddToAssort($_POST['id_product'], isset($_POST['id_supplier'])?$_POST['id_supplier']:$_SESSION['member']['id_user']);
$arr['id_product'] = $_POST['id_product'];
$arr['action'] = "add";
echo json_encode($arr);
}else{
exit();
}
}
;
break;
case"switchactive_product":
if(isset($_POST['id_product']) && isset($_POST['active'])){
if(checkNumeric($_POST, array('id_product','active'))){
$Product->SwitchActiveEDInAssort($_POST['id_product'], $_POST['active']);
$arr['id_product'] = $_POST['id_product'];
$arr['active'] = $_POST['active'];
echo json_encode($arr);
}else{
exit();
}
}
;
break;
case"sale_status":
if($Status->UpdateStatus_Sale($_POST['id_product'], $_POST['status'])){
$arr['id_product'] = $_POST['id_product'];
$arr['id_status'] = $_POST['status'];
echo json_encode($arr);
$_POST['uid'] = checkNumeric($_POST['uid']);
}
if (isset($_POST['room'])) {
$_POST['room'] = checkNumeric($_POST['room']);
}
if (isset($_POST['addRoom'])) {
$_POST['addRoom'] = checkNumeric($_POST['addRoom']);
}
if (isset($_POST['newRoomOwner'])) {
$_POST['newRoomOwner'] = checkNumeric($_POST['newRoomOwner']);
}
if (isset($_POST['status'])) {
$_POST['status'] = checkNumeric($_POST['status']);
}
if (isset($_POST['status'])) {
$_POST['status'] = checkNumeric($_POST['status']);
}
if (isset($_POST['umessage'])) {
// if admin command
if ($_POST['umessage'] == 'KICK' || $_POST['umessage'] == 'BAN') {
if (getAdmin($_SESSION['username']) == '1' || getModerator($_SESSION['username']) == '1') {
// prevents admins from kicking each other
if (getAdmin($_POST['toname']) != '1') {
// ban/kick user
banKickUser($_POST['umessage'], $_POST['toname']);
}
} else {
die("incorrect permissions");
}
// check user is room owner
if ($_POST['umessage'] == 'KICK' && getRoomOwner($_SESSION['room'])) {
<?if($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest'){
$Suppliers = new Suppliers();
$Products = new Products();
if(isset($_POST['action'])){
switch($_POST['action']){
case 'toggleSinglePrice':
// Переключение единой цены у поставщика
if(isset($_POST['single_price']) && isset($_POST['id_supplier'])){
$Suppliers->UpdateSinglePrice($_POST['id_supplier'], $_POST['single_price']);
$txt = json_encode('ok');
}
break;
case 'exclusiveProduct':
if(isset($_POST['id_product']) && isset($_POST['active']) && isset($_POST['id_supplier'])){
if(checkNumeric($_POST, array('id_product','active','id_supplier'))){
$Product->SetExclusiveSupplier($_POST['id_product'], $_POST['id_supplier'], $_POST['active']);
$arr['id_product'] = $_POST['id_product'];
$arr['id_supplier'] = $_POST['id_supplier'];
$arr['active'] = $_POST['active'];
echo json_encode($arr);
}
}
break;
case 'updateAssort':
if(isset($_POST['mode']) && isset($_POST['id_product'])){
$_POST['id_supplier'] = ($_SESSION['member']['gid']==_ACL_SUPPLIER_)?$_SESSION['member']['id_user']:$_POST['id_supplier'];
$Products->UpdateAssort($_POST);
$arr['id_product'] = $_POST["id_product"];
$arr['error'] = false;
$arr['opt'] = $_POST['mode'] == 'mopt'?0:1;
$txt = json_encode($arr);
<?php
if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
header('Content-Type: text/javascript; charset=utf-8');
$News = new News();
ob_start();
if (isset($_POST['action'])) {
if (isset($_POST['Id_coment']) && checkNumeric($_POST, array('Id_coment'))) {
if ($_POST['action'] == "show") {
$News->ShowComent($_POST['Id_coment']);
} elseif ($_POST['action'] == "hide") {
$News->HideComent($_POST['Id_coment']);
} elseif ($_POST['action'] == "drop") {
$News->DropComent($_POST['Id_coment']);
} else {
exit;
}
$t = ob_get_clean();
G::LogerE($t, "ajax.html", "w");
$arr['Id_coment'] = $_POST["Id_coment"];
$txt = json_encode($arr);
echo $txt;
exit;
}
}
}
exit;
function checkNumeric($arr, $fields)
{
$fl = true;
foreach ($fields as $f) {
