if ($multiple_changes) { foreach ($updateStrings as $multiple_changes_msg_id => $update_string) { if ($user_table_mode) { $resMsg = $db->query("UPDATE `User` SET {$update_string} WHERE `User_ID` = " . $multiple_changes_msg_id); } else { $SQL = "UPDATE `Message{$classID}`\n\t\t\t\t\t\t\t\t\tSET {$update_string},\n\t\t\t\t\t\t\t\t\t\t`LastUser_ID` = {$AUTH_USER_ID},\n\t\t\t\t\t\t\t\t\t\t`LastIP` = '" . $db->escape($REMOTE_ADDR) . "',\n\t\t\t\t\t\t\t\t\t\t`LastUserAgent` = '" . $db->escape($HTTP_USER_AGENT) . "'\n\t\t\t\t\t\t\t\t\t\tWHERE `Message_ID` = " . $multiple_changes_msg_id; $resMsg = $db->query($SQL); } } } else { if ($user_table_mode) { $nc_core->event->execute("updateUserPrep", $message); $resMsg = $db->query("UPDATE `User` SET " . $updateString . " `Checked` = `Checked`" . ($admin_mode ? ", `Keyword` = '" . $f_Keyword . "'" : "") . " " . ($Password ? ", `Password` = " . $nc_core->MYSQL_ENCRYPT . "('" . $db->escape($Password) . "'), `UserType` = 'normal' " : "") . " WHERE `User_ID` = '" . $message . "'"); } else { $nc_core->event->execute("updateMessagePrep", $catalogue, $sub, $cc, $classID, $message); $KeywordStr = !$KeywordDefined ? "`Keyword` = '" . nc_check_keyword_name($message, $f_Keyword, $classID) . "', " : ""; $SQL = "UPDATE `Message" . $classID . "` SET " . $updateString . ($admin_mode ? " `Checked` = '" . $f_Checked . "', " . $KeywordStr . "" : "") . "`LastUser_ID` = '" . $AUTH_USER_ID . "', `LastIP` = '" . $db->escape($REMOTE_ADDR) . "', `LastUserAgent` = '" . $db->escape($HTTP_USER_AGENT) . "' WHERE `Message_ID` = '" . $message . "'" . (!$modRights ? " AND `User_ID` = '" . $AUTH_USER_ID . "'" : ""); $resMsg = $db->query($SQL); } } if ($db->is_error) { $resMsg = 0; } else { $resMsg = 1; // execute core action if ($user_table_mode) { $nc_core->event->execute("updateUser", $message); } else { $nc_core->event->execute("updateMessage", $catalogue, $sub, $cc, $classID, $message); } }
continue 2; } break; } } if ($fldType[$i] == NC_FIELDTYPE_STRING || $fldType[$i] == NC_FIELDTYPE_TEXT || $fldType[$i] == NC_FIELDTYPE_DATETIME || $fldType[$i] == NC_FIELDTYPE_MULTISELECT) { if (NC_FIELDTYPE_TEXT == $fldType[$i]) { $format = nc_field_parse_format($fldFmt[$i], NC_FIELDTYPE_TEXT); } //транслитерация if (NC_FIELDTYPE_STRING == $fldType[$i]) { //транслитерируем только, если пользователь сам не ввел значение поля, чтобы позволить ему вводить свои собственные if ($format_string[$i]['use_transliteration'] == 1 && empty($_REQUEST['f_' . $format_string[$i]['transliteration_field']])) { $fieldValue = nc_transliterate($fldValue[$i], $format_string[$i]['use_url_rules'] == 1 ? true : false); if ($format_string[$i]['transliteration_field'] == 'Keyword') { $fieldValue = nc_check_keyword_name($message, $fieldValue, $classID); } $updateString .= "`" . $format_string[$i]['transliteration_field'] . "` = \"" . $fieldValue . "\", "; ${$format_string[$i]['transliteration_field'] . 'Defined'} = true; ${$format_string[$i]['transliteration_field'] . 'NewValue'} = "\"" . $fieldValue . "\""; } } $fldValue[$i] = str_replace("\\'", "'", addslashes($fldValue[$i])); if ($fldType[$i] == 8 && empty($fldValue[$i])) { $fldValue[$i] = "NULL"; } else { $fldValue[$i] = "\"" . $fldValue[$i] . "\""; } } if ($fldValue[$i] == "" && ($fldType[$i] == NC_FIELDTYPE_INT || $fldType[$i] == NC_FIELDTYPE_FLOAT || $fldType[$i] == NC_FIELDTYPE_SELECT || $fldType[$i] == NC_FIELDTYPE_RELATION)) { if ($fldNotNull[$i]) {