function save()
{
$text = clear("text");
$add_comment = clear("add_comment");
$del = clear("del");
$edit_ok = clear("edit_ok");
$edit_id = clear("edit_id");
$is_spoiler = checkbox_value(clear("is_spoiler"));
//pridavani prispevku
if ($add_comment) {
if (!$this->uid) {
go_out();
}
if (!$text) {
$this->msg->set_text($this->l->t("empty_comment"), "error");
return 0;
}
//kontrola pripadne minimalni delky
if ($this->short_posts != 'allowed') {
$len = strlen(no_dia($text));
if ($len < 100) {
$this->msg->set_text($this->l->t("short_comment", $len), "error");
$this->show_text = "yes";
return 0;
}
}
//pokud jde o knihu, kontrola zda-li j*z nejaky komentar nevlozil
if ($this->type == 'book' || $this->type == 'author' || $this->type == 'selfpublishing') {
$sql = sql_query("select id from comments\n\t\t where (item = '" . $this->item . "'\n\t\t and type = '" . $this->type . "'\n\t\t and user = '******')");
$data = sql_fetch_object($sql);
if ($data->id) {
$this->msg->set_text($this->l->t("comment_exists"), "error");
$this->show_text = "yes";
return 0;
}
}
//pokud jde o selfpublishing, kontrolujeme ze knihu koupil
if ($this->type == 'selfpublishing') {
if ($this->has_selfpublishing_bought()) {
$this->msg->set_text($this->l->t("not_bought"), "error");
$this->show_text = "yes";
return 0;
}
}
$sql = sql_query("insert into comments\n (type, item, user, text, time, is_spoiler)\n values\n ('" . $this->type . "', '" . $this->item . "',\n '" . $this->uid . "', '" . $text . "', '" . time() . "', '" . $is_spoiler . "')");
if ($sql) {
//oznameni vsem kteri sleduji komentare
$comment_id = mysql_insert_id();
$this->msg->set_text($this->l->t("add_ok"));
if ($this->type == 'book') {
$this->sent_notice($comment_id);
}
//pridame body
add_points($this->uid, 3, 'comments');
}
}
//mazani prispevku
if ($del) {
//kontrola zda-li je jeho a nenni starsi nez 24 hodin
$sql = sql_query("select user, time\n from comments\n where (id = '{$del}')");
$data = sql_fetch_object($sql);
if ($data->user == $this->uid) {
//mazani
$sql = sql_query("delete from comments\n where (id = '{$del}')");
if ($sql) {
$this->msg->set_text($this->l->t("del_ok"));
//odebrani bodu
add_points($this->uid, -3, "comments");
}
}
}
//uprava prispevku
if ($edit_ok) {
//kontrola zda-li je jeho a nenni starsi nez 24 hodin
$sql = sql_query("select user, time\n from comments\n where (id = '{$edit_id}')");
$data = sql_fetch_object($sql);
$time = time() - 24 * 3600;
// && $time < $data->time - moznost mazani pouze 24 hodin po napsani prozatim zrusena
if ($data->user == $this->uid) {
if ($this->short_posts != 'allowed') {
$len = strlen(no_dia($text));
if ($len < 100) {
$this->msg->set_text($this->l->t("short_comment", $len), "error");
$this->show_text = "yes";
return 0;
}
}
//uprava
$sql = sql_query("update comments\n set text = '{$text}', is_spoiler = '{$is_spoiler}'\n where (id = '{$edit_id}')");
if ($sql) {
$this->msg->set_text($this->l->t("edit_ok"));
$this->show_text = '';
$_GET['edit'] = '';
}
}
}
//ulozeni / zruseni zasilani novych komentaru
$notice_on = clear("notice_on");
$notice_off = clear("notice_off");
if ($notice_on && $this->type == 'book' && $this->uid) {
//pripadne smazani kdyby slo o opakovany request
$sql = sql_query("delete from comments_notice\n where (user = '******' and book = '" . $this->item . "')");
$sql = sql_query("insert into comments_notice\n (user, book)\n values\n ('" . $this->uid . "', '" . $this->item . "')");
if ($sql) {
$this->msg->set_text($this->l->t("notice_on_msg"));
}
}
if ($notice_off && $this->type == 'book' && $this->uid) {
$sql = sql_query("delete from comments_notice\n where (user = '******' and book = '" . $this->item . "')");
if ($sql) {
$this->msg->set_text($this->l->t("notice_off_msg"));
}
}
}
function get_order_data()
{
$this->i_name = $_POST["i_name"];
$this->i_street = $_POST["i_street"];
$this->i_city = $_POST["i_city"];
$this->i_zip = $_POST["i_zip"];
$this->i_country = $_POST["i_country"];
$this->note = $_POST["note"];
$this->is_company = checkbox_value(clear("is_company"));
if ($this->is_company) {
$this->company_name = $_POST["company_name"];
$this->company_ic = $_POST["company_ic"];
$this->company_dic = $_POST["company_dic"];
} else {
$this->company_name = "";
$this->company_ic = "";
$this->company_dic = "";
