Сайт временно не работает q("select company.id as id, company.str_id, company.name as name, company.address_1 as address1, company.phone as phone, city.name as city, city.id as city_id from company, city where (company.city_id=city.id) and (company.reg_code='".$Company_Reg_code."');"); if(!($company_data = $company_res->fetch())) { require_once("404_inside.php"); exit; } $Company_id = $company_data["id"]; $user_id = intval($_SESSION["id"]); $review_res = $db->q("select date_post, review_text, mark, review_id, DATE_FORMAT(date_post, '%d.%m.%Y') as date_post_str from review where (review.company_id=".$Company_id.") and (review.user_id=".$user_id.") and (review.filtered=0) order by id desc;"); if($rating) { $mark = $rating; } else { $mark = "0"; } $review_text = ""; if($rid != "") { if(!$_SESSION["id"]) { redirect($RootPath."login/?return_url=".urldecode(substr($_SERVER['REQUEST_URI'],1))); exit; } $rid_res = $db->q("select id, mark,review_text from review where review_id='".$rid."' and user_id=".$user_id.";"); if($rid_res->rowcount() == 0) { require_once("404_inside.php"); exit; } else if($rid_data = $rid_res->fetch()) { $mark = $rid_data["mark"]; $review_text = str_replace("
", "\n", $rid_data["review_text"]); } } $edit_date_user_id_arr = array("29","33","1640"); $edit_date_user_email_arr = array("adil.kz","adil.kz","nurlan.kz"); if(!$rid && (in_array($_SESSION["id"], $edit_date_user_id_arr))) { $adm_is = 1; $adm_date_post_str = date("d.m.Y"); $adm_user_id_key = array_search($_SESSION["id"], $edit_date_user_id_arr); //$adm_user_id = 0; } if($_SERVER['REQUEST_METHOD']=="POST") { if($adm_is) { $adm_date_post_str = $_POST["date_post"]; $date_elements = explode('.',$_POST["date_post"]); $adm_date_post = $date_elements[2]."-".$date_elements[1]."-".$date_elements[0]; if($adm_date_post==date("Y-m-d")) { $is_curr_day = true; } $adm_user_id = intval($_POST["user_id"]); if($adm_user_id == 0) { $adm_user_id = intval($_SESSION["id"]); } elseif($adm_user_id == -1) { $user_first_name = htmlspecialchars($_POST["user_first_name"]); $user_last_name = htmlspecialchars($_POST["user_last_name"]); $user_gender = intval($_POST["user_gender"])+1; if($user_first_name == "") { $err_ar['first_name'] = 1; $infoAlert[0] = "error"; $infoAlert[1] = "Не указано Имя!"; } if(!$err_ar['first_name']) { if(mb_strlen($user_first_name, "UTF-8") > 40) { $err_ar['first_name'] = 1; $infoAlert[0] = "error"; $infoAlert[1] = "Поле \"Имя\" слишком длинное! Должно быть ограничено 40 символами."; } } if(!$err_ar['first_name']) { if(preg_match("/[^(\w)|(\x7F-\xFF)]/", $user_first_name)) { $err_ar['first_name'] = 1; $infoAlert[0] = "error"; $infoAlert[1] = "В поле \"Имя\" введены недопустимые символы! Допустимы только буквы, цифры и подчеркивание!"; } } if($user_last_name == "") { $err_ar['last_name']=1; $infoAlert[0] = "error"; $infoAlert[1] = "Не указана Фамилия! (Достаточно ввести первую букву)"; } if(!$err_ar['last_name']) { if(mb_strlen($user_last_name, "UTF-8") > 50) { $err_ar['last_name'] = 1; $infoAlert[0] = "error"; $infoAlert[1] = "Поле \"Фамилия\" слишком длинное! Должно быть ограничено 50 символами."; } } if(!$err_ar['last_name']) { if(preg_match("/[^(\w)|(\x7F-\xFF)]/", $user_last_name)) { $err_ar['last_name'] = 1; $infoAlert[0] = "error"; $infoAlert[1] = "В поле \"Фамилия\" введены недопустимые символы! Допустимы только буквы, цифры и подчеркивание!"; } } } } $mark = intval($_POST["rating"]); $review_text = stripslashes(strip_tags(trim($_POST["comment"]))); $review_text = removeEmoji($review_text); //if($review_text == $default_value) $review_text = ""; //проверка обязательных для конкретного сайта полей if(!csrf_check("review_rate_form")) { require_once("forbidden403.php"); exit; } else if(!in_array($mark, array('1', '2', '3', '4', '5'))) { $infoAlert[0] = "error"; $infoAlert[1] = "Вам нужно выставить оценку."; } else if(trim($review_text) == "") { $infoAlert[0] = "error"; $infoAlert[1] = "Объясните свою оценку другим."; } if($infoAlert[0] <> "error") { if($rid != "") { if(!