EIOS/inc/mhelp_order.php

180 lines
6.6 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?
session_start();
$page = 'order';
include_once $_SERVER['DOCUMENT_ROOT'].'/inc/class_SYSTEM.php';
$SYSTEMclass = new SYSTEMclass();
$id_mhelp = 0;
if (isset($_POST["order_mhelp"])){
$id_user = $_POST["id_user"];
$mtype = $_POST["mtype"];
$summa = htmlspecialchars(addslashes($_POST["summa"]));
$address = htmlspecialchars(addslashes($_POST["address"]));
$date_pr = $_POST["date_pr"];
$phone = htmlspecialchars(addslashes($_POST["phone"]));
$fakultet = htmlspecialchars(addslashes($_POST["fakultet"]));
$type = $_POST["type"];
$pod = htmlspecialchars(addslashes($address.'|'.$date_pr.'|'.$fakultet.'|'.$type));
$do = 1;
$smarty->assign('do', $do);
if ($pod == "") $pod = NULL;
$date_cr = time();
//echo '<script>alert("'.$date_cr.'");</script>';
//echo '<script>alert("'.$id_user.'");</script>';
$sql = "INSERT INTO `acs_mhelp` (`id_user`, `type`, `summa`, `status`, `dop_info`, `date_cr`, `decisions`, `phone`) VALUES ('$id_user', '$mtype', '$summa', '1', '$pod', '$date_cr', '-----', '$phone')";
$rez = $DB->QUR($sql);
if(!$rez['err']){
$id_mhelp = mysql_insert_id();
//send_email_iup($id_mhelp);
$sql2 = "SELECT * FROM `acs_users` WHERE `id` = '$roles[0]'";
$rez2 = $DB->QUR_SEL($sql2);
$i = 1;
if ($rez2){
foreach($rez2 as $key => $val){
if ($key){
$email = $val["email"];
}
}
}
echo '<script type="text/javascript">alert("'.$roles[0].'");</script>';
send_email("Секретарю стипендиальной комиссии", "В ЛК на сайте learn-mkgtu.ru пришло новое заявление на материальную помощь http://learn-mkgtu.ru/mhelp/secretary/", $email);
//$msg['msg'][]='Ваша заявка создана!';
}
else{
//$msg['err'][]='Ваша заявка не создана! Ошибка БД!!!';
}
}
if($id_mhelp){ //обходим загруженные файлы
//echo '<script>alert("111");</script>';
foreach($_FILES['files_mhelp'] as $key => $val){
//echo '<script>alert("111");</script>';
//if(isset($_FILES[$val['name']])){
if(isset($_FILES['files_mhelp'])){
//foreach($_FILES[$val['name']]['tmp_name'] as $k => $v){
foreach($_FILES['files_mhelp']['tmp_name'] as $k => $v){
if ($v != ''){//загружаем файл
$dir_dest = 'upload/mhelp/'.$_SESSION['user']['id'].'/';
if(!file_exists($dir_dest)) mkdir($dir_dest);
//$fil = $_FILES[$val['name']]['name'][$k];
$fil = $_FILES['files_mhelp']['name'][$k];
$t = explode('.',$fil); $ext = $t[count($t)-1];
unset($t[count($t)-1]); $fn = implode('.',$t);
$uploadfile = $dir_dest . basename(translit($fn).'.'.$ext);
//допустимое ли расширение
if (in_array($ext, array("jpg", "png", "pdf", "doc", "docx"))){
//$debug .= $v.' - '.$uploadfile.'<br>';
//if (move_uploaded_file($v, $uploadfile)) {
if ($SYSTEMclass->sysUPLOAD($v, $uploadfile)) {
//echo "Файл корректен и был успешно загружен.\n";
$sql1 = "INSERT INTO `acs_mhelp_files` (`id_mhelp`, `src`) VALUES ('$id_mhelp', '$uploadfile')";
//$sql1 = 'INSERT INTO `'.$TB['iup_studentzayavks_files'].'` VALUES (0,'.time().','.$_SESSION['user']['id'].','.$id_mhelp.',"'.$val['title'].'","'.$uploadfile.'",1);';
