Сайт временно не работает
$dblocation = "localhost";
$dbuser = "wikicity";
$dbpasswd = "oc9ha77gX7d83FS";
$dbname = "wikicity1";
$SiteName = "Wikicity";
$RootPath="https://wikicity.kz/";
$mRootPath="https://m.wikicity.kz/";
$RootPath_no_slash="https://wikicity.kz";
$DocRoot=$_SERVER["DOCUMENT_ROOT"];
$bRootPath="https://wikicity.kz/biz_owner/";
$mDocRoot=$_SERVER["DOCUMENT_ROOT"]."/m/";
$PhotoRoot=$DocRoot."fotos/";
$PhotoRoot_original=$DocRoot."fotos_original/";
$PhotoRoot_ls=$DocRoot."fotos_ls/";
$PhotoRoot_ms=$DocRoot."fotos_ms/";
$PhotoRoot_ss=$DocRoot."fotos_ss/";
$PhotoRoot_xss=$DocRoot."fotos_xss/";
$ImagePath="https://wikicity.kz/fotos/";
$ImagePath_original="https://wikicity.kz/fotos_original/";
$ImagePath_ls="https://wikicity.kz/fotos_ls/";
$ImagePath_ms="https://wikicity.kz/fotos_ms/";
$ImagePath_ss="https://wikicity.kz/fotos_ss/";
$ImagePath_xss="https://wikicity.kz/fotos_xss/";
$admin_email = "adil_askarov@mail.ru";
$vk_client_id = "3424744";
$vk_client_secret = "TEcVVzj26rUkXTJOCpTw";
$fb_client_id = "218254644982579";
$fb_client_secret = "49728228a99848054d1d1a8d695f4662";
?>
$main_menu_id = 3;
$Page_n = "writeareview_biz_new";
require($DocRoot."header_pre.php");
$is_noindex = true;
$default_value = "Ваш отзыв поможет другим пользователям узнать о достойных представителях бизнеса в вашем городе. \n\nПожалуйста, не пишите отзыв по месту, если Вы являетесь или каким-либо образом связаны с владельцем или сотрудниками этого места.";
$Company_Reg_code = htmlspecialchars($_GET["Reg_code"]);
$rid = htmlspecialchars($_GET["rid"]);
$rating = intval($_GET["rating"]);
$list_id = intval($_GET["list_id"]);
$return_url = $_GET["return_url"];
$company_res = $db->q("select company.id as id, company.str_id, company.name as name, company.address_1 as address1,
company.phone as phone, city.name as city, city.id as city_id
from company, city
where (company.city_id=city.id) and (company.reg_code='".$Company_Reg_code."');");
if(!($company_data = $company_res->fetch())) {
require_once("404_inside.php");
exit;
}
$Company_id = $company_data["id"];
$user_id = intval($_SESSION["id"]);
$review_res = $db->q("select date_post, review_text, mark, review_id, DATE_FORMAT(date_post, '%d.%m.%Y') as date_post_str
from review where (review.company_id=".$Company_id.") and (review.user_id=".$user_id.") and (review.filtered=0) order by id desc;");
if($rating) {
$mark = $rating;
} else {
$mark = "0";
}
$review_text = "";
if($rid != "") {
if(!$_SESSION["id"]) {
redirect($RootPath."login/?return_url=".urldecode(substr($_SERVER['REQUEST_URI'],1)));
exit;
}
$rid_res = $db->q("select id, mark,review_text from review where review_id='".$rid."' and user_id=".$user_id.";");
if($rid_res->rowcount() == 0) {
require_once("404_inside.php");
exit;
} else
if($rid_data = $rid_res->fetch()) {
$mark = $rid_data["mark"];
$review_text = str_replace("
", "\n", $rid_data["review_text"]);
}
}
$edit_date_user_id_arr = array("29","33","1640");
$edit_date_user_email_arr = array("adil.kz","adil.kz","nurlan.kz");
if(!$rid && (in_array($_SESSION["id"], $edit_date_user_id_arr))) {
$adm_is = 1;
