$sql = "SELECT id, parentid, title, alias, keywords, description, weight FROM " . $BL->table_prefix . "_categories WHERE id=" . $id;
$result = $db->query($sql);
if ($result->rowCount() != 1) {
nv_info_die($BL->glang('error_404_title'), $BL->glang('error_404_title'), $BL->glang('error_404_content'));
}
$row = $result->fetch();
$data = $row;
} else {
$data = array("parentid" => $nv_Request->get_int("parentid", "post,get", 0), "title" => "", "alias" => "", "keywords" => "", "description" => "");
}
if ($nv_Request->isset_request("submit", "post")) {
$data['parentid'] = $nv_Request->get_int("parentid", "post", 0);
$data['title'] = nv_substr($nv_Request->get_title('title', 'post', '', 1), 0, 255);
$data['alias'] = nv_substr($nv_Request->get_title('alias', 'post', '', 1), 0, 255);
$data['keywords'] = nv_substr($nv_Request->get_title('keywords', 'post', '', 1), 0, 255);
$data['description'] = nv_substr($nv_Request->get_title('description', 'post', '', 1), 0, 255);
$data['alias'] = $data['alias'] ? strtolower(change_alias($data['alias'])) : strtolower(change_alias($data['title']));
$data['keywords'] = $data['keywords'] ? implode(", ", array_filter(array_unique(array_map("trim", explode(",", $data['keywords']))))) : "";
if (empty($data['title'])) {
$error = $BL->lang('categoriesErrorTitle');
} elseif (empty($data['keywords'])) {
$error = $BL->lang('errorKeywords');
} elseif (empty($data['description'])) {
$error = $BL->lang('errorSescription');
} elseif ($BL->checkExistsAlias($data['alias'], "cat", $id)) {
$error = $BL->lang('errorAliasExists');
} else {
// Xac dinh thu tu moi
$new_weight = 1;
if (!$id or $id and $data['parentid'] != $row['parentid']) {
$sql = "SELECT MAX(weight) AS new_weight FROM " . $BL->table_prefix . "_categories WHERE parentid=" . $data['parentid'];
* @License GNU/GPL version 2 or any later version
* @Createdate Dec 11, 2013, 09:50:11 PM
*/
if (!defined('NV_BLOG_ADMIN')) {
die('Stop!!!');
}
$page_title = $BL->lang('cfgComment');
$set_active_op = 'config-master';
$array_commentFacebookColorscheme = array('light' => 'Light', 'dark' => 'Dark');
$array = array();
// Lay thong tin submit
if ($nv_Request->isset_request('submit', 'post')) {
$array['commentType'] = nv_substr($nv_Request->get_title('commentType', 'post', 'random', 1), 0, 255);
$array['commentPerPage'] = $nv_Request->get_int('commentPerPage', 'post', 8);
$array['commentDisqusShortname'] = nv_substr($nv_Request->get_title('commentDisqusShortname', 'post', '', 1), 0, 255);
$array['commentFacebookColorscheme'] = nv_substr($nv_Request->get_title('commentFacebookColorscheme', 'post', 'light', 1), 0, 255);
// Kiem tra xac nhan
if (!in_array($array['commentType'], $BL->commentType)) {
$array['commentType'] = $BL->commentType[0];
}
if ($array['commentPerPage'] > 50 or $array['commentPerPage'] < 1) {
$array['commentPerPage'] = 8;
}
if (!isset($array_commentFacebookColorscheme[$array['commentFacebookColorscheme']])) {
$array['commentFacebookColorscheme'] = 'light';
}
foreach ($array as $config_name => $config_value) {
$sql = "REPLACE INTO " . $BL->table_prefix . "_config VALUES (" . $db->quote($config_name) . "," . $db->quote($config_value) . ")";
$db->query($sql);
}
nv_del_moduleCache($module_name);
}
}
}
$title = $lang_module['config_database'];
$contents = nv_step_5($db_config, $nextstep);
} elseif ($step == 6) {
$nextstep = 0;
$error = '';
define('NV_USERS_GLOBALTABLE', $db_config['prefix'] . '_users');
// Bat dau phien lam viec cua MySQL
$db = new NukeViet\Core\Database($db_config);
if (!empty($db->error)) {
$error = !empty($db->error['user_message']) ? $db->error['user_message'] : $db->error['message'];
}
$array_data['site_name'] = $nv_Request->get_title('site_name', 'post', $array_data['site_name'], 1);
$array_data['nv_login'] = nv_substr($nv_Request->get_title('nv_login', 'post', $array_data['nv_login'], 1), 0, NV_UNICKMAX);
$array_data['nv_email'] = $nv_Request->get_title('nv_email', 'post', $array_data['nv_email']);
$array_data['nv_password'] = $nv_Request->get_title('nv_password', 'post', $array_data['nv_password']);
$array_data['re_password'] = $nv_Request->get_title('re_password', 'post', $array_data['re_password']);
$array_data['lang_multi'] = (int) $nv_Request->get_bool('lang_multi', 'post', $array_data['lang_multi']);
$check_login = nv_check_valid_login($array_data['nv_login'], NV_UNICKMAX, NV_UNICKMIN);
$check_pass = nv_check_valid_pass($array_data['nv_password'], NV_UPASSMAX, NV_UPASSMIN);
$check_email = nv_check_valid_email($array_data['nv_email']);
$array_data['question'] = $nv_Request->get_title('question', 'post', $array_data['question'], 1);
$array_data['answer_question'] = $nv_Request->get_title('answer_question', 'post', $array_data['answer_question'], 1);
$global_config['site_email'] = $array_data['nv_email'];
if ($nv_Request->isset_request('nv_login,nv_password', 'post')) {
if (empty($array_data['site_name'])) {
$error = $lang_module['err_sitename'];
} elseif (!empty($check_login)) {
$error = $check_login;
}
$custom_fields = $nv_Request->get_array('custom_fields', 'post');
if ($checkss == $array_register['checkss']) {
$array_register['first_name'] = nv_substr($nv_Request->get_title('first_name', 'post', '', 1), 0, 255);
$array_register['last_name'] = nv_substr($nv_Request->get_title('last_name', 'post', '', 1), 0, 255);
$array_register['username'] = $nv_Request->get_title('username', 'post', '', 1);
$array_register['password'] = $nv_Request->get_title('password', 'post', '');
$array_register['re_password'] = $nv_Request->get_title('re_password', 'post', '');
$array_register['email'] = nv_strtolower(nv_substr($nv_Request->get_title('email', 'post', '', 1), 0, 100));
$array_register['question'] = $nv_Request->get_int('question', 'post', 0);
if (!isset($data_questions[$array_register['question']])) {
$array_register['question'] = 0;
}
$data_questions[$array_register['question']]['selected'] = ' selected="selected"';
$array_register['your_question'] = $nv_Request->get_title('your_question', 'post', '', 1);
$array_register['answer'] = nv_substr($nv_Request->get_title('answer', 'post', '', 1), 0, 255);
$array_register['agreecheck'] = $nv_Request->get_int('agreecheck', 'post', 0);
