function nv_block_config_bdown_news_submit($module, $lang_block)
{
global $nv_Request;
$return = array();
$return['error'] = array();
$return['config'] = array();
$return['config']['title_length'] = $nv_Request->get_int('config_title_length', 'post', 24);
$return['config']['numrow'] = $nv_Request->get_int('config_numrow', 'post', 5);
$return['config']['class_name'] = filter_text_input('config_class_name', 'post', 'list_item');
$return['config']['img_bullet'] = filter_text_input('config_img_bullet', 'post', '');
return $return;
}
/**
* nv_block_data_config_rss_submit()
*
* @param mixed $module
* @param mixed $lang_block
* @return
*/
function nv_block_data_config_rss_submit($module, $lang_block)
{
global $nv_Request;
$return = array();
$return['error'] = array();
$return['config'] = array();
$return['config']['url'] = filter_text_input('config_url', 'post', '', 0);
$return['config']['number'] = $nv_Request->get_int('config_number', 'post', 0);
$return['config']['isdescription'] = $nv_Request->get_int('config_isdescription', 'post', 0);
$return['config']['ishtml'] = $nv_Request->get_int('config_ishtml', 'post', 0);
$return['config']['ispubdate'] = $nv_Request->get_int('config_ispubdate', 'post', 0);
$return['config']['istarget'] = $nv_Request->get_int('config_istarget', 'post', 0);
$return['config']['title_length'] = $nv_Request->get_int('config_title_length', 'post', 0);
if (!nv_is_url($return['config']['url'])) {
$return['error'][] = $lang_block['error_url'];
}
return $return;
}
$fpart = isset($array_op[0]) ? $array_op[0] : 0;
$fpart = $nv_Request->get_int('fpart', 'post,get', $fpart);
$ftitle = filter_text_input('ftitle', 'post,get', '', 1, 250);
if (!empty($array_rows)) {
$checkss = filter_text_input('checkss', 'post', '');
if ($checkss == md5($client_info['session_id'] . $global_config['sitekey'])) {
if (defined('NV_IS_USER')) {
$fname = !empty($user_info['full_name']) ? $user_info['full_name'] : $user_info['username'];
$femail = $user_info['email'];
} else {
$fname = filter_text_input('fname', 'post', '', 1, 100);
$femail = filter_text_input('femail', 'post', '', 1, 100);
}
$fphone = filter_text_input('fphone', 'post', '', 1, 100);
$fcon = filter_text_textarea('fcon', '', NV_ALLOWED_HTML_TAGS);
$fcode = filter_text_input('fcode', 'post', '');
$check_valid_email = nv_check_valid_email($femail);
if (empty($fname)) {
$error = $lang_module['error_fullname'];
} elseif (!empty($check_valid_email)) {
$error = $check_valid_email;
} elseif (empty($ftitle)) {
$error = $lang_module['error_title'];
} elseif (empty($fcon)) {
$error = $lang_module['error_content'];
} elseif (!isset($array_rows[$fpart])) {
$error = $lang_module['error_part'];
} elseif (!nv_capcha_txt($fcode)) {
$error = $lang_module['error_captcha'];
} else {
$fcon = nv_nl2br($fcon);
$theme_array_file = nv_scandir(NV_ROOTDIR . "/themes", $global_config['check_theme']);
$theme_array_file = array_flip($theme_array_file);
$theme_array_file = array_keys($theme_array_file);
$sql = "SELECT DISTINCT `theme` FROM `" . NV_PREFIXLANG . "_modthemes` WHERE `func_id`=0";
$result = $db->sql_query($sql);
while (list($theme) = $db->sql_fetchrow($result)) {
if (in_array($theme, $theme_array_file)) {
$theme_list[] = $theme;
}
}
$groups_list = nv_groups_list();
if ($nv_Request->get_int('save', 'post') == '1') {
nv_insert_logs(NV_LANG_DATA, $module_name, 'log_edit_modul', "module " . $mod, $admin_info['userid']);
$custom_title = filter_text_input('custom_title', 'post', 1);
$theme = filter_text_input('theme', 'post', '', 1);
$keywords = filter_text_input('keywords', 'post', '', 1);
$act = $nv_Request->get_int('act', 'post', 0);
$rss = $nv_Request->get_int('rss', 'post', 0);
if (!empty($theme) and !in_array($theme, $theme_list)) {
$theme = "";
}
if (!empty($keywords)) {
$keywords = explode(",", $keywords);
$keywords = array_map("trim", $keywords);
$keywords = implode(", ", $keywords);
}
if ($mod != $global_config['site_home_module']) {
$who_view = $nv_Request->get_int('who_view', 'post', 0);
if ($who_view < 0 or $who_view > 3) {
$who_view = 0;
}
<?php
/**
* @Project NUKEVIET 3.x
* @Author VINADES.,JSC (contact@vinades.vn)
* @Copyright (C) 2012 VINADES.,JSC. All rights reserved
* @Createdate 2-10-2010 17:30
*/
if (!defined('NV_IS_FILE_MODULES')) {
die('Stop!!!');
}
$mod = filter_text_input('mod', 'post');
if (empty($mod) or !preg_match($global_config['check_module'], $mod)) {
die("NO_" . $mod);
}
$sql = "SELECT `submenu` FROM `" . NV_MODULES_TABLE . "` WHERE `title`=" . $db->dbescape($mod);
$result = $db->sql_query($sql);
$numrows = $db->sql_numrows($result);
if ($numrows != 1) {
die('NO_' . $mod);
}
$row = $db->sql_fetchrow($result);
$submenu = $row['submenu'] ? 0 : 1;
$sql = "UPDATE `" . NV_MODULES_TABLE . "` SET `submenu`=" . $submenu . " WHERE `title`=" . $db->dbescape($mod);
$db->sql_query($sql);
nv_del_moduleCache('modules');
include NV_ROOTDIR . "/includes/header.php";
echo 'OK_' . $mod;
include NV_ROOTDIR . "/includes/footer.php";
<?php
/**
* @Project NUKEVIET 3.0
* @Author VINADES.,JSC (contact@vinades.vn)
