public function likeAction($id)
{
$article = new Articles($this->context, $id);
if (!isset($article->ID) || $article->ID == null) {
$error = 'Статьи не существует.';
} elseif ($article->IsActive != '1') {
$error = 'Статья в черновике.';
} else {
$userid = GetUserID();
$UnknownUserGUID = GetUnknownUserGUID();
$query = "INSERT INTO ArticleLikes (UserID, ArticleID, UnknownUserGUID) " . "VALUES ({$userid}, {$article->ID}, '{$UnknownUserGUID}');";
$this->db->exec($query);
die(1);
}
die(json_encode(array('error' => $error)));
}
}
if (empty($ErrorText)) {
if (!isset($_SESSION['auth']) || empty($_SESSION['auth']['firstname'])) {
$UserName = strip_tags(POSTStrAsSQLStr('UserNameEdt'));
} else {
$UserName = $_SESSION['auth']['firstname'];
}
unset($_POST['ajax_AddCommentBtn']);
unset($_POST['UserNameEdt']);
unset($_POST['CommentEdt']);
if (isset($_SESSION['auth'])) {
$vUserID = $_SESSION['auth']['id'];
$vUnknownUserGUID = "";
} else {
$vUserID = "0";
$vUnknownUserGUID = (string) GetUnknownUserGUID();
}
$sql = "select ID " . "from CatalogComments " . "where (CatalogItemID = {$id}) " . "and (UnknownUserGUID = '{$vUnknownUserGUID}') " . "and (UserID = {$vUserID}) " . "and (Text = '{$Comment}');";
$rec = GetMainConnection()->query($sql)->fetch();
if (empty($rec['ID'])) {
$sql = "insert into CatalogComments(CatalogItemID, UserID, UnknownUserGUID, CreateDate, UserName, Text) " . "values({$id}, {$vUserID}, '{$vUnknownUserGUID}', '" . GetLocalDateTimeAsSQLStr() . "', '{$UserName}', '{$Comment}');";
GetMainConnection()->exec($sql);
} else {
$ErrorText = 'Такой отзыв уже существует.';
}
}
// Формат ответа: 1 позиция текст ошибки, 2 позиция кол-во комментов, 3-html для перезаполнения таблицы комментов
if (empty($ErrorText)) {
$sql = "select CreateDate, UserID, UserName, Text " . "from CatalogComments " . "where (CatalogItemID = {$id}) " . "and (IsDeleted = 0) " . "order by CreateDate desc;";
$Comments = GetMainConnection()->query($sql)->fetchAll();
echo '||' . count($Comments) . '||' . GetCatalogCommentsHTML($Comments);
public function contactusAction()
{
$email = Tools::getValue('email');
$name = Tools::getValue('name');
$subject = Tools::getValue('subject');
$question = Tools::getValue('question');
if (empty($name)) {
$name = $email;
}
if (Tools::isPost()) {
if (isset($_SESSION['auth'])) {
$vUserID = $_SESSION['auth']['id'];
$vUnknownUserGUID = "null";
} else {
$vUserID = "null";
$vUnknownUserGUID = "'" . (string) GetUnknownUserGUID() . "'";
}
$RecordID = DBInsertRecord($this->db, "ContactUs");
$sql = "update ContactUs " . "set StateID = 1, " . "UserID = {$vUserID}, " . "UnknownUserGUID = {$vUnknownUserGUID}, " . "CreateDate = '" . GetLocalDateTimeAsSQLStr() . "', " . "UserName = '******', " . "UserEmail = '{$email}', " . "MessageSubject = '{$subject}', " . "MessageText = '{$question}' " . "where (ID = {$RecordID});";
