<?php
// --------------------------------------------------------------------------
//
// Esvon Classifieds v.4.0
// Copyright(C), Esvon LTD, 2001-2010, All Rights Reserved.
// E-mail: hide@address.com
//
// All forms of reproduction, including, but not limited to, internet posting,
// printing, e-mailing, faxing and recording are strictly prohibited.
// One license required per site running Esvon Classifieds.
// To obtain a license for using Esvon Classifieds, please register at
// http://www.esvon.com/pg/products/p_classifieds/
//
// --------------------------------------------------------------------------
if(!defined('SITE_PATH')) die('Access Denied');
if(!EN_REG_SKIP) CheckLoggedIn();
hwRealm('U_POST_ADS');
$ses_uid = (int)hwSessionGetVar('userid');
if(!$ses_uid){ // Member_Register
$u_ac_pp = hwSessionGetVar('u_ac_pp');
if(!$u_ac_pp){ // init with the cheapest price plan
$u_ac_pp = $db->one_data('SELECT id FROM '.TBL_PAY_PLAN.' WHERE type="SUB" AND enabled=1 ORDER BY fee LIMIT 1');
hwSessionSetVar('u_ac_pp', $u_ac_pp);
}
}
// if only 1 ad allowed - show modify ad page if ad exists
if($ses_uid && AD_ALLOWED == 1){
$v = $db->one_assoc('SELECT link_id,catid FROM '.TBL_AD.' WHERE userid='.$ses_uid.' LIMIT 1');
if($v){
header("Location: index.php?page=modify&id={$v['link_id']}&cid={$v['catid']}");
exit;
}
}
$O_LFS = &Factory::singleton('FieldsSet');
$a_v = hwSessionGetVar('ad_extra');
if($a_v) $O_LFS->UpdateActive($a_v,1);
//$cid = (int)$_GET['cid'];
//if(!$cid && $_POST['cid']) $cid = (int)$_POST['cid']; // failed on like_id category change
$cid = (int)$_REQUEST['cid'];
if($_POST['term'] && !is_array($_POST['term'])) unset($_POST['term']);
// set initial payment plan
$hw_pay_plan = (string)$_GET['hw_pay_plan'];
$A_TERMS = hwGetPayPlans('FEE', $cid, hwSessionGetVar('u_ac_pp'));
$likeid = (int)$_GET['likeid'];
if($likeid && $ses_uid){
$hw_pay_plan = $db->one_data('SELECT hw_pay_plan FROM '.TBL_AD.' WHERE link_id="'.$likeid.'" AND userid='.$ses_uid); //validate
list($hw_pay_plan) = hwGetBasePlanFromStr($hw_pay_plan);
if(!$A_TERMS[$hw_pay_plan]){ // no original pay_plan available
$hw_pay_plan = 'FEE_FREE';
if(!$A_TERMS[$hw_pay_plan]) $hw_pay_plan = key($A_TERMS);
}
}
if(!$hw_pay_plan){
$pp_amt = count($A_TERMS);
if($pp_amt==0){
$pp_total = $db->one_data('SELECT COUNT(*) FROM '.TBL_PAY_PLAN.' WHERE type="FEE" AND enabled="1"');
$u_ac_pp = hwSessionGetVar('u_ac_pp');
$pp_disabled = $db->one_data('SELECT COUNT(*) FROM '.TBL_PP_USER.' WHERE sub_id='.$db->esc($u_ac_pp));
if($pp_total==$pp_disabled) $err_msg = 'No price plans enabled for member plan: '.$u_ac_pp.'. Administrator can do this in "Admin Area :: Price Plans :: Edit '.$u_ac_pp.'"';
