function strip_gpc_slashes($input)
{
if (!get_magic_quotes_gpc() || !is_string($input) && !is_array($input)) {
return $input;
}
if (is_string($input)) {
$output = stripslashes($input);
} elseif (is_array($input)) {
$output = array();
foreach ($input as $key => $val) {
$new_key = stripslashes($key);
$new_val = strip_gpc_slashes($val);
$output[$new_key] = $new_val;
}
}
return $output;
}
public function handleInput($get, $post)
{
// todo: přidat práva
$self = basename($_SERVER['PHP_SELF']);
if (!empty($get)) {
if (array_key_exists('sqs', $get)) {
$this->sqs = $get['sqs'];
}
if (isset($get['nl'])) {
if (($nl = (int) $get['nl']) < 1) {
throw new Excenlion("Neplatná hodnota parametru \"nl\": {$nl}");
}
$this->id = $nl;
$anchor = new CurrentKiwiAnchor();
$anchor->set_key_value(KIWI_NEWSLETTERS, $this->id);
}
if (isset($get['d']) || isset($get['dd']) || isset($get['u']) || isset($get['uu'])) {
if ((int) isset($get['d']) + (int) isset($get['dd']) + (int) isset($get['u']) + (int) isset($get['uu']) != 1) {
throw new Exception("Neplatný vstup - více než jeden příkaz pro přesun položky");
}
if (!$this->productsEnabled()) {
throw new Exception("Neplatný vstup - produkty newsletterů nejsou aktivovány");
}
$dow = isset($get['d']) || isset($get['dd']);
$tot = isset($get['dd']) || isset($get['uu']);
$qv = $dow ? 'd' : 'u';
if ($tot) {
$qv .= $qv;
}
$this->loadProducts();
if (($cp = (int) $get[$qv]) < 1 || !isset($this->index[$cp])) {
throw new Exception("Neplatné ID záznamu: {$cp}");
}
$this->moveProduct($cp, $dow, $tot);
$this->loadLastChange(false);
$this->lastchange->register();
$this->lastchange = null;
$this->anchor->ID = $cp;
$qs = $this->consQS();
$this->redirection = KIWI_EDIT_NEWSLETTER . $qs . '#zmena';
}
}
if (!empty($post)) {
$xpost = strip_gpc_slashes($post);
$this->all_checked = isset($xpost['checkall']);
if (isset($xpost['check']) && is_array($xpost['check'])) {
foreach ($xpost['check'] as $value) {
if (!is_numeric($value)) {
throw new Exception("Nepovolený vstup: check[]");
}
$this->checked[$value] = true;
}
}
switch ($post['cmd']) {
case 'speichern':
$this->title = $xpost['Nazev'];
if ($this->title == '') {
throw new Exception('Název newsletteru nebyl vyplněn');
}
$this->content = $this->parseFckEditorInput($xpost['knlrfc_content']);
$this->start = $xpost['Start'];
$this->active = array_key_exists('Aktivni', $xpost) && $xpost['Aktivni'] == 'on' ? 1 : 0;
$this->saveData();
$qs = $this->consQS();
$this->redirection = $self . $qs . '#stred';
break;
case 'Artikel hinzufügen':
if ($this->productsEnabled()) {
$qs = $this->consQS();
$this->redirection = KIWI_ADD_EXISTING_PRODUCT . $qs;
}
break;
case 'entfernen':
$id_list = implode(',', $post['check']);
if ($id_list) {
$nlid = (int) $this->id;
mysql_query("DELETE FROM nlproducts WHERE NLID={$nlid} AND ID IN ({$id_list})");
$this->loadLastChange(false);
$this->lastchange->register();
}
$qs = $this->consQS();
$this->redirection = $self . $qs . '#stred';
break;
default:
throw new Exception('Neočekávaný příkaz formuláře: ' . __CLASS__);
}
}
}
public function handleInput($get, $post)
{
if (!empty($get)) {
if (array_key_exists('l', $get)) {
if ($get['l'] == 'all') {
$this->letter = null;
} else {
$ltr = strtoupper(substr($get['l'], 0, 2));
if ($ltr != 'CH') {
$ltr = substr($ltr, 0, 1);
}
$this->letter = $ltr;
}
}
if (array_key_exists('pg', $get)) {
$pg = (int) $get['pg'];
if ($pg > 0) {
$this->page = $pg;
}
}
}
if (!$this->read_only && !empty($post)) {
$this->all_checked = isset($post['checkall']);
if (isset($post['check']) && is_array($post['check'])) {
foreach ($post['check'] as $value) {
if (!is_numeric($value)) {
throw new Exception("Nepovolený vstup: check[]");
}
$this->checked[$value] = true;
}
}
switch ($post['cmd']) {
case 'speichern':
$this->saveData(strip_gpc_slashes($post));
$qs = $this->consQS();
$this->redirection = KIWI_PRODUCTS_SEO . $qs;
break;
default:
throw new Exception('Neočekávaný příkaz formuláře: ' . __CLASS__);
}
}
}
public function handleInput($get, $post)
{
$self = basename($_SERVER['PHP_SELF']);
if (!empty($get)) {
if (array_key_exists('a', $get)) {
if (($a = (int) $get['a']) < 1) {
throw new Exception("Neplatná hodnota parametru \"a\": {$a}");
}
$this->id = $a;
}
if (isset($get['ag'])) {
if (($ag = (int) $get['ag']) < 1) {
throw new Exception("Neplatná hodnota parametru \"ag\": {$ag}");
}
$this->agid = $ag;
}
if ($this->id == 0 && $this->agid == 0) {
throw new Exception("Minimálně jeden z parametrů \"a\" a \"ag\" je povinný!");
}
if (!$this->read_only && array_key_exists('rp', $get)) {
$qs = $this->constructQueryString();
$this->removeActionPicture();
$this->redirection = $self . $qs;
return;
}
}
if (!$this->read_only && !empty($post)) {
$xpost = strip_gpc_slashes($post);
switch ($post['cmd']) {
case 'speichern':
$this->title = $xpost['Nazev_akce'];
if ($this->title == '') {
throw new Exception('Název akce nebyl vyplněn');
}
$this->description = $xpost['Popis_akce'];
$this->link = $xpost['Odkaz_akce'];
$this->handleUploads();
$this->saveData();
$qs = $this->constructQueryString();
$this->redirection = $self . $qs;
break;
default:
throw new Exception('Neočekávaný příkaz formuláře: ' . __CLASS__);
}
}
}
public function handleInput($get, $post)
{
$self = basename($_SERVER['PHP_SELF']);
$qs = '';
if (!empty($get)) {
if (isset($get['ei'])) {
if (($ei = (int) $get['ei']) < 1) {
throw new Exception("Neplatné ID záznamu: {$ei}");
}
$this->id = $ei;
$qs = "?ei={$this->id}";
}
if (isset($get['sg'])) {
if (($this->parent = (int) $get['sg']) < 1) {
throw new Exception("Neplatné ID nadřazené skupiny: {$this->parent}");
}
}
if (isset($get['gp'])) {
if (($this->grouped_product = (int) $get['gp']) < 1) {
throw new Exception("Neplatné ID sdruženého produktu: {$this->grouped_product}");
}
if (!$this->id) {
