function write() {
global $current_user;
/* @var $current_user CurrentUser */
if (!$current_user->authorized)
throw new Exception('Access denied');
$id = isset(Request::$post['id']) ? Request::$post['id'] : 0;
$id = max(0, (int) $id);
$parent_id = isset(Request::$post['parent_id']) ? Request::$post['parent_id'] : false;
$parent_id = max(0, (int) $parent_id);
if (!$id)
throw new Exception('Illegal id');
$title = isset(Request::$post['title']) ? Request::$post['title'] : false;
$description = isset(Request::$post['description']) ? Request::$post['description'] : false;
if ($parent_id == $id)
throw new Exception('Illegal parent');
if ($parent_id) {
$query = 'SELECT `id` FROM `series` WHERE `id`=' . $parent_id;
if (!Database::sql2single($query))
throw new Exception('No such parent');
}
if (!$title)
throw new Exception('Empty title');
$description = prepare_review($description);
$title = prepare_review($title, '');
$query = 'UPDATE `series` SET `id_parent`=' . $parent_id . ',`title`=' . Database::escape($title) . ', `description`=' . Database::escape($description) . ' WHERE `id`=' . $id;
Database::query($query);
}
function write()
{
global $current_user;
/*@var $current_user CurrentUser*/
$current_user->can_throw('books_edit');
$id = isset(Request::$post['id']) ? Request::$post['id'] : 0;
$id = max(0, (int) $id);
$row = Database::sql2row('SELECT * FROM genre WHERE `id`=' . $id);
if (!$row) {
return;
}
if (!$id) {
throw new Exception('Illegal id');
}
$description = prepare_review(isset(Request::$post['description']) ? Request::$post['description'] : '');
if (!$description) {
throw new Exception('Empty description');
}
$description = prepare_review($description);
$query = 'UPDATE `genre` SET `description`=' . Database::escape($description) . ' WHERE `id`=' . $id;
Database::query($query);
ob_end_clean();
header('Location:' . Config::need('www_path') . '/genres/' . $row['name']);
$current_user->gainActionPoints('genres_edit', $id, BiberLog::TargetType_genre);
exit;
}
function addComment()
{
global $current_user;
if (!$current_user->id) {
return;
}
$comment = isset(Request::$post['comment']) ? Request::$post['comment'] : false;
$comment = trim(prepare_review($comment, ''));
if (!$comment) {
throw new Exception('comment body expected');
}
$id = (int) Request::$post['id'];
if (!$id) {
throw new Exception('target id missed');
}
switch (Request::$post['type']) {
case 'serie':
$type = BiberLog::TargetType_serie;
break;
case 'author':
$type = BiberLog::TargetType_person;
break;
case 'book':
$type = BiberLog::TargetType_book;
break;
}
if ($id) {
MongoDatabase::addSimpleComment($type, $id, $current_user->id, $comment);
}
}
function write() {
global $current_user;
/* @var $current_user CurrentUser */
if (!$current_user->authorized)
throw new Exception('Access denied');
$data = array(
'target_id' => max(0, (int) Request::$post['target_id']),
'target_type' => max(0, (int) Request::$post['target_type']),
'comment' => prepare_review(Request::$post['annotation']),
'rate' => min(6, max(0, (int) Request::$post['rate'])) + 1,
);
$event = new Event();
if (!$data['comment']) {
// inserting rate
if ($data['rate'] && ($data['target_type'] == 0)) {
$time = time();
if ($data['rate'] > 1) {
