Location: PHPKode > projects > Esvon Personals > esvon-personals/inc/pages/add.php
<?php

// --------------------------------------------------------------------------
//
// Esvon Classifieds v.4.0
// Copyright(C), Esvon LTD, 2001-2010, All Rights Reserved.
// E-mail: hide@address.com
//
// All forms of reproduction, including, but not limited to, internet posting, 
// printing, e-mailing, faxing and recording are strictly prohibited.
// One license required per site running Esvon Classifieds. 
// To obtain a license for using Esvon Classifieds, please register at
// http://www.esvon.com/pg/products/p_classifieds/
//
// --------------------------------------------------------------------------

if(!defined('SITE_PATH')) die('Access Denied');

if(!EN_REG_SKIP) CheckLoggedIn();

hwRealm('U_POST_ADS');

$ses_uid = (int)hwSessionGetVar('userid');

if(!$ses_uid){ // Member_Register
  $u_ac_pp = hwSessionGetVar('u_ac_pp');
  if(!$u_ac_pp){ // init with the cheapest price plan
    $u_ac_pp = $db->one_data('SELECT id FROM '.TBL_PAY_PLAN.' WHERE type="SUB" AND enabled=1 ORDER BY fee LIMIT 1');
    hwSessionSetVar('u_ac_pp', $u_ac_pp);
  }
}

// if only 1 ad allowed - show modify ad page if ad exists
if($ses_uid && AD_ALLOWED == 1){
  $v = $db->one_assoc('SELECT link_id,catid FROM '.TBL_AD.' WHERE userid='.$ses_uid.' LIMIT 1');
  if($v){
    header("Location: index.php?page=modify&id={$v['link_id']}&cid={$v['catid']}");
    exit;
  }
}

$O_LFS = &Factory::singleton('FieldsSet');

$a_v = hwSessionGetVar('ad_extra');
if($a_v) $O_LFS->UpdateActive($a_v,1);

//$cid = (int)$_GET['cid'];
//if(!$cid && $_POST['cid']) $cid = (int)$_POST['cid']; // failed on like_id category change
$cid = (int)$_REQUEST['cid'];

if($_POST['term'] && !is_array($_POST['term'])) unset($_POST['term']);

// set initial payment plan
$hw_pay_plan = (string)$_GET['hw_pay_plan'];
$A_TERMS = hwGetPayPlans('FEE', $cid, hwSessionGetVar('u_ac_pp'));

$likeid = (int)$_GET['likeid'];
if($likeid && $ses_uid){
  $hw_pay_plan = $db->one_data('SELECT hw_pay_plan FROM '.TBL_AD.' WHERE link_id="'.$likeid.'" AND userid='.$ses_uid); //validate
  list($hw_pay_plan) = hwGetBasePlanFromStr($hw_pay_plan);
  if(!$A_TERMS[$hw_pay_plan]){ // no original pay_plan available
    $hw_pay_plan = 'FEE_FREE';
    if(!$A_TERMS[$hw_pay_plan]) $hw_pay_plan = key($A_TERMS);
  }
}

if(!$hw_pay_plan){
  $pp_amt = count($A_TERMS);
  if($pp_amt==0){ 
    $pp_total = $db->one_data('SELECT COUNT(*) FROM '.TBL_PAY_PLAN.' WHERE type="FEE" AND enabled="1"');
    $u_ac_pp = hwSessionGetVar('u_ac_pp');
    $pp_disabled = $db->one_data('SELECT COUNT(*) FROM '.TBL_PP_USER.' WHERE sub_id='.$db->esc($u_ac_pp));
    if($pp_total==$pp_disabled) $err_msg = 'No price plans enabled for member plan: '.$u_ac_pp.'.  Administrator can do this in "Admin Area :: Price Plans :: Edit '.$u_ac_pp.'"';
    else $err_msg = 'No price plan(s) associated with this category. Administrator can do this in "Admin Area :: Price Plans :: Category-specific Plans"';
    die($err_msg);
  }
  elseif($pp_amt==1 || !$ses_uid){ // only one (or autoregister) 
    $hw_pay_plan = 'FEE_FREE';
    if(!$A_TERMS[$hw_pay_plan]) $hw_pay_plan = key($A_TERMS);
  }
//  elseif(!EN_EXP_DATE && $A_TERMS['FEE_FREE']) $hw_pay_plan = 'FEE_FREE'; // default free plan
}

if(EN_PP_CAT && (!$cid || $_POST['hw_cat_upd'])){ // force to select category first
  ShowCatMenuForm();
  return;
}
if(!$A_TERMS[$hw_pay_plan]){ // $cid required for EN_PP_CAT
  header('Location: index.php?page=order&pg=priceplans&cid='.$cid);
  exit;
}

if(!$cid && EN_FSETS) $cid = hwSessionGetVar('FS_ID');

