function MyCommit($row)
{
// Переносим изображение
if ($row['image'] && getimagesize('..' . $row['image']) && strpos($row['image'], 'plans') === false) {
$object_id = sql_getValue('SELECT pid FROM obj_elem_plans WHERE id=' . $row['pid']);
$dir = '../files/objects/' . $object_id;
if (!is_dir($dir)) {
mkdir($dir);
mkdir($dir, 0770);
}
$dir .= '/plans';
if (!is_dir($dir)) {
mkdir($dir);
mkdir($dir, 0770);
}
$new_name = $dir . '/' . basename($row['image']);
rename('..' . $row['image'], $new_name);
$row['image'] = substr($new_name, 2);
}
if ($_POST['id']) {
sql_update($this->elem_table, $row, 'id = ' . $_POST['id']);
} else {
sql_insert($this->elem_table, $row);
}
$err = sql_getError();
if (empty($err)) {
return 1;
}
return $err;
}
function EditChanges()
{
$row = get('row', array(), 'p');
foreach ($row as $key => $val) {
$res = sql_query("UPDATE {$this->table} SET price='{$val['price']}' WHERE id={$key}");
if (!$res) {
return "<script>alert('" . $this->str('error') . ": " . sql_getError() . "');</script>";
}
}
return "<script>window.parent.modified(0);alert('" . $this->str('price_saved') . "');</script>";
}
function ElemEdit($id, $row, $elem_id)
{
$this->table = 'elem_product';
$_POST['id'] = $id;
$_POST['fld'] = $row;
unset($_POST['fld']['name']);
if (sql_query('REPLACE INTO ' . $this->table . '(`id`,`pid`,`priority`) VALUES(' . $row['id'] . ',' . $row['pid'] . ',' . $row['priority'] . ') ')) {
return $id;
} else {
return sql_getError();
}
}
function editRefresh()
{
$a = file("http://export.rbc.ru/free/cb.0/free.fcgi?period=DAILY&tickers=USD&d1=" . date('j') . "&m1=" . date('n') . "&y1=" . date('Y') . "&separator=%3B&data_format=BROWSER");
if (empty($a)) {
return "<script>alert('Сервер с валютами временно недоступен');</script>";
}
$a = split(";", $a[0]);
$value = $a[5];
$sql = 'UPDATE ' . $this->table . ' SET value="' . $value . '" WHERE name="USD"';
sql_query($sql);
$err = sql_getError();
if (!$err) {
touch_cache('currencies');
return "<script>alert('" . $this->str('saved') . "'); window.parent.location.reload();</script>";
}
return "<script>alert('" . $this->str('error') . ": " . mysql_escape_string($err) . "')</script>";
}
function editCreate()
{
$name = str_replace("&", "=+=+=+=", $_POST['fld']['name']);
$name = htmlspecialchars($name);
$name = str_replace("=+=+=+=", "&", $name);
$id = sql_insert($this->table, array('name' => $name, 'date' => date('Y-m-d H:i:s')));
# Обновляем src
$ret = sql_query("UPDATE " . $this->table . " SET pid=" . $this->pid . " WHERE id=" . $id);
if (!$ret) {
die('"UPDATE error: ' . addslashes(sql_getError()) . '"');
}
if (is_int($id)) {
HeaderExit("/admin/editor.php?page={$this->name}&id=" . $id);
} else {
die($id);
}
}
function Delete()
{
$id = get('id', array(), 'gp');
if (empty($id)) {
return;
}
# Выясняем, нужно ли перегрузить одну ветвь или лучше все
$pids = sql_getRows('SELECT pid FROM ' . $this->table . ' WHERE id in (' . join(', ', array_keys($id)) . ') GROUP BY pid');
$pid = count($pids) > 1 ? 0 : $pids[0];
$r1 = sql_query("DELETE FROM " . $this->table . " WHERE id IN (" . join(', ', array_keys($id)) . ")");
if (!$r1) {
return '<script>alert(\'' . $this->str('error') . ': ' . sql_getError() . '\')</script>';
} else {
return '<script>
alert(\'' . $this->str('deleted') . '\');
window.parent.top.opener.location.href="/admin/?page=tree&id=' . $pid . '";
window.close();
</script>';
}
}
function showForm(&$params)
{
$page =& Registry::get('TPage');
$form = sql_getRow('SELECT * FROM elem_form WHERE pid=' . $page->content['id'] . ' AND visible > 0');
if (!$form) {
return;
}
$rows = sql_getRows('SELECT * FROM elem_form_elems WHERE pid=' . $form['form_id']);
foreach ($rows as $k => $v) {
if ($v['show']) {
$_key = !empty($v['db_field']) ? $v['db_field'] : $k;
$elements[$_key] = array('name' => $_key, 'type' => $v['type'] == 'input' ? 'text' : $v['type'], 'text' => $v['text'], 'key' => $v['key'], 'req' => $v['req'], 'check' => $v['check'], 'db_field' => $v['db_field'], 'atrib' => ($v['type'] != 'radio' && $v['type'] != 'checkbox' ? 'style="width: 90%;"' : '') . ($v['type'] == 'textarea' ? ' rows="5"' : '') . ($v['type'] == 'input' || $v['type'] == 'textarea' || $v['type'] == 'file' ? 'class="input_text"' : ''), 'onerror' => !empty($v['check']) ? $page->tpl->get_config_vars('msg_err_invalid_' . $v['check']) : '');
if ($v['type'] == 'select' || $v['type'] == 'radio' || $v['type'] == 'checkbox') {
$temp = sql_getRows('SELECT * FROM elem_form_values WHERE pid=' . $v['id']);
foreach ($temp as $key => $value) {
$elements[$k]['options'][$value['value']] = $value['text'];
}
}
}
}
$elements['send'] = array('name' => 'send', 'type' => 'submit', 'group' => 'system', 'value' => $page->tpl->get_config_vars('send'));
$form_obj = new TForm(array('elements' => $elements));
$ret = $form_obj->generate();
$ret['form']['title'] = $form['name'];
$ret['form']['width'] = '80%';
$ret['form']['action'] = $page->content['href'];
if (!empty($_POST) && empty($ret['form']['errors'])) {
$mail =& new PHPMailer();
$admin_email = $page->tpl->get_config_vars('admin_email');
if (empty($form['email'])) {
$admin[0] = $admin_email;
} else {
$admin = explode(',', str_replace(' ', '', $form['email']));
}
$mail->From = $admin_email;
$mail->Sender = $admin_email;
$mail->Mailer = 'mail';
$mail->Subject = !empty($form['name']) ? $form['name'] : 'Письмо из раздела "' . $page->content['name'] . '"';
// Аттач файлов
$index = array();
foreach ($elements as $k => $v) {
if ($v['type'] == 'file') {
$index[] = $k;
}
}
if (isset($_FILES['fld'])) {
$from = 'files/';
foreach ($index as $ind) {
if (!empty($_FILES['fld']['name'][$ind])) {
$filename = $from . $_FILES['fld']['name'][$ind];
@move_uploaded_file($_FILES['fld']['tmp_name'][$ind], $filename);
chmod($filename, 0664);
$mail->AddAttachment($filename);
}
}
}
$body = '';
$text_body = '';
foreach ($rows as $key => $val) {
if ($val['type'] == 'captcha') {
continue;
}
$_key = !empty($val['db_field']) ? $val['db_field'] : $key;
$value_text = '';
if (in_array($elements[$_key]['type'], array('radio', 'select'))) {
$value_text = $elements[$_key]['options'][$_POST['fld'][$_key][0]];
} elseif ($elements[$_key]['type'] == 'checkbox') {
$ar = array();
foreach ($_POST['fld'][$_key] as $k => $v) {
$ar[] = $elements[$_key]['options'][$v];
}
$value_text = implode(', ', $ar);
} else {
$value_text = $_POST['fld'][$_key];
}
$body .= $val['text'] . ': ' . $value_text . '<br>';
$text_body .= $val['text'] . ': ' . $value_text . "\r\n";
}
$mail->Body = $body;
