Файл: upload/pages/work/new-work.php
Строк: 79
<?php
require_once ($_SERVER['DOCUMENT_ROOT'] . '/core/core.php');
if (!isset($user['id'])) {
showAlert('Ошибка', 'fail', 'Сперва необходимо авторизоваться');
RedirectToPage('/');
exit();
}
if (isset($_POST['set'])) {
check_csrf();
$name = chars($_POST['name']);
$desc = chars($_POST['desc']);
$cena = intval($_POST['cena']);
$persone = intval($_POST['person']);
$category = intval($_POST['category']);
$section = intval($_POST['section']);
$iss_name = dbquery("SELECT COUNT(`id`) FROM `works` WHERE `name_work` = ? AND `user_work` = ?", [$name, $user['id']]);
$podr = FetchAssoc(dbquery("SELECT * FROM `section` WHERE `id` = ?", [$section]));
if (mb_strlen($name) < 5) {
showAlert('Ошибка', 'fail', 'Введите название от 5 символов');
ReloadPage();
exit();
}
if (mb_strlen($desc) < 15) {
showAlert('Ошибка', 'fail', 'Введите описание от 15 символов');
ReloadPage();
exit();
}
if ($cena < 1) {
showAlert('Ошибка', 'fail', 'Введите цену');
ReloadPage();
exit();
}
if (DataResult($iss_name) > 0) {
showAlert('Ошибка', 'fail', 'Предложение с таким названием уже существует');
ReloadPage();
exit();
}
// ============================
// МНОЖЕСТВЕННАЯ ЗАГРУЗКА
// ============================
$uploaded_images = [];
if (!empty($_FILES['images']['name'][0])) {
$allowed_ext = ['jpg','jpeg','png','webp','heic'];
$uploadDir = $_SERVER['DOCUMENT_ROOT'] . "/uploads/works/";
if (!is_dir($uploadDir)) mkdir($uploadDir, 0777, true);
foreach ($_FILES['images']['name'] as $key => $nameFile) {
if ($_FILES['images']['error'][$key] !== UPLOAD_ERR_OK) continue;
$ext = strtolower(pathinfo($nameFile, PATHINFO_EXTENSION));
if (!in_array($ext, $allowed_ext)) continue;
$new_name = uniqid($_SERVER['HTTP_HOST'] . "_", true) . "." . $ext;
if (move_uploaded_file($_FILES['images']['tmp_name'][$key], $uploadDir . $new_name)) {
$uploaded_images[] = $new_name;
}
}
if (empty($uploaded_images)) {
showAlert('Ошибка', 'fail', 'Ошибка загрузки изображений!');
ReloadPage();
exit();
}
} else {
showAlert('Ошибка', 'fail', 'Загрузите хотя бы одно изображение');
ReloadPage();
exit();
}
// Главное изображение — первое
$main_image = $uploaded_images[0];
// === ВСТАВКА ОБЪЯВЛЕНИЯ ===
$salt = genRandomString();
$hashNull = CryptorHash('0', $salt);
dbquery("
INSERT INTO `works`
(`name_work`, `desc_work`, `cena_work`, `user_work`, `person_work`, `image_work`,
`category`, `section`, `subcategory`, `time_work`, `k_off`, `del`, `salt`, `up_time`)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
", [
$name, $desc, $cena, $user['id'], $persone, $main_image,
$category, $section, $podr['subcategory'], time(), $hashNull, $hashNull, $salt, time()
]);
$pid = InGetLastInsertId();
// === ВСТАВКА ВСЕХ ИЗОБРАЖЕНИЙ ===
foreach ($uploaded_images as $img) {
dbquery("INSERT INTO `works_images` (`k_work`, `k_image`) VALUES (?, ?)", [$pid, $img]);
}
RedirectToPage('/work' . $pid);
exit();
}
$categories = dbquery("SELECT * FROM `category` ORDER BY `id`");
$breadcrumbs = generateBreadcrumbs([
['/', 'Главная'],
['#', 'Новое объявление']
]);
$categories_list = [];
while ($category = FetchAssoc($categories)) {
$categories_list[] = [
'id' => $category['id'],
'name' => $category['name']
];
}
$page_html = $view->render('pages/work/new.html', [
'breadcrumbs_html' => $breadcrumbs['html'],
'breadcrumbs_json' => $breadcrumbs['json_ld'],
'csrf' => $_SESSION['csrf_token'],
'categories' => $categories_list
]);
require_once ($_SERVER['DOCUMENT_ROOT'] . '/layout.php');
?>
<script type="text/javascript">
$(document).ready(function(){
$('#category').change(function(){
var selectedcategoryId = $(this).val();
$.ajax({
url: "/core/get_sections-set-work.php",
method: "POST",
data: { category_id: selectedcategoryId },
success: function(response){
$("#section").html(response);
}
});
});
});
</script>