Joywork/ajax/send_catalog.php

456 lines
20 KiB
PHP
Raw Normal View History

2026-05-22 20:21:54 +02:00
<?php
require_once($_SERVER['DOCUMENT_ROOT'] . "/config.php");
if (!$_SESSION['id'])
exit();
// hide_client_contacts: блокируем РЕАЛЬНУЮ отправку каталога (mail/whatsapp/telegram).
// Генерацию ссылки на каталог (без отправки) разрешаем.
$_postSendType = isset($_POST['send_type']) ? $_POST['send_type'] : '';
$_isActualSend = in_array($_postSendType, ['mail', 'whatsapp', 'telegram'], true);
if ($_isActualSend
&& function_exists('should_hide_contacts_for_current_user')
&& should_hide_contacts_for_current_user()
) {
http_response_code(403);
echo json_encode([
'error' => 'hide_client_contacts',
'message' => 'Отправка каталога через E-mail/WhatsApp/Telegram недоступна: контакты клиентов скрыты.'
]);
exit;
}
$post = clearInputData($_POST);
$user = new User;
$user->get($_SESSION['id']); // насколько мы должны доверять данным из сессии, что используем их в запросе
$title = $user->getAgencyName() ?: $user->getFullName(); // здесь мы понимаем, что агентство это другая сущность
$phone = $user->getAgencyPhone() ?: $user->getPhone();
$manager = $user->getFullName(); // почему это менеджер?
$sendType = !empty($SEND_TYPE_PDF[$post['send_type']]) ? $SEND_TYPE_PDF[$post['send_type']] : 0; // здесь конечно же надо бы dto и helper
$theme = !empty($post['theme']) ? $post['theme'] : 'Презентации объектов недвижимости';
$txt = '';
if ($sendType === 0) {
$txt = !empty($post['txt']) ? str_replace("\n", "<br>", $post['txt'] . "<br/>") : "Уважаемый клиент, отправляю Вам варианты объектов недвижимости. С удовольствием отвечу на ваши вопросы.<br/>";
}
$clientIds = isset($post['clients']) ? array_map('intval', $post['clients']) : [];
$requestId = isset($post['request']) ? (int)$post['request'] : null;
$userId = $user->getId();
$objectIds = array_map('intval', $_SESSION['to_send']);
$newBuildingIds = array_map('intval', $_SESSION['to_send_newbuilding']);
$complexIds = array_map('intval', $_SESSION['to_send_complexes']);
session_write_close();
// достаем закрытие контактов и новые цены из глобального $_POST (не чищеного) для json_decode
$closeContacts = isset($_POST['closes_contact']) ? json_decode($_POST['closes_contact'], true) : [];
$prices = isset($_POST['priсes']) ? json_decode($_POST['priсes'], true) : [];
$addresses = isset($_POST['addresses']) ? json_decode($_POST['addresses'], true) : [];
$catalogId;
$catalogIdNewBuilding;
$catalogIdComplexes;
if (isset($post['catalog_types']) && in_array("catalog", $post['catalog_types'])) {
$catalogId = isset($post['catalog']) ? $post['catalog'] : '';
}
$is_catalog_type_building = isset($post['catalog_types']) && in_array("catalog", $post['catalog_types']);
$is_catalog_type_newbuilding = isset($post['catalog_types']) && in_array("catalog-newbuilding", $post['catalog_types']);
$is_catalog_type_complexes = isset($post['catalog_types']) && in_array("catalog-complexes", $post['catalog_types']);
$is_catalog_type_links_metro = isset($post['catalog_types']) && in_array("links_metro", $post['catalog_types']);
if ($is_catalog_type_newbuilding) {
$catalogIdNewBuilding = isset($post['catalogNewBuildings']) ? $post['catalogNewBuildings'] : '';
}
if ($is_catalog_type_complexes) {
// var_dump('verev mtav');die;
$catalogIdComplexes = isset($post['catalogComplexes']) ? $post['catalogComplexes'] : '';
}
// если хоть один контакт закрыт, то закрываем контакт для всего каталога
$closeContactCatalog = array_sum($closeContacts) ? 1 : 0;
// конечно же проверки нужны try/catch и PDO
if ($is_catalog_type_newbuilding) {
if (!$catalogIdNewBuilding) {
mysql_query("INSERT INTO sent_catalog(agent_id, close_contact, date_send) VALUES ('$userId', '$closeContactCatalog', NOW())");
$catalogIdNewBuilding = mysql_insert_id();
} else {
mysql_query("UPDATE sent_catalog SET agent_id = $userId, close_contact = $closeContactCatalog, date_send = NOW() WHERE id = $catalogIdNewBuilding");
mysql_query("DELETE FROM sended_pdf WHERE sent_catalog_id = $catalogIdNewBuilding");
}
// метка новостройки
foreach ($newBuildingIds as $newBuildingId) {
// Находим новостройку