$query = 'INSERT INTO `book_rate` SET `id_book`=' . $data['target_id'] . ',`id_user`=' . $current_user->id . ',`rate`=' . ($data['rate'] - 1) . ',`time`=' . $time . ' ON DUPLICATE KEY UPDATE
`rate`=' . ($data['rate'] - 1) . ',`time`=' . $time . '';
Database::query($query);
}
//recalculating rate
$query = 'SELECT COUNT(1) as cnt, SUM(`rate`) as rate FROM `book_rate` WHERE `id_book`=' . $data['target_id'];
$res = Database::sql2row($query);
$book_mark = round($res['rate'] / $res['cnt'] * 10);
$query = 'UPDATE `book` SET `mark`=' . $book_mark . ' WHERE `id`=' . $data['target_id'];
Database::query($query);
$event->event_BookRateAdd($current_user->id, $data['target_id'], $data['rate'] - 1);
}
} else {
if (!$data['target_id'])
return;
$query = 'INSERT INTO `reviews` SET
`id_target`=' . $data['target_id'] . ',
`target_type`=' . $data['target_type'] . ',
`id_user`=' . $current_user->id . ',
`time`=' . time() . ',
`comment`=' . Database::escape($data['comment']) . ',
`rate`=' . ($data['rate'] - 1) . '
ON DUPLICATE KEY UPDATE
`time`=' . time() . ',
`comment`=' . Database::escape($data['comment']) . ',
`rate`=' . ($data['rate'] - 1) . '';
Database::query($query);
//event
$event->event_BookReviewAdd($current_user->id, $data['target_id'],$data['target_type'], $data['rate'] - 1 , $data['comment']);
}
$event->push();
}
function _update() {
$data = array(
'id' => isset(Request::$post['id']) ? prepare_review(Request::$post['id'], '') : false,
'title' => isset(Request::$post['title']) ? prepare_review(Request::$post['title'], '') : false,
'description' => isset(Request::$post['description']) ? prepare_review(Request::$post['description']) : false,
'filepath' => isset(Request::$post['filepath']) ? prepare_review(Request::$post['filepath'], '') : false,
'group_id' => isset(Request::$post['group_id']) ? (int) Request::$post['group_id'] : false,
);
Features::getInstance()->_update($data);
}
function _update()
{
$data = array('id' => isset(Request::$post['id']) ? prepare_review(Request::$post['id'], '') : false, 'title' => isset(Request::$post['title']) ? prepare_review(Request::$post['title'], '') : false, 'folder' => isset(Request::$post['folder']) ? prepare_review(Request::$post['folder']) : false);
if ($data['title'] && $data['folder'] && $data['id']) {
$this->_upsert($data);
}
@ob_end_clean();
header('Location: ' . Config::need('www_path') . '/features');
exit(0);
}
function write() {
global $current_user;
if (!$current_user->authorized)
throw new Exception('Access Denied');
$id_author = $current_user->id;
$to_users = isset(Request::$post['to']) ? Request::$post['to'] : array($current_user->id);
if (strstr($to_users, ','))
$to_users = explode(',', $to_users);
if (!is_array($to_users))
$to_users = array($to_users);
foreach ($to_users as $id) {
if (strstr($id, ',')) {
$t_to_users = explode(',', $id);
foreach ($t_to_users as $n) {
$to_users_p[(int) $n] = (int) $n;
}
}
else $to_users_p[$id] = (int)$id;
}
$to_users = $to_users_p;
$subject = isset(Request::$post['subject']) ? Request::$post['subject'] : 'Без темы';
$body = isset(Request::$post['body']) ? Request::$post['body'] : false;
$subject = prepare_review($subject, '');
$body = prepare_review($body, '');
if (!$body)
throw new Exception('body!');
$time = time();
$thread_id = isset(Request::$post['thread_id']) ? Request::$post['thread_id'] : false;
if ($thread_id) {
// а можно ли писать в этот тред этому человеку?
