public function __construct() { $this->folder = functions::q($_POST['id']); $this->act = functions::q($_POST['op']); $this->db = new DataBase(); $this->f = new functions(); $this->image = new SimpleImage(); if ($this->act == 'upload') { $name = $_FILES['uploadfile']['name']; $exp = explode('.', $name); $this->ext = $exp[count($exp) - 1]; $filetypes = array('jpg', 'gif', 'bmp', 'png', 'JPG', 'BMP', 'GIF', 'PNG', 'jpeg', 'JPEG'); if (!in_array($this->ext, $filetypes)) { die("wrong_format"); } else { $this->photoName(); if ($this->getNum() < $this->_count) { $this->uploadFile(); } else { die("Максимальное количество загружаемых фотографий в объявление не должно превышать 6 шт."); } } } elseif ($this->act == 'delete') { $this->delete(); } }
function applyStatus($id, $act) { if ($act == 'top') { $sql = "UPDATE board SET top_time='" . (14 * 86400 + time()) . "' WHERE id='{$id}'"; } elseif ($act == 'color') { $sql = "UPDATE board SET is_color='1' WHERE id='" . functions::q($id) . "'"; } elseif ($act == 'important') { $sql = "UPDATE board SET is_important='1' WHERE id='" . functions::q($id) . "'"; } return mysql_query($sql); }
ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(-1); } define("HOST", $_SERVER['HTTP_HOST']); define("HOME", "http://" . $_SERVER['HTTP_HOST'] . "/"); define("URL", "http://" . HOST . $_SERVER['REQUEST_URI']); define("DIR", dirname(__FILE__)); include_once "classes/functions.php"; if (isset($_GET['r'])) { if ($db->result("SELECT COUNT(*) FROM region WHERE href = '" . functions::q($_GET['r']) . "'")) { //var_dump($_GET['r']); define("REGION", $_GET['r']); if (isset($_GET['cat_href'])) { define("CATEGORY", $_GET['cat_href']); if ($db->result("SELECT COUNT(*) FROM categories WHERE href = '" . functions::q(CATEGORY) . "'") == 0) { header("Location: " . HOME . "error/"); } } else { define("CATEGORY", ""); } } elseif ($db->result("SELECT COUNT(*) FROM categories WHERE href = '" . functions::q($_GET['r']) . "'")) { define("CATEGORY", $_GET['r']); define("REGION", ""); } else { header("Location: " . HOME . "error/"); } } else { define("REGION", ""); define("CATEGORY", ""); }
function ____changeCatMobile($cat) { $info = ""; $errors = ""; $required = array("name", "href", "title"); if (count($_POST) > 0) { foreach ($_POST as $k => $v) { if (in_array($k, $required) && $v == "") { $errors = "<div class=\"alert alert-danger\" role=\"alert\">Не заполнены обязательные поля</div>"; } $values .= "{$k} = '" . functions::q($v) . "', "; } $values = substr($values, 0, strlen($values) - 2); if (!preg_match("([A-Za-z0-9_\\-]+)", $_POST['href'])) { $info .= "<div class=\"alert alert-danger\" role=\"alert\">Неправильный URL категории</div>"; } elseif (!empty($errors)) { $info .= $errors; } elseif ($this->db->result("SELECT COUNT(*) FROM categories WHERE href = '" . functions::q($_POST['href']) . "'") > 1) { $info .= "<div class=\"alert alert-danger\" role=\"alert\">Категория с таким URL уже существует</div>"; } elseif ($this->db->query("UPDATE categories SET {$values} WHERE id = '" . functions::q($cat) . "'")) { $info .= "<div class=\"alert alert-success\" role=\"alert\">Категория успешно изменена</div>"; } else { $info .