throw new Exception("V případě použití parametru gp je povinný i parametr ei");
}
$qs .= '&gp=' . $this->grouped_product;
}
if (isset($get['ri']) && $this->id != 1) {
$this->removeGroupIcon();
$this->redirection = $self . $qs;
return;
}
if (isset($get['asa']) || isset($get['asd'])) {
$nas = isset($get['asa']) ? 1 : 0;
if ($nas && isset($get['asd'])) {
throw new Exception("Současná přítomnost parametrů asa a asd není přípustná");
}
$qsv = 'as' . ($nas ? 'a' : 'd');
$this->loadRecord();
if (($as = (int) $get[$qsv]) < 1 || !isset($this->index[$as])) {
throw new Exception("Neplatné ID záznamu: {$as}");
}
if ($nas && !$this->record->Active) {
throw new Exception("Pokud o nepřípustnou aktivaci záznamu: {$as}");
}
mysql_query("UPDATE prodbinds SET Active='{$nas}', LastChange=CURRENT_TIMESTAMP WHERE ID={$as}");
/*
$this->products[$this->index[$as]]->Active = $nas;
$this->products[$this->index[$as]]->LastChange = date('Y-m-d H:i', time());
*/
$this->loadLastChange(false);
$this->lastchange->register();
$this->lastchange = null;
$this->anchor->ID = $as;
$this->redirection = KIWI_EDIT_ESHOPITEM . $qs . '#zmena';
}
if (isset($get['tn'])) {
$this->loadRecord();
if (($tn = (int) $get['tn']) < 1 || !isset($this->index[$tn])) {
throw new Exception("Neplatné ID záznamu: {$tn}");
}
$prod = $this->products[$this->index[$tn]];
$ntn = !$prod->Novelty;
mysql_query("UPDATE products SET Novelty='{$ntn}', LastChange=CURRENT_TIMESTAMP WHERE ID={$prod->PID}");
mysql_query("UPDATE prodbinds SET LastChange=CURRENT_TIMESTAMP WHERE ID={$tn}");
$this->products[$this->index[$tn]]->Novelty = $ntn;
$this->products[$this->index[$tn]]->LastChange = date('Y-m-d H:i', time());
$this->loadLastChange(false);
$this->lastchange->register();
$this->lastchange = null;
$this->anchor->ID = $tn;
$this->redirection = KIWI_EDIT_ESHOPITEM . $qs . '#zmena';
}
if (isset($get['ta'])) {
$this->loadRecord();
if (($ta = (int) $get['ta']) < 1 || !isset($this->index[$ta])) {
throw new Exception("Neplatné ID záznamu: {$ta}");
}
$prod = $this->products[$this->index[$ta]];
$nta = !$prod->Action;
mysql_query("UPDATE products SET Action='{$nta}', LastChange=CURRENT_TIMESTAMP WHERE ID={$prod->PID}");
mysql_query("UPDATE prodbinds SET LastChange=CURRENT_TIMESTAMP WHERE ID={$ta}");
$this->products[$this->index[$ta]]->Action = $nta;
$this->products[$this->index[$ta]]->LastChange = date('Y-m-d H:i', time());
$this->loadLastChange(false);
$this->lastchange->register();
$this->lastchange = null;
$this->anchor->ID = $ta;
$this->redirection = KIWI_EDIT_ESHOPITEM . $qs . '#zmena';
}
if (isset($get['td'])) {
$this->loadRecord();
if (($td = (int) $get['td']) < 1 || !isset($this->index[$td])) {
throw new Exception("Neplatné ID záznamu: {$td}");
}
$prod = $this->products[$this->index[$td]];
$ntd = !$prod->Discount;
mysql_query("UPDATE products SET Discount='{$ntd}', LastChange=CURRENT_TIMESTAMP WHERE ID={$prod->PID}");
mysql_query("UPDATE prodbinds SET LastChange=CURRENT_TIMESTAMP WHERE ID={$td}");
$this->products[$this->index[$td]]->Discount = $ntd;
$this->products[$this->index[$td]]->LastChange = date('Y-m-d H:i', time());
$this->loadLastChange(false);
$this->lastchange->register();
$this->lastchange = null;
$this->anchor->ID = $td;
$this->redirection = KIWI_EDIT_ESHOPITEM . $qs . '#zmena';
}
if (isset($get['ts'])) {
$this->loadRecord();
if (($ts = (int) $get['ts']) < 1 || !isset($this->index[$ts])) {
throw new Exception("Neplatné ID záznamu: {$ts}");
}
$prod = $this->products[$this->index[$ts]];
$nts = !$prod->Sellout;
mysql_query("UPDATE products SET Sellout='{$nts}', LastChange=CURRENT_TIMESTAMP WHERE ID={$prod->PID}");
mysql_query("UPDATE prodbinds SET LastChange=CURRENT_TIMESTAMP WHERE ID={$ts}");
$this->products[$this->index[$ts]]->Sellout = $nts;
$this->products[$this->index[$ts]]->LastChange = date('Y-m-d H:i', time());
$this->loadLastChange(false);
$this->lastchange->register();
$this->lastchange = null;
$this->anchor->ID = $ts;
$this->redirection = KIWI_EDIT_ESHOPITEM . $qs . '#zmena';
}
if (isset($get['d']) || isset($get['dd']) || isset($get['u']) || isset($get['uu'])) {
if ((int) isset($get['d']) + (int) isset($get['dd']) + (int) isset($get['u']) + (int) isset($get['uu']) != 1) {
throw new Exception("Neplatný vstup - více než jeden příkaz pro přesun položky");
}
$dow = isset($get['d']) || isset($get['dd']);
$tot = isset($get['dd']) || isset($get['uu']);
$qv = $dow ? 'd' : 'u';
if ($tot) {
$qv .= $qv;
}
$this->loadRecord();
if (($cp = (int) $get[$qv]) < 1 || !isset($this->index[$cp])) {
throw new Exception("Neplatné ID záznamu: {$cp}");
}
$this->moveProduct($cp, $dow, $tot);
$this->loadLastChange(false);
$this->lastchange->register();
$this->lastchange = null;
$this->anchor->ID = $cp;
$this->redirection = KIWI_EDIT_ESHOPITEM . $qs . '#zmena';
}
} else {
throw new Exception("Chybějící ID nadřazené skupiny");
}
if (!empty($post)) {
$xpost = strip_gpc_slashes($post);
$this->all_checked = isset($xpost['checkall']);
if (isset($xpost['check']) && is_array($xpost['check'])) {
foreach ($xpost['check'] as $value) {
if (!is_numeric($value)) {
throw new Exception("Nepovolený vstup: check[]");
}
$this->checked[$value] = true;
}
}
$act = 0;
switch ($xpost['cmd']) {
case 'speichern':
$this->handleUploads();
$this->title = $xpost['Nazev'];
if ($this->title == '') {
throw new Exception('Název řady nebyl vyplněn');
}
$this->description = $xpost['Popis'];
$this->auto = array_key_exists('Auto', $xpost);
if (array_key_exists('URL_rady', $xpost)) {
$this->url = $xpost['URL_rady'];
}
if (array_key_exists('htitle_rady', $xpost)) {
$this->htitle = $xpost['htitle_rady'];
}
$ue = $this->rights === true || $this->rights['EditURLs'];
$flds = array('title', 'description', 'icon', 'flags');
if ($ue || !$this->id) {
$flds[] = 'url';
$flds[] = 'htitle';
if ($this->auto || !$this->id && !$ue) {