* @Copyright (C) 2010 VINADES.,JSC. All rights reserved
* @Createdate 2-2-2010 12:55
*/
if (!defined('NV_IS_FILE_MODULES')) {
die('Stop!!!');
}
$filename = filter_text_input('filename', 'get', '');
$checkss = filter_text_input('checkss', 'get', '');
$mod = filter_text_input('mod', 'get', '');
$path_filename = NV_ROOTDIR . "/" . NV_TEMP_DIR . "/" . $filename;
if (!empty($mod) and file_exists($path_filename) and $checkss == md5($filename . $client_info['session_id'] . $global_config['sitekey'])) {
//Download file
require_once NV_ROOTDIR . '/includes/class/download.class.php';
$download = new download($path_filename, NV_ROOTDIR . "/" . NV_TEMP_DIR, $mod);
$download->download_file();
exit;
} else {
$contents = 'file not exist !';
include NV_ROOTDIR . "/includes/header.php";
echo nv_admin_theme($contents);
include NV_ROOTDIR . "/includes/footer.php";
}
}
$xtpl = new XTemplate("copy.tpl", NV_ROOTDIR . "/themes/" . $global_config['module_theme'] . "/modules/" . $module_file);
$xtpl->assign('LANG', $lang_module);
$xtpl->assign('GLANG', $lang_global);
if (empty($array_lang_exit)) {
$xtpl->assign('URL', NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=setting");
$xtpl->parse('empty');
$contents = $xtpl->text('empty');
include NV_ROOTDIR . "/includes/header.php";
echo nv_admin_theme($contents);
include NV_ROOTDIR . "/includes/footer.php";
exit;
}
if ($nv_Request->isset_request('newslang,typelang,checksess', 'post') and $nv_Request->get_string('checksess', 'post') == md5(session_id())) {
$newslang = filter_text_input('newslang', 'post', '');
$typelang = filter_text_input('typelang', 'post', '');
if ($typelang == "-vi") {
$typelang = "-";
$replace_lang_vi = true;
} else {
$replace_lang_vi = false;
}
if (isset($language_array[$newslang])) {
nv_admin_add_field_lang($newslang);
if ($replace_lang_vi == true) {
nv_copyfile(NV_ROOTDIR . "/js/language/vi.js", NV_ROOTDIR . "/js/language/" . $newslang . ".js");
$db->sql_query("UPDATE `" . NV_LANGUAGE_GLOBALTABLE . "_file` SET `author_" . $newslang . "`=`author_vi`");
$query = "SELECT `id`, `lang_vi` FROM `" . NV_LANGUAGE_GLOBALTABLE . "`";
$result = $db->sql_query($query);
while (list($id, $author_lang) = $db->sql_fetchrow($result)) {
$author_lang = nv_EncString($author_lang);
cp_check_permission($nv_Request);
$cp_permissions = unserialize($nv_Request->get_string('cp_permission', 'session'));
}
$can_write = $cp_permissions['can_write'];
$can_publish = $cp_permissions['can_publish'];
$stype = $nv_Request->get_string('stype', 'get', '-');
$catid = $nv_Request->get_int('catid', 'get', 0);
$per_page_old = $nv_Request->get_int('per_page', 'cookie', 50);
$per_page = $nv_Request->get_int('per_page', 'get', $per_page_old);
if ($per_page < 1 and $per_page > 500) {
$per_page = 50;
}
if ($per_page_old != $per_page) {
$nv_Request->set_Cookie('per_page', $per_page, NV_LIVE_COOKIE_TIME);
}
$q = filter_text_input('q', 'get', '', 1);
$ordername = $nv_Request->get_string('ordername', 'get', 'publtime');
$order = $nv_Request->get_string('order', 'get') == "asc" ? 'asc' : 'desc';
$array_search = array("-" => "---", "title" => $lang_module['search_title'], "bodytext" => $lang_module['search_bodytext'], "author" => $lang_module['search_author'], "admin_id" => $lang_module['search_admin']);
$array_in_rows = array("title", "bodytext", "author");
$array_in_ordername = array("title", "publtime", "exptime");
if (!in_array($stype, array_keys($array_search))) {
$stype = "-";
}
if (!in_array($ordername, array_keys($array_in_ordername))) {
$ordername = "id";
}
if ($catid == 0) {
$from = "`" . NV_PREFIXLANG . "_" . $module_data . "_rows`";
} else {
$from = "`" . NV_PREFIXLANG . "_" . $module_data . "_" . $catid . "`";
<?php
/**
* @Project NUKEVIET 3.0
* @Author VINADES.,JSC (contact@vinades.vn)
* @Copyright (C) 2010 VINADES., JSC. All rights reserved
* @Createdate 3/7/2010 2:23
*/
if (!defined('NV_IS_FILE_THEMES')) {
die('Stop!!!');
}
$func_id = $nv_Request->get_int('funcid', 'post');
$layout = filter_text_input('layout', 'post', '', 1);
$selectthemes_old = $nv_Request->get_string('selectthemes', 'cookie', $global_config['site_theme']);
$selectthemes = $nv_Request->get_string('selectthemes', 'get', $selectthemes_old);
$numfunc = $db->sql_numrows($db->sql_query("SELECT func_id FROM `" . NV_PREFIXLANG . "_modthemes` WHERE `func_id`='" . $func_id . "' AND theme='" . $selectthemes . "'"));
if ($numfunc) {
$sql = "UPDATE `" . NV_PREFIXLANG . "_modthemes` SET `layout`=" . $db->dbescape($layout) . " WHERE `func_id`=" . $func_id;
} else {
$sql = "INSERT INTO `" . NV_PREFIXLANG . "_modthemes` VALUES('{$func_id}'," . $db->dbescape($layout) . ", " . $db->dbescape($selectthemes) . ")";
}
$result = $db->sql_query($sql);
if ($result) {
echo $lang_module['setup_updated_layout'];
} else {
echo $lang_module['setup_error_layout'];
}
nv_del_moduleCache('themes');
$numrows = $db->sql_numrows($result);
if ($numrows != 1) {
Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name);
die;
}
$row = $db->sql_fetchrow($result);
$error = "";
if ($nv_Request->get_int('save', 'post', 0)) {
$lev = $nv_Request->get_int('lev', 'post', 0);
