function show_branch()
{
switch (@$_GET['message']) {
case "branchjustadded":
$message_html = template_get("message", array('message' => "Город успешно добавлен"));
break;
default:
$message_html = template_get("nomessage");
}
$branch_id = $_GET['branch'];
$branch = db_easy("SELECT * FROM `phpbb_branches` WHERE `id`={$branch_id}");
$pointsRES = db_query("SELECT * FROM `phpbb_points` WHERE `branch_id`={$branch_id}");
if (db_count($pointsRES) > 0) {
while ($point = db_fetch($pointsRES)) {
$points_html .= "<div style='padding-bottom:5px;'><a href='/manager.php?action=show_point&point={$point['id']}'>{$point['name']}</a></div>";
}
} else {
$points_html = "-";
}
if (check_rights('add_branch')) {
$edit_branch_html = "<a href='/manager.php?action=edit_branch&branch={$branch_id}' style='font-size:8pt;'>Редактировать</a>";
}
$html .= template_get("branches/show_branch", array('name' => $branch['name'], 'editbranch' => $edit_branch_html, 'message' => $message_html, 'points' => $points_html));
return $html;
}
function show_rights()
{
//Определяем переменные
$html = "";
$rights_html = "";
/*Выводим список менеджеров HR*/
$rightsRES = db_query("SELECT * FROM `phpbb_rights` ORDER BY `name` ASC");
//IF
if (db_count($rightsRES) > 0) {
$i = 0;
//WHILE
while ($right = db_fetch($rightsRES)) {
if (trim($right['description']) != "") {
$right_description_html = "<div class='comment'>({$right['description']})</div>";
} else {
$right_description_html = "<br/><br/>";
}
$rights_html .= "<h4>{$right['name']}</h4><a href='/manager.php?action=add_right&right={$right['id']}'><img src='/images/add.png' /></a>\r\n\t\t\t\t\t\t\t\t{$right_description_html}\r\n\t\t\t\t\t\t\t\t\t";
$rights_html .= show_right_users($right['id'], $right['name']);
$rights_html .= "<br/><br/>";
if (db_count($rightsRES) != $i + 1) {
$rights_html .= "<hr/><br/>";
}
$i++;
}
} else {
$rights_html .= "<br/>Нет прав. Сперва создайте права.";
}
/*Подключаем файл шаблона*/
$html .= template_get("rights/show_rights", array('rights_html' => $rights_html));
//Возвращаем значение функции
return $html;
}
function page_index()
{
$q = db_query("SELECT * FROM `intr_message`");
$message_html = "";
if (get_user_group() == "writer") {
$add_message_html = "<a href='" . uri_make_v1(array("UriScript" => "intranet.php", "add_message" => "yes")) . "' style='padding:0 0 0 10px;'><img src='/_content/img/add-icon.png'/></a>";
} else {
$add_message_html = "";
}
while ($message = db_fetch($q)) {
$message_html .= "<a href='" . uri_make_v1(array("UriScript" => "intranet.php", "page" => "message", "message" => $message['id'])) . "'>" . trim($message['title']) . "</a>";
if (check_group("writer") || $user['name'] == get_user()) {
//$message_html.="<br/><a href='".uri_make_v1(array("UriScript"=>'intranet.php', 'edit_message'=>'yes', 'message'=>$message['id']))."' style='font-size:8pt;'>Редактировать</a>";
//$message_html.="<a href='".uri_make_v1(array("UriScript"=>'intranet.php', 'delete_message'=>'yes', 'message'=>$message['id']))."' style='padding-left:10px;font-size:8pt;' onClick=\"if(!confirm('Удалить?')) return false;\">Удалить</a>";
//$message_html.="<br/><br/>";
/*$comments_html.="<a href='".uri_make_v1(array("UriScript"=>'intranet.php', 'page'=>'message', 'message'=>$message['id'], 'edit_comment'=>'yes', 'comment'=>$comment['id']))."' style='font-size:8pt;'>Редактировать</a>";
$comments_html.="<a href='".uri_make_v1(array("UriScript"=>'intranet.php', 'page'=>'message', 'message'=>$message['id'], 'delete_comment'=>'yes', 'comment'=>$comment['id']))."' style='padding-left:10px;font-size:8pt;' onClick=\"if(!confirm('Удалить?')) return false;\">Удалить</a>";
*/
$message_html .= "<a href='" . uri_make_v1(array("UriScript" => "intranet.php", "edit_message" => "yes", "message" => $message['id'])) . "' style='padding:0 0 0 10px;'><img src='/_content/img/edit-icon.png'/></a>";
$message_html .= "<a href='" . uri_make_v1(array("UriScript" => "intranet.php", "delete_message" => "yes", "message" => $message['id'])) . "' style='padding:0 0 0 10px;' onClick=\"if(!confirm('Удалить?')) return false;\"><img src='/_content/img/remove-icon.png'/></a>" . "<br/>";
}
}
$contacts_html = "";
$q = db_query("SELECT * FROM `users`");
while ($user = db_fetch($q)) {
$contacts_html .= "<a href='" . uri_make_v1(array("UriScript" => "intranet.php", "page" => "contact", "name" => $user['name'])) . "'>" . $user['name_rus'] . "</a>" . "<br/>";
}
$html .= template_get('intranet/intranet', array("add_message" => $add_message_html, "message" => $message_html, "contacts" => $contacts_html));
//Подключаем подвал
$html .= template_get('footer');
return $html;
}
function list_stat_by_dates()
{
//Определяем переменные
$stat_html = "";
$users = array();
$stats = array();
$userStats = array();
//Запрос к базе
$usersRES = db_query("SELECT *\r\n\t\t\t\t\t\t\t\tFROM `phpbb_users`\r\n\t\t\t\t\t\t\t\tWHERE (`user_type`=0 OR `user_type`=3) AND `username`!='root' AND `user_email`!='*****@*****.**' AND `user_id`!=95 AND `user_id`!=5871\r\n\t\t\t\t\t\t\t\tORDER BY `username` ASC");
//Цикл
while ($userWHILE = db_fetch($usersRES)) {
$users[$userWHILE['user_id']]['name'] = $userWHILE['username'];
}
//Запрос к базе
$statsRES = db_query("SELECT * FROM `phpbb_stat` ORDER BY `date` DESC");
//Цикл
while ($statWHILE = db_fetch($statsRES)) {
if ($statWHILE['user_id'] != 5871) {
$date_stats[date("d/m/Y", strtotime($statWHILE['date']))][] = array('uri' => $statWHILE['uri'], 'time' => date("H:i", strtotime($statWHILE['date'])), 'user_id' => $statWHILE['user_id']);