$mail->AltBody = $text_body;
foreach ($admin as $k => $v) {
$mail->AddAddress($v);
}
$res = $mail->Send();
if (isset($_FILES['fld'])) {
foreach ($index as $ind) {
@unlink($_FILES['fld'][$ind]['name']);
}
}
if (!$res) {
redirect($page->content['href'] . '?msg=msg_not_send_email');
}
if (!empty($form['db_table'])) {
// Надо записать в БД
foreach ($_POST['fld'] as $k => $v) {
if (!empty($elements[$k]['db_field'])) {
$fields[] = $k;
$values[] = h($v);
}
}
if (!empty($fields)) {
$sql = 'INSERT INTO `' . $form['db_table'] . '` (`' . implode('`,`', $fields) . '`) VALUES ("' . implode('","', $values) . '")';
sql_query($sql);
$err = sql_getError();
if (empty($err)) {
redirect($page->content['href'] . '?msg=msg_send_email');
} else {
redirect($page->content['href'] . '?msg=msg_fail');
}
}
}
redirect($page->content['href'] . '?msg=msg_send_email');
}
$page->tpl->assign(array('fdata' => $ret));
return array('text' => $page->tpl->fetch('form.html'));
}
function EditClearCTR()
{
$ids = get('id', array(), 'p');
if (!$ids) {
return "<script>alert('" . $this->str('e_no_items') . "');</script>";
}
$res = sql_query('UPDATE ' . $this->table . ' SET views=0, clicks=0 WHERE id IN (' . join(',', $ids) . ')');
if (sql_getError()) {
return $this->Error(sql_getError());
}
touch_cache($this->table);
return "<script>alert('" . $this->str('ctr_cleared') . "');window.parent.location.reload();</script>";
}
function SaveOrder($cart)
{
foreach ($cart['ids'] as $key => $val) {
if (strpos($key, '_')) {
$t = explode('_', $key);
$product_id = $t[0];
$num = $t[1];
} else {
$product_id = $key;
}
if ($val['quantity'] > 0) {
if (sql_getValue("SELECT order_id FROM cart WHERE order_id=" . $cart['order_id'] . " AND product_id=" . $product_id . (isset($num) ? " AND num=" . $num : ""))) {
$res = sql_query("UPDATE cart SET quantity=" . $val['quantity'] . ", price=" . $val['price'] . ", customer_price=" . $val['customer_price'] . " WHERE order_id=" . $cart['order_id'] . " AND product_id=" . $product_id . (isset($num) ? " AND num=" . $num : ""));
} else {
$res = sql_query("INSERT INTO cart (`order_id`, `product_id`, " . (isset($num) ? " `num`, " : "") . "`quantity`, `price`, `customer_price`) VALUES ('" . $cart['order_id'] . "', '" . $product_id . "', " . (isset($num) ? " '" . $num . "'," : "") . "'" . $val['quantity'] . "', '" . $val['price'] . "', '" . $val['customer_price'] . "' )");
}
} else {
$res = sql_query("DELETE FROM cart WHERE order_id=" . $cart['order_id'] . " AND product_id=" . $product_id . (isset($num) ? " AND num=" . $num : ""));
}
if (!$res) {
return "<script>alert('" . $this->str('error') . ": " . sql_getError() . "');</script>";
}
}
// Обновляем таблицу orders
$nds = sql_getValue("SELECT value FROM strings WHERE name='NDS' LIMIT 1");
$nds_type = sql_getValue("SELECT value FROM strings WHERE name='nds_type' LIMIT 1");
if (intval($nds_type) === 0) {
$sum = $cart['all_sum'];
$total = (1 + $nds) * $cart['all_sum'];
$tax = $nds * $cart['all_sum'];
} else {
$total = $cart['all_sum'];
// $sum = $total-$nds*$cart['all_sum'];
$sum = $total / (1 + $nds);
$tax = $total - $sum;
}
$res = sql_query("UPDATE orders SET total=" . str_replace(",", ".", $total) . ",tax=" . str_replace(",", ".", $tax) . ",sum=" . str_replace(",", ".", $sum) . " WHERE id=" . $cart['order_id']);
if (!$res) {
return "<script>alert('" . $this->str('error') . ": " . sql_getError() . "');</script>";
}
// else "<script>window.location='cnt.php?page=orders&do=editform&id=".$cart['order_id']."';</script>";
}
function delObjects()
{
$clients_ids = $_POST['id'];
if (!$clients_ids) {
return "<script>alert('Ќет выбранных клиентов!');</script>";
}
$objects_ids = sql_getColumn('SELECT id FROM objects WHERE client_id IN ("' . join('", "', $clients_ids) . '")');
if (!$objects_ids) {
return "<script>alert('ќбъекты дл¤ выбранных клиентов не найдены!');</script>";
}
$sql = "DELETE FROM objects WHERE id IN ('" . join("', '", $objects_ids) . "')";
sql_query($sql);
$err = sql_getError();
if (!empty($err)) {
return "<script>alert('ќшибка: " . e($err) . "');</script>";
}
require_once 'modules/objects_func.php';
objects_deleteImages($objects_ids);
touch_cache('objects');
return "<script>alert('”спешно удалено!'); window.parent.location.reload();</script>";
}
function EditDeleteIPS()
{
$id = get('id', '');
// id клиента
if (empty($id)) {
return "<script>alert(\"" . $this->str('error') . "\"); window.parent.location.reload();</script>";
}
// Находим все ip, с которых клиент когда-либо заходил, и удаляем их из черного списка
$ips = sql_getRows("SELECT DISTINCT ip FROM stat_sessions WHERE client_id={$id} AND robot=0");
foreach ($ips as $key => $val) {
$res = sql_query("DELETE FROM stat_banlist WHERE ip='{$val}'");
if (!$res) {
return "<script>alert('" . $this->str('error') . ": " . mysql_escape_string(sql_getError()) . "'); window.parent.location.reload();</script>";
}
}
$res = sql_query("UPDATE auth_users SET ban='0' WHERE id={$id}");
if (!$res) {
return "<script>alert('" . $this->str('error') . ": " . mysql_escape_string(sql_getError()) . "'); window.parent.location.reload();</script>";
}
return "<script>alert('" . $this->str('saved') . "'); window.parent.location.reload();</script>";
}
function EditSend()
{
session_start();
@ob_end_clean();
@ob_end_clean();
set_time_limit(0);
ignore_user_abort(TRUE);
ob_implicit_flush(1);
$fld = get('fld', array(), 'p');
$content_type = get('content_type', 'html', 'p');
$use_client_selection = (int) get('use_client_selection', 0, 'p');
$subject = '=?utf-8?B?' . base64_encode($fld['subject']) . '?=';
if ($fld['mailfrom'] == 1) {
$mailfrom = sql_getValue("SELECT value FROM strings WHERE pid=1 AND name='robot_email'");
} else {
$mailfrom = sql_getValue("SELECT CONCAT(fullname, ' <', email, '>') FROM admins WHERE id=" . $fld['mailfrom']);
}
echo "\n<link rel='stylesheet' type='text/css' href='main.css'>\n<table cellpadding=0 cellspacing=2 bgcolor=white width=100% style='border: 1px solid #1C5180; color: white' background='images/xpbox/blue_bg.gif'><tr>\n\t<td bgcolor=#0F89DA nowrap><img align=absmiddle src='images/xpbox/blue_bg.gif' width=4 height=23 border=0><b>" . $this->str('message_from') . ": " . h($mailfrom) . "</b></td>\n\t<td bgcolor=#0F89DA align=right><a href='#' onclick='if(opener) opener.focus(); window.close();' HIDEFOCUS><img align=absmiddle src='images/icons/icon.cross.gif' width=16 height=16 hspace=4 border=0 alt='Close window'></a></td>\n</tr></table>\n\t\t";
if (empty($mailfrom)) {
