Файл: upload/pages/deal/buy-page.php
Строк: 278
<?php
require_once ($_SERVER['DOCUMENT_ROOT'] . '/core/core.php');
if (!isset($user['id'])) {
showAlert('Ошибка', 'fail', 'Сперва необходимо авторизоваться');
RedirectToPage('/');
exit();
}
$id = abs((int)($_GET['id'] ?? 0));
$work_prc = FetchAssoc(dbquery("SELECT * FROM `work_processed` WHERE `id` = ?", [$id]));
if (empty($work_prc['id'])) {
header("HTTP/1.0 404 Not Found");
include ($_SERVER['DOCUMENT_ROOT'] . '/pages/err_pages/404.php');
exit();
}
$work = FetchAssoc(dbquery("SELECT * FROM `works` WHERE `id` = ?", [$work_prc['k_work']]));
$work_category = FetchAssoc(dbquery("SELECT * FROM `category` WHERE `id` = ?", [$work['category']]));
$work_section = FetchAssoc(dbquery("SELECT * FROM `section` WHERE `id` = ?", [$work['section']]));
$us = FetchAssoc(dbquery("SELECT * FROM `users` WHERE `id` = ?", [$work_prc['creator']]));
$us_wr = FetchAssoc(dbquery("SELECT * FROM `users` WHERE `id` = ?", [$work_prc['worker']]));
$rating = FetchAssoc(dbquery("SELECT * FROM `rating` WHERE `deal` = ?", [$id])) ?? null;
$ank_rating = null;
$reply_query_comm = null;
if ($rating) {
$ank_rating = FetchAssoc(dbquery("SELECT * FROM `users` WHERE `id` = ?", [$rating['us']])) ?? null;
$reply_query_comm = FetchAssoc(dbquery("SELECT * FROM `rating_comments` WHERE `rating_id` = ? ORDER BY `id` ASC", [$rating['id']]));
}
$order = FetchAssoc(dbquery("SELECT * FROM `works_transact_orders` WHERE `key_work` = ?", [CryptorPass($work_prc['k_order'] . $work_prc['creator'], $work_prc['wts'])]));
$disp = FetchAssoc(dbquery("SELECT * FROM `disputes` WHERE `deal_disp` = ? AND `status_disp` = '0'", [$id]));
$deal_ticket = FetchAssoc(dbquery("SELECT * FROM `tickets` WHERE `deal` = ? AND `stade` = '0'", [$work_prc['id']]));
$imgs = dbquery("SELECT k_image FROM works_images WHERE k_work = ?", [$work['id']]);
$images = [];
while ($img = FetchAssoc($imgs)) {
$images[] = ($img['k_image'] ?? '-');
}
if ($order) {
$orderHash = CryptorPass($work_prc['k_order'] . $order['us'], $order['salt']);
}
// Успешная сделка
if (isset($_POST['pay'])) {
check_csrf();
if ($work_prc['stade'] == 1 || $work_prc['stade'] == 4) {
processDealSuccess($work_prc, $work, $us, $us_wr, $user, $order, $orderHash, $id, $users_perms, $disp);
}
}
// Сорванная сделка
if (isset($_POST['fail-pay'])) {
check_csrf();
if ($work_prc['stade'] == 4) {
processDealFail($work_prc, $work, $us, $us_wr, $user, $order, $orderHash, $id, $users_perms, $disp);
}
}
// Открытие спора
if (isset($_POST['open-dispute'])) {
check_csrf();
if ($work_prc['stade'] == 1) {
openDispute($work_prc, $work, $us, $us_wr, $user, $order, $id);
}
}
// Возврат
if (isset($_POST['back-pay'])) {
check_csrf();
if ($work_prc['stade'] == 2) {
processDealRefund($work_prc, $work, $us, $us_wr, $user, $id);
}
}
// ОТВЕТ НА ОТЗЫВ
if (isset($_POST['set_reply'])) {
if ($work_prc['creator'] == $user['id']) {
check_csrf();
$comment_id = intval($_POST['comment_id']);
$message = chars($_POST['action-info']);
if (empty($message)) {
showAlert('Ошибка', 'fail', 'Нельзя отправить пустой ответ');
ReloadPage();
exit;
}
$rating = FetchAssoc(dbquery("SELECT * FROM `rating` WHERE `id` = ?", [$comment_id]));
if (!$rating) {
showAlert('Ошибка', 'fail', 'Отзыв не найден');
ReloadPage();
exit;
}
$reply_exists = FetchAssoc(dbquery("SELECT COUNT(*) AS cnt FROM `rating_comments` WHERE `rating_id` = ?", [$comment_id]));
if ($reply_exists['cnt'] > 0) {
showAlert('Ошибка', 'fail', 'Ответ уже был оставлен ранее');
ReloadPage();
exit;
}
dbquery("INSERT INTO `rating_comments` SET `rating_id` = ?, `us` = ?, `message` = ?, `created_at` = ?, `changed_at` = ''", [$comment_id, $user['id'], $message, time()]);