}
}
//Цикл
foreach ($date_stats as $date => $stat) {
$stat_html .= "<a href='manager.php?action=show_stat&date={$date}'>" . $date . "</a>: " . count($stat) . "<br/>";
}
//Возвращаем значение функции
return $html .= template_get("stat/list_stat", array('userStats' => $stat_html));
}
function generate_main()
{
global $categories, $forums;
global $filter_forum, $filter_topic;
global $db_prefix;
global $forum_name, $forum_description;
//Categories
$res = mysql_query('SELECT cat_id, cat_title FROM ' . $db_prefix . 'categories order by cat_order');
while ($row = mysql_fetch_assoc($res)) {
$cid = $row['cat_id'];
$categories[$row['cat_id']] = array('title' => $row['cat_title'], 'forums' => array());
}
//Forums
$res = mysql_query('SELECT forum_id, cat_id, forum_name, forum_posts, forum_topics FROM ' . $db_prefix . 'forums ORDER BY forum_order');
while ($row = mysql_fetch_assoc($res)) {
$fid = $row['forum_id'];
if (in_array($fid, $filter_forum)) {
continue;
}
$forums[$fid] = array('cid' => $row['cat_id'], 'title' => $row['forum_name'], 'nposts' => $row['forum_posts'], 'ntopics' => $row['forum_topics'], 'topics' => array());
$categories[$row['cat_id']]['forums'][] = $fid;
}
// Content
$var = array('categories' => $categories, 'forums' => $forums, 'forum_name' => $forum_name, 'forum_description' => $forum_description);
$content = template_get($var, 'main.tpl.php');
write_content('index.html', $content);
log_info("Index: index.html\n");
}
function menu_top($manual_items=""){
//Подключаем глобальную переменную
global $DocumentId;
db_connect();
$html_items="
<a href='/engine.php?table=documents'>Документ покупки</a><span class='divider'></span>
<a href='/engine.php?table=computers'>Сборки компьютеров</a><span class='divider'></span>
<a href='/statistics.php'>Статистика</a><span class='divider'></span>
<a href='/engine.php?table=documents&document=$DocumentId&action=list_contragents'>Контрагенты</a><span class='divider'></span>
<a href='/engine.php?table=documents&document=$DocumentId&action=list_positions'>Позиции</a><span class='divider'></span>
<br/>
";
//Запрашиваем из таблицы БД 'menus' все пункты меню, принадлежащие размещению 'top'
$items_query=db_query("SELECT `href`, `text`, `label` FROM `menu_items` WHERE `area`='top' ORDER BY `order` ASC");
$number_item=1;
//Ручное добавление пунктов
$html_items.=$manual_items;
//Пункты меню найдены
if(db_count($items_query)>0){
//Перебираем пункты меню
while($item=db_fetch($items_query)){
$html_items.="<a href='{$item['href']}' class='".get_class_depend_on_uri("!=", 'table_name', $item['label'])."'>{$item['text']}</a>";
$html_items.="<span class='divider'></span>";
if($number_item % 7 == 0) $html_items.="<br/>";
$number_item++;
}
//Такие пункты меню не найдены
}
return template_get('menus/menu_top', array('html_items'=>$html_items, 'login'=>$_SESSION['user']));
}
function page_message()
{
$message_id = $_GET['message'];
$message = db_easy("SELECT * FROM `intr_message` WHERE `id`={$message_id}");
$q_comm = db_query("SELECT * FROM `intr_comments` WHERE `message_id`={$message_id} ORDER BY `date` DESC");
$user = db_easy("SELECT * FROM `users` WHERE `id`=" . $message['user_id']);
$edit_del_comment_html = "";
if (check_group("writer") || $user['name'] == get_user()) {
$edit_del_message_html .= "<br/><a href='" . uri_make_v1(array("UriScript" => 'intranet.php', 'page' => 'message', 'message' => $message_id, 'edit_message' => 'yes', 'message' => $message['id'])) . "' style='font-size:8pt;'>Редактировать</a>";
$edit_del_message_html .= "<a href='" . uri_make_v1(array("UriScript" => 'intranet.php', 'page' => 'message', 'message' => $message_id, 'delete_message' => 'yes', 'message' => $message['id'])) . "' style='padding-left:10px;font-size:8pt;' onClick=\"if(!confirm('Удалить?')) return false;\">Удалить</a>";
}
$comments_html = "";
while ($comment = db_fetch($q_comm)) {
$user = db_easy("SELECT * FROM `users` WHERE `id`={$comment['user_id']}");
$comments_html .= "<div style='margin:15px 0 0 0;padding:0 0 0 10px;border-left:2px solid #AAA;'>";
$comments_html .= "<span style='font-size:8pt;font-style:italic;'><b>" . $user['name_rus'] . ",</b> " . date("d.m.Y H:i", strtotime($comment['date'])) . "</span><br/>" . $comment['text'] . "</div>";
if (check_group("writer") || $user['name'] == get_user()) {
$comments_html .= "<a href='" . uri_make_v1(array("UriScript" => 'intranet.php', 'page' => 'message', 'message' => $message_id, 'edit_comment' => 'yes', 'comment' => $comment['id'])) . "' style='font-size:8pt;'>Редактировать</a>";
$comments_html .= "<a href='" . uri_make_v1(array("UriScript" => 'intranet.php', 'page' => 'message', 'message' => $message_id, 'delete_comment' => 'yes', 'comment' => $comment['id'])) . "' style='padding-left:10px;font-size:8pt;' onClick=\"if(!confirm('Удалить?')) return false;\">Удалить</a>";
}
}
$html .= template_get('message/message', array("user" => $user['name_rus'], "date" => date("d.m.Y", strtotime($message['date'])), "title" => $message['title'], "edit_del_message" => $edit_del_message_html, "text" => $message['text'], "uri_back" => uri_make_v1(array("UriScript" => "intranet.php")), "uri_comment" => uri_make_v1(array("UriScript" => "intranet.php", "page" => "message", "message" => $message_id, "add_comment" => "yes")), "comments" => $comments_html));
//Подключаем подвал
$html .= template_get('footer');
return $html;
}
function add_right()
{
//Определяем переменные
$html = "";
$users_html = "";
/*Проверка прав на выполнение действия*/
