Joywork/ajax/send_catalog.php
2026-05-22 21:21:54 +03:00

456 lines
20 KiB
PHP
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
require_once($_SERVER['DOCUMENT_ROOT'] . "/config.php");
if (!$_SESSION['id'])
exit();
// hide_client_contacts: блокируем РЕАЛЬНУЮ отправку каталога (mail/whatsapp/telegram).
// Генерацию ссылки на каталог (без отправки) разрешаем.
$_postSendType = isset($_POST['send_type']) ? $_POST['send_type'] : '';
$_isActualSend = in_array($_postSendType, ['mail', 'whatsapp', 'telegram'], true);
if ($_isActualSend
&& function_exists('should_hide_contacts_for_current_user')
&& should_hide_contacts_for_current_user()
) {
http_response_code(403);
echo json_encode([
'error' => 'hide_client_contacts',
'message' => 'Отправка каталога через E-mail/WhatsApp/Telegram недоступна: контакты клиентов скрыты.'
]);
exit;
}
$post = clearInputData($_POST);
$user = new User;
$user->get($_SESSION['id']); // насколько мы должны доверять данным из сессии, что используем их в запросе
$title = $user->getAgencyName() ?: $user->getFullName(); // здесь мы понимаем, что агентство это другая сущность
$phone = $user->getAgencyPhone() ?: $user->getPhone();
$manager = $user->getFullName(); // почему это менеджер?
$sendType = !empty($SEND_TYPE_PDF[$post['send_type']]) ? $SEND_TYPE_PDF[$post['send_type']] : 0; // здесь конечно же надо бы dto и helper
$theme = !empty($post['theme']) ? $post['theme'] : 'Презентации объектов недвижимости';
$txt = '';
if ($sendType === 0) {
$txt = !empty($post['txt']) ? str_replace("\n", "<br>", $post['txt'] . "<br/>") : "Уважаемый клиент, отправляю Вам варианты объектов недвижимости. С удовольствием отвечу на ваши вопросы.<br/>";
}
$clientIds = isset($post['clients']) ? array_map('intval', $post['clients']) : [];
$requestId = isset($post['request']) ? (int)$post['request'] : null;
$userId = $user->getId();
$objectIds = array_map('intval', $_SESSION['to_send']);
$newBuildingIds = array_map('intval', $_SESSION['to_send_newbuilding']);
$complexIds = array_map('intval', $_SESSION['to_send_complexes']);
session_write_close();
// достаем закрытие контактов и новые цены из глобального $_POST (не чищеного) для json_decode
$closeContacts = isset($_POST['closes_contact']) ? json_decode($_POST['closes_contact'], true) : [];
$prices = isset($_POST['priсes']) ? json_decode($_POST['priсes'], true) : [];
$addresses = isset($_POST['addresses']) ? json_decode($_POST['addresses'], true) : [];
$catalogId;
$catalogIdNewBuilding;
$catalogIdComplexes;
if (isset($post['catalog_types']) && in_array("catalog", $post['catalog_types'])) {
$catalogId = isset($post['catalog']) ? $post['catalog'] : '';
}
$is_catalog_type_building = isset($post['catalog_types']) && in_array("catalog", $post['catalog_types']);
$is_catalog_type_newbuilding = isset($post['catalog_types']) && in_array("catalog-newbuilding", $post['catalog_types']);
$is_catalog_type_complexes = isset($post['catalog_types']) && in_array("catalog-complexes", $post['catalog_types']);
$is_catalog_type_links_metro = isset($post['catalog_types']) && in_array("links_metro", $post['catalog_types']);
if ($is_catalog_type_newbuilding) {
$catalogIdNewBuilding = isset($post['catalogNewBuildings']) ? $post['catalogNewBuildings'] : '';
}
if ($is_catalog_type_complexes) {
// var_dump('verev mtav');die;
$catalogIdComplexes = isset($post['catalogComplexes']) ? $post['catalogComplexes'] : '';
}
// если хоть один контакт закрыт, то закрываем контакт для всего каталога
$closeContactCatalog = array_sum($closeContacts) ? 1 : 0;
// конечно же проверки нужны try/catch и PDO
if ($is_catalog_type_newbuilding) {
if (!$catalogIdNewBuilding) {
mysql_query("INSERT INTO sent_catalog(agent_id, close_contact, date_send) VALUES ('$userId', '$closeContactCatalog', NOW())");
$catalogIdNewBuilding = mysql_insert_id();
} else {
mysql_query("UPDATE sent_catalog SET agent_id = $userId, close_contact = $closeContactCatalog, date_send = NOW() WHERE id = $catalogIdNewBuilding");
mysql_query("DELETE FROM sended_pdf WHERE sent_catalog_id = $catalogIdNewBuilding");
}
// метка новостройки
foreach ($newBuildingIds as $newBuildingId) {
// Находим новостройку