= "<div class=\"alert alert-danger\" role=\"alert\">Произошла ошибка</div>"; } } echo $info; echo "<h4>Изменить категорию</h4>"; $this->db->query("SELECT * FROM categories WHERE id = '" . functions::q($cat) . "'"); if ($this->db->getNumRows() > 0) { echo "<form method='post' action='http://" . HOST . "/" . $_SERVER['REDIRECT_URL'] . "'>"; while ($cat = mysql_fetch_assoc($this->db->data)) { $menu = array('name' => array('Имя категории', 'text'), 'title' => array('Тег title', 'text'), 'h1' => array('Заголовок H1', 'text'), 'href' => array('URL категории', 'text'), 'description' => array('Описание (description)', 'textarea'), 'keywords' => array('Ключивые слова (keywords)', 'textarea'), 'foot_text' => array('Текст внизу', 'textarea'), 'root_id' => array('', 'hidden'), 'visible' => array('Статус', 'select', array('1' => 'Опубликовано', '0' => 'Не опубликовано'))); $this->getFormMobile($menu, $cat); if ($cat['root_id'] == 0) { $this->getSubCategoriesMobile($cat['id'], HOME . "profile/admin/categories/"); } echo '<button type="submit" class="btn btn-success">Изменить категорию</button>'; } echo "</form>"; } else { echo "Категория не найдена"; } }
if (isset($_GET['act'])) { $db->query("SELECT * FROM board WHERE href = '" . functions::q($_GET['act']) . "'"); $b = $db->returnFirst(); //if(!$board->getAdmin() || $board->getUserId() != $b['user_id']) exit("У Вас нет прав для редкатирования этого объявления!<br />"); if ($board->getAdmin() || $board->getUserId() == $b['user_id']) { $values = array("title", "city", "autor", "phone", "email", "type", "text", "id_category", "price", "price_t", "address", "photos_id"); foreach ($values as $v) { ${$v} = $b[$v]; } $root_category = $db->result("SELECT root_id FROM categories WHERE id = '" . functions::q($id_category) . "'"); $root_region = $db->result("SELECT root_id FROM region WHERE href = '" . functions::q($city) . "'"); } } else { //$id_category = 0; //$root_category = 0; $root_category = $db->result("SELECT root_id FROM categories WHERE id = '" . functions::q($id_category) . "'"); $type = 'S'; $photos_id = PHOTO_ID; if ($board->getUser()) { $email = $board->email; } else { $email = ""; } } $view = View::main(); $view->set('errors', $errors); $view->set('FlagAddAdv', $FlagAddAdv); $view->set('photos_id', $photos_id); $view->set('title', $title); $view->set('autor', $autor); $view->set('phone', $phone);
protected function getMorphy($txt = null) { require_once $_SERVER['DOCUMENT_ROOT'] . '/plugins/phpmorphy/src/common.php'; $opts = array('storage' => PHPMORPHY_STORAGE_FILE, 'with_gramtab' => false, 'predict_by_suffix' => true, 'predict_by_db' => true); // Path to directory where dictionaries located $dir = $_SERVER['DOCUMENT_ROOT'] . '/plugins/phpmorphy/dicts/'; // Create descriptor for dictionary located in $dir directory with russian language $dict_bundle = new phpMorphy_FilesBundle($dir, 'rus'); // Create phpMorphy instance try { $morphy = new phpMorphy($dict_bundle, $opts); } catch (phpMorphy_Exception $e) { die('Error occured while creating phpMorphy instance: ' . $e->getMessage()); } $search = $_GET['q']; $search = mysql_real_escape_string($search); $search = mb_substr($search, 0, 30, 'UTF-8'); $search = explode(" ", $search); $q = ''; for ($i = 0; $i < count($search); $i++) { $ass = $search[$i]; $ass = mb_strtoupper($ass, 'utf-8'); $pseudo_root = $morphy->getPseudoRoot($ass); if (false === $pseudo_root) { $rep = $ass; } else { $rep = $pseudo_root[0]; } if ($txt == "text") { $q = $q . "A.text LIKE '%" . functions::q($rep) . "%' and "; } else { $q = $q . "A.title LIKE '%" . functions::q($rep) . "%' and "; } } $searchwords = substr($q, 0, strlen($q) - 4); return $searchwords; }
