function content_data($key) { global $hmcontent; $con = $hmcontent->hmcontent; if (isset($con[$key])) { $args = $con[$key]; return $args; } else { hm_exit(_('Không có kiểu nội dung này')); } }
$this->load_template_file($theme, $template_file); } /** Load file template dựa trên tên file php */ public function load_template_file($theme, $template_file, $data = array()) { foreach ($data as $key => $value) { ${$key} = $value; } if (file_exists(BASEPATH . HM_THEME_DIR . '/' . $theme . '/' . $template_file . '.php')) { require_once BASEPATH . HM_THEME_DIR . '/' . $theme . '/' . $template_file . '.php'; } else { hm_exit('Không thể load file "' . $template_file . '.php" của giao diện "' . $theme . '"');
function taxonomy_data($key) { global $hmtaxonomy; $tax = $hmtaxonomy->hmtaxonomy; if (isset($tax[$key])) { $args = $tax[$key]; return $args; } else { hm_exit(_('Không có kiểu phân loại này')); } }
<?php /** * Tệp tin xử lý login bằng ajax trong admin * Vị trí : admin/login_ajax.php */ if (!defined('BASEPATH')) { exit('403'); } /** gọi tệp tin admin base */ require_once dirname(__FILE__) . '/admin.php'; /** gọi model xử lý login */ require_once dirname(__FILE__) . '/login/login_model.php'; if ($_SERVER['HTTP_HOST'] != parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST)) { hm_exit('403 - Truy cập bị từ chối'); } $key = hm_get('key'); $id = hm_get('id'); $action = hm_get('action'); switch ($action) { case 'log-me-in': echo admin_cp_login(); break; }
/** Kiểm tra mã đổi mật khẩu tồn tại */ function newpw_checkkey() { global $hmuser; $hmdb = new MySQL(true, DB_NAME, DB_HOST, DB_USER, DB_PASSWORD, DB_CHARSET); hook_action('newpw_checkkey'); $key = hm_get('key'); $tableName = DB_PREFIX . "field"; $whereArray = array('name' => MySQL::SQLValue('lostpw_key'), 'object_type' => MySQL::SQLValue('user'), 'val' => MySQL::SQLValue($key)); $hmdb->SelectRows($tableName, $whereArray); if ($hmdb->HasRecords()) { return TRUE; } else { hm_exit(_('Đường link đã hết hạn')); } }
<?php /** * Đây là tệp tin xử lý quản trị admin * Vị trí : /admin/admin.php */ if (!defined('BASEPATH')) { exit('403'); } $disallow_check = array('login.php', 'login_ajax.php'); if (!in_array(hm_get('run'), $disallow_check)) { $cookie_admin_login = $_COOKIE['admin_login']; $session_admin_login = $_SESSION['admin_login']; if ($cookie_admin_login == NULL or $session_admin_login == NULL) { $login_page = SITE_URL . FOLDER_PATH . HM_ADMINCP_DIR . '?run=login.php&back=' . urlencode(SITE_URL . $_SERVER['REQUEST_URI']); echo '<meta http-equiv="refresh" content="0;' . $login_page . '">'; hm_exit(_('Đang chuyển hướng đến trang đăng nhập')); } if ($cookie_admin_login == $session_admin_login) { /** Làm mới cookie admin */ setcookie('admin_login', $cookie_admin_login, time() + COOKIE_EXPIRES, '/'); define('ADMIN_LOGIN', $session_admin_login); } else { $login_page = SITE_URL . FOLDER_PATH . HM_ADMINCP_DIR . '?run=login.php&back=' . SITE_URL . $_SERVER['REQUEST_URI']; echo '<meta http-equiv="refresh" content="0;' . $login_page . '">'; hm_exit(_('Đang chuyển hướng đến trang đăng nhập')); } }