if (!check_rights('add_right')) {
return "У вас нет соответствующих прав";
}
//IF
if (!isset($_POST['user'])) {
/*Получаем и проверяем данные от пользвователя*/
$right_id = (int) $_GET['right'];
/*Проверка входных данных*/
$rightRES = db_query("SELECT `name` FROM `phpbb_rights` WHERE `id`='{$right_id}'");
if (db_count($rightRES) == 0) {
return "Ошибка в формате входных данных (right)";
} else {
$right_name = db_fetch($rightRES)['name'];
}
//Запрос к базе
$usersRES = db_query("SELECT * FROM `phpbb_users`\r\n\t\t\t\t\t\t\t\tWHERE (`user_type`=0 OR `user_type`=3) AND `username`!='root'\r\n\t\t\t\t\t\t\t\t\t\t\t\t\tORDER BY `username` ASC");
//WHILE
while ($userWHILE = db_fetch($usersRES)) {
if (db_easy_count("SELECT * FROM `phpbb_rights_users`\r\n\t\t\t\t\t\t\t\tWHERE `user_id`={$userWHILE['user_id']}\r\n\t\t\t\t\t\t\t\t\tAND `right_id`={$right_id}\r\n\t\t\t\t\t\t") == 0) {
$users_html .= "<option value='{$userWHILE['user_id']}'>{$userWHILE['username']}</option>";
}
}
/*Подключаем шаблон*/
$html .= template_get("rights/add_right", array('users' => $users_html, 'right_id' => $right_id, 'right_name' => $right_name));
//ELSE
} else {
/*Получаем и проверяем данные от пользвователя*/
$user_id = (int) $_POST['user'];
/*Получаем и проверяем данные от пользвователя*/
$right_id = (int) $_POST['right'];
/*Проверка входных данных*/
if (db_easy_count("SELECT * FROM `phpbb_users` WHERE `user_id`={$user_id}") == 0) {
return "Ошибка в формате входных данных (user)";
}
/*Проверка входных данных*/
if (db_easy_count("SELECT * FROM `phpbb_rights` WHERE `id`='{$right_id}'") == 0) {
return "Ошибка в формате входных данных (right)";
}
//Запрос к базе
if (db_easy_count("SELECT * FROM `phpbb_rights_users` WHERE `user_id`={$user_id} AND `right_id`={$right_id}") == 0) {
$insertRES = db_query("INSERT INTO `phpbb_rights_users` SET `user_id`={$user_id}, `right_id`={$right_id}");
}
/*Проверка правильности выполнения запроса к БД*/
if (!db_result($insertRES)) {
return "Ошибка при выполнении (insert)";
}
//Выполняем HTTP запрос
header("location: /manager.php?action=show_rights");
}
//Возвращаем значение функции
return $html;
}
function project_menu()
{
//Получаем глобальные переменные
global $project_id;
//Определяем переменные
$html = "";
//Возвращаем значение функции
return template_get('versioncontrol/project_menu', array('project_id' => $project_id));
}
function show_admin_panel()
{
//Определяем переменную
$html = "";
/*Подключаем файл шаблона*/
$html .= template_get("admin/show_admin_panel", array());
//Возвращаем значение функции
return $html;
}
function page_contact()
{
$user_name = $_GET['name'];
$user = db_easy("SELECT * FROM `users` WHERE `name`='" . $user_name . "'");
$edit_del_comment_html = "";
if (check_group("writer") || $user['name'] == get_user()) {
}
$html .= template_get('contacts/contact', array("name_rus" => $user['name_rus'], "position" => $user['position'], "mobile_phone" => $user['mobile_phone']));
//Подключаем подвал
$html .= template_get('footer');
return $html;
}
function login_form($message=''){
$html.="";
$html.=template_get('header');
$html.="<div style='width:100%;height:100%' align='center'>";
$html.="<form action='/?action=login' method='post' style='margin-top:25%;width:300px;height:300px;'>";
$html.="Введите логин и пароль<br/>";
$html.=$message;
$html.="<input type='text' name='user'/><br/>";
$html.="<input type='password' name='password'/><br/>";
$html.="<input type='submit' value='Войти'/>";
$html.="</form>";
$html.="</div>";
$html.=template_get('footer');
return $html;
}
function list_points()
{
if (isset($_GET['message'])) {
$point_id = trim($_GET['point']);
$point_name = trim($_GET['name']);
switch (@$_GET['message']) {
case "pointadded":
$message_html = template_get("message", array('message' => "Добавлена точка \"{$point_name}\""));
break;
case "pointdeleted":
$message_html = template_get("message", array('message' => "Удалена точка \"{$point_name}\""));
break;
default:
$message_html = template_get("nomessage");
}
}
$result_points = db_query("SELECT * FROM `phpbb_points` WHERE `id`!=1 ORDER BY `name` ASC");
$num_points = db_count($result_points);
$num = 0;
$table_html = "";
if (check_rights('delete_point')) {
$th_html = "\t<th class='right'></th>";
} else {
$th_html = "";
}
while ($point = db_fetch($result_points)) {
$num++;
if ($num == $num_points) {
$bottom_class = "bottom";
} else {
$bottom_class = "";
}
if (check_rights('delete_point')) {
$right_class = '';
} else {
$right_class = 'right';
}
$table_html .= "\t<tr class='{$bottom_class}'>\r\n\t\t\t\t\t\t\t<td><a href='/manager.php?action=show_point&point={$point['id']}' style='font-size:9pt;'>" . $point['name'] . "</a></td>\r\n\t\t\t\t\t\t\t<td>" . $point['phone'] . "</td>\r\n\t\t\t\t\t\t\t<td class='{$right_class}'>" . $point['address'] . "</td>";
if (check_rights('delete_point')) {
$table_html .= "\t<td class='right'><a href='/manager.php?action=delete_point&point={$point['id']}' onclick=\"if(!confirm('Удалить?')) return false;\">Удалить</a><br/></td>\r\n\t\t\t\t\t\t</tr>";
}
}
if (check_rights('add_point')) {
$add_point_link = "<a href='/manager.php?action=add_point' class='listcontacts'>Добавить офис/склад</a><br/><br/>";
}
$html .= template_get("points/list_points", array('addpointlink' => $add_point_link, 'numpoints' => $num_points, 'table' => $table_html, 'message' => $message_html, 'th_html' => $th_html, 'right_class' => $right_class));
return $html;
}
function add_point()
{
if (!check_rights('add_point')) {
