function addComment() { if ($this->request('hash') != $this->hash()) { return $this->redirect('404'); } $item = new struct_coreresource_comments(); $item->rcm_datetime = now(); $item->rcm_type = 'product'; $item->rcm_active = $this->_premoderation ? 0 : 1; //$item->rcm_parent_id = 0; $item->rcm_parent_id = strip_tags(stripslashes($this->request('parent_id'))); if ($this->getCurrentUser() and $this->getCurrentUser()->u_id) { $item->rcm_nickname = $this->getCurrentUser()->u_login; $item->rcm_user_id = $this->getCurrentUser()->u_id; } else { // @TODO: What really should we do if user is anonymous? $item->rcm_nickname = strip_tags(stripslashes($this->request('nickname'))); $item->rcm_user_id = 0; } $item->rcm_item_id = (int) $this->request('p'); $item->rcm_text = strip_tags(stripslashes($this->request('txt'))); $table = new model_core_table('comments', 'coreresource'); $table->insertItem($item); $item->rcm_id = $table->inserted_id(); $parentComm = $table->getItem($item->rcm_parent_id); $modelUser = rad_instances::get('model_core_users'); if ($parentComm->rcm_user_id != 0) { $userCommParent = $modelUser->getItem($parentComm->rcm_user_id); if (filter_var($userCommParent->u_email, FILTER_VALIDATE_EMAIL)) { //$link_to_comment = $this->makeURL('alias=product&products_action=i&i='.$item->rcm_id); $link_to_comment = $this->makeURL('alias=product&p=' . $item->rcm_item_id); $this->_sendMail($userCommParent->u_email, $item->rcm_text, $parentComm->rcm_text, $link_to_comment); } } //$this->_sendMail($parent->rcm_user_id); }
/** * Saves the description to the alias * @return JavaScript */ function saveDescription() { if ($this->redirect('hash') == $this->hash()) { $descriptiontxt = $this->request('descriptiontxt'); $description_ids = $this->request('id_description_for'); $alias_id = (int) $this->request('alias_id'); if (count($descriptiontxt) and $alias_id) { $table = new model_core_table('aliases_description'); $rows = 0; foreach ($descriptiontxt as $lng_id => $description) { $description = trim($description); if (strlen($description)) { $item = new struct_core_aliases_description(); $item->ald_aliasid = $alias_id; $item->ald_langid = $lng_id; $item->ald_txt = stripslashes($description); if (isset($description_ids[$lng_id]) and $description_ids[$lng_id] > 0) { //UPDATE $item->ald_id = (int) $description_ids[$lng_id]; $rows += $table->updateItem($item); } else { //INSERT $rows += $table->insertItem($item); echo '$("id_description_for_' . $lng_id . '").value="' . $table->inserted_id() . '";'; } } } echo 'RADAliDescr.message("' . str_replace('"', '\\\\"', $this->lang('-updated')) . ': ' . $rows . '");'; } else { $this->securityHoleAlert(__FILE__, __LINE__, $this->getClassName()); } } else { $this->securityHoleAlert(__FILE__, __LINE__, $this->getClassName()); } }