$editor = filter_text_input('editor', 'post');
$allow_files_type = $nv_Request->get_array('allow_files_type', 'post', array());
$allow_create_subdirectories = $nv_Request->get_int('allow_create_subdirectories', 'post', 0);
$allow_modify_files = $nv_Request->get_int('allow_modify_files', 'post', 0);
$allow_modify_subdirectories = $nv_Request->get_int('allow_modify_subdirectories', 'post', 0);
$modules = $nv_Request->get_array('modules', 'post', array());
$position = filter_text_input('position', 'post', '', 1);
if (empty($position)) {
$error = $lang_module['position_incorrect'];
} else {
$lev = ($lev != 2 or !defined("NV_IS_GODADMIN")) ? 3 : 2;
$mds = array();
if ($lev == 3 and !empty($modules)) {
$is_delCache = false;
foreach (array_keys($site_mods) as $mod) {
if (!empty($mod) and in_array($mod, $modules)) {
$site_mods_admins = $site_mods[$mod]['admins'] . (!empty($site_mods[$mod]['admins']) ? "," : "") . $userid;
$site_mods_admins = explode(",", $site_mods_admins);
$site_mods_admins = array_unique($site_mods_admins);
$site_mods_admins = implode(",", $site_mods_admins);
$sql = "UPDATE `" . NV_MODULES_TABLE . "` SET `admins`=" . $db->dbescape($site_mods_admins) . " WHERE `title`=" . $db->dbescape($mod);
$db->sql_query($sql);
}
$query = "SELECT * FROM `" . NV_PREFIXLANG . "_" . $module_data . "_comments` WHERE `id`=" . $id;
$result = $db->sql_query($query);
$numrows = $db->sql_numrows($result);
if ($numrows != 1) {
Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=comment&status=1");
exit;
}
$row = $db->sql_fetchrow($result);
$array = array();
$is_error = false;
$error = "";
if ($nv_Request->isset_request('submit', 'post')) {
$array['subject'] = filter_text_input('subject', 'post', '', 1);
$array['comment'] = filter_text_textarea('comment', '', NV_ALLOWED_HTML_TAGS);
$array['admin_reply'] = filter_text_input('admin_reply', 'post', '', 1);
$array['admin_id'] = (int) $row['admin_id'];
if (empty($array['subject'])) {
$is_error = true;
$error = $lang_module['comment_edit_error1'];
} elseif (empty($array['comment'])) {
$is_error = true;
$error = $lang_module['comment_edit_error2'];
} else {
$array['comment'] = nv_nl2br($array['comment'], "<br />");
if (!empty($array['admin_reply']) and $array['admin_reply'] != $row['admin_reply']) {
$array['admin_id'] = $admin_info['admin_id'];
}
$sql = "UPDATE `" . NV_PREFIXLANG . "_" . $module_data . "_comments` SET \n `subject`=" . $db->dbescape($array['subject']) . ", \n `comment`=" . $db->dbescape($array['comment']) . ", \n `admin_reply`=" . $db->dbescape($array['admin_reply']) . ", \n `admin_id`=" . $array['admin_id'] . " \n WHERE `id`=" . $id;
$result = $db->sql_query($sql);
if (!$result) {
nv_info_die($global_config['site_description'], $lang_global['site_info'], $lang_global['firewallincorrect'] . "<META HTTP-EQUIV=\"refresh\" content=\"5;URL=" . $global_config['site_url'] . "\" />");
}
$error = "";
$login = "";
$array_gfx_chk = array(1, 5, 6, 7);
if (in_array($global_config['gfx_chk'], $array_gfx_chk)) {
$global_config['gfx_chk'] = 1;
} else {
$global_config['gfx_chk'] = 0;
}
$admin_login_redirect = $nv_Request->get_string('admin_login_redirect', 'session', '');
if ($nv_Request->isset_request('nv_login,nv_password', 'post')) {
$nv_username = filter_text_input('nv_login', 'post', '', '', 100);
$nv_password = filter_text_input('nv_password', 'post', '', '', 50);
if ($global_config['gfx_chk'] == 1) {
$nv_seccode = filter_text_input('nv_seccode', 'post', '');
}
if (empty($nv_username)) {
$error = $lang_global['nickname_empty'];
} elseif (empty($nv_password)) {
$error = $lang_global['password_empty'];
} elseif ($global_config['gfx_chk'] == 1 and !nv_capcha_txt($nv_seccode)) {
$error = $lang_global['securitycodeincorrect'];
} else {
if (defined('NV_IS_USER_FORUM')) {
define('NV_IS_MOD_USER', true);
require_once NV_ROOTDIR . '/' . DIR_FORUM . '/nukeviet/login.php';
}
$userid = 0;
$sql = "SELECT userid, username, password FROM `" . NV_USERS_GLOBALTABLE . "` WHERE md5username ='******'";
$result = $db->sql_query($sql);
<?php
/**
* @Project NUKEVIET 3.0
* @Author VINADES.,JSC (contact@vinades.vn)
* @Copyright (C) 2010 VINADES.,JSC. All rights reserved
* @Createdate 2-1-2010 21:51
*/
if (!defined('NV_IS_FILE_DATABASE')) {
die('Stop!!!');
}
if ($nv_Request->get_bool('show_tabs', 'post')) {
nv_show_tables();
exit;
}
if ($nv_Request->isset_request('tab', 'get') and preg_match("/^(" . $db_config['prefix'] . ")\\_[a-zA-Z0-9\\_\\.\\-]+\$/", filter_text_input('tab', 'get'))) {
nv_show_tab();
exit;
}
$database = array();
$database['db_host_info'] = mysql_get_host_info();
$database['db_sql_version'] = $db->sql_version;
$database['db_proto_info'] = mysql_get_proto_info();
$database['server'] = $db->server;
$database['db_dbname'] = $db->dbname;
$database['db_uname'] = $db->user;
$result = $db->sql_query('SELECT @@session.time_zone AS `db_time_zone`, @@session.character_set_database AS `db_charset`, @@session.collation_database AS `db_collation`');
$row = $db->sql_fetch_assoc($result);
$db->sql_freeresult($result);
$database['db_charset'] = $row['db_charset'];