//Возвращаем значение функции
return "У вас нет соответствующих прав";
}
if (!isset($_POST['name'])) {
switch (@$_GET['message']) {
case "emptypointname":
$message_html = template_get("errormessage", array('message' => "Название не может быть пустым"));
break;
case "samepointexists":
$message_html = template_get("errormessage", array('message' => "Офис/склад с таким именем уже имеется"));
break;
default:
$message_html = template_get("nomessage");
}
$branches_html = "";
$branchesRES = db_query("SELECT * FROM `phpbb_branches` ORDER BY `name` ASC");
while ($branch = db_fetch($branchesRES)) {
$branches_html .= "<option value='{$branch['id']}' {$selected_html}>{$branch['name']}</option>";
}
$html .= template_get("points/add_point", array('action' => "/manager.php?action=add_point", 'branches' => $branches_html, 'message' => $message_html));
} else {
$do = true;
//Проверка на пустое название города
$point['name'] = trim($_POST['name']);
$point['address'] = trim($_POST['address']);
$point['phone'] = trim($_POST['phone']);
$point['branch_id'] = trim($_POST['branch']);
if (!preg_match("/^.{1,70}\$/", $point['name'])) {
header("location: /manager.php?action=add_point&message=emptypointname");
$do = false;
}
//Проверка на наличие города с таким же именем
if (db_easy_count("SELECT * FROM `phpbb_points` WHERE `name`='{$point['name']}'") > 0) {
header("location: /manager.php?action=add_point&message=samepointexists");
$do = false;
}
if ($do) {
db_query("INSERT INTO `phpbb_points` SET\r\n\t\t\t\t\t\t\t\t\t\t`name`='{$point['name']}',\r\n\t\t\t\t\t\t\t\t\t\t`address`='{$point['address']}',\r\n\t\t\t\t\t\t\t\t\t\t`phone`='{$point['phone']}',\r\n\t\t\t\t\t\t\t\t\t\t`branch_id`={$point['branch_id']}");
$point_id = db_insert_id();
header("location: /manager.php?action=list_points&message=pointadded&name={$point['name']}");
}
}
return $html;
}
function edit_branch()
{
if (!check_rights('edit_branch')) {
//Возвращаем значение функции
return "У вас нет соответствующих прав";
}
$branch_id = $_GET['branch'];
if (!isset($_POST['name'])) {
switch (@$_GET['message']) {
case "branchsaved":
$message_html = template_get("message", array('message' => "Изменения сохранены"));
break;
case "emptybranchname":
$message_html = template_get("errormessage", array('message' => "Название подразделения не может быть пустым"));
break;
case "samebranchexists":
$message_html = template_get("errormessage", array('message' => "Подразделение с таким именем уже имеется"));
break;
default:
$message_html = template_get("nomessage");
}
$branch = db_easy("SELECT * FROM `phpbb_branches` WHERE `id`={$branch_id}");
$show_branch_html = "<a href='/manager.php?action=show_branch&branch={$branch_id}' style='font-size:8pt;'>Просмотреть</a>";
$html .= template_get("branches/edit_branch", array('action' => "/manager.php?action=edit_branch&branch={$branch_id}", 'name' => $branch['name'], 'showbranch' => $show_branch_html, 'message' => $message_html));
} else {
$branch['name'] = trim($_POST['name']);
$do = true;
//Проверка на пустое название города
$branch['name'] = trim($_POST['name']);
if (!preg_match("/^.{1,70}\$/", $branch['name'])) {
header("location: /manager.php?action=edit_branch&branch={$branch_id}&message=emptybranchname");
$do = false;
}
//Проверка на наличие города с таким же именем
if (db_easy_count("SELECT * FROM `phpbb_branches` WHERE `name`='{$branch['name']}'") > 0) {
header("location: /manager.php?action=edit_branch&branch={$branch_id}&message=samebranchexists");
$do = false;
}
if ($do) {
db_query("UPDATE `phpbb_branches`\r\n\t\t\t\t\tSET `name`='{$branch['name']}'\r\n\t\t\t\t\tWHERE `id`={$branch_id}");
header("location: /manager.php?action=edit_branch&branch={$branch_id}&message=branchsaved");
}
}
return $html;
}
function template_parse_site($file, $array)
{
$temp = template_get('header');
$temp .= template_get($file);
$temp .= template_get('footer');
global $LANG;
if ($temp) {
foreach ($array as $key => $value) {
$temp = str_replace('{' . $key . '}', $value, $temp);
}
foreach ($LANG as $key => $value) {
$temp = str_replace('{' . $key . '}', $value, $temp);
}
} else {
echo '\\"templates/' . TEMPLATE . '/' . $file . '.htm\\" Does Not Exist.';
}
return $temp;
}
function add_hr_manager_right()
{
//Определяем переменные
$html = "";
$users_html = "";
/*Проверка прав на выполнение действия*/
if (!check_rights('add_hr_manager_right')) {
return "У вас нет соответствующих прав";
}
//IF
if (!isset($_POST['user'])) {
//Запрос к базе
$usersRES = db_query("SELECT * FROM `phpbb_users` WHERE (`user_type`=0 OR `user_type`=3) AND `hrmanager`!=1 AND `username`!='root' ORDER BY `username` ASC");
//WHILE
while ($userWHILE = db_fetch($usersRES)) {
$users_html .= "<option value='{$userWHILE['user_id']}'>{$userWHILE['username']}</option>";
}
/*Подключаем шаблон*/
$html .= template_get("rights/add_hr_manager_right", array('users' => $users_html));
//ELSE
} else {
/*Проверка входных данных*/
if (!preg_match("/^[0-9]{1,8}\$/", $_POST['user'])) {
return "Ошибка в формате входных данных (1)";
}
//Определяем переменную
$user_id = (int) $_POST['user'];
/*Проверка входных данных*/
if (db_easy_count("SELECT * FROM `phpbb_users` WHERE `user_id`={$user_id}") == 0) {
return "Ошибка в формате входных данных (2)";
}
//Запрос к базе
db_query("UPDATE `phpbb_users` SET `hrmanager`=1 WHERE `user_id`={$user_id}");
/*Проверка правильности выполнения запроса к БД*/
if (!db_result()) {
return "Ошибка при выполнении (3)";
}
//Выполняем HTTP запрос
header("location: /manager.php?action=show_rights");