return $this->SendEmailError('err_mailfrom');
}
$text = $_POST['editor'][$content_type];
if (empty($text)) {
return $this->SendEmailError('err_text');
}
# дурацкие слеши
if (get_magic_quotes_gpc()) {
$text = stripslashes($text);
}
$mailto = array();
# если это выборка из таблицы
// Берем из сессии
$client_selection = get('use_client_selection', array(), 's');
if ($use_client_selection) {
if ($client_selection) {
$clients = sql_getRows("\n\t\t\t\t\tSELECT\n\t\t\t\t\t\tc.id, c.name, c.lname, c.login\n\t\t\t\t\tFROM auth_users AS c\n\n\t\t\t\t\tWHERE\n\t\t\t\t\t\tc.subscribe=1 AND " . join(' AND ', $client_selection));
if ($clients) {
foreach ($clients as $client) {
$mailto[] = $client['name'] . ' ' . $client['lname'] . ' <' . $client['login'] . '>';
}
}
}
} else {
$mailto = preg_split("~,\\s?~", $fld['mailto']);
$mailto = array_keys(array_flip($mailto));
}
if (!$mailto || empty($mailto[0])) {
return $this->SendEmailError('err_to');
}
// Если есть выборка, то берем сообщение из БД для отписки
if ($use_client_selection) {
//nsubscribe = $this->GetRow("SELECT value FROM strings WHERE AND name='mail_unsubscribe'");
// $unsubscribe = "To unsubscribe goto URL: http://".$_SERVER['HTTP_HOST']."/client/unsubscribe/{md5_mail}";
}
# вытаскиваем все картинки из текста
$images = array();
preg_match_all("~(src|background)\\s*=\\s*(\"|')(?!java)(?!mail)(?!ftp)(?!http)([^\"'#]+)(#\\w+)?(\"|')~i", $text, $m);
if (!empty($m)) {
$images =& $m[3];
# меняем адреса картинок
foreach ($images as $key => $val) {
$names = explode('/', $val);
$name = end($names);
$text = str_replace($val, 'cid:' . $name, $text);
$images[$key] = substr($val, strlen(FILES_URL));
}
}
# записываем письмо в отправленные
$sent_email = array('user_id' => $fld['mailfrom'], 'subject' => $fld['subject'], 'body' => $text, 'content_type' => $content_type);
$this->table = 'email_sent';
$email_id = sql_insert($this->table, $sent_email);
if (sql_getError()) {
return $this->SendEmailError('err_log');
}
# вывод результатов отправки
echo "\n<table cellpadding=2 cellspacing=2 bgcolor=white width=100%><tr><td bgcolor=#E5E5E5 style='border: 1px solid #C7C7C7' class=mbox>\n\t<table cellpadding=0 cellspacing=0 border=0><tr>\n\t\t<td><b>0%</b></td>\n\t\t<td width=100%><img id=graf src='images/stat/graf.gif' width=0 height=20 hspace=10></td>\n\t\t<td align=right><b>100%</b></td>\n\t</tr></table>\n</td></tr></table>\n\t\t";
echo "\n<table cellpadding=2 cellspacing=2 bgcolor=white width=100%><tr>\n\t<td bgcolor=#E5E5E5 style='border: 1px solid #C7C7C7' class=mbox width=50%><b>" . $this->str('email_to') . "</b></td>\n\t<td bgcolor=#E5E5E5 style='border: 1px solid #C7C7C7' class=mbox width=50% align=right><b>" . $this->str('result') . "</b></td></td>\n</tr></table>\n\t\t";
flush();
$count = 0;
$mailto_count = count($mailto);
foreach ($mailto as $key => $val) {
$graph = round(($key + 1) / $mailto_count * 100);
preg_match("~([\\w\\-.]+@[\\w\\-.]+)?([^<]*)<?([\\w\\-.]+@[\\w\\-.]+)?>?~", $val, $m);
if (isset($m[3]) && $m[3]) {
$email_to = $m[3];
$email_name = $m[2];
$to = '"=?utf-8?B?' . base64_encode($email_name) . '?=" <' . $email_to . '>';
} elseif (isset($m[1]) && $m[1]) {
$email_to = $m[1];
$email_name = substr($m[1], 0, strpos($m[1], '@'));
$to = $email_to;
} else {
$this->SendEmailResults($val, 'err_to', $graph);
continue;
}
# записываем лог отправки
$client_id = sql_getValue("SELECT id FROM auth_users WHERE login='******'");
if ($client_id) {
$this->table = 'email_log';
$email_log = array('email_id' => $email_id, 'client_id' => $client_id);
sql_insert($this->table, $email_log);
if (sql_getError()) {
$this->SendEmailResults($val, 'err_log');
}
} else {
$this->SendEmailResults($val, 'err_log');
}
// данные для парсинга письма
$data = array('{name}' => trim($email_name), '{email}' => $email_to, '{md5_mail}' => md5('unsubscribe' . $email_to));
// Добавляем строчку для отписки
/* if ($use_client_selection) {
$unsubscribe_text = empty($unsubscribe['text_'.$lang[$key]]) ?
$unsubscribe['text_en'] :
$unsubscribe['text_'.$lang[$key]];
$unsubscribe_text =
($content_type=='html' ? "\n\n<br><br>" : "\n\n")
.$unsubscribe_text;
}
else
*/
$unsubscribe_text = '';
// парсинг письма
$body = str_replace(array_keys($data), array_values($data), $text . $unsubscribe_text);
// отправка
$res = SendMail($mailfrom, $to, $subject, strip_tags($body), $content_type == 'html' ? $body : '', 'utf-8', $fld['attach'], $images);
if ($res) {
$count++;
$this->SendEmailResults($val, '', $graph);
} else {
$this->SendEmailResults($val, 'err_send', $graph);
}
if ($mailto_count - $key > 1) {
sleep($this->emailing_sleep);
}
}
// Обнуляем use_client_selection чтобы не отправили два раза
$_SESSION['use_client_selection'] = '';
session_write_close();
echo "\n<table cellpadding=0 cellspacing=2 bgcolor=white width=100% style='border: 1px solid #1C5180; color: white' background='images/xpbox/blue_bg.gif'><tr>\n\t<td bgcolor=#0F89DA nowrap><img align=absmiddle src='images/xpbox/blue_bg.gif' width=4 height=23 border=0><b>" . sprintf($this->str('sending_finished'), $count) . "</b></td>\n\t<td bgcolor=#0F89DA align=right><a href='#' onclick='if(opener) opener.focus(); window.close();' HIDEFOCUS><img align=absmiddle src='images/icons/icon.cross.gif' width=16 height=16 hspace=4 border=0 alt='" . $this->str('close_window') . "'></a></td>\n</tr></table>\n\t\t";
return "<script>window.opener.disable_submit = 0;</script>";
}
function doAdd()
{
if (@$_POST['fld']['pass1'] or @$_POST['fld']['pass2']) {
if ($_POST['fld']['pass1'] == $_POST['fld']['pass2'] and ($_POST['fld']['pass1'] != '' and $_POST['fld']['pass2'] != '')) {
$_POST['fld']['pass'] = md5($_POST['fld']['pass1']);
} else {
return "<script>alert('" . $this->str('passwords_neq') . "');</script>";
}
}
unset($_POST['fld']['pass1']);
unset($_POST['fld']['pass2']);
$str = '`reg_date`,';
$str2 = 'now(),';
$delim = ' , ';
$_POST['fld']['password'] = $_POST['fld']['pass'];
unset($_POST['fld']['pass']);
foreach ($_POST['fld'] as $k => $v) {
if (end($_POST['fld']) === $v) {
$delim = "";
}
$str .= "`" . $k . "`" . $delim;
$str2 .= "'" . $v . "'" . $delim;
}
$res = sql_query("INSERT INTO " . $this->table . " (" . $str . ") VALUES(" . $str2 . ")");
$err = sql_getError();
$client_id = sql_getLastId();
if (!$client_id) {
return "<script>alert('" . $this->str('error') . ": " . e($err) . "');</script>";
}
$def_id = sql_getValue("SELECT id FROM auth_groups ORDER BY priority DESC");
$res = sql_query("INSERT INTO auth_users_groups (`user_id`,`group_id`) VALUES('" . $client_id . "','" . $def_id . "')");