$nv_seccode = $nv_Request->get_title('nv_seccode', 'post', '');
$check_seccode = !$gfx_chk ? true : (nv_capcha_txt($nv_seccode) ? true : false);
$complete = '';
if (!$check_seccode) {
die(reg_result(array('status' => 'error', 'input' => 'nv_seccode', 'mess' => $lang_global['securitycodeincorrect'])));
}
if (($check_login = nv_check_username_reg($array_register['username'])) != '') {
die(reg_result(array('status' => 'error', 'input' => 'username', 'mess' => $check_login)));
}
if (($check_email = nv_check_email_reg($array_register['email'])) != '') {
die(reg_result(array('status' => 'error', 'input' => 'email', 'mess' => $check_email)));
}
if (($check_pass = nv_check_valid_pass($array_register['password'], NV_UPASSMAX, NV_UPASSMIN)) != '') {
die(reg_result(array('status' => 'error', 'input' => 'password', 'mess' => $check_pass)));
if (in_array($theme, $theme_site_array)) {
$array_theme[] = $theme;
$theme_list[] = $theme;
} elseif (in_array($theme, $theme_mobile_array)) {
$array_theme[] = $theme;
$theme_mobile_list[] = $theme;
}
}
$groups_list = nv_groups_list();
if ($nv_Request->get_int('save', 'post') == '1') {
$custom_title = $nv_Request->get_title('custom_title', 'post', 1);
$admin_title = $nv_Request->get_title('admin_title', 'post', 1);
$theme = $nv_Request->get_title('theme', 'post', '', 1);
$mobile = $nv_Request->get_title('mobile', 'post', '', 1);
$description = $nv_Request->get_title('description', 'post', '', 1);
$description = nv_substr($description, 0, 255);
$keywords = $nv_Request->get_title('keywords', 'post', '', 1);
$act = $nv_Request->get_int('act', 'post', 0);
$rss = $nv_Request->get_int('rss', 'post', 0);
if (!empty($theme) and !in_array($theme, $theme_list)) {
$theme = '';
}
if (!empty($mobile) and !in_array($mobile, $theme_mobile_list)) {
$mobile = '';
}
if (!empty($keywords)) {
$keywords = explode(',', $keywords);
$keywords = array_map('trim', $keywords);
$keywords = implode(', ', $keywords);
}
if ($mod != $global_config['site_home_module']) {
}
$BL->callFrameWorks('shadowbox');
$page_title = $BL->lang('cfgStructureData');
$array = array();
$_array_locales = nv_object2array(simplexml_load_file(NV_ROOTDIR . '/modules/' . $module_file . '/locales/locales.xml')->xpath('locale'));
$array_locales = array();
foreach ($_array_locales as $locale) {
$array_locales[$locale['codes']['code']['standard']['representation']] = $locale['englishName'];
}
unset($_array_locales, $locale);
// Lay thong tin submit
if ($nv_Request->isset_request('submit', 'post')) {
$array['sysGoogleAuthor'] = nv_substr($nv_Request->get_title('sysGoogleAuthor', 'post', '', 0), 0, 30);
$array['sysFbAppID'] = nv_substr($nv_Request->get_title('sysFbAppID', 'post', '', 0), 0, 30);
$array['sysFbAdminID'] = nv_substr($nv_Request->get_title('sysFbAdminID', 'post', '', 0), 0, 30);
$array['sysLocale'] = nv_substr($nv_Request->get_title('sysLocale', 'post', '', 0), 0, 255);
$array['sysDefaultImage'] = $nv_Request->get_string('sysDefaultImage', 'post', '');
if (!preg_match("/^([0-9]+)\$/", $array['sysGoogleAuthor'])) {
$array['sysGoogleAuthor'] = '';
}
if (!preg_match("/^([0-9]+)\$/", $array['sysFbAppID'])) {
$array['sysFbAppID'] = '';
}
if (!preg_match("/^([0-9]+)\$/", $array['sysFbAdminID'])) {
$array['sysFbAdminID'] = '';
}
if (!empty($array['sysDefaultImage'])) {
if (preg_match("/^\\//i", $array['sysDefaultImage'])) {
$array['sysDefaultImage'] = substr($array['sysDefaultImage'], strlen(NV_BASE_SITEURL . NV_UPLOADS_DIR . "/" . $module_name));
if (!is_file(NV_UPLOADS_REAL_DIR . '/' . $module_name . $array['sysDefaultImage'])) {
$array['sysDefaultImage'] = '';
$access_passus = (isset($access_admin['access_passus'][$admin_info['level']]) and $access_admin['access_passus'][$admin_info['level']] == 1) ? true : false;
if ($nv_Request->isset_request('confirm', 'post')) {
$_user['username'] = $nv_Request->get_title('username', 'post', '', 1);
$_user['email'] = $nv_Request->get_title('email', 'post', '', 1);
if ($access_passus) {
$_user['password1'] = $nv_Request->get_title('password1', 'post', '', 0);
$_user['password2'] = $nv_Request->get_title('password2', 'post', '', 0);
} else {
$_user['password1'] = $_user['password2'] = '';
}
$_user['question'] = nv_substr($nv_Request->get_title('question', 'post', '', 1), 0, 255);
$_user['answer'] = nv_substr($nv_Request->get_title('answer', 'post', '', 1), 0, 255);
$_user['first_name'] = nv_substr($nv_Request->get_title('first_name', 'post', '', 1), 0, 255);
$_user['last_name'] = nv_substr($nv_Request->get_title('last_name', 'post', '', 1), 0, 255);
$_user['gender'] = nv_substr($nv_Request->get_title('gender', 'post', '', 1), 0, 1);
$_user['photo'] = nv_substr($nv_Request->get_title('photo', 'post', '', 1), 0, 255);
$_user['view_mail'] = $nv_Request->get_int('view_mail', 'post', 0);
$_user['sig'] = $nv_Request->get_textarea('sig', '', NV_ALLOWED_HTML_TAGS);
$_user['birthday'] = $nv_Request->get_title('birthday', 'post');
$_user['in_groups'] = $nv_Request->get_typed_array('group', 'post', 'int');
$_user['delpic'] = $nv_Request->get_int('delpic', 'post', 0);
$custom_fields = $nv_Request->get_array('custom_fields', 'post');
if ($_user['username'] != $row['username'] and ($error_username = nv_check_valid_login($_user['username'], NV_UNICKMAX, NV_UNICKMIN)) != '') {
$error = $error_username;
} elseif ("'" . $_user['username'] . "'" != $db->quote($_user['username'])) {
$error = sprintf($lang_module['account_deny_name'], '<strong>' . $_user['username'] . '</strong>');
} elseif (($error_xemail = nv_check_valid_email($_user['email'])) != '') {
$error = $error_xemail;
} elseif ($db->query('SELECT userid FROM ' . NV_USERS_GLOBALTABLE . ' WHERE userid!=' . $userid . ' AND md5username='******'username'])))->fetchColumn()) {
$error = $lang_module['edit_error_username_exist'];
} elseif ($db->query('SELECT userid FROM ' . NV_USERS_GLOBALTABLE . ' WHERE userid!=' . $userid . ' AND email=' . $db->quote($_user['email']))->fetchColumn()) {
*/
if (!defined('NV_ADMIN') or !defined('NV_MAINFILE') or !defined('NV_IS_MODADMIN')) {
die('Stop!!!');
}
$page_title = $lang_module['smtp_config'];
$smtp_encrypted_array = array();
$smtp_encrypted_array[0] = 'None';
$smtp_encrypted_array[1] = 'SSL';
$smtp_encrypted_array[2] = 'TSL';
