// Стол заказов
function order_vote()
{
$id = (int) $this->request['id'];
DB()->query("UPDATE bb_order SET order_vote = order_vote+1 WHERE order_id = $id");
$vote_summ = DB()->sql_query("SELECT order_vote FROM bb_order WHERE order_id = $id LIMIT 1");
while ($votes = DB()->sql_fetchrow($vote_summ))
{
$votes_summ = $votes['order_vote'];
}
$this->response['vote'] = $votes_summ;
$this->response['id'] = $id;
}
function order_delete()
{
$id = (int) $this->request['id'];
DB()->query("DELETE FROM bb_order WHERE order_id = $id");
$this->response['id'] = $id;
}
function order_add()
{
global $userdata, $bb_cfg, $lang;
$name = (string) $this->request['name'];
$desc = (string) $this->request['desc'];
$f_id = (int) $this->request['forum'];
if (($name == '') || ($desc == '')) ajax_die('Error');
$time = TIMENOW;
$user_id = $userdata['user_id'];
$name = DB()->escape($name);
$desc = DB()->escape($desc);
$vote = 0;
$html = '';
$row = DB()->fetch_row("SELECT forum_name FROM ". BB_FORUMS ." WHERE forum_id = ".$f_id);
DB()->query("INSERT bb_order SET
order_forum_id = $f_id,
order_name = '$name',
order_desc = '$desc',
order_time = $time,
order_yes = 0,
order_user_id = $user_id,
order_vote = $vote
");
$html .= '<td class="small bold w10 tCenter"><a href="viewforum.php?f='.$f_id.'">'.$row['forum_name'].'</a></td>';
$html .= '<td class="bold w30" name="hilite">'.$name.'</td>';
$html .= bb_date($time, $bb_cfg['default_dateformat'], 'false');
$html .= '<td class="bold w10 tCenter"><a href="profile.php?mode=viewprofile&u='.$user_id.'">'.$userdata['username'].'</a></td>';
$html .= '<td class="w10 tCenter">'.$lang['NO'].'</td>';
$html .= '<td class="bold w10 tCenter">----</td>';
$html .= '<td class="w10 tCenter bold">0</td>';
$html .= '<td class="w10 tCenter bold"><img src="'.BB_ROOT.'images/order_normal.png" /></td>';
if ($userdata['user_level'] == ADMIN) {
$html .= '<td class="w10 bold tCenter leech">X</td>';
}
$this->response['html'] = $html;
}
function order_yes()
{
global $userdata, $lang;
$id = (int) $this->request['id'];
$topic_id = (int) $this->request['topic_id'];
$user_id = $userdata['user_id'];
DB()->query("UPDATE bb_order SET order_yes = 1, order_user_performed_id = $user_id, order_topic_id = $topic_id WHERE order_id = $id");
$this->response['id'] = $id;
$this->response['username'] = '<a href="profile.php?mode=viewprofile&u='.$user_id.'">'.$userdata['username'].'</a>';
$this->response['html'] = '<a href="viewtopic.php?t='.$topic_id.'" class="seed bold" />'.$lang['YES'].'</b>';
}
function order_abuse()
{
$id = (int) $this->request['id'];
DB()->query("UPDATE bb_order SET order_abuse = 1 WHERE order_id = $id");
$this->response['id'] = $id;
}
function view_comment()
{
global $userdata, $lang, $bb_cfg;
$order_id = (int) $this->request['or_id'];
$user_id = $userdata['user_id'];
$i = 0;
$comments = DB()->query("SELECT c.*, u.username
FROM bb_order_comment AS c
LEFT JOIN bb_users AS u ON(u.user_id = c.comment_user_id)
WHERE order_id = $order_id
ORDER BY comment_time
");
$html = '<table class="forumline w100">';
while ($com = DB()->sql_fetchrow($comments))
{
$i++;
$row_class = !($i % 2) ? 'row2' : 'row1';
$html .= '<tr class="'.$row_class.'">';
$html .= '<td width="10%" class="tCenter bold"><a href="profile.php?mode=viewprofile&u='.$user_id.'">'.$com['username'].'</a><br />'.bb_date( $com['comment_time'],$bb_cfg['default_dateformat'],'false').'</td>';
$html .= '<td width="90%">'.htmlspecialchars($com['comment']).'</td>';
$html .= '</tr>';
}
$html .= '<tr class="row3">';
$html .= '<td class="w100 bold tCenter" colspan="2">Добавить комментарий</td>';
$html .= '</tr>';
$html .= '<tr class="row1">';
$html .= '<td width="20%" class="bold">Комментарий<br /><span class="small">Использование <b>BBCode</b> и <b>HTML</b> запрещено</span></td>';
$html .= '<td width="80%" class="bold tCenter"><textarea id="ctext_'.$order_id.'" style="width: 90%; height: 100px;"></textarea></td>';
$html .= '</tr>';
$html .= '<tr>';
$html .= '<td colspan="2" class="tCenter"><input type="button" onclick="ajax.o_comment_add('.$order_id.');" value="Отправить" /></td>';
$html .= '</tr>';
$html .= '</table>';
$this->response['html'] = $html;
$this->response['or_id'] = $order_id;
}
function o_comment_add()
{
global $userdata, $lang, $bb_cfg;
$order_id = (int) $this->request['id'];
$text = $this->request['text'];
if (!$text) ajax_die('Вы не ввели комментарий');
// $text = htmlentities($text);
$user_id = $userdata['user_id'];
$time = TIMENOW;
$text = DB()->escape($text);
DB()->query("INSERT INTO bb_order_comment SET
order_id = $order_id,
comment = '$text',
comment_time = $time,
comment_user_id = $user_id
");
$html = '<td calss="row1"><a href="profile.php?mode=viewprofile&u='.$user_id.'">'.$userdata['username'].'</a><br />'.bb_date( $time,$bb_cfg['default_dateformat'],'', false).'</td>';
$html .= '<td calss="row1">'.htmlentities($text).'</td>';
$this->response['html'] = $html;
$this->response['id'] = $order_id;
}
// Стол заказов END