return "<script>alert('" . $this->str('saved') . "'); window.top.opener.location.reload(); window.top.location.href = 'crm.php?page=" . $this->name . "&do=showclientinfo&client_id=" . $client_id . "';</script>";
}
/**
* Приостановка публикации объявлений
*
*/
function stopItem($rows)
{
$page =& Registry::get('TPage');
$auth_obj =& Registry::get('TUserAuth');
$client_id = $auth_obj->getCurrentUserId();
sql_query('UPDATE auth_users SET stop=1 WHERE id=' . $client_id);
$err = sql_getError();
if (empty($err)) {
redirect($page->content['href'] . '?msg=cabinet_success_stop');
}
redirect($page->content['href'] . '?msg=msg_fail');
}
function GetTable()
{
global $limit;
$offset = (int) get('offset');
$limit = (int) get('limit', $this->Param('limit', $limit));
$reklams = sql_getRows("SELECT * FROM stat_reklama");
if (empty($reklams)) {
$ret['tip']['text'] = "Рекламные кампании не созданы. Для того чтобы создать рекламную кампанию, нажмите кнопку \"Настройка рекламных кампаний\".";
return $ret;
}
foreach ($reklams as $key => $reklama) {
if (!$reklama['click_count']) {
$reklama['click_count'] = 0;
}
if (!$reklama['displays_count']) {
$reklama['displays_count'] = 0;
}
if (!$reklama['displays_count']) {
$reklama['displays_count'] = 0;
}
if (!$reklama['budget']) {
$reklama['budget'] = 0;
}
$identifiers = explode(',', $reklama['identifiers']);
foreach ($identifiers as $k => $v) {
$identifiers[$k] = trim($v);
}
$identifiers_state = "";
if (!empty($identifiers)) {
$identifiers_state = " AND (";
foreach ($identifiers as $k => $v) {
$identifiers_state .= " page.uri LIKE '%from=" . $v . "'" . ($k < count($identifiers) - 1 ? " OR" : "");
}
$identifiers_state .= ") ";
}
// определяем дату начала рекламной кампании по первому вхождению
if ($reklama['start_date'] == '0000-00-00 00:00:00') {
$reklama['start_date'] = sql_getValue("SELECT min( time )\n \tFROM " . STAT_SESSIONS_TABLE . " as s LEFT JOIN stat_pages AS page ON page.id = s.first_page\n\t\t\t\tWHERE 1 " . $identifiers_state);
if (!$reklama['start_date']) {
$reklama['start_date'] = sql_getValue("SELECT min( time ) FROM " . STAT_SESSIONS_TABLE);
}
} else {
$reklama['start_date'] = strtotime($reklama['start_date']);
}
if ($reklama['end_date'] == '0000-00-00 00:00:00') {
$reklama['end_date'] = sql_getValue("SELECT max( time )\n \tFROM " . STAT_SESSIONS_TABLE . " as s LEFT JOIN stat_pages AS page ON page.id = s.first_page\n\t\t\t\tWHERE 1 " . $identifiers_state);
if (!$reklama['end_date']) {
$reklama['end_date'] = sql_getValue("SELECT max( time ) FROM " . STAT_SESSIONS_TABLE);
}
} else {
$reklama['end_date'] = strtotime($reklama['end_date']);
}
$date_state = "";
if ($reklama['start_date']) {
$date_state .= " AND sess.time>=" . $reklama['start_date'];
}
if ($reklama['end_date']) {
$date_state .= " AND sess.time<=" . $reklama['end_date'];
}
// Временные таблицы
// Выборка из stat_sessions за время кампании
$tmp_table = "`tmp_reklama`";
$sql = "DROP TABLE IF EXISTS " . $tmp_table;
sql_query($sql);
$sql = "CREATE TEMPORARY TABLE " . $tmp_table . " (\n \t\t\tPRIMARY KEY (`sess_id`),\n \t\t\tKEY `ip` (`ip`,`agent_id`),\n \t\t\tKEY `time` (`time`,`robot`),\n \t\t\tKEY `first_page` (`first_page`)\n\t\t\t) SELECT * FROM " . STAT_SESSIONS_TABLE . " AS sess WHERE sess.robot=0 " . $date_state;
$res = sql_query($sql);
if (sql_getErrNo()) {
$flag = sql_getError();
break;
}
// Выборка из stat_sessions за время кампании при условии $identifiers_state
$tmp_table_ident = "`tmp_reklama_ident`";
$sql = "DROP TABLE IF EXISTS " . $tmp_table_ident;
sql_query($sql);
$sql = "CREATE TEMPORARY TABLE " . $tmp_table_ident . " (\n \t\t\tPRIMARY KEY (`sess_id`),\n \t\t\tKEY `ip` (`ip`,`agent_id`),\n \t\t\tKEY `time` (`time`,`robot`),\n \t\t\tKEY `first_page` (`first_page`)\n\t\t\t) SELECT * FROM " . STAT_SESSIONS_TABLE . " AS sess, " . STAT_PAGES_TABLE . " as page \n\t\t\tWHERE sess.first_page=page.id AND sess.robot=0 " . $date_state . $identifiers_state;
$res = sql_query($sql);
if (sql_getErrNo()) {
$flag = sql_getError();
break;
}
$cnt = sql_getRow("SELECT COUNT(*) AS cnt, COUNT(DISTINCT(sess.ip)) as cnt_ip FROM " . $tmp_table . " AS sess");
// Общее число посетителей
$all_count = (int) $cnt['cnt'];
// Общее число ip адресов
$all_ip_count = (int) $cnt['cnt_ip'];
// Кол-во посетителей, просмотревших более 1 страницы
$sql = "SELECT COUNT(DISTINCT(sess.sess_id)) FROM " . $tmp_table_ident . " AS sess,\n " . STAT_PAGES_TABLE . " AS page WHERE page.id=sess.first_page\n AND sess.path!='' AND LENGTH(sess.path)-LENGTH(REPLACE(sess.path,' ',''))+1 > 1 ";
$count_pages[1] = (int) sql_getValue($sql);
// Кол-во посетителей, просмотревших более 2 страниц
$sql = "SELECT COUNT(DISTINCT(sess.sess_id)) FROM " . $tmp_table_ident . " AS sess,\n " . STAT_PAGES_TABLE . " AS page WHERE page.id=sess.first_page\n AND sess.path!='' AND LENGTH(sess.path)-LENGTH(REPLACE(sess.path,' ',''))+1 > 2 ";
$count_pages[2] = (int) sql_getValue($sql);
// Выбираем поля
$select = array();
############################################################################################
// название кампании
$select[] = "'" . $reklama['name'] . "' AS campaign";
// дата начала кампании
$select[] = "FROM_UNIXTIME(" . $reklama['start_date'] . ", '%d.%m.%Y') AS start_date";
// дата окончания кампании
$select[] = "FROM_UNIXTIME(" . $reklama['end_date'] . ", '%d.%m.%Y') AS end_date";
// бюждет кампании
$select[] = "'" . $reklama['budget'] . "' AS budget";
// кол-во показов
$select[] = "'" . $reklama['displays_count'] . "' AS displays_count";
// Общее число посетителей
$select[] = "'" . $all_count . "' AS all_count";
// количество рекламных посетителей
$select[] = "CONCAT(COUNT(DISTINCT(sess.sess_id)), ' <span style=\"font-size: 85%\">(', '" . $reklama['click_count'] . "',')</span>') AS involved_visitors_fact";
// доля рекламы в посещаемости
$select[] = "CONCAT(IF(" . $all_count . "!=0,COUNT(DISTINCT(sess.sess_id))/" . $all_count . ",0)*100,'%') AS reklama_to_attendance";
// ip адресов
$select[] = "CONCAT(COUNT(DISTINCT(sess.ip)), ' <span style=\"font-size: 85%\">(', IF(" . $all_ip_count . "!=0,COUNT(DISTINCT(sess.ip))/" . $all_ip_count . ",0)*100, '%)</span>') AS ip_count_share";
// события
if ($this->events) {
foreach ($this->events as $k => $event) {
// Временная таблица
$tmp_table_event = "`tmp_reklama_event`";
$sql = "DROP TABLE IF EXISTS " . $tmp_table_event;
getSql($sql);