<?php include "mysql.php"; include "defines.php"; include "classes/main.php"; $act = empty($_GET['act']) ? "index" : functions::q($_GET['act']); $array = $db->returnFirst("SELECT * FROM pages WHERE href = '{$act}'"); $board->INFO = $array; $board->getInfo(); $db->query("SELECT * FROM pages"); $pages = []; while ($page = mysql_fetch_array($db->data)) { $pages[] = $page; } $view = View::main(); $view->set('pages', $pages); $view->render('rules');
function getInfo($page_id = 'index') { $replace = array('%CATEGORY%' => $this->search->CATEGORY['name'], '%REGION%' => !empty($this->search->R) ? $this->search->REGION['name'] : "Украина", '%SITE%' => "Market"); if (empty($this->INFO)) { if ($page_id == 'search' && isset($this->search->INFO) && !empty($this->search->INFO)) { $result = $this->search->INFO; } else { $result = $this->db->query("SELECT * FROM options WHERE link = '" . functions::q($page_id) . "'"); if ($this->db->getNumRows() > 0) { $result = $this->db->returnFirst(); } else { $result = $this->db->returnFirst("SELECT * FROM options WHERE link = 'default'"); } } } else { $result = $this->INFO; } if (is_array($result)) { foreach ($result as $k => $v) { $result[$k] = str_replace(array_keys($replace), $replace, $v); } } $this->INFO = $result; }
function rememberMobile() { if (isset($_POST['email'])) { if (empty($_POST['email'])) { $this->errors .= "E-mail не введен<br />"; } if ($this->db->result("SELECT COUNT(*) FROM users WHERE email = '" . functions::q($_POST['email']) . "'") == 0) { $this->errors .= "E-mail не найден в базе<br />"; } if (empty($this->errors)) { $this->rememberPassword($_POST['email']); } else { $this->getRememberFormMobile(); } } else { $this->getRememberFormMobile(); } }
echo json_encode($array); } elseif (isset($_GET['cat_id'])) { $array = array(); $db->query("SELECT * FROM categories WHERE root_id='" . functions::q($_GET['cat_id']) . "'"); while ($reg = mysql_fetch_array($db->data)) { $array[$reg['id']] = $reg['name']; } echo json_encode($array); } elseif (isset($_GET['op']) && $_GET['op'] == 'regions') { $board->getAjaxRegions(); } elseif (isset($_GET['op']) && $_GET['op'] == 'phone') { $phone = $db->result("SELECT phone FROM board WHERE id = '" . functions::q($_GET['board_id']) . "'"); if (!empty($phone)) { echo $phone; $res = $db->query('SELECT ip FROM board_hits WHERE type = \'phone\' AND ip = \'' . functions::q($_SERVER['REMOTE_ADDR']) . "' AND board_id = " . functions::q($_GET['board_id'])); $ip = mysql_fetch_array($res); if (!$ip['ip']) { $db->query("INSERT INTO board_hits(type, board_id, ip) VALUES ('phone', " . functions::q($_GET['board_id']) . ", '" . functions::q($_SERVER['REMOTE_ADDR']) . "')"); } } else { echo "Нет телефона"; } } elseif (isset($_GET['op']) && $_GET['op'] == 'mailmessage') { $b = $db->returnFirst("SELECT * FROM board WHERE id = '" . functions::q($_GET['board_id']) . "'"); $replace = array("%BOARD%" => $b['title'], "%EMAIL%" => $_GET['email'], "%TEXT%" => "<div style='padding: 10px; background: #F5F5F5;'>" . $_GET['text'] . "</div>"); if ($board->gomail($b['email'], "mailmessage", $replace)) { echo "ok"; } else { echo "Неизвестная ошибка!"; } }