$_SESSION["id"]) { $infoAlert[0] = "error"; $infoAlert[1] = "Нужно зарегистрироваться прежде чем писать отзыв."; } else { $arFieldNamePar = Array("review_text", "review_length", "mark", "date_edit"); $arFieldValuePar = Array($review_text, mb_strlen($review_text, "UTF-8"), $mark, date("Y-m-d H:i:s")); $res = $db->update("review", $arFieldNamePar, $arFieldValuePar, $rid_data["id"]); if(!$res) { $infoAlert[0] = "error"; $infoAlert[1] = "Не удалось редактировать отзыв. Попробуйте еще раз позже."; } else { $_SESSION["info_type"] = "success"; $_SESSION["info"] = "Вы успешно изменили свой отзыв."; UpdateBizReviewTotal($Company_id); } } } else { $f_res = $db->q("select id from review where review.company_id=".$Company_id." and review.first=1 and review.filtered=0;"); if($f_res->rowcount()>0) {$IsFirst=0;} else {$IsFirst=1;} if(!intval($_SESSION["id"])) { $review_id = CreateRegCode(); $arFieldNamePar = Array("review_text", "review_length", "user_id", "company_id", "mark", "posted", "first", "review_id", "last_review", "is_update", "source", "date_post", "date_edit"); $arFieldValuePar = Array($review_text, mb_strlen($review_text, "UTF-8"), intval($_SESSION["id"]), $Company_id, $mark, "1", $IsFirst, $review_id, 1, 0, "desktop", date("Y-m-d H:i:s"), date("Y-m-d H:i:s")); $res = $db->insert("review", $arFieldNamePar, $arFieldValuePar, true); if(!$res) { $infoAlert[0] = "error"; $infoAlert[1] = "Не удалось изменить отзыв. Попробуйте еще раз позже."; } else { $nuid_return = nuid_create("review", $db->lastinsertid()); $redirect_url = $RootPath."login?return_url=".urlencode($RootPath."biz/".$company_data["str_id"])."&nuid_return=".$nuid_return; $_SESSION["info_type"] = "success"; $_SESSION["info"] = "Ваш отзыв сохранен и будет опубликован, когда Вы войдете на ".$l->g("wikicity"); redirect($redirect_url); exit; } } $sec_befor10 = date('Y-m-d H:i:s', (strtotime(date('Y-m-d H:i:s'))-10)); $prev_res = $db->q("select id from review where review.company_id=".$Company_id." and review.user_id=".intval($_SESSION["id"])." and date_post>'".$sec_befor10."';"); if($prev_res->rowcount() > 0) { $_SESSION["info_type"] = "warning"; $_SESSION["info"] = "Вы пытались опубликовать больше одного отзыва одновременно. Один из них сохранен."; if($return_url != "") { redirect($RootPath.$return_url); exit; } else { redirect($RootPath."biz/".$company_data["str_id"]); exit; } } if($review_res->rowcount()>0) { $update_res = $db->q("update review set last_review=0 where (review.company_id=".$Company_id.") and (review.user_id=".intval($_SESSION["id"]).");"); $update = 1; } else {$update = 0;} $review_id = CreateRegCode(); if($adm_is) { if($adm_user_id > 0) { $user_r = $db->q("select DATE_FORMAT(insert_date, '%Y-%m-%d') as insert_date from user where id=".$adm_user_id." limit 1;"); if($adm_user_data = $user_r->fetch()) { if($adm_user_data["insert_date"] > $adm_date_post) { $arFieldNamePar = Array("insert_date"); $arFieldValuePar = Array($adm_date_post); $res = $db->update("user", $arFieldNamePar, $arFieldValuePar, $adm_user_id); } } } elseif($adm_user_id == -1) { $email_end = $edit_date_user_email_arr[$adm_user_id_key]; $email_start = mb_strtolower(mb_substr(transliterate($user_first_name."-".$user_last_name), 0, 30, 'UTF-8'), 'UTF-8'); $r1 = $db->q("select id from user where e_mail='".$email_start."@".$email_end."' limit 1;"); while($biz_str = $r1->fetch()) { $i++; $email_start = $email_start.$i; $r1 = $db->q("select id from user where e_mail='".$email_start."@".