$A_MEDIA_OBJ = &Factory::getMediaObj('ALL', $hw_pay_plan);

if(hwIsModEventAllowed('onLFSObjSetup')){

  $args = array( 
    'O_LFS' => &$O_LFS,
  );
  hwModEvent('onLFSObjSetup',$args);

}

$O_LFS->usePricePlan($hw_pay_plan);

$err_msg = '';

if(!$err_msg && $ses_uid){
  $ads_max = $db->one_data('SELECT hw_ads_max FROM '.TBL_USER.' WHERE id='.$ses_uid);
  if(!$ads_max) $ads_max = AD_ALLOWED;
  if($ads_max>0){
    $ads_now = $db->one_data('SELECT count(*) FROM '.TBL_AD.' WHERE userid='.$ses_uid);
    if($ads_now>=$ads_max) $err_msg = hwLng('err_ads_max');
  }
}

// post request
if($_POST['go'] && !$err_msg) {

  if(!$err_msg && EN_IMG_VER_ITEM){
    $o_iv =& Factory::create('Image_Verify');
    if(!$o_iv->IsTextOK($_POST['image_verify'])) $err_msg = hwLng('err_img_code');
  }
  
  $hw_rid = $_POST['hw_rid'];
 // if($hw_rid && $hw_rid==hwSessionGetVar('add_rid')) $err_msg = hwLng('err_submitted');

  if(!$err_msg){
    include SITE_PATH.'inc/add_item.php';
    $err_msg = AddItemValidate( array(
      'final_cat_check' => 1,
      'hw_pay_plan' => $hw_pay_plan,
    ) );
  }

  if(!$err_msg && $A_MEDIA_OBJ) foreach(array_keys($A_MEDIA_OBJ) as $media_id){
    $err_msg = $A_MEDIA_OBJ[$media_id]->Validate();
    if($err_msg) break;
  }

  $uid = $ses_uid;
  if(!$err_msg && !$ses_uid){ 
    $uid = MemberAutoRegister();
    $ses_uid = (int)hwSessionGetVar('userid');
  }

  if(!$err_msg){

//     $_POST['f_title'] = preg_replace('/(\w[^\w\s]+)(\w)/', '\\1 \\2', $_POST['f_title']);

     $_HW_ZERO_COST = $A_TERMS[$hw_pay_plan]['FEE'] == 0;
     
     $P_TERMS = array();
     if($_POST['term']) foreach($_POST['term'] as $k=>$v){ 
       if(!$v) unset($_POST['term'][$k]);
     }

     $_HW_POST_REDIR = 0;
     if($_POST['term']){ 
       $A_OPTS = hwGetExtraOptions();
       foreach($_POST['term'] as $k){
         if(strpos($k, '-') === false) continue;
         list($opt_name,$opt_val) = explode('-', $k);
         if($A_OPTS[$opt_name]){
           $_HW_POST_REDIR = 1;
           if($A_OPTS[$opt_name]['FEE'][$opt_val] > 0){ $_HW_ZERO_COST = 0; break; }
         }
       }
     }

     if(EN_EXP_DATE && $uid){

       if(EN_1AD_FREE){

         $ok = 1;
         if(hwSessionGetVar('free_ad_used') || $_HW_POST_REDIR) $ok = 0;
         else{
           hwSessionSetVar('free_ad_used',1);
           $db->query('UPDATE '.TBL_USER." SET free_ad_used='1' WHERE id='$uid'");
         }
         if($ok) $_HW_ZERO_COST = 1; // allow first ad for free
       
       }
       elseif(in_array('exp_date', hwSessionGetVar('ad_extra')) && !$_HW_POST_REDIR) $_HW_ZERO_COST = 1;
     
     }

     $lid = AddItemProcess( array(
       'userid' => $uid,
       'hw_pay_plan' => $hw_pay_plan,
       'pp_switch_on' => $_HW_ZERO_COST,
       'user_approved' => $ses_uid ? 1 : 0,
     ) );

     hwSessionSetVar('add_rid',$hw_rid);