$sqlNewBuildings = "SELECT a.*, b.name as bl_name FROM apartments a, blocks b WHERE b.id = a.block_id AND a.id = '$newBuildingId'"; // id = $newBuildingId
$queryNewBuildings = mysql_query($sqlNewBuildings);
$newBuildingsArray = mysql_fetch_assoc($queryNewBuildings);
$nazv = "Квартира №$newBuildingsArray[number] в комплексе $newBuildingsArray[bl_name]";
foreach ($clientIds as $clientId) {
$hideAddress = isset($addresses[$newBuildingId]) ? $addresses[$newBuildingId] : 0;
$price = isset($prices[$newBuildingId]) ? $prices[$newBuildingId] : 0;
$sql = "INSERT INTO sended_pdf_newbuildings(
id_agent,
id_object,
date_send,
id_client,
nazv,
path,
send_type,
close_contact,
hide_address,
new_price,
token,
id_request,
sent_catalog_id
) VALUES(
'$userId',
'$newBuildingId',
NOW(),
'$clientId',
'$nazv',
'',
$sendType,
$closeContactCatalog,
$hideAddress,
'$price',
'',
'$requestId',
'$catalogIdNewBuilding'
)";
mysql_query($sql);
$id_pr = mysql_insert_id();
$token = md5($userId);
$path = "https://joywork.ru/presentation-vue/#/view-presentation?token=$token&id=" . $newBuildingId;
$sql_up_pr = "UPDATE sended_pdf_newbuildings SET token = '{$token}', path='{$path}' WHERE id={$id_pr}";
mysql_query($sql_up_pr);
}
}
}
// Находим комплексы
if ($is_catalog_type_complexes) {
if (!$catalogIdComplexes) {
mysql_query("INSERT INTO sent_catalog(agent_id, close_contact, date_send) VALUES ('$userId', '$closeContactCatalog', NOW())");
$catalogIdComplexes = mysql_insert_id();
} else {
mysql_query("UPDATE sent_catalog SET agent_id = $userId, close_contact = $closeContactCatalog, date_send = NOW() WHERE id = $catalogIdComplexes");
mysql_query("DELETE FROM sended_pdf WHERE sent_catalog_id = $catalogIdComplexes");
}
foreach ($complexIds as $complexId) {
// var_dump($catalogIdComplexes);die;
$exist_sql = "SELECT * FROM sended_pdf_complexes WHERE id_object = $complexId AND sent_catalog_id = $catalogIdComplexes";
$query = mysql_query($exist_sql);
if (mysql_num_rows($query)) {
continue;
}
$sqlComplexes = "SELECT cr.id as id, cl.name as complex_name, cl.id as complex_id, cr.type as type, cr.number as number, ca.address as address FROM complex_list cl
JOIN complex_houses ch ON ch.complex_id = cl.id
JOIN complex_entrances ce ON ce.complex_house_id = ch.id
JOIN complex_floors cf ON cf.complex_entrance_id = ce.id
JOIN complex_rooms cr ON cr.floor_id = cf.id
LEFT JOIN complex_address ca on ca.complex_id = cl.id
where cr.id = $complexesId
"; // id = $newBuildingId
$queryComplexes = mysql_query($sqlComplexes);
$complexesArray = mysql_fetch_assoc($queryComplexes);
foreach ($clientIds as $clientId) {
$hideAddress = isset($addresses[$complexId]) ? $addresses[$complexId] : 0;
$price = isset($prices[$complexId]) ? $prices[$complexId] : 0;
$sql = "INSERT INTO sended_pdf_complexes(
id_agent,
id_object,
date_send,
id_client,
nazv,
path,
send_type,
close_contact,
hide_address,
new_price,
token,
id_request,
sent_catalog_id
) VALUES(
'$userId',
'$complexId',
NOW(),
'$clientId',
'',
'',
$sendType,
$closeContactCatalog,
$hideAddress,
'$price',
'',
'$requestId',
'$catalogIdComplexes'
)";
mysql_query($sql);
$id_pr = mysql_insert_id();
$token = md5($id_pr);
$path = "https://joywork.ru/object-view.php?token=" . $token;
$sql_up_pr = "UPDATE sended_pdf_complexes SET token = '{$token}', path='{$path}' WHERE id={$id_pr}";
mysql_query($sql_up_pr);
}
}
}
if ($is_catalog_type_building) {
if (!$catalogId) {
mysql_query("INSERT INTO sent_catalog(agent_id, close_contact, date_send) VALUES ('$userId', '$closeContactCatalog', NOW())");
$catalogId = mysql_insert_id();
} else {
mysql_query("UPDATE sent_catalog SET agent_id = $userId, close_contact = $closeContactCatalog, date_send = NOW() WHERE id = $catalogId");
mysql_query("DELETE FROM sended_pdf WHERE sent_catalog_id = $catalogId");
}
foreach ($objectIds as $objectId) {
// найдем объект
$sqlObjects = "SELECT nazv, adres, phone, sobstv FROM objects WHERE id=$objectId";
$queryObjects = mysql_query($sqlObjects);
$objectArray = mysql_fetch_assoc($queryObjects);
foreach ($clientIds as $clientId) {
// Цены не ясно как должны устанавливаться
$price = isset($prices[$objectId]) ? $prices[$objectId] : 0;
// Контакты скрываем отдельно или можно ко всем применять от каталога, если логика для всех?
