35 lines
1.1 KiB
PHP
35 lines
1.1 KiB
PHP
<?php
|
|
require_once($_SERVER['DOCUMENT_ROOT']."/config.php");
|
|
|
|
ini_set('display_errors', 1);
|
|
error_reporting(E_ALL & ~E_DEPRECATED & ~E_STRICT & ~E_NOTICE);
|
|
|
|
if ($_SESSION['id'] && $_GET['newUser'] && is_numeric($_GET['newUser']) && $_GET['objectsId'] && is_string($_GET['objectsId'])) {
|
|
$get = clearInputData($_GET);
|
|
$newUserId = $get['newUser'];
|
|
$objectsId = explode(',', $get['objectsId']);
|
|
|
|
$newUser = new User;
|
|
$newUser->get($newUserId);
|
|
if (!$newUser->agencyId) {
|
|
$newUser->agencyId = $newUserId;
|
|
}
|
|
|
|
$currentUser = new User;
|
|
$currentUser->get($_SESSION['id']);
|
|
if (!$currentUser->agencyId) {
|
|
$currentUser->agencyId = $_SESSION['id'];
|
|
}
|
|
|
|
if ($newUser->agencyId !== $currentUser->agencyId) {
|
|
die("Разные агентства");
|
|
} else {
|
|
$sql = "INSERT INTO objects_to_send(object_id, sended_user_id, new_user_id, accept_state) VALUES ";
|
|
$values = [];
|
|
foreach ($objectsId as $objectId) {
|
|
$values[] = "($objectId, $_SESSION[id], $newUserId, 'NEW')";
|
|
}
|
|
$sql .= implode(',', $values) . ';';
|
|
mysql_query($sql);
|
|
}
|
|
} |