$this->generateURL();
$this->generateTitle();
}
}
$this->flags = (int) array_key_exists('mainmenu_flag', $xpost);
foreach ($flds as $fld) {
${$fld} = mysql_real_escape_string($this->{$fld});
}
if ($this->id) {
$ue_sql = $ue ? ", URL='{$url}', PageTitle='{$htitle}'" : '';
$icon_sql = $icon !== '' ? ", Icon='{$icon}'" : '';
mysql_query("UPDATE eshop SET Name='{$title}', Description='{$description}'{$ue_sql}{$icon_sql}, Flags={$flags}, LastChange=CURRENT_TIMESTAMP WHERE ID={$this->id}");
} else {
if ($this->parent == null) {
throw new Exception("Chybějící ID nadřazené skupiny");
}
$result = mysql_query("SELECT Count(ID) FROM eshop WHERE ID={$this->parent} AND Subgroup=1");
$row = mysql_fetch_row($result);
if ($row[0] != 1) {
throw new Exception("Neplatné ID nadřazené skupiny");
}
$result = mysql_query("SELECT MAX(Priority) FROM eshop WHERE Parent={$this->parent}");
$row = mysql_fetch_row($result);
$priority = (int) $row[0] + 1;
if ($ue) {
$ue_sql1 = ', URL, PageTitle';
$ue_sql2 = ",'{$url}', '{$htitle}'";
} else {
$ue_sql1 = $ue_sql2 = '';
}
if ($icon) {
$icon_sql1 = ', Icon';
$icon_sql2 = ",'{$icon}'";
} else {
$icon_sql1 = $icon_sql2 = '';
}
mysql_query("INSERT INTO eshop(Name, Description{$ue_sql1}{$icon_sql1}, Parent, Flags, Priority) VALUES ('{$title}', '{$description}'{$ue_sql2}{$icon_sql2}, {$this->parent}, {$flags}, {$priority})");
$this->id = mysql_insert_id();
Kiwi_EShop_Indexer::index($this->id, $this->parent);
$qs = "?ei={$this->id}";
$this->loadLastChange(false);
$this->lastchange->register();
}
$this->redirection = KIWI_EDIT_ESHOPITEM . $qs;
break;
case 'Zurück':
$this->loadRecord();
$this->redirection = $this->getBackLink();
break;
case 'aktivieren':
$act = 1;
case 'deaktivieren':
$this->loadRecord();
if ($act && !$this->record->Active) {
throw new Exception("Pokud o nepřípustnou aktivaci záznamů");
}
$id_list = implode(',', $post['check']);
if ($id_list) {
mysql_query("UPDATE prodbinds SET Active={$act}, LastChange=CURRENT_TIMESTAMP WHERE ID IN ({$id_list})");
}
$this->loadLastChange(false);
$this->lastchange->register();
$this->lastchange = null;
$this->redirection = KIWI_EDIT_ESHOPITEM . $qs;
break;
case 'neuer Artikel hinzufügen':
$this->redirection = KIWI_ADD_PRODUCT . $qs;
break;
case 'vorhandene Artikel hinzufügen':
$this->redirection = KIWI_ADD_EXISTING_PRODUCT . $qs;
break;
case 'entfernen':
$id_list = implode(',', $post['check']);
if ($id_list) {
mysql_query("DELETE FROM prodbinds WHERE ID IN ({$id_list})");
$this->loadLastChange(false);
$this->lastchange->register();
}
$this->redirection = KIWI_EDIT_ESHOPITEM . $qs;
break;
default:
throw new Exception('Neočekávaný příkaz formuláře: ' . __CLASS__);
}
}
}
public function handleInput($get, $post)
{
// todo: přidat práva
$self = basename($_SERVER['PHP_SELF']);
if (!empty($get)) {
if (array_key_exists('ei', $get)) {
if (($ei = (int) $get['ei']) < 1) {
throw new Exception("Neplatná hodnota parametru \"ei\": {$ei}");
}
$this->eshop_item = $ei;
}
if (array_key_exists('sei', $get)) {
if ($this->eshop_item) {
throw new Exception("Souběžné použití parametrů \"ei\" a \"sei\"");
}
if (($sei = (int) $get['sei']) < 1) {
throw new Exception("Neplatná hodnota parametru \"sei\": {$sei}");
}
$this->s_eshop_item = $sei;
}
if (isset($get['gp'])) {
if (($this->grouped_product = (int) $get['gp']) < 1) {
throw new Exception("Neplatné ID sdruženého produktu: {$this->grouped_product}");
}
}
if (array_key_exists('sqs', $get)) {
$this->sqs = $get['sqs'];
}
if (isset($get['p'])) {
if (($p = (int) $get['p']) < 1) {
throw new Exception("Neplatná hodnota parametru \"p\": {$p}");
}
$this->id = $p;
$anchor = new CurrentKiwiAnchor();
$anchor->set_key_value(KIWI_PRODUCTS, $this->id);
}
if (isset($get['rp'])) {
$qs = $this->consQS();
$this->removeProductPhoto();
$this->redirection = $self . $qs . '#stred';
return;
}
if (isset($get['rpe'])) {
if (($rpe = (int) $get['rpe']) < 1) {
throw new Exception("Neplatná hodnota parametru \"rpe\": {$rpe}");
}
$qs = $this->consQS();
$this->removeExtraPhoto($rpe);
$this->redirection = $self . $qs . '#stred';
return;
}
if (isset($get['rpi'])) {
if (($rpi = (int) $get['rpi']) < 1) {
throw new Exception("Neplatná hodnota parametru \"rpi\": {$rpi}");
}
$qs = $this->consQS();
$this->removeIllustrativePhoto($rpi);
$this->redirection = $self . $qs . '#stred';
return;
}
if (isset($get['rpv'])) {
$qs = $this->consQS();
if (($rpv = (int) $get['rpv']) < 1) {
throw new Exception("Neplatná hodnota parametru \"rpv\": {$rpv}");
}
$propid = $this->removePropertyValue($rpv);
$this->redirection = $self . $qs . '#prp' . $propid;
return;
}
if (isset($get['apv'])) {
$qs = $this->consQS();
if (($apv = (int) $get['apv']) < 1) {
throw new Exception("Neplatná hodnota parametru \"apv\": {$apv}");
}
$propid = $this->addPropertyValue($apv);
$this->redirection = $self . $qs . '#prp' . $propid;
return;
}
if (isset($get['anpv'])) {
$qs = $this->consQS();
$anpv = explode(':', $get['anpv'], 2);
try {
if (sizeof($anpv) != 2) {
throw new Exception();
}
$propid = $anpv[0];
if ($propid < 1) {
throw new Exception();
}
$pval = $anpv[1];
} catch (Exception $e) {
throw new Exception("Neplatná hodnota parametru \"anpv\": {$anpv}");
}
$this->addNewPropertyValue($propid, $pval);
$this->redirection = $self . $qs . '#prp' . $propid;
return;
}
if (array_key_exists('eg', $get)) {
if ($this->id == 0) {
throw new Exception('Pokus o editaci sdružených produktů s dosud nevytvořeným produktem');
}
$group = $this->acquireGroupedProductsGroup();
$this->redirection = KIWI_EDIT_ESHOPITEM . "?ei={$group}&gp={$this->id}";
return;
}
}
if (!empty($post)) {
$xpost = strip_gpc_slashes($post);
switch ($post['cmd']) {
case 'speichern':
$this->title = $xpost['Nazev_vyrobku'];
if ($this->title == '') {
throw new Exception('Název výrobku nebyl vyplněn');