$database['db_collation'] = $row['db_collation'];
Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=cat");
exit;
}
$sql = "SELECT * FROM `" . NV_PREFIXLANG . "_" . $module_data . "_categories` WHERE `id`=" . $catid;
$result = $db->sql_query($sql);
$numcat = $db->sql_numrows($result);
if ($numcat != 1) {
Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=cat");
exit;
}
$row = $db->sql_fetchrow($result);
$is_error = false;
if ($nv_Request->isset_request('submit', 'post')) {
$array['parentid'] = $nv_Request->get_int('parentid', 'post', 0);
$array['title'] = filter_text_input('title', 'post', '', 1);
$array['description'] = filter_text_input('description', 'post', '');
$array['who_view'] = $nv_Request->get_int('who_view', 'post', 0);
$array['groups_view'] = $nv_Request->get_typed_array('groups_view', 'post', 'int');
$alias = change_alias($array['title']);
if (empty($array['title'])) {
$error = $lang_module['faq_error_cat2'];
$is_error = true;
} else {
if (!empty($array['parentid'])) {
$sql = "SELECT COUNT(*) AS count FROM `" . NV_PREFIXLANG . "_" . $module_data . "_categories` WHERE `id`=" . $array['parentid'];
$result = $db->sql_query($sql);
list($count) = $db->sql_fetchrow($result);
if (!$count) {
$error = $lang_module['faq_error_cat3'];
$is_error = true;
}
* @Project NUKEVIET 3.0
* @Author VINADES.,JSC (contact@vinades.vn)
* @Copyright (C) 2010 VINADES., JSC. All rights reserved
* @Createdate 3-6-2010 0:14
*/
if (!defined('NV_IS_MOD_NEWS')) {
die('Stop!!!');
}
if (!defined('NV_IS_AJAX')) {
die('Wrong URL');
}
$contents = "";
$array_point = array(1, 2, 3, 4, 5);
$id = $nv_Request->get_int('id', 'post', 0);
$point = $nv_Request->get_int('point', 'post', 0);
$checkss = filter_text_input('checkss', 'post');
$time_set = $nv_Request->get_int($module_name . '_' . $op . '_' . $id, 'session', 0);
if ($id > 0 and in_array($point, $array_point) and $checkss == md5($id . $client_info['session_id'] . $global_config['sitekey'])) {
if (!empty($time_set)) {
die($lang_module['rating_error2']);
}
$nv_Request->set_Session($module_name . '_' . $op . '_' . $id, NV_CURRENTTIME);
$query = $db->sql_query("SELECT `listcatid`, `allowed_rating`, `ratingdetail` FROM `" . NV_PREFIXLANG . "_" . $module_data . "_rows` WHERE `id` = " . $id . " AND `status`=1 AND `publtime` < " . NV_CURRENTTIME . " AND (`exptime`=0 OR `exptime`>" . NV_CURRENTTIME . ")");
$row = $db->sql_fetchrow($query);
if (isset($row['allowed_rating']) and $row['allowed_rating'] == 1) {
$ratingdetail = array_map("intval", explode("|", $row['ratingdetail']));
$rating['total'] = $ratingdetail[0] + $point;
$rating['click'] = $ratingdetail[1] + 1;
$rating['points'] = round($rating['total'] / $rating['click']);
$ratingdetail = $rating['total'] . '|' . $rating['click'];
$query = "UPDATE `" . NV_PREFIXLANG . "_" . $module_data . "_rows` SET `ratingdetail`=" . $db->dbescape($ratingdetail) . " WHERE `id`=" . $id;
}
$query = "SELECT * FROM `" . NV_CRONJOBS_GLOBALTABLE . "` WHERE `id`=" . $id . " AND `is_sys`=0";
$result = $db->sql_query($query);
$numrows = $db->sql_numrows($result);
if (empty($numrows)) {
Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&op=cronjobs");
die;
}
$row = $db->sql_fetchrow($result);
$error = "";
if ($nv_Request->get_int('save', 'post') == '1') {
nv_insert_logs(NV_LANG_DATA, $module_name, 'log_cronjob_edit', "id " . $id, $admin_info['userid']);
$cron_name = filter_text_input('cron_name', 'post', '', 1);
$run_file = filter_text_input('run_file', 'post', '');
$run_func = filter_text_input('run_func_iavim', 'post', '');
$params = filter_text_input('params_iavim', 'post', '');
$interval = $nv_Request->get_int('interval_iavim', 'post', 0);
$del = $nv_Request->get_int('del', 'post', 0);
$min = $nv_Request->get_int('min', 'post', 0);
$hour = $nv_Request->get_int('hour', 'post', 0);
$day = $nv_Request->get_int('day', 'post', 0);
$month = $nv_Request->get_int('month', 'post', 0);
$year = $nv_Request->get_int('year', 'post', 0);
if (empty($cron_name)) {
$error = $lang_module['cron_name_empty'];
} elseif (!empty($run_file) and !file_exists(NV_ROOTDIR . '/includes/cronjobs/' . $run_file)) {
$error = $lang_module['file_not_exist'];
} elseif (empty($run_func) or !preg_match($global_config['check_cron'], $run_func)) {
$error = $lang_module['func_name_invalid'];
} else {
$start_time = mktime($hour, $min, 0, $month, $day, $year);
$_user['email'] = filter_text_input('email', 'post', '', 1, 100);
$_user['password1'] = filter_text_input('password1', 'post', '', 0, NV_UPASSMAX);
$_user['password2'] = filter_text_input('password2', 'post', '', 0, NV_UPASSMAX);
$_user['question'] = filter_text_input('question', 'post', '', 1, 255);
$_user['answer'] = filter_text_input('answer', 'post', '', 1, 255);
$_user['full_name'] = filter_text_input('full_name', 'post', '', 1, 255);
$_user['gender'] = filter_text_input('gender', 'post', '', 1, 1);
$_user['website'] = filter_text_input('website', 'post', '');
$_user['location'] = filter_text_input('location', 'post', '', 1);
$_user['yim'] = filter_text_input('yim', 'post', '', 1, 100);