$query = 'SELECT DISTINCT id_recipient FROM `users_messages_index` WHERE `thread_id`=' . $thread_id;
$usrs = Database::sql2array($query);
$found = false;
$to_users = array();
if ($usrs) {
foreach ($usrs as $usr) {
if ($usr['id_recipient'] == $current_user->id)
$found = true;
$to_users[$usr['id_recipient']] = $usr['id_recipient'];
}
}
if (!$found)
throw new Exception('You cant post to thread #' . $thread_id);
}
$to_users[$current_user->id] = $current_user->id;
$this->sendMessage($id_author, $to_users, $subject, $body, $time, $thread_id);
}
function addComment() {
global $current_user;
if (!$current_user->id)
return;
$comment = isset(Request::$post['comment']) ? Request::$post['comment'] : false;
$comment = trim(prepare_review($comment, ''));
if (!$comment)
throw new Exception('comment body expected');
$post_id = Request::$post['id'];
if ($post_id) {
MongoDatabase::addEventComment($post_id, $current_user->id, $comment);
}
}
function addComment()
{
global $current_user;
$subscribe = false;
if (isset(Request::$post['subscribe'])) {
if (Request::$post['subscribe']) {
$subscribe = true;
}
}
if (!$current_user->id) {
return;
}
$comment = isset(Request::$post['comment']) ? Request::$post['comment'] : false;
$comment = trim(prepare_review($comment, '<em><i><strong><b><u><s>'));
if (!$comment) {
throw new Exception('comment body expected');
}
$post_id = Request::$post['id'];
$data = array();
if ($post_id) {
if (isset(Request::$post['comment_id']) && ($comment_id = Request::$post['comment_id'])) {
$data = MongoDatabase::addEventComment($post_id, $current_user->id, $comment, $comment_id);
if ($data) {
Notify::notifyEventCommentAnswer($data['commenter_id'], $post_id, $data['comment_id']);
}
} else {
$data = MongoDatabase::addEventComment($post_id, $current_user->id, $comment);
if ($data) {
Notify::notifyEventComment($data['user_id'], $post_id, $data['comment_id']);
}
}
}
if ($data) {
if ($subscribe) {
// на своё и так и так подписаны
if ($data['post']['user_id'] != $current_user->id) {
$query = 'SELECT `id` FROM `events` WHERE `mongoid`=' . Database::escape($post_id);
$intid = Database::sql2single($query);
if ($intid) {
/* @var $current_user User */
$current_user->setNotifyRule(UserNotify::UN_COMMENT_ANSWER, UserNotify::UNT_NOTIFY);
$current_user->save();
Notify::notifySubscribe($current_user->id, $intid);
}
}
}
}
}
function newThread()
{
global $current_user;
/* @var $current_user CurrentUser */
$title = Request::post('title');
$message = Request::post('message');
$message = prepare_review($message);
$forum_id = Request::post('tid');
if (!$message || !$title) {
throw new Exception('fill all fields properly');
}
if (!$forum_id) {
throw new Exception('illegal forum id');
}
if ($current_user->can_throw('books_edit')) {
$nid = $this->doNewThread($title, $message, $current_user->id, $forum_id, time());
if ($nid) {
@ob_end_clean();
header('Location:' . Config::need('www_path') . '/forum/' . $forum_id . '/' . $nid);
}
}
}
function write()
{
global $current_user;
if (!$current_user->authorized) {
throw new Exception('Access Denied');
}
$data = array('target_id' => max(0, (int) Request::$post['target_id']), 'target_type' => max(0, (int) Request::$post['target_type']), 'comment' => prepare_review(Request::$post['annotation']), 'rate' => min(6, max(0, (int) Request::$post['rate'])) + 1);
$event = new Event();
$time = time();
//$old = MongoDatabase::findReviewEventData($current_user->id, $data['target_id']);
//$with_review = (isset($old['body']) && $old['body']) ? 1 : 0;
$with_review = 0;
// upsert rate into database
if ($data['rate']) {
$query = 'INSERT INTO `book_rate` SET `with_review`=' . $with_review . ', `id_book`=' . $data['target_id'] . ',`id_user`=' . $current_user->id . ',`rate`=' . ($data['rate'] - 1) . ',`time`=' . $time . ' ON DUPLICATE KEY UPDATE
`rate`=' . ($data['rate'] - 1) . ',`time`=' . $time . ',`with_review`=' . $with_review . '';
Database::query($query);
//recalculating rate
