function view()
{
$nUserID = $this->security->getUserID();
if (bff::$isAjax) {
$aResponse = array();
switch (func::GET('act')) {
case 'comment':
$p = $this->input->postm(array('id' => TYPE_UINT, 'reply' => TYPE_UINT, 'message' => TYPE_STR, 'name' => TYPE_NOHTML, 'captcha' => TYPE_STR));
if (!$p['id']) {
$this->errors->set(Errors::IMPOSSIBLE);
break;
}
$p['name'] = func::cleanComment($p['name']);
$p['message'] = func::cleanComment($p['message']);
if (empty($p['message'])) {
$this->errors->set('comm_message');
}
if (!$nUserID) {
if (empty($p['name'])) {
$this->errors->set('comm_name');
}
$oProtection = new CCaptchaProtection();
if (!$oProtection->valid(isset($_SESSION['c2']) ? $_SESSION['c2'] : '', $p['captcha'])) {
$aResponse['captcha_wrong'] = 1;
$this->errors->set('comm_wrong_captcha');
}
}
if ($this->errors->no()) {
unset($_SESSION['c2']);
$res = $this->db->execute('INSERT INTO ' . TABLE_BBS_ITEMS_COMMENTS . ' (pid, item_id, user_id, comment, name, ip, created)
VALUES(' . $p['reply'] . ', ' . $p['id'] . ', ' . $nUserID . ', :comment, :name, :ip, :created)', array(':comment' => $p['message'], ':name' => $p['name'], ':ip' => func::getRemoteAddress(), ':created' => $this->db->getNOW(false)));
if ($nCommentID = $this->db->insert_id(TABLE_BBS_ITEMS_COMMENTS, 'id')) {
$aData = $this->db->one_array('SELECT IC.*, ( CASE WHEN IC.user_id != 0 THEN U.name ELSE IC.name END) as name,
I.user_id as owner_id, I.contacts_email, U.blocked as user_blocked
FROM ' . TABLE_BBS_ITEMS_COMMENTS . ' IC
LEFT JOIN ' . TABLE_USERS . ' U ON IC.user_id = U.user_id,
' . TABLE_BBS_ITEMS . ' I
WHERE IC.id=' . $nCommentID . ' AND IC.item_id = I.id');
$aData['my'] = $aData['owner_id'] > 0 && $aData['owner_id'] == $nUserID;
$aData['cur_user_id'] = $nUserID;
$aResponse['comment'] = $this->tplFetchPHP($aData, 'item.view.comment.php');
$sEnotifyEmail = false;
if ($aData['owner_id']) {
if (!$nUserID || $nUserID > 0 && $aData['owner_id'] != $nUserID) {
//комментатор > незарег. пользователь или не владелец объявления
// для зарег. пользователей отправляем на email указанный при регистрации
$sEnotifyEmail = $this->db->one_data('SELECT email FROM ' . TABLE_USERS . ' WHERE user_id = ' . $aData['owner_id']);
}
} else {
// для незарег. пользователей отправляем на контактный email
$sEnotifyEmail = $aData['contacts_email'];
if ($this->isEditPassGranted($p['id'])) {
$sEnotifyEmail = false;
// есть доступ к редактированию, значит = владелец объявления
}
}
if (!empty($sEnotifyEmail) && func::IsEmailAddress($sEnotifyEmail)) {
// отправляем уведомление о новом комментарии к объявлению
$this->db->execute('INSERT INTO ' . TABLE_BBS_ITEMS_COMMENTS_ENOTIFY . ' (item_id, comment_id, comment, email, created)
VALUES(' . $p['id'] . ', ' . $nCommentID . ', :comment, :email, ' . time() . ')', array(':comment' => nl2br(tpl::truncate($p['message'], 100, '...', true)), ':email' => $sEnotifyEmail));
}
}
}
break;
case 'comment_del':
$p = $this->input->postm(array('id' => TYPE_UINT, 'comment_id' => TYPE_UINT));
