Просмотр файла www/admin/currs/add.php

Размер файла: 3.56Kb
<?
define("ADMIN_AUTHORIZATION",1);
include("../../../includes/common.php");

$table = "ex_currencies";

$id = trim($_GET['id']=="")?trim($_POST['id']):trim($_GET['id']);



$CheckObj=new TCheckForm;

//$res=pg_query($DB_LINK, );

/*getting row*/
if($id>0)
{
	
}
else
{
	$id=-1;
}

/* generating fields */
$fields=Array();
if ($id>0) 
{
	$res = mysql_query("select * from currencies where code<>'RUR'");
	while($row=mysql_fetch_object($res))
	{
		$tmp_row = mysql_fetch_object(mysql_query("select * from courses where date=$id and val1_id=$row->id"));
		
		$var = $row->code."_num";
		$$var = $tmp_row->val1_number;
		$var = $row->code;
		$$var = $tmp_row->course+0;
	}
}

$res = mysql_query("select * from currencies where code<>'RUR'");
while($row=mysql_fetch_object($res))
{
	$var = $row->code."_num";
	$num_val = $$var;
	$var = $row->code;
	$c_val = $$var;
	if(!is_numeric($num_val))
	{
		$num_val = 1;
	}
	$fields[$row->code."_num"] = array($row->code."_num", $num_val, $row->code, $c_val);
	
}

if(isset($_POST['subm'])){
	reset ($_POST);
	$flag = false;
	while (list($key, $value) = each ($_POST)) 
	{
		$$key = str_replace(",",".",htmlspecialchars(trim(substr($value,0,255))));
		if(((!is_numeric($$key)) || 0 >= $$key)&&(!eregi("_num",$key) && $key != "id" && $key!="subm"&&$key!="date"&&$key!="action"))
		{
			$error .="Курс $key указан неверно!<br>\n";
		}
		elseif(eregi("_num",$key)&&(!is_numeric($value)||!($value>0)))
		{
			if (!$flag)
			{
				$error .= "Какое-то количество указано неверно!<br>\n";
				$flag=true;
			}
		}
	}
	if($error==""){
		$tmp_row = mysql_fetch_row(mysql_query("select max(position) from ex_currencies"));
		$arr = Array(
			"name" => addslashes($name),
			"code" => addslashes(strtoupper($code)),
		);
		
		
		$res = mysql_query("select * from currencies where code<>'RUR'");
		$val1_row = mysql_fetch_object(mysql_query("select * from currencies where code='RUR'"));
		$time = time();
		while($row=mysql_fetch_object($res))
		{
			$var = $row->code;
			$value = $$var;
			$var = $row->code."_num";
			$nominal = $$var;
			
			if (0 < $id)
			{
				$query = "UPDATE `courses` set `course` = '$value', `back_course` = '".round(1/$value,6)."', `val1_number` = '$nominal' where `val2_id` = '".$val1_row->id."' and `val1_id` = '".($row->id)."' and `date` = $id";
			}
			else
			{
				$query = "INSERT INTO `courses` (`val1_id` ,`val1_number` , `val2_id` ,`val2_number` , `course` , `back_course` , `date`) VALUES ('".($row->id)."',$nominal,'".$val1_row->id."',1, $value, '".round(1/$value,6)."', '".$time."');";
				
			}
			mysql_query($query);
			
			/*echo $query;
			echo "<BR>";*/
		}
		
		$_SESSION['STATUS_MSG'] = "Информация успешно сохранена!";
		header("Location: ./index.php");
		exit;
	}
}

foreach($fields as $key=>$value)
{
	$fields[$key] = array($value[0], $$value[0], $value[2], $$value[2]);
//	$smarty->assign($value[0],$$value[0]);
//	$smarty->assign($value[2],$$value[2]);
}

/* smarty */
$smarty->assign('id',$id);

$page_title = $id>0?"Редактирование курса на ".strftime("%d %h %Y", $id):"Добавление курса";
$smarty->assign('index_page','./index.php?l_pager');
$smarty->assign('page_title',$page_title);
$smarty->assign('top_menu_tpl',"admin_cources_menu.tpl");

$smarty->assign('error',$error);
$smarty->assign('status',$status);

/* table template */
$smarty->assign('fields',$fields);
$smarty->assign('table_width',"95%");
$smarty->assign('main_tpl',"admin_courses_form.tpl");
/* display content */
$smarty->display('admin_index.tpl');

?>