$sql = "CREATE TEMPORARY TABLE " . $tmp_table_event . " (\n\t\t\t\t\tPRIMARY KEY (`id`),\n \t\t\t\t\tKEY `host_uri` (`host`,`uri`)\n\t\t\t\t\t) SELECT * FROM " . STAT_PAGES_TABLE . " AS page \n\t\t\t\t\tWHERE page.uri LIKE '" . str_replace("*", "%", $event['url']) . "'";
$res = getSql($sql);
if (sql_getErrNo()) {
$flag = sql_getError();
break;
}
$sql = "SELECT COUNT(DISTINCT(sess.sess_id)) AS count\n FROM " . STAT_LOG_TABLE . " AS sess,\n " . $tmp_table_event . " AS page\n WHERE sess.page_id=page.id " . $date_state;
$all_event_count = (int) sql_getValue($sql);
// Кол-во событий за время рекламной кампании
$identifiers_state2 = str_replace('page.uri', 'page2.uri', $identifiers_state);
$sql = "SELECT COUNT(DISTINCT(sess.sess_id)) AS count FROM " . $tmp_table_ident . " AS sess,\n " . STAT_LOG_TABLE . " AS log,\n " . STAT_PAGES_TABLE . " AS page2,\n " . STAT_PAGES_TABLE . " AS page\n WHERE sess.sess_id=log.sess_id AND log.page_id=page2.id AND sess.first_page=page.id\n AND page2.uri LIKE '" . str_replace("*", "%", $event['url']) . "'";
$event_count[$k] = (int) sql_getValue($sql);
// Кол-во событий по клику
$select[] = "CONCAT('" . $event_count[$k] . "', ' <span style=\"font-size: 85%\">(', IF(" . $all_event_count . "!=0," . $event_count[$k] . "/" . $all_event_count . ",0)*100, '%)</span>') AS event_" . $k . "_share";
}
}
$select[] = "' ' as line1";
############################################################################################
// CTR
$select[] = "CONCAT(IF(" . $reklama['displays_count'] . "!=0,COUNT(page.uri)/" . $reklama['displays_count'] . ",0)*100, '% <span style=\"font-size: 85%\">(', IF(" . $reklama['displays_count'] . "!=0," . $reklama['click_count'] . "/" . $reklama['displays_count'] . ",0)*100, '%</span>)') AS CTR_fact";
// ip адреса
$select[] = "CONCAT(IF(COUNT(DISTINCT(sess.sess_id))!=0,COUNT(DISTINCT(sess.ip))/COUNT(DISTINCT(sess.sess_id)),0)*100, '% / ', IF(" . $reklama['displays_count'] . "!=0,COUNT(DISTINCT(sess.ip))/" . $reklama['displays_count'] . ",0)*100, '%') AS client_ip_slash";
// качество просмотра (просмотревшие более 1 страницы)
$select[] = "CONCAT('" . $count_pages[1] . "', ' / ', IF(COUNT(DISTINCT(sess.sess_id))!=0," . $count_pages[1] . "/COUNT(DISTINCT(sess.sess_id)),0)*100, '% / ', IF(" . $reklama['displays_count'] . "!=0," . $count_pages[1] . "/" . $reklama['displays_count'] . ",0)*100, '%') AS client_1_slash";
// качество просмотра (просмотревшие более 2 страниц)
$select[] = "CONCAT('" . $count_pages[2] . "', ' / ', IF(COUNT(DISTINCT(sess.sess_id))!=0," . $count_pages[2] . "/COUNT(DISTINCT(sess.sess_id)),0)*100, '% / ', IF(" . $reklama['displays_count'] . "!=0," . $count_pages[2] . "/" . $reklama['displays_count'] . ",0)*100, '%') AS client_2_slash";
// события
if ($this->events) {
foreach ($this->events as $k => $event) {
$select[] = "CONCAT('" . $event_count[$k] . "', ' / ', IF(COUNT(DISTINCT(sess.sess_id))!=0," . $event_count[$k] . "/COUNT(DISTINCT(sess.sess_id)),0)*100, '% / ', IF(" . $reklama['displays_count'] . "!=0," . $event_count[$k] . "/" . $reklama['displays_count'] . ",0)*100, '%') AS event_" . $k . "_slash";
}
}
$select[] = "' ' as line2";
############################################################################################
// стоимость 1000 показов
$select[] = "ROUND(IF(" . $reklama['displays_count'] . "!=0," . $reklama['budget'] . "/" . $reklama['displays_count'] . ",0)*1000,2) AS display_1000_cost";
// стоимость клика
$select[] = "CONCAT(ROUND(IF(COUNT(DISTINCT(sess.sess_id))!=0," . $reklama['budget'] . "/COUNT(DISTINCT(sess.sess_id)), 0),2), ' <span style=\"font-size: 85%\">(', ROUND(IF(" . $reklama['click_count'] . "!=0," . $reklama['budget'] . "/" . $reklama['click_count'] . ", 0),2) ,'</span>)') AS click_cost";
// стоимость IP адреса
$select[] = "ROUND(IF(COUNT(DISTINCT(sess.ip))!=0," . $reklama['budget'] . "/COUNT(DISTINCT(sess.ip)),0),2) AS ip_cost";
// стоимость 2+
$select[] = "ROUND(IF(" . $count_pages[1] . "!=0," . $reklama['budget'] . "/" . $count_pages[1] . ",0),2) AS client_1_cost";
// стоимость 3+
$select[] = "ROUND(IF(" . $count_pages[2] . "!=0," . $reklama['budget'] . "/" . $count_pages[2] . ",0),2) AS client_2_cost";
// события
if ($this->events) {
foreach ($this->events as $k => $event) {
$select[] = "ROUND(IF(" . $event_count[$k] . "!=0," . $reklama['budget'] . "/" . $event_count[$k] . ",0),2) AS event_" . $k . "_cost";
}
}
############################################################################################
$sql = "SELECT " . implode(", ", $select) . "\n FROM " . $tmp_table_ident . " AS sess,\n " . STAT_PAGES_TABLE . " AS page WHERE page.id=sess.first_page";
$data[$key] = sql_getRow($sql);
}
/* $num = count($data);
if ($num > 0) {
$num_concat_share = array();
$num_concat_slash = array();
foreach ($data as $k=>$v) {
if ($k == $num) break;
$data[$k]['start_date'] = date('Y/m/d', $data[$k]['start_date']);
$data[$k]['end_date'] = date('Y/m/d', $data[$k]['end_date']);
foreach ($v as $k2=>$v2) {
if ($k2 == 'line1' || $k2 == 'line2') {$data[$num][$k2] = ' '; continue;}
if (strpos($k2,'_slash')!==false) {
$n = sscanf($v2, '%f/%f/%f/%f');
foreach ($n as $mm=>$nn) {
if (isset($nn)) $num_concat_slash[$num][$k2][$mm] += $nn;
}
$data[$num][$k2] = "";
} elseif (strpos($k2,'_share')!==false) {
$a = str_replace("%", "***", $v2);
list($n1, $n2) = sscanf($a, '%f <span style="font-size: 85***">(%f***)</span>');
$num_concat_share[$num][$k2][0] += $n1;
$num_concat_share[$num][$k2][1] += $n2;
$data[$num][$k2] = $num_concat_share[$num][$k2][0]." (".$num_concat_share[$num][$k2][1]."%)";
} elseif (strpos($k2,'_fact')!==false) {
$a = str_replace("%", "***", $v2);
list($n1, $n2) = sscanf($a, '%f <span style="font-size: 85***">(%f)</span>');
$num_concat_share[$num][$k2][0] += $n1;
$num_concat_share[$num][$k2][1] += $n2;
$data[$num][$k2] = $num_concat_share[$num][$k2][0]." (".$num_concat_share[$num][$k2][1].")";
} else $data[$num][$k2] += $v2;
}
}
foreach ($num_concat_slash[$num] as $key=>$val) {
foreach ($val as $k=>$v) {
$data[$num][$key] .= $v.($k<count($val)-1 ? '/':'');
}
}
$data[$num]['campaign'] = $this->str('total');
$data[$num]['start_date'] = "";
$data[$num]['end_date'] = "";
foreach ($data[$num] as $k2=>$v2)
$data[$num][$k2] = '<span style="font-size: 85%; font-weight: bold;">'.$data[$num][$k2].'</span>';
}
*/
$keys = end($data);
foreach ($keys as $k => $v) {
$temp = explode('_', $k);
if ($temp[0] == 'event' && $temp[2] == 'share') {
$keys[$k] = $this->events[$temp[1]]['name'] . (lang() == 'ru' ? ": кол-во <span style=\"font-size: 85%\">(доля от общего)</span>" : ": quantity (share)");