if (!$p['id'] || !$p['comment_id']) {
$this->errors->set(Errors::IMPOSSIBLE);
break;
}
if (!$nUserID) {
$this->errors->set(Errors::ACCESSDENIED);
break;
}
$isCommentOwner = $this->db->one_data('SELECT user_id FROM ' . TABLE_BBS_ITEMS_COMMENTS . ' WHERE id = ' . $p['comment_id'] . ' AND user_id = ' . $nUserID);
if ($isCommentOwner) {
$res = $this->db->execute('UPDATE ' . TABLE_BBS_ITEMS_COMMENTS . ' SET deleted = 3 WHERE id = ' . $p['comment_id']);
$aResponse['success'] = !empty($res);
$aResponse['by'] = 3;
} else {
$isOwner = $this->db->one_data('SELECT id FROM ' . TABLE_BBS_ITEMS . ' WHERE id = ' . $p['id'] . ' AND user_id = ' . $nUserID);
if (empty($isOwner)) {
$this->errors->set(Errors::ACCESSDENIED);
break;
}
$res = $this->db->execute('UPDATE ' . TABLE_BBS_ITEMS_COMMENTS . ' SET deleted = 1 WHERE id = ' . $p['comment_id']);
$aResponse['success'] = !empty($res);
$aResponse['by'] = 1;
}
break;
}
$aResponse['res'] = $this->errors->no();
$this->ajaxResponse($aResponse);
}
$nItemID = $this->input->id('id');
if (!$nItemID) {
func::JSRedirect('/');
}
$sqlDate = $this->db->str2sql(date('Y-m-d'));
$dp = $this->initDynprops();
$aData = $this->db->one_array('SELECT I.id, I.user_id, I.status, I.press, I.svc, (I.svc = ' . Services::typePremium . ') as premium,
I.publicated, I.publicated_to, I.blocked_reason,
I.cat_id, C.regions as cat_regions, C.prices as cat_prices, C.prices_sett as cat_prices_sett,
I.cat_type, CT.title as cat_type_title,
I.cat_subtype, CST.title as cat_subtype_title,
I.views_total, IV.views as views_today,
I.img, I.imgfav, I.imgcnt, I.title, I.descr, I.descr_regions, I.info, I.price, I.price_torg, I.price_bart, I.video,
I.contacts_name, I.contacts_email, I.contacts_phone, I.contacts_skype, I.contacts_site,
I.mkeywords, I.mdescription, U.email2 as contacts_email2, U.blocked as user_blocked, U.blocked_reason as user_blocked_reason,
I.f' . join(', I.f', range($dp->datafield_int_first, $dp->datafield_text_last)) . '
FROM ' . TABLE_BBS_ITEMS . ' I
LEFT JOIN ' . TABLE_BBS_CATEGORIES_TYPES . ' CT ON I.cat_type = CT.id
LEFT JOIN ' . TABLE_BBS_CATEGORIES_SUBTYPES . ' CST ON I.cat_subtype = CST.id
LEFT JOIN ' . TABLE_BBS_ITEMS_VIEWS . ' IV ON I.id = IV.item_id AND IV.views_date = ' . $sqlDate . '
LEFT JOIN ' . TABLE_USERS . ' U ON I.user_id = U.user_id,
' . TABLE_BBS_CATEGORIES . ' C
WHERE I.id = ' . $nItemID . '
-- AND I.status = ' . BBS_STATUS_PUBLICATED . '
AND I.cat_id = C.id
');
if (empty($aData)) {
func::JSRedirect('/');
} else {
if ($aData['status'] != BBS_STATUS_PUBLICATED) {
if ($aData['status'] == BBS_STATUS_BLOCKED) {
return $this->showForbidden('Данное объявление отклонено.' . (!empty($aData['blocked_reason']) ? ' <br/><br/><b>Причина: </b>' . nl2br($aData['blocked_reason']) : ''), 'Объявление отклонено');
}
return $this->showForbidden('Данное объявление находится на модерации');
}
}
if ($aData['user_blocked']) {
return $this->showForbidden('Аккаунт пользователя заблокирован.' . (!empty($aData['user_blocked_reason']) ? ' <br/><b>Причина:</b><i>' . nl2br($aData['user_blocked_reason']) . '</i>' : ''), 'Аккаунт пользователя заблокирован');
