Dodaj walidację i rzutowanie typów dla wartości w metodach związanych z ogłoszeniami oraz popraw zapytanie SQL w metodzie szczegółów ogłoszenia.
This commit is contained in:
@@ -300,6 +300,8 @@ class GlobelusAdverts
|
|||||||
{
|
{
|
||||||
global $mdb;
|
global $mdb;
|
||||||
|
|
||||||
|
$advert_id = (int)$advert_id;
|
||||||
|
|
||||||
$email = $mdb -> get( 'globelus_adverts', 'email', [ 'id' => $advert_id ] );
|
$email = $mdb -> get( 'globelus_adverts', 'email', [ 'id' => $advert_id ] );
|
||||||
|
|
||||||
if ( !$email )
|
if ( !$email )
|
||||||
@@ -312,6 +314,17 @@ class GlobelusAdverts
|
|||||||
{
|
{
|
||||||
global $mdb;
|
global $mdb;
|
||||||
|
|
||||||
|
$values['categories'] = array_values(array_unique(array_map('intval', (array)$values['categories'] ?? [])));
|
||||||
|
$values['countries'] = array_values(array_unique(array_map('intval', (array)$values['countries'] ?? [])));
|
||||||
|
$voivodeships = array_values(array_unique(array_map('intval', (array)$voivodeships ?? [])));
|
||||||
|
$values['work_types'] = array_values(array_unique(array_map('intval', (array)$values['work_types'] ?? [])));
|
||||||
|
$values['work_type'] = (int)($values['work_type'] ?? 0);
|
||||||
|
$values['salary'] = (int)($values['salary'] ?? 0);
|
||||||
|
$values['time'] = (int)($values['time'] ?? 0);
|
||||||
|
$values['sort'] = (int)($values['sort'] ?? 0);
|
||||||
|
$values['start'] = max(0, (int)($values['start'] ?? 0));
|
||||||
|
$values['limit'] = max(1, min(100, (int)($values['limit'] ?? 20)));
|
||||||
|
|
||||||
if ( is_array( $values['categories'] ) and count( $values['categories'] ) )
|
if ( is_array( $values['categories'] ) and count( $values['categories'] ) )
|
||||||
$filtr = 'AND category_id IN (' . implode( ',', $values['categories'] ) . ') ';
|
$filtr = 'AND category_id IN (' . implode( ',', $values['categories'] ) . ') ';
|
||||||
|
|
||||||
@@ -453,6 +466,17 @@ class GlobelusAdverts
|
|||||||
{
|
{
|
||||||
global $mdb;
|
global $mdb;
|
||||||
|
|
||||||
|
$values['categories'] = array_values(array_unique(array_map('intval', (array)$values['categories'] ?? [])));
|
||||||
|
$values['countries'] = array_values(array_unique(array_map('intval', (array)$values['countries'] ?? [])));
|
||||||
|
$voivodeships = array_values(array_unique(array_map('intval', (array)$voivodeships ?? [])));
|
||||||
|
$values['work_types'] = array_values(array_unique(array_map('intval', (array)$values['work_types'] ?? [])));
|
||||||
|
$values['work_type'] = (int)($values['work_type'] ?? 0);
|
||||||
|
$values['salary'] = (int)($values['salary'] ?? 0);
|
||||||
|
$values['time'] = (int)($values['time'] ?? 0);
|
||||||
|
$values['sort'] = (int)($values['sort'] ?? 0);
|
||||||
|
$values['start'] = max(0, (int)($values['start'] ?? 0));
|
||||||
|
$values['limit'] = max(1, min(100, (int)($values['limit'] ?? 20)));
|
||||||
|
|
||||||
if ( $values['start'] < 1 )
|
if ( $values['start'] < 1 )
|
||||||
$values['start'] = 0;
|
$values['start'] = 0;
|
||||||
else
|
else
|
||||||
@@ -597,17 +621,20 @@ class GlobelusAdverts
|
|||||||
public static function advert_details( $advert_id )
|
public static function advert_details( $advert_id )
|
||||||
{
|
{
|
||||||
global $mdb;
|
global $mdb;
|
||||||
return $mdb -> query( 'SELECT '
|
$sql = 'SELECT
|
||||||
. 'ga.id, title, ga.user_id, category_id, ga.country_id, ga.city, ga.region, text, contact_person, email, ga.phone, gfd.clauses, '
|
ga.id, title, ga.user_id, category_id, ga.country_id, ga.city, ga.region, text, contact_person, email, ga.phone, gfd.clauses,
|
||||||
. 'gac.name AS category_name, gc.name AS country_name, gfd.firm_name_profile, date_add, salary, work_type, without_language, '
|
gac.name AS category_name, gc.name AS country_name, gfd.firm_name_profile, date_add, salary, work_type, without_language,
|
||||||
. 'without_experience, for_couples, from_now, accommodation, accommodation_cost, overtime, overtime_quantity, travel_refund, outside_ue, without_driving_license, ga.old, ga.visible, id_voivodeship, aplication_link, id_position '
|
without_experience, for_couples, from_now, accommodation, accommodation_cost, overtime, overtime_quantity, travel_refund,
|
||||||
. 'FROM '
|
outside_ue, without_driving_license, ga.old, ga.visible, id_voivodeship, aplication_link, id_position
|
||||||
. 'globelus_adverts AS ga '
|
FROM globelus_adverts AS ga
|
||||||
. 'LEFT JOIN globelus_adverts_categories AS gac ON gac.id = ga.category_id '
|
LEFT JOIN globelus_adverts_categories AS gac ON gac.id = ga.category_id
|
||||||
. 'LEFT JOIN globelus_countries AS gc ON gc.id = ga.country_id '
|
LEFT JOIN globelus_countries AS gc ON gc.id = ga.country_id
|
||||||
. 'LEFT JOIN globelus_firms_data AS gfd ON gfd.user_id = ga.user_id '
|
LEFT JOIN globelus_firms_data AS gfd ON gfd.user_id = ga.user_id
|
||||||
. 'WHERE '
|
WHERE ga.id = :advert_id';
|
||||||
. 'ga.id = ' . (int)$advert_id ) -> fetch( \PDO::FETCH_ASSOC );
|
|
||||||
|
return $mdb -> query( $sql, [
|
||||||
|
':advert_id' => (int)$advert_id,
|
||||||
|
] ) -> fetch( \PDO::FETCH_ASSOC );
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function categories( $user_categories = '' )
|
public static function categories( $user_categories = '' )
|
||||||
|
|||||||
Reference in New Issue
Block a user