$sqlNewBuildings = "SELECT a.*, b.name as bl_name FROM apartments a, blocks b WHERE b.id = a.block_id AND a.id = '$newBuildingId'"; // id = $newBuildingId
$queryNewBuildings = mysql_query($sqlNewBuildings);
$newBuildingsArray = mysql_fetch_assoc($queryNewBuildings);
$nazv = "Квартира №$newBuildingsArray[number] в комплексе $newBuildingsArray[bl_name]";
foreach ($clientIds as $clientId) {
$hideAddress = isset($addresses[$newBuildingId]) ? $addresses[$newBuildingId] : 0;
$price = isset($prices[$newBuildingId]) ? $prices[$newBuildingId] : 0;
$sql = "INSERT INTO sended_pdf_newbuildings(
id_agent,
id_object,
date_send,
id_client,
nazv,
path,
send_type,
close_contact,
hide_address,
new_price,
token,
id_request,
sent_catalog_id
) VALUES(
'$userId',
'$newBuildingId',
NOW(),
'$clientId',
'$nazv',
'',
$sendType,
$closeContactCatalog,
$hideAddress,
'$price',
'',
'$requestId',
'$catalogIdNewBuilding'
)";
mysql_query($sql);
$id_pr = mysql_insert_id();
$token = md5($userId);
$path = "https://joywork.ru/presentation-vue/#/view-presentation?token=$token&id=" . $newBuildingId;
$sql_up_pr = "UPDATE sended_pdf_newbuildings SET token = '{$token}', path='{$path}' WHERE id={$id_pr}";
mysql_query($sql_up_pr);
}
}
}
// Находим комплексы
if ($is_catalog_type_complexes) {
if (!$catalogIdComplexes) {
mysql_query("INSERT INTO sent_catalog(agent_id, close_contact, date_send) VALUES ('$userId', '$closeContactCatalog', NOW())");
$catalogIdComplexes = mysql_insert_id();
} else {
mysql_query("UPDATE sent_catalog SET agent_id = $userId, close_contact = $closeContactCatalog, date_send = NOW() WHERE id = $catalogIdComplexes");
mysql_query("DELETE FROM sended_pdf WHERE sent_catalog_id = $catalogIdComplexes");
}
foreach ($complexIds as $complexId) {
// var_dump($catalogIdComplexes);die;
$exist_sql = "SELECT * FROM sended_pdf_complexes WHERE id_object = $complexId AND sent_catalog_id = $catalogIdComplexes";
$query = mysql_query($exist_sql);
if (mysql_num_rows($query)) {
continue;
}
$sqlComplexes = "SELECT cr.id as id, cl.name as complex_name, cl.id as complex_id, cr.type as type, cr.number as number, ca.address as address FROM complex_list cl
JOIN complex_houses ch ON ch.complex_id = cl.id
JOIN complex_entrances ce ON ce.complex_house_id = ch.id
JOIN complex_floors cf ON cf.complex_entrance_id = ce.id
JOIN complex_rooms cr ON cr.floor_id = cf.id
LEFT JOIN complex_address ca on ca.complex_id = cl.id
where cr.id = $complexesId
"; // id = $newBuildingId
$queryComplexes = mysql_query($sqlComplexes);
$complexesArray = mysql_fetch_assoc($queryComplexes);
foreach ($clientIds as $clientId) {
$hideAddress = isset($addresses[$complexId]) ? $addresses[$complexId] : 0;
$price = isset($prices[$complexId]) ? $prices[$complexId] : 0;
$sql = "INSERT INTO sended_pdf_complexes(
id_agent,
id_object,
date_send,
id_client,
nazv,
path,
send_type,
close_contact,
hide_address,
new_price,
token,
id_request,
sent_catalog_id
) VALUES(
'$userId',
'$complexId',
NOW(),
'$clientId',
'',
'',
$sendType,
$closeContactCatalog,
$hideAddress,
'$price',
'',
'$requestId',
'$catalogIdComplexes'
)";
mysql_query($sql);
$id_pr = mysql_insert_id();
$token = md5($id_pr);
$path = "https://joywork.ru/object-view.php?token=" . $token;
$sql_up_pr = "UPDATE sended_pdf_complexes SET token = '{$token}', path='{$path}' WHERE id={$id_pr}";
mysql_query($sql_up_pr);
}
}
}
if ($is_catalog_type_building) {
if (!$catalogId) {
mysql_query("INSERT INTO sent_catalog(agent_id, close_contact, date_send) VALUES ('$userId', '$closeContactCatalog', NOW())");
$catalogId = mysql_insert_id();
} else {
mysql_query("UPDATE sent_catalog SET agent_id = $userId, close_contact = $closeContactCatalog, date_send = NOW() WHERE id = $catalogId");
mysql_query("DELETE FROM sended_pdf WHERE sent_catalog_id = $catalogId");
}
foreach ($objectIds as $objectId) {
// найдем объект
$sqlObjects = "SELECT nazv, adres, phone, sobstv FROM objects WHERE id=$objectId";
$queryObjects = mysql_query($sqlObjects);
$objectArray = mysql_fetch_assoc($queryObjects);
foreach ($clientIds as $clientId) {
// Цены не ясно как должны устанавливаться
$price = isset($prices[$objectId]) ? $prices[$objectId] : 0;
// Контакты скрываем отдельно или можно ко всем применять от каталога, если логика для всех?
