Exemplo n.º 1
0
function action_update_note($par = null)
{
    if (is_ajax() || isset($_POST['note'])) {
        $note = isset($par['note']) ? $par['note'] : (isset($_POST['note']) ? $_POST['note'] : '');
        $note = secure_text($note);
        if ((isset($par['note']) || isset($_POST['note'])) && check_rule('admin_settings') && update_option('admin_notes', $note)) {
            if (!is_ajax()) {
                push_output_message(array('title' => 'Обновлено!', 'text' => 'Заметка успешно обновлена', 'class' => 'alert alert-success'));
            }
            return true;
        } else {
            if (!is_ajax()) {
                push_output_message(array('title' => 'Ошибка!', 'text' => 'У вас недостаточно прав для правки публичной заметки', 'class' => 'alert alert-danger'));
            }
            return false;
        }
    }
    return false;
}
Exemplo n.º 2
0
function secure_loop($obj, $param = null)
{
    if (is_jsoned($obj)) {
        $copy = $obj;
        foreach ($copy as &$item) {
            $item = secure_text($item, $param);
        }
        $obj = $copy;
    }
    return $obj;
}
Exemplo n.º 3
0
function action_calendar_event_proc()
{
    global $DETDB, $PAGE;
    $ID = null;
    $custom = array('name' => '', 'place' => '', 'worker' => '', 'date_start' => date('Y-m-d H:i:s'), 'date_end' => '', 'disable_start' => false, 'disable_end' => false);
    if (isset($_GET['event_id'])) {
        $ID = $_GET['event_id'];
        if ($DETDB->isset_cell('calendar_events', $ID)) {
            $PAGE->title = 'Редактировать событие';
            $custom['ID'] = $ID;
        } else {
            $ID = null;
        }
    }
    set_glob_content(array('body' => $custom));
    if (isset($_POST['calendar_event_submit'])) {
        if ($_POST['name'] && $_POST['worker'] && $_POST['date_start']) {
            $_POST['date_start'] = strtotime($_POST['date_start']);
            if (isset($_POST['time_start']) && $_POST['time_start']) {
                $_POST['time_start'] = explode(':', date('H:i', strtotime($_POST['time_start'])));
                for ($i = 0; $i < 1; $i++) {
                    if ($_POST['time_start'][$i][0] == '0') {
                        $_POST['time_start'][$i] = substr($_POST['time_start'][$i], 1);
                    }
                }
                $_POST['date_start'] += (intval($_POST['time_start'][0]) * 60 + intval($_POST['time_start'][1])) * 60;
            }
            $_POST['date_start'] = date('Y-m-d H:i', $_POST['date_start']);
            if (isset($_POST['date_end']) && $_POST['date_end']) {
                $_POST['date_end'] = strtotime($_POST['date_end']);
                if ($_POST['time_end']) {
                    $_POST['time_end'] = explode(':', date('H:i', strtotime($_POST['time_end'])));
                    for ($i = 0; $i < 1; $i++) {
                        if ($_POST['time_end'][$i][0] == '0') {
                            $_POST['time_end'][$i] = substr($_POST['time_start'][$i], 1);
                        }
                    }
                    $_POST['date_end'] += (intval($_POST['time_end'][0]) * 60 + intval($_POST['time_end'][1])) * 60;
                }
                $_POST['date_end'] = date('Y-m-d H:i', $_POST['date_end']);
            }
            $custom = set_merge($custom, $_POST);
            $custom['name'] = secure_text($custom['name']);
            $custom['place'] = secure_text($custom['place']);
            $custom['worker'] = secure_text($custom['worker']);
            $custom['disable_end'] = $custom['disable_end'] ? true : false;
            $custom['disable_start'] = $custom['disable_start'] ? true : false;
            if ($custom['disable_end']) {
                $custom['date_end'] = '';
            }
            $send = $custom;
            unset($send['disable_end'], $send['disable_start']);
            $send['date_params'] = json_val_encode(array($custom['disable_start'], $custom['disable_end']));
            if (strtotime($custom['date_start']) <= strtotime($custom['date_end']) || $custom['date_end'] == '') {
                if (!$ID && $DETDB->insert('calendar_events', $send)) {
                    push_output_message(array('text' => 'Событие успешно добавлено', 'title' => 'Готово!', 'class' => 'alert alert-success', 'type' => 'success'));
                } elseif ($ID && $DETDB->update('calendar_events', $send, "WHERE ID='{$ID}'")) {
                    push_output_message(array('text' => 'Событие успешно обновлено', 'title' => 'Готово!', 'class' => 'alert alert-success', 'type' => 'success'));
                    set_glob_content(array('body' => $custom));
                } else {
                    push_output_message(array('text' => 'Неизвестная ошибка', 'class' => 'alert alert-danger', 'type' => 'error'));
                    set_glob_content(array('body' => $custom));
                }
            } else {
                push_output_message(array('text' => 'Дата начала должна быть меньше или равна дате конца события', 'title' => 'Ошибка!', 'class' => 'alert alert-danger', 'type' => 'error'));
                set_glob_content(array('body' => $custom));
            }
        } else {
            push_output_message(array('text' => 'Заполните все поля', 'title' => 'Ошибка!', 'class' => 'alert alert-warning', 'type' => 'warning'));
            set_glob_content(array('body' => $custom));
        }
    } else {
        if ($ID && ($res = (array) $DETDB->select('calendar_events', '*', true, "WHERE ID='{$ID}'"))) {
            $custom = set_merge($custom, $res);
            if ($res['date_params'] && check_json($res['date_params'])) {
                $res['date_params'] = json_decode($res['date_params'], true);
                if (count($res['date_params']) == 2) {
                    $custom['disable_start'] = $res['date_params'][0];
                    $custom['disable_end'] = $res['date_params'][1];
                }
            }
        }
        set_glob_content(array('body' => $custom));
    }
}
Exemplo n.º 4
0
function set_merge($arr1, $arr2, $empty = false, $secure = null)
{
    $obj = false;
    if (is_object($arr1)) {
        $obj = true;
        $arr1 = (array) $arr1;
    }
    if (is_object($arr2)) {
        $arr2 = (array) $arr2;
    }
    if ($arr2 && $arr1) {
        foreach ($arr2 as $key => $item) {
            if (isset($arr2[$key]) && array_key_exists($key, $arr1) && ($empty == false || $empty == true && ($arr1[$key] === null || $arr1[$key] == ''))) {
                if (is_merged($secure) || $secure === true) {
                    $secure = (array) $secure;
                    if (isset($secure['str'])) {
                        unset($secure['str']);
                    }
                    $arr1[$key] = secure_text($arr2[$key], $secure);
                } else {
                    $arr1[$key] = $arr2[$key];
                }
            }
        }
    }
    return $obj ? (object) $arr1 : $arr1;
}