HEX

File: //home/retile.ru/public_html/catalog/model/extension/module/uni_request.php
<?php
class ModelExtensionModuleUniRequest extends Model {
	private $email = 'request@localhost.com';
	
	public function addRequest($data) {
		$this->db->query("INSERT INTO `".DB_PREFIX."uni_request` SET type = '".$this->db->escape(strip_tags($data['type']))."', name = '".$this->db->escape(strip_tags($data['name']))."', phone = '".$this->db->escape(strip_tags($data['phone']))."', mail = '".$this->db->escape(strip_tags(mb_strtolower($data['mail'], 'UTF-8')))."', product_id = '".(int)$data['product_id']."', comment = '".$this->db->escape(strip_tags($data['comment']))."', admin_comment = '', date_added = NOW(), date_modified = NOW(), status = '".(int)$data['status']."'");
		$request_id = $this->db->getLastId();
	}

	public function getRequest($request_id) {
		$query = $this->db->query("SELECT DISTINCT * FROM `".DB_PREFIX."uni_request` WHERE request_id = '".(int)$request_id."'");

		return $query->row;
	}

	public function getRequests($data = array()) {
		$sql = "SELECT request_id, type, name, phone, mail, product_id, comment, admin_comment, date_added, date_modified, status FROM `".DB_PREFIX."uni_request` WHERE request_id != '0'";	
		
		if (isset($data['product_id'])) {
			$sql .= " AND product_id = '".(int)$data['product_id']."'";
		}
		
		$sql .= " AND request_list = '1'";
		$sql .= " AND status = '3'";
		$sql .= " ORDER BY date_added";	
		$sql .= " DESC";

		if (isset($data['start']) || isset($data['limit'])) {
			if ($data['start'] < 0) {
				$data['start'] = 0;
			}			

			if ($data['limit'] < 1) {
				$data['limit'] = 5;
			}	

			$sql .= " LIMIT " . (int)$data['start'] . "," . (int)$data['limit'];
		}
		
		$query = $this->db->query($sql);	
		
		return $query->rows;
	}

	public function getTotalRequests($data = []) {
		$sql = "SELECT COUNT(*) AS total FROM `".DB_PREFIX."uni_request` WHERE request_id != '0'";
		
		if (isset($data['product_id'])) {
			$sql .= " AND product_id = '".(int)$data['product_id']."'";
		}
		
		$sql .= " AND request_list = '1' AND status = '3'";
		
		$query = $this->db->query($sql);
		
		return $query->row['total'];
	}
	
	public function getAttempts($ip) {
		$email = $this->email;
		
		$query = $this->db->query("SELECT * FROM `".DB_PREFIX."customer_login` WHERE email = '".$this->db->escape(mb_strtolower($email))."' AND ip = '".$this->db->escape($ip)."'");

		return $query->row;
	}
	
	public function addAttempt($ip) {
		$email = $this->email;
		
		$query = $this->db->query("SELECT * FROM `".DB_PREFIX."customer_login` WHERE email = '".$this->db->escape(mb_strtolower($email))."' AND ip = '".$this->db->escape($ip)."'");
		
		if (!$query->num_rows) {
			$this->db->query("INSERT INTO `".DB_PREFIX."customer_login` SET email = '".$this->db->escape(mb_strtolower($email))."', ip = '".$this->db->escape($ip)."', total = 1, date_added = '".$this->db->escape(date('Y-m-d H:i:s'))."', date_modified = '".$this->db->escape(date('Y-m-d H:i:s'))."'");
		} else {
			$total = strtotime($query->row['date_modified']) < strtotime('-1 hour') ? 1 : '(total + 1)';
			
			$this->db->query("UPDATE `".DB_PREFIX."customer_login` SET total = ".$total.", date_modified = '".$this->db->escape(date('Y-m-d H:i:s'))."' WHERE customer_login_id = '".(int)$query->row['customer_login_id']."'");
		}
	}
}
?>