Достался мне как-то проект на поддержку

nepob · Сообщение **nepob** » 2016.12.03, 18:23

Ниже привожу кусок только одной вьюхи, но уж поверьте там весь проект такой. (Вьюха целиком не влезла, т.к. на форуме ограничение в 6000 символов)

Самые доставляющие моменты:
1) $js1, $js2, $js3, $js4 и $model1, $model2, $model3
2) Способ перевода приложения в прод-режим методом выпиливания дебагера через {display: none}
3) Смесь логики php и js
4) Использование напрямую глобальных массивов
5) Отсутствие защиты от xss

Так к чему это я пишу. Ребята, не надо так. Уважайте себя и окружающих.

Код: Выделить всё

<?php
use app\models\Comment;
use yii\helpers\Html;
//use yii\bootstrap\Alert;
use yii\widgets\ActiveForm;
use app\models\MeetingSpeaker;
use app\models\MeetingSpeakerTimeslot;
use app\models\MeetingAgenda;
use app\models\MeetingAgendaAttachment;
use app\models\MeetingAgendaTimeslot;
use kartik\datetime\DateTimePicker;
//use dosamigos\fileupload\FileUpload;
use dosamigos\fileupload\FileUploadUI;
use yii\helpers\Url;
use  yii\data\Sort;
use app\models\Meeting;
use app\models\Channel;
use yii\widgets\Pjax;
$Meeting = Meeting::findOne($id);
$meetingcode = $Meeting->meeting_code;
$Channel = Channel::find()->where(['id' => $Meeting->channel_id])->one();
if (!empty($Channel)) {
    $domian = $_SERVER['HTTP_HOST'];
    $domian = array_reverse(explode(".", $domian));
    $domian = $domian[1] . "." . $domian[0];
    $Channelid = strtolower($Channel->channel_id);
    $Channelid = preg_replace('/\s+/', '-', $Channelid);
    $finalurl = 'http://' . $Channelid . "." . $domian;
} else {
    $finalurl = \Yii::$app->urlManager->createAbsoluteUrl('/');
}
$sortspeaker = new Sort([
    'attributes' => [
        'meeting_speaker.name' => [
            'label' => 'Speaker Name',
        ],
    ],
]);
$model_s = MeetingSpeaker::find()->where(['meeting_id' => isset($first_part) ? $first_part->id : $id])->orderBy($sortspeaker->orders)->all();
foreach ($model_s as $key => $val) {
    $model_st = MeetingSpeakerTimeslot::find()->select(['timeslot', 'timeslot_end'])->where(['speaker_id' => $val->id])->orderBy('timeslot DESC')->asArray()->all();
    $time = array();
    foreach ($model_st as $key1 => $val1) {
        if ($val1['timeslot_end'] != "00:00:00") {
            $time[] = $val1['timeslot'] . " - " . $val1['timeslot_end'];
        } else
            $time[] = $val1['timeslot'];
    }
    if (empty($time[1]))
        $time = implode(", ", $time);
    else {
        $time[0] = "<input type='checkbox' class='read-more-state' id='posts-" . $val->id . "' />
                        <p class='read-more-wrap " . $val->name . " read-more-wrap-" . $val->id . "'>" . $time[0] . "<span class='read-more-target'>";
        $time = implode(", ", $time) . "</span></p><label for='posts-" . $val->id . "' class='read-more-trigger'></label>";
    }
    $model_s[$key]['timeslot'] = $time;
}
$sort = new Sort([
    'attributes' => [
        'name' => [
            'label' => 'Agenda Topic',
        ],
    ],
]);
$sort->sortParam = 'sort1';
$model_a = MeetingAgenda::find()->where(['meeting_agenda.meeting_id' => isset($first_part) ? $first_part->id : $id])->joinWith('mTimeslot')->all();
foreach ($model_a as $key => $val) {
    $model_st = MeetingAgendaTimeslot::find()->select(['timeslot', 'timeslot_end'])->where(['agenda_id' => $val->id])->asArray()->all();
    if (isset($model_st[0])) $model_a[$key]->beginTime = $model_st[0]['timeslot'];
    $time = array();
    foreach ($model_st as $key1 => $val1) {
        if ($val1['timeslot_end'] != "00:00:00") {
            $time[] = $val1['timeslot'] . " - " . $val1['timeslot_end'];
        } else
            $time[] = $val1['timeslot'];
    }
    if (empty($time[1]))
        $time = implode(", ", $time);
    else {
        $time[0] = "<input type='checkbox' class='read-more-state' id='postas-" . $val->id . "' />
                        <p class='read-more-wrap'>" . $time[0] . "<span class='read-more-target'>";
        $time = implode(", ", $time) . "</span></p><label for='postas-" . $val->id . "' class='read-more-trigger'></label>";
    }
    $model_a[$key]['timeslot'] = $time;
}
usort($model_a, function ($a, $b) {
    return $a->id - $b->id;
});
//print_r($model_s);exit;
$js = <<<JS
$('body').on('afterValidateAttribute', 'form#frm', function (event, attribute, messages) {//alert('121');
     if(messages.length)
        $("#upload-file-btn").attr("disabled", true);
    else
        $("#upload-file-btn").attr("disabled", false);
});
JS;
$this->registerJs($js);
$js1 = <<<JS
$('body').on('afterValidateAttribute', 'form#frm1', function (event, attribute, messages) {//alert('121');
     if(messages.length)
        $("#upload-file-btn1").attr("disabled", true);
    else
        $("#upload-file-btn1").attr("disabled", false);
});
JS;
$this->registerJs($js1);
?>
    <!-- style confirm -->
    <div id='Showprogress'>
    </div>
    <div
        data-timer-enable-at="<?= isset(Yii::$app->params['showTimerWhen']) ? Yii::$app->params['showTimerWhen'] : 7 ?>">
        <?php if (isset($second_part) && $Meeting->isStreamStatus('live')) { ?>
            <div data-toggle="tooltip" data-placement="bottom" title="When    in    next
pause    mode,    click    ‘Activate    second    part’    to    proceed."
                 class="time-remaining text-center text-warning" id="clockdiv"
                 date-time-remain="<?= isset($timeRemain) ? $timeRemain : '' ?>">
                Video length approaching end. Approximately
                <span class="hours"></span>:<span class="minutes"></span>
                remaining until event is ended.
            </div>
        <?php } ?>
    </div>
    <div class="mid-content">
        <div class="container">
            <?php
            $session = Yii::$app->session;
            if (!empty($_SESSION['errormess'])) {
                ?>
                <div align='center' style="color:red">
                    <?php