/** Load template user box */ function ajax_add_user($args = array()) { global $hmuser; $hmdb = new MySQL(true, DB_NAME, DB_HOST, DB_USER, DB_PASSWORD, DB_CHARSET); hook_action('ajax_add_user'); if (isset($args['id_update'])) { $id_update = $args['id_update']; } else { $id_update = NULL; } $user_login = hm_post('user_login'); $password = hm_post('password'); $password2 = hm_post('password2'); $nicename = hm_post('nicename'); $user_email = hm_post('user_email'); $userrole = hm_post('userrole'); $user_group = hm_post('user_group', 0); $salt = rand(100000, 999999); $user_activation_key = '0'; if ($password != $password2) { return json_encode(array('status' => 'error', 'mes' => _('Hai mật khẩu nhập vào không khớp'))); hm_exit(); } $tableName = DB_PREFIX . "users"; /** check trùng user login */ if (!is_numeric($id_update)) { $whereArray = array('user_login' => MySQL::SQLValue($user_login)); $hmdb->SelectRows($tableName, $whereArray); if ($hmdb->HasRecords()) { return json_encode(array('status' => 'error', 'mes' => _('Tài khoản này đã tồn tại'))); hm_exit(); } } $password_encode = hm_encode_str(md5($password . $salt)); /** Thêm tài khoản */ $values["user_login"] = MySQL::SQLValue($user_login); $values["user_nicename"] = MySQL::SQLValue($nicename); $values["user_email"] = MySQL::SQLValue($user_email); $values["user_activation_key"] = MySQL::SQLValue($user_activation_key); $values["user_role"] = MySQL::SQLValue($userrole); $values["user_group"] = MySQL::SQLValue($user_group); if (is_numeric($id_update)) { if ($password != '') { $values["user_pass"] = MySQL::SQLValue($password_encode); $values["salt"] = MySQL::SQLValue($salt); } $whereArray = array('id' => $id_update); $hmdb->AutoInsertUpdate($tableName, $values, $whereArray); $insert_id = $id_update; } else { $values["user_pass"] = MySQL::SQLValue($password_encode); $values["salt"] = MySQL::SQLValue($salt); $insert_id = $hmdb->InsertRow($tableName, $values); } /** Lưu user field */ foreach ($_POST as $post_key => $post_val) { if (is_numeric($insert_id)) { if (is_array($post_val)) { $post_val = json_encode($post_val); } $tableName = DB_PREFIX . 'field'; if ($post_key != 'password' and $post_key != 'password2') { $values["name"] = MySQL::SQLValue($post_key); $values["val"] = MySQL::SQLValue($post_val); $values["object_id"] = MySQL::SQLValue($insert_id, MySQL::SQLVALUE_NUMBER); $values["object_type"] = MySQL::SQLValue('user'); if (is_numeric($id_update)) { $whereArray = array('object_id' => MySQL::SQLValue($id_update, MySQL::SQLVALUE_NUMBER), 'object_type' => MySQL::SQLValue('user'), 'name' => MySQL::SQLValue($post_key)); $hmdb->AutoInsertUpdate($tableName, $values, $whereArray); } else { $hmdb->InsertRow($tableName, $values); } } unset($values); } } if (is_numeric($id_update)) { return json_encode(array('status' => 'updated', 'mes' => _('Đã sửa thông tin tài khoản : ' . $user_login))); } else { return json_encode(array('status' => 'success', 'mes' => _('Đã thêm tài khoản : ' . $user_login))); } }
/** Ajax upload */ function add_media() { if (isset($_SERVER["CONTENT_LENGTH"])) { if ($_SERVER["CONTENT_LENGTH"] > (int) ini_get('post_max_size') * 1024 * 1024) { return json_encode(array('status' => 'error', 'content' => _('Dung lượng tệp tin gửi lên vượt quá giới hạn cho phép của máy chủ'))); hm_exit(); } } $hmdb = new MySQL(true, DB_NAME, DB_HOST, DB_USER, DB_PASSWORD, DB_CHARSET); @($media_group = hm_post('media_group')); if (!is_numeric($media_group)) { $media_group = 0; } $tableName = DB_PREFIX . 'media_groups'; $whereArray = array('id' => MySQL::SQLValue($media_group)); $hmdb->SelectRows($tableName, $whereArray); $count = $hmdb->RowCount(); if ($count != '0') { $row = $hmdb->Row(); $folder = $row->folder; $folder_part = get_media_group_part($media_group); $dir = BASEPATH . HM_CONTENT_DIR . '/uploads/' . $folder_part; if (!file_exists($dir)) { mkdir($dir); chmod($dir, 0777); } $dir_dest = BASEPATH . HM_CONTENT_DIR . '/uploads/' . $folder_part; } else { $folder = "/"; $media_group = 0; $dir_dest = BASEPATH . HM_CONTENT_DIR . '/uploads'; } $dir_pics = $dir_dest; $files = array(); foreach ($_FILES['file'] as $k => $l) { foreach ($l as $i => $v) { if (!array_key_exists($i, $files)) { $files[$i] = array(); } $files[$i][$k] = $v; } } $status = 'success'; foreach ($files as $file) { $handle = new Upload($file, LANG); if ($handle->uploaded) { $handle->Process($dir_dest); if ($handle->processed) { /** tạo .htaccess */ $fp = fopen($dir_dest . '/.htaccess', 'w'); $content_htaccess = 'RemoveHandler .php .phtml .php3' . "\n" . 