$reply_id = InGetLastInsertId();
dbquery("INSERT INTO `rating_comments_history` SET `comment_id` = ?, `old_message` = '', `new_message` = ?, `changed_by` = ?, `changed_at` = '', `created_at` = ?, `deleted_at` = '', `deal` = ?, `rating_id` = ?",
[$reply_id, $message, $user['id'], time(), $id, $rating['id']]);
showAlert('Успех', 'success', 'Ответ успешно отправлен!');
ReloadPage();
exit;
}
}
// РЕДАКТИРОВАНИЕ ОТВЕТА
if (isset($_POST['edit_reply'])) {
if ($work_prc['creator'] == $user['id']) {
check_csrf();
$reply_id = intval($_POST['reply_id']);
$new_text = trim($_POST['edit_reply_text']);
$user_id = $user['id'];
$old = FetchAssoc(dbquery("SELECT * FROM `rating_comments` WHERE `id` = ?", [$reply_id]));
if (!$old) {
showAlert('Ошибка', 'fail', 'Ответ не найден');
ReloadPage();
exit;
}
$rating = FetchAssoc(dbquery("SELECT * FROM rating WHERE id = ?", [$old['rating_id']]));
if (!$rating) {
showAlert('Ошибка', 'fail', 'Отзыв не найден');
ReloadPage();
exit;
}
if ($rating['deal'] != $id) {
showAlert('Ошибка', 'fail', 'Ответ не принадлежит этой сделке');
ReloadPage(); exit;
}
if (empty($new_text)) {
showAlert('Ошибка', 'fail', 'Ответ не может быть пустым');
ReloadPage();
exit;
}
dbquery("UPDATE `rating_comments` SET `message` = ?, `changed_at` = ? WHERE `id` = ?", [$new_text, time(), $reply_id]);
dbquery("INSERT INTO rating_comments_history SET comment_id = ?, old_message = ?, new_message = ?, changed_by = ?, changed_at = ?, created_at = ?, deleted_at = '', deal = ?, `rating_id` = ?",
[$reply_id, $old['message'], $new_text, $user_id, time(), $old['created_at'], $id, $old['rating_id']]);
showAlert('Успешно', 'success', 'Ответ успешно обновлен!');
ReloadPage();
exit;
}
}
// УДАЛЕНИЕ ОТВЕТА НА ОТЗЫВ
if (isset($_POST['delete_reply'])) {
if ($work_prc['creator'] == $user['id'] || $users_perms['del_feedback'] == 1) {
check_csrf();
$reply_id = intval($_POST['reply_id']);
$user_id = $user['id'];
$reply = FetchAssoc(dbquery("SELECT * FROM rating_comments WHERE id = ?", [$reply_id]));
if (!$reply) {
showAlert('Ошибка', 'fail', 'Ответ не найден');
ReloadPage();
exit;
}
$rating = FetchAssoc(dbquery("SELECT * FROM rating WHERE id = ?", [$reply['rating_id']]));
if (!$rating) {
showAlert('Ошибка', 'fail', 'Отзыв не найден');
ReloadPage();
exit;
}
if ($rating['deal'] != $id) {
showAlert('Ошибка', 'fail', 'Ответ не принадлежит этой сделке');
ReloadPage();
exit;
}
$history = FetchAssoc(dbquery("SELECT * FROM rating_comments_history WHERE rating_id = ? ORDER BY id DESC LIMIT 1", [$reply['rating_id']]));
if ($history) {
dbquery("UPDATE rating_comments_history SET deleted_at = ? WHERE id = ?", [time(), $history['id']]);
}
dbquery("DELETE FROM rating_comments WHERE id = ?", [$reply_id]);
showAlert('Успех', 'success', 'Ответ успешно удалён!');
ReloadPage();
exit;
}
}
$breadcrumbs = generateBreadcrumbs([
['/', 'Главная'],
['#', 'Сделка №' . $id]
]);
// Сайдбар
include $_SERVER['DOCUMENT_ROOT'] . '/core/elements/sidebars/deal.php';
// Права и условия для модалок
$can_success_work = ($user && $user['id'] == $us_wr['id']) || ($users_perms['manage_deal'] == 1);
$can_stop_work = ($user && $user['id'] == $us['id']) || ($users_perms['manage_deal'] == 1);
$can_back_money = !hasDealCooldownPassed($work_prc['k_work']);
$can_open_dispute = ($us['id'] == $user['id'] || $us_wr['id'] == $user['id']);
$has_rating = !empty($rating) && !empty($rating['id']);
$can_delete_feedback = $has_rating && $ank_rating && (
$ank_rating['id'] == $user['id'] || $users_perms['del_feedback'] == 1
);
$delete_feedback_self = $ank_rating && $ank_rating['id'] == $user['id'];
$can_reply_feedback = ($work_prc['creator'] == $user['id'] && $has_rating);