                    if (strpos($_SESSION['errormess'], "(403) Invalid transition") || strpos($_SESSION['errormess'], "(403) Redundant transition"))
                        echo "Please try to go live again in a little while.";
                    else
                        echo $_SESSION['errormess'];
                    if (strpos($_SESSION['errormess'], "bitrate"))
                        echo "</br> (Please fix this issue then try again)";
                    $session->remove('errormess');
                    ?>
                </div>
            <?php } else {
                ?>
                <?php if (Yii::$app->session->hasFlash('success')): ?>
                    <div class="alert alert-success" role="alert">
                        <?= Yii::$app->session->getFlash('success') ?>
                    </div>
                <?php endif; ?>
                <?php if (Yii::$app->session->hasFlash('eventsuccess')): ?>
                    <div class="alert alert-success" role="alert">
                        <?= Yii::$app->session->getFlash('eventsuccess') ?>
                    </div>
                <?php endif; ?>
                <?php
                $js2 = <<<JS
try{
    //window.opener.document.getElementById("w0").submit();
    window.opener.location.href = window.location.href;
    window.close();
}catch(err){
try{
window.opener.location.reload();
window.close();
}catch(err){}
}
JS;
                $this->registerJs($js2);
            }
            ?>
            <div class="buttons-menu text-center">
                <div align='center' id='statusvalue' style="color:red">
                </div>
                <ul>
                    <?php $status = (!empty($status)) ? $status : (!empty($_GET['status']) ? $_GET['status'] : "ready");
                    if ($status == 'ready') { ?>
                        <li><a href="#" title="" class="btn btn-default btn-success" data-toggle="modal"
                               data-target="#PrevPopUp">PREVIEW</a></li>
                    <?php } else { ?>
                        <li><a href="#" title="" class="btn btn-default btn-success" data-toggle="modal" data-target=""
                               disabled="disabled">PREVIEW</a></li>
                    <?php } ?>
                    <?php if ($status == 'preview') { ?>
                        <li><a href="#" title="" class="btn btn-default btn-danger" data-toggle="modal"
                               data-target="#LivePopUp">LIVE</a></li>
                    <?php } else { ?>
                        <li><a href="#" title="" class="btn btn-default btn-danger" data-toggle="modal" data-target=""
                               disabled="disabled">LIVE</a></li>
                    <?php } ?>
                    <?php if ($status == 'live') { ?>
                        <li><a href="#" title="" class="btn btn-default" data-toggle="modal"
                               data-target="#EndBroadcastPopUp">END BROADCAST</a></li>
                    <?php } else { ?>
                        <li><a href="#" title="" class="btn btn-default" data-toggle="modal" data-target=""
                               disabled="disabled">END BROADCAST</a></li>
                    <?php } ?>
                    <?php if (isset($second_part) and isset($liveBroadcast) and $liveBroadcast->pause_status === 'Paused') { ?>
                        <li>
                            <a href="#" class="btn btn-default js-actSecPartBtn" data-toggle="modal"
                               data-target="#activateSecondPartPopUp">Activate second part</a>
                        </li>
                    <?php } ?>
                </ul>
            </div>
            <div class="buttons-menu text-center">
                <ul>
                    <?php if ($status != 'ready' && $status != 'live') { ?>
                        <li><a href="<?php echo $finalurl . '/?' . $meetingcode . '&preview=1' ?>" target="_blank"
                               title="" class="btn btn-sm btn-default">Watch preview</a></li>
                    <?php } else { ?>
                        <li><a href="#" title="" disabled="disabled" class="btn btn-sm btn-default">Watch preview</a>
                        </li>
                    <?php } ?>
                    <?php if (true) { ?>
                        <li>
                            <a href="<?php echo $finalurl . '/?' . (isset($first_part) ? $first_part->meeting_code : $meetingcode); ?>"
                               target="_blank" title="" class="btn btn-sm btn-default">Public event page</a></li>
                    <?php } else { ?>
                        <li><a href="#" title="" disabled="disabled" class="btn btn-sm btn-default">Public event
                                page</a></li>
                    <?php } ?>
                    <li><a href="<?php echo Yii::$app->urlManager->createUrl('/event-setting/update?id=' . $id) ?>"
                           title="" class="btn btn-sm btn-default">Player Settings</a></li>
                    <li><a href="<?php echo Yii::$app->urlManager->createUrl('/event-details/update?id=' . $id) ?>"
                           title="" class="btn btn-sm btn-default">Stream Keys</a></li>
                    <li><a href="<?php echo Yii::$app->urlManager->createUrl('/general-setting/update?id=' . $id) ?>"
                           title="" class="btn btn-sm btn-default">General Settings</a></li>
                </ul>
            </div>
            <div class="table-outer">
                <div class="row">
                    <div class="col-md-6">
                        <div class="row">
                            <div class="col-md-5">
                                <h4>Speaker Section</h4>
                            </div>
                            <div class="col-md-12">
                                <div class="action-btn action-form text-right">
