Файл: groups/adm/shop.goods.php
Строк: 79
<?php
require_once '../../incfiles/core.php';
require_once '../../incfiles/func.php';
require_once '../../incfiles/auth.php';
require_once '../../incfiles/user.php';
if (empty($user_id)) go(URL);
if (!empty($_GET['id']) && is_numeric($_GET['id']))
{
$id = abs(intval($_GET['id']));
$result = mysql_query("SELECT * FROM `groups` WHERE `id` = '".$id."' LIMIT 1");
if (mysql_num_rows($result) == true) $arr_group = mysql_fetch_array($result);
else go(URL);
if (!in_array($user_id, explode("||", substr($arr_group['admins'], 1, -1)))) go(URL);
}
else go(URL);
if (!empty($_GET['cat']) && is_numeric($_GET['cat']))
{
$cat = abs(intval($_GET['cat']));
}
else go(URL);
if (!empty($_GET['del']) && is_numeric($_GET['del']))
{
$del = abs(intval($_GET['del']));
$d_info = DB::$dbs->queryFetch("SELECT * FROM groups_shop_goods WHERE `id` = ?",array($del));
if ($d_info['group_id'] == $id)
{
$groups_shop_file = DB::$dbs->queryFetch("SELECT * FROM groups_shop_file WHERE `fid` = ?",array($del));
if (file_exists(HOME .'/files/shop/photos/'.$groups_shop_file['url'])) {@unlink(HOME .'/files/shop/photos/'.$groups_shop_file['url']);}
DB::$dbs->query("DELETE FROM groups_shop_goods WHERE `id` = ? ", array($del));
DB::$dbs->query("DELETE FROM groups_shop_file WHERE `fid` = ? ", array($del));
$add = ($arr_group['count_shop']-1);
DB::$dbs->query("UPDATE groups SET `count_shop` = ? WHERE `id` = ? ", array($add,$id));
}
}
$title = lang('Товари','Товари');
?>
<script type="text/javascript">
$(function(){
$('#form').on('submit', function(e){
e.preventDefault();
var $that = $(this),
formData = new FormData($that.get(0));
$.ajax({
url: $that.attr('action'),
type: $that.attr('method'),
contentType: false,
processData: false,
data: formData,
success: function(response){
if(response){
$('.content').html(response);
}
}
});
});
});
</script>
<?
require_once '../handler/shop.goods.php';
require_once '../../incfiles/head.php';
echo '<div class="title">
<a href="'.URL.'/groups/?id='.$id.'" onclick="Page.Go(this.href); return false">'.lang('Сообщество','Спільнота').'</a>
<a href="'.URL.'/groups/adm/?id='.$id.'" onclick="Page.Go(this.href); return false">'.lang('Управление сообществом','Керування спільнотою').'</a>
</div>';
echo '<div class="title">'.lang('Назва товару','Назва товару').'</div>
<form id="form" method="post" action="'.URL.'/groups/adm/shop.goods.php?id='.$id.'&cat='.$cat.'">
<input class="input" type="text" name="name" value="">
<div class="title">'.lang('Про товар','Про товар').'</div>
<input class="input" type="text" name="about" value="">
<div class="block">
<input class="button2" type="submit" value="'.lang('Создать','Створити').'"/>
</form>
</div>';
$cp = ceil($all/30);
$p = (isset($_GET['p']) and is_numeric($_GET['p']) and $_GET['p']>1 and $_GET['p']<=$cp) ? $_GET['p'] : 1;
$start = $p*30-30;
$sql = DB::$dbs->query("SELECT * FROM groups_shop_goods WHERE `group_id` = ? AND `cat_id` = ? ORDER BY `time` DESC LIMIT {$start}, 30", array($id,$cat));
while($post = $sql -> fetch())
{
echo'<div class="block"><a href="'.URL.'/groups/shop/view.php?id='.$id.'&gid='.$post['id'].'" onclick="Page.Go(this.href); return false">'.$post['name'].'</a> - [<a href="'.URL.'/groups/adm/shop.goods.php?id='.$id.'&cat='.$cat.'&del='.$post['id'].'" onclick="Page.Go(this.href); return false">'.lang('Удалить','Видалити').'</a>]</div>';
}
navi($p,$cp,''.URL.'/groups/adm/shop.goods.php?id='.$id.'&cat='.$cat.'');
require_once '../../incfiles/foot.php';
?>