     $hw_exp_days = $_POST['hw_exp_days'];
     if($hw_exp_days && ctype_digit($hw_exp_days) && $_HW_ZERO_COST){
       $ql = 'UPDATE '.TBL_AD.' SET exp_date=DATE_ADD('.SQL_NOW.",INTERVAL $hw_exp_days DAY) WHERE link_id='$lid'";
       $db->query($ql);
     }

    // Update Media Files
    if($A_MEDIA_OBJ && $lid){

      foreach(array_keys($A_MEDIA_OBJ) as $media_id){
        $A_MEDIA_OBJ[$media_id]->SetDBKeyVal($lid);
        if($likeid) $A_MEDIA_OBJ[$media_id]->DuplicateFiles($likeid);
        $A_MEDIA_OBJ[$media_id]->ModifyData();
      }
    }
    
    if(!$ses_uid){
      // just registered w email confirmation
    }
    elseif($_HW_ZERO_COST && !$_HW_POST_REDIR){
      EvalAdvTpl(TPL_PATH.'add_ok.htm', compact('cid','lid'), 1);
    }
    else{

      $url = "index.php?page=order&id=$lid&cid=$cid";
      if(!$_HW_POST_REDIR){ 
        header('Location: '.$url);
      }
      else{
        $s = "\n";
        if($_POST['term']){ 
          $s.='<input type=hidden name="term[]" value="'.$hw_pay_plan.'">'."\n";
          foreach($_POST['term'] as $v) $s.='<input type=hidden name="term[]" value="'.html_esc($v).'">'."\n";
        }
        $GLOBALS['HW_WRAP'] = 0;
        echo '<html><body onLoad="document.frm.submit();">'.
            '<form name=frm method=post action="'.$url.'">'.
            '<input type=hidden name=hw_back value=1>'.$s.'</form></body></html>';
      }
    }
    
    $tpl_v = $db->one_assoc("SELECT * FROM ".TBL_AD." WHERE link_id='$lid'");
    $tpl_v = $O_LFS->FillCustomFieldsArray($tpl_v);
    $tpl_v['id'] = $lid;
    $tpl_v['cid'] = $cid;
    $tpl_v['userid'] = $uid;
    $tpl_v['cname'] = ShowCategoryPath($cid);
    $tpl_v['email_rows'] = $O_LFS->GetRowsForMail($_POST);

    if(EN_M_AD_POST){
      $email_body = EvalAdvTpl(TPL_PATH.'add_notify_adm.mail', $tpl_v);
      hwSendMail(ADMIN_EMAIL,ADMIN_EMAIL,'',$email_body);
    }
    
    $email = hwSessionGetVar('email');
    if(EN_M_POST2USER && IsEmail($email) && $ses_uid){
      $email_body = EvalAdvTpl(TPL_PATH.'add.mail', $tpl_v);
      hwSendMail($email,ADMIN_EMAIL,'',$email_body);
    }
    return;
  }
}

/*
if(EN_FCAT_ADS && $_SERVER['REQUEST_METHOD'] == 'GET'){
  $hw_child = $db->one_data('SELECT count(*) FROM '.TBL_CAT.' WHERE pid="'.$cid.'"');
  if($hw_child>0) $err_msg = hwLng('err_final_cat');
}
*/

if(!$_POST['go']) { // get request start

  if($A_TERMS[$hw_pay_plan]['DT']){
    $O_LFS->SetFieldProperty('VALUE',$A_TERMS[$hw_pay_plan]['DT'],'exp_date');
  }

  if($ses_uid){

    if($likeid){
      $a_Ad = $db->one_assoc('SELECT * FROM '.TBL_AD.' WHERE link_id="'.$likeid.'" AND userid='.$ses_uid);
      $hw_region_id = $a_Ad['hw_region_id']; // for Regions module
      $O_LFS->LoadValues($a_Ad);
    }
    else{

      $O_UFS = &Factory::singleton('FieldsSet', '{user_fields}');
      $a_User = $db->one_assoc('SELECT * FROM '.TBL_USER.' WHERE id='.$ses_uid);
      $O_UFS->LoadValues($a_User);
      $_POST['f_email'] = $a_User['email'];
      $hw_region_id = $a_User['hw_region_id']; // for Regions module
      unset($a_User);