else $err_msg = 'No price plan(s) associated with this category. Administrator can do this in "Admin Area :: Price Plans :: Category-specific Plans"';
die($err_msg);
}
elseif($pp_amt==1 || !$ses_uid){ // only one (or autoregister)
$hw_pay_plan = 'FEE_FREE';
if(!$A_TERMS[$hw_pay_plan]) $hw_pay_plan = key($A_TERMS);
}
// elseif(!EN_EXP_DATE && $A_TERMS['FEE_FREE']) $hw_pay_plan = 'FEE_FREE'; // default free plan
}
if(EN_PP_CAT && (!$cid || $_POST['hw_cat_upd'])){ // force to select category first
ShowCatMenuForm();
return;
}
if(!$A_TERMS[$hw_pay_plan]){ // $cid required for EN_PP_CAT
header('Location: index.php?page=order&pg=priceplans&cid='.$cid);
exit;
}
if(!$cid && EN_FSETS) $cid = hwSessionGetVar('FS_ID');
$A_MEDIA_OBJ = &Factory::getMediaObj('ALL', $hw_pay_plan);
if(hwIsModEventAllowed('onLFSObjSetup')){
$args = array(
'O_LFS' => &$O_LFS,
);
hwModEvent('onLFSObjSetup',$args);
}
$O_LFS->usePricePlan($hw_pay_plan);
$err_msg = '';
if(!$err_msg && $ses_uid){
$ads_max = $db->one_data('SELECT hw_ads_max FROM '.TBL_USER.' WHERE id='.$ses_uid);
if(!$ads_max) $ads_max = AD_ALLOWED;
if($ads_max>0){
$ads_now = $db->one_data('SELECT count(*) FROM '.TBL_AD.' WHERE userid='.$ses_uid);
if($ads_now>=$ads_max) $err_msg = hwLng('err_ads_max');
}
}
// post request
if($_POST['go'] && !$err_msg) {
if(!$err_msg && EN_IMG_VER_ITEM){
$o_iv =& Factory::create('Image_Verify');
if(!$o_iv->IsTextOK($_POST['image_verify'])) $err_msg = hwLng('err_img_code');
}
$hw_rid = $_POST['hw_rid'];
// if($hw_rid && $hw_rid==hwSessionGetVar('add_rid')) $err_msg = hwLng('err_submitted');
if(!$err_msg){
include SITE_PATH.'inc/add_item.php';
$err_msg = AddItemValidate( array(
'final_cat_check' => 1,
'hw_pay_plan' => $hw_pay_plan,
) );
}
if(!$err_msg && $A_MEDIA_OBJ) foreach(array_keys($A_MEDIA_OBJ) as $media_id){
$err_msg = $A_MEDIA_OBJ[$media_id]->Validate();
if($err_msg) break;
}
$uid = $ses_uid;
if(!$err_msg && !$ses_uid){
$uid = MemberAutoRegister();
$ses_uid = (int)hwSessionGetVar('userid');
}
if(!$err_msg){
// $_POST['f_title'] = preg_replace('/(\w[^\w\s]+)(\w)/', '\\1 \\2', $_POST['f_title']);
$_HW_ZERO_COST = $A_TERMS[$hw_pay_plan]['FEE'] == 0;
$P_TERMS = array();
if($_POST['term']) foreach($_POST['term'] as $k=>$v){
if(!$v) unset($_POST['term'][$k]);
}
$_HW_POST_REDIR = 0;
if($_POST['term']){
$A_OPTS = hwGetExtraOptions();
foreach($_POST['term'] as $k){
if(strpos($k, '-') === false) continue;
list($opt_name,$opt_val) = explode('-', $k);
if($A_OPTS[$opt_name]){
$_HW_POST_REDIR = 1;
if($A_OPTS[$opt_name]['FEE'][$opt_val] > 0){ $_HW_ZERO_COST = 0; break; }
}
}
}
if(EN_EXP_DATE && $uid){
if(EN_1AD_FREE){
$ok = 1;
if(hwSessionGetVar('free_ad_used') || $_HW_POST_REDIR) $ok = 0;
else{
hwSessionSetVar('free_ad_used',1);
$db->query('UPDATE '.TBL_USER." SET free_ad_used='1' WHERE id='$uid'");
}