// $closeContact = isset($closeContacts[$objectId]) ? $closeContacts[$objectId] : 0;
// Скрытие адреса по каждому ОН (объекту недвижимости)
$hideAddress = isset($addresses[$objectId]) ? $addresses[$objectId] : 0;
// Скрываем или показываем всем по каталогу
if ($closeContactCatalog) {
$sql_up = "INSERT INTO user_object_contact_close SET close={$closeContactCatalog}, user_id={$userId}, object_id = {$objectId}, client_id = {$clientId}";
mysql_query($sql_up);
}
$sql = "INSERT INTO sended_pdf(
id_agent,
id_object,
date_send,
id_client,
nazv,
path,
send_type,
close_contact,
hide_address,
new_price,
token,
id_request,
sent_catalog_id
) VALUES(
'$userId',
'$objectId',
NOW(),
'$clientId',
'$objectArray[nazv] $objectArray[adres]',
'',
$sendType,
$closeContactCatalog,
$hideAddress,
'$price',
'',
'$requestId',
'$catalogId'
)";
mysql_query($sql);
$id_pr = mysql_insert_id();
$token = md5($id_pr);
$path = "https://joywork.ru/object-view.php?token=" . $token;
$sql_up_pr = "UPDATE sended_pdf SET token = '{$token}', path='{$path}' WHERE id={$id_pr}";
mysql_query($sql_up_pr);
}
// Запишем объект в архив. Тоже надо удалять записи при повторной отправке
// в выборке ajax/getClientsView.php
$sql = "INSERT INTO archive(nazv, adres, phone, sobstv, id_obj) VALUES('$objectArray[nazv]', '$objectArray[adres]', '$objectArray[phone]', '$objectArray[sobstv]', '$objectId')";
mysql_query($sql);
}
}
if($is_catalog_type_links_metro){
$text = '';
if(!empty($objectIds)){
$id_client = 0;
// $send_type = 3;
$sql = "SELECT * FROM objects WHERE id in (".implode(',', $objectIds).")";
$q = mysql_query($sql);
$i = 1;
while($obj=mysql_fetch_assoc($q)){
$text .= "{$i}. Объект {$obj['id']}: ";
if(!empty($obj['ploshad'])){
$text .= "Площадь: ".$obj['ploshad']. " кв. м, ";
}
$is_link_metro = true;
$cena = 0;
if(isset($prices[$obj['id']])){
//$is_link_metro = false;
$cena = $prices[$obj['id']];
}
if($cena != $obj['stoim']){
$is_link_metro = false;
}
$text .= "Цена: ".$cena . " руб.";
$close_contact = 0;
if(isset($closeContacts[$obj['id']]) && $closeContacts[$obj['id']] == 1){
$is_link_metro = false;
$close_contact = $closeContacts[$obj['id']];
$sql_up = "INSERT INTO user_object_contact_close SET close={$close_contact}, user_id={$userId}, object_id = {$obj['id']}, client_id = {$id_client}";
mysql_query($sql_up);
}
$token = md5(microtime());
$hideAddress = 0;
if(isset($addresses[$obj['id']]) && $addresses[$obj['id']] == 1){
$is_link_metro = false;
$hideAddress = $addresses[$obj['id']];
};
if($is_link_metro){
$sql_l = "SELECT * FROM object_agencymetro_links WHERE object_id = {$obj['id']} AND is_active = 1";
$q_l = mysql_query($sql_l);
if(mysql_num_rows($q_l) == 0){
$is_link_metro = false;
} else {
$r_l = mysql_fetch_assoc($q_l);
if(!empty($r_l['link'])){
$linkUrl = $r_l['link']."?agentId=".$userId;
} else {
$is_link_metro = false;
}
}
}
if($is_link_metro){
$sql_com = "SELECT * FROM user_object_comments WHERE user_id = $userId AND object_id={$obj['id']}";
$q_com = mysql_query($sql_com);
if(mysql_num_rows($q_com) > 0){
$r_com = mysql_fetch_assoc($q_com);
if(strcmp(trim($r_com['comment']), trim($obj['opis'])) != 0){
$is_link_metro = false;
}
}
}
if($is_link_metro === false){
