private function _add() { use_helper('Validate'); $data = $_POST['offer']; Flash::set('offer_postdata', $data); // Add pre-save checks here $errors = false; // CSRF checks if (isset($_POST['csrf_token'])) { $csrf_token = $_POST['csrf_token']; if (!SecureToken::validateToken($csrf_token, BASE_URL . 'offer/add')) { Flash::set('error', __('Invalid CSRF token found!')); redirect(get_url('offer/add')); } } else { Flash::set('error', __('No CSRF token found!')); redirect(get_url('offer/add')); } if (empty($data['name'])) { Flash::set('error', __('You have to specify a offer name!')); redirect(get_url('offer/add')); } if ($errors !== false) { // Set the errors to be displayed. Flash::set('error', implode('<br/>', $errors)); redirect(get_url('offer/add')); } $oOffer = new Offer(); $last_seq = $oOffer->getLastOfferSeq(); $new_offer = new Offer($data); $new_offer->created_by_id = AuthUser::getId(); $new_offer->created_on = date('Y-m-d H:i:s'); $new_offer->sequence = $last_seq + 1; if ($new_offer->save()) { if (isset($_FILES)) { if (strlen($_FILES['upload_file']['name']) > 0) { $offer_id = $new_offer->lastInsertId(); //okstmtcc 20150827 Replace image filename spaces $_FILES['upload_file']['name'] = str_replace(array(" ", "(", ")"), array("_", "", ""), $_FILES['upload_file']['name']); $overwrite = false; $file = $this->upload_offer_main_image($offer_id, $_FILES['upload_file']['name'], FILES_DIR . '/offer/images/', $_FILES['upload_file']['tmp_name'], $overwrite); if ($file === false) { Flash::set('error', __('Image has not been uploaded!')); redirect(get_url('offer/edit/' . $new_offer->id)); } } } Flash::set('success', __('Offer has been added!')); Observer::notify('offer_after_add', $new_offer->name); // save and quit or save and continue editing? if (isset($_POST['commit'])) { redirect(get_url('offer')); } else { redirect(get_url('offer/edit/' . $new_offer->id)); } } else { Flash::set('error', __('Offer has not been added!')); redirect(get_url('offer/add')); } }