$array_config = array();
$errormess = '';
$array_config['mailer_mode'] = nv_substr($nv_Request->get_title('mailer_mode', 'post', $global_config['mailer_mode'], 1), 0, 255);
$array_config['smtp_host'] = nv_substr($nv_Request->get_title('smtp_host', 'post', $global_config['smtp_host'], 1), 0, 255);
$array_config['smtp_port'] = nv_substr($nv_Request->get_title('smtp_port', 'post', $global_config['smtp_port'], 1), 0, 255);
$array_config['smtp_username'] = nv_substr($nv_Request->get_title('smtp_username', 'post', $global_config['smtp_username']), 0, 255);
$array_config['smtp_password'] = nv_substr($nv_Request->get_title('smtp_password', 'post', $global_config['smtp_password']), 0, 255);
if ($nv_Request->isset_request('mailer_mode', 'post')) {
$array_config['smtp_ssl'] = $nv_Request->get_int('smtp_ssl', 'post', 0);
} else {
$array_config['smtp_ssl'] = intval($global_config['smtp_ssl']);
}
if ($nv_Request->isset_request('mailer_mode', 'post')) {
$smtp_password = $array_config['smtp_password'];
$array_config['smtp_password'] = nv_base64_encode($crypt->aes_encrypt($smtp_password));
$sth = $db->prepare("UPDATE " . NV_CONFIG_GLOBALTABLE . " SET config_value = :config_value WHERE lang = 'sys' AND module = 'site' AND config_name = :config_name");
foreach ($array_config as $config_name => $config_value) {
$sth->bindParam(':config_name', $config_name, PDO::PARAM_STR, 30);
$sth->bindParam(':config_value', $config_value, PDO::PARAM_STR);
$sth->execute();
}
nv_del_moduleCache('settings');
if (!empty($rowcontent['alias'])) {
$stmt = $db->prepare('SELECT COUNT(*) FROM ' . $db_config['prefix'] . '_' . $module_data . '_rows WHERE id !=' . $rowcontent['id'] . ' AND ' . NV_LANG_DATA . '_alias = :alias');
$stmt->bindParam(':alias', $rowcontent['alias'], PDO::PARAM_STR);
$stmt->execute();
if ($stmt->fetchColumn()) {
$rows_id = $rowcontent['id'];
if ($rows_id == 0) {
$rows_id = $db->query('SELECT MAX(id) FROM ' . $db_config['prefix'] . '_' . $module_data . '_rows')->fetchColumn();
$rows_id = intval($rows_id) + 1;
}
$rowcontent['alias'] = $rowcontent['alias'] . '-' . $rows_id;
}
}
$hometext = $nv_Request->get_string('hometext', 'post', '');
$rowcontent['hometext'] = defined('NV_EDITOR') ? nv_nl2br($hometext, '') : nv_nl2br(nv_htmlspecialchars(strip_tags($hometext)), '<br />');
$rowcontent['product_code'] = nv_substr($nv_Request->get_title('product_code', 'post', '', 1), 0, 255);
$rowcontent['product_number'] = $nv_Request->get_int('product_number', 'post', 0);
$rowcontent['product_price'] = $nv_Request->get_string('product_price', 'post', '');
$rowcontent['product_price'] = floatval(preg_replace('/[^0-9\\.]/', '', $rowcontent['product_price']));
$rowcontent['discount_id'] = $nv_Request->get_int('discount_id', 'post', 0);
$rowcontent['money_unit'] = $nv_Request->get_string('money_unit', 'post', '');
$rowcontent['product_weight'] = $nv_Request->get_string('product_weight', 'post', '');
$rowcontent['product_weight'] = floatval(preg_replace('/[^0-9\\.]/', '', $rowcontent['product_weight']));
$rowcontent['weight_unit'] = $nv_Request->get_string('weight_unit', 'post', '');
$rowcontent['product_unit'] = $nv_Request->get_int('product_unit', 'post', 0);
$rowcontent['homeimgfile'] = $nv_Request->get_title('homeimg', 'post', '');
$rowcontent['homeimgalt'] = $nv_Request->get_title('homeimgalt', 'post', '', 1);
$typeprice = $rowcontent['listcatid'] ? $global_array_shops_cat[$rowcontent['listcatid']]['typeprice'] : 0;
if ($typeprice == 2) {
$price_config = $nv_Request->get_array('price_config', 'post');
$sortArray = array();
/**
* @Project NUKEVIET 4.x
* @Author VINADES.,JSC (contact@vinades.vn)
* @Copyright (C) 2014 VINADES.,JSC. All rights reserved
* @License GNU/GPL version 2 or any later version
* @Createdate 2-2-2010 12:55
*/
if (!defined('NV_IS_FILE_SETTINGS')) {
die('Stop!!!');
}
$errormess = '';
if ($nv_Request->isset_request('submit', 'post')) {
$preg_replace = array('pattern' => '/[^a-zA-Z0-9\\_]/', 'replacement' => '');
$array_config_global = array();
$array_config_global['cookie_prefix'] = nv_substr($nv_Request->get_title('cookie_prefix', 'post', '', 0, $preg_replace), 0, 255);
$array_config_global['session_prefix'] = nv_substr($nv_Request->get_title('session_prefix', 'post', '', 0, $preg_replace), 0, 255);
$array_config_global['cookie_secure'] = (int) $nv_Request->get_bool('cookie_secure', 'post', 0);
$array_config_global['cookie_httponly'] = (int) $nv_Request->get_bool('cookie_httponly', 'post', 0);
$sth = $db->prepare("UPDATE " . NV_CONFIG_GLOBALTABLE . " SET config_value = :config_value WHERE lang = 'sys' AND module = 'global' AND config_name = :config_name");
foreach ($array_config_global as $config_name => $config_value) {
$sth->bindParam(':config_name', $config_name, PDO::PARAM_STR, 30);
$sth->bindParam(':config_value', $config_value, PDO::PARAM_STR);
$sth->execute();
}
$array_config_define = array();
$array_config_define['nv_live_cookie_time'] = 86400 * $nv_Request->get_int('nv_live_cookie_time', 'post', 1);
$array_config_define['nv_live_session_time'] = 60 * $nv_Request->get_int('nv_gfx_width', 'post', 0);
$sth = $db->prepare("UPDATE " . NV_CONFIG_GLOBALTABLE . " SET config_value = :config_value WHERE lang = 'sys' AND module = 'define' AND config_name = :config_name");
foreach ($array_config_define as $config_name => $config_value) {
$sth->bindParam(':config_name', $config_name, PDO::PARAM_STR, 30);
$sth->bindParam(':config_value', $config_value, PDO::PARAM_STR);
$array = $sth->fetch();
if (empty($array)) {
nv_info_die($lang_global['error_404_title'], $lang_global['error_404_title'], $lang_global['error_404_content']);
}
$page_title = $lang_module['edit'];
$form_action = NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=' . $op . '&client_id=' . $client_id;
} else {
$array = array('client_id' => '', 'client_title' => '', 'client_secret' => '', 'redirect_uri' => '');
$page_title = $lang_module['add'];
$form_action = NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=' . $op;
}
if ($nv_Request->isset_request('submit', 'post')) {
$array['client_id'] = nv_substr($nv_Request->get_title('client_id', 'post', '', true), 0, 80);
$array['client_title'] = nv_substr($nv_Request->get_title('client_title', 'post', '', true), 0, 80);