$query = 'SELECT COUNT(1) as cnt, SUM(`rate`) as rate FROM `book_rate` WHERE `id_book`=' . $data['target_id'];
$res = Database::sql2row($query);
$book_mark = round($res['rate'] / $res['cnt'] * 10);
$query = 'UPDATE `book` SET `mark`=' . $book_mark . ' WHERE `id`=' . $data['target_id'];
Database::query($query);
}
// insert data into mongo
if (!$data['comment']) {
unset($data['comment']);
}
if (isset($data['comment']) && $data['comment']) {
$event->event_BookReviewAdd($current_user->id, $data);
Notify::notifyNewBookReview($data['target_id'], $current_user->id);
} else {
if ($data['rate'] > 1) {
$event->event_BookRateAdd($current_user->id, $data);
}
}
$event->push();
}
function _update()
{
$data = array('id' => isset(Request::$post['id']) ? prepare_review(Request::$post['id'], '') : false, 'title' => isset(Request::$post['title']) ? prepare_review(Request::$post['title'], '') : false, 'description' => isset(Request::$post['description']) ? prepare_review(Request::$post['description']) : false, 'filepath' => isset(Request::$post['filepath']) ? prepare_review(Request::$post['filepath'], '') : false, 'group_id' => isset(Request::$post['group_id']) ? (int) Request::$post['group_id'] : false, 'db_modify' => time());
if ($data['title'] && $data['id']) {
Features::getInstance()->getByIdLoaded($data['id'])->_update($data);
}
if ($data['description']) {
// пишем в файл
$f = '../features/' . Features::getInstance()->getByIdLoaded($data['id'])->getFilePath();
if (!file_exists($f)) {
@mkdir('../features/' . Features::getInstance()->getByIdLoaded($data['id'])->getFolder());
file_put_contents($f, $data['description']);
$file_modify = @filemtime($f);
clearstatcache();
$query = 'UPDATE `features` SET `file_modify` = ' . $file_modify . ' WHERE `id`=' . $data['id'];
Database::query($query);
} else {
$file_modify = @filemtime($f);
if ($file_modify > Request::post('file_modify')) {
// файл новее чем в базе
$query = 'UPDATE `features` SET `file_modify` = ' . $file_modify . ' WHERE `id`=' . $data['id'];
Database::query($query);
throw new Exception(date('Y-m-d H:i:s') . ' File was modified at ' . date('Y-m-d H:i:s', $file_modify) . ', fetched version is ' . date('Y-m-d H:i:s', Request::post('file_modify')) . '. Please refresh page');
} else {
file_put_contents($f, $data['description']);
clearstatcache();
$file_modify = @filemtime($f);
clearstatcache();
$query = 'UPDATE `features` SET `file_modify` = ' . $file_modify . ' WHERE `id`=' . $data['id'];
Database::query($query);
}
}
}
@ob_end_clean();
header('Location: ' . Config::need('www_path') . '/features');
exit(0);
}
} else {
// not our post
continue;
}
}
}
}
$pubtime = $data['update_time'];
$y = date('Y', $pubtime);
$m = date('m', $pubtime);
$tblname = 'posts_data__' . $y . '_' . $m;
if ($found) {
$fulltext = preg_replace('/\\<script(.*)\\/script\\>/isU', '', $fulltext);
$fulltext = preg_replace('/\\<form(.*)\\/form>/isU', '', $fulltext);
$fulltext = preg_replace('/\\<iframe(.*)\\/iframe>/isU', '', $fulltext);
$short = close_dangling_tags(_substr(prepare_review($fulltext, ''), 211));
$query = 'INSERT INTO `' . $tblname . '` SET
`id`=' . $data['id'] . ',
`id_author`=' . $data['id_author'] . ',
`text`=' . Database::escape($fulltext) . ',
`short`=' . Database::escape($short) . ',
`has_content`=1
ON DUPLICATE KEY UPDATE
`has_content`=1,
`short`=' . Database::escape($short) . ',
`text`=' . Database::escape($fulltext);
Database::query($query);
Database::query('UPDATE `posts` SET `short`=' . Database::escape($short) . ', `has_content`=1 WHERE `id`=' . $data['id'] . ' AND `id_author`=' . $data['id_author'] . '');
} else {
Database::query('UPDATE `posts` SET `has_content`=2 WHERE `id`=' . $data['id'] . ' AND `id_author`=' . $data['id_author'] . '');
}
function write()
{
global $current_user;
if (!$current_user->authorized) {
throw new Exception('Access Denied');
}
$id = isset(Request::$post['id']) ? Request::$post['id'] : 0;
$id = max(0, (int) $id);
if (isset(Request::$post['serie1_id'])) {