}
$this->code = $xpost['Kod_vyrobku'];
$this->shortdesc = $xpost['ZkracenyPopis'];
$this->longdesc = $this->parseFckEditorInput($xpost['kprofc_ldsc']);
//$this->longdesc = $xpost['Popis'];
$this->auto = array_key_exists('Auto', $xpost);
if (array_key_exists('URL_vyrobku', $xpost)) {
$this->url = $xpost['URL_vyrobku'];
}
if (array_key_exists('htitle_vyrobku', $xpost)) {
$this->htitle = $xpost['htitle_vyrobku'];
}
$this->collection = $xpost['Kolekce'];
$this->original_cost = (double) $xpost['Puvodni_cena'];
$this->new_cost = (double) $xpost['Nova_cena'];
$this->ws_cost = (double) $xpost['VO_cena'];
$this->novelty = array_key_exists('Novinka', $xpost) && $xpost['Novinka'] == 'on' ? 1 : 0;
$this->action = array_key_exists('Akce', $xpost) && $xpost['Akce'] == 'on' ? 1 : 0;
$this->discount = array_key_exists('Sleva', $xpost) && $xpost['Sleva'] == 'on' ? 1 : 0;
$this->sellout = array_key_exists('Vyprodej', $xpost) && $xpost['Vyprodej'] == 'on' ? 1 : 0;
$this->exposed = array_key_exists('Exponovany', $xpost) && $xpost['Exponovany'] == 'on' ? 1 : 0;
$this->active = array_key_exists('Aktivni', $xpost) && $xpost['Aktivni'] == 'on' ? 1 : 0;
$this->handleUploads();
$this->saveData();
$qs = $this->consQS();
$this->redirection = $self . $qs . '#stred';
break;
case 'kopieren':
if ($this->id === 0) {
throw new Exception('Pokus kopírovat dosud nevytvořený produkt!');
}
$copy = new Kiwi_Product_Copy($this->id);
$this->redirection = $self . "?p=" . $copy->getCopyPID();
break;
default:
throw new Exception('Neočekávaný příkaz formuláře: ' . __CLASS__);
}
}
}
public function handleInput($get, $post)
{
// todo: přidat práva
$self = basename($_SERVER['PHP_SELF']);
if (!empty($get)) {
if (isset($get['o'])) {
if (($o = (int) $get['o']) < 1) {
throw new Exception("Neplatná hodnota parametru \"o\": {$o}");
}
$this->id = $o;
} else {
$this->redirection = KIWI_ORDERS;
}
}
if (!empty($post)) {
$xpost = strip_gpc_slashes($post);
switch ($post['cmd']) {
case 'speichern':
$this->loadData();
$this->handleFormData($xpost);
$this->saveData();
if ($this->data->Status != 1 && $this->formdata['Status'] == 1) {
$this->redirection = KIWI_ESHOPMAIL_FORM . "?mt=odeslano&o=" . $this->id;
} else {
$this->redirection = KIWI_ORDERS;
}
break;
default:
throw new Exception('Neočekávaný příkaz formuláře: ' . __CLASS__);
}
}
}
public function handleInput($get, $post)
{
$qs = '';
if (!empty($get)) {
if (isset($get['pp'])) {
if (($pp = (int) $get['pp']) < 1) {
throw new Exception("Neplatné ID záznamu: {$pp}");
}
$this->id = $pp;
$qs = "?pp={$this->id}";
}
if (isset($get['as'])) {
$this->loadRecord();
if (($as = (int) $get['as']) < 1 || !isset($this->index[$as])) {
throw new Exception("Neplatné ID záznamu: {$as}");
}
$nas = !$this->values[$this->index[$as]]->Active;
mysql_query("UPDATE prodpvals SET Active='{$nas}', LastChange=CURRENT_TIMESTAMP WHERE ID={$as}");
$this->values[$this->index[$as]]->Active = $nas;
$this->values[$this->index[$as]]->LastChange = date('Y-m-d H:i', time());
$this->loadLastChange(false);
$this->lastchange->register();
$this->lastchange = null;
$this->anchor->ID = $as;
$this->redirection = KIWI_EDIT_PRODUCT_PROPERTY . $qs . '#zmena';
}
if (isset($get['d']) || isset($get['dd']) || isset($get['u']) || isset($get['uu'])) {
if ((int) isset($get['d']) + (int) isset($get['dd']) + (int) isset($get['u']) + (int) isset($get['uu']) != 1) {
throw new Exception("Neplatný vstup - více než jeden příkaz pro přesun položky");
}
$dow = isset($get['d']) || isset($get['dd']);
$tot = isset($get['dd']) || isset($get['uu']);
$qv = $dow ? 'd' : 'u';
if ($tot) {
$qv .= $qv;
}
$this->loadRecord();
if (($cp = (int) $get[$qv]) < 1 || !isset($this->index[$cp])) {
throw new Exception("Neplatné ID záznamu: {$cp}");
}
$this->moveValue($cp, $dow, $tot);
$this->loadLastChange(false);
$this->lastchange->register();
$this->lastchange = null;
$this->anchor->ID = $cp;
$this->redirection = KIWI_EDIT_PRODUCT_PROPERTY . $qs . '#zmena';
}
}
if (!empty($post)) {
$this->all_checked = isset($post['checkall']);
if (isset($post['check']) && is_array($post['check'])) {
foreach ($post['check'] as $value) {
if (!is_numeric($value)) {
throw new Exception("Nepovolený vstup: check[]");
}
$this->checked[$value] = true;
}
}
$act = 0;
switch ($post['cmd']) {
case 'speichern':
$nazev = mysql_real_escape_string(strip_gpc_slashes($post['Nazev_vlastnosti']));
if ($nazev == '') {
throw new Exception('Některá z povinných položek nebyla vyplněna');
}
$typ = mysql_real_escape_string($post['Charakter_vlastnosti']);
if ($typ != 1 && $typ != 2) {
throw new Exception("Nekorektní vstup - charakter vlastnosti: {$typ}");
}
$datatyp = mysql_real_escape_string($post['DataTyp_vlastnosti']);
if ($datatyp != 1 && $datatyp != 2 && $datatyp != 3) {
throw new Exception("Nekorektní vstup - datový typ vlastnosti: {$datatyp}");
}
if ($this->id) {
mysql_query("UPDATE prodprops SET Name='{$nazev}', Type={$typ}, DataType={$datatyp}, LastChange=CURRENT_TIMESTAMP WHERE ID={$this->id}");
} else {
mysql_query("START TRANSACTION");
$result = mysql_query("SELECT MAX(Priority) FROM prodprops");
$row = mysql_fetch_row($result);
$priority = (int) $row[0] + 1;
mysql_query("INSERT INTO prodprops(Name, Type, DataType, Priority) VALUES ('{$nazev}', {$typ}, {$datatyp}, {$priority})");
$this->id = mysql_insert_id();
mysql_query("COMMIT");
$qs = "?pp={$this->id}";
$this->loadLastChange(false);
$this->lastchange->register();
}
$this->redirection = KIWI_EDIT_PRODUCT_PROPERTY . $qs;
break;
case 'aktivieren':
$act = 1;
case 'deaktivieren':
$id_list = implode(',', $post['check']);
if ($id_list) {
mysql_query("UPDATE prodpvals SET Active={$act}, LastChange=CURRENT_TIMESTAMP WHERE ID IN ({$id_list})");
}
$this->loadLastChange(false);
$this->lastchange->register();
$this->lastchange = null;
