1: 2: 3: 4: 5: 6: 7: 8: 9: 10: 11: 12: 13: 14: 15: 16: 17: 18: 19: 20: 21: 22: 23: 24: 25: 26: 27: 28: 29: 30: 31: 32: 33: 34: 35: 36: 37: 38: 39: 40: 41: 42: 43: 44: 45: 46: 47: 48: 49: 50: 51: 52: 53: 54: 55: 56: 57: 58: 59: 60: 61: 62: 63: 64: 65: 66: 67: 68: 69: 70: 71: 72: 73: 74: 75: 76: 77: 78: 79: 80: 81: 82: 83: 84: 85: 86: 87: 88: 89: 90: 91: 92: 93: 94: 95: 96: 97: 98: 99: 100: 101: 102: 103: 104: 105: 106: 107: 108: 109: 110: 111: 112: 113: 114: 115: 116: 117: 118: 119: 120: 121: 122: 123: 124: 125: 126: 127: 128: 129: 130: 131: 132: 133: 134: 135: 136: 137: 138: 139: 140: 141: 142: 143: 144: 145: 146: 147: 148: 149: 150: 151: 152: 153: 154: 155: 156: 157: 158: 159: 160: 161: 162: 163: 164: 165: 166: 167: 168: 169: 170: 171: 172: 173: 174: 175: 176: 177: 178: 179: 180: 181: 182: 183: 184: 185: 186: 187: 188: 189: 190: 191: 192: 193: 194: 195: 196: 197: 198: 199: 200: 201: 202: 203: 204: 205: 206: 207: 208: 209: 210: 211: 212: 213: 214: 215: 216: 217: 218: 219: 220: 221: 222: 223: 224: 225: 226: 227: 228: 229: 230: 231: 232: 233: 234: 235: 236: 237: 238: 239: 240: 241: 242: 243: 244: 245: 246: 247: 248: 249: 250: 251: 252: 253: 254: 255: 256: 257: 258: 259: 260: 261: 262: 263: 264: 265: 266: 267: 268: 269: 270: 271: 272: 273: 274: 275: 276: 277: 278: 279: 280: 281: 282: 283: 284: 285: 286: 287: 288: 289: 290: 291: 292: 293: 294: 295: 296: 297: 298: 299: 300: 301: 302: 303: 304: 305: 306: 307: 308: 309: 310: 311: 312: 313: 314: 315: 316: 317: 318: 319: 320: 321: 322:
<?php
session_start();
$_classPath = "../";
include($_classPath . "class/obj.class.php");
PHPShopObj::loadClass("base");
$PHPShopBase = new PHPShopBase($_classPath . "inc/config.ini");
PHPShopObj::loadClass("date");
PHPShopObj::loadClass("security");
PHPShopObj::loadClass("user");
PHPShopObj::loadClass("parser");
PHPShopObj::loadClass("mail");
PHPShopObj::loadClass("system");
PHPShopObj::loadClass("lang");
PHPShopObj::loadClass("product");
$PHPShopSystem = new PHPShopSystem();
$PHPShopLang = new PHPShopLang(array('locale' => $_SESSION['lang'], 'path' => 'shop'));
if ($_REQUEST['type'] != 'json') {
require_once $_classPath . "/lib/Subsys/JsHttpRequest/Php.php";
$JsHttpRequest = new Subsys_JsHttpRequest_Php("windows-1251");
}
else
$_REQUEST['message'] = PHPShopString::utf8_win1251($_REQUEST['message']);
function Page_comment($id) {
global $SysValue;
$p = intval($_REQUEST['page']);
if (empty($p))
$p = 1;
$num_row = 10;
$num_ot = 0;
$q = 0;
while ($q < $p) {
$sql = "select * from " . $SysValue['base']['comment'] . " where parent_id=" . intval($id) . " and enabled='1' order by id desc LIMIT $num_ot, $num_row";
$q++;
$num_ot = $num_ot + $num_row;
}
return $sql;
}
function Nav_comment($id) {
global $SysValue,$link_db;
$navigat = null;
$p = $_REQUEST['page'];
if (empty($p))
$p = 1;
$num_row = 10;
$sql = "select id from " . $SysValue['base']['comment'] . " where parent_id=" . intval($id) . " and enabled='1'";
@$result = mysqli_query($link_db,$sql);
$num_page = mysqli_num_rows(@$result);
$i = 1;
$num = $num_page / $num_row;
while ($i < $num + 1) {
if ($i != $p) {
if ($i == 1)
$pageOt = $i + @$pageDo;
else
$pageOt = $i + @$pageDo - $i;
$pageDo = $i * $num_row;
$navigat.='<li class=""><a href="javascript:commentList('.$id.',\'list\','.$i.');">'.$i.'</a></li>';
}
else {
if ($i == 1)
$pageOt = $i + @$pageDo;
else
$pageOt = $i + @$pageDo - $i;
$pageDo = $i * $num_row;
$navigat.='<li class="active"><a>'.$i.'</a></li>';
}
$i++;
}
if ($num > 1) {
if ($p > $num) {
$p_to = $i - 1;
} else {
$p_to = $p + 1;
}
$nava = '<nav>
<ul class="pagination">
<li class=""><a href="javascript:commentList('.$id.',\'list\',' . ($p - 1) . ');" aria-label="Previous"><span aria-hidden="true">«</span></a></li>
'.$navigat.'