$adm_date_post_str = date("d.m.Y");
$adm_user_id_key = array_search($_SESSION["id"], $edit_date_user_id_arr);
//$adm_user_id = 0;
}
if($_SERVER['REQUEST_METHOD']=="POST") {
if($adm_is) {
$adm_date_post_str = $_POST["date_post"];
$date_elements = explode('.',$_POST["date_post"]);
$adm_date_post = $date_elements[2]."-".$date_elements[1]."-".$date_elements[0];
if($adm_date_post==date("Y-m-d")) {
$is_curr_day = true;
}
$adm_user_id = intval($_POST["user_id"]);
if($adm_user_id == 0) {
$adm_user_id = intval($_SESSION["id"]);
} elseif($adm_user_id == -1) {
$user_first_name = htmlspecialchars($_POST["user_first_name"]);
$user_last_name = htmlspecialchars($_POST["user_last_name"]);
$user_gender = intval($_POST["user_gender"])+1;
if($user_first_name == "") {
$err_ar['first_name'] = 1;
$infoAlert[0] = "error";
$infoAlert[1] = "Не указано Имя!";
}
if(!$err_ar['first_name']) {
if(mb_strlen($user_first_name, "UTF-8") > 40) {
$err_ar['first_name'] = 1;
$infoAlert[0] = "error";
$infoAlert[1] = "Поле \"Имя\" слишком длинное! Должно быть ограничено 40 символами.";
}
}
if(!$err_ar['first_name']) {
if(preg_match("/[^(\w)|(\x7F-\xFF)]/", $user_first_name)) {
$err_ar['first_name'] = 1;
$infoAlert[0] = "error";
$infoAlert[1] = "В поле \"Имя\" введены недопустимые символы! Допустимы только буквы, цифры и подчеркивание!";
}
}
if($user_last_name == "") {
$err_ar['last_name']=1;
$infoAlert[0] = "error";
$infoAlert[1] = "Не указана Фамилия! (Достаточно ввести первую букву)";
}
if(!$err_ar['last_name']) {
if(mb_strlen($user_last_name, "UTF-8") > 50) {
$err_ar['last_name'] = 1;
$infoAlert[0] = "error";
$infoAlert[1] = "Поле \"Фамилия\" слишком длинное! Должно быть ограничено 50 символами.";
}
}
if(!$err_ar['last_name']) {
if(preg_match("/[^(\w)|(\x7F-\xFF)]/", $user_last_name)) {
$err_ar['last_name'] = 1;
$infoAlert[0] = "error";
$infoAlert[1] = "В поле \"Фамилия\" введены недопустимые символы! Допустимы только буквы, цифры и подчеркивание!";
}
}
}
}
$mark = intval($_POST["rating"]);
$review_text = stripslashes(strip_tags(trim($_POST["comment"])));
$review_text = removeEmoji($review_text);
//if($review_text == $default_value) $review_text = "";
//проверка обязательных для конкретного сайта полей
if(!csrf_check("review_rate_form")) {
require_once("forbidden403.php");
exit;
} else
if(!in_array($mark, array('1', '2', '3', '4', '5'))) {
$infoAlert[0] = "error";
$infoAlert[1] = "Вам нужно выставить оценку.";
} else
if(trim($review_text) == "") {
$infoAlert[0] = "error";
$infoAlert[1] = "Объясните свою оценку другим.";
}
if($infoAlert[0] <> "error") {
if($rid != "") {
if(!$_SESSION["id"]) {
$infoAlert[0] = "error";
$infoAlert[1] = "Нужно зарегистрироваться прежде чем писать отзыв.";
} else {
$arFieldNamePar = Array("review_text", "review_length", "mark", "date_edit");
$arFieldValuePar = Array($review_text, mb_strlen($review_text, "UTF-8"), $mark, date("Y-m-d H:i:s"));
$res = $db->update("review", $arFieldNamePar, $arFieldValuePar, $rid_data["id"]);
if(!$res) {
$infoAlert[0] = "error";
$infoAlert[1] = "Не удалось редактировать отзыв. Попробуйте еще раз позже.";
} else {
$_SESSION["info_type"] = "success";