}
//Возвращаем значение функции
return $html;
}
function list_branches()
{
$result_branches = db_query("SELECT * FROM `phpbb_branches` WHERE `id`!=1 ORDER BY `name`");
$num_branches = db_count($result_branches);
$num = 0;
$table_html = "";
while ($branch = db_fetch($result_branches)) {
$num++;
if ($num == $num_branches) {
$bottom_class = "bottom";
} else {
$bottom_class = "";
}
$table_html .= "\t<tr class='{$bottom_class}'>\r\n\t\t\t\t\t\t\t<td><a href='/manager.php?action=show_branch&branch=" . $branch['id'] . "' style='font-size:9pt;'>" . $branch['name'] . "</a></td>\r\n\t\t\t\t\t\t\t<td><a href='/manager.php?action=edit_branch&branch={$branch['id']}'>Редактировать</a></td>\r\n\t\t\t\t\t\t\t<td class='right'><a href='/manager.php?action=delete_branch&branch={$branch['id']}' onclick=\"if(!confirm('Удалить?')) return false;\">Удалить</a><br/></td>\r\n\t\t\t\t\t\t</tr>";
}
$add_branch_link = "manager.php?action=add_branch";
$html .= template_get("branches/list_branches", array('addbranchlink' => $add_branch_link, 'numbranches' => $num_branches, 'table' => $table_html));
return $html;
}
function add_branch()
{
if (!check_rights('add_branch')) {
//Возвращаем значение функции
return "У вас нет соответствующих прав";
}
if (!isset($_POST['name'])) {
switch (@$_GET['message']) {
case "emptybranchname":
$message_html = template_get("errormessage", array('message' => "Название подразделения не может быть пустым"));
break;
case "samebranchexists":
$message_html = template_get("errormessage", array('message' => "Подразделение с таким именем уже имеется"));
break;
default:
$message_html = template_get("nomessage");
}
$html .= template_get("branches/add_branch", array('action' => "/manager.php?action=add_branch", 'message' => $message_html));
} else {
$do = true;
//Проверка на пустое название города
$branch['name'] = trim($_POST['name']);
if (!preg_match("/^.{1,70}\$/", $branch['name'])) {
header("location: /manager.php?action=add_branch&message=emptybranchname");
$do = false;
}
//Проверка на наличие города с таким же именем
if (db_easy_count("SELECT * FROM `phpbb_branches` WHERE `name`='{$branch['name']}'") > 0) {
header("location: /manager.php?action=add_branch&message=samebranchexists");
$do = false;
}
if ($do) {
db_query("INSERT INTO `phpbb_branches` SET `name`='{$branch['name']}'");
$branch_id = db_insert_id();
header("location: /manager.php?action=show_branch&branch={$branch_id}&message=branchjustadded");
}
}
return $html;
}
function show_messages($messages)
{
//Определяем переменную
$html = "";
/*Сообщение о результате действия*/
if (count($messages) > 0) {
//FOREACH
foreach ($messages as $index => $message) {
//Определяем переменную
$messages_html .= $message;
//Сокращенный IF-ELSE
$index < count($messages) ? $messages_html .= "<br/>" : '';
}
/*Подключаем шаблон*/
$html = template_get("errormessage", array('message' => $messages_html));
} else {
/*Подключаем шаблон*/
$html = template_get("nomessage");
}
//Возвращаем значение функции
return $html;
}
function show_point()
{
switch (@$_GET['message']) {
case "pointjustadded":
$message_html = template_get("message", array('message' => "Офис/склад успешно добавлен"));
break;
default:
$message_html = template_get("nomessage");
}
$point_id = $_GET['point'];
$point = db_easy("SELECT * FROM `phpbb_points` WHERE `id`={$point_id}");
$branch = db_easy("SELECT * FROM `phpbb_branches` WHERE `id`={$point['branch_id']}");
if (check_rights('edit_point')) {
$edit_point_html = "<a href='/manager.php?action=edit_point&point={$point_id}' style='font-size:8pt;'>Редактировать</a>";
}
$contactsRES = db_query("SELECT * FROM `phpbb_users`\r\n\t\t\t\t\t\t\t\t\tWHERE (`user_type`=0 OR `user_type`=3) AND `username`!='root' AND `user_email`!='*****@*****.**'\r\n\t\t\t\t\t\t\t\t\t\t\tAND `point_id`={$point_id}\r\n\t\t\t\t\t\t\t\t\tORDER BY `username` ASC\r\n\t\t\t\t\t\t\t\t\t");
$contacts_html = "";
while ($contact = db_fetch($contactsRES)) {
$contacts_html .= "<a href='/manager.php?action=show_contact&contact={$contact['user_id']}'>" . $contact['username'] . "</a><br/>";
}
$html .= template_get("points/show_point", array('name' => $point['name'], 'address' => $point['address'], 'phone' => $point['phone'], 'editpoint' => $edit_point_html, 'message' => $message_html, 'branch' => $branch['name'], 'contacts' => $contacts_html));
return $html;
}
$dp = opendir($dir);
while($subdir = readdir($dp)){
if($subdir != '.' && $subdir != '..' && is_dir($dir."/".$subdir)){
$action_file=$dir."/".$subdir."/".$action.".php";
if(file_exists($action_file)){
require_once($action_file);
db_connect();
$html.=$action();
}
}
}
/*КОНЕЦ: Manager. Автор: Домышев Илья, Акустик Групп*/
// Assign index specific vars
$template->assign_vars(array(
'HTML' => template_get('main', array('html'=>"<div class='manager'>".$html."</div><br/>")),
'TOTAL_POSTS' => sprintf($user->lang[$l_total_post_s], $total_posts),
'TOTAL_TOPICS' => sprintf($user->lang[$l_total_topic_s], $total_topics),
'TOTAL_USERS' => sprintf($user->lang[$l_total_user_s], $total_users),
'NEWEST_USER' => sprintf($user->lang['NEWEST_USER'], get_username_string('full', $config['newest_user_id'], $config['newest_username'], $config['newest_user_colour'])),
'LEGEND' => $legend,
'BIRTHDAY_LIST' => $birthday_list,
'FORUM_IMG' => $user->img('forum_read', 'NO_UNREAD_POSTS'),
'FORUM_UNREAD_IMG' => $user->img('forum_unread', 'UNREAD_POSTS'),
'FORUM_LOCKED_IMG' => $user->img('forum_read_locked', 'NO_UNREAD_POSTS_LOCKED'),