$array['client_secret'] = nv_substr($nv_Request->get_title('client_secret', 'post', '', true), 0, 80);
$array['redirect_uri'] = nv_substr($nv_Request->get_title('redirect_uri', 'post', '', false), 0, 2000);
if (empty($array['client_id'])) {
$error = $lang_module['content_error_id'];
} elseif (empty($array['client_title'])) {
$error = $lang_module['content_error_title'];
} elseif (empty($array['client_secret'])) {
$error = $lang_module['content_error_secret'];
} else {
$sql = 'SELECT * FROM ' . $db_config['prefix'] . '_' . $module_data . '_clients WHERE client_id = :client_id' . ($client_id ? ' AND client_id != ' . $db->quote($client_id) : '');
$sth = $db->prepare($sql);
$sth->bindParam(':client_id', $array['client_id'], PDO::PARAM_STR);
$sth->execute();
$num = $sth->fetchColumn();
if (!empty($num)) {
$error = $lang_module['content_error_exists'];
} else {
$fpart = isset($array_op[0]) ? $array_op[0] : '';
$fpart = $nv_Request->get_title('fpart', 'post,get', $fpart);
$ftitle = nv_substr($nv_Request->get_title('ftitle', 'post,get', '', 1), 0, 250);
$full = isset($array_op[1]) ? $array_op[1] : 1;
$base_url = NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name;
if (!empty($array_department)) {
$checkss = $nv_Request->get_title('checkss', 'post', '');
if ($checkss == md5($client_info['session_id'] . $global_config['sitekey'])) {
if (defined('NV_IS_USER')) {
$fname = !empty($user_info['full_name']) ? $user_info['full_name'] : $user_info['username'];
$femail = $user_info['email'];
} else {
$fname = nv_substr($nv_Request->get_title('fname', 'post', '', 1), 0, 100);
$femail = nv_substr($nv_Request->get_title('femail', 'post', '', 1), 0, 100);
}
$fphone = nv_substr($nv_Request->get_title('fphone', 'post', '', 1), 0, 100);
$fcon = $nv_Request->get_editor('fcon', '', NV_ALLOWED_HTML_TAGS);
$fcode = $nv_Request->get_title('fcode', 'post', '');
$check_valid_email = nv_check_valid_email($femail);
if (empty($fname)) {
$error = $lang_module['error_fullname'];
} elseif (!empty($check_valid_email)) {
$error = $check_valid_email;
} elseif (empty($ftitle)) {
$error = $lang_module['error_title'];
} elseif (empty($fcon)) {
$error = $lang_module['error_content'];
} elseif (!isset($array_department[$fpart])) {
$error = $lang_module['error_part'];
} elseif (!nv_capcha_txt($fcode)) {
$error = $lang_module['error_captcha'];
/**
* nv_clean60()
*
* @param mixed $string
* @param integer $num
* @return
*/
function nv_clean60($string, $num = 60, $specialchars = false)
{
global $global_config;
$string = nv_unhtmlspecialchars($string);
$len = nv_strlen($string);
if ($num and $num < $len) {
if (ord(nv_substr($string, $num, 1)) == 32) {
$string = nv_substr($string, 0, $num) . '...';
} elseif (strpos($string, ' ') === false) {
$string = nv_substr($string, 0, $num);
} else {
$string = nv_clean60($string, $num - 1);
}
}
if ($specialchars) {
$string = nv_htmlspecialchars($string);
}
return $string;
}
$id = $nv_Request->get_int('id', 'post', 0);
$sql = 'SELECT id FROM ' . $table_name . ' WHERE id=' . $id;
$id = $db->query($sql)->fetchColumn();
if (empty($id)) {
die('NO_' . $id);
}
$new_status = $nv_Request->get_bool('new_status', 'post');
$new_status = (int) $new_status;
$sql = 'UPDATE ' . $table_name . ' SET status=' . $new_status . ' WHERE id=' . $id;
$db->query($sql);
nv_del_moduleCache($module_name);
die('OK_' . $pid);
}
if (!empty($savecat)) {
$preg_replace = array('pattern' => '/[^a-zA-Z0-9\\_]/', 'replacement' => '_');
$data['title'] = nv_substr($nv_Request->get_title('title', 'post', ''), 0, 50);
$data['alias'] = strtolower(change_alias($data['title']));
$stmt = $db->query('SELECT * FROM ' . $db_config['prefix'] . '_' . $module_data . '_template where alias=' . $db->quote($data['alias']))->fetchColumn();
if (empty($data['title'])) {
$error = $lang_module['template_error_name'];
} elseif (!empty($stmt)) {
$error = $lang_module['block_error_alias'];
} else {
if ($data['id'] == 0) {
$listfield = "";
$listvalue = "";
$sql = "INSERT INTO " . $table_name . " VALUES (NULL ,1, '" . $data['title'] . "','" . $data['alias'] . "')";
$templaid = $db->insert_id($sql);
if ($templaid != 0) {
$sql = "CREATE TABLE IF NOT EXISTS " . $db_config['prefix'] . "_" . $module_data . "_info_" . $templaid . "(\n\t\t\t shopid mediumint(8) unsigned NOT NULL DEFAULT '0',\n\t\t\t status tinyint(1) NOT NULL DEFAULT '1',\n\t\t\t PRIMARY KEY (shopid)\n\t\t\t) ENGINE=MyISAM ";
$db->query($sql);
$caption = $lang_module['category_add'];
}
if ($nv_Request->get_int('save', 'post') == 1) {
$data['category_id'] = $nv_Request->get_int('category_id', 'post', 0);
$data['parentid_old'] = $nv_Request->get_int('parentid_old', 'post', 0);
$data['parent_id'] = $nv_Request->get_int('parent_id', 'post', 0);
$data['inhome'] = $nv_Request->get_int('inhome', 'post', 0);
$data['status'] = $nv_Request->get_int('status', 'post', 0);
$data['name'] = nv_substr($nv_Request->get_title('name', 'post', '', ''), 0, 255);
$data['alias'] = nv_substr($nv_Request->get_title('alias', 'post', '', ''), 0, 255);
$description = $nv_Request->get_string('description', 'post', '');
$data['description'] = defined('NV_EDITOR') ? nv_nl2br($description, '') : nv_nl2br(nv_htmlspecialchars(strip_tags($description)), '<br />');
$data['meta_title'] = nv_substr($nv_Request->get_title('meta_title', 'post', '', ''), 0, 255);
$data['meta_description'] = nv_substr($nv_Request->get_title('meta_description', 'post', '', ''), 0, 255);
$data['meta_keyword'] = nv_substr($nv_Request->get_title('meta_keyword', 'post', '', ''), 0, 255);
$data['layout'] = nv_substr($nv_Request->get_title('layout', 'post', '', ''), 0, 255);
if (empty($data['name'])) {
$error['name'] = $lang_module['category_error_name'];
}
if (!empty($error) && !isset($error['warning'])) {
$error['warning'] = $lang_module['category_error_warning'];
}
$_groups_post = $nv_Request->get_array('groups_view', 'post', array());
$data['groups_view'] = !empty($_groups_post) ? implode(',', nv_groups_post(array_intersect($_groups_post, array_keys($groups_list)))) : '';
$stmt = $db->prepare('SELECT COUNT(*) FROM ' . TABLE_PHOTO_NAME . '_category WHERE category_id !=' . $data['category_id'] . ' AND alias= :alias');