                                    <div class="row">
                                        <div class="col-md-4">
                                            <!-- <button type="button" class="btn btn-primary pull-left">New Speaker</button> -->
                                            <!-- Button trigger modal -->
                                            <button type="button" class="btn btn-primary pull-left    " onclick="emp()">
                                                New Speaker
                                            </button>
                                            <!-- Modal -->
                                            <div class="modal fade" id="SpeakerDetail" role="dialog"
                                                 aria-labelledby="SpeakerDetailLabel">
                                                <div class="modal-dialog" role="document">
                                                    <div class="modal-content">
                                                        <div class="modal-header">
                                                            <button type="button" class="close" data-dismiss="modal"
                                                                    aria-label="Close"><span
                                                                    aria-hidden="true">&times;</span></button>
                                                            <h4 class="modal-title" id="SpeakerDetailLabel">Add/Edit
                                                                Speaker</h4>
                                                        </div>
                                                        <div class="modal-body">
                                                            <?php $form = ActiveForm::begin(['options' => ['enctype' => 'multipart/form-data']]) ?>
                                                            <?= $form->field($model1, 'idz', ['inputOptions' => ['id' => 'idz', 'class' => 'form-control']])->hiddenInput()->label(false); ?>
                                                            <?= $form->field($model1, 'name', ['inputOptions' => ['id' => 'name', 'class' => 'form-control']])->textInput() ?>
                                                            <?= $form->field($model1, 'timeslot', ['inputOptions' => ['placeholder' => '', 'id' => 'timeslot', 'class' => 'form-control timepicker']])->hiddenInput()->label(false); ?>
                                                        </div>
                                                        <div class="modal-footer">
                                                            <?= Html::submitButton($model1->isNewRecord ? 'Create' : 'Update', ['class' => $model1->isNewRecord ? 'btn btn-success' : 'btn btn-primary']) ?>
                                                        </div>
                                                        <?php ActiveForm::end() ?>
                                                    </div>
                                                </div>
                                            </div>
                                        </div>
                                        <div class="col-md-8">
                                            <?php //echo  $form->field($model, 'firstname', ['template' => '{label}<div class="col-sm-6">{input}{error}</div>','inputOptions' => ['placeholder' => '', 'class' => 'form-control'  ],'labelOptions' => ['class' => 'col-sm-6']])->label('First Name *'); ?>
                                            <?php $form = ActiveForm::begin(['id' => 'frm', 'options' => ['enctype' => 'multipart/form-data']]) ?>
                                            <?= $form->field($model, 'file', ['inputOptions' => ['class' => 'filestyle spk_file', 'data-input' => 'false', 'data-buttonText' => 'Find file']])->fileInput()->label('') ?>
                                            <button class="btn btn-success" disabled="disabled" id="upload-file-btn">
                                                Import speaker list
                                            </button>
                                            <?php ActiveForm::end() ?>
                                        </div>
                                    </div>
                                </div>
                            </div>
                        </div>
                        <div class="table-outer-scroll">
                            <div class="table-responsive">
                                <table class="table table-bordered">
                                    <tr>
                                        <th>Select</th>
                                        <th><?php echo $sortspeaker->link('meeting_speaker.name'); ?></th>
                                        <th>Time</th>
                                        <th>Update</th>
                                    </tr>
                                    <!-- <tr>
                                         <td><button type="" class="btn btn-xs btn-danger">GO</button></td>
                                         <td>Adam Smith</td>
                                         <td class="text-right">12:29:33</td>
                                     </tr> -->
                                    <?php
                                    foreach ($model_s as $key => $value) {
                                        $aid = 0;
                                        if (isset($_GET['agenda_id']))
                                            $aid = $_GET['agenda_id'];
                                        $action = $value->id . ',' . $aid;
                                        ?>
                                        <tr>
                                            <td>
                                                <?php if ((isset($_GET['active_id']) && ($_GET['active_id'] == $value->id)) || $status != 'live') {