}
/*
$this->pay_method = clear("pay_method");
$this->pay_method_type = clear("pay_type");
*/
}
static function registration($type, $in_order = false)
{
$nick = clear("nick");
$pass = clear("pass");
$mail = clear("mail");
$lang = clear("lang");
$ver = clear("ver");
$city = clear("city");
$is_newsletter = checkbox_value(clear("is_newsletter"));
$l = new lang("registration", $_SESSION["my_lang_ui"]);
$msg = $_SESSION["msg"];
if (strlen($pass) < 5) {
$msg->set_text($l->t("pass_short"), "error");
$msg->set_specific_text($l->t("pass_short"), "pass", "error");
}
//prilis dlouhy nick
if (strlen($nick) > 21) {
$msg->set_specific_text($l->t("nick_long"), "nick", "error");
}
//verifikace proti robotum
if (!lang::is_lang_supported(lang::strict_lang_by_user_agent())) {
if ($ver != 4) {
$msg->set_text($l->t("invalid_ver"), "error");
}
}
//zjisteni jeslti uz v db neni nekdo se stejnym nickem
$sql = sql_query("select id from users\n\t\t\t\t\t\t\t\t\t\t\t\t\twhere (nick = '{$nick}')");
$num = sql_num_rows($sql);
if ($num) {
$msg->set_specific_text($l->t("nick_exists"), "nick", "error");
}
//zjisteni jeslti uz v db neni nekdo se stejnym nickem mailem
$sql = sql_query("select id from users\n\t\t\t\t\t\t\t\t\t\t\t\t\twhere (mail = '{$mail}')");
$num = sql_num_rows($sql);
if ($num) {
$msg->set_specific_text($l->t("mail_exists") . " " . my_link($l->l("ztracene-heslo"), $l->t("lost_password")), "mail", "error");
}
if (!$nick || !$pass || !$mail) {
$msg->set_text($l->t("empty_data"), "error");
}
$test_mail = preg_match('~^[_a-zA-Z0-9-]+(\\.[_a-zA-Z0-9-]+)*@[a-zA-Z0-9-]+(\\.[a-zA-Z0-9-]+)*$~i', $mail);
if (!$test_mail) {
$msg->set_specific_text($l->t("invalid_email"), "mail", "error");
}
//pokud je vse v poradku
if ($msg->is_empty()) {
$sec_pass = $pass;
$pass = md5(md5(md5(md5(md5($pass)))));
$names = explode(" ", $nick);
if (count($names) > 1) {
$surname = $names[count($names) - 1];
}
if (!$lang) {
$lang = $_SESSION["my_lang"];
}
$sql = sql_query("insert into users\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t(nick, pass, mail, register_time, photo,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tshow_readed, booklists_style, virtual_surname, city, is_newsletter,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tlang, lang_ui, registration_source)\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t('{$nick}', '{$pass}', '{$mail}', '" . time() . "', 'no',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'yes', 'default', '" . $surname . "', '" . $city . "', '" . $is_newsletter . "',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'" . $lang . "', '" . $lang . "', '" . $type . "')");
if ($sql) {
$id = mysql_insert_id();
//v pripade ze ma ulozeny trackovaci cookie, ulozime udaj
$tracking = $_COOKIE["a_campaign"];
if ($tracking) {
$s = sql_query("insert into registrations_sources\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t(user, time, source)\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t('" . $id . "', '" . time() . "', '" . $tracking . "')");
}
//ulozime pripadne nastavene zajmy
$sql_i = sql_query("select name, interest_id from interests\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\twhere (lang = '" . $_SESSION["my_lang"] . "')\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\torder by name asc");
$interests[] = array();
while ($data_i = sql_fetch_object($sql_i)) {
$temp = clear("interest_" . $data_i->interest_id);
if (isset($interests[(string) $data_i->interest_id])) {
continue;
}
if ($temp) {
$interests[$data_i->interest_id] = 1;
$s = sql_query("insert into users_interests\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t(user, interest)\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tvalues\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t('" . $id . "', '" . $data_i->interest_id . "')");
}
}
//zaslani registracniho emailu
$text = strip_tags($l->t("reg_mail_text", $nick, $sec_pass) . "\n" . $l->t("web_url"));
$sent = mail($mail, $l->t("reg_subject"), $text, "From: info@cbdb.cz \nContent-Type: text/plain; charset=utf-8");
if ($sent) {
if (!$in_order) {
$msg->set_text($l->t("reg_ok") . "<br />");
} else {
}
//prihlasime usera -----------------------
$my_login = new my_login();
$my_login->log_in("ok", $nick, $sec_pass);
}
}
}
}
