diff --git a/app/Controllers/ProductController.php b/app/Controllers/ProductController.php
index 68683ad..e33acf1 100644
--- a/app/Controllers/ProductController.php
+++ b/app/Controllers/ProductController.php
@@ -50,6 +50,7 @@ class ProductController extends Controller
$this->view('products/catalog', [
'user' => $user,
+ 'isLoggedIn' => true,
'isAdmin' => $isAdmin,
'categories' => $categories,
'subcategories' => $subcategories,
@@ -83,6 +84,7 @@ class ProductController extends Controller
'product' => $product,
'similarProducts' => $similarProducts,
'user' => $this->getCurrentUser(),
+ 'isLoggedIn' => true,
'isAdmin' => $this->isAdmin()
]);
}
diff --git a/app/Core/Database.php b/app/Core/Database.php
index 2d553f3..40b88ce 100644
--- a/app/Core/Database.php
+++ b/app/Core/Database.php
@@ -38,22 +38,41 @@ class Database
public function query(string $sql, array $params = []): array
{
$stmt = $this->connection->prepare($sql);
- $stmt->execute($params);
+ $this->bindParams($stmt, $params);
+ $stmt->execute();
return $stmt->fetchAll();
}
public function queryOne(string $sql, array $params = []): ?array
{
$stmt = $this->connection->prepare($sql);
- $stmt->execute($params);
+ $this->bindParams($stmt, $params);
+ $stmt->execute();
$result = $stmt->fetch();
return $result ?: null;
}
+
+ private function bindParams(\PDOStatement $stmt, array $params): void
+ {
+ foreach ($params as $index => $param) {
+ $paramNum = $index + 1;
+ if (is_bool($param)) {
+ $stmt->bindValue($paramNum, $param, \PDO::PARAM_BOOL);
+ } elseif (is_int($param)) {
+ $stmt->bindValue($paramNum, $param, \PDO::PARAM_INT);
+ } elseif (is_null($param)) {
+ $stmt->bindValue($paramNum, $param, \PDO::PARAM_NULL);
+ } else {
+ $stmt->bindValue($paramNum, $param, \PDO::PARAM_STR);
+ }
+ }
+ }
public function execute(string $sql, array $params = []): bool
{
$stmt = $this->connection->prepare($sql);
- return $stmt->execute($params);
+ $this->bindParams($stmt, $params);
+ return $stmt->execute();
}
public function lastInsertId(): string
diff --git a/app/Core/Model.php b/app/Core/Model.php
index 672389a..8d9d555 100644
--- a/app/Core/Model.php
+++ b/app/Core/Model.php
@@ -75,7 +75,23 @@ abstract class Model
);
$stmt = $this->db->getConnection()->prepare($sql);
- $stmt->execute(array_values($data));
+
+ // Правильно биндим параметры с учетом типов
+ $params = array_values($data);
+ foreach ($params as $index => $param) {
+ $paramNum = $index + 1;
+ if (is_bool($param)) {
+ $stmt->bindValue($paramNum, $param, \PDO::PARAM_BOOL);
+ } elseif (is_int($param)) {
+ $stmt->bindValue($paramNum, $param, \PDO::PARAM_INT);
+ } elseif (is_null($param)) {
+ $stmt->bindValue($paramNum, $param, \PDO::PARAM_NULL);
+ } else {
+ $stmt->bindValue($paramNum, $param, \PDO::PARAM_STR);
+ }
+ }
+
+ $stmt->execute();
return (int) $stmt->fetchColumn();
}
diff --git a/app/Views/layouts/main.php b/app/Views/layouts/main.php
index 962066b..615e8e2 100644
--- a/app/Views/layouts/main.php
+++ b/app/Views/layouts/main.php
@@ -38,7 +38,7 @@
- $user ?? null, 'isLoggedIn' => $isLoggedIn ?? false, 'isAdmin' => $isAdmin ?? false]) ?>
+ $user ?? null, 'isLoggedIn' => $isLoggedIn ?? \App\Core\View::isAuthenticated(), 'isAdmin' => $isAdmin ?? \App\Core\View::isAdmin()]) ?>
diff --git a/public/style_for_cite.less b/public/style_for_cite.less
index 9311b0c..fa03fb8 100644
--- a/public/style_for_cite.less
+++ b/public/style_for_cite.less
@@ -1638,7 +1638,8 @@ p, li, span {
input[type="text"],
input[type="email"],
- input[type="tel"] {
+ input[type="tel"],
+ input[type="password"] {
.input-base();
}