$this->redirection = KIWI_EDIT_PRODUCT_PROPERTY . $qs;
break;
case 'neuer Wert hinzufügen':
$this->redirection = KIWI_ADD_PRODUCT_PROPERTY_VALUE . $qs;
break;
case 'entfernen':
$id_list = implode(',', $post['check']);
if ($id_list) {
$this->deletePictureFiles($id_list);
$this->deleteIcons($id_list);
mysql_query("DELETE FROM prodpbinds WHERE PPVID IN ({$id_list})");
mysql_query("DELETE FROM prodpvals WHERE ID IN ({$id_list})");
$this->loadLastChange(false);
$this->lastchange->register();
}
$this->redirection = KIWI_EDIT_PRODUCT_PROPERTY . $qs;
break;
default:
throw new Exception('Neočekávaný příkaz formuláře: ' . __CLASS__);
}
}
}
function handleInput($get, $post)
{
// todo: přidat práva
$self = basename($_SERVER['PHP_SELF']);
if (!empty($get)) {
if (isset($get['ei'])) {
if (($ei = (int) $get['ei']) < 1) {
throw new Exception("Neplatná hodnota parametru \"ei\": {$ei}");
}
$this->eshop_item = $ei;
}
if (isset($get['sei'])) {
if ($this->eshop_item) {
throw new Exception("Souběžné použití parametrů \"ei\" a \"sei\"");
}
if (($sei = (int) $get['sei']) < 1) {
throw new Exception("Neplatná hodnota parametru \"sei\": {$sei}");
}
$this->s_eshop_item = $sei;
}
if (isset($get['p'])) {
if (($p = (int) $get['p']) < 1) {
throw new Exception("Neplatná hodnota parametru \"p\": {$p}");
}
$this->product_id = $p;
}
if (isset($get['pv'])) {
if (($pv = (int) $get['pv']) < 1) {
throw new Exception("Neplatná hodnota parametru \"pv\": {$pv}");
}
$this->propertyvalue_id = $pv;
}
if (isset($get['rp'])) {
$qs = $this->constructQueryString();
$this->removeProductPhoto();
$this->redirection = $self . $qs;
return;
}
}
if (!empty($post)) {
$xpost = strip_gpc_slashes($post);
switch ($post['cmd']) {
case 'speichern':
$this->handleUploads();
// handle tocost
$this->saveData();
// upravi lastchange produktu
$qs = $this->constructQueryString();
$this->redirection = $self . $qs;
break;
default:
throw new Exception('Neočekávaný příkaz formuláře: ' . __CLASS__);
}
}
}
public function handleInput($get, $post)
{
$self = basename($_SERVER['PHP_SELF']);
$qs = '';
if (!empty($get)) {
if (isset($get['mi'])) {
if (($mi = (int) $get['mi']) < 1) {
throw new Exception("Neplatné ID záznamu: {$mi}");
}
$this->id = $mi;
$qs = "?mi={$this->id}";
}
if (isset($get['sm'])) {
if (($this->parent = (int) $get['sm']) < 1) {
throw new Exception("Neplatné ID nadřazeného menu: {$this->parent}");
}
}
if (isset($get['as']) && !$this->read_only) {
$this->loadRecord();
if (($as = (int) $get['as']) < 1 || !isset($this->index[$as])) {
throw new Exception("Neplatné ID záznamu: {$as}");
}
$nas = !$this->modules[$this->index[$as]]->Active;
mysql_query("UPDATE modbinds SET Active='{$nas}', LastChange=CURRENT_TIMESTAMP WHERE ID={$as}");
// $this->modules[$this->index[$as]]->Active = $nas;
// $this->modules[$this->index[$as]]->LastChange = date('Y-m-d H:i', time());
$this->loadLastChange(false);
$this->lastchange->register();
$this->lastchange = null;
$this->redirection = $self . $qs;
}
if ((isset($get['d']) || isset($get['dd']) || isset($get['u']) || isset($get['uu'])) && !$this->read_only) {
if ((int) isset($get['d']) + (int) isset($get['dd']) + (int) isset($get['u']) + (int) isset($get['uu']) != 1) {
throw new Exception("Neplatný vstup - více než jeden příkaz pro přesun položky");
}
$dow = isset($get['d']) || isset($get['dd']);
$tot = isset($get['dd']) || isset($get['uu']);
$qv = $dow ? 'd' : 'u';
if ($tot) {
$qv .= $qv;
}
$this->loadRecord();
if (($cp = (int) $get[$qv]) < 1 || !isset($this->index[$cp])) {
throw new Exception("Neplatné ID záznamu: {$cp}");
}
$this->moveModule($cp, $dow, $tot);
$this->loadLastChange(false);
$this->lastchange->register();
$this->lastchange = null;
$this->redirection = $self . $qs;
}
} else {
throw new Exception("Chybějící ID nadřazeného menu");
}
if (!empty($post) && !$this->read_only) {
$this->all_checked = isset($post['checkall']);
if (isset($post['check']) && is_array($post['check'])) {
foreach ($post['check'] as $value) {
if (!is_numeric($value)) {
throw new Exception("Nepovolený vstup: check[]");
}
$this->checked[$value] = true;
}
}
$act = 0;
switch ($post['cmd']) {
case 'speichern':
$nazev_v_menu = mysql_real_escape_string(strip_gpc_slashes($post['Nazev_v_menu']));
$web_nazev = mysql_real_escape_string(strip_gpc_slashes($post['Web_nazev']));
if ($nazev_v_menu == '' || $web_nazev == '') {
throw new Exception('Některá z povinných položek nebyla vyplněna');
}
if ($this->id) {
mysql_query("UPDATE menuitems SET Name='{$nazev_v_menu}', WebPage='{$web_nazev}', LastChange=CURRENT_TIMESTAMP WHERE ID={$this->id}");
} else {
if ($this->parent == null) {
throw new Exception("Chybějící ID nadřazeného menu");
}
$result = mysql_query("SELECT Count(ID) FROM menuitems WHERE ID={$this->parent} AND Submenu=1");
$row = mysql_fetch_row($result);
if ($row[0] != 1) {
throw new Exception("Neplatné ID nadřazeného menu");
}
$result = mysql_query("SELECT MAX(Priority) FROM menuitems WHERE Parent={$this->parent}");
$row = mysql_fetch_row($result);
$priority = (int) $row[0] + 1;
mysql_query("INSERT INTO menuitems(Name, WebPage, Parent, Priority) VALUES ('{$nazev_v_menu}', '{$web_nazev}', {$this->parent}, {$priority})");
$this->id = mysql_insert_id();
$qs = "?mi={$this->id}";
$this->loadLastChange(false);
$this->lastchange->register();
}
$this->redirection = $self . $qs;
break;
case 'Náhled stránky':
throw new Exception('Funkce není implementována');
break;
case 'aktivieren':
$act = 1;
case 'deaktivieren':
$id_list = implode(',', $post['check']);
if ($id_list) {
mysql_query("UPDATE modbinds SET Active={$act}, LastChange=CURRENT_TIMESTAMP WHERE ID IN ({$id_list})");
}
$this->loadLastChange(false);
$this->lastchange->register();
$this->lastchange = null;
$this->redirection = $self . $qs;
break;
case 'neu Modul hinzufügen:':
$mtype = (int) $post['kmifc_modules'];