$stmt->bindParam(':alias', $data['alias'], PDO::PARAM_STR);
$stmt->execute();
$check_alias = $stmt->fetchColumn();
if ($check_alias) {
$error['warning'] = $lang_module['duplicate_alias'];
} elseif ($check_alias and $data['parent_id'] > 0) {
}
$page_title = $lang_module['setting'];
$savesetting = $nv_Request->get_int('savesetting', 'post', 0);
if (!empty($savesetting)) {
$photo_setting = array();
$photo_setting['origin_size_width'] = $nv_Request->get_int('origin_size_width', 'post', 0);
$photo_setting['origin_size_height'] = $nv_Request->get_int('origin_size_height', 'post', 0);
$photo_setting['cr_thumb_width'] = $nv_Request->get_int('cr_thumb_width', 'post', 0);
$photo_setting['cr_thumb_height'] = $nv_Request->get_int('cr_thumb_height', 'post', 0);
$photo_setting['cr_thumb_quality'] = $nv_Request->get_int('cr_thumb_quality', 'post', 0);
$photo_setting['per_line'] = $nv_Request->get_int('per_line', 'post', 0);
$photo_setting['per_page_album'] = $nv_Request->get_int('per_page_album', 'post', 0);
$photo_setting['per_page_photo'] = $nv_Request->get_int('per_page_photo', 'post', 20);
$photo_setting['home_title_cut'] = $nv_Request->get_int('home_title_cut', 'post', 20);
$photo_setting['home_view'] = $nv_Request->get_title('home_view', 'post', '', 0);
$photo_setting['home_layout'] = nv_substr($nv_Request->get_title('home_layout', 'post', '', ''), 0, 255);
$photo_setting['album_view'] = $nv_Request->get_title('album_view', 'post', '', 0);
$photo_setting['module_logo'] = $nv_Request->get_title('module_logo', 'post', '', 0);
$photo_setting['social_tool'] = $nv_Request->get_int('social_tool', 'post', 0);
$photo_setting['fbappid'] = $nv_Request->get_int('fbappid', 'post', 0);
$photo_setting['active_logo'] = $nv_Request->get_int('active_logo', 'post', 0);
$photo_setting['autologosize1'] = $nv_Request->get_int('autologosize1', 'post', 50);
$photo_setting['autologosize2'] = $nv_Request->get_int('autologosize2', 'post', 40);
$photo_setting['autologosize3'] = $nv_Request->get_int('autologosize3', 'post', 30);
$photo_setting['structure_upload'] = $nv_Request->get_title('structure_upload', 'post', '', 0);
$photo_setting['maxupload'] = $nv_Request->get_int('maxupload', 'post', 0);
$photo_setting['maxupload'] = min(nv_converttoBytes(ini_get('upload_max_filesize')), nv_converttoBytes(ini_get('post_max_size')), $photo_setting['maxupload']);
if (!nv_is_url($photo_setting['module_logo']) and file_exists(NV_DOCUMENT_ROOT . $photo_setting['module_logo'])) {
$lu = strlen(NV_BASE_SITEURL);
$photo_setting['module_logo'] = substr($photo_setting['module_logo'], $lu);
} elseif (!nv_is_url($photo_setting['module_logo'])) {
$site_favicon = $nv_Request->get_title('site_favicon', 'post');
if (empty($site_favicon) or $site_favicon == NV_ASSETS_DIR . '/favicon.ico') {
$array_config['site_favicon'] = '';
} elseif (!nv_is_url($site_favicon)) {
if (nv_is_file($site_favicon) === true) {
$lu = strlen(NV_BASE_SITEURL);
$array_config['site_favicon'] = substr($site_favicon, $lu);
} else {
$array_config['site_favicon'] = '';
}
}
$array_config['site_home_module'] = nv_substr($nv_Request->get_title('site_home_module', 'post', '', 1), 0, 255);
if (!isset($site_mods[$array_config['site_home_module']])) {
$array_config['site_home_module'] = $global_config['site_home_module'];
}
$array_config['site_description'] = nv_substr($nv_Request->get_title('site_description', 'post', '', 1), 0, 255);
$array_config['disable_site_content'] = $nv_Request->get_editor('disable_site_content', '', NV_ALLOWED_HTML_TAGS);
if (empty($array_config['disable_site_content'])) {
$array_config['disable_site_content'] = $lang_global['disable_site_content'];
}
$array_config['ssl_https_modules'] = $nv_Request->get_array('ssl_https_modules', 'post', array());
$array_config['ssl_https_modules'] = array_intersect($array_config['ssl_https_modules'], array_keys($site_mods));
$array_config['ssl_https_modules'] = empty($array_config['ssl_https_modules']) ? '' : implode(',', $array_config['ssl_https_modules']);
$sth = $db->prepare("UPDATE " . NV_CONFIG_GLOBALTABLE . " SET config_value= :config_value WHERE config_name = :config_name AND lang = '" . NV_LANG_DATA . "' AND module='global'");
foreach ($array_config as $config_name => $config_value) {
$sth->bindParam(':config_name', $config_name, PDO::PARAM_STR, 30);
$sth->bindParam(':config_value', $config_value, PDO::PARAM_STR);
$sth->execute();
}
$nv_Cache->delAll();
if (empty($errormess)) {
/**
* @Project NUKEVIET 4.x
* @Author VINADES.,JSC (contact@vinades.vn)
* @Copyright (C) 2014 VINADES.,JSC. All rights reserved
* @License GNU/GPL version 2 or any later version
* @Createdate 2-1-2010 22:5
*/
if (!defined('NV_IS_FILE_EXTENSIONS')) {
die('Stop!!!');
}
$page_title = $lang_global['mod_extensions'];
$request = array();
$request['page'] = $nv_Request->get_int('page', 'get', 1);
$request['mode'] = $nv_Request->get_title('mode', 'get', '');
$request['q'] = nv_substr($nv_Request->get_title('q', 'get', ''), 0, 64);
// Fixed request
$request['per_page'] = 10;
$request['lang'] = NV_LANG_INTERFACE;
$request['basever'] = $global_config['version'];
// Mode filter
if (!in_array($request['mode'], array('search', 'newest', 'popular', 'featured', 'downloaded', 'favorites'))) {
header('Location:' . NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=manage');
die;
}
if ($request['mode'] != 'search') {
$set_active_op = $request['mode'];
}
$xtpl = new XTemplate($op . '.tpl', NV_ROOTDIR . '/themes/' . $global_config['module_theme'] . '/modules/' . $module_file);
$xtpl->assign('LANG', $lang_module);
$xtpl->assign('REQUEST', $request);
if (!defined('NV_IS_FILE_WEBTOOLS')) {
die('Stop!!!');
}
$timezone_array = array_keys($nv_parse_ini_timezone);
$googleAnalyticsMethod = array('classic' => 'Classic Analytics', 'universal' => 'Universal Analytics');
$array_config_global = array();
if ($nv_Request->isset_request('submit', 'post')) {
$array_config_global['online_upd'] = $nv_Request->get_int('online_upd', 'post');
$array_config_global['statistic'] = $nv_Request->get_int('statistic', 'post');
$statistics_timezone = nv_substr($nv_Request->get_title('statistics_timezone', 'post', '', 0), 0, 255);
if (!empty($statistics_timezone) and in_array($statistics_timezone, $timezone_array)) {
