Location: PHPKode > projects > Esvon Personals > esvon-personals/inc/pages/modify.php
<?php

// --------------------------------------------------------------------------
//
// Esvon Classifieds v.4.0
// Copyright(C), Esvon LTD, 2001-2010, All Rights Reserved.
// E-mail: hide@address.com
//
// All forms of reproduction, including, but not limited to, internet posting, 
// printing, e-mailing, faxing and recording are strictly prohibited.
// One license required per site running Esvon Classifieds. 
// To obtain a license for using Esvon Classifieds, please register at
// http://www.esvon.com/pg/products/p_classifieds/
//
// --------------------------------------------------------------------------

if(!defined('SITE_PATH')) die('Access Denied');

CheckLoggedIn();

// Regions module start
if($_POST['hw_region_upd']) $_SERVER['REQUEST_METHOD'] = 'GET'; // to avoid image handling call at least
// Regions module end

$id = (int)$_GET['id'];

$ses_uid = (int)hwSessionGetVar('userid');

list($hw_pay_plan,$cid) = $db->one_row('SELECT hw_pay_plan,catid FROM '.TBL_AD.' WHERE link_id='.$id.' AND userid='.$ses_uid);
if(!isset($hw_pay_plan)) die('Access Denied');

if(isset($_REQUEST['cid'])){ 
  $cid = (int)$_REQUEST['cid'];
  if($cid && !ctype_digit($_REQUEST['cid'])) die('Access Denied');
}

if(hwModGetState('Multi_Lang')=='A'){
  Multi_Lang_Redirect('SELECT hw_lang_id FROM '.TBL_AD.' WHERE link_id='.$id);
}

if($_GET['act']=='media_info'){
  $HW_WRAP = 0;
  $media_id = $_GET['media'] ? (string)$_GET['media'] : 'images';
  $o_media = &Factory::getMediaObj($media_id, $hw_pay_plan);
  if(!is_object($o_media)) die('Invalid Media ID: '.$media_id);
  $o_media->SetDBKeyVal($id);
  echo $o_media->getInfoEditForm(TPL_PATH.'media_file_info_edit.htm', $_GET['f']);
  return;
}

$A_MEDIA_OBJ = &Factory::getMediaObj('ALL', $hw_pay_plan);

if($A_MEDIA_OBJ) foreach(array_keys($A_MEDIA_OBJ) as $media_id){
  $A_MEDIA_OBJ[$media_id]->SetDBKeyVal($id);
  if($_SERVER['REQUEST_METHOD']=='POST' && !$_POST['go']) $A_MEDIA_OBJ[$media_id]->ModifyData();
}

$O_LFS = &Factory::singleton('FieldsSet');

$a_v = hwSessionGetVar('ad_extra');
if($a_v) $O_LFS->UpdateActive($a_v, 1);

if(hwIsModEventAllowed('onLFSObjSetup')){

  $args = array( 
    'ID' => $id,
    'O_LFS' => &$O_LFS,
  );
  hwModEvent('onLFSObjSetup',$args);

}

// Editable Fields Transformation addon
$O_LFS->EditFieldsSetup();

$O_LFS->usePricePlan($hw_pay_plan);

$err_msg = '';

if($_POST['go']) {

  if($_POST['cid']) $cid = (int)$_POST['cid'];

  if(!$err_msg){
	
     $err_msg = $O_LFS->ValidateData();
     if(!$err_msg) $err_msg = $O_LFS->CensorPostVars();
  
   }

  if(!$err_msg && EN_FCAT_ADS){
    $hw_child = $db->one_data('SELECT count(*) FROM '.TBL_CAT.' WHERE pid="'.$cid.'"');
    if($hw_child>0) $err_msg = hwLng('err_final_cat');
  }

  if(!$err_msg && $A_MEDIA_OBJ) foreach(array_keys($A_MEDIA_OBJ) as $media_id){
    $err_msg = $A_MEDIA_OBJ[$media_id]->Validate();
    if($err_msg) break;
  }

  if(!$err_msg){
     $args = array(
       'ID' => $id,
       'hw_pay_plan' => $hw_pay_plan,
       'ERR_MSG' => '',
     );
     hwModEvent('onAdBeforeUpdate',$args);    
     $err_msg = $args['ERR_MSG'];
  }

  if(!$err_msg){

    $cid_prev = $db->one_data('SELECT catid FROM '.TBL_AD.' WHERE link_id="'.$id.'" AND userid="'.$ses_uid.'"'); //validate
    if(!$cid_prev) exit;
        
    if($cid!=$cid_prev){
      $num_rows = $db->one_data("SELECT count(*) FROM ".TBL_CAT." WHERE id IN('$cid_prev','$cid') AND fset=".$db->esc(hwGetFsByCat($cid_prev)));
      if($num_rows<2) {
        header('Location: index.php?page=account');
        exit;
      }
    }
   
    //get old filenames
    $a_upload = $O_LFS->A_UPLOAD_DB;
    if($a_upload) $old_files = $db->one_assoc('SELECT '.implode(',',$a_upload).' FROM '.TBL_AD.' WHERE link_id="'.$id.'"');

    $ql = 'UPDATE '.TBL_AD." SET catid='$cid',hw_updated=".SQL_NOW;

    if(EN_APR_REQ) $ql.=',approved="0"';