$qs .= "&t={$mtype}";
$this->redirection = KIWI_ADD_MODULE . $qs;
break;
case 'vorhandene Modul hinzufügen':
$this->redirection = KIWI_ADD_EXISTING_MODULE . $qs;
break;
case 'entfernen':
$id_list = implode(',', $post['check']);
if ($id_list) {
mysql_query("DELETE FROM modbinds WHERE ID IN ({$id_list})");
$this->loadLastChange(false);
$this->lastchange->register();
$this->redirection = $self . $qs;
}
break;
default:
throw new Exception('Neočekávaný příkaz formuláře: ' . __CLASS__);
}
}
}
public function handleInput($get, $post)
{
if (!empty($get)) {
if (isset($get['ni'])) {
if (($ni = (int) $get['ni']) < 1) {
throw new Exception("Neplatná hodnota parametru \"ni\": {$ni}");
}
$this->id = $ni;
}
if (isset($get['ng'])) {
if (($ng = (int) $get['ng']) < 1) {
throw new Exception("Neplatná hodnota parametru \"ng\": {$ng}");
}
$this->ngid = $ng;
}
if (isset($get['error'])) {
$this->error = true;
}
}
if ($this->id == 0 && $this->ngid == 0) {
throw new Exception("Minimálně jeden z parametrů \"ni\" a \"ng\" je povinný!");
}
if (!empty($post) && !$this->read_only) {
switch ($post['cmd']) {
case 'speichern':
$xpost = strip_gpc_slashes($post);
$this->name = $xpost['nazev'];
$this->author = $xpost['autor'];
$this->sample = $this->parseFckEditorInput($xpost['kni_ta1']);
$this->content = $this->parseFckEditorInput($xpost['kni_ta2']);
$this->when = $xpost['kdy'];
$this->start = $xpost['od'];
$this->end = $xpost['do'];
if ($this->name == '') {
$this->name = 'Unbenannt';
$this->error = true;
}
if (!isDateValid($this->when)) {
$this->when = date('j.n.Y');
$this->error = true;
}
if (!isDateValid($this->start)) {
$this->start = date('j.n.Y');
$this->error = true;
}
if (!isDateValid($this->end)) {
$this->end = date('j.n.Y');
$this->error = true;
}
$this->saveData();
if ($this->id) {
$qs1 = "&ni={$this->id}";
} elseif ($this->ngid) {
$qs1 = "&ng={$this->ngid}";
}
$qs2 = "?ng={$this->ngid}";
$this->redirection = $this->error ? KIWI_EDIT_NEWSITEM . "?error{$qs1}" : KIWI_NEWS . $qs2;
break;
default:
throw new Exception('Neočekávaný příkaz formuláře: ' . __CLASS__);
}
}
}
public function handleInput($get, $post)
{
$self = basename($_SERVER['PHP_SELF']);
$qs = '';
if (!empty($get)) {
if (isset($get['sm'])) {
if (($sm = (int) $get['sm']) < 1) {
throw new Exception("Neplatné ID záznamu: {$sm}");
}
$this->id = $sm;
$qs = "?sm={$sm}";
}
if (isset($get['n'])) {
$result = mysql_query("SELECT Count(ID) FROM menuitems WHERE ID={$this->id} AND Submenu=1");
if ($row = mysql_fetch_row($result)) {
if ($row[0] == 1) {
$this->new_submenu = true;
}
}
if (!$this->new_submenu) {
throw new Exception("Neplatné ID záznamu: {$this->id}");
}
}
if (isset($get['as']) && !$this->read_only) {
$this->loadRecord();
$this->loadMenuItems();
if (($as = (int) $get['as']) < 1 || !isset($this->index[$as])) {
throw new Exception("Neplatné ID záznamu: {$as}");
}
$nas = !$this->records[$this->index[$as]]->Active;
mysql_query("UPDATE menuitems SET Active='{$nas}', LastChange=CURRENT_TIMESTAMP WHERE ID={$as}");
// $this->records[$this->index[$as]]->Active = $nas;
// $this->records[$this->index[$as]]->LastChange = date('Y-m-d H:i', time());
$this->loadLastChange(false);
$this->lastchange->register();
$this->lastchange = null;
$this->redirection = $self . $qs;
}
if ((isset($get['d']) || isset($get['dd']) || isset($get['u']) || isset($get['uu'])) && !$this->read_only) {
if ((int) isset($get['d']) + (int) isset($get['dd']) + (int) isset($get['u']) + (int) isset($get['uu']) != 1) {
throw new Exception("Neplatný vstup - více než jeden příkaz pro přesun položky");
}
$dow = isset($get['d']) || isset($get['dd']);
$tot = isset($get['dd']) || isset($get['uu']);
$qv = $dow ? 'd' : 'u';
if ($tot) {
$qv .= $qv;
}
$this->loadRecord();
$this->loadMenuItems();
if (($cp = (int) $get[$qv]) < 1 || !isset($this->index[$cp])) {
throw new Exception("Neplatné ID záznamu: {$cp}");
}
$this->moveItem($cp, $dow, $tot);
$this->loadLastChange(false);
$this->lastchange->register();
$this->lastchange = null;
$this->redirection = $self . $qs;
}
}
if (!empty($post) && !$this->read_only) {
$this->all_checked = isset($post['checkall']);
if (isset($post['check']) && is_array($post['check'])) {
foreach ($post['check'] as $value) {
if (!is_numeric($value)) {
throw new Exception("Nepovolený vstup: check[]");
}
$this->checked[$value] = true;
}
}
$act = 0;
switch ($post['cmd']) {
case 'speichern':
$nazev_v_menu = mysql_real_escape_string(strip_gpc_slashes($post['Nazev_v_menu']));
if (!$this->id) {
throw new Exception("Neplatné ID záznamu: {$this->id}");
}
if (!$this->new_submenu) {
if ($this->id == 1) {
throw new Exception('Neplatná operace: editace nastavení hlavního menu');
} else {
mysql_query("UPDATE menuitems SET Name='{$nazev_v_menu}', LastChange=CURRENT_TIMESTAMP WHERE ID={$this->id}");
}
} elseif ($nazev_v_menu != '') {
$result = mysql_query("SELECT Max(Priority) FROM menuitems WHERE Parent={$this->id}");
if ($row = mysql_fetch_row($result)) {
$priority = (int) $row[0] + 1;
} else {
throw new Exception("Chyba při načítání priority položek menu");
}
mysql_query("INSERT INTO menuitems(Name, Submenu, Parent, Priority, Active) VALUES ('{$nazev_v_menu}', 1, {$this->id}, {$priority}, 1)");
$this->id = mysql_insert_id();
$qs = "?sm={$this->id}";
$this->loadLastChange(false);
$this->lastchange->register();
}
$this->redirection = $self . $qs;
break;
case 'aktivieren':
$act = 1;
case 'deaktivieren':
$id_list = implode(',', $post['check']);
if ($id_list) {
mysql_query("UPDATE menuitems SET Active={$act}, LastChange=CURRENT_TIMESTAMP WHERE ID IN ({$id_list}) AND ID > 1");
}
// ID 1 odpovídá hlavnímu menu, které nelze deaktivovat
$this->loadLastChange(false);
$this->lastchange->register();
$this->lastchange = null;
$this->redirection = $self . $qs;
break;
case 'Seite zugeben':