$array_config_global['statistics_timezone'] = $statistics_timezone;
} else {
$array_config_global['statistics_timezone'] = NV_SITE_TIMEZONE_NAME;
}
$array_config_global['googleAnalyticsID'] = nv_substr($nv_Request->get_title('googleAnalyticsID', 'post', '', 1), 0, 20);
if (!preg_match('/^UA-\\d{4,}-\\d+$/', $array_config_global['googleAnalyticsID'])) {
$array_config_global['googleAnalyticsID'] = '';
}
$array_config_global['googleAnalyticsSetDomainName'] = $nv_Request->get_int('googleAnalyticsSetDomainName', 'post');
$array_config_global['googleAnalyticsMethod'] = $nv_Request->get_title('googleAnalyticsMethod', 'post', '', 1);
if (!isset($googleAnalyticsMethod[$array_config_global['googleAnalyticsMethod']])) {
$googleAnalyticsMethod['googleAnalyticsMethod'] = 'classic';
}
$sth = $db->prepare("UPDATE " . NV_CONFIG_GLOBALTABLE . " SET config_value = :config_value WHERE lang = 'sys' AND module = 'site' AND config_name = :config_name");
foreach ($array_config_global as $config_name => $config_value) {
$sth->bindParam(':config_name', $config_name, PDO::PARAM_STR);
$sth->bindParam(':config_value', $config_value, PDO::PARAM_STR);
$sth->execute();
}
nv_delete_all_cache(false);
} elseif (file_exists(NV_ROOTDIR . '/modules/' . $mod_file . '/language/block.' . $matches[1] . '.' . $matches[2] . '_' . NV_LANG_DATA . '.php')) {
$path_file_lang = NV_ROOTDIR . '/modules/' . $mod_file . '/language/block.' . $matches[1] . '.' . $matches[2] . '_' . NV_LANG_DATA . '.php';
} elseif (file_exists(NV_ROOTDIR . '/modules/' . $mod_file . '/language/block.' . $matches[1] . '.' . $matches[2] . '_en.php')) {
$path_file_lang = NV_ROOTDIR . '/modules/' . $mod_file . '/language/block.' . $matches[1] . '.' . $matches[2] . '_en.php';
}
}
}
if (empty($row['title'])) {
$row['title'] = str_replace('_', ' ', $matches[1] . ' ' . $matches[2]);
}
} else {
$error[] = $lang_module['block_error_nsblock'];
}
$row['link'] = $nv_Request->get_title('link', 'post', '');
$row['template'] = nv_substr($nv_Request->get_title('template', 'post', '', 0), 0, 55);
$row['position'] = nv_substr($nv_Request->get_title('position', 'post', '', 0), 0, 55);
if (preg_match('/^([0-9]{1,2})\\/([0-9]{1,2})\\/([0-9]{4})$/', $nv_Request->get_string('exp_time', 'post'), $m)) {
$row['exp_time'] = mktime(0, 0, 0, $m[2], $m[1], $m[3]);
} else {
$row['exp_time'] = 0;
}
$row['active'] = $nv_Request->get_int('active', 'post', 0);
$groups_view = $nv_Request->get_array('groups_view', 'post', array());
$row['groups_view'] = !empty($groups_view) ? implode(',', nv_groups_post(array_intersect($groups_view, array_keys($groups_list)))) : '';
$all_func = ($nv_Request->get_int('all_func', 'post') == 1 and ((preg_match($global_config['check_block_module'], $row['file_name']) or preg_match($global_config['check_block_theme'], $row['file_name'])) and preg_match('/^global\\.([a-zA-Z0-9\\-\\_\\.]+)\\.php$/', $row['file_name']))) ? 1 : 0;
$array_funcid_post = $nv_Request->get_array('func_id', 'post');
if (empty($all_func) and empty($array_funcid_post)) {
$error[] = $lang_module['block_no_func'];
}
$row['leavegroup'] = $nv_Request->get_int('leavegroup', 'post', 0);
if (!empty($row['leavegroup']) and !empty($row['bid'])) {
/**
* @Project NUKEVIET 4.x
* @Author VINADES.,JSC (contact@vinades.vn)
* @Copyright (C) 2014 VINADES.,JSC. All rights reserved
* @License GNU/GPL version 2 or any later version
* @Createdate 3-6-2010 0:30
*/
if (!defined('NV_IS_MOD_DOWNLOAD')) {
die('Stop!!!');
}
global $global_config, $lang_module, $lang_global, $module_info, $module_name, $module_file, $nv_Request;
$list_cats = nv_list_cats(true);
$download_config = nv_mod_down_config();
$page = $nv_Request->get_int('page', 'get', 1);
$per_page = $download_config['per_page_child'];
$key = nv_substr($nv_Request->get_title('q', 'post', '', 1), 0, NV_MAX_SEARCH_LENGTH);
$cat = $nv_Request->get_int('cat', 'post', 0);
$page_title = $lang_module['search'] . ' ' . $key;
$base_url = NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=search';
$array_where = array();
$db->sqlreset()->select('COUNT(*)')->from(NV_PREFIXLANG . '_' . $module_data);
if (!empty($key)) {
$array_where[] = '(title LIKE :keyword1 OR description LIKE :keyword2 OR introtext LIKE :keyword3)';
}
if (!empty($cat) and isset($list_cats[$cat])) {
$allcat = $list_cats[$cat]['subcats'];
if (!empty($allcat)) {
$allcat[] = $cat;
$array_where[] = 'catid IN (' . implode(',', $allcat) . ')';
} else {
$array_where[] = 'catid = ' . $cat;
}
$ss_safesend = $nv_Request->get_int('safesend', 'session', 0);
if ($ss_safesend < NV_CURRENTTIME) {
$name = $global_config['name_show'] ? array($row['first_name'], $row['last_name']) : array($row['last_name'], $row['first_name']);
$name = array_filter($name);
$name = implode(' ', $name);
$sitename = '<a href="' . NV_MY_DOMAIN . NV_BASE_SITEURL . '">' . $global_config['site_name'] . '</a>';
$message = sprintf($lang_module['safe_send_content'], $name, $sitename, $row['safekey']);
@nv_sendmail($global_config['site_email'], $row['email'], $lang_module['safe_send_subject'], $message);
$ss_safesend = NV_CURRENTTIME + 600;
$nv_Request->set_Session('safesend', $ss_safesend);
}
$ss_safesend = ceil(($ss_safesend - NV_CURRENTTIME) / 60);
die(json_encode(array('status' => 'ok', 'input' => '', 'mess' => sprintf($lang_module['safe_send_ok'], $ss_safesend))));
}
$safe_key = nv_substr($nv_Request->get_title('safe_key', 'post', '', 1), 0, 32);
if (empty($row['safekey']) or $safe_key != $row['safekey']) {
die(json_encode(array('status' => 'error', 'input' => 'safe_key', 'mess' => $lang_module['verifykey_error'])));
}
$stmt = $db->prepare('UPDATE ' . NV_USERS_GLOBALTABLE . ' SET safemode=1, safekey= :safekey WHERE userid=' . $user_info['userid']);
$stmt->bindParam(':safekey', $row['safekey'], PDO::PARAM_STR);
$stmt->execute();
die(json_encode(array('status' => 'ok', 'input' => nv_url_rewrite(NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=editinfo', true), 'mess' => $lang_module['safe_activate_ok'])));
}
$page_title = $mod_title = $lang_module['editinfo_pagetitle'];
$key_words = $module_info['keywords'];
if (!defined('NV_EDITOR')) {
define('NV_EDITOR', 'ckeditor');
}