                                                    ?>
                                                    <input
                                                        type="<?= ($value->name == 'Pause') ? 'hidden' : 'button'; ?>"
                                                        name='<?= $value->name ?>' rel='<?= $action ?>'
                                                        class="Speakerok btn btn-xs btn-danger"
                                                        id="<?php echo $value->id; ?>" disabled="disabled"
                                                        onclick="activate('<?php echo $value->id; ?>','<?php if (isset($_GET['agenda_id'])) {
                                                            echo $_GET['agenda_id'];
                                                        } else {
                                                            echo "0";
                                                        } ?>')" value='GO'/>
                                                    <?php
                                                } else {
                                                    ?>
                                                    <input
                                                        type="<?= ($value->name == 'Pause') ? 'hidden' : 'button'; ?>"
                                                        name='<?= $value->name ?>' rel='<?= $action ?>'
                                                        class="Speakerok btn btn-xs btn-default"
                                                        id="<?php echo $value->id; ?>"
                                                        onclick="activate('<?php echo $value->id; ?>','<?php if (isset($_GET['agenda_id'])) {
                                                            echo $_GET['agenda_id'];
                                                        } else {
                                                            echo "0";
                                                        } ?>')" value='GO'/>
                                                    <?php
                                                }
                                                ?>
                                            </td>
                                            <td><?php echo $value->name; ?> </td>
                                            <td class="text-left"><?php
                                                if (is_null($value->timeslot))
                                                    echo "Not Activated Yet";
                                                else
                                                    echo $value->timeslot;
                                                ?></td>
                                            <td>
                                                <?php if ($value->name != 'Pause'){ ?>
                                                <a onclick="modelupdate('<?php echo $value->id; ?>')"
                                                   class="glyphicon glyphicon-pencil" data-toggle="modal"
                                                   data-target="#SpeakerDetail"></a>
                                                <a onclick="modeldelete('<?php echo $value->id; ?>')"
                                                   class="glyphicon glyphicon-trash"></a>
                                            </td>
                                            <?php } ?>
                                        </tr>
                                        <?php
                                    }
                                    ?>
                                </table>
                            </div>
                        </div>
                    </div>
                    <div class="col-md-6">
                        <div class="row">
                            <div class="col-md-12">
                                <h4 class="text-right">Agenda Section</h4>
                            </div>
                            <div class="col-md-12">
                                <div class="action-btn action-form text-right">
                                    <div class="row">
                                        <div class="col-md-4">
                                            <button type="button" class="btn btn-primary pull-left    " onclick="emp1()"
                                                    data-toggle="modal" data-target="#TopicDetail">
                                                New Topic
                                            </button>
                                            <div class="modal fade" id="TopicDetail" tabindex="-1" role="dialog"
                                                 aria-labelledby="TopicDetailLabel">
                                                <div class="modal-dialog" role="document">
                                                    <div class="modal-content">
                                                        <div class="modal-header">
                                                            <button type="button" class="close" data-dismiss="modal"
                                                                    aria-label="Close"><span
                                                                    aria-hidden="true">&times;</span></button>
                                                            <h4 class="modal-title" id="TopicDetailLabel">Add/Edit
                                                                Topic</h4>
                                                        </div>
                                                        <div class="modal-body">
                                                            <?php $form = ActiveForm::begin(['options' => ['enctype' => 'multipart/form-data']]) ?>