'FORUM_UNREAD_LOCKED_IMG' => $user->img('forum_unread_locked', 'UNREAD_POSTS_LOCKED'),
'S_LOGIN_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login'),
'S_DISPLAY_BIRTHDAY_LIST' => ($config['load_birthdays']) ? true : false,
//Session life time should be set before session_start()
session_set_cookie_params($session_lifetime);
//Set session lifetime
setcookie(session_name(), session_id(), time() + $session_lifetime);
//Start session
session_start();
//}
//Connect to database
db_connect();
//Start HTML flow
$html = "";
//Add header
$html .= template_get('header');
//Выполняем действия{
$action = $_GET['action'];
$dir = $_SERVER['DOCUMENT_ROOT'] . "/actions/";
$dp = opendir($dir);
while ($subdir = readdir($dp)) {
if ($subdir != '.' && $subdir != '..' && is_dir($dir . "/" . $subdir)) {
$action_file = $dir . "/" . $subdir . "/" . $action . ".php";
if (file_exists($action_file)) {
require_once $action_file;
$html .= $action();
}
}
}
//}
//Add footer
$html .= template_get('footer');
//Show HTML flow
echo $html;
function upload_user_photo($user_id)
{
$file_extension = get_file_extension($_FILES['file']['name']);
if (db_easy_count("SELECT * FROM `phpbb_avatars` WHERE `user_id`={$user_id}") > 0) {
db_query("DELETE FROM `phpbb_avatars` WHERE `user_id`={$user_id}");
}
db_query("INSERT INTO `phpbb_avatars` SET `user_id`={$user_id}, `extension`='{$file_extension}'");
$file_id = db_insert_id();
$uploadfile = $_SERVER['DOCUMENT_ROOT'] . "images/avatars/upload/5748d7ff6b4d48da44e8a6525604c781_" . $file_id . "." . $file_extension;
if (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)) {
$image_size = getimagesize($uploadfile);
db_query("UPDATE `phpbb_users` SET `user_avatar`='{$file_id}.{$file_extension}', `user_avatar_type`=1, `user_avatar_width`={$image_size[0]}, `user_avatar_height`={$image_size[1]} WHERE `user_id`={$user_id}");
return template_get("message", array('message' => "Фотография обновлена"));
} else {
return template_get("errormessage", array('message' => "Ошибка"));
}
}
function get_window($action, $html, $id = '', $enctype = 'application/x-www-form-urlencoded', $method = 'post')
{
return template_get('window', array('id' => $id, 'action' => $action, 'html' => $html, 'enctype' => $enctype, 'method' => $method));
}
/*
* Ugamela OSE
* index.php - Pagina inicial
* Last Revition: 2009.05.03 01:33 (GMT - 03:00)
*
* Copyright (C) Perberos (German Augusto Perugorria)
* Copyright (C) Matsusoft Corporation
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software Foundation,
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
******************************************************************************/
define('INSIDE', true);
$ugamela_root_path = './';
require $ugamela_root_path . 'extension.inc';
require $ugamela_root_path . 'common.' . $phpEx;
if (!user_check()) {
header('Location: login.php');
} else {
echo template_parse(template_get('index_frames'), $lang);
}
function show_stat_only_date()
{
//Определяем переменные
$date = $_GET['date'];
$stat_html = "";
//Определяем переменные
$stats = array();
$date_stats = array();
//Определяем переменные
$stat_html .= "<span style='font-weight:bold;text-decoration:underline;'>Тип</span>: по дате<br/>";
$stat_html .= "<span style='font-weight:bold;text-decoration:underline;'>Дата</span>: {$date}<br/><br/>";
//Запрос к базе
$usersRES = db_query("SELECT *\r\n\t\t\t\t\t\t\t\tFROM `phpbb_users`\r\n\t\t\t\t\t\t\t\tWHERE (`user_type`=0 OR `user_type`=3) AND `username`!='root' AND `user_email`!='*****@*****.**' AND `user_id`!=95 AND `user_id`!=5871\r\n\t\t\t\t\t\t\t\tORDER BY `username` ASC");
//Цикл
while ($userWHILE = db_fetch($usersRES)) {
$users[$userWHILE['user_id']] = $userWHILE['username'];
}
//Запрос к базе
$statsRES = db_query("SELECT * FROM `phpbb_stat` WHERE `user_id`!=5871 ORDER BY `date` DESC");
//Определяем переменные
$number = db_count($statsRES);
//Цикл
while ($statWHILE = db_fetch($statsRES)) {
$stats[date("d/m/Y", strtotime($statWHILE['date']))][$statWHILE['user_id']]++;
}
//Определяем переменные
$date_stats = $stats[$date];
//show($date_stats);
//Цикл
foreach ($date_stats as $user_idFOR => $countFOR) {
$stat_html .= "<a href='/manager.php?action=show_stat&user={$user_idFOR}'>" . $users[$user_idFOR] . "</a>: <a href='/manager.php?action=show_stat&user={$user_idFOR}&date={$date}'>" . $countFOR . " страниц</a><br/>";
}
//Возвращаем значение функции
return $html .= template_get("stat/show_stat", array('userStats' => $stat_html));
}
function list_contacts()
{
//НАЧАЛО: Получаем направление сортировки
if (isset($_GET['sortdirection'])) {
$sortdirection = $_GET['sortdirection'];
} else {
$sortdirection = "asc";
}
if ($sortdirection == "asc") {
$link_sortdirection = "desc";
}
if ($sortdirection == "desc") {
$link_sortdirection = "asc";
}
//КОНЕЦ: Получаем направление сортировки
//НАЧАЛО: Получаем столбец для сортировки
if (isset($_GET['sort'])) {
$sort = $_GET['sort'];
} else {
$sort = "username";
}
//КОНЕЦ: Получаем столбец для сортировки
//НАЧАЛО: Получаем заголовки колонок для сортировки
$headers = array('username' => array('rus' => "ФИО", 'sortcolumn' => "username"), 'branch' => array('rus' => 'Подразделение', 'sortcolumn' => "`phpbb_points`.`name`"));
foreach ($headers as $name => $value) {
if ($sort == $name) {
$headers[$name]['html'] = "<a href='" . uri_make(array('sortdirection' => $link_sortdirection, 'sort' => $name)) . "' class='header'>" . $headers[$name]['rus'] . "<img src='/images/{$sortdirection}.png' class='header'></a>";
} else {
