$_POST["NC_HTTP_REQUEST"] = true; $NETCAT_FOLDER = join(strstr(__FILE__, "/") ? "/" : "\\", array_slice(preg_split("/[\\/\\\\]+/", __FILE__), 0, -4)) . (strstr(__FILE__, "/") ? "/" : "\\"); include_once $NETCAT_FOLDER . "vars.inc.php"; require $ADMIN_FOLDER . "function.inc.php"; if (!$nc_core->token->verify()) { echo NETCAT_TOKEN_INVALID; exit; } // проверка названия раздела if (!$subdivision_name) { nc_print_status(CONTROL_CONTENT_SUBDIVISION_INDEX_ERROR_THREE_NAME, 'error'); exit; } // проверка уникальности ключевого слова для текущего раздела if (!IsAllowedSubdivisionEnglishName($english_name, $sub_id, 0, $catalogue_id)) { nc_print_status(CONTROL_CONTENT_SUBDIVISION_INDEX_ERROR_THREE_KEYWORD, 'error'); exit; } // проверка символов для ключевого слова (было бы неплохо проверить скорость работы этой связки при сравнении с регулярными выражениями) if (strspn(strtolower($english_name), "abcdefghijklmnopqrstuvwxyz0123456789-") != strlen($english_name)) { nc_print_status(CONTROL_CONTENT_SUBDIVISION_SUBCLASS_ERROR_KEYWORD_INVALID, 'error'); exit; } if (!isset($subdivision_name) || !isset($english_name) || !isset($template_id) || !isset($class_id) || !isset($sub_id) || !isset($catalogue_id)) { trigger_error("Wrong params", E_USER_ERROR); } if ($sub_id) { $hidden_url = $db->get_var("SELECT Hidden_URL FROM Subdivision WHERE Subdivision_ID = '" . $sub_id . "'"); } else { $hidden_url = '/';
function nc_site_wizard_main_sub_add($phase, $site_id, $title_name, $title_keyword, $title_template_id, $e404_name, $e404_keyword, $e404_template_id, $modules) { global $nc_core, $db, $UI_CONFIG; // проверка названия раздела if (!$title_name || !$e404_name) { $UI_CONFIG = new ui_config_wizard_site(2, $site_id); nc_print_status(CONTROL_CONTENT_SUBDIVISION_INDEX_ERROR_THREE_NAME, 'error'); nc_site_wizard_main_sub_form(3, $site_id); return false; } // проверка уникальности ключевого слова для текущего раздела if (!IsAllowedSubdivisionEnglishName($title_keyword, 0, 0, $site_id) || !IsAllowedSubdivisionEnglishName($e404_keyword, 0, 0, $site_id)) { $UI_CONFIG = new ui_config_wizard_site(2, $site_id); nc_print_status(CONTROL_CONTENT_SUBDIVISION_INDEX_ERROR_THREE_KEYWORD, 'error'); nc_site_wizard_main_sub_form(3, $site_id); return false; } // проверка символов для ключевого слова (было бы неплохо проверить скорость работы этой связки при сравнении с регулярными выражениями) if (strspn(strtolower($title_keyword), "abcdefghijklmnopqrstuvwxyz0123456789-") != strlen($title_keyword) || strspn(strtolower($e404_keyword), "abcdefghijklmnopqrstuvwxyz0123456789-") != strlen($e404_keyword)) { $UI_CONFIG = new ui_config_wizard_site(2, $site_id); nc_print_status(CONTROL_CONTENT_SUBDIVISION_SUBCLASS_ERROR_KEYWORD_INVALID, 'error'); nc_site_wizard_main_sub_form(3, $site_id); return false; } // execute core action $nc_core->event->execute("addSubdivisionPrep", $site_id, 0); // Добавление раздела для титульной страницы $db->query("INSERT INTO `Subdivision`\n SET `Catalogue_ID` = '" . intval($site_id) . "',\n `Parent_Sub_ID` = 0,\n `Subdivision_Name` = '" . $db->escape($title_name) . "',\n `Checked` = 0,\n `EnglishName` = '" . $title_keyword . "',\n `Hidden_URL` = '/" . $title_keyword . "/',\n `Priority` = 0"); $title_sub_id = $db->insert_id; // execute core action $nc_core->event->execute("addSubdivision", $site_id, $title_sub_id); $UI_CONFIG = new ui_config_wizard_site(3, $site_id); $buttons[] = array("image" => "icon_folder_add", "label" => CONTROL_CONTENT_SUBDIVISION_FUNCS_MAINDATA_A_ADDSUBSECTION, "href" => "subdivision.add(" . $title_sub_id . ")"); $buttons[] = array("image" => "icon_folder_delete", "label" => CONTROL_CONTENT_CATALOUGE_FUNCS_SHOWMENU_A_KILL, "href" => "subdivision.delete(" . $title_sub_id . ")"); $UI_CONFIG->treeChanges['addNode'][] = array("nodeId" => "sub-{$title_sub_id}", "parentNodeId" => "site-{$site_id}", "name" => $title_sub_id . ". " . $title_name, "href" => "#subclass.add({$title_sub_id})", "image" => $tree_image = "icon_folder_disabled", "hasChildren" => false, "dragEnabled" => true, "buttons" => $buttons, "acceptDropFn" => "treeSitemapAcceptDrop", "onDropFn" => "treeSitemapOnDrop", "className" => "disabled", "subclasses" => array()); // execute core action $nc_core->event->execute("addSubdivisionPrep", $site_id, 0); // Добавление раздела для 404 $db->query("INSERT INTO `Subdivision`\n SET `Catalogue_ID` = '" . intval($site_id) . "',\n `Parent_Sub_ID` = 0,\n `Subdivision_Name` = '" . $db->escape($e404_name) . "',\n `Checked` = 0,\n `EnglishName` = '" . $e404_keyword . "',\n `Hidden_URL` = '/" . $e404_keyword . "/',\n `Priority` = 1"); $e404_sub_id = $db->insert_id; // execute core action $nc_core->event->execute("addSubdivision", $site_id, $e404_sub_id); $buttons[] = array("image" => "icon_folder_add", "label" => CONTROL_CONTENT_SUBDIVISION_FUNCS_MAINDATA_A_ADDSUBSECTION, "href" => "subdivision.add(" . $title_sub_id . ")"); $buttons[] = array("image" => "icon_folder_delete", "label" => CONTROL_CONTENT_CATALOUGE_FUNCS_SHOWMENU_A_KILL, "href" => "subdivision.delete(" . $title_sub_id . ")"); $UI_CONFIG->treeChanges['addNode'][] = array("nodeId" => "sub-{$e404_sub_id}", "parentNodeId" => "site-{$site_id}", "name" => $e404_sub_id . ". " . $e404_name, "href" => "#subclass.add({$e404_sub_id})", "image" => $tree_image = "icon_folder_disabled", "hasChildren" => false, "dragEnabled" => true, "buttons" => $buttons, "acceptDropFn" => "treeSitemapAcceptDrop", "onDropFn" => "treeSitemapOnDrop", "className" => "disabled", "subclasses" => array()); $db->query("UPDATE Catalogue\n \t\t SET Title_Sub_ID = '" . $title_sub_id . "',\n \t\t E404_Sub_ID = '" . $e404_sub_id . "'\n \t\t WHERE Catalogue_ID = '" . $site_id . "'"); if ($title_sub_id && $e404_sub_id && $db->rows_affected) { return true; } else { return false; } }
$perm->ExitIfNotAccess(NC_PERM_ITEM_SUB, NC_PERM_ACTION_EDIT, $SubdivisionID, 0, 1); if ($posting == 1) { // визуальные настройки $settings_array = $db->get_var("SELECT `CustomSettingsTemplate` FROM `Class`\n WHERE `Class_ID` = '" . intval($custom_class_id) . "'"); if ($settings_array) { require_once $nc_core->ADMIN_FOLDER . "array_to_form.inc.php"; } // проверка названия раздела if (!$Subdivision_Name) { $posting = 0; nc_print_status(CONTROL_CONTENT_SUBDIVISION_INDEX_ERROR_THREE_NAME, 'error'); SubdivisionForm(6, "index.php", 2, $full); break; } // проверка уникальности ключевого слова для текущего раздела if (!IsAllowedSubdivisionEnglishName($EnglishName, $loc->ParentSubID, $loc->SubdivisionID, $loc->CatalogueID)) { $posting = 0; nc_print_status(CONTROL_CONTENT_SUBDIVISION_INDEX_ERROR_THREE_KEYWORD, 'error'); SubdivisionForm(6, "index.php", 2, $full); break; } // проверка символов для ключевого слова if (!$nc_core->subdivision->validate_english_name($EnglishName)) { $posting = 0; nc_print_status(CONTROL_CONTENT_SUBDIVISION_SUBCLASS_ERROR_KEYWORD_INVALID, 'error'); SubdivisionForm(6, "index.php", 2, $full); break; } // если раздел изменен переходим к информации по разделу или к дереву разделов if (ActionSubdivisionCompleted($type)) { nc_print_status(CONTROL_CONTENT_SUBDIVISION_SUCCESS_EDIT, 'ok');