                                                            <?= $form->field($model3, 'idz', ['inputOptions' => ['id' => 'idz1', 'class' => 'form-control']])->hiddenInput()->label(false); ?>
                                                            <?= $form->field($model3, 'name', ['inputOptions' => ['id' => 'name1', 'class' => 'form-control']])->textInput()->label("Agenda Topic:"); ?>
                                                            <?= $form->field($model3, 'timeslot', ['inputOptions' => ['placeholder' => '', 'id' => 'timeslot1', 'class' => 'form-control timepicker']])->hiddenInput()->label(false);; ?>
                                                        </div>
                                                        <div class="modal-footer">
                                                            <?= Html::submitButton($model3->isNewRecord ? 'Create' : 'Update', ['class' => $model3->isNewRecord ? 'btn btn-success' : 'btn btn-primary']) ?>
                                                        </div>
                                                        <?php ActiveForm::end() ?>
                                                    </div>
                                                </div>
                                            </div>
                                        </div>
                                        <div class="col-md-8">
                                            <?php //echo  $form->field($model, 'firstname', ['template' => '{label}<div class="col-sm-6">{input}{error}</div>','inputOptions' => ['placeholder' => '', 'class' => 'form-control'  ],'labelOptions' => ['class' => 'col-sm-6']])->label('First Name *'); ?>
                                            <?php $form = ActiveForm::begin(['id' => 'frm1', 'options' => ['enctype' => 'multipart/form-data']]) ?>
                                            <?= $form->field($model, 'file1', ['inputOptions' => ['placeholder' => '', 'class' => 'filestyle', 'data-input' => 'false', 'data-buttonText' => 'Find file']])->fileInput()->label('') ?>
                                            <button class="btn btn-success" disabled="disabled" id="upload-file-btn1">
                                                Import agenda list
                                            </button>
                                            <?php ActiveForm::end() ?>
                                        </div>
                                    </div>
                                </div>
                            </div>
                        </div>
                        <div class="table-outer-scroll">
                            <div class="table-responsive">
                                <table class="table table-bordered">
                                    <tr>
                                        <th>Select</th>
                                        <th><?php echo $sort->link('name'); ?></th>
                                        <th>Attachment</th>
                                        <th class="text-right">Last Activated</th>
                                        <th>Update</th>
                                    </tr>
                                    <?php
                                    foreach ($model_a as $key => $value) { ?>
                                        <tr class="dragandrophandler" rel="<?= $value->id ?>"
                                            size='<?= Yii::$app->params['image_max_size'] ?>'>
                                            <td>
                                                <?php if ((isset($_GET['agenda_id']) && ($_GET['agenda_id'] == $value->id)) || $status != 'live') {
                                                    ?>
                                                    <button type="" class="btn btn-xs btn-danger"
                                                            id="<?php echo $value->id; ?>" disabled="disabled"
                                                            onclick="activate_agenda('<?php echo $value->id; ?>','<?php if (isset($_GET['active_id'])) {
                                                                echo $_GET['active_id'];
                                                            } else {
                                                                echo "0";
                                                            } ?>')">GO
                                                    </button>
                                                    <?php
                                                } else {
                                                    ?>
                                                    <button type="" class="btn btn-xs btn-default"
                                                            id="<?php echo $value->id; ?>"
                                                            onclick="activate_agenda('<?php echo $value->id; ?>','<?php if (isset($_GET['active_id'])) {
                                                                echo $_GET['active_id'];
                                                            } else {
                                                                echo "0";
                                                            } ?>')">GO
                                                    </button>
                                                    <?php
                                                }
                                                ?>
                                            </td>
                                            <td class="up-imgdata" data=""><?php echo $value->name; ?></td>
                                            <td>
                                                <div class="attached-file-outer clearf111111ix">
                                                    <?php $model_at = MeetingAgendaAttachment::find()->where(['meeting_agenda_id' => $value->id])->count();