    $a_skip = array();
    $a_upload = $O_LFS->A_UPLOAD;
    if($a_upload) foreach($a_upload as $k){
      $f_db = $O_LFS->GetDbFByID($k);
      if(!UploadIsOK($k,$old_files[$f_db])) $a_skip[]=$k;
    }
    $ql.=$O_LFS->GetUpdateSQL($a_skip)." WHERE link_id='$id'";

    if(EN_M_AD_MOD){ // to use later
      $_av = $db->one_assoc("SELECT * FROM ".TBL_AD." WHERE link_id='$id'");
    }

    $db->query($ql);

    $args = array( 'ID' => $id );
    hwModEvent('onAdSaved',$args);

    include_once SITE_PATH.'inc/ft_search.php';
    ftSynchItem( array('id' => $id) );

    if(EN_M_AD_MOD){

      $O_LFS->LoadValues($_av);

      $cname = ShowCategoryPath($_av['catid']);
      
      $tpl_v = compact('id', 'cid');
      $tpl_v['rows_prev'] = "{Category} : $cname\n".$O_LFS->GetRowsForMail();

      if($_av['catid']!=$cid) $cname = ShowCategoryPath($cid);
      unset($_av);
      $tpl_v['rows_upd'] = "{Category} : $cname\n".$O_LFS->GetRowsForMail($_POST);
       
      $email_body = EvalAdvTpl(TPL_PATH.'modify_notify_adm.mail',$tpl_v);
      unset($tpl_v);
      hwSendMail(ADMIN_EMAIL,ADMIN_EMAIL,'',$email_body);

    }

    // update unlimited media fields
    if($A_MEDIA_OBJ){ 
      foreach(array_keys($A_MEDIA_OBJ) as $media_id){
        $A_MEDIA_OBJ[$media_id]->ModifyData();
      }
      $url = "index.php?page=modify&id=$id&cid=$cid";
      header('Location: '.$url);
      //echo "<html><script>alert('".hwLng('updated_ok')."');document.location='$url'</script></html>";
      exit;
    }

    // header("Location: index.php?page=account");
    // exit;
    $err_msg = hwLng('updated_ok');

  }

}

$a_Ad = $db->one_assoc('SELECT * FROM '.TBL_AD.' WHERE link_id="'.$id.'" AND userid="'.$ses_uid.'"'); //validate
if(!$a_Ad) {
  header('Location: index.php?page=account');
  exit;
}

$tpl_v = array(
  'exp_date' => $a_Ad['exp_date'],
  'hw_pay_plan' => $a_Ad['hw_pay_plan'],
);

$hw_pay_plan = $a_Ad['hw_pay_plan'];
$hw_region_id = $a_Ad['hw_region_id'];

if(!$_POST['cid'] && $_GET['cid']!=$a_Ad['catid']){
  //DieIfWrongCID($a_Ad['catid']);
  $redir = $_SERVER['REQUEST_URI'];
  if(ctype_print($redir)){
    if(strpos($redir, '&cid=')) $redir = preg_replace('/(?<=&cid=)\d*/',$a_Ad['catid'],$redir);
    else $redir.='&cid='.$a_Ad['catid'];
    header('Location: '.$redir);
  }
  exit;
}

$O_LFS->LoadValues($a_Ad);

$hide_id = 0;

if(EN_PP_CAT){
  list($pp_id) = hwGetBasePlanFromStr($hw_pay_plan);
  $hide_id = $db->one_col_array('SELECT c.id FROM '.TBL_CAT.' c 
  LEFT JOIN '.TBL_PP_CAT.' pc ON c.id=pc.cid AND pc.ppid="'.$db->quote($pp_id).'" WHERE pc.cid IS NULL');
}

$tpl_v['cat_path'] = '';
if($hide_id){ 
  $a_h = array_flip($hide_id);
  $pid = (int)$cid;
  while($pid){
    if(isset($a_h[$pid])) break;
    $pid = $db->one_data('SELECT pid FROM '.TBL_CAT.' WHERE id='.$pid);
  }
  if($pid) $tpl_v['cat_path'] = ShowCategoryPath($cid);
}
if(!$tpl_v['cat_path']) $tpl_v['cat_path'] = ShowDropDownCategoryList($cid,'cid','',$hide_id,'',hwGetFsByCat($a_Ad['catid']));

$tpl_v['enc_type'] = ($A_MEDIA_OBJ || $O_LFS->A_UPLOAD) ? 'ENCTYPE="multipart/form-data"' : '';

$CFG = hwGetFSConfig();

$tpl_v['media_files_upload'] = '';
if($A_MEDIA_OBJ) foreach(array_keys($A_MEDIA_OBJ) as $media_id){
  $tpl_v['media_files_upload'].=$A_MEDIA_OBJ[$media_id]->GetMediaArea(TPL_PATH.'media_files_upload.htm',0,$CFG['THUMB_PER_ROW_ADM'],1,1);
}

$tpl_v['EN_U_DEL'] = EN_U_DEL;

$tpl_v += compact('err_msg','id','cid');

echo $O_LFS->GetPage(GetFSetFileName('modify.htm'),$tpl_v,$CFG['EN_AUTO_MOD'],TRUE);
Return current item: Esvon Personals