$rez1 = $DB->QUR($sql1);
if($rez1){
$msg['msg'][]='Файл загружен и сохранен в БД!';
}else{
$msg['err'][]='Файл загружен и не сохранен в БД!';
}
} else {
$msg['err'][]='Файл не загружен!';
}
}
else{
$msg['err'][] = 'Недопустимое расширение у файла!';
}
}
}
}
}
$des = 'show';
}
//массив с информацией о студенте
/*$id_user_now = $_SESSION['user'];
$sql = "SELECT * FROM `acs_students` WHERE `id_user` = '$id_user_now'";
$rez = $DB->QUR_SEL($sql);
if ($rez){
foreach ($rez as $key => $val){
$id_group = $val['id_grupp'];
$sql2 = "SELECT * FROM `acs_grupp` WHERE `id` = '$id_group'";
$rez2 = $DB->QUR_SEL($sql2);
if ($rez2)
foreach ($rez2 as $key2 => $val2){
//$student['group'] = $val['sokr'].'-'.$val['kurs'];
$student = 'GR11';
}
}
}
$student = 'GR11';*/
/*function get_sel_grupp($id){
GLOBAL $ST,$DB; $out=array();
$sql = 'SELECT * FROM `acs_grupp` ORDER BY sokr,kurs';
$rez=$DB->QUR_SEL($sql);
if($rez){
foreach($rez as $key => $val)if($key){
$out[$key]=$val;
if($id==$val['id']) $out[$key]['active']=1;
}
}
return $out;
}*/
//ВЫБЕРЕМ ДАННЫЕ СТУДЕНТА
$sql = 'SELECT * FROM `acs_students` WHERE id_user='.$_SESSION['user']['id'].' LIMIT 1';
$rez=$DB->QUR_SEL($sql);
if($rez){
$student['num_zach']=out_data_fu($rez[1]['num_zach']);
$student['num_stud']=out_data_fu($rez[1]['num_stud']);
$student['num_grupp']=out_data_fu($rez[1]['num_grupp']);
$student['kod_podgotovki']=out_data_fu($rez[1]['kod_podgotovki']);
$student['grupps']=get_sel_grupp($rez[1]['id_grupp']);
$student['data_u']=date('H:i:s d.m.Y',$rez[1]['data_u']);
if ($rez[1]['status']==0) $student['status'] = '<span style="color:red">не подтвержден</span>';
if ($rez[1]['status']==1) {
//если подтвержден обновим сессии
$_SESSION['user']['student']['grupp']=get_grupp($rez[1]['id_grupp']);
$_SESSION['user']['student']['num_zach']=out_data_fu($rez[1]['num_zach']);
$_SESSION['user']['student']['num_stud']=out_data_fu($rez[1]['num_stud']);
$_SESSION['user']['student']['data_u']=date('H:i:s d.m.Y',$rez[1]['data_u']);
$_SESSION['user']['student']['status']=$rez[1]['status'];
$_SESSION['user']['student']['id_grupp']=$rez[1]['id_grupp'];
$_SESSION['user']['student']['num_grupp']=$rez[1]['num_grupp'];
$_SESSION['user']['student']['kod_podgotovki']=$rez[1]['kod_podgotovki'];
$student['status'] = '<span style="color:green">подтвержден</span>';
}
}else{
$student['num_zach']='';
$student['num_stud']='';
$student['num_grupp']='';
$student['kod_podgotovki']='';
$student['grupps']=get_sel_grupp();
$student['status'] = '';
}
$fakultets = iup_get_fakultets();
$smarty->assign('fakultets',$fakultets);
$kafedras = iup_get_kafedras();
$smarty->assign('kafedras',$kafedras);
$smarty->assign('student',$student);
$smarty->assign('profile',$_SESSION['user']);
//$smarty->assign('student', $student);
$smarty->assign('page', $page);
$smarty->assign('prilogens',$prilogens);
$maincontent = $smarty->fetch('tpl_mhelp.html');
?>