} else {
if ($temp[0] == 'event' && $temp[2] == 'slash') {
$keys[$k] = $this->events[$temp[1]]['name'] . (lang() == 'ru' ? " (кол-во / % от кликов / % от показов)" : " (quantity / % from click / % from displays)");
} else {
if ($temp[0] == 'event' && $temp[2] == 'cost') {
$keys[$k] = (lang() == 'ru' ? "Стоимость \"" : "Cost \"") . $this->events[$temp[1]]['name'] . "\"";
} else {
$keys[$k] = $this->str($k);
}
}
}
}
array_unshift($data, $keys);
$i = 0;
foreach ($keys as $key => $val) {
foreach ($data as $k => $v) {
$data1[$i][$k] = $v[$key];
}
$i++;
}
/* $total_head = array(
'',
$this->_str('visitors'),
);
$total[] = array(
$this->str('total_period'),
(int)sql_getValue("SELECT COUNT(*) FROM ".$tmp_table),
);*/
// Main Table
foreach ($data as $k => $v) {
$id = sql_getValue("SELECT id FROM stat_reklama WHERE name='" . $v['campaign'] . "' LIMIT 1");
if ($id) {
$row = sql_getValue("SELECT identifiers FROM stat_reklama WHERE id=" . $id);
$identifiers = explode(',', $row);
foreach ($identifiers as $key => $val) {
$identifiers[$key] = trim($val);
}
if (!empty($identifiers)) {
$str = '<a href="#" onclick="window.open(\'stat.php?page=stat/stat_summary&adv[reklama]=' . implode(', ', $identifiers) . '\', \'stat\', \'width=900, height=600, resizable=1, status=1\').focus(); return false;"><img src="images/icons/icon.plus.gif" width=16 heidht=16 border=0 alt="' . $this->str('more') . '" align="absmiddle" hspace="3"></a> ' . $v['campaign'];
} else {
$str = $v['campaign'];
}
} else {
$str = $v['campaign'];
}
$columns[$k] = array('header' => $str, 'nowrap' => 1);
}
unset($data1[0]);
// Убираем первую строку с названиями кампаний (т.к. она есть в шапке таблицы)
$ret['table'] = $this->stat_table(array('columns' => $columns, 'data' => $data1, 'count' => $count, 'offset' => $offset, 'limit' => $limit));
return $ret;
}
function ExecSql($sql, $crlf = "\r\n")
{
$res = false;
if (!$this->allow(ALLOW_DELETE)) {
die($this->AD());
}
// delete is a full access
if (is_array($sql)) {
$pieces = $sql;
} else {
# define crlf
$pos = strpos($sql, ";");
if ($pos !== false && strlen($sql) > $pos + 1 && $sql[$pos + 1] == "\n") {
$crlf = "\n";
}
$sql = preg_replace("/^#.*/m", $crlf, $sql);
$pieces = explode(";" . $crlf, $sql);
}
$GLOBALS['affected_rows'] = 0;
for ($i = 0; $i < sizeof($pieces); $i++) {
$pieces[$i] = trim($pieces[$i]);
if ($pieces[$i]) {
$res = sql_query($pieces[$i]);
if ($res === FALSE) {
if (strlen($pieces[$i]) > 1024) {
$pieces[$i] = 'piece #' . $i;
}
$GLOBALS['last_sql_getError'] = "Error in query:\n" . $pieces[$i] . "\n\nmysql said:\n (" . sql_getErrNo() . ") " . sql_getError();
break;
}
}
}
return $res;
}
function ElemEdit($id, $row)
{
global $lang;
$pid = $id;
// ID страницы
$id = $row['form_id'];
// ID формы
$error = '';
sql_query('BEGIN');
if (!$id) {
//добавляем форму
if (sql_query('INSERT INTO elem_form(pid, ' . $this->getFieldName('name') . ', ' . $this->getFieldName('email') . ', db_table, visible) VALUES ("' . $pid . '","' . str_replace('"', '"', $row['name']) . '","' . $row['email'] . '","' . $row['db_table'] . '","' . (isset($row['visible']) ? $row['visible'] : 0) . '")') === true) {
$form_id = sql_getLastId();
foreach ($row['select'] as $k => $v) {
if (sql_query('INSERT INTO elem_form_elems(pid, `key`, type, ' . $this->getFieldName('text') . ', `check`, req, `show`, db_field) VALUES ("' . $form_id . '","' . $k . '","' . $v . '","' . $row['text'][$k] . '", "' . $row['check'][$k] . '", "' . $row['req'][$k] . '", "' . $row['show'][$k] . '", "' . $row['db_field'][$k] . '")') === true) {
$epid = sql_getLastId();
if ($this->isMulti($v)) {
//смотрим и заполняем массив значений
if (!empty($row['textarea'][$k])) {
$arr = array();
// Заменяем последовательность ',любой символ' на ','
$row['textarea'][$k] = ereg_replace("', +'", "','", $row['textarea'][$k]);
// Теперь разбиваем
$arr = explode("','", $row['textarea']);
$arr[0] = substr($arr[0], 1);
$arr[count($arr) - 1] = substr($arr[count($arr) - 1], 0, -1);
foreach ($arr as $value2 => $text2) {
$arr[$value2] = '(' . $epid . ',' . $value2 . ',"' . str_replace('"', '"', $text2) . '")';
}
if (sql_query('INSERT INTO elem_form_values(pid, value, ' . $this->getFieldName('text') . ') VALUES ' . implode(',', $arr)) !== true) {
$error = sql_getError();
break;
}
}
}
} else {
$error = sql_getError();
break;
}
}
} else {
$error = sql_getError();
}
} else {
// редактируем форму
$sql = 'UPDATE elem_form SET ' . $this->getFieldName('name') . '="' . str_replace('"', '"', $row['name']) . '", ' . $this->getFieldName('email') . '="' . $row['email'] . '", db_table="' . $row['db_table'] . '", visible="' . (isset($row['visible']) ? $row['visible'] : 0) . '" WHERE form_id=' . $id;
sql_query($sql);
$error = sql_getError();
if (!$error) {
foreach ($row['select'] as $k => $v) {
// Ищем, если ли такая строчка
$sql = 'SELECT * FROM elem_form_elems WHERE `pid`=' . $id . ' AND `key`=' . $k . ' AND `type`="' . $v . '"';
$_row = sql_getRow($sql);
if ($_row) {
$sql = 'UPDATE elem_form_elems SET
' . $this->getFieldName('text') . '="' . str_replace('"', '"', $row['text'][$k]) . '",
`check`="' . $row['check'][$k] . '",
`req`="' . $row['req'][$k] . '",
`show`="' . $row['show'][$k] . '",
`db_field`="' . $row['db_field'][$k] . '"
WHERE id=' . $_row['id'];
sql_query($sql);
$epid = $_row['id'];
} else {
$sql = 'INSERT INTO elem_form_elems(pid, `key`, type, ' . $this->getFieldName('text') . ', `check`, req, `show`, db_field) VALUES ("' . $id . '","' . $k . '","' . $v . '","' . str_replace('"', '"', $row['text'][$k]) . '", "' . $row['check'][$k] . '", "' . $row['req'][$k] . '", "' . $row['show'][$k] . '", "' . $row['db_field'][$k] . '")';
sql_query($sql);
$epid = sql_getLastId();
}
if (!$epid) {
break;
}
if ($this->isMulti($v)) {
//смотрим и заполняем массив значений
if (!empty($row['textarea'][$k])) {
$arr = array();
// Заменяем последовательность ',любой символ' на ','
$row['textarea'][$k] = ereg_replace("', +'", "','", $row['textarea'][$k]);
// Теперь разбиваем
$arr = explode("','", $row['textarea'][$k]);
$arr[0] = substr($arr[0], 1);
$arr[count($arr) - 1] = substr($arr[count($arr) - 1], 0, -1);
foreach ($arr as $value2 => $text2) {
$text2 = str_replace('"', '"', $text2);
$sql = 'SELECT * FROM elem_form_values WHERE pid=' . $epid . ' AND value=' . $value2;
$__row = sql_getRow($sql);
if ($__row) {
$sql = 'UPDATE elem_form_values SET ' . $this->getFieldName('text') . '="' . $text2 . '" WHERE id=' . $__row['id'];
} else {
