59 lines
2.2 KiB
PHP
59 lines
2.2 KiB
PHP
<?php
|
|
|
|
require_once($_SERVER['DOCUMENT_ROOT']."/config.php");
|
|
|
|
if($_SESSION['id'] && (($_POST['client_id'] && is_numeric($_POST['client_id'])) || ($_POST['req_id'] && is_numeric($_POST['req_id'])) || ($_POST['object_id'] && is_numeric($_POST['object_id'])))) {
|
|
$post = clearInputData($_POST);
|
|
|
|
$req_id = 0;
|
|
$object_id = 0;
|
|
|
|
if(isset($_POST['req_id']) && $_POST['req_id'] > 0){
|
|
$req_id = (int)$_POST['req_id'];
|
|
}
|
|
if(isset($_POST['object_id']) && $_POST['object_id'] > 0){
|
|
$object_id = (int)$_POST['object_id'];
|
|
}
|
|
$sql="SELECT * FROM clients WHERE id=$post[client_id]";
|
|
if($req_id > 0){
|
|
$sql="SELECT * FROM requisitions WHERE id=$req_id";
|
|
} else if($object_id > 0){
|
|
$sql="SELECT * FROM objects WHERE id=$object_id";
|
|
}
|
|
$rez=mysql_query($sql);
|
|
$client = mysql_fetch_assoc($rez);
|
|
|
|
$idUser = $_SESSION['id'];
|
|
if ($client['who_work'] > 0) {
|
|
// тому событие, чей клиент
|
|
$idUser = $client['who_work'];
|
|
}
|
|
|
|
$from_id = $_SESSION['id'];
|
|
$sql = "INSERT INTO user_client_events(user_id, client_id, type, comment, from_id) ";
|
|
$sql .= " VALUES($idUser, $post[client_id], 'file', '$post[comment]', $from_id)";
|
|
if($req_id > 0){
|
|
$sql = "INSERT INTO user_client_events(user_id, req_id, type, comment, from_id) ";
|
|
$sql .= " VALUES($idUser, $req_id, 'file', '$post[comment]', $from_id)";
|
|
} else if($object_id > 0){
|
|
$sql = "INSERT INTO user_object_events(user_id, object_id, type, comment, from_id) ";
|
|
$sql .= " VALUES($idUser, $object_id, 'file', '$post[comment]', $from_id)";
|
|
}
|
|
mysql_query($sql);
|
|
$id = mysql_insert_id();
|
|
|
|
if ($_SESSION['event_id_temp'] < 0) {
|
|
$sql = "UPDATE `clients_files` SET `event_id` = '$id' WHERE `event_id` = '$_SESSION[event_id_temp]'";
|
|
mysql_query($sql);
|
|
}
|
|
if(!empty($post['name'])){
|
|
$sql = "INSERT INTO names_client_files SET name = '{$post['name']}'";
|
|
mysql_query($sql);
|
|
$id_name = mysql_insert_id();
|
|
$sql = "UPDATE `clients_files` SET `name_id` = {$id_name} WHERE `event_id` = {$id}";
|
|
mysql_query($sql);
|
|
}
|
|
$_SESSION['event_id_temp'] = rand(10000000,99999999);
|
|
$_SESSION['event_id_temp'] *= -1;
|
|
}
|