function nc_subdivision_add() { $nc_core = nc_Core::get_object(); $db = $nc_core->db; $CatalogueID = intval($nc_core->input->fetch_get_post('CatalogueID')); $ParentSubID = intval($nc_core->input->fetch_get_post('ParentSubID')); $Template_ID = intval($nc_core->input->fetch_get_post('Template_ID')); $input = $nc_core->input->fetch_get_post(); // проверка названия раздела $Subdivision_Name = trim($nc_core->input->fetch_get_post('Subdivision_Name')); if (!$Subdivision_Name) { throw new Exception(CONTROL_CONTENT_SUBDIVISION_INDEX_ERROR_THREE_NAME); } // проверка ключевого слова $EnglishName = trim($nc_core->input->fetch_get_post('EnglishName')); if (empty($EnglishName)) { $EnglishName = nc_transliterate($Subdivision_Name, true); } // проверка на валидность $EnglishName = nc_check_english_name(0, $EnglishName, 1); if (!$nc_core->subdivision->validate_english_name($EnglishName)) { throw new Exception(CONTROL_CONTENT_SUBDIVISION_SUBCLASS_ERROR_KEYWORD_INVALID); } // проверка уникальности ключевого слова if (!IsAllowedSubdivisionEnglishName($EnglishName, $ParentSubID, 0, $CatalogueID)) { throw new Exception(CONTROL_CONTENT_SUBDIVISION_INDEX_ERROR_THREE_KEYWORD); } // визуальные настройки $TemplateSettings = ""; if ($_POST['is_parent_template'] == 'true') { $Template_ID = 0; } if ($Template_ID) { $settings = $nc_core->db->get_var("SELECT `CustomSettings` FROM `Template` WHERE `Template_ID` = '" . $Template_ID . "'"); if ($settings) { require_once $nc_core->ADMIN_FOLDER . "array_to_form.inc.php"; $a2f = new nc_a2f($settings, 'TemplateSettings'); if (!$a2f->validate($_POST['TemplateSettings'])) { throw new Exception($a2f->get_validation_errors()); } if (isset($_POST['TemplateSettings']) && !empty($_POST['TemplateSettings'])) { $a2f->save($_POST['TemplateSettings']); $TemplateSettings = $a2f->get_values_as_string(); } } } // execute core action $nc_core->event->execute("addSubdivisionPrep", $CatalogueID, 0); // добавление раздела $db->query("\n INSERT INTO `Subdivision`\n SET `Created` = NOW(),\n `Subdivision_Name` = '" . $db->escape($Subdivision_Name) . "',\n `EnglishName` = '" . $db->escape($EnglishName) . "',\n `Parent_Sub_ID` = '" . $ParentSubID . "',\n `Catalogue_ID` = '" . $CatalogueID . "',\n `Checked` = '" . intval($input['Checked']) . "',\n `Priority` = '" . intval($input['Priority']) . "',\n `Favorite` = '" . intval($input['Favorite']) . "',\n `UseMultiSubClass` = 1,\n `Template_ID` = '" . $Template_ID . "',\n `TemplateSettings` = '" . $db->escape($TemplateSettings) . "',\n `UseEditDesignTemplate` = '" . intval($input['UseEditDesignTemplate']) . "',\n `DisplayType` = '" . $db->escape($nc_core->input->fetch_get_post('DisplayType')) . "'"); if ($db->is_error) { throw new nc_Exception_DB_Error($db->last_query, $db->last_error); } $SubdivisionID = $db->insert_id; // обновим Hidden_URL $hidden_url = GetHiddenURL($ParentSubID); UpdateHiddenURL($hidden_url ? $hidden_url : "/", $ParentSubID, $CatalogueID); $nc_core->event->execute("addSubdivision", $CatalogueID, $SubdivisionID); // добавление компонента в разделе $Class_ID = intval($input['Class_ID']); $Class_Template_ID = intval($input['Class_Template_ID']); if ($Class_ID) { // визуальные настройки $CustomSettings = ""; $settings_array = $db->get_var("SELECT `CustomSettingsTemplate` FROM `Class`\n WHERE `Class_ID` = '" . ($Class_Template_ID ? $Class_Template_ID : $Class_ID) . "'"); if ($settings_array) { require_once $nc_core->ADMIN_FOLDER . "array_to_form.inc.php"; $a2f = new nc_a2f($settings_array, 'CustomSettings'); if (!$a2f->validate($_POST['CustomSettings'])) { $error = $a2f->get_validation_errors(); } else { $a2f->save($_POST['CustomSettings']); $CustomSettings = $a2f->get_values_as_string(); } } $nc_core->event->execute("addSubClassPrep", $CatalogueID, $SubdivisionID, 0); $db->query("INSERT INTO `Sub_Class`\n (`Subdivision_ID`, `Catalogue_ID`, `Class_ID`, `Sub_Class_Name`, `Checked`, `EnglishName`, `Created`, `CustomSettings`, `Class_Template_ID`)\n VALUES\n ('" . $SubdivisionID . "', '" . $CatalogueID . "', '" . $Class_ID . "', '" . $Subdivision_Name . "', 1, '" . $EnglishName . "', '" . date("Y-m-d H:i:s") . "', '" . addcslashes($CustomSettings, "'") . "', '" . $Class_Template_ID . "')"); if ($SubClassID = $db->insert_id) { $nc_core->event->execute("addSubClass", $CatalogueID, $SubdivisionID, $SubClassID); } } return $SubdivisionID; }