<li class=""><a href="javascript:commentList('.$id.',\'list\',' . $p_to . ');" aria-label="Previous"><span aria-hidden="true">»</span></a></li>
</ul>
</nav>';
}
return $nava;
}
function returnSmile($string) {
$Smile = array(
':-D' => '',
':\)' => '',
':\(' => '',
':shock:' => '',
':cool:' => '',
':blush:' => '',
':dance:' => '',
':rad:' => '',
':lol:' => '',
':huh:' => '',
':rolly:' => '',
':thuf:' => '',
':tongue:' => '',
':smart:' => '',
':wacko:' => '',
':yes:' => '',
':yahoo:' => '',
':sorry:' => '',
':nono:' => '',
':dash:' => '',
':dry:' => '',
);
foreach ($Smile as $key => $val)
$string = str_replace($key, $val, $string);
return $string;
}
function DispComment($id) {
global $SysValue,$link_db;
$dis = null;
$sql = Page_comment($id);
$result = mysqli_query($link_db,$sql);
while ($row = mysqli_fetch_array($result)) {
$user_id = $row['user_id'];
if ($_SESSION['UsersId'] == $user_id)
$SysValue['other']['commentEdit'] = '<a href="#addComment" onclick="javascript:commentList(' . $user_id . ',\'edit\',1,' . $row['id'] . '';
else
$SysValue['other']['commentEdit'] = "";
$SysValue['other']['commentData'] = PHPShopDate::dataV($row['datas'], false);
$SysValue['other']['commentName'] = $row['name'];
$SysValue['other']['commentStarCount'] = $row['rate'];
$SysValue['other']['commentContent'] = returnSmile($row['content']);
$SysValue['other']['avgRateWidth'] = avg_rate($row['rate']);
if (is_file('../../' . $SysValue['dir']['templates'] . chr(47) . $_SESSION['skin'] . "/comment/main_comment_forma.tpl"))
$dis.=PHPShopParser::file('../../' . $SysValue['dir']['templates'] . chr(47) . $_SESSION['skin'] . "/comment/main_comment_forma.tpl", true);
}
$SysValue['other']['producUid'] = $SysValue['nav']['id'];
$SysValue['other']['UsersId'] = $_SESSION['UsersId'];
$SysValue['other']['productPageThis'] = $p;
$SysValue['other']['productPageNav'] = Nav_comment($id);
$SysValue['other']['productPageDis'] = str_replace("#imagesSavePathLabel#", "images", $dis);
$disp = PHPShopParser::file('../../' . $SysValue['dir']['templates'] . chr(47) . $_SESSION['skin'] . "/comment/comment_page_list.tpl", true,false);
return $disp;
}
function avg_rate($rate) {
$oneStarWidth = 20;
$oneSpaceWidth = 0;
if (@$_SESSION['Memory']["rateForComment"]["oneStarWidth"])
$oneStarWidth = $_SESSION['Memory']["rateForComment"]["oneStarWidth"];
if (@$_SESSION['Memory']["rateForComment"]["oneSpaceWidth"])
$oneSpaceWidth = $_SESSION['Memory']["rateForComment"]["oneSpaceWidth"];
return $oneStarWidth * $rate + $oneSpaceWidth * ceil($rate);
}
switch ($_REQUEST['comand']) {
case("add"):
$myMessage = strip_tags($_REQUEST['message']);
$myMessage = PHPShopSecurity::TotalClean($myMessage, 2);
$myRate = abs(intval($_REQUEST['rateVal']));
$xid = intval($_REQUEST['xid']);
if (!$myRate)
$myRate = 0;
elseif ($myRate > 5)
$myRate = 5;
if (!empty($_SESSION['UsersId']) and !empty($myMessage)) {
$PHPShopUser = new PHPShopUser($_SESSION['UsersId']);
$PHPShopOrm = new PHPShopOrm($GLOBALS['SysValue']['base']['comment']);