$_user['telephone'] = filter_text_input('telephone', 'post', '', 1, 100);
$_user['fax'] = filter_text_input('fax', 'post', '', 1, 100);
$_user['mobile'] = filter_text_input('mobile', 'post', '', 1, 100);
$_user['view_mail'] = $nv_Request->get_int('view_mail', 'post', 0);
$_user['sig'] = filter_text_textarea('sig', '', NV_ALLOWED_HTML_TAGS);
$_user['birthday'] = filter_text_input('birthday', 'post', '', 1, 10);
$_user['in_groups'] = $nv_Request->get_typed_array('group', 'post', 'int');
if (!empty($_user['website'])) {
if (!preg_match("#^(http|https|ftp|gopher)\\:\\/\\/#", $_user['website'])) {
$_user['website'] = "http://" . $_user['website'];
}
if (!nv_is_url($_user['website'])) {
$_user['website'] = "";
}
}
if (($error_username = nv_check_valid_login($_user['username'], NV_UNICKMAX, NV_UNICKMIN)) != "") {
$error = $error_username;
} elseif ($_user['username'] != $db->fixdb($_user['username'])) {
$error = sprintf($lang_module['account_deny_name'], '<strong>' . $_user['username'] . '</strong>');
} elseif (($error_xemail = nv_check_valid_email($_user['email'])) != "") {
$error = $error_xemail;
/**
* @Project NUKEVIET 3.0
* @Author VINADES.,JSC (contact@vinades.vn)
* @copyright 2009
* @createdate 10/03/2010 10:51
*/
if (!defined('NV_IS_MOD_USER')) {
die('Stop!!!');
}
if (defined('NV_IS_USER') or defined('NV_IS_USER_FORUM') or $global_config['allowuserreg'] != 2) {
Header("Location: " . NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name);
die;
}
$userid = $nv_Request->get_int('userid', 'get', '', 1);
$checknum = filter_text_input('checknum', 'get', '', 1);
if (empty($userid) or empty($checknum)) {
Header("Location: " . NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name);
die;
}
$del = NV_CURRENTTIME - 86400;
$sql = "DELETE FROM `" . NV_USERS_GLOBALTABLE . "_reg` WHERE `regdate` < " . $del;
$db->sql_query($sql);
$sql = "SELECT * FROM `" . NV_USERS_GLOBALTABLE . "_reg` WHERE `userid`=" . $userid;
$result = $db->sql_query($sql);
$numrows = $db->sql_numrows($result);
if ($numrows != 1) {
Header("Location: " . NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name);
die;
}
$page_title = $mod_title = $lang_module['register'];
if (!defined('NV_IS_FILE_ADMIN')) {
die('Stop!!!');
}
$page_title = $lang_module['categories'];
$error = $admins = "";
$savecat = 0;
list($catid, $parentid, $title, $alias, $description, $keywords) = array(0, 0, "", "", "", "");
$savecat = $nv_Request->get_int('savecat', 'post', 0);
if (!empty($savecat)) {
$catid = $nv_Request->get_int('catid', 'post', 0);
list($parentid_old) = $db->sql_fetchrow($db->sql_query("SELECT `parentid` FROM `" . NV_PREFIXLANG . "_" . $module_data . "_cat` WHERE `catid` = '" . $catid . "'"));
$parentid = $nv_Request->get_int('parentid', 'post', 0);
$title = filter_text_input('title', 'post', "", 1, 100);
$catimage = filter_text_input('catimage', 'post');
$keywords = filter_text_input('keywords', 'post');
$alias = filter_text_input('alias', 'post');
$description = filter_text_textarea('description', '', NV_ALLOWED_HTML_TAGS);
$alias = $alias == "" ? change_alias($title) : change_alias($alias);
if ($catid == 0 and !empty($title)) {
$description = nv_nl2br($description, '<br />');
//
list($weight) = $db->sql_fetchrow($db->sql_query("SELECT max(`weight`) FROM `" . NV_PREFIXLANG . "_" . $module_data . "_cat` WHERE `parentid`=" . $db->dbescape($parentid) . ""));
$weight = intval($weight) + 1;
$query = "INSERT INTO `" . NV_PREFIXLANG . "_" . $module_data . "_cat` (`catid`, `parentid`, `title`, `catimage`, `alias`, `description`, `weight`, `inhome`, `numlinks`, `keywords`, `add_time`, `edit_time`) VALUES (NULL, " . $db->dbescape($parentid) . ", " . $db->dbescape($title) . ", " . $db->dbescape($catimage) . " , " . $db->dbescape($alias) . ", " . $db->dbescape($description) . ", " . $db->dbescape($weight) . ", '1', '3', " . $db->dbescape($keywords) . ", UNIX_TIMESTAMP(), UNIX_TIMESTAMP())";
if ($db->sql_query_insert_id($query)) {
nv_insert_logs(NV_LANG_DATA, $module_name, 'log_add_cat', " ", $admin_info['userid']);
$db->sql_freeresult();
nv_del_moduleCache($module_name);
Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=" . $op . "");
die;
} else {
$id = $id == 0 ? $report_id : $id;
$sql = "SELECT `title`, `alias` FROM `" . NV_PREFIXLANG . "_" . $module_data . "_rows` WHERE `id`='" . $id . "'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
unset($sql, $result);
$row['error'] = "";
$row['action'] = nv_url_rewrite(NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=reportlink-" . $row['alias'] . "-" . $id, true);
$row['id'] = $id;
if ($id) {
$check = false;
if ($submit and $report_id) {
$sql = "SELECT `type` FROM `" . NV_PREFIXLANG . "_" . $module_data . "_report` WHERE `id`='" . $report_id . "'";
$result = $db->sql_query($sql);
$rows = $db->sql_fetchrow($result);
$report = $nv_Request->get_int('report', 'post');
$report_note = filter_text_input('report_note', 'post', '', 1, 255);
$row['report_note'] = $report_note;
if ($report == 0 and empty($report_note)) {
$row['error'] = $lang_module['error'];