$_SESSION["info"] = "Вы успешно изменили свой отзыв.";
UpdateBizReviewTotal($Company_id);
}
}
} else {
$f_res = $db->q("select id from review where review.company_id=".$Company_id." and review.first=1 and review.filtered=0;");
if($f_res->rowcount()>0) {$IsFirst=0;} else {$IsFirst=1;}
if(!intval($_SESSION["id"])) {
$review_id = CreateRegCode();
$arFieldNamePar = Array("review_text", "review_length", "user_id", "company_id", "mark", "posted", "first", "review_id", "last_review", "is_update", "source", "date_post", "date_edit");
$arFieldValuePar = Array($review_text, mb_strlen($review_text, "UTF-8"), intval($_SESSION["id"]), $Company_id, $mark, "1", $IsFirst, $review_id, 1, 0, "desktop", date("Y-m-d H:i:s"), date("Y-m-d H:i:s"));
$res = $db->insert("review", $arFieldNamePar, $arFieldValuePar, true);
if(!$res) {
$infoAlert[0] = "error";
$infoAlert[1] = "Не удалось изменить отзыв. Попробуйте еще раз позже.";
} else {
$nuid_return = nuid_create("review", $db->lastinsertid());
$redirect_url = $RootPath."login?return_url=".urlencode($RootPath."biz/".$company_data["str_id"])."&nuid_return=".$nuid_return;
$_SESSION["info_type"] = "success";
$_SESSION["info"] = "Ваш отзыв сохранен и будет опубликован, когда Вы войдете на ".$l->g("wikicity");
redirect($redirect_url);
exit;
}
}
$sec_befor10 = date('Y-m-d H:i:s', (strtotime(date('Y-m-d H:i:s'))-10));
$prev_res = $db->q("select id from review where review.company_id=".$Company_id." and review.user_id=".intval($_SESSION["id"])." and date_post>'".$sec_befor10."';");
if($prev_res->rowcount() > 0) {
$_SESSION["info_type"] = "warning";
$_SESSION["info"] = "Вы пытались опубликовать больше одного отзыва одновременно. Один из них сохранен.";
if($return_url != "") {
redirect($RootPath.$return_url);
exit;
}
else {
redirect($RootPath."biz/".$company_data["str_id"]);
exit;
}
}
if($review_res->rowcount()>0) {
$update_res = $db->q("update review set last_review=0 where (review.company_id=".$Company_id.") and (review.user_id=".intval($_SESSION["id"]).");");
$update = 1;
} else {$update = 0;}
$review_id = CreateRegCode();
if($adm_is) {
if($adm_user_id > 0) {
$user_r = $db->q("select DATE_FORMAT(insert_date, '%Y-%m-%d') as insert_date from user where id=".$adm_user_id." limit 1;");
if($adm_user_data = $user_r->fetch()) {
if($adm_user_data["insert_date"] > $adm_date_post) {
$arFieldNamePar = Array("insert_date");
$arFieldValuePar = Array($adm_date_post);
$res = $db->update("user", $arFieldNamePar, $arFieldValuePar, $adm_user_id);
}
}
} elseif($adm_user_id == -1) {
$email_end = $edit_date_user_email_arr[$adm_user_id_key];
$email_start = mb_strtolower(mb_substr(transliterate($user_first_name."-".$user_last_name), 0, 30, 'UTF-8'), 'UTF-8');
$r1 = $db->q("select id from user where e_mail='".$email_start."@".$email_end."' limit 1;");
while($biz_str = $r1->fetch()) {
$i++;
$email_start = $email_start.$i;
$r1 = $db->q("select id from user where e_mail='".$email_start."@".$email_end."' limit 1;");
}
$arFieldNamePar = Array("first_name", "last_name", "e_mail", "password", "password_md5", "country_id", "city_id", "reg_code", "gender", "insert_date", "edit_date");