                                                    if ($model_at <= 4) {
                                                        echo "<ul class='list-inline'>";
                                                        $model_at1 = MeetingAgendaAttachment::find()->where(['meeting_agenda_id' => $value->id])->all();
                                                        foreach ($model_at1 as $key2 => $value2) {
                                                            echo "
                                        <li><a href='/uploads/" . $value2->name . "' target='_blank' title=''><i class='glyphicon glyphicon-paperclip'></i></a></li>";
                                                        }
                                                        echo "</ul>";
                                                    } else {
                                                        echo "<ul class='list-inline limit-list'>";
                                                        $model_at1 = MeetingAgendaAttachment::find()->where(['meeting_agenda_id' => $value->id])->all();
                                                        foreach ($model_at1 as $key2 => $value2) {
                                                            echo "
                                        <li><a href='/uploads/" . $value2->name . "' target='_blank' title=''><i class='glyphicon glyphicon-paperclip'></i></a></li>";
                                                        }
                                                        echo "
                                    </ul><a href='' data-toggle='modal' data-target='#allattachedfiles" . $value->id . "' title='' class='all-files'>[..]</a>";
                                                    }
                                                    ?>
                                                </div>
                                            </td>
                                            <td class="text-left"><?php
                                                if (is_null($value->timeslot))
                                                    echo "Not Activated Yet";
                                                else
                                                    echo $value->timeslot;
                                                ?></td>
                                            <td><a onclick="modelupdate1('<?php echo $value->id; ?>')"
                                                   class="glyphicon glyphicon-pencil" data-toggle="modal"
                                                   data-target="#TopicDetail"></a>
                                                <?php if ($value->name != 'No Agenda'){ ?>
                                                <a onclick="modeldelete1('<?php echo $value->id; ?>')"
                                                   class="glyphicon glyphicon-trash"></a></td>
                                            <?php } ?>
                                        </tr>
                                        <?php
                                    }
                                    ?>
                                </table>
                            </div>
                        </div>
                        <div class="bottom-buttons text-center">
                            <?php
                            if ($status == 'live') {
                                echo yii\bootstrap\ButtonGroup::widget([
                                    'buttons' => [
                                        ['label' => 'v', 'options' => ['id' => "PauseMassage", 'class' => 'btn-success statuspause', 'onclick' => "PauseMassage();"]],
                                        ['label' => 'Insert Pause', 'options' => ['id' => 'insertpause', 'class' => 'btn-success statuspause', 'onclick' => "pausestatus('Paused');"]]
                                    ]
                                ]);
                                ?>
                                <button class="btn btn-danger statusunpause" onclick="pausestatus('UnPaused')">End
                                    Pause
                                </button>
                            <?php } ?>
                        </div><!--bottom buttons-->
                    </div>
                </div>
            </div>
        </div>
    </div><!--/mid content-->
    <hr>
    <script type="text/javascript">
        function modeldelete(id) {
            if (confirm("Are you sure you want to delete this speaker?"))
                window.location.href = "<?php echo Yii::$app->urlManager->createUrl(['sagenda/deletespeaker1?']); ?>" + 'speakerid=' + id + "&id=" + getid();
        }
        function modeldelete1(id) {
            if (confirm("Are you sure you want to delete this agenda point?"))
                window.location.href = "<?php echo Yii::$app->urlManager->createUrl(['sagenda/deleteagenda1?']); ?>" + 'agendaid=' + id + "&id=" + getid();
        }
        function deleteAttachment(obj) {
            $.ajax({
                url: '<?php echo \Yii::$app->urlManager->createAbsoluteUrl("/sagenda/delete"); ?>?id=' + $(obj).attr('data-id'),
                dataType: 'JSON',
                success: function (data) {
                    $(obj).parent('td').parent('tr').remove();
                }
            });
        }
        function getid() {
            return <?=isset($first_part) ? $first_part->id : $id?>;
            var url = window.location.href;
            url = url.split("id=");
            url = url[1];
            url = url.split("&");
            url = url[0];
            url = url.split("#");
            url = url[0];
            return url;
        }
        function pausestatus(status) {
            var id = getid();
            $.post('/sagenda/pausestatus?id=' + id + '&mess=' + $("#PauseMessage").val() + '&status=' + status, function (data) {
                if (data) {
