<?php
/****************************
*
* @file index.php
* @copy GMC (c) 2010
* @contact ICQ 4884679
* @info free
*
****************************/
include_once './config.inc.php';
include_once './language/'.F_LNG.'.php';
include_once './include/function.inc.php';
include_once './acp.php';
$p = $_GET['p'] * F_ANN_STR;
/////////////////////////////
if ($_GET['index'] == "cat_view" && !empty($_GET['idc']))
{
include_once './skins/tpl/header.tpl';
$viewAnn = "SELECT * FROM `".F_DB_PX."announcement`
WHERE `idc` = '".(int)$_GET['idc']."'
AND `ida` = '".(int)$_GET['ida']."'
ORDER BY paid, time_add DESC LIMIT ".(int)$p.", ".F_ANN_STR;
$countAnn = "SELECT count(id) FROM `".F_DB_PX."announcement`
WHERE `idc` = '".(int)$_GET['idc']."'
AND `ida` = '".(int)$_GET['ida']."'";
$viewCat = "SELECT * FROM `".F_DB_PX."category`
WHERE id = '".(int)$_GET['idc']."'";
include_once './skins/tpl/index_cat_view.tpl';
include_once './skins/tpl/footer.tpl';
}
//Просмотр категории
elseif ($_GET['index'] == "send_mail" && !empty($_GET['idann']))
{
bCheckSpam($_SERVER['REMOTE_ADDR']);
if(bSendMail((int)$_GET['idann'],$_GET['sendEmail'],$error) AND $_GET['send']=="ok")
{
$location = "./index.php?".SID;
$antiSPAM = $mysqli->query("INSERT INTO `".F_DB_PX."antispam`
(`ip`, `time`) VALUES
('".$_SERVER['REMOTE_ADDR']."',
'".(int)time()."')"); ///ANTI-SPAM
include_once './skins/tpl/header_go.tpl';
include_once './skins/tpl/index_send_mail_ok.tpl';
include_once './skins/tpl/footer.tpl';
}
else
{
include_once './skins/tpl/header.tpl';
$viewAnn = "SELECT * FROM `".F_DB_PX."announcement`
WHERE `id` = '".(int)$_GET['idann']."'";
include_once './skins/tpl/index_send_mail.tpl';
include_once './skins/tpl/footer.tpl';
}
}
//Отправка e-mail
elseif ($_GET['index'] == "ann_view" && !empty($_GET['idann']))
{
include_once './skins/tpl/header.tpl';
$viewAnn = "SELECT * FROM `".F_DB_PX."announcement`
WHERE `id` = '".(int)$_GET['idann']."'";
$viewCat = "SELECT * FROM `".F_DB_PX."category`
WHERE id = '".(int)$_GET['idc']."'";
include_once './skins/tpl/index_ann_view.tpl';
include_once './skins/tpl/footer.tpl';
}
//Просмотр объявления
elseif($_GET['index'] == "search" && !empty($_GET['s']))
{
include_once './skins/tpl/header.tpl';
$searchStr = mb_strtoupper($_GET['s'], 'UTF-8');
$searchQ = "SELECT * FROM `".F_DB_PX."announcement`
WHERE upper(text) LIKE '%".$mysqli->real_escape_string($searchStr)."%'
OR upper(city) LIKE '%".$mysqli->real_escape_string($searchStr)."%'
OR upper(url) LIKE '%".$mysqli->real_escape_string($searchStr)."%'
ORDER BY paid, time_add DESC LIMIT ".(int)$p.", ".F_ANN_STR;
$countSearch = "SELECT count(id) FROM `".F_DB_PX."announcement`
WHERE upper(text) LIKE '%".$mysqli->real_escape_string($searchStr)."%'
OR upper(city) LIKE '%".$mysqli->real_escape_string($searchStr)."%'
OR upper(url) LIKE '%".$mysqli->real_escape_string($searchStr)."%'";
include_once './skins/tpl/index_search.tpl';
include_once './skins/tpl/footer.tpl';
}
//Поиск
elseif($_GET['index'] == "add_ann")
{
$cat = trim($_GET['selectCat']);
$city = trim($_GET['selectCity']);
$mail = trim($_GET['selectEmail']);
$text = trim($_GET['selectText']);
$phone = trim($_GET['selectPhone']);
$url = trim($_GET['selectUrl']);
$error = NULL;
if($_GET['send']=="ok")
{
bParseDataAdd($cat,$city,$mail,$text,$phone,$url,$error);
}
if(!empty($error) OR $_GET['send']!="ok")
{
$listCat = "SELECT * FROM `".F_DB_PX."category`";
include_once './skins/tpl/header.tpl';
include_once './skins/tpl/index_add_ann.tpl';
include_once './skins/tpl/footer.tpl';
}
else
{
bCheckSpam($_SERVER['REMOTE_ADDR']);
$listCat = $mysqli->query("SELECT * FROM `".F_DB_PX."category`
WHERE id = ".(int)$cat['0']."");
$listCat = $listCat->fetch_assoc();
if(acpAuth() AND $_GET['paid']=="ok") $paid = 0;
else $paid = 1;
$annAdd = "INSERT INTO `".F_DB_PX."announcement`
(`idc`, `ida`, `text`, `time_add`,`city`,
`email`,`phone`,`url`,`view`,`ip`,`browser`,`paid`)
VALUES
('".(int)$cat['0']."','".(int)$cat['1']."',
'".$mysqli->real_escape_string($text)."',
'".(int)time()."',
'".$mysqli->real_escape_string($city)."',
'".$mysqli->real_escape_string($mail)."',
'".$mysqli->real_escape_string($phone)."',
'".$mysqli->real_escape_string($url)."','1',
'".$_SERVER['REMOTE_ADDR']."',
'".$mysqli->real_escape_string($_SERVER['HTTP_USER_AGENT'])."','".$paid."')";
$antiSPAM = $mysqli->query("INSERT INTO `".F_DB_PX."antispam`
(`ip`, `time`) VALUES
('".$_SERVER['REMOTE_ADDR']."',
'".(int)time()."')"); ///ANTI-SPAM
if($annAdd = $mysqli->query($annAdd))
{
$annLastId = $mysqli->insert_id;
$num_ann = bParseCount($listCat['num_ann'],"ADD",(int)$cat['1'],$listCat['view_act']);
$mysqli->query("UPDATE `".F_DB_PX."category` SET
`num_ann` = '".$mysqli->real_escape_string($num_ann)."'
WHERE `id` = '".(int)$cat['0']."'");
}
$_SESSION['my_ann'][] = $annLastId;
$location =
"./?index=ann_view&idc=".(int)$cat['0']."&ida=".(int)$cat['1']."&idann=".$annLastId."&".SID;
include_once './skins/tpl/header_go.tpl';
include_once './skins/tpl/index_add_ann_ok.tpl';
include_once './skins/tpl/footer.tpl';
}
}
//Добавить объявление
else
{
include_once './skins/tpl/header.tpl';
$viewCat = "SELECT * FROM `".F_DB_PX."category`";
include_once './skins/tpl/index_index.tpl';
include_once './skins/tpl/footer.tpl';
}
//index
?>