require_once NV_ROOTDIR . '/' . NV_EDITORSDIR . '/' . NV_EDITOR . '/nv.php';
$sql = 'SELECT * FROM ' . NV_USERS_GLOBALTABLE . '_info WHERE userid=' . $user_info['userid'];
$array_config_global['site_lang'] = $site_lang;
}
if ($array_config_global['lang_multi'] == 0) {
$array_config_global['rewrite_optional'] = $nv_Request->get_int('rewrite_optional', 'post', 0);
$array_config_global['lang_geo'] = 0;
$array_config_global['rewrite_op_mod'] = $nv_Request->get_title('rewrite_op_mod', 'post');
if (!isset($site_mods[$array_config_global['rewrite_op_mod']]) or $array_config_global['rewrite_optional'] == 0) {
$array_config_global['rewrite_op_mod'] = '';
}
} else {
$array_config_global['rewrite_optional'] = 0;
$array_config_global['lang_geo'] = $nv_Request->get_int('lang_geo', 'post', 0);
$array_config_global['rewrite_op_mod'] = '';
}
$array_config_global['error_set_logs'] = $nv_Request->get_int('error_set_logs', 'post', 0);
$error_send_email = nv_substr($nv_Request->get_title('error_send_email', 'post', '', 1), 0, 255);
if (nv_check_valid_email($error_send_email) == '') {
$array_config_global['error_send_email'] = $error_send_email;
}
$array_config_global['cdn_url'] = '';
$cdn_url = rtrim($nv_Request->get_string('cdn_url', 'post'), '/');
if (!empty($cdn_url)) {
$cdn_url = preg_replace('/^(http|https)\\:\\/\\//', '', $cdn_url);
$cdn_url = preg_replace('/^([^\\/]+)\\/*(.*)$/', '\\1', $cdn_url);
$_p = '';
if (preg_match('/(.*)\\:([0-9]+)$/', $cdn_url, $m)) {
$cdn_url = $m[1];
$_p = ':' . $m[2];
}
$cdn_url = nv_check_domain(nv_strtolower($cdn_url));
if (!empty($cdn_url)) {
}
opidr(array('status' => 'success', 'mess' => $lang_module['account_register_to_admin']));
die;
}
$page_title = $lang_global['openid_login'];
$key_words = $module_info['keywords'];
$mod_title = $lang_global['openid_login'];
$contents .= user_openid_login($gfx_chk, $attribs);
include NV_ROOTDIR . '/includes/header.php';
echo nv_site_theme($contents, false);
include NV_ROOTDIR . '/includes/footer.php';
exit;
}
//Dang nhap kieu thong thuong
if ($nv_Request->isset_request('nv_login', 'post')) {
$nv_username = nv_substr($nv_Request->get_title('nv_login', 'post', '', 1), 0, 100);
$nv_password = $nv_Request->get_title('nv_password', 'post', '');
$nv_seccode = $nv_Request->get_title('nv_seccode', 'post', '');
$check_seccode = !$gfx_chk ? true : (nv_capcha_txt($nv_seccode) ? true : false);
if (!$check_seccode) {
die(signin_result(array('status' => 'error', 'input' => 'nv_seccode', 'mess' => $lang_global['securitycodeincorrect'])));
}
if (empty($nv_username)) {
die(signin_result(array('status' => 'error', 'input' => 'nv_login', 'mess' => $lang_global['username_empty'])));
}
if (empty($nv_password)) {
die(signin_result(array('status' => 'error', 'input' => 'nv_password', 'mess' => $lang_global['password_empty'])));
}
if (defined('NV_IS_USER_FORUM')) {
$error = '';
require_once NV_ROOTDIR . '/' . DIR_FORUM . '/nukeviet/login.php';
$_form_exit = scandir(NV_ROOTDIR . '/' . NV_ASSETS_DIR . '/' . $module_file . '/files_tpl');
foreach ($_form_exit as $_form) {
if (preg_match('/^cat\\_form\\_([a-zA-Z0-9\\-\\_]+)\\.tpl$/', $_form, $m)) {
$cat_form_exit[] = $m[1];
}
}
if (!empty($savecat)) {
$field_lang = nv_file_table($table_name);
$data['catid'] = $nv_Request->get_int('catid', 'post', 0);
$data['typeprice'] = $nv_Request->get_int('typeprice', 'post', 2);
$data['parentid_old'] = $nv_Request->get_int('parentid_old', 'post', 0);
$data['parentid'] = $nv_Request->get_int('parentid', 'post', 0);
$data['title'] = nv_substr($nv_Request->get_title('title', 'post', '', 1), 0, 255);
$data['title_custom'] = nv_substr($nv_Request->get_title('title_custom', 'post', '', 1), 0, 255);
$data['keywords'] = nv_substr($nv_Request->get_title('keywords', 'post', '', 1), 0, 255);
$data['alias'] = nv_substr($nv_Request->get_title('alias', 'post', '', 1), 0, 255);
$data['description'] = $nv_Request->get_string('description', 'post', '');
$data['description'] = nv_nl2br(nv_htmlspecialchars(strip_tags($data['description'])), '<br />');
$data['descriptionhtml'] = $nv_Request->get_editor('descriptionhtml', '', NV_ALLOWED_HTML_TAGS);
$data['viewdescriptionhtml'] = $nv_Request->get_int('viewdescriptionhtml', 'post', 0);
$data['cat_allow_point'] = $nv_Request->get_int('cat_allow_point', 'post', 0);
$data['cat_number_point'] = $nv_Request->get_int('cat_number_point', 'post', 0);
$data['cat_number_product'] = $nv_Request->get_int('cat_number_product', 'post', 0);
$data['alias'] = $data['alias'] == '' ? change_alias($data['title']) : change_alias($data['alias']);
// Cat mo ta cho chinh xac
if (strlen($data['description']) > 255) {
$data['description'] = nv_clean60($data['description'], 250);
}
$_groups_post = $nv_Request->get_array('groups_view', 'post', array());
$data['groups_view'] = !empty($_groups_post) ? implode(',', nv_groups_post(array_intersect($_groups_post, array_keys($groups_list)))) : '';
if ($data['title'] == '') {
} elseif (empty($dataform['field'])) {
$error = $lang_module['field_error_empty'];
} else {
// Kiểm tra trùng trường dữ liệu
$stmt = $db->prepare('SELECT * FROM ' . NV_USERS_GLOBALTABLE . '_field WHERE field= :field');
$stmt->bindParam(':field', $dataform['field'], PDO::PARAM_STR);
$stmt->execute();
if ($stmt->fetchColumn()) {
$error = $lang_module['field_error'];
}
}
}
$language[NV_LANG_DATA] = array($dataform['title'], $dataform['description']);
if ($dataform['field_type'] == 'textbox' || $dataform['field_type'] == 'textarea' || $dataform['field_type'] == 'editor') {
$text_fields = 1;
$dataform['match_type'] = nv_substr($nv_Request->get_title('match_type', 'post', '', 0, $preg_replace), 0, 50);
$dataform['match_regex'] = $dataform['match_type'] == 'regex' ? $nv_Request->get_string('match_regex', 'post', '', false) : '';
$dataform['func_callback'] = $dataform['match_type'] == 'callback' ? $nv_Request->get_string('match_callback', 'post', '', false) : '';
if ($dataform['func_callback'] != '' and !function_exists($dataform['func_callback'])) {
$dataform['func_callback'] = '';
}
if ($dataform['field_type'] == 'editor') {
$dataform['editor_width'] = $nv_Request->get_string('editor_width', 'post', '100%', 0);
$dataform['editor_height'] = $nv_Request->get_string('editor_height', 'post', '300px', 0);