$this->db->exec($sql);
$content = array('title' => $subject, 'template' => 'contactus', 'data' => array('[year]' => date("Y", time()), '[name]' => $name, '[email]' => $email, '[question]' => $question, '[ticketlink]' => URL . "admincp/index.php?mod=ContactUsItem&id=" . $RecordID));
//$vSendResult = Mailer::send('*****@*****.**', $content, $subject, null, $email);
$vSendResult = SendEmailSMTP($email, $name, '*****@*****.**', $content, null, SMTP_CC);
if ($vSendResult !== true) {
return AddAlertMessage('danger', 'Ошибка при отправке письма!', '/');
} else {
return AddAlertMessage('success', 'Ваше сообщение было отправлено!', '/');
}
}
$this->view->breadcrumbs = array(array('url' => '/auth/contactus', 'title' => 'Свяжитесь с нами'));
$this->view->meta = array('meta_title' => 'Свяжитесь с нами', 'meta_description' => 'Свяжитесь с нами', 'meta_keywords' => '');
$this->view->generate();
}
<?php
try {
ini_set('display_errors', 1);
error_reporting(E_ALL & ~E_NOTICE);
session_start();
define('PATH_SITE_ROOT', __DIR__ . '/');
require_once 'config.php';
require_once 'connection.php';
require_once 'core/global.php';
InitDebugLog();
GetUnknownUserGUID();
// Создание GUID для каждого пользователя и сохранение его в cookies (для идентификации незалогинившихся пользователей)
$context = new stdClass();
$path = explode('/', GetURLPath());
if (!empty($path[1]) && strtolower($path[1]) == 'index.php') {
array_splice($path, 1, 1);
}
//AddDebugLog('Start block 1');
// Основная база данных проекта
$context->db = GetMainConnection();
//AddDebugLog('Start block 2');
// Register files
require_once DIR_CORE . 'Model.php';
require_once DIR_CORE . 'View.php';
require_once DIR_CORE . 'Controller.php';
require_once DIR_CORE . 'Tools.php';
//AddDebugLog('Start block 3');
/*if (DIR_MODELS != null && is_dir(DIR_MODELS)) {
$dir = opendir(DIR_MODELS);
public function itemAction($id = null)
{
if (empty($id)) {
return AddAlertMessage('danger', 'Организации не существует.', '/');
}
$CanSubmit = CanSubmit_CheckTokenForPreventDoubleSubmit();
$ActiveTab = "uslugi";
/*if (($CanSubmit == true) && (filter_input(INPUT_POST, 'AddCommentBtn') !== NULL)) {
$ActiveTab = "comments";
$MsgUserName = POSTStrAsSQLStr('MsgUserName');
$MsgText = POSTStrAsSQLStr('MsgText');
unset($_POST['AddCommentBtn']);
unset($_POST['MsgUserName']);
unset($_POST['MsgText']);
if (!empty($MsgUserName) && !empty($MsgText)) {
if (isset($_SESSION['auth'])) {
$vUserID = $_SESSION['auth']['id'];
$vUnknownUserGUID = "null";
} else {
$vUserID = "null";
$vUnknownUserGUID = "'".(string)GetUnknownUserGUID()."'";
}
$sql = "insert into CatalogComments(CatalogItemID, UserID, UnknownUserGUID, CreateDate, UserName, Text) ".