$sql = "INSERT INTO sended_pdf(id_agent, id_object, date_send, id_client, nazv, path, send_type, close_contact, hide_address, token, id_request, new_price) VALUES('$userId', '{$obj['id']}', NOW(), '$id_client', '$obj[nazv] $obj[adres]', '$linkUrl', $sendType, $close_contact, $hideAddress, '$token', '$requestId', '$cena')";
mysql_query($sql);
$id_pr = mysql_insert_id();
$token2 = md5($id_pr);
$linkUrl = "https://joywork.ru/object-view.php?token=".$token2;
$sql_up_pr = "UPDATE sended_pdf SET token = '{$token2}', path='{$linkUrl}' WHERE id={$id_pr}";
mysql_query($sql_up_pr);
}
$text .= ", ".$linkUrl."; ";
$i++;
// 1. Объект 91753696: Площадь: 110 кв. м, Цена: 24 000 000 руб., https://joywork.ru/object-view.php?token=b4335f65064461dcc644273866cad3e8
}
}
}
// Здесь хост development из конфигурации или из глобальной $_SERVER например
if ($catalogId) {
$linkUrl = "$site_url/catalog-view.php?catalog=$catalogId";
}
if ($catalogIdNewBuilding) {
$linkUrlNewBuilding = "$site_url/presentation-vue?catalog=$catalogIdNewBuilding";
}
if ($catalogIdComplexes) {
$linkUrlComplexes = "$site_url/presentation-complexes?catalog=$catalogIdComplexes";
}
if ($catalogId) {
$txt .= "<a href='" . $linkUrl . "' target='_blank'>Каталог объектов</a> ";
$txt .= "Вы можете посмотреть каталог по ссылке " . $linkUrl . "\r\n ";
}
if ($catalogIdNewBuilding) {
$txt .= "<a href='" . $linkUrlNewBuilding . "' target='_blank'>Каталог новостроек</a> ";
$txt .= "Вы можете посмотреть каталог новостроек по ссылке " . $linkUrlNewBuilding . "\r\n ";
}
if ($catalogIdComplexes) {
$txt .= "<a href='" . $linkUrlComplexes . "' target='_blank'>Каталог комплексов</a> ";
$txt .= "Вы можете посмотреть каталог комплексов по ссылке " . $linkUrlComplexes . "\r\n ";
}
// с этим кружевом if не ясно что делать
if ($sendType === 0) {
foreach ($clientIds as $clientId) {
$mail = mysql_result(mysql_query("SELECT email FROM clients WHERE deleted <> 1 AND id = $clientId"), 0);
mailClientByIdWithConfirm($userId, trim($mail), $theme, $txt, [], []);
sleep(1);
}
} else if ($sendType === 1) {
$phone = mysql_result(mysql_query("SELECT phone FROM clients WHERE deleted <> 1 AND id = $clientIds[0]"), 0);
$text = !empty($post['txt']) ? str_replace("\n", "<br>", $post['txt'] . "<br/>") : "Уважаемый клиент, отправляю Вам варианты объектов недвижимости. С удовольствием отвечу на ваши вопросы.<br/>";
$txt = $text . " " . $txt;
echo "https://wa.me/" . preg_replace("/[^,.0-9]/", '', $phone) . "?text=" .
urlencode(strip_tags(preg_replace('/<a href="(.*)">/', '$1', $txt))) . " ";
exit;
} else if ($sendType === 2) {
$phone = mysql_result(mysql_query("SELECT phone FROM clients WHERE deleted <> 1 AND id = $clientIds[0]"), 0);
$text = !empty($post['txt']) ? str_replace("\n", "<br>", $post['txt'] . "\n") : "Уважаемый клиент, отправляю Вам варианты объектов недвижимости.\nС удовольствием отвечу на ваши вопросы.\n";
$txt = $text . " " . str_replace("<br>", "\n", $txt);
echo "https://telegram.me/share/url?url=%20&text=" .
urlencode(strip_tags(preg_replace('/<a href="(.*)">/', '$1', $txt))) . " ";
exit;
} else if($sendType === 5){
echo $text;
} else if ($sendType === 3 || $is_catalog_type_building) {
echo $linkUrl;
} else if ($is_catalog_type_newbuilding) {
echo $linkUrlNewBuilding;
} else if ($is_catalog_type_complexes) {
echo $linkUrlComplexes;
}