$this->_glue();
return;
}
if (!$id) {
$this->_new();
return;
}
$query = 'SELECT * FROM `series` WHERE `id`=' . $id;
$old = Database::sql2row($query);
if (!$old || !$old['id']) {
throw new Exception('no such serie #' . $id);
}
$parent_id = isset(Request::$post['id_parent']) ? Request::$post['id_parent'] : false;
$parent_id = max(0, (int) $parent_id);
if (!$id) {
throw new Exception('Illegal id');
}
$title = isset(Request::$post['title']) ? Request::$post['title'] : false;
$description = isset(Request::$post['description']) ? Request::$post['description'] : false;
if ($parent_id == $id) {
throw new Exception('Illegal parent');
}
if ($parent_id) {
$query = 'SELECT `id` FROM `series` WHERE `id`=' . $parent_id;
if (!Database::sql2single($query)) {
throw new Exception('No such parent');
}
}
if (!$title) {
throw new Exception('Empty title');
}
$description = prepare_review($description);
$title = prepare_review($title, '');
$new = array('description' => $description, 'title' => $title, 'id_parent' => (int) $id_parent);
Database::query('START TRANSACTION');
SerieLog::addLog($new, $old, $id);
SerieLog::saveLog($id, BookLog::TargetType_serie, $current_user->id, BiberLog::BiberLogType_serieEdit);
$query = 'UPDATE `series` SET `id_parent`=' . $parent_id . ',`title`=' . Database::escape($title) . ', `description`=' . Database::escape($description) . ' WHERE `id`=' . $id;
Database::query($query);
Database::query('COMMIT');
$event = new Event();
$event->event_SeriesEdit($current_user->id, $id);
$event->push();
$search = Search::getInstance();
/* @var $search Search */
$search->setSerieToFullUpdate($id);
}
function write()
{
global $current_user;
$points_gained = false;
/* @var $current_user CurrentUser */
Database::query('START TRANSACTION');
$current_user->can_throw('books_edit');
if (!isset(Request::$post['lang_code']) || !Request::$post['lang_code']) {
throw new Exception('field missed #lang_code');
}
$id = isset(Request::$post['id']) ? (int) Request::$post['id'] : false;
if (Request::post('isbn')) {
Request::$post['isbn'] = extractISBN(Request::$post['isbn']);
}
if (!$id) {
$this->newBook();
return;
}
$books = Books::getInstance()->getByIdsLoaded(array($id));
$book = is_array($books) ? $books[$id] : false;
if (!$book) {
return;
}
/* @var $book Book */
$fields = array('title' => 'title', 'subtitle' => 'subtitle', 'isbn' => 'ISBN', 'year' => 'year', 'lang_code' => 'id_lang', 'annotation' => 'description', 'rightholder' => 'id_rightholder');
Request::$post['lang_code'] = Config::$langs[Request::$post['lang_code']];
Request::$post['annotation'] = trim(prepare_review(Request::$post['annotation'], false, '<img>'));
Request::$post['title'] = trim(prepare_review(Request::$post['title'], ''));
Request::$post['year'] = (int) Request::$post['year'];
$magazineData = array();
if ($book->data['book_type'] == Book::BOOK_TYPE_MAGAZINE) {
$magazineData = Database::sql2row('SELECT * FROM `magazines` M LEFT JOIN book_magazines BM ON BM.id_magazine=M.id WHERE BM.id_book=' . $book->id);
$book->data['n'] = max(0, $magazineData['n']);
$book->data['year'] = $magazineData['year'];
Request::$post['n'] = isset(Request::$post['n']) && Request::$post['n'] ? Request::$post['n'] : $magazineData['n'];
}
$to_update_m = array();
$to_update = array();
if (isset(Request::$post['quality'])) {
if ($book->data['quality'] != (int) Request::$post['quality']) {
$to_update['quality'] = (int) Request::$post['quality'];
}
}
if (isset(Request::$post['n'])) {
if (isset($book->data['n']) && $book->data['n'] != (int) Request::$post['n']) {
$to_update_m['n'] = (int) Request::$post['n'];
Request::$post['title'] = $magazineData['title'];
Request::$post['subtitle'] = '№ ' . $to_update_m['n'] . ' за ' . Request::$post['year'] . ' год';
}
if (isset($book->data['year']) && $book->data['year'] != (int) Request::$post['year']) {
$to_update_m['n'] = (int) Request::$post['n'];
Request::$post['title'] = $magazineData['title'];