$can_delete_reply = ($has_rating && ($work_prc['creator'] == $user['id'] || $users_perms['del_feedback'] == 1));
$page_html = $view->render('pages/deal/deal.html', [
'breadcrumbs_html' => $breadcrumbs['html'],
'breadcrumbs_json' => $breadcrumbs['json_ld'],
'id' => $id,
'home' => homeLink(),
'csrf' => $_SESSION['csrf_token'],
'status' => PageWorkStatus($work_prc['stade']),
'ticket_badge' => DealTicketPage($deal_ticket['id'] ?? null),
'work' => [
'name' => $work['name_work'],
'desc' => $work['desc_work']
],
'images' => $images,
'non_image' => homeLink() . '/core/templates/' . $theme . '/images/work/non-image.png',
'category' => $work_category['name'],
'section' => $work_section['name'],
'opened' => vremja($work_prc['time_work']),
'closed' => !empty($work_prc['time_close_work']) ? vremja($work_prc['time_close_work']) : null,
'sidebar' => $sidebar,
'can_success_work' => $can_success_work,
'can_stop_work' => $can_stop_work,
'can_back_money' => $can_back_money,
'can_open_dispute' => $can_open_dispute,
'can_delete_feedback' => $can_delete_feedback,
'delete_feedback_self' => $delete_feedback_self,
'can_reply_feedback' => $can_reply_feedback,
'can_delete_reply' => $can_delete_reply
]);
require_once ($_SERVER['DOCUMENT_ROOT'] . '/layout.php');
?>
<script>
const track = document.getElementById("galleryTrack");
const prev = document.getElementById("galleryPrev");
const next = document.getElementById("galleryNext");
let index = 0;
const total = track.children.length;
function updateArrows() {
if (total <= 1) {
prev.style.display = "none";
next.style.display = "none";
return;
}
if (index === 0) {
prev.style.display = "none";
next.style.display = "flex";
} else if (index === total - 1) {
prev.style.display = "flex";
next.style.display = "none";
} else {
prev.style.display = "flex";
next.style.display = "flex";
}
}
function updateGallery() {
track.style.transform = `translateX(-${index * 100}%)`;
updateArrows();
}
next.onclick = () => {
if (index < total - 1) index++;
updateGallery();
};
prev.onclick = () => {
if (index > 0) index--;
updateGallery();
};
let startX = 0;
track.addEventListener("touchstart", e => {
startX = e.touches[0].clientX;
});
track.addEventListener("touchend", e => {
let endX = e.changedTouches[0].clientX;
let diff = startX - endX;
if (diff > 50 && index < total - 1) {
index++;
} else if (diff < -50 && index > 0) {
index--;
}
updateGallery();
});
updateArrows();
</script>
<script>
document.addEventListener("click", function (e) {
// УДАЛЕНИЕ ОТЗЫВА
const delBtn = e.target.closest("[data-type='feedback']");
if (delBtn) {
const id = delBtn.getAttribute("data-id") || "";
const name = delBtn.getAttribute("data-name") || "";
const input = document.querySelector("#delete-feedback-id");
const text = document.querySelector("#delete-feedback-text");
if (input) input.value = id;
if (text) text.textContent = name;
console.log("DELETE FEEDBACK CLICK:", { id, name });
}
// ОТВЕТ НА ОТЗЫВ
const replyBtn = e.target.closest(".set-comment-reply");
if (replyBtn) {
document.querySelector("#feedback-reply-user").textContent = replyBtn.dataset.name;
document.querySelector("#comment-id-input").value = replyBtn.dataset.id;
}
// РЕДАКТИРОВАНИЕ ОТВЕТА
const editBtn = e.target.closest(".edit-reply-btn");
if (editBtn) {
document.querySelector("#edit-reply-id").value = editBtn.dataset.id;
document.querySelector("#edit-reply-textarea").value = editBtn.dataset.text;
new bootstrap.Modal(document.getElementById("feedback_reply_edit")).show();
}
// УДАЛЕНИЕ ОТВЕТА
const delReplyBtn = e.target.closest(".del-reply-btn");
if (delReplyBtn) {
document.querySelector("#del-reply-id").value = delReplyBtn.dataset.id;
}
});
</script>