"values($id, $vUserID, $vUnknownUserGUID, '".GetLocalDateTimeAsSQLStr()."', '$MsgUserName', '$MsgText');";
$this->db->exec($sql);
}
}*/
if ($CanSubmit == true && filter_input(INPUT_POST, 'AddRaitingBtn') !== NULL) {
$ActiveTab = "raiting";
$Rating1 = POSTStrAsSQLStr('uslovjEdt');
$Rating2 = POSTStrAsSQLStr('personalEdt');
$Rating3 = POSTStrAsSQLStr('uvagaEdt');
unset($_POST['AddRaitingBtn']);
unset($_POST['uslovjEdt']);
unset($_POST['personalEdt']);
unset($_POST['uvagaEdt']);
if (isset($_SESSION['auth'])) {
$vUserIDForIns = $_SESSION['auth']['id'];
$vUnknownUserGUIDForIns = "null";
$vUserID = "=" . $_SESSION['auth']['id'];
$vUnknownUserGUID = "is null";
} else {
$vUserIDForIns = "null";
$vUnknownUserGUIDForIns = "'" . (string) GetUnknownUserGUID() . "'";
$vUserID = "is null";
$vUnknownUserGUID = "='" . (string) GetUnknownUserGUID() . "'";
}
$sql = "insert into CatalogRatings(CatalogItemID, UserID, UnknownUserGUID, Rating1, Rating2, Rating3) " . "select * from (select {$id} as C1, {$vUserIDForIns} as C2, {$vUnknownUserGUIDForIns} as C3, {$Rating1} as C4, {$Rating2} as C5, {$Rating3} as C6) AS tmp " . "where not exists ( " . "select ID " . "from CatalogRatings " . "where (CatalogItemID = {$id}) " . "and (UserID {$vUserID}) " . "and (UnknownUserGUID {$vUnknownUserGUID}) " . ") limit 1;";
$this->db->exec($sql);
}
$sql = "select CI.ID, CI.id_pod_cat, CI.name, L.ShortName as LocalityName, CONCAT_WS(', ', L.Name, CI.adress) as FullAddress, CI.adress, CI.foto, CI.kont_tell, " . "CI.site_url, CP.name as SubCategoryName, CI.MetaKeywords, (CI.Rating1+CI.Rating2+CI.Rating3)/3 as TotalRating, " . "CI.Rating1, CI.Rating2, CI.Rating3, CI.CountRatings, CI.uslugi, CI.MapX, CI.MapY, L.RegionName, L.LocalityName as OriginalLocalityName " . "from Catalog_item as CI " . "left outer join view_LocalitiesWithRegion as L on ((CI.LocalityID = L.ID) and (CI.RegionID = L.RegionID)) " . "left outer join Catalog_pod as CP on (CI.id_pod_cat = CP.ID) " . "where CI.ID = {$id} " . "and CI.IsDeleted = 0";
$item = $this->db->query($sql)->fetch();
$sql = "select PI.foto, CONCAT_WS(' ', PI.famil, PI.name, PI.othestvo) as Name, PP.Name as JobTitleName, PI.tell_kont, PI.rabot_graf " . "from Personal_item as PI " . "left outer join Personal_pod as PP on (PI.id_pod_cat = PP.ID) " . "where (PI.CatalogItemID = {$id}) " . "and (PI.IsDeleted = 0) " . "order by PI.famil, PI.name, PI.othestvo;";
$personal = $this->db->query($sql)->fetchAll();
$sql = "select Photo " . "from Catalog_item_images " . "where (CatalogItemID = {$id}) " . "order by ID;";
$photos = $this->db->query($sql)->fetchAll();
$sql = "select CreateDate, UserID, UserName, Text " . "from CatalogComments " . "where (CatalogItemID = {$id}) " . "and (IsDeleted = 0) " . "order by CreateDate desc;";
$comments = $this->db->query($sql)->fetchAll();
if (isset($_SESSION['auth'])) {
$vUserID = "=" . $_SESSION['auth']['id'];
$vUnknownUserGUID = "is null";
} else {
$vUserID = "is null";
$vUnknownUserGUID = "='" . (string) GetUnknownUserGUID() . "'";
}
$sql = "select ID " . "from CatalogRatings " . "where (CatalogItemID = {$id}) " . "and (UserID {$vUserID}) " . "and (UnknownUserGUID {$vUnknownUserGUID}) " . "limit 1;";
$rec = $this->db->query($sql)->fetch();
$RaitingID = $rec['ID'];
$this->view->setVars(array('id' => $id, 'item' => $item, 'personal' => $personal, 'photos' => $photos, 'comments' => $comments, 'ActiveTab' => $ActiveTab, 'RaitingID' => $RaitingID));
$this->view->breadcrumbs = array(array('url' => '/catalog/', 'title' => 'Каталог организаций'), array('url' => '/catalog/p-' . $item['id_pod_cat'], 'title' => $item['SubCategoryName']), array('url' => '/catalog/i-' . $id, 'title' => $item['name']));
$this->view->meta = array('meta_title' => 'Организация: ' . $item['name'], 'meta_description' => 'Организация: ' . $item['name'], 'meta_keywords' => $item['MetaKeywords']);
SetTokenForPreventDoubleSubmit();
$this->view->generate();
}