$sql = 'INSERT INTO elem_form_values(pid, value, ' . $this->getFieldName('text') . ') VALUES (' . $epid . ',' . $value2 . ',"' . $text2 . '")';
}
sql_query($sql);
$error = sql_getError();
if ($error) {
break 2;
}
}
}
}
}
// Удалим старые данные из базы
foreach ($row['elems'] as $key => $value) {
if ($row['select'][$value['key']] != $value['type']) {
sql_query("DELETE FROM `elem_form_values` WHERE pid=" . $value['id']);
sql_query("DELETE FROM `elem_form_elems` WHERE id=" . $value['id']);
}
}
}
}
$script = 'window.top.location.reload()';
if ($error) {
sql_query('ROLLBACK');
return $error;
} else {
sql_query('COMMIT');
return 1;
}
}
function Edit()
{
$pid = $_POST['id'];
$fld = $_POST['fld'];
if (get_magic_quotes_gpc()) {
$fld['name'] = stripslashes($fld['name']);
}
$fld['name'] = e($fld['name']);
$fld['type'] = e($fld['type']);
sql_query('BEGIN');
// Обновляем вопрос
if ($pid) {
$query = 'UPDATE surveys_variants_groups SET name="' . $fld['name'] . '", type="' . $fld['type'] . '" WHERE id=' . $pid;
} else {
$query = 'INSERT INTO surveys_variants_groups (`name`,`lang`,`type`) VALUES ("' . $fld['name'] . '","' . lang() . '","' . $fld['type'] . '")';
}
sql_query($query);
if (!$pid) {
$pid = sql_getLastId();
}
$err = sql_getError();
if (!empty($err)) {
sql_query('ROLLBACK');
return '<script>alert("' . $this->str('error') . ': ' . addslashes($err) . '");</script>';
}
if (!empty($fld['answer'])) {
// Удаляем все ответы
sql_query("DELETE FROM `surveys_variants` WHERE id_group=" . $pid);
$err = sql_getError();
if (!empty($err)) {
sql_query('ROLLBACK');
return '<script>alert("' . $this->str('error') . ': ' . addslashes($err) . '");</script>';
}
// Вставляем ответы
$query = "INSERT INTO `surveys_variants` (`id`, `id_group`, `text`, `free_form`, `priority`) VALUES ";
$priority = 1;
foreach ($fld['answer'] as $key => $val) {
if (!empty($val)) {
$query .= "('" . $key . "', '" . $pid . "', '" . $val . "', '" . (isset($fld['free_form'][$key]) ? $fld['free_form'][$key] : 0) . "', '" . $priority . "'),";
}
$priority++;
}
sql_query(substr($query, 0, -1));
$err = sql_getError();
if (!empty($err)) {
sql_query('ROLLBACK');
return '<script>alert("' . $this->str('error') . ': ' . addslashes($err) . '");</script>';
}
} else {
// Вставляем один временный ответ
$sql = "INSERT INTO `surveys_variants` (`id`, `id_group`, `text`, `free_form`, `priority`) VALUES (NULL, '" . $pid . "', 'Ответ №1', '0', '1')";
sql_query($sql);
$err = sql_getError();
if (!empty($err)) {
sql_query('ROLLBACK');
return '<script>alert("' . $this->str('error') . ': ' . addslashes($err) . '");</script>';
}
}
sql_query('COMMIT');
if ($_POST['id']) {
return "<script>alert('" . $this->str('saved') . "');window.parent.top.opener.location.reload(); window.parent.location.reload();</script>";
} else {
return "<script>alert('" . $this->str('saved') . "');window.parent.top.opener.location.reload(); window.parent.parent.parent.location='ced.php?page=surveys_tmpl&do=editform&id=" . $pid . "';</script>";
}
}
function Edit()
{
$id = get('id', 0, 'p');
$apply = (int) get('apply', 0, 'p');
// конвертим дату в нужный формат для сохранения в БД
$q = explode('.', $_POST['fld']['date']);
$q = array_reverse($q);
$_POST['fld']['date'] = implode('-', $q) . ' ' . date('H:i:s');
$this->hsc($_POST['fld']['name']);
$this->hsc($_POST['fld']['description']);
// пытаемся записать изменение в БД, параметр - массив обязательных полей
$res = $this->Commit(array('date', 'name', 'description'));
// проверяем на apply
$close = !$apply ? 'window.parent.top.close();' : '';
$reload = $apply ? 'window.parent.location.reload();' : 'window.parent.top.opener.location.reload();';
// $reload = $apply ? 'window.parent.location.reload();' : 'window.parent.top.location.reload();';
$script = (!sql_getError() ? $reload : '') . $close;
// все ок
if (is_int($res)) {
return "<script>alert('" . $this->str('saved') . "'); {$script}</script>";
}
// ошибка
return $this->Error($res);
}
/**
* Обновление объекта в базе
*/
function updateObject($id, $postobject)
{
$row = $this->makeSqlObject($postobject);
$set = "";
foreach ($row as $k => $v) {
if (in_array($k, array('lot_id', 'create_time'))) {
continue;
}
$set .= "`" . $k . "`='" . mysql_escape_string($v) . "',\n";
}
$sql = "UPDATE `objects` SET " . substr($set, 0, -2) . " WHERE id='{$id}'";
sql_query($sql);
if (sql_getError()) {
sql_query('ROLLBACK');
}
if (isset($postobject['files_photo'])) {
$this->updatePhotos($id, $postobject['files_photo'], 'obj_elem_images');
}
if (isset($postobject['files_plan'])) {
$this->updatePhotos($id, $postobject['files_plan'], 'obj_elem_plans');
}
}
/**
* Перемещает раздел
* @param $src_id
* @param $trg_id
*/
function MoveTree($src_id, $trg_id)
{
$src = sql_getRow("SELECT * FROM " . $this->table . " WHERE id='" . $src_id . "'");
$trg = sql_getRow("SELECT * FROM " . $this->table . " WHERE id='" . $trg_id . "'");
# Проверяем root_id перед вставкой
$pid = $trg['id'];
$err = sql_getValue("SELECT root_id FROM tree WHERE id = " . $pid);
$err = sql_getErrNo();
if (!$err) {
//если есть поле root_id
do {
$home = sql_getRow("SELECT pid,root_id FROM tree WHERE id = " . $pid);
// если все таки не нашли то останавливаемся , когда добежали до корня
if ($pid == $home['pid']) {
$home['root_id'] = $pid;
break;
}
$pid = $home['pid'];
} while ($pid);
$src['root_id'] = $home['root_id'];
# обновляем root_id для всех вложенных
$this->repaintRoot_id($src);
}
# Обновляем src
$ret = sql_query("UPDATE " . $this->table . " SET pid=" . $trg['id'] . " WHERE id=" . $src_id);
if (!$ret) {
die('"UPDATE error: ' . addslashes(sql_getError()) . '"');
}
# Обновляем parent src next
$psrc_count = sql_getValue("SELECT COUNT(*) FROM " . $this->table . " WHERE pid=" . $src['pid'] . " AND pid<>id");
sql_query("UPDATE " . $this->table . " SET next=" . ($psrc_count ? 1 : 0) . " WHERE id=" . $src['pid']);
# Обновляем parent trg next
sql_query("UPDATE " . $this->table . " SET next=1 WHERE id=" . $trg['id']);
}
/**
* Перемещает раздел
* @param $src_id
* @param $trg_id
*/
function MoveTree($src_id, $trg_id)
{
$src = sql_getRow("SELECT * FROM " . $this->table . " WHERE id='" . $src_id . "'");
$trg = sql_getRow("SELECT * FROM " . $this->table . " WHERE id='" . $trg_id . "'");
# Обновляем src
$ret = sql_query("UPDATE " . $this->table . " SET pid=" . $trg['id'] . " WHERE id=" . $src_id);
if (!$ret) {
die('"UPDATE error: ' . addslashes(sql_getError()) . '"');
}
# Обновляем parent src next
$psrc_count = sql_getValue("SELECT COUNT(*) FROM " . $this->table . " WHERE pid=" . $src['pid'] . " AND pid<>id");