$headers[$name]['html'] = "<a href='" . uri_make(array('sortdirection' => 'asc', 'sort' => $name)) . "' class='header'>" . $headers[$name]['rus'] . "</a>";
}
}
//КОНЕЦ: Получаем заголовки колонок для сортировки
//НАЧАЛО: Строим фильтр городов
$branchesRES = db_query("SELECT * FROM `phpbb_branches` ORDER BY `name`");
if (isset($_GET['branch']) && @$_GET['branch'] != 1) {
$branch_id = $_GET['branch'];
$branch_where1 = " , `phpbb_branches`, `phpbb_points` ";
$branch_where2 = " AND `phpbb_branches`.`id`={$branch_id} ";
} else {
$branch_where1 = "";
$branch_where2 = "";
}
$branches_html = "";
while ($branch = db_fetch($branchesRES)) {
if ($branch_id == $branch['id']) {
$selected = "selected";
} else {
$selected = "";
}
if ($branch['id'] != 1) {
$branches_html .= "<option value='{$branch['id']}' {$selected}>{$branch['name']}</option>";
} else {
$branches_html .= "<option value='1' {$selected}>Все города</option>";
}
}
if (check_rights('show_hidden_contacts')) {
if (@$_GET['show_hidden_contacts'] == 'on') {
$sql_hidden_contacts = "OR `user_type`=9";
$hidden_contact_checked = 'checked';
} else {
$sql_hidden_contacts = "";
$hidden_contact_checked = '';
}
}
//КОНЕЦ: Строим фильтр городов
isset($_GET['branch']) ? $input_hidden_branch = "<input type='hidden' name='branch' value='{$_GET['branch']}' />" : ($input_hidden_branch = "");
if (check_rights('show_hidden_contacts')) {
$filter_hidden_contacts = template_get("contacts/filter_hidden_contacts", array('input_hidden_branch' => $input_hidden_branch, 'hidden_contact_checked' => $hidden_contact_checked));
}
$usersRES = db_query("SELECT *, `phpbb_branches`.`name` as `branch_name`, `phpbb_branches`.`id` as `branch_id`, \r\n\t\t\t\t\t\t\t\t\t\t`phpbb_points`.`phone` as `officephone`,\r\n\t\t\t\t\t\t\t\t\t\t`phpbb_points`.`name` as `point_name`, `phpbb_points`.`id` as `point_id`\r\n\t\t\t\t\t\t\t\t\tFROM `phpbb_users` , `phpbb_branches`, `phpbb_points` \r\n\t\t\t\t\t\t\t\t\tWHERE (`user_type` IN (0,3) {$sql_hidden_contacts}) AND `username`!='root' \r\n\t\t\t\t\t\t\t\t\t\t\tAND `phpbb_points`.`id`=`phpbb_users`.`point_id`\r\n\t\t\t\t\t\t\t\t\t\t\tAND `phpbb_points`.`branch_id`=`phpbb_branches`.`id` \r\n\t\t\t\t\t\t\t\t\t\t\t{$branch_where2}\r\n\t\t\t\t\t\t\t\t\tORDER BY {$headers[$sort]['sortcolumn']} {$sortdirection}\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\t\t\t\t");
$num_users = db_count($usersRES);
$num = 0;
$table_html = "";
if (check_rights('delete_contact')) {
$th_html = "\t\t\r\n\t\t\t\t\t\t<th class='right'></th>";
} else {
$th_html = "";
}
while ($userWHILE = db_fetch($usersRES)) {
$num++;
$branch_points_number = db_easy_count("SELECT * FROM `phpbb_points` WHERE `branch_id`={$userWHILE['branch_id']}");
if ($branch_points_number == 1) {
$branch_point_link = "/manager.php?action=show_point&point=" . $userWHILE['point_id'];
} else {
$branch_point_link = "/manager.php?action=show_branch&branch=" . $userWHILE['branch_id'];
}
if ($num == $num_users) {
$bottom_class = "bottom";
} else {
$bottom_class = "";
}
if (trim($userWHILE['officephone']) != "") {
$officephone = $userWHILE['officephone'];
if (trim($userWHILE['user_extphone']) != "") {
$officephone .= ", доб. " . $userWHILE['user_extphone'];
}
} else {
$officephone = "-";
}
if (trim($userWHILE['user_workmobilephone']) != "") {
$mobilephone = $userWHILE['user_workmobilephone'] . " (рабочий)";
} elseif (trim($userWHILE['user_privatemobilephone']) != "") {
$mobilephone = $userWHILE['user_privatemobilephone'] . " (личный)";
} else {
$mobilephone = "-";
}
if (trim($userWHILE['user_occ']) == "") {
$userWHILE['user_occ'] = "-";
}
if (trim($userWHILE['point_id']) == 1) {
$userWHILE['point_name'] = "-";
$userWHILE['branch_name'] = "-";
}
$userWHILE['user_type'] == 9 ? $style_hidden_contact = 'color:grey' : ($style_hidden_contact = '');
if (check_rights('delete_contact')) {
$right_class = '';
} else {
$right_class = 'right';
}
$table_html .= "\t<tr class='{$bottom_class}'>\r\n\t\t\t\t\t\t\t<td class='left'><a href='/manager.php?action=show_contact&contact=" . $userWHILE['user_id'] . "' style='font-size:9pt;{$style_hidden_contact}'>" . $userWHILE['username'] . "</a></td>\r\n\t\t\t\t\t\t\t<td><a href='{$branch_point_link}' style='font-size:9pt;'>" . $userWHILE['branch_name'] . "</a></td>\r\n\t\t\t\t\t\t\t<td style='width:250px;'>" . $userWHILE['user_occ'] . "</td>\r\n\t\t\t\t\t\t\t<td style='width:250px;'>" . $mobilephone . "</td>\r\n\t\t\t\t\t\t\t<td class='{$right_class}'>" . $officephone . "</td>";
if (check_rights('delete_contact')) {
$table_html .= "\t<td class='right'><a href='/manager.php?action=delete_contact&contact={$userWHILE['user_id']}' onclick=\"if(!confirm('Удалить?')) return false;\">Удалить</a><br/></td>\r\n\t\t\t\t\t\t</tr>";
}
}
//Ссылка "Добавить контакт"
if (check_rights('add_contact')) {
$add_contact_html = "<a href='/manager.php?action=add_contact' class='listcontacts'>Добавить сотрудника</a><br/><br/>";
} else {
$add_contact_html = "";
}
$html .= template_get("contacts/list_contacts", array('add_contact' => $add_contact_html, 'numusers' => $num_users, 'table' => $table_html, 'add_user' => $add_user_html, 'branches' => $branches_html, 'header[username]' => $headers['username']['html'], 'header[branch]' => $headers['branch']['html'], 'th_html' => $th_html, 'right_class' => $right_class, 'filter_hidden_contacts' => $filter_hidden_contacts));
return $html;
}
function dumps_explorer(){
global $servers;
global $reg1;
$html="";
//Выбор сервера для просмотра
$html.="Выберите сервер: ";
//Перебираем сервера
foreach($servers as $server){