} elseif (!empty($report_note) and !isset($report_note[9])) {
$row['error'] = $lang_module['error_word_min'];
} elseif ($rows['type'] == $report) {
$check = true;
} else {
$report_note = nv_nl2br($report_note);
$sql = "INSERT INTO `" . NV_PREFIXLANG . "_" . $module_data . "_report` (`id`, `type`, `report_time`, `report_userid`, `report_ip`, `report_browse_key`, `report_browse_name`, `report_os_key`, `report_os_name`, `report_note`) VALUE ('" . $report_id . "', '" . $report . "', UNIX_TIMESTAMP(), '0', " . $db->dbescape_string($client_info['ip']) . ", " . $db->dbescape_string($client_info['browser']['key']) . ", " . $db->dbescape_string($client_info['browser']['name']) . ", " . $db->dbescape_string($client_info['client_os']['key']) . ", " . $db->dbescape_string($client_info['client_os']['name']) . ", " . $db->dbescape_string($report_note) . ")";
$check = $db->sql_query($sql);
}
}
$contents = call_user_func("report", $row, $check);
} else {
function nv_show_tab()
{
global $db, $db_config, $module_name, $page_title, $lang_global, $lang_module, $nv_Request;
$tab = filter_text_input('tab', 'get');
$result = $db->sql_query("SHOW TABLE STATUS WHERE `Name`=" . $db->dbescape($tab));
$item = $db->sql_fetch_assoc($result);
$db->sql_freeresult($result);
if (empty($item)) {
Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name);
die;
}
if (in_array(filter_text_input('show_highlight', 'post'), array('php', 'sql'))) {
$content = nv_highlight_string($tab, filter_text_input('show_highlight', 'post'));
include NV_ROOTDIR . "/includes/header.php";
echo $content;
include NV_ROOTDIR . "/includes/footer.php";
}
$tablename = substr($item['Name'], strlen($db_config['prefix']) + 1);
$contents = array();
$contents['table']['caption'] = sprintf($lang_module['table_caption'], $tablename);
$contents['table']['info']['name'] = array($lang_module['table_name'], $tablename);
$contents['table']['info']['engine'] = array($lang_module['table_type'], isset($item['Engine']) ? $item['Engine'] : $item['Type']);
$contents['table']['info']['row_format'] = array($lang_module['row_format'], $item['Row_format']);
$contents['table']['info']['data_length'] = array($lang_module['table_size'], nv_convertfromBytes(intval($item['Data_length']) + intval($item['Index_length'])));
$contents['table']['info']['max_data_length'] = array($lang_module['table_max_size'], !empty($item['Max_data_length']) ? nv_convertfromBytes(floatval($item['Max_data_length'])) : 'n/a');
$contents['table']['info']['data_free'] = array($lang_module['table_datafree'], !empty($item['Data_free']) ? nv_convertfromBytes(intval($item['Data_free'])) : 0);
$contents['table']['info']['rows'] = array($lang_module['table_numrow'], $item['Rows']);
$contents['table']['info']['auto_increment'] = array($lang_module['table_auto_increment'], isset($item['Auto_increment']) ? intval($item['Auto_increment']) : "n/a");
$contents['table']['info']['create_time'] = array($lang_module['table_create_time'], !empty($item['Create_time']) ? strftime("%H:%M:%S %d/%m/%Y", strtotime($item['Create_time'])) : "n/a");
$contents['table']['info']['update_time'] = array($lang_module['table_update_time'], !empty($item['Update_time']) ? strftime("%H:%M:%S %d/%m/%Y", strtotime($item['Update_time'])) : "n/a");
$contents['table']['info']['check_time'] = array($lang_module['table_check_time'], !empty($item['Check_time']) ? strftime("%H:%M:%S %d/%m/%Y", strtotime($item['Check_time'])) : "n/a");
$contents['table']['info']['collation'] = array($lang_module['table_charset'], !empty($item['Collation']) && preg_match("/^([a-z0-9]+)_/i", $item['Collation'], $m) ? $m[1] : "");
$contents['table']['show'] = nv_highlight_string($tab, "php");
$contents['table']['show_lang'] = array($lang_module['php_code'], $lang_module['sql_code']);
$contents['table']['row']['caption'] = sprintf($lang_module['table_row_caption'], $tablename);
$contents['table']['row']['columns'] = array($lang_module['field_name'], $lang_module['field_type'], $lang_module['field_null'], $lang_module['field_key'], $lang_module['field_default'], $lang_module['field_extra']);
$contents['table']['row']['detail'] = array();
$result = $db->sql_query("SHOW COLUMNS FROM `" . $tab . "`");
while ($row = $db->sql_fetch_assoc($result)) {
$row['Null'] = $row['Null'] == "NO" ? "NOT NULL" : "NULL";
$row['Key'] = empty($row['Key']) ? "" : ($row['Key'] == 'PRI' ? "PRIMARY KEY" : ($row['Key'] == 'UNI' ? "UNIQUE KEY" : "KEY"));
$contents['table']['row']['detail'][] = $row;
}
$db->sql_freeresult($result);
$contents = call_user_func("nv_show_tab_theme", $contents);
$page_title = sprintf($lang_module['nv_show_tab'], $tablename);
include NV_ROOTDIR . "/includes/header.php";
echo nv_admin_theme($contents);
include NV_ROOTDIR . "/includes/footer.php";
}
$last_reason = !empty($susp_reason) ? $susp_reason[0] : "";
}
$old_suspend = intval($row['is_suspend']);
if (empty($old_suspend)) {
$allow_change = true;
} else {
$allow_change = defined("NV_IS_GODADMIN") ? true : ((defined("NV_IS_SPADMIN") and $last_reason['start_admin'] == $admin_info['login'] and $global_config['spadmin_add_admin'] == 1) ? true : false);