Request::$post['subtitle'] = '№ ' . $to_update_m['n'] . ' за ' . Request::$post['year'] . ' год';
}
}
if (isset($_FILES['cover']) && $_FILES['cover']['tmp_name']) {
$folder = Config::need('static_path') . '/upload/covers/' . ceil($book->id / 5000);
@mkdir($folder);
// inserting new cover
$query = 'INSERT INTO `book_covers` SET `id_book`=' . $book->id;
Database::query($query);
$cover_id = Database::lastInsertId();
// generating file names
$filename_normal = $folder . '/default_' . $book->id . '_' . $cover_id . '.jpg';
$filename_small = $folder . '/small_' . $book->id . '_' . $cover_id . '.jpg';
$filename_big = $folder . '/big_' . $book->id . '_' . $cover_id . '.jpg';
$filename_orig = $folder . '/orig_' . $book->id . '_' . $cover_id . '.jpg';
$to_update['is_cover'] = $cover_id;
$thumb = new Thumb();
$thumb->createThumbnails($_FILES['cover']['tmp_name'], array($filename_small, $filename_normal, $filename_big, $filename_orig), self::$cover_sizes);
if ($book->data['is_cover']) {
$current_user->gainActionPoints('books_edit_cover', $book->id, BiberLog::TargetType_book);
} else {
$current_user->gainActionPoints('books_add_cover', $book->id, BiberLog::TargetType_book);
}
$points_gained = true;
}
// file loading
if (isset($_FILES['file']) && isset($_FILES['file']['tmp_name']) && $_FILES['file']['tmp_name']) {
$filetype_ = explode('.', $_FILES['file']['name']);
$filetype_ = isset($filetype_[count($filetype_) - 1]) ? $filetype_[count($filetype_) - 1] : '';
$fts = Config::need('filetypes');
$filetype = false;
foreach ($fts as $ftid => $ftname) {
if ($ftname == $filetype_) {
$filetype = $ftid;
}
}
if (!$filetype) {
throw new Exception('wrong filetype:' . $filetype_);
}
$destinationDir = Config::need('files_path') . DIRECTORY_SEPARATOR . getBookFileDirectory($book->id, $filetype);
@mkdir($destinationDir, 0755);
// добавляем запись в базу
$filesize = $_FILES['file']['size'];
$query = 'SELECT * FROM `book_files` WHERE `id_book`=' . $book->id;
$files = Database::sql2array($query, 'filetype');
// replacing file
if (isset($files[$filetype])) {
$old_id_file = $files[$filetype]['id'];
$old_id_file_author = $files[$filetype]['id_file_author'];
$old_filesize = $files[$filetype]['filesize'];
$query = 'DELETE FROM `book_files` WHERE `id`=' . $old_id_file;
Database::query($query);
$query = 'INSERT IGNORE INTO `book_files` SET
`id_book`=' . $book->id . ',
`filetype`=' . $filetype . ',
`id_file_author`=' . $current_user->id . ',
`modify_time`=' . time() . ',
`filesize`=' . $filesize;
Database::query($query);
$id_file = Database::lastInsertId();
BookLog::addLog(array('id_file' => $id_file, 'filetype' => $filetype, 'id_file_author' => $current_user->id, 'filesize' => $filesize), array('id_file' => $old_id_file, 'filetype' => 0, 'id_file_author' => $old_id_file_author, 'filesize' => $old_filesize), $book->id);
Database::query($query);
$current_user->gainActionPoints('books_edit_file', $book->id, BiberLog::TargetType_book);
} else {
$query = 'INSERT INTO `book_files` SET
`id_book`=' . $book->id . ',
`filetype`=' . $filetype . ',
`id_file_author`=' . $current_user->id . ',
`modify_time`=' . time() . ',
`filesize`=' . $filesize;
Database::query($query);
$id_file = Database::lastInsertId();
BookLog::addLog(array('id_file' => $id_file, 'filetype' => $filetype, 'id_file_author' => $current_user->id, 'filesize' => $filesize), array('id_file' => 0, 'filetype' => 0, 'id_file_author' => 0, 'filesize' => 0), $book->id);
$current_user->gainActionPoints('books_add_file', $book->id, BiberLog::TargetType_book);
}
if ($id_file) {
$points_gained = true;
if (!$book->data['id_main_file'] || isset($files[$filetype])) {
$to_update['id_main_file'] = $id_file;
}
$destinationFile = getBookFilePath($id_file, $book->id, $filetype, Config::need('files_path'));
if (!move_uploaded_file($_FILES['file']['tmp_name'], $destinationFile)) {
throw new Exception('Cant save file to ' . $destinationFile);
}
// event for new File
$event = new Event();
$event->event_BooksAddFile($current_user->id, $book->id);