$arFieldValuePar = Array($user_first_name, $user_last_name, $email_start."@".$email_end, $email_end, md5($email_end), 1, 1, CreateRegCode(), $user_gender, $adm_date_post, date("Y-m-d H:i:s"));
$res = $db->insert("user", $arFieldNamePar, $arFieldValuePar);
$r1 = $db->q("select id from user where e_mail='".$email_start."@".$email_end."' order by id desc limit 1;");
if($new_user = $r1->fetch()) {
$adm_user_id = $new_user["id"];
}
} elseif($adm_user_id == 0) {
$adm_user_id = intval($_SESSION["id"]);
}
$arFieldNamePar = Array("review_text", "review_length", "user_id", "company_id", "mark", "posted", "first", "review_id", "last_review", "is_update", "source", "date_post", "date_edit");
$arFieldValuePar = Array($review_text, mb_strlen($review_text, "UTF-8"), intval($adm_user_id), $Company_id, $mark, "1", $IsFirst, $review_id, 1, $update, "desktop", $adm_date_post, date("Y-m-d H:i:s"));
} else {
$arFieldNamePar = Array("review_text", "review_length", "user_id", "company_id", "mark", "posted", "first", "review_id", "last_review", "is_update", "source", "date_post", "date_edit");
$arFieldValuePar = Array($review_text, mb_strlen($review_text, "UTF-8"), intval($_SESSION["id"]), $Company_id, $mark, "1", $IsFirst, $review_id, 1, $update, "desktop", date("Y-m-d H:i:s"), date("Y-m-d H:i:s"));
}
$res = $db->insert("review", $arFieldNamePar, $arFieldValuePar);
if(!$res) {
$infoAlert[0] = "error";
$infoAlert[1] = "Не удалось добавить отзыв. Попробуйте еще раз позже.";
} else {
UpdateBizReviewTotal($Company_id);
if($adm_is) {
UpdateUserReviewCount(intval($adm_user_id));
SaveActivity("review", intval($adm_user_id), $company_data["city_id"], 0, $Company_id);
if($is_curr_day) {
require_once($DocRoot."model/mailing.php");
$mailing = new mailing();
$mailing->review($review_id);
}
} else {
UpdateUserReviewCount($_SESSION["id"]);
SaveActivity("review", $_SESSION["id"], $company_data["city_id"], 0, $Company_id);
require_once($DocRoot."model/mailing.php");
$mailing = new mailing();
$mailing->review($review_id);
}
$_SESSION["info_type"] = "success";
$_SESSION["info"] = "Ваш отзыв успешно опубликован. ";
if($_POST["popup"] == '1') {exit;}
}
}
if($_SESSION["info_type"] == "success") {
if($return_url != "") {
redirect($RootPath.$return_url);
exit;
}
else {
redirect($RootPath."biz/".$company_data["str_id"]);
exit;
}
}
}
}
//Для заголовка страницы >
if($rid != "") {
$meta_title = "Редактировать ";
$header_title = $l->g("edit-review");
} elseif($review_res->rowcount()==0) {
$meta_title = "Написать ";
$header_title = $l->g("writeareview");
} else {
$meta_title = "Написать еще один ";
$header_title = $l->g("refresh-a-review");
}
$meta_title .= "отзыв по ".htmlspecialchars($company_data["name"])." (".htmlspecialchars($company_data["address1"]).")";
$meta_description = $l->g("meta-desc-default", $l->g("wikicity"));
$meta_keywords = $l->g("wikicity").",".$l->g("review").",".htmlspecialchars($company_data["name"]).",".$company_data["city"];
//Для заголовка страницы <
$js_arr[0]["type"] = "file";
$js_arr[0]["data"] = $l->root."js/rating.js?1.001";
require("biz_owner_header_post.php");
?>