// $closeContact = isset($closeContacts[$objectId]) ? $closeContacts[$objectId] : 0;
// Скрытие адреса по каждому ОН (объекту недвижимости)
$hideAddress = isset($addresses[$objectId]) ? $addresses[$objectId] : 0;
// Скрываем или показываем всем по каталогу
if ($closeContactCatalog) {
$sql_up = "INSERT INTO user_object_contact_close SET close={$closeContactCatalog}, user_id={$userId}, object_id = {$objectId}, client_id = {$clientId}";
mysql_query($sql_up);
}
$sql = "INSERT INTO sended_pdf(
id_agent,
id_object,
date_send,
id_client,
nazv,
path,
send_type,
close_contact,
hide_address,
new_price,
token,
id_request,
sent_catalog_id
) VALUES(
'$userId',
'$objectId',
NOW(),
'$clientId',
'$objectArray[nazv] $objectArray[adres]',
'',
$sendType,
$closeContactCatalog,
$hideAddress,
'$price',
'',
'$requestId',
'$catalogId'
)";
mysql_query($sql);
$id_pr = mysql_insert_id();
$token = md5($id_pr);
$path = "https://joywork.ru/object-view.php?token=" . $token;
$sql_up_pr = "UPDATE sended_pdf SET token = '{$token}', path='{$path}' WHERE id={$id_pr}";
mysql_query($sql_up_pr);
}
// Запишем объект в архив. Тоже надо удалять записи при повторной отправке
// в выборке ajax/getClientsView.php
$sql = "INSERT INTO archive(nazv, adres, phone, sobstv, id_obj) VALUES('$objectArray[nazv]', '$objectArray[adres]', '$objectArray[phone]', '$objectArray[sobstv]', '$objectId')";
mysql_query($sql);
}
}
if($is_catalog_type_links_metro){
$text = '';
if(!empty($objectIds)){
$id_client = 0;
// $send_type = 3;
$sql = "SELECT * FROM objects WHERE id in (".implode(',', $objectIds).")";
$q = mysql_query($sql);
$i = 1;
while($obj=mysql_fetch_assoc($q)){
$text .= "{$i}. Объект {$obj['id']}: ";
if(!empty($obj['ploshad'])){
$text .= "Площадь: ".$obj['ploshad']. " кв. м, ";
}
$is_link_metro = true;
$cena = 0;
if(isset($prices[$obj['id']])){
//$is_link_metro = false;
$cena = $prices[$obj['id']];
}
if($cena != $obj['stoim']){
$is_link_metro = false;
}
$text .= "Цена: ".$cena . " руб.";
$close_contact = 0;
if(isset($closeContacts[$obj['id']]) && $closeContacts[$obj['id']] == 1){
$is_link_metro = false;
$close_contact = $closeContacts[$obj['id']];
$sql_up = "INSERT INTO user_object_contact_close SET close={$close_contact}, user_id={$userId}, object_id = {$obj['id']}, client_id = {$id_client}";
mysql_query($sql_up);
}
$token = md5(microtime());
$hideAddress = 0;
if(isset($addresses[$obj['id']]) && $addresses[$obj['id']] == 1){
$is_link_metro = false;
$hideAddress = $addresses[$obj['id']];
};
if($is_link_metro){
$sql_l = "SELECT * FROM object_agencymetro_links WHERE object_id = {$obj['id']} AND is_active = 1";
$q_l = mysql_query($sql_l);
if(mysql_num_rows($q_l) == 0){
$is_link_metro = false;
} else {
$r_l = mysql_fetch_assoc($q_l);
if(!empty($r_l['link'])){
$linkUrl = $r_l['link']."?agentId=".$userId;
} else {
$is_link_metro = false;
}
}
}
if($is_link_metro){
$sql_com = "SELECT * FROM user_object_comments WHERE user_id = $userId AND object_id={$obj['id']}";
$q_com = mysql_query($sql_com);
if(mysql_num_rows($q_com) > 0){
$r_com = mysql_fetch_assoc($q_com);
if(strcmp(trim($r_com['comment']), trim($obj['opis'])) != 0){
$is_link_metro = false;
}
}
}
if($is_link_metro === false){