if($ok) $_HW_ZERO_COST = 1; // allow first ad for free
}
elseif(in_array('exp_date', hwSessionGetVar('ad_extra')) && !$_HW_POST_REDIR) $_HW_ZERO_COST = 1;
}
$lid = AddItemProcess( array(
'userid' => $uid,
'hw_pay_plan' => $hw_pay_plan,
'pp_switch_on' => $_HW_ZERO_COST,
'user_approved' => $ses_uid ? 1 : 0,
) );
hwSessionSetVar('add_rid',$hw_rid);
$hw_exp_days = $_POST['hw_exp_days'];
if($hw_exp_days && ctype_digit($hw_exp_days) && $_HW_ZERO_COST){
$ql = 'UPDATE '.TBL_AD.' SET exp_date=DATE_ADD('.SQL_NOW.",INTERVAL $hw_exp_days DAY) WHERE link_id='$lid'";
$db->query($ql);
}
// Update Media Files
if($A_MEDIA_OBJ && $lid){
foreach(array_keys($A_MEDIA_OBJ) as $media_id){
$A_MEDIA_OBJ[$media_id]->SetDBKeyVal($lid);
if($likeid) $A_MEDIA_OBJ[$media_id]->DuplicateFiles($likeid);
$A_MEDIA_OBJ[$media_id]->ModifyData();
}
}
if(!$ses_uid){
// just registered w email confirmation
}
elseif($_HW_ZERO_COST && !$_HW_POST_REDIR){
EvalAdvTpl(TPL_PATH.'add_ok.htm', compact('cid','lid'), 1);
}
else{
$url = "index.php?page=order&id=$lid&cid=$cid";
if(!$_HW_POST_REDIR){
header('Location: '.$url);
}
else{
$s = "\n";
if($_POST['term']){
$s.='<input type=hidden name="term[]" value="'.$hw_pay_plan.'">'."\n";
foreach($_POST['term'] as $v) $s.='<input type=hidden name="term[]" value="'.html_esc($v).'">'."\n";
}
$GLOBALS['HW_WRAP'] = 0;
echo '<html><body onLoad="document.frm.submit();">'.
'<form name=frm method=post action="'.$url.'">'.
'<input type=hidden name=hw_back value=1>'.$s.'</form></body></html>';
}
}
$tpl_v = $db->one_assoc("SELECT * FROM ".TBL_AD." WHERE link_id='$lid'");
$tpl_v = $O_LFS->FillCustomFieldsArray($tpl_v);
$tpl_v['id'] = $lid;
$tpl_v['cid'] = $cid;
$tpl_v['userid'] = $uid;
$tpl_v['cname'] = ShowCategoryPath($cid);
$tpl_v['email_rows'] = $O_LFS->GetRowsForMail($_POST);
if(EN_M_AD_POST){
$email_body = EvalAdvTpl(TPL_PATH.'add_notify_adm.mail', $tpl_v);
hwSendMail(ADMIN_EMAIL,ADMIN_EMAIL,'',$email_body);
}
$email = hwSessionGetVar('email');
if(EN_M_POST2USER && IsEmail($email) && $ses_uid){
$email_body = EvalAdvTpl(TPL_PATH.'add.mail', $tpl_v);
hwSendMail($email,ADMIN_EMAIL,'',$email_body);
}
return;
}
}
/*
if(EN_FCAT_ADS && $_SERVER['REQUEST_METHOD'] == 'GET'){
$hw_child = $db->one_data('SELECT count(*) FROM '.TBL_CAT.' WHERE pid="'.$cid.'"');
if($hw_child>0) $err_msg = hwLng('err_final_cat');
}
*/
if(!$_POST['go']) { // get request start
if($A_TERMS[$hw_pay_plan]['DT']){
$O_LFS->SetFieldProperty('VALUE',$A_TERMS[$hw_pay_plan]['DT'],'exp_date');
}
if($ses_uid){
if($likeid){
$a_Ad = $db->one_assoc('SELECT * FROM '.TBL_AD.' WHERE link_id="'.$likeid.'" AND userid='.$ses_uid);
$hw_region_id = $a_Ad['hw_region_id']; // for Regions module
$O_LFS->LoadValues($a_Ad);
}
else{
$O_UFS = &Factory::singleton('FieldsSet', '{user_fields}');