                    if (status == "check" && data == "Paused") {
                        $(".statuspause, .Speakerok").attr("disabled", true);
                        $(".statusunpause").removeAttr("disabled");
                        $("#statusvalue").html("Video is paused");
                    }
                    else if (status == "check") {
                        $(".statusunpause").attr("disabled", true);
                        $(".statuspause").removeAttr("disabled");
                        $("#statusvalue").empty();
                    }
                    if (jQuery.type($('input[name="Pause"]')) != "undefined") {
                        var params = $('input[name="Pause"]').attr("rel");
                        params = params.split(',');
                        if (status == 'UnPaused') {
                            $(".statuspause, .Speakerok").attr("disabled", true);
                            $(".statusunpause").removeAttr("disabled");
                            location.reload();
                        }
                        else if (status == 'Paused') {
                            $(".statuspause, .Speakerok").attr("disabled", true);
                            $(".statusunpause").removeAttr("disabled");
                            location.reload();
                        }
                    }
                }
                else {
                    $("#statusvalue").html(data);
                }
            });
            $("#PauseMessage").val("");
        }
        function PauseMassage() {
            $("#PauseMessage").val("");
            $("#Message").modal('show');
        }
        function modelupdate(id) {
            $.post('/sagenda/updatespeaker?id=' + id, function (data) {
                var obj = jQuery.parseJSON(data);
                $('#name').val(obj.name);
                $('#timeslot').val(obj.timeslot);
                $('#idz').val(obj.id);
            });
        }
        function emp() {
            $('#name').val('');
            $('#timeslot').val('');
            $('#idz').val('');
            $("#SpeakerDetail").modal('show');
            $('#name').focus();
        }
        function activate(id, aid, notReload) {
            //    $('#'+id).addClass('btn-danger');
            $.post('/sagenda/updatetime?id=' + id + "&mid=" + getid(), function (data) {
                if (data && !notReload) {
                    if (aid != "0") {
                        window.location.href = "<?php echo Yii::$app->urlManager->createUrl(['sagenda/speaker', 'id' => $_GET['id']]); ?>" + '&active_id=' + id + '&agenda_id=' + aid;
                    }
                    else {
                        window.location.href = "<?php echo Yii::$app->urlManager->createUrl(['sagenda/speaker', 'id' => $_GET['id']]); ?>" + '&active_id=' + id;
                    }
                }
            });
        }
        function activate_agenda(id, sid) {
            var speaker = $('[name="No speaker active"], [name="No active speaker"]')[0];
            console.log(speaker)
            if (speaker) {
                sid = speaker.id;
                activate(sid, 0, true);
            }
            $.post('/sagenda/updatetimeagenda?id=' + id + "&mid=" + getid(), function (data) { // alert(data+'--');
                if (data) {
                    if (sid != "0") {
                        window.location.href = "<?php echo Yii::$app->urlManager->createUrl(['sagenda/speaker', 'id' => $_GET['id']]); ?>" + '&active_id=' + sid + '&agenda_id=' + id;
                    }
                    else {
                        window.location.href = "<?php echo Yii::$app->urlManager->createUrl(['sagenda/speaker', 'id' => $_GET['id']]); ?>" + '&agenda_id=' + id;
                    }
                }
            });
        }
        function activate_video(active_id, agenda_id) {
            var active_id = "<?php echo isset($_GET['active_id']) ? $_GET['active_id'] : ''; ?>";
            var agenda_id = "<?php echo isset($_GET['agenda_id']) ? $_GET['agenda_id'] : ''; ?>";
            var url = "<?php echo Yii::$app->urlManager->createUrl(['sagenda/video', 'id' => $_GET['id']]); ?>";
            if (active_id) {
                url += '&active_id=' + active_id;
            }
            if (agenda_id) {
                url += '&agenda_id=' + agenda_id;
            }
            window.open(url, '_blank');
        }
        function modelupdate1(id) {
            $.post('/sagenda/updateagenda?id=' + id, function (data) {
                var obj = jQuery.parseJSON(data);
                //alert(obj.name);
                $('#name1').val(obj.name);
                $('#timeslot1').val(obj.timeslot);
                $('#idz1').val(obj.id);
            });
        }
        function emp1() {
            $('#name1').val('');
            $('#timeslot1').val('');
            $('#idz1').val('');
        }
        //upload file function
        //alert($('#tr').val());
    </script>
<?php
if (isset($_GET['iframe'])) {
    echo '<style>
        #yii-debug-toolbar, #w0-collapse ,#w0 ,.footer
        {display:none;}
    </style>';
}
$js4 = <<<JS
$(document).on('shown.bs.modal', function (e) {
  var checkBox = $(e.target).find(".fileupload-buttonbar input[type='checkbox']");
  console.log($('.messageofcheckbox').length);
  if($('.messageofcheckbox').length==2)
    $('.messageofcheckbox').remove();
  checkBox.before("<div class='messageofcheckbox'> <br/> </div>").after("<span class='messageofcheckbox'>Check this box and press 'start upload' to do multiple uploads</span>");
});
$('#SpeakerDetail').on('shown.bs.modal', function () {
      $('#name').focus();
    });
$('#TopicDetail').on('shown.bs.modal', function () {
      $('#name1').focus();
    });
pausestatus("check");
JS;
$this->registerJs($js4);
$this->registerJsFile('/js/sagenda/speaker.js', ['depends' => [\yii\web\JqueryAsset::className()]]);
?>