sql_query("UPDATE " . $this->table . " SET next=" . ($psrc_count ? 1 : 0) . " WHERE id=" . $src['pid']);
# Обновляем parent trg next
sql_query("UPDATE " . $this->table . " SET next=1 WHERE id=" . $trg['id']);
}
function editLoadPrice()
{
$file = $_POST['file'];
if (substr($file, 0, 5) == '@temp') {
$file = substr($file, 5);
}
$type = substr($file, strrpos($file, '.') + 1);
if ($type != 'csv') {
return "<script>alert('Расширение файла не поддерживается');</script>";
}
echo "<script>parent.stopLoad();parent.hideDownloadFrom();</script>";
flush();
$GLOBALS['gzip'] = false;
set_time_limit(0);
ob_end_clean();
if (!is_readable($file)) {
$this->eRror = "Не могу открыть файл для чтения.";
return "<script>parent.document.getElementById('error').innnerHTML = '" . $this->eRror . "';</script>";
}
require elem('csv_tools/Bs_CsvUtil.class.php');
$Bs_CsvUtil = new Bs_CsvUtil();
$data = $Bs_CsvUtil->csvFileToArray($file, ';', 'both', FALSE, FALSE, TRUE);
if (empty($data)) {
$this->eRror = "Полученный файл пуст.";
return "<script>parent.document.getElementById('error').innnerHTML = '" . $this->eRror . "';</script>";
}
foreach ($data as $i => $trow) {
if ($i == 0 && $trow[0] == 'c_id') {
continue;
}
$row['c_id'] = $trow[0];
if (empty($row['c_id'])) {
continue;
}
if (strlen($row['c_id']) < 8) {
$row['c_id'] = str_pad($row['c_id'], 8 - strlen($row['c_id']), "0", STR_PAD_LEFT);
}
$trow[1] = str_replace(array(" ", chr(160)), "", $trow[1]);
$trow[1] = str_replace(",", ".", $trow[1]);
$row['price'] = $trow[1];
$trow[2] = str_replace(array(" ", chr(160)), "", $trow[2]);
$trow[2] = str_replace(",", ".", $trow[2]);
$row['old_price'] = $trow[2];
// Если в базе нет строки с данным c_id, то выдаем ошибку
$_id = sql_getValue('SELECT id FROM ' . $this->table . ' WHERE c_id=' . $row['c_id']);
if (!$_id) {
$this->eRror = 'Запись с c_id=' . $row['c_id'] . ' не существует в базе данных!';
} else {
$sql = 'UPDATE ' . $this->table . ' SET price = "' . $row['price'] . '", old_price = "' . $row['old_price'] . '" WHERE c_id = "' . $row['c_id'] . '"';
sql_query($sql);
$this->eRror = sql_getError();
}
if ($this->eRror) {
$this->errors[$i] = e($this->eRror);
}
echo 'Обработана строка № ' . $i . "\r\n";
flush();
}
//---------------------
$str = "<script>";
$str .= "parent.document.getElementById('error').innerHTML = 'Загрузка завершена.<br>';";
if ($this->errors) {
$err_str = '';
foreach ($this->errors as $k => $err) {
$err_str .= 'Строка ' . $k . ': ' . $err . '<br>';
}
$str .= "parent.document.getElementById('error').innerHTML += '" . $err_str . "';";
}
$str .= "</script>";
return $str;
}
function Edit()
{
$rows = get('fld', array(), 'p');
$default = (int) get('default', 0, 'p');
if ($default) {
$rows = array('filter_ips' => '', 'ip' => serialize(array()), 'events' => serialize(array()), 'favorites' => serialize(array()));
}
$rows['ip'] = serialize($rows['ip']);
$rows['popular'] = serialize($rows['popular']);
$rows['search_ph'] = serialize($rows['search_ph']);
$rows['favorites_ip'] = serialize($rows['favorites_ip']);
if (isset($rows['events'])) {
$rows['events'] = serialize($rows['events']);
}
foreach ($rows as $key => $value) {
if ($this->getvalue('SELECT name FROM ' . STAT_SETTINGS_TABLE . ' where name="' . $key . '"') != $key) {
mysql_unbuffered_query("INSERT INTO " . STAT_SETTINGS_TABLE . " (name, value) VALUES ('" . $key . "', '" . $value . "')");
} else {
mysql_unbuffered_query("REPLACE INTO " . STAT_SETTINGS_TABLE . " (name, value) VALUES ('" . $key . "', '" . $value . "')");
}
if (sql_getError()) {
return "<script>alert('" . $this->str('error') . ": " . addslashes(sql_getError()) . "');</script>";
}
}
if ($default) {
echo "<script>window.parent.location.reload();</script>";
}
return "<script>alert('" . $this->str('saved') . "');</script>";
}
function Save($unique)
{
$fld = get('fld', array(), 'p');
$id = get('id', '', 'p');
/*
[recipient] => admin
[types] => Array
(
[email] => on
[sms] => on
)
[admins] => Array
(
[email] => Array
(
[0] => 1
[1] => 3
)
[sms] => Array
(
[0] => 2
[1] => 1
[2] => 3
)
)*/
//Проверяем уникальные поля
$query = '';
foreach ($unique as $k => $field) {
if (!empty($fld[$field])) {
$query .= " `" . $field . "`='" . $fld[$field] . "' OR";
}
}
if (!empty($query)) {
//обрезаем последний OR
$query = substr($query, 0, -2);
//запрашиваем id
$uid = sql_getValue("SELECT id FROM " . $this->table . " WHERE " . $query);
if ($uid && $id != $uid) {
return "<script>alert('" . $this->str('error_name') . "');</script>";
}
}
// добавляем новую запись
if (!$id) {
$sql = sql_query("INSERT INTO " . $this->table . " (`name`,`description`,`comments`,`recipient`) VALUES('" . htmlspecialchars($fld['name']) . "', '" . htmlspecialchars($fld['description']) . "', '" . htmlspecialchars($fld['comments']) . "', '" . $fld['recipient'] . "')");
if (!$sql) {
trigger_error(sql_getError(), E_USER_ERROR);
} else {
$id = sql_getLastId();
}
} else {
if (is_devel()) {
$sql = sql_query("UPDATE " . $this->table . " SET name='" . htmlspecialchars($fld['name']) . "', description='" . htmlspecialchars($fld['description']) . "', comments='" . htmlspecialchars($fld['comments']) . "',recipient='" . $fld['recipient'] . "' WHERE id=" . $id);
if (!$sql) {
trigger_error(sql_getError(), E_USER_ERROR);
}
} elseif (isset($fld['description']) & !empty($fld['description'])) {
$sql = sql_query("UPDATE " . $this->table . " SET description='" . htmlspecialchars($fld['description']) . "' WHERE id=" . $id);
if (!$sql) {
trigger_error(sql_getError(), E_USER_ERROR);
}
}
}
//удаляем всех админов для данного события
$root = domainRootId();
sql_query("DELETE FROM notify_admins WHERE event=" . $id . " AND root_id=" . $root);
$types = $fld['types'];
if ($fld['recipient'] == 'admin') {
unset($fld['types']);
if (isset($fld['admins'])) {
foreach ($fld['admins'] as $plugin => $it) {
if (isset($types[$plugin])) {
foreach ($it as $k => $admin_id) {
sql_query("INSERT INTO notify_admins(`event`,`admin_id`,`type`,`root_id`) VALUES(" . $id . "," . $admin_id . ",'" . $plugin . "'," . $root . ")");
}
$fld['types'][$plugin] = 'on';
}
}
}
}
$sql = sql_query("DELETE FROM notify_compare WHERE event=" . $id);
if (!$sql) {
trigger_error(sql_getError(), E_USER_ERROR);
}
if (isset($fld['types']) & !empty($fld['types'])) {
foreach ($fld['types'] as $k => $v) {
$sql = sql_query("INSERT INTO notify_compare(`event`,`plugin`) VALUES ('" . $id . "', '" . $k . "')");
if (!$sql) {
trigger_error(sql_getError(), E_USER_ERROR);
}
}
}
return $id;
}