$url="/engine.php?action=dumps_explorer&server=$server";
//if(isset($_GET['dir'])) $url.="&dir=".$_GET['dir'];
$html.="<a href='$url'>".$server."</a> ";
}
//Пустая строка
$html.="<br/><br/>";
//Выводим информацию по серверу
if(isset($_GET['server'])){
//Получаем имя сервера из uri
$server=$_GET['server'];
//Проверяем существование соответствующей директории
if(!file_exists("/mnt/$server")){
$html.="Информация по серверу недоступна, т.к. недоступна директория /mnt/$server";
}else{
//Директория с дампами
$dir=correct_path("/mnt/$server/MSSQL");
//Директория-хранилище
$store=correct_path("/mnt/$server/MSSQL_Store");
$html.="Вывод информации: <a href='/engine.php?action=dumps_explorer&server=$server&show=dir'>Временные дампы</a> <a href='/engine.php?action=dumps_explorer&server=$server&show=store'>Хранилище</a><br/><br/>";
//Просмотр информации по директории
if(@$_GET['show']=="dir"){
//Указываем имя сервера, по которому будет просматривать информацию
$html.="Смотрим каталог $dir<br/><br/>";
//Проверяем, существует ли директория с дампами
if(!$dp=opendir($dir)){
show("Ошибка opendir(\$store). Не удается открыть директорию $store.");
exit;
}else{
//Перебираем вложенные директории
while($subdir = readdir($dp)){
$subdir_with_path=correct_path($dir.$subdir);
if(is_dir($subdir_with_path) && preg_match($reg1, $subdir)){
$subdir_size=trim(explode("/", exec("du -h --summarize $subdir_with_path"))[0]);
$subdir_size=str_replace("G", "Гб", str_replace("K", "Кб", str_replace("M", "Мб", $subdir_size)));
$html.="<a href='/engine.php?action=dumps_explorer&server=$server&show=dir&dir=$subdir'>".$subdir."</a> $subdir_size<br/>";
//Проверяем, что каталог не пустой
if(count(scandir($subdir_with_path))>2){
//Проверяем на ошибку открытия каталога
if(!$dp1=opendir($subdir_with_path)){
show("Ошибка opendir(\$subdir_with_path). Не удается открыть директорию $subdir_with_path.");
continue;
}else{
//Перебираем каталоги
while($subdir1 = readdir($dp1)){
//Проверяем, что это не каталоги "." и "..", а также соответствие каталогу из uri
if($subdir1!="." && $subdir1!=".." && $subdir==$_GET['dir']){
$html.=" $subdir1<br/>";
}
}
}
}
}
}
}
}
//Просмотр информации по директории
if(@$_GET['show']=="store"){
//Указываем имя сервера, по которому будет просматривать информацию
$html.="Смотрим каталог $dir<br/><br/>";
//Проверяем, существует ли директория с дампами
if(!$dp=opendir($store)){
show("Ошибка opendir(\$store). Не удается открыть директорию $store.");
exit;
}else{
//Перебираем вложенные директории
while($subdir = readdir($dp)){
$subdir_with_path=correct_path($store.$subdir);
if(is_dir($subdir_with_path) && $subdir!="." && $subdir!=".."){
$html.=$subdir;
}
}
}
}
}
}
//Возвращаем HTML-поток шаблона
return template_get(
'dumps/dumps_explorer',
array(
'html'=>$html
)
);
}
function edit_point()
{
if (!check_rights('edit_point')) {
//Возвращаем значение функции
return "У вас нет соответствующих прав";
}
$point_id = $_GET['point'];
if (!isset($_POST['name'])) {
switch (@$_GET['message']) {
case "pointsaved":
$message_html = template_get("message", array('message' => "Изменения сохранены"));
break;
case "emptypointname":
$message_html = template_get("errormessage", array('message' => "Название не может быть пустым"));
break;
case "samepointexists":
$message_html = template_get("errormessage", array('message' => "Офис/склад с таким именем уже имеется"));
break;
default:
$message_html = template_get("nomessage");
}
$point = db_easy("SELECT * FROM `phpbb_points` WHERE `id`={$point_id}");
$show_point_html = "<a href='/manager.php?action=show_point&point={$point_id}&' style='font-size:8pt;'>Просмотреть</a>";
/*Строим список SELECT*/
$branches_html = "";
$selected_html = "";
$branchesRES = db_query("SELECT * FROM `phpbb_branches` ORDER BY `name` ASC");
while ($branch = db_fetch($branchesRES)) {
if ($point['branch_id'] == $branch['id']) {
$selected_html = "selected";
} else {
$selected_html = "";
}
$branches_html .= "<option value='{$branch['id']}' {$selected_html}>{$branch['name']}</option>";
}
$html .= template_get("points/edit_point", array('action' => "/manager.php?action=edit_point&point={$point_id}", 'name' => $point['name'], 'address' => $point['address'], 'phone' => $point['phone'], 'branches' => $branches_html, 'showpoint' => $show_point_html, 'message' => $message_html));
} else {
$point['name'] = trim($_POST['name']);
$point['address'] = trim($_POST['address']);
$point['phone'] = trim($_POST['phone']);
$point['branch_id'] = trim($_POST['branch']);
$do = true;
//Проверка на пустое название города
$point['name'] = trim($_POST['name']);
if (!preg_match("/^.{1,70}\$/", $point['name'])) {
header("location: /manager.php?action=edit_point&point={$point_id}&message=emptypointname");
$do = false;
}
//Проверка на наличие города с таким же именем
$other_pointRES = db_query("SELECT * FROM `phpbb_points` WHERE `name`='{$point['name']}'");
$other_point = db_fetch($other_pointRES);
if (db_count($other_pointRES) > 0) {
if ($other_point['id'] != $point_id) {
header("location: /manager.php?action=edit_point&point={$point_id}&message=samepointexists");
$do = false;
}
}
if ($do) {
db_query("UPDATE `phpbb_points`\r\n\t\t\t\t\tSET `name`='{$point['name']}',\r\n\t\t\t\t\t\t`branch_id`={$point['branch_id']},\r\n\t\t\t\t\t\t`address`='{$point['address']}',\r\n\t\t\t\t\t\t`phone`='{$point['phone']}'\r\n\t\t\t\t\tWHERE `id`={$point_id}");
header("location: /manager.php?action=edit_point&point={$point_id}&message=pointsaved");
}
}
return $html;
}
