File size: 6Kb
<?php
/**
* Created by PhpStorm.
* User: Valeriy Shikuta aka Str@nnik
* Date: 15.02.2016
* Time: 12:30
* File: edit_ad.php
* ICQ: 609-745-227
* E-mail: [email protected]
*/
$ad = mysql_fetch_assoc(mysql_query("SELECT * FROM `board_ads` WHERE `id` = $id"));
if ($id && $user_id == $ad['user_id'] || $rights >= 7)
{
require_once ('../incfiles/lib/class.upload.php');
echo '<div class="phdr">' . $ad['name'] . '</div>';
if (isset($_POST['submit']))
{
$author = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = " . $ad['user_id'] . ""));
$name = isset($_POST['name']) ? mb_substr(functions::checkin(trim($_POST['name'])), 0, 50) : null;
$desc = isset($_POST['desc']) ? mb_substr(functions::checkin(trim($_POST['desc'])), 0, 1000) : null;
$days = isset($_POST['days']) ? abs(intval($_POST['days'])) : 0;
$end = (time() > $ad['end']) ? time() + (3600 * 24 * $days) : $ad['end'];
$error = array();
if (empty($name))
$error[] = 'Введите название объявления!';
if (empty($desc))
$error[] = 'Введите описание объявления!';
if (time() > $ad['end'] && ($days == 0 || $days < 0))
$error[] = 'Количество дней должно быть больше нуля!';
if ($set_board['pay'] == 1 && (($days - $set_board['free_days']) * $set_board['price']) > $author['balans'])
$error[] = 'Недостаточно средств на балансе!';
if (!$error)
{
$handle = new upload($_FILES['img']);
if ($handle->uploaded)
{
$fname = time();
$handle->file_new_name_body = $fname;
$handle->allowed = array (
'image/jpeg',
'image/jpg',
'image/gif',
'image/png'
);
$handle->file_max_size = 1024 * $set['flsz'];
$handle->file_overwrite = true;
$handle->image_convert = 'png';
$handle->process('../images/board/');
$handle->file_new_name_body = $fname;
$handle->file_overwrite = true;
$handle->image_resize = true;
$handle->image_x = 25;
$handle->image_y = 25;
$handle->image_convert = 'png';
$handle->process('../images/board/small/');
if ($handle->processed)
{
mysql_query("UPDATE `board_ads` SET
`img` = '" . $fname . "',
`name` = '" . mysql_real_escape_string($name) . "',
`desc` = '" . mysql_real_escape_string($desc) . "',
`end` = $end WHERE `id` = $id");
}
else
{
echo functions::display_error($handle->error);
}
$handle->clean();
}
else
{
mysql_query("UPDATE `board_ads` SET
`name` = '" . mysql_real_escape_string($name) . "',
`desc` = '" . mysql_real_escape_string($desc) . "',
`end` = $end WHERE `id` = $id");
}
if ($set_board['pay'] == 1)
{
$price = ($days - $set_board['free_days']) * $set_board['price'];
mysql_query("UPDATE `users` SET `balans` = `balans` - $price WHERE `id` = $user_id");
}
if (time() > $ad['end'])
mysql_query("UPDATE `board_ads` SET `status` = 1 WHERE `id` = $id");
header('location: ./?act=view&id=' . $id);
}
else
{
echo functions::display_error($error, '<a href="' . $_SERVER['HTTP_REFERER'] . '">Повторить</a>');
}
}
else
{
echo '<div class="gmenu"><form action="./?act=edit_ad&id=' . $id . '" method="post" name="form" enctype="multipart/form-data">'
. '<p>Название объявления (max 50):</p>'
. '<input type="text" name="name" value="' . $ad['name'] . '">'
. '<p>Описание (max 1000):<br>';
echo bbcode::auto_bb('form', 'desc');
echo '<textarea rows="' . $set_user['field_h'] . '" name="desc">' . $ad['desc'] . '</textarea></p>'
. '<p>Изображение (если загрузите новое - старое будет удалено:</p>';
echo (!empty($ad['img'])) ? '<a href="../images/board/' . $ad['img'] . '.png"><img src="../images/board/' . $ad['img'] . '.png" width="100" height="100" alt="' . $ad['img'] . '"></a><br>' : null;
echo '<input type="file" name="img">';
if (time() > $ad['end'])
{
if ($set_board['pay'] == 1)
{
echo '<p>Время объявления исчерпано, на сколько дней продолжить? <li>Включен лимит бесплатных дней. Стоимость ' . $set_board['price'] . ' баллов/день, ' . $set_board['free_days'] . ' дней показ бесплатный</li></p>'
. '<input type="text" size="2" name="days" value="' . $set_board['free_days'] . '">';
}
else
{
echo '<p>Время объявления исчерпано, на сколько дней продолжить? <li>Лимит бесплатных дней отключен</li></p>'
. '<input type="text" size="2" name="days">';
}
}
echo '<p><input type="submit" name="submit" value="Сохранить"></p>'
. '</form></div>';
}
echo '<div class="menu"><a href="./?act=view&id=' . $id . '">К объявлению</a></div>';
}
else
{
header('location: ./?');
}