$a_User = $db->one_assoc('SELECT * FROM '.TBL_USER.' WHERE id='.$ses_uid);
$O_UFS->LoadValues($a_User);
$_POST['f_email'] = $a_User['email'];
$hw_region_id = $a_User['hw_region_id']; // for Regions module
unset($a_User);
$O_UFS->rewind();
while($o_f = &$O_UFS->next()){
if($o_f->ACTIVE){
$f_id = substr($o_f->ID,1);
if($O_LFS->A_IDX[$f_id] && $o_f->VALUE) $_POST[$f_id] = $o_f->VALUE;
}
}
}
}
} // get request end
else { // post
if($likeid && $A_MEDIA_OBJ){
$a_Ad = $db->one_assoc('SELECT '.implode(',',array_keys($A_MEDIA_OBJ)).' FROM '.TBL_AD.' WHERE link_id="'.$likeid.'" AND userid="'.$ses_uid.'"');
}
}
if(!$hw_rid) $hw_rid = mt_rand();
$tpl_v = compact('err_msg','hw_rid','hw_pay_plan','ses_uid');
$tpl_v['EN_IMG_VER'] = defined('EN_IMG_VER_ITEM') ? EN_IMG_VER_ITEM : 0;
//$tpl_v['hw_pp_fee'] = $A_TERMS[$hw_pay_plan]['FEE'];
$GLOBALS['hwJsCats'] = '';
$hide_id = 0;
/*if(EN_PP_CAT){
$hide_id = $db->one_col_array('SELECT c.id FROM '.TBL_CAT.' c
LEFT JOIN '.TBL_PP_CAT.' pc ON c.id=pc.cid AND pc.ppid="'.$db->quote($hw_pay_plan).'" WHERE pc.cid IS NULL');
}*/
$tpl_v['cat_path'] = ShowDropDownCategoryList($cid,'cid','',$hide_id, EN_FSETS ? 'OnChange="ReloadCat()"' : '');
$tpl_v['hwJsCats'] = $GLOBALS['hwJsCats'];
unset($GLOBALS['hwJsCats']);
$tpl_v['cid'] = $cid;
$tpl_v['enc_type'] = ($A_MEDIA_OBJ || $O_LFS->A_UPLOAD) ? 'ENCTYPE="multipart/form-data"' : '';
$tpl_v['media_files_upload'] = '';
if($A_MEDIA_OBJ) foreach(array_keys($A_MEDIA_OBJ) as $media_id){
$tpl_v['media_files_upload'].=$A_MEDIA_OBJ[$media_id]->GetMediaArea(TPL_PATH.'media_files_upload.htm', 0, 0, 0, 1);
}
$tpl_v['media_files_copy'] = '';
if($likeid && $A_MEDIA_OBJ) {
foreach(array_keys($A_MEDIA_OBJ) as $media_id){
if(!$a_Ad[$media_id]) continue;
$tpl_v['media_files_copy'].=$A_MEDIA_OBJ[$media_id]->GetDuplicateArea(TPL_PATH.'media_files_copy.htm', $a_Ad[$media_id]);
}
}
$tpl = new HawkTpl;
$tpl->InitArray('row,pay');
// Extra Options block
$A_OPTS = hwGetExtraOptions();
$skipped = 0;
if($A_OPTS){
foreach(array_keys($A_OPTS) as $k){
if(!$A_OPTS[$k]['FEE'] || !$A_OPTS[$k]['EN_ORD']) $skipped++;
}
}
if($A_OPTS && $skipped < count($A_OPTS)){
$tpl->AddCell('pay','','extra_start');
$v = array();
foreach(array_keys($A_OPTS) as $k){
if(!$A_OPTS[$k]['FEE'] || !$A_OPTS[$k]['EN_ORD']) continue;
$v['e_title'] = $A_OPTS[$k]['NAME'];
$v['e_ctl'] = pp_GetPayOptOrderCtl($A_OPTS[$k]);
// $v['e_term'] = intval($A_OPTS[$k]['DT']/86400);
// $tpl_v['ctl_'.$A_OPTS[$k]['ID']] = $v['e_ctl']; // ##ctl_AD_COLOR##
$tpl->AddCell('pay',$v,'extra');
}
$tpl->AddCell('pay','','extra_end');
}
$tpl_v['EX_OPT_EXP'] = EX_OPT_EXP;
// Set Default Language
if(!$_POST['hw_lang_id'] && hwModGetState('Multi_Lang') == 'A') $O_LFS->SetFieldProperty('VALUE', $GLOBALS['HW_LANG'], 'hw_lang_id');