$PHPShopOrm->insert(array('datas_new'=>time(),'name_new'=>$PHPShopUser->getName(),'parent_id_new'=>$xid,'content_new'=>$myMessage,'user_id_new'=>intval($_SESSION['UsersId']),'enabled_new'=>0,'rate_new'=>$myRate));
$PHPShopProduct = new PHPShopProduct($xid);
$name = $PHPShopProduct->getName();
$SysValue['other']['commentData'] = PHPShopDate::dataV(false, false);
$SysValue['other']['commentUserName'] = $PHPShopUser->getName();
$SysValue['other']['commentMessage'] = $myMessage;
$SysValue['other']['commentProdName'] = $name;
$message = PHPShopParser::file("../lib/templates/comment/mail.tpl", true);
$system = new PHPShopSystem();
$zag = __("")." $name / " . $SysValue['other']['commentData'];
$adminMail = $system->getValue('adminmail2');
new PHPShopMail($adminMail, $adminMail, $zag, $message,false,false,array('replyto'=>$PHPShopUser->getValue('mail')));
$error = "done";
writeLangFile();
}
else
$error = "error";
$interfaces = DispComment($_REQUEST['xid']);
break;
case("list"):
$interfaces = DispComment($_REQUEST['xid']);
break;
case("edit"):
$sql = "select content from " . $SysValue['base']['table_name36'] . " where id=" . intval($_REQUEST['cid']) . " and user_id=" . $_SESSION['UsersId'];
$result = mysqli_query($link_db,$sql);
$row = mysqli_fetch_array($result);
$interfaces = $row['content'];
break;
case("edit_add"):
$myMessage = strip_tags($_REQUEST['message']);
$myMessage = PHPShopSecurity::TotalClean($myMessage, 2);
if ($_SESSION['UsersId'] > 0 and !empty($myMessage)) {
$sql = "UPDATE " . $SysValue['base']['table_name36'] . "
SET
datas='" . date("U") . "',
enabled='0',
content='" . $myMessage . "'
where id='" . intval($_REQUEST['cid']) . "'";
mysqli_query($link_db,$sql);
$sql = "SELECT parent_id FROM " . $SysValue['base']['table_name36'] . " where id='" . intval($_REQUEST['cid']) . "'";
$result = mysqli_query($link_db,$sql);
$row = mysqli_fetch_array($result);
$parent_id = $row['parent_id'];
$result = mysqli_query($link_db,"select avg(rate) as rate, count(id) as num from " . $SysValue['base']['table_name36'] . " WHERE parent_id=$parent_id AND enabled='1' AND rate>0 group by parent_id LIMIT 1");
if (mysqli_num_rows($result)) {
$row = mysqli_fetch_array($result);
extract($row);
$rate = round($rate, 1);
mysqli_query($link_db,"UPDATE " . $SysValue['base']['products'] . " SET rate = '$rate', rate_count='$num' WHERE id=$parent_id");
} else {
mysqli_query($link_db,"UPDATE " . $SysValue['base']['products'] . " SET rate = '0', rate_count='0' WHERE id=$parent_id");
}
}
else
$error = "error";
$interfaces = DispComment($_REQUEST['xid']);
break;
case("dell"):
$sql = "delete from " . $SysValue['base']['table_name36'] . "
where id='" . intval($_REQUEST['cid']) . "'";
mysqli_query($link_db,$sql);
$interfaces = DispComment($_REQUEST['xid']);
break;
}
$_RESULT = array(
'comment' => $interfaces,
'status' => $error,
'success' => 1
);
if ($_REQUEST['type'] == 'json') {
$_RESULT['comment'] = PHPShopString::win_utf8($interfaces);
echo json_encode($_RESULT);
}
?>