if (!preg_match('/^([0-9]+)(\\%|px)+$/', $dataform['editor_width'])) {
$dataform['editor_width'] = '100%';
}
if (!preg_match('/^([0-9]+)(\\%|px)+$/', $dataform['editor_height'])) {
$dataform['editor_height'] = '300px';
}
$dataform['class'] = $dataform['editor_width'] . '@' . $dataform['editor_height'];
* @License GNU/GPL version 2 or any later version
* @Createdate 2-9-2010 14:43
*/
if (!defined('NV_IS_FILE_ADMIN')) {
die('Stop!!!');
}
$page_title = $lang_module['prounit'];
$error = "";
$savecat = 0;
$data = array("title" => "", 'note' => "");
$table_name = $db_config['prefix'] . "_" . $module_data . "_units";
$data['id'] = $nv_Request->get_int('id', 'post,get', 0);
$savecat = $nv_Request->get_int('savecat', 'post', 0);
if (!empty($savecat)) {
$field_lang = nv_file_table($table_name);
$data['title'] = nv_substr($nv_Request->get_title('title', 'post', '', 1), 0, 255);
$data['note'] = $nv_Request->get_title('note', 'post', '', 1);
if ($data['id'] == 0) {
$listfield = "";
$listvalue = "";
foreach ($field_lang as $field_lang_i) {
list($flang, $fname) = $field_lang_i;
$listfield .= ", " . $flang . "_" . $fname;
if ($flang == NV_LANG_DATA) {
$listvalue .= ", " . $db->quote($data[$fname]);
} else {
$listvalue .= ", " . $db->quote($data[$fname]);
}
}
$sql = "INSERT INTO " . $table_name . " (id " . $listfield . ") VALUES (NULL " . $listvalue . ")";
if ($db->insert_id($sql)) {
<?php
/**
* @Project NUKEVIET BLOG 4.x
* @Author PHAN TAN DUNG (phantandung92@gmail.com)
* @Copyright (C) 2014 PHAN TAN DUNG. All rights reserved
* @License GNU/GPL version 2 or any later version
* @Createdate Dec 11, 2013, 09:50:11 PM
*/
if (!defined('NV_IS_MOD_BLOG')) {
die('Stop!!!');
}
$page_title = $mod_title = $BL->lang('search');
// Breadcrumbs
$array_mod_title[] = array('catid' => 0, 'title' => $BL->lang('search'), 'link' => NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=" . $op);
$array = array('q' => nv_substr($nv_Request->get_title('q', 'get', '', NV_MIN_SEARCH_LENGTH), 0, NV_MAX_SEARCH_LENGTH), 'catid' => $nv_Request->get_int('catid', 'get', 0), 'contents' => array());
// Phân trang
$page = $nv_Request->get_int('page', 'get', 1);
$generate_page = '';
$total_pages = 0;
$all_page = 0;
// Chuyển đến trang xem theo theo mục nếu để trống từ khóa mà tìm theo danh mục
if (empty($array['q']) and isset($global_array_cat[$array['catid']])) {
header('Location:' . nv_url_rewrite(NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=" . $global_array_cat[$array['catid']]['alias'], true));
die;
}
// Chỉnh lại đường dẫn cho phù hợp
if ($page < 1 or $page == 1 and $nv_Request->isset_request('page', 'get') or $nv_Request->isset_request('q', 'get') and empty($array['q']) or empty($array['q']) and isset($_GET['catid']) or isset($_GET['catid']) and (!is_numeric($_GET['catid']) or !isset($global_array_cat[$array['catid']]) and $array['catid'] != 0)) {
header('Location:' . nv_url_rewrite(NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=" . $op, true));
die;
}
}
if (empty($block)) {
include NV_ROOTDIR . '/includes/header.php';
echo json_encode(array('status' => 'error', 'message' => 'Invalid data', 'data' => array(), 'error' => array()));
include NV_ROOTDIR . '/includes/footer.php';
}
// Add + Edit submit
if ($nv_Request->isset_request('submit', 'post')) {
$data = $error = array();
$message = '';
$data['id'] = $nv_Request->get_int('id', 'post', 0);
$data['title'] = nv_substr($nv_Request->get_title('title', 'post', ''), 0, 255);
$data['description'] = $nv_Request->get_editor('description', '', NV_ALLOWED_HTML_TAGS);
$data['link'] = nv_substr($nv_Request->get_string('link', 'post', ''), 0, 255);
$data['target'] = nv_substr($nv_Request->get_title('target', 'post', ''), 0, 10);
$data['image'] = nv_substr($nv_Request->get_title('image', 'post', ''), 0, 255);
$data['status'] = $nv_Request->get_int('status', 'post', 0) == 0 ? 0 : 1;
$data['exptime'] = $nv_Request->get_int('exptime', 'post', 0);
if (empty($data['title'])) {
$error[] = array('name' => 'title', 'value' => $lang_module['content_title_error']);
}
if (!empty($data['link'])) {
if (!preg_match("/\\:\\/\\//i", $data['link'])) {
$data['link'] = 'http://' . $data['link'];
}
if (!nv_is_url($data['link'])) {
$error[] = array('name' => 'link', 'value' => $lang_module['content_link_error']);
}
}
// Prosess image
if (is_file(NV_DOCUMENT_ROOT . $data['image'])) {
if (empty($addfile) or $addfile != md5($client_info['session_id'])) {
Header('Location: ' . nv_url_rewrite(NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name, true));
exit;
}
$array['catid'] = $nv_Request->get_int('upload_catid', 'post', 0);
$array['title'] = nv_substr($nv_Request->get_title('upload_title', 'post', '', 1), 0, 255);
$array['description'] = $nv_Request->get_editor('upload_description', '', NV_ALLOWED_HTML_TAGS);
$array['introtext'] = $nv_Request->get_textarea('upload_introtext', '', NV_ALLOWED_HTML_TAGS);
$array['author_name'] = nv_substr($nv_Request->get_title('upload_author_name', 'post', '', 1), 0, 100);
$array['author_email'] = nv_substr($nv_Request->get_title('upload_author_email', 'post', ''), 0, 60);
$array['author_url'] = nv_substr($nv_Request->get_title('upload_author_url', 'post', '', 0), 0, 255);
$array['linkdirect'] = $nv_Request->get_textarea('upload_linkdirect', '');
$array['version'] = nv_substr($nv_Request->get_title('upload_version', 'post', '', 1), 0, 20);
$array['filesize'] = $nv_Request->get_int('upload_filesize', 'post', 0);
$array['copyright'] = nv_substr($nv_Request->get_title('upload_copyright', 'post', '', 1), 0, 255);
$array['user_name'] = nv_substr($nv_Request->get_title('upload_user_name', 'post', '', 1), 0, 100);
$array['user_id'] = 0;
$seccode = $nv_Request->get_title('upload_seccode', 'post', '');
if (defined('NV_IS_USER')) {
$array['user_name'] = $user_info['username'];
$array['user_id'] = $user_info['userid'];
}
if (!empty($array['author_url'])) {
if (!preg_match("#^(http|https|ftp|gopher)\\:\\/\\/#", $array['author_url'])) {
$array['author_url'] = 'http://' . $array['author_url'];
}
}
if (!empty($array['linkdirect'])) {
$linkdirect = $array['linkdirect'];
$linkdirect = nv_nl2br($linkdirect, '<br />');
$linkdirect = explode('<br />', $linkdirect);