}
$aDynprops = $dp->form($aData['cat_id'], $aData, true, array(), 'dp', 'dynprops.form.view.php', $this->module_dir_tpl);
$aData['dp'] = $aDynprops['form'];
unset($aDynprops);
if (!empty($_GET['print'])) {
$aData['cat'] = $this->db->one_array('SELECT id, pid, title, items, numlevel, numleft, numright, regions, prices, prices_sett
FROM ' . TABLE_BBS_CATEGORIES . ' WHERE id=' . $aData['cat_id'] . ' LIMIT 1');
$aData['cats'] = $this->db->select('SELECT id, title FROM ' . TABLE_BBS_CATEGORIES . '
WHERE ((numleft < ' . $aData['cat']['numleft'] . ' AND numright > ' . $aData['cat']['numright'] . ') OR id = ' . $aData['cat']['id'] . ') AND numlevel>0
ORDER BY numleft');
echo $this->tplFetchPHP($aData, 'item.view.print.php');
exit;
}
$aData['cat'] = $this->db->one_array('SELECT id, pid, title, items, numlevel, numleft, numright, regions, prices, prices_sett
FROM ' . TABLE_BBS_CATEGORIES . ' WHERE id=' . $aData['cat_id'] . ' LIMIT 1');
$aParentCatsID = $this->db->select_one_column('SELECT id FROM ' . TABLE_BBS_CATEGORIES . '
WHERE ((numleft < ' . $aData['cat']['numleft'] . ' AND numright > ' . $aData['cat']['numright'] . ') OR id = ' . $aData['cat']['id'] . ') AND numlevel>0
ORDER BY numleft');
$aData['cats'] = $this->db->select('SELECT id, pid, title
FROM ' . TABLE_BBS_CATEGORIES . '
WHERE enabled = 1 AND (numlevel = 1 ' . (!empty($aParentCatsID) ? '
OR pid IN (' . join(',', $aParentCatsID) . ')
OR id IN (' . join(',', $aParentCatsID) . ')' : '') . ')
ORDER BY numleft');
$aData['cats'] = $this->db->transformRowsToTree($aData['cats'], 'id', 'pid', 'sub');
$aData['cats_active'] = $aParentCatsID;
$aData['comments'] = $this->getItemComments($nItemID);
if (!(($aData['my'] = $aData['user_id'] != 0 && $aData['user_id'] == $nUserID) || $this->isEditPassGranted($nItemID))) {
//update item views
$this->db->execute('UPDATE ' . TABLE_BBS_ITEMS . ' SET views_total = views_total + 1 WHERE id = ' . $nItemID);
$this->db->execute('INSERT INTO ' . TABLE_BBS_ITEMS_VIEWS . ' (item_id, views, views_date) VALUES(' . $nItemID . ', 1, ' . $sqlDate . ')
ON DUPLICATE KEY UPDATE views = views + 1');
}
config::set(array('mkeywords' => $aData['mkeywords'], 'mdescription' => $aData['mdescription'], 'bbsCurrentCategory' => $aData['cat_id']));
$aData['from_search'] = isset($_SERVER['HTTP_REFERER']) && stripos($_SERVER['HTTP_REFERER'], '/search') !== FALSE;
return $this->tplFetchPHP($aData, 'item.view.php');
}
<b class="upper grey"><?php
echo $i['cat_subtype_title'];
?>
:</b> <?php
}
?>
<a href="/item/<?php
echo $i['id'];
?>
" class="desc-link">
<?php
echo tpl::truncate($i['title'], 200, '...', true);
?>
<br />
<?php
echo tpl::truncate($i['descr'], 200, '...', true);
?>
</a>
<div class="address"><?php
echo $i['cat1_title'];
if ($i['cat2_id']) {
?>
<img src="/img/arrowRightSmall.png" /> <?php
echo $i['cat2_title'];
}
?>
<?php
echo $i['cat_regions'] && !empty($i['descr_regions']) ? '/ ' . $i['descr_regions'] : '';
?>
</div>
</td>