$this->redirection = KIWI_ADD_MENUITEM . "?sm={$this->id}";
break;
case 'Untermenü zugeben':
$this->redirection = KIWI_ADD_SUBMENU . "?sm={$this->id}&n";
break;
case 'entfernen':
if (sizeof($post['check']) > 0) {
$id_list_rec = implode(',', $this->getRecursiveIdList($post['check']));
mysql_query("DELETE FROM menuitems WHERE ID IN ({$id_list_rec}) AND ID > 1");
// ID 1 odpovídá hlavnímu menu, které nelze odstranit
mysql_query("DELETE FROM modbinds WHERE MIID IN ({$id_list_rec})");
$this->loadLastChange(false);
$this->lastchange->register();
$this->redirection = $self . $qs;
}
break;
default:
throw new Exception('Neočekávaný příkaz formuláře: ' . __CLASS__);
}
}
}
function handleInput($get, $post)
{
parent::handleInput($get, $post);
if (!empty($post) && !$this->read_only) {
switch ($post['cmd']) {
case 'speichern':
$this->name = strip_gpc_slashes($post['nazev']);
if ($this->name == '') {
throw new Exception('Název nebyl vyplněn');
}
$this->content = strip_gpc_slashes($post['km_text_ta1']);
$this->saveData();
$this->redirectLevelUp();
break;
default:
throw new Exception('Neočekávaný příkaz formuláře: ' . __CLASS__);
}
}
}
public function handleInput($get, $post)
{
parent::handleInput($get, $post);
if (!empty($post) && !$this->read_only) {
switch ($post['cmd']) {
case 'speichern':
$this->ngid = $post['skupina'];
$this->name = strip_gpc_slashes($post['nazev']);
if ($this->name == '') {
throw new Exception('Název nebyl vyplněn');
}
$this->perpage = strip_gpc_slashes($post['pocet']);
if ($this->perpage == '') {
throw new Exception('Počet novinek na stránku nebyl vyplněn');
}
if (!(ctype_digit($this->perpage) && $this->perpage > 0 && $this->perpage <= MAX_NEWS_PER_PAGE)) {
throw new Exception('Počet novinek není korektní');
}
$this->listmode = $post['listmod'];
$this->showpages = array_key_exists('stranky', $post) && $post['stranky'] == 'on';
$this->detaillink = strip_gpc_slashes($post['detaillink']);
$this->saveData();
$this->redirectLevelUp();
break;
default:
throw new Exception('Neočekávaný příkaz formuláře: ' . __CLASS__);
}
}
}
function handleInput($get, $post)
{
// todo: přidat práva
$self = basename($_SERVER['PHP_SELF']);
if (!empty($get)) {
if (isset($get['c'])) {
if (($c = (int) $get['c']) < 1) {
throw new Exception("Neplatná hodnota parametru \"c\": {$c}");
}
$this->id = $c;
} else {
$this->redirection = KIWI_CLIENTS;
}
}
if (!empty($post)) {
$xpost = strip_gpc_slashes($post);
switch ($post['cmd']) {
case 'speichern':
$this->handleFormData();
$this->saveData();
$this->redirection = KIWI_CLIENTS;
break;
default:
throw new Exception('Neočekávaný příkaz formuláře: ' . __CLASS__);
}
}
}
public function handleInput($get, $post)
{
$qsa = array();
if (!empty($get)) {
if (isset($get['pv'])) {
if (($pv = (int) $get['pv']) < 1) {
throw new Exception("Neplatné ID záznamu: {$pv}");
}
$this->id = $pv;
$qsa[] = "pv={$this->id}";
}
if (isset($get['pp'])) {
if (($pp = (int) $get['pp']) < 1) {
throw new Exception("Neplatné ID záznamu: {$pp}");
}
$this->pid = $pp;
$qsa[] = "pp={$this->pid}";
}
if ($this->id == 0 && $this->pid == 0) {
throw new Exception("Nedostatek vstupních parametrů query stringu");
}
$qs = empty($qsa) ? '' : '?' . implode('&', $qsa);
if (isset($get['ri'])) {
$this->removeIcon();
$this->redirection = KIWI_EDIT_PRODUCT_PROPERTY_VALUE . $qs;
return;
}
} else {
throw new Exception("Chybějící ID vlastnosti produktu");
}
if (!empty($post)) {
$act = 0;
switch ($post['cmd']) {
case 'speichern':
$this->handleUploads();
if ($this->pid == 0) {
throw new Exception("Chybějící ID vlastnosti produktu");
}
$value = mysql_real_escape_string(strip_gpc_slashes($post['Hodnota_vlastnosti']));
$popis = mysql_real_escape_string(strip_gpc_slashes($post['Popis_hodnoty']));
if ($value == '') {
throw new Exception('Některá z povinných položek nebyla vyplněna');
}
if ($this->icon !== null) {
$extra = mysql_real_escape_string($this->icon);
$extra_sql = array('update' => ", ExtraData='{$extra}'", 'insert' => ", '{$extra}'");
} elseif (array_key_exists('Extra_data', $post)) {
$extra = mysql_real_escape_string(strip_gpc_slashes($post['Extra_data']));
if ($extra == '') {
throw new Exception('Některá z povinných položek nebyla vyplněna');
}
if ($post['Datovy_typ'] == PT_COLOR) {
if ($this->isColorValid($extra)) {
$this->createColorImage($extra);
} else {
throw new Exception('Nekorektní zápis barvy');
}
}
$extra_sql = array('update' => ", ExtraData='{$extra}'", 'insert' => ", '{$extra}'");
} else {
$extra_sql = array('update' => '', 'insert' => ", ''");
}
if ($this->id) {
mysql_query("UPDATE prodpvals SET Value='{$value}'{$extra_sql['update']}, Description='{$popis}', LastChange=CURRENT_TIMESTAMP WHERE ID={$this->id}");
mysql_query("UPDATE prodprops SET LastChange=CURRENT_TIMESTAMP WHERE ID={$this->pid}");
} else {
mysql_query("LOCK TABLES prodpvals WRITE, prodprops WRITE");
$result = mysql_query("SELECT MAX(Priority) FROM prodpvals WHERE PID={$this->pid}");
$row = mysql_fetch_row($result);
$priority = (int) $row[0] + 1;
mysql_query("INSERT INTO prodpvals(PID, Value, ExtraData, Description, Priority) VALUES ({$this->pid}, '{$value}'{$extra_sql['insert']}, '{$popis}', {$priority})");
$this->id = mysql_insert_id();
mysql_query("UPDATE prodprops SET LastChange=CURRENT_TIMESTAMP WHERE ID={$this->pid}");
mysql_query("UNLOCK TABLES");
}
$qs = "?pp={$this->pid}";
$this->redirection = KIWI_EDIT_PRODUCT_PROPERTY . $qs;
break;
default:
throw new Exception('Neočekávaný příkaz formuláře: ' . __CLASS__);
}
}
}
public function handleInput($get, $post)
{
// todo: ohlidat prava
$self = basename($_SERVER['PHP_SELF']);
$qs = '';
if (!empty($get)) {
if (isset($get['sg'])) {
if (($sg = (int) $get['sg']) < 1) {
throw new Exception("Neplatné ID záznamu: {$sg}");
}
$this->id = $sg;
$qs = "?sg={$sg}";
}
if (isset($get['n'])) {