      $O_UFS->rewind();
      while($o_f = &$O_UFS->next()){
        if($o_f->ACTIVE){
          $f_id = substr($o_f->ID,1);
          if($O_LFS->A_IDX[$f_id] && $o_f->VALUE) $_POST[$f_id] = $o_f->VALUE;
        }
      }
      
    }

  }

} // get request end
else { // post

  if($likeid && $A_MEDIA_OBJ){
    $a_Ad = $db->one_assoc('SELECT '.implode(',',array_keys($A_MEDIA_OBJ)).' FROM '.TBL_AD.' WHERE link_id="'.$likeid.'" AND userid="'.$ses_uid.'"');
  }

}

if(!$hw_rid) $hw_rid = mt_rand();

$tpl_v = compact('err_msg','hw_rid','hw_pay_plan','ses_uid');

$tpl_v['EN_IMG_VER'] = defined('EN_IMG_VER_ITEM') ? EN_IMG_VER_ITEM : 0;
//$tpl_v['hw_pp_fee'] = $A_TERMS[$hw_pay_plan]['FEE'];

$GLOBALS['hwJsCats'] = '';

$hide_id = 0;
/*if(EN_PP_CAT){
  $hide_id = $db->one_col_array('SELECT c.id FROM '.TBL_CAT.' c 
  LEFT JOIN '.TBL_PP_CAT.' pc ON c.id=pc.cid AND pc.ppid="'.$db->quote($hw_pay_plan).'" WHERE pc.cid IS NULL');
}*/

$tpl_v['cat_path'] = ShowDropDownCategoryList($cid,'cid','',$hide_id, EN_FSETS ? 'OnChange="ReloadCat()"' : '');

$tpl_v['hwJsCats'] = $GLOBALS['hwJsCats'];
unset($GLOBALS['hwJsCats']);
$tpl_v['cid'] = $cid;

$tpl_v['enc_type'] = ($A_MEDIA_OBJ || $O_LFS->A_UPLOAD) ? 'ENCTYPE="multipart/form-data"' : '';

$tpl_v['media_files_upload'] = '';
if($A_MEDIA_OBJ) foreach(array_keys($A_MEDIA_OBJ) as $media_id){
  $tpl_v['media_files_upload'].=$A_MEDIA_OBJ[$media_id]->GetMediaArea(TPL_PATH.'media_files_upload.htm', 0, 0, 0, 1);
}

$tpl_v['media_files_copy'] = '';

if($likeid && $A_MEDIA_OBJ) {
  foreach(array_keys($A_MEDIA_OBJ) as $media_id){
    if(!$a_Ad[$media_id]) continue;
    $tpl_v['media_files_copy'].=$A_MEDIA_OBJ[$media_id]->GetDuplicateArea(TPL_PATH.'media_files_copy.htm', $a_Ad[$media_id]);
  }
}

  $tpl = new HawkTpl;
  $tpl->InitArray('row,pay');

// Extra Options block
	
  $A_OPTS = hwGetExtraOptions();

  $skipped = 0;
  if($A_OPTS){     
    foreach(array_keys($A_OPTS) as $k){
      if(!$A_OPTS[$k]['FEE'] || !$A_OPTS[$k]['EN_ORD']) $skipped++;
    }    
  }

  if($A_OPTS && $skipped < count($A_OPTS)){
    $tpl->AddCell('pay','','extra_start');
    $v = array();
    foreach(array_keys($A_OPTS) as $k){
      if(!$A_OPTS[$k]['FEE'] || !$A_OPTS[$k]['EN_ORD']) continue;
      $v['e_title'] = $A_OPTS[$k]['NAME'];
      $v['e_ctl'] = pp_GetPayOptOrderCtl($A_OPTS[$k]);
//      $v['e_term'] = intval($A_OPTS[$k]['DT']/86400);
//      $tpl_v['ctl_'.$A_OPTS[$k]['ID']] = $v['e_ctl']; // ##ctl_AD_COLOR##
      $tpl->AddCell('pay',$v,'extra');
    } 
    $tpl->AddCell('pay','','extra_end');
  }
  $tpl_v['EX_OPT_EXP'] = EX_OPT_EXP;

// Set Default Language
if(!$_POST['hw_lang_id'] && hwModGetState('Multi_Lang') == 'A') $O_LFS->SetFieldProperty('VALUE', $GLOBALS['HW_LANG'], 'hw_lang_id');

$tpl->readBuf( GetFSetFileName('add.htm') );