$tpl->readBuf( GetFSetFileName('add.htm') );
$CFG = hwGetFSConfig();
echo $O_LFS->GetPage($tpl, $tpl_v, $CFG['EN_AUTO_ADD'], TRUE);
// funcs area
function pp_GetPayOptOrderCtl($a_v){
static $P_TERMS, $A_OPT;
global $hw_pay_plan;
if(!isset($P_TERMS)){
$P_TERMS = array();
if($_POST['term']) foreach($_POST['term'] as $k){ if($k) $P_TERMS[$k] = 1; }
$A_OPT = hwGetOptsArrFromPlans($hw_pay_plan);
}
$s = '<select name=term[]>';
$eo_active = isset($A_OPT[$a_v['ID']]);
foreach($a_v['FEE'] as $eo_val => $eo_fee){
$eo_text = $a_v['DESCR'][$eo_val];
if(!$eo_text) $eo_text = $eo_val;
$k = $eo_val ? $a_v['ID'].'-'.$eo_val : '';
if($eo_active && $A_OPT[$a_v['ID']]==$eo_val){
$s.='<option selected value="">'.$eo_text.' - '.CURR_SIGN.'0.00';
}
else{
$s.='<option '.($P_TERMS[$k]?'selected ':'')."value=\"$k\">$eo_text - ".CURR_SIGN.$eo_fee;
}
}
$s.= '</select>';
return $s;
}
function ShowCatMenuForm(){
global $db,$A_TERMS,$hw_pay_plan,
$hw_pp_fee,$cat_path,$cid,$ses_uid;
$hide_id = 0;
/*$hide_id = $db->one_col_array('SELECT c.id FROM '.TBL_CAT.' c
LEFT JOIN '.TBL_PP_CAT.' pc ON c.id=pc.cid AND pc.ppid="'.$db->quote($hw_pay_plan).'" WHERE pc.cid IS NULL');
*/
$cat_path = ShowDropDownCategoryList($cid,'cid','',$hide_id);
$hw_pp_fee = $A_TERMS[$hw_pay_plan]['FEE'];
EvalAdvTpl(TPL_PATH.'add_cat_menu.htm','$ses_uid,$hw_pp_fee,$cat_path,$cid',1);
}
function MemberAutoRegister(){
global $db;
if(hwSessionGetVar('userid')) return;
hwSessionDelVar('ses_rnd');
$login = EN_LOGIN_EM ? $_POST['email'] : $_POST['username'];
$pwd = $_POST['pwd'];
include_once SITE_PATH.'inc/auth.inc.php';
if(UserAuthenticate($login,$pwd)) return hwSessionGetVar('userid');
else{
$sql_user = 'SELECT id FROM '.TBL_USER.' WHERE '.(EN_LOGIN_EM ? 'email' : 'username').'='.$db->esc($login);
if ($db->one_data($sql_user)) {
$GLOBALS['err_msg'] = hwLng('err_login');
return;
}
}
// add user
include SITE_PATH.'inc/class.user_member.php';
$O_USER = new SiteMember;
$O_USER->AUTO_MODE = 1;
$O_USER->EN_M_USER_ON_REG = 0;
$a_denied = $db->one_col_array('SELECT sub_id FROM '.TBL_PP_USER.' WHERE fee_id="'.$db->quote($_GLOBALS['hw_pay_plan']).'"');
$sql = 'SELECT id FROM '.TBL_PAY_PLAN.' WHERE type="SUB"';
if($a_denied) $sql.=' AND id NOT IN("'.implode('","',$a_denied).'")';
$sql.=' ORDER BY fee LIMIT 1';
$O_USER->PAY_PLAN = $db->one_data($sql);
$O_USER->AddUser();
if($O_USER->ERR_MSG){
$GLOBALS['err_msg'] = $O_USER->ERR_MSG;
return;
}
// require email confirmation ?
if(EN_CONFIRM_REG){
if(!$_POST['next']) $_POST['next'] = '1';
$O_USER->ConfirmReg();
$uid = $db->one_data($sql_user);
$db->query('UPDATE '.TBL_USER.' SET disabled=1 WHERE id='.$uid);
return $uid;
}
else{
UserAuthenticate($login,$pwd);
return hwSessionGetVar('userid');
}
}
?>