}
$contents = array();
$contents['change_suspend'] = array();
if ($allow_change) {
$new_suspend = $old_suspend ? 0 : 1;
$save = $nv_Request->get_int('save', 'post', 0);
$error = "";
if ($save) {
$new_reason = !empty($new_suspend) ? filter_text_input('new_reason', 'post', '', 1) : "";
$sendmail = $nv_Request->get_int('sendmail', 'post', 0);
$clean_history = defined("NV_IS_GODADMIN") ? $nv_Request->get_int('clean_history', 'post', 0) : 0;
if (!empty($new_suspend) and empty($new_reason)) {
$error = sprintf($lang_module['susp_reason_empty'], $row_user['username']);
} else {
if ($new_suspend) {
if ($clean_history) {
$susp_reason = array();
$susp_reason[] = array('starttime' => NV_CURRENTTIME, 'endtime' => 0, 'start_admin' => $admin_info['admin_id'], 'end_admin' => '', 'info' => $new_reason);
} else {
array_unshift($susp_reason, array('starttime' => NV_CURRENTTIME, 'endtime' => 0, 'start_admin' => $admin_info['admin_id'], 'end_admin' => '', 'info' => $new_reason));
}
} else {
if ($clean_history) {
$susp_reason = array();
if (empty($post['title'])) {
die($lang_module['title_empty']);
}
$_groupsList = $groupsList;
if (isset($post['id'])) {
unset($_groupsList[$post['id']]);
}
foreach ($_groupsList as $_group) {
if (strcasecmp($_group['title'], $post['title']) == 0) {
die(sprintf($lang_module['error_title_exists'], $post['title']));
}
}
$post['content'] = nv_editor_filter_textarea('content', '', NV_ALLOWED_HTML_TAGS);
$test_content = trim(strip_tags($post['content']));
$post['content'] = !empty($test_content) ? nv_editor_nl2br($post['content']) : "";
$post['exp_time'] = filter_text_input('exp_time', 'post', '');
if (preg_match("/^([\\d]{1,2})\\.([\\d]{1,2})\\.([\\d]{4})\$/", $post['exp_time'], $matches)) {
$post['exp_time'] = mktime(23, 59, 59, $matches[2], $matches[1], $matches[3]);
} else {
$post['exp_time'] = 0;
}
$post['public'] = $nv_Request->get_int('public', 'post', 0);
if ($post['public'] != 1) {
$post['public'] = 0;
}
if (isset($post['id'])) {
$query = "UPDATE `" . NV_GROUPS_GLOBALTABLE . "` SET \n `title`=" . $db->dbescape($post['title']) . ", \n `content`=" . $db->dbescape($post['content']) . ", \n `exp_time`='" . $post['exp_time'] . "', \n `public`= " . $post['public'] . " \n WHERE `group_id`=" . $post['id'] . " LIMIT 1";
$ok = $db->sql_query($query);
} else {
$query = "INSERT INTO `" . NV_GROUPS_GLOBALTABLE . "` \n VALUES (NULL, " . $db->dbescape($post['title']) . ", \n " . $db->dbescape($post['content']) . ", \n " . NV_CURRENTTIME . ", \n " . $post['exp_time'] . ", \n '', " . $post['public'] . ", " . ($groupcount + 1) . ", 1);";
$ok = $post['id'] = $db->sql_query_insert_id($query);
$msg = $numtitle > 0 ? false : true;
return $msg;
}
$rowcat = array("id" => "", "catid" => "", "title" => "", "alias" => "", "url" => "", "urlimg" => "", "description" => "", "add_time" => "", "edit_time" => "", "hits_total" => "", "status" => 1);
$error = "";
$id = $nv_Request->get_int('id', 'post,get', 0);
$submit = $nv_Request->get_string('submit', 'post');
if (!empty($submit)) {
$error = 0;
$catid = $nv_Request->get_int('catid', 'post', 0);
$title = filter_text_input('title', 'post', '', 1);
$alias = filter_text_input('alias', 'post', '', 1);
$parentid = $nv_Request->get_int('parentid', 'post', 0);
$alias = $alias == "" ? change_alias($title) : change_alias($alias);
$url = filter_text_input('url', 'post', '');
$image = filter_text_input('image', 'post', '');
if (!nv_is_url($image) and file_exists(NV_DOCUMENT_ROOT . $image)) {
$lu = strlen(NV_BASE_SITEURL . NV_UPLOADS_DIR . "/");
if (substr($image, 0, $lu) == NV_BASE_SITEURL . NV_UPLOADS_DIR . "/") {
$image = substr($image, $lu);
}
}
$admin_phone = "";
$admin_email = "";
$note = "";
$description = filter_text_textarea('description', '', NV_ALLOWED_HTML_TAGS);
$description = defined('NV_EDITOR') ? nv_editor_nl2br($description) : nv_nl2br($description, '<br />');
$status = $nv_Request->get_int('status', 'post') == 1 ? 1 : 0;
//check url
if (empty($url) || !nv_is_url($url) || !check_url($id, $url)) {
$error = $lang_module['error_url'];
$xtpl = new XTemplate("ftp.tpl", NV_ROOTDIR . "/themes/" . $global_config['module_theme'] . "/modules/" . $module_file);
$xtpl->assign('LANG', $lang_module);
if ($sys_info['ftp_support']) {
$array_config = array();
$array_config['ftp_server'] = filter_text_input('ftp_server', 'post', $global_config['ftp_server'], 1, 255);
$array_config['ftp_port'] = filter_text_input('ftp_port', 'post', $global_config['ftp_port'], 1, 255);
$array_config['ftp_user_name'] = filter_text_input('ftp_user_name', 'post', $global_config['ftp_user_name'], 1, 255);
$array_config['ftp_user_pass'] = filter_text_input('ftp_user_pass', 'post', $global_config['ftp_user_pass'], 1, 255);
$array_config['ftp_path'] = filter_text_input('ftp_path', 'post', $global_config['ftp_path'], 1, 255);
$array_config['ftp_check_login'] = $global_config['ftp_check_login'];
// Tu dong nhan dang Remove Path
if ($nv_Request->isset_request('tetectftp', 'post')) {
$ftp_server = nv_unhtmlspecialchars(filter_text_input('ftp_server', 'post', '', 1, 255));