$event->push();
if ($filetype == 1) {
// FB2
$parser = new FB2Parser($destinationFile);
$parser->parseDescription();
$toc = $parser->getTOCHTML();
Request::$post['annotation'] = $parser->getProperty('annotation');
Request::$post['title'] = $parser->getProperty('book-title');
$to_update['table_of_contents'] = $toc;
}
}
}
foreach ($fields as $field => $bookfield) {
if (!isset(Request::$post[$field])) {
throw new Exception('field missed #[' . $field . ']');
}
if ($book->data[$bookfield] != Request::$post[$field]) {
$to_update[$bookfield] = Request::$post[$field];
}
}
$q = array();
foreach ($to_update as $field => &$value) {
$q[] = '`' . $field . '`=' . Database::escape($value) . '';
}
$push_event = true;
if (count($q)) {
if (count($to_update) == 1) {
foreach ($to_update as $kk => $vv) {
if ($kk == 'id_main_file') {
$push_event = false;
}
}
}
$query = 'UPDATE `book` SET ' . implode(',', $q) . ' WHERE `id`=' . $book->id;
Database::query($query);
if (count($to_update_m)) {
$to_update['n'] = $to_update_m['n'];
}
BookLog::addLog($to_update, $book->data, $book->id);
foreach ($to_update as $f => $v) {
$book->data[$f] = $v;
}
$search = Search::getInstance();
/* @var $search Search */
$search->updateBook($book);
if ($push_event) {
$event = new Event();
$event->event_BooksEdit($current_user->id, $book->id);
$event->push();
}
if (!$points_gained) {
$current_user->gainActionPoints('books_edit', $book->id, BiberLog::TargetType_book);
}
}
BookLog::saveLog($book->id, BookLog::TargetType_book, $current_user->id, BiberLog::BiberLogType_bookEdit);
Books::getInstance()->dropCache($book->id);
if (count($to_update_m)) {
if ($to_update_m['n'] && $book->data['book_type'] == Book::BOOK_TYPE_MAGAZINE) {
Database::query('UPDATE `book_magazines` SET `n`=' . $to_update_m['n'] . ',`year`=' . (int) $book->data['year'] . ' WHERE `id_book`=' . $book->id);
}
}
ob_end_clean();
header('Location:' . Config::need('www_path') . '/b/' . $book->id);
Database::query('COMMIT');
exit;
}
function write()
{
global $current_user;
/* @var $current_user User */
if (!$current_user->authorized) {
throw new Exception('Access Denied');
}
$id_author = $current_user->id;
$to_users_ = isset(Request::$post['to']) ? Request::$post['to'] : array();
if (!is_array($to_users_)) {
$to_users_ = array($to_users_);
}
foreach ($to_users_ as $id) {
$to_users[$id] = $id;
}
foreach ($to_users as $id) {
if (strstr($id, ',')) {
$t_to_users = explode(',', $id);
foreach ($t_to_users as $n) {
$to_users_p[trim($n)] = trim($n);
}
} else {
$to_users_p[trim($id)] = trim($id);
}
}
$to_users = $to_users_p;
if (isset($to_users[$current_user->id])) {
throw new Exception('self mailing');
}
if (isset($to_users[$current_user->getNickName()])) {
throw new Exception('self mailing');
}
$loaded = array();
foreach ($to_users as $id) {
$tmp = new User($id);
$tmp->load();
$loaded[$tmp->id] = $tmp;
}
foreach ($loaded as $key => $u) {
$to_users[$key] = $key;
}
$subject = isset(Request::$post['subject']) ? Request::$post['subject'] : 'Без темы';
$body = isset(Request::$post['body']) ? Request::$post['body'] : false;
$subject = prepare_review($subject, '');
$body = prepare_review($body, '');
if (!$body) {
throw new Exception('body!');
}
$time = time();
$thread_id = isset(Request::$post['thread_id']) ? Request::$post['thread_id'] : false;
if ($thread_id) {
// а можно ли писать в этот тред этому человеку?
$query = 'SELECT DISTINCT id_recipient FROM `users_messages_index` WHERE `thread_id`=' . $thread_id;
$usrs = Database::sql2array($query);
$found = false;
$to_users = array();
if ($usrs) {
foreach ($usrs as $usr) {
if ($usr['id_recipient'] == $current_user->id) {
$found = true;
}
$to_users[$usr['id_recipient']] = $usr['id_recipient'];
}
}
if (!$found) {
throw new Exception('You cant post to thread #' . $thread_id);
}
}
$to_users[$current_user->id] = $current_user->id;
$body = texttourl($body);
$this->sendMessage($id_author, $to_users, $subject, $body, $time, $thread_id);
}