yan · Сообщение **yan** » 2016.12.04, 00:33

nepob писал(а):Ниже привожу кусок только одной вьюхи, но уж поверьте там весь проект такой. (Вьюха целиком не влезла, т.к. на форуме ограничение в 6000 символов)

Самые доставляющие моменты:
1) $js1, $js2, $js3, $js4 и $model1, $model2, $model3
2) Способ перевода приложения в прод-режим методом выпиливания дебагера через {display: none}
3) Смесь логики php и js
4) Использование напрямую глобальных массивов
5) Отсутствие защиты от xss

Так к чему это я пишу. Ребята, не надо так. Уважайте себя и окружающих.

возможно не так давно программируете раз так вещи еще доставляют, обычный фрилансерский говнокод

nepob писал(а): 2) Способ перевода приложения в прод-режим методом выпиливания дебагера через {display: none}

насколько понял там для работы во фрейме убирается панель, а не для перевода в прод-режим

Сообщение **samdark** » 2016.12.04, 00:47

Крутая каша, конечно, но не самая крутая из тех, что я повидал

SiZE · Сообщение **SiZE** » 2016.12.04, 08:35

nepob писал(а):$js1, $js2, $js3, $js4 и $model1, $model2, $model3

Это на столько крутой программист, что ему не составляет труда оперировать цифрами и держать в памяти ассоциации с ними

SiZE · Сообщение **SiZE** » 2016.12.04, 08:36

В конце чувак не выдержал "в топку Й". К черту эти рамки )

Код: Выделить всё

var active_id = "<?php echo isset($_GET['active_id']) ? $_GET['active_id'] : ''; ?>";

Yii Framework

Достался мне как-то проект на поддержку

Достался мне как-то проект на поддержку

Re: Достался мне как-то проект на поддержку

Re: Достался мне как-то проект на поддержку

Re: Достался мне как-то проект на поддержку

Re: Достался мне как-то проект на поддержку