$sql = "INSERT INTO sended_pdf(id_agent, id_object, date_send, id_client, nazv, path, send_type, close_contact, hide_address, token, id_request, new_price) VALUES('$userId', '{$obj['id']}', NOW(), '$id_client', '$obj[nazv] $obj[adres]', '$linkUrl', $sendType, $close_contact, $hideAddress, '$token', '$requestId', '$cena')";
mysql_query($sql);
$id_pr = mysql_insert_id();
$token2 = md5($id_pr);
$linkUrl = "https://joywork.ru/object-view.php?token=".$token2;
$sql_up_pr = "UPDATE sended_pdf SET token = '{$token2}', path='{$linkUrl}' WHERE id={$id_pr}";
mysql_query($sql_up_pr);
}
$text .= ", ".$linkUrl."; ";
$i++;
// 1. Объект 91753696: Площадь: 110 кв. м, Цена: 24 000 000 руб., https://joywork.ru/object-view.php?token=b4335f65064461dcc644273866cad3e8
}
}
}
// Здесь хост development из конфигурации или из глобальной $_SERVER например
if ($catalogId) {
$linkUrl = "$site_url/catalog-view.php?catalog=$catalogId";
}
if ($catalogIdNewBuilding) {
$linkUrlNewBuilding = "$site_url/presentation-vue?catalog=$catalogIdNewBuilding";
}
if ($catalogIdComplexes) {
$linkUrlComplexes = "$site_url/presentation-complexes?catalog=$catalogIdComplexes";
}
if ($catalogId) {
$txt .= "<a href='" . $linkUrl . "' target='_blank'>Каталог объектов</a> ";
$txt .= "Вы можете посмотреть каталог по ссылке " . $linkUrl . "\r\n ";
}
if ($catalogIdNewBuilding) {
$txt .= "<a href='" . $linkUrlNewBuilding . "' target='_blank'>Каталог новостроек</a> ";
$txt .= "Вы можете посмотреть каталог новостроек по ссылке " . $linkUrlNewBuilding . "\r\n ";
}
if ($catalogIdComplexes) {
$txt .= "<a href='" . $linkUrlComplexes . "' target='_blank'>Каталог комплексов</a> ";
$txt .= "Вы можете посмотреть каталог комплексов по ссылке " . $linkUrlComplexes . "\r\n ";
}
// с этим кружевом if не ясно что делать
if ($sendType === 0) {
foreach ($clientIds as $clientId) {
$mail = mysql_result(mysql_query("SELECT email FROM clients WHERE deleted <> 1 AND id = $clientId"), 0);
mailClientByIdWithConfirm($userId, trim($mail), $theme, $txt, [], []);
sleep(1);
}
} else if ($sendType === 1) {
$phone = mysql_result(mysql_query("SELECT phone FROM clients WHERE deleted <> 1 AND id = $clientIds[0]"), 0);
$text = !empty($post['txt']) ? str_replace("\n", "<br>", $post['txt'] . "<br/>") : "Уважаемый клиент, отправляю Вам варианты объектов недвижимости. С удовольствием отвечу на ваши вопросы.<br/>";
$txt = $text . " " . $txt;
echo "https://wa.me/" . preg_replace("/[^,.0-9]/", '', $phone) . "?text=" .
urlencode(strip_tags(preg_replace('/<a href="(.*)">/', '$1', $txt))) . " ";
exit;
} else if ($sendType === 2) {
$phone = mysql_result(mysql_query("SELECT phone FROM clients WHERE deleted <> 1 AND id = $clientIds[0]"), 0);
$text = !empty($post['txt']) ? str_replace("\n", "<br>", $post['txt'] . "\n") : "Уважаемый клиент, отправляю Вам варианты объектов недвижимости.\nС удовольствием отвечу на ваши вопросы.\n";
$txt = $text . " " . str_replace("<br>", "\n", $txt);
echo "https://telegram.me/share/url?url=%20&text=" .
urlencode(strip_tags(preg_replace('/<a href="(.*)">/', '$1', $txt))) . " ";
exit;
} else if($sendType === 5){
echo $text;
} else if ($sendType === 3 || $is_catalog_type_building) {
echo $linkUrl;
} else if ($is_catalog_type_newbuilding) {
echo $linkUrlNewBuilding;
} else if ($is_catalog_type_complexes) {
echo $linkUrlComplexes;
}