'RemoveType .php .phtml .php3'; fwrite($fp, $content_htaccess); fclose($fp); /** upload thành công, lưu database thông số file */ $file_is_image = 'false'; $file_info = array(); $file_info['file_src_name'] = $handle->file_src_name; $file_info['file_src_name_body'] = $handle->file_src_name_body; $file_info['file_src_name_ext'] = $handle->file_src_name_ext; $file_info['file_src_mime'] = $handle->file_src_mime; $file_info['file_src_size'] = $handle->file_src_size; $file_info['file_dst_name'] = $handle->file_dst_name; $file_info['file_dst_name_body'] = $handle->file_dst_name_body; $file_info['file_dst_name_ext'] = $handle->file_dst_name_ext; $file_info['file_is_image'] = $handle->file_is_image; $file_name = $file_info['file_src_name']; if ($file_info['file_is_image'] == TRUE) { $file_is_image = 'true'; $file_info['image_src_x'] = $handle->image_src_x; $file_info['image_src_y'] = $handle->image_src_y; $file_info['image_src_bits'] = $handle->image_src_bits; $file_info['image_src_pixels'] = $handle->image_src_pixels; $file_info['image_src_type'] = $handle->image_src_type; $file_info['image_dst_x'] = $handle->image_dst_x; $file_info['image_dst_y'] = $handle->image_dst_y; $file_info['image_dst_type'] = $handle->image_dst_type; $handle->image_resize = true; $handle->image_ratio_crop = true; $handle->image_y = 512; $handle->image_x = 512; $handle->Process($dir_dest); $file_info['thumbnail'] = $handle->file_dst_name; } $file_info = json_encode($file_info); $tableName = DB_PREFIX . 'media'; $values["media_group_id"] = MySQL::SQLValue($media_group, MySQL::SQLVALUE_NUMBER); $values["file_info"] = MySQL::SQLValue($file_info); $values["file_name"] = MySQL::SQLValue($file_name); $values["file_folder"] = MySQL::SQLValue($folder); $values["file_is_image"] = MySQL::SQLValue($file_is_image); $insert_id = $hmdb->InsertRow($tableName, $values); unset($values); $status = 'success'; $content[] = $insert_id; } else { $status = 'error'; $content[] = $file_name . ' : ' . $handle->error; } } else { $status = 'error'; $content[] = $file_name . ' : ' . $handle->error; } } if (is_array($content)) { $content = implode(", ", $content); } return json_encode(array('status' => $status, 'content' => $content, 'media_group' => $media_group)); }
require_once BASEPATH . HM_ADMINCP_DIR . '/index.php'; } elseif (isset($modules[$module_key])) { /** Module */ $module = $modules[$module_key]; if (is_array($module)) { $module_name = $module['module_name']; $module_key = $module['module_key']; $module_dir = $module['module_dir']; $module_index = $module['module_index']; if (file_exists(BASEPATH . HM_MODULE_DIR . '/' . $module_dir . '/' . $module_index)) { require_once BASEPATH . HM_MODULE_DIR . '/' . $module_dir . '/' . $module_index; } else { hm_exit('Không tìm thấy file "' . $module_index . '" của module "' . $module_key . '"'); } } else { hm_exit('Lỗi xử lý module' . ' ' . $module); } } else { if (isset($hmrequest[$request_slug])) { if (!function_exists($hmrequest[$request_slug])) { die('Unknown function: ' . $hmrequest[$request_slug]); } else { call_user_func($hmrequest[$request_slug]); } } else { /** Fontend */ $theme = activated_theme(); $args = array('theme' => $theme, 'request' => $request_slug); load_theme($args); } }