$email_end."' limit 1;"); } $arFieldNamePar = Array("first_name", "last_name", "e_mail", "password", "password_md5", "country_id", "city_id", "reg_code", "gender", "insert_date", "edit_date"); $arFieldValuePar = Array($user_first_name, $user_last_name, $email_start."@".$email_end, $email_end, md5($email_end), 1, 1, CreateRegCode(), $user_gender, $adm_date_post, date("Y-m-d H:i:s")); $res = $db->insert("user", $arFieldNamePar, $arFieldValuePar); $r1 = $db->q("select id from user where e_mail='".$email_start."@".$email_end."' order by id desc limit 1;"); if($new_user = $r1->fetch()) { $adm_user_id = $new_user["id"]; } } elseif($adm_user_id == 0) { $adm_user_id = intval($_SESSION["id"]); } $arFieldNamePar = Array("review_text", "review_length", "user_id", "company_id", "mark", "posted", "first", "review_id", "last_review", "is_update", "source", "date_post", "date_edit"); $arFieldValuePar = Array($review_text, mb_strlen($review_text, "UTF-8"), intval($adm_user_id), $Company_id, $mark, "1", $IsFirst, $review_id, 1, $update, "desktop", $adm_date_post, date("Y-m-d H:i:s")); } else { $arFieldNamePar = Array("review_text", "review_length", "user_id", "company_id", "mark", "posted", "first", "review_id", "last_review", "is_update", "source", "date_post", "date_edit"); $arFieldValuePar = Array($review_text, mb_strlen($review_text, "UTF-8"), intval($_SESSION["id"]), $Company_id, $mark, "1", $IsFirst, $review_id, 1, $update, "desktop", date("Y-m-d H:i:s"), date("Y-m-d H:i:s")); } $res = $db->insert("review", $arFieldNamePar, $arFieldValuePar); if(!$res) { $infoAlert[0] = "error"; $infoAlert[1] = "Не удалось добавить отзыв. Попробуйте еще раз позже."; } else { UpdateBizReviewTotal($Company_id); if($adm_is) { UpdateUserReviewCount(intval($adm_user_id)); SaveActivity("review", intval($adm_user_id), $company_data["city_id"], 0, $Company_id); if($is_curr_day) { require_once($DocRoot."model/mailing.php"); $mailing = new mailing(); $mailing->review($review_id); } } else { UpdateUserReviewCount($_SESSION["id"]); SaveActivity("review", $_SESSION["id"], $company_data["city_id"], 0, $Company_id); require_once($DocRoot."model/mailing.php"); $mailing = new mailing(); $mailing->review($review_id); } $_SESSION["info_type"] = "success"; $_SESSION["info"] = "Ваш отзыв успешно опубликован. "; if($_POST["popup"] == '1') {exit;} } } if($_SESSION["info_type"] == "success") { if($return_url != "") { redirect($RootPath.$return_url); exit; } else { redirect($RootPath."biz/".$company_data["str_id"]); exit; } } } } //Для заголовка страницы > if($rid != "") { $meta_title = "Редактировать "; $header_title = $l->g("edit-review"); } elseif($review_res->rowcount()==0) { $meta_title = "Написать "; $header_title = $l->g("writeareview"); } else { $meta_title = "Написать еще один "; $header_title = $l->g("refresh-a-review"); } $meta_title .= "отзыв по ".htmlspecialchars($company_data["name"])." (".htmlspecialchars($company_data["address1"]).")"; $meta_description = $l->g("meta-desc-default", $l->g("wikicity")); $meta_keywords = $l->g("wikicity").",".$l->g("review").",".htmlspecialchars($company_data["name"]).",".$company_data["city"]; //Для заголовка страницы < $js_arr[0]["type"] = "file"; $js_arr[0]["data"] = $l->root."js/rating.js?1.001"; require("biz_owner_header_post.php"); ?>
q("select user.reg_code, user.gender, user.friend_count, user.review_count, review.mark, concat(user.first_name,' ', left(user.last_name,1),'.') as first_name, review.review_text, DATE_FORMAT(review.date_post, '%d.%m.%Y') as date_post, (select img from image where table_name='User' and rec_id=user.id and main=1 limit 1) as img_path from review, user where (review.company_id=".$Company_id.") and (review.user_id=user.id) and review.filtered=0 and (review.posted=1) order by review.date_post desc limit 7;"); if($review_res->rowcount()>0) { ?>