$result = mysql_query("SELECT Count(*) FROM eshop WHERE ID={$this->id} AND Subgroup=1");
if ($row = mysql_fetch_row($result)) {
if ($row[0] == 1) {
$this->new_subgroup = true;
}
}
if (!$this->new_subgroup) {
throw new Exception("Neplatné ID záznamu: {$this->id}");
}
}
if (isset($get['ri']) && $this->id != 1) {
$this->removeGroupIcon();
$this->redirection = $self . $qs;
return;
}
if (isset($get['asa']) || isset($get['asd'])) {
$nas = isset($get['asa']) ? 1 : 0;
if ($nas && isset($get['asd'])) {
throw new Exception("Současná přítomnost parametrů asa a asd není přípustná");
}
$qsv = 'as' . ($nas ? 'a' : 'd');
$this->loadRecord();
$this->loadEShopItems();
if (($as = (int) $get[$qsv]) < 1 || !isset($this->index[$as])) {
throw new Exception("Neplatné ID záznamu: {$as}");
}
if ($nas && !$this->record->Active) {
throw new Exception("Pokud o nepřípustnou aktivaci záznamu: {$as}");
}
$id_list_rec = implode(',', $this->getRecursiveIdList(array($as)));
$this->activateGroupsAndLines($id_list_rec, $nas);
/*
$this->records[$this->index[$as]]->Active = $nas;
$this->records[$this->index[$as]]->LastChange = date('Y-m-d H:i', time());
*/
$this->loadLastChange(false);
$this->lastchange->register();
$this->lastchange = null;
$this->anchor->ID = $as;
$this->redirection = $self . $qs . '#zmena';
}
if (isset($get['d']) || isset($get['dd']) || isset($get['u']) || isset($get['uu'])) {
if ((int) isset($get['d']) + (int) isset($get['dd']) + (int) isset($get['u']) + (int) isset($get['uu']) != 1) {
throw new Exception("Neplatný vstup - více než jeden příkaz pro přesun položky");
}
$dow = isset($get['d']) || isset($get['dd']);
$tot = isset($get['dd']) || isset($get['uu']);
$qv = $dow ? 'd' : 'u';
if ($tot) {
$qv .= $qv;
}
$this->loadRecord();
$this->loadEShopItems();
if (($cp = (int) $get[$qv]) < 1 || !isset($this->index[$cp])) {
throw new Exception("Neplatné ID záznamu: {$cp}");
}
$this->moveItem($cp, $dow, $tot);
$this->loadLastChange(false);
$this->lastchange->register();
$this->lastchange = null;
$this->anchor->ID = $cp;
$this->redirection = $self . $qs . '#zmena';
}
}
if (!empty($post)) {
$xpost = strip_gpc_slashes($post);
$this->all_checked = isset($xpost['checkall']);
if (isset($xpost['check']) && is_array($xpost['check'])) {
foreach ($xpost['check'] as $value) {
if (!is_numeric($value)) {
throw new Exception("Nepovolený vstup: check[]");
}
$this->checked[$value] = true;
}
}
$act = 0;
switch ($xpost['cmd']) {
case 'speichern':
$this->handleUploads();
$this->title = $xpost['Nazev'];
if ($this->title == '') {
throw new Exception('Název skupiny nebyl vyplněn');
}
$this->description = $xpost['Popis'];
$this->auto = array_key_exists('Auto', $xpost);
if (array_key_exists('URL_skupiny', $xpost)) {
$this->url = $xpost['URL_skupiny'];
}
if (array_key_exists('htitle_skupiny', $xpost)) {
$this->htitle = $xpost['htitle_skupiny'];
}
$ue = $this->rights === true || $this->rights['EditURLs'];
$flds = array('title', 'description', 'icon', 'flags');
if ($ue || !$this->id) {
$flds[] = 'url';
$flds[] = 'htitle';
if ($this->auto || !$this->id && !$ue) {
$this->generateURL();
$this->generateTitle();
}
}
$this->flags = array_key_exists('mainmenu_flag', $xpost) ? $this->flags | self::FLAG_FRONTMENU : $this->flags & ~self::FLAG_FRONTMENU;
foreach ($flds as $fld) {
${$fld} = mysql_real_escape_string($this->{$fld});
}
if (!$this->id) {
throw new Exception("Neplatné ID záznamu: {$this->id}");
}
if (!$this->new_subgroup) {
if ($this->id == 1) {
throw new Exception('Neplatná operace: editace nastavení hlavní skupiny');
} else {
$ue_sql = $ue ? ", URL='{$url}', PageTitle='{$htitle}'" : '';
$icon_sql = $icon !== '' ? ", Icon='{$icon}'" : '';
mysql_query("UPDATE eshop SET Name='{$title}', Description='{$description}'{$ue_sql}{$icon_sql}, Flags={$flags}, LastChange=CURRENT_TIMESTAMP WHERE ID={$this->id}");
}
} elseif ($title != '') {
$result = mysql_query("SELECT Max(Priority) FROM eshop WHERE Parent={$this->id}");
if ($row = mysql_fetch_row($result)) {
$priority = (int) $row[0] + 1;
} else {
throw new Exception("Chyba při načítání priority položek eshopu");
}
if ($ue) {
$ue_sql1 = ', URL, PageTitle';
$ue_sql2 = ",'{$url}', '{$htitle}'";
} else {
$ue_sql1 = $ue_sql2 = '';
}
if ($icon) {
$icon_sql1 = ', Icon';
$icon_sql2 = ",'{$icon}'";
} else {
$icon_sql1 = $icon_sql2 = '';
}
mysql_query("INSERT INTO eshop(Name, Description{$ue_sql1}{$icon_sql1}, Subgroup, Parent, Flags, Priority) VALUES ('{$title}', '{$description}'{$ue_sql2}{$icon_sql2}, 1, {$this->id}, {$flags}, {$priority})");
$new_id = mysql_insert_id();
Kiwi_EShop_Indexer::index($new_id, $this->id);
$qs = "?sg={$new_id}";
$this->loadLastChange(false);
$this->lastchange->register();
}
$this->redirection = $self . $qs;
break;
case 'Zurück':
$this->loadRecord();
$this->redirection = $this->getBackLink();
break;
case 'aktivieren':
$act = 1;
case 'deaktivieren':
$this->loadRecord();
if ($act && !$this->record->Active) {
throw new Exception("Pokud o nepřípustnou aktivaci záznamů");
}
$id_list_rec = implode(',', $this->getRecursiveIdList($xpost['check']));
$this->activateGroupsAndLines($id_list_rec, $act);
$this->loadLastChange(false);
$this->lastchange->register();
$this->lastchange = null;
$this->redirection = $self . $qs;
break;
case 'Serie hinzufügen':
$this->redirection = KIWI_ADD_ESHOPITEM . "?sg={$this->id}";
break;
case 'Gruppe hinzufügen':
$this->redirection = KIWI_ADD_ESHOPGROUP . "?sg={$this->id}&n";
break;
case 'entfernen':
if (sizeof($xpost['check']) > 0) {
$id_list_rec = implode(',', $this->getRecursiveIdList($xpost['check']));
$this->deleteGroupsAndLines($id_list_rec);
$this->loadLastChange(false);
$this->lastchange->register();
$this->redirection = $self . $qs;
}
break;
default:
throw new Exception('Neočekávaný příkaz formuláře: ' . __CLASS__);
}
}
}