$CFG = hwGetFSConfig();
echo $O_LFS->GetPage($tpl, $tpl_v, $CFG['EN_AUTO_ADD'], TRUE);

// funcs area

function pp_GetPayOptOrderCtl($a_v){
  static $P_TERMS, $A_OPT;
  global $hw_pay_plan;
  
  if(!isset($P_TERMS)){
    $P_TERMS = array();
    if($_POST['term']) foreach($_POST['term'] as $k){ if($k) $P_TERMS[$k] = 1; }
    $A_OPT = hwGetOptsArrFromPlans($hw_pay_plan);
  }

  $s = '<select name=term[]>';

  $eo_active = isset($A_OPT[$a_v['ID']]);
  foreach($a_v['FEE'] as $eo_val => $eo_fee){

   	$eo_text = $a_v['DESCR'][$eo_val];
  	if(!$eo_text) $eo_text = $eo_val;
  	$k = $eo_val ? $a_v['ID'].'-'.$eo_val : '';

    if($eo_active && $A_OPT[$a_v['ID']]==$eo_val){
      $s.='<option selected value="">'.$eo_text.' - '.CURR_SIGN.'0.00';
    }
    else{
      $s.='<option '.($P_TERMS[$k]?'selected ':'')."value=\"$k\">$eo_text - ".CURR_SIGN.$eo_fee;
    }
  }

  $s.= '</select>';
  return $s;
}

function ShowCatMenuForm(){
global $db,$A_TERMS,$hw_pay_plan,
  $hw_pp_fee,$cat_path,$cid,$ses_uid;

  $hide_id = 0;
  /*$hide_id = $db->one_col_array('SELECT c.id FROM '.TBL_CAT.' c 
  LEFT JOIN '.TBL_PP_CAT.' pc ON c.id=pc.cid AND pc.ppid="'.$db->quote($hw_pay_plan).'" WHERE pc.cid IS NULL');
*/
  $cat_path = ShowDropDownCategoryList($cid,'cid','',$hide_id);
  $hw_pp_fee = $A_TERMS[$hw_pay_plan]['FEE'];

  EvalAdvTpl(TPL_PATH.'add_cat_menu.htm','$ses_uid,$hw_pp_fee,$cat_path,$cid',1);
}

function MemberAutoRegister(){
global $db;

    if(hwSessionGetVar('userid')) return;
    hwSessionDelVar('ses_rnd');

    $login = EN_LOGIN_EM ? $_POST['email'] : $_POST['username'];
    $pwd = $_POST['pwd'];

    include_once SITE_PATH.'inc/auth.inc.php';

    if(UserAuthenticate($login,$pwd)) return hwSessionGetVar('userid');
    else{
      $sql_user = 'SELECT id FROM '.TBL_USER.' WHERE '.(EN_LOGIN_EM ? 'email' : 'username').'='.$db->esc($login);
      if ($db->one_data($sql_user)) {
        $GLOBALS['err_msg'] = hwLng('err_login');
        return;
      }
    }
    
    // add user
    include SITE_PATH.'inc/class.user_member.php';
    $O_USER = new SiteMember;
    $O_USER->AUTO_MODE = 1;
    $O_USER->EN_M_USER_ON_REG = 0;
    
    $a_denied = $db->one_col_array('SELECT sub_id FROM '.TBL_PP_USER.' WHERE fee_id="'.$db->quote($_GLOBALS['hw_pay_plan']).'"');

    $sql = 'SELECT id FROM '.TBL_PAY_PLAN.' WHERE type="SUB"';
    if($a_denied) $sql.=' AND id NOT IN("'.implode('","',$a_denied).'")';
    $sql.=' ORDER BY fee LIMIT 1';

    $O_USER->PAY_PLAN = $db->one_data($sql);

    $O_USER->AddUser();

    if($O_USER->ERR_MSG){
      $GLOBALS['err_msg'] = $O_USER->ERR_MSG;
      return;
    }
    
    // require email confirmation ?
    if(EN_CONFIRM_REG){
      if(!$_POST['next']) $_POST['next'] = '1';
      $O_USER->ConfirmReg();
      $uid = $db->one_data($sql_user);
      $db->query('UPDATE '.TBL_USER.' SET disabled=1 WHERE id='.$uid);
      return $uid;
    }
    else{
      UserAuthenticate($login,$pwd);
      return hwSessionGetVar('userid');
    }
}

?>
Return current item: Esvon Personals