$rule_id = rq('rule_id', 2); $rule_name = trim(rq('rule_name')); $old_rule_name = trim(rq('old_rule_name')); if ($rule_id == 0 || $rule_id == '' || $rule_name == '' || $old_rule_name == '' || $old_rule_name == $rule_name) { exit; } // Update rule name $sql = "update tbl_rules set link_name='" . mysql_real_escape_string($rule_name) . "' where id='" . mysql_real_escape_string($rule_id) . "'"; mysql_query($sql); cache_remove_rule($old_rule_name); cache_rules_update(); exit; break; case 'sync_slaves': cache_rules_update(); cache_links_update(); break; case 'update_rule': $rule_id = $_REQUEST['rule_id']; $rule_name = $_REQUEST['rule_name']; $rules_item = $_REQUEST['rules_item']; $rule_values = $_REQUEST['rule_value']; //$pattern = '/(^[a-z0-9_]+$)/'; $pattern = '/^[ЎўІіёa-zA-Zа-яА-Я0-9_-]*$/u'; foreach ($rules_item as $key => $rull) { if ($rull['type'] == 'get') { $get_arr = explode('=', $rull['val']); $get_name = $get_arr[0]; $get_val = $get_arr[1]; if (!preg_match($pattern, $get_name) || !preg_match($pattern, $get_val)) { exit;
function edit_offer($category_id, $link_name, $link_url) { $link_name = trim(str_replace(array("\r\n", "\r", "\n", "\t"), '', $link_name)); $link_url = trim(str_replace(array("\r\n", "\r", "\n", "\t"), '', $link_url)); if (trim($link_url) != '') { if (!(strpos($link_url, 'http://') === 0 || strpos($link_url, 'https://') === 0)) { $link_url = "http://{$link_url}"; } if ($category_id > 0) { if ($link_name != '') { // Check if we already have this offer in selected category $sql = "select id from tbl_offers where offer_name='" . _str($link_name) . "' and offer_tracking_url='" . _str($link_url) . "' and status=0"; $result = mysql_query($sql); $row = mysql_fetch_assoc($result); if ($row['id'] > 0) { $offer_id = $row['id']; // Offer found, check category $sql = "select id from tbl_links_categories where offer_id='" . _str($offer_id) . "' and category_id='" . _str($category_id) . "'"; $result = mysql_query($sql); $row = mysql_fetch_assoc($result); if ($row['id'] > 0) { // Offer found, don't add return $offer_id; } } } } else { if ($link_name != '') { // Check if we already have this offer without category $sql = "select id from tbl_offers where offer_name='" . _str($link_name) . "' and offer_tracking_url='" . _str($link_url) . "' and status=0"; $result = mysql_query($sql); $row = mysql_fetch_assoc($result); if ($row['id'] > 0) { $offer_id = $row['id']; // Offer found, don't add return $offer_id; } } } // Add link $sql = "insert into tbl_offers (offer_name, offer_tracking_url, date_add) values('" . mysql_real_escape_string($link_name) . "', '" . mysql_real_escape_string($link_url) . "', NOW())"; db_query($sql); $link_id = mysql_insert_id(); // Set link name instead of empty name if ($link_name == '') { $link_name = "Ссылка #{$link_id}"; $sql = "update tbl_offers set offer_name='" . mysql_real_escape_string($link_name) . "' where id='" . mysql_real_escape_string($link_id) . "'"; db_query($sql); } if ($category_id > 0) { // Add link to selected category $sql = "insert into tbl_links_categories (category_id, offer_id) values ('" . mysql_real_escape_string($category_id) . "', '" . mysql_real_escape_string($link_id) . "')"; db_query($sql); } } cache_links_update(); return $link_id; }