$ftp_port = intval(filter_text_input('ftp_port', 'post', '21', 1, 255));
$ftp_user_name = nv_unhtmlspecialchars(filter_text_input('ftp_user_name', 'post', '', 1, 255));
$ftp_user_pass = nv_unhtmlspecialchars(filter_text_input('ftp_user_pass', 'post', '', 1, 255));
if (!$ftp_server or !$ftp_user_name or !$ftp_user_pass) {
die('ERROR|' . $lang_module['ftp_error_full']);
}
if (!defined('NV_FTP_CLASS')) {
require NV_ROOTDIR . '/includes/class/ftp.class.php';
}
if (!defined('NV_BUFFER_CLASS')) {
require NV_ROOTDIR . '/includes/class/buffer.class.php';
}
$ftp = new NVftp($ftp_server, $ftp_user_name, $ftp_user_pass, array('timeout' => 10), $ftp_port);
if (!empty($ftp->error)) {
$ftp->close();
die('ERROR|' . (string) $ftp->error);
} else {
$list_valid = array(NV_CACHEDIR, NV_DATADIR, "images", "includes", "js", "language", NV_LOGS_DIR, "modules", NV_SESSION_SAVE_PATH, "themes", NV_TEMP_DIR, NV_UPLOADS_DIR);
$catdata['alias'] = filter_text_input('alias', 'post', '', 1);
$catdata['image'] = filter_text_input('image', 'post', '');
$catdata['meta_title'] = filter_text_input('meta_title', 'post', '', 1);
$catdata['meta_keywords'] = filter_text_input('meta_keywords', 'post', '', 1);
$catdata['tags_cloud'] = $catdata['meta_keywords'];
$catdata['meta_description'] = filter_text_input('meta_description', 'post', '', 1);
$catdata['who_view'] = $nv_Request->get_int('who_view', 'post', 0);
$groups_view = "";
if (!nv_is_url($catdata['image']) and file_exists(NV_DOCUMENT_ROOT . $catdata['image'])) {
$lu = strlen(NV_BASE_SITEURL . NV_UPLOADS_DIR . "/" . $module_name . "/");
$catdata['image'] = substr($catdata['image'], $lu);
}
$groups = $nv_Request->get_typed_array('groups_view', 'post', 'int', array());
$groups = array_intersect($groups, array_keys($groups_list));
$catdata['groups_view'] = implode(",", $groups);
$oldAdminArray = filter_text_input('old_admins', 'post', '', 1);
if (empty($catdata['alias'])) {
$catdata['alias'] = change_alias($catdata['title']);
}
$newAdminArray = array_unique($nv_Request->get_typed_array('adminids', 'post', 'int', array()));
$old_parentid = $nv_Request->get_int('old_parentid', 'post', 0);
$catdata['adminids'] = implode(',', $newAdminArray);
if (empty($catdata['title'])) {
$np->error[] = "- Chưa có tiêu đề";
}
if ($catdata['catid'] > 0) {
$np->CheckAdminAccess('listcatid', $catdata['catid']);
$np->updateItem('category', $catdata, 'catid');
//np_create_CatDataTable( $catdata['catid'] );
if ($db->sql_affectedrows() > 0) {
$np->setAdminRoll($newAdminArray, $oldAdminArray, 'admins', 'listcatid', 'userid', $catdata['catid']);
<?php
/**
* @Project NUKEVIET 3.x
* @Author VINADES.,JSC (contact@vinades.vn)
* @Copyright (C) 2012 VINADES.,JSC. All rights reserved
* @Createdate 2-10-2010 18:49
*/
if (!defined('NV_IS_FILE_ADMIN')) {
die('Stop!!!');
}
$title = filter_text_input('title', 'post', '');
$id = $nv_Request->get_int('id', 'post', 0);
$alias = change_alias($title);
list($number) = $db->sql_fetchrow($db->sql_query("SELECT COUNT(*) FROM `" . NV_PREFIXLANG . "_" . $module_data . "` WHERE `id` !=" . $id . " AND `alias` = " . $db->dbescape($alias) . ""));
if (intval($number) > 0) {
$result = $db->sql_query("SHOW TABLE STATUS WHERE `Name`='" . NV_PREFIXLANG . "_" . $module_data . "'");
$item = $db->sql_fetch_assoc($result);
$db->sql_freeresult($result);
if (isset($item['Auto_increment'])) {
$alias = $alias . "-" . $item['Auto_increment'];
} else {
list($weight) = $db->sql_fetchrow($db->sql_query("SELECT COUNT(*) FROM `" . NV_PREFIXLANG . "_" . $module_data . "`"));
$weight = intval($weight) + 1;
$alias = $alias . "-" . $weight;
}
}
include NV_ROOTDIR . "/includes/header.php";
echo $alias;
include NV_ROOTDIR . "/includes/footer.php";
}
} else {
define('IS_ADD', true);
$page_title = $lang_module['faq_addfaq'];
}
$groups_list = nv_groups_list();
$array_who = array($lang_global['who_view0'], $lang_global['who_view1'], $lang_global['who_view2']);
if (!empty($groups_list)) {
$array_who[] = $lang_global['who_view3'];
}
$array = array();
$is_error = false;
$error = "";
if ($nv_Request->isset_request('submit', 'post')) {
$array['catid'] = $nv_Request->get_int('catid', 'post', 0);
$array['title'] = filter_text_input('title', 'post', '', 1);
$array['question'] = filter_text_textarea('question', '', NV_ALLOWED_HTML_TAGS);
$array['answer'] = nv_editor_filter_textarea('answer', '', NV_ALLOWED_HTML_TAGS);
$alias = change_alias($array['title']);
if (defined('IS_ADD')) {
$sql = "SELECT COUNT(*) FROM `" . NV_PREFIXLANG . "_" . $module_data . "` WHERE `alias`=" . $db->dbescape($alias);
$result = $db->sql_query($sql);
list($is_exists) = $db->sql_fetchrow($result);
} else {
$sql = "SELECT COUNT(*) FROM `" . NV_PREFIXLANG . "_" . $module_data . "` WHERE `id`!=" . $id . " AND `alias`=" . $db->dbescape($alias);
$result = $db->sql_query($sql);
list($is_exists) = $db->sql_fetchrow($result);
}
if (empty($array['title'])) {
$is_error = true;
$error = $lang_module['faq_error_title'];
$error[] = $lang_module['banip_error_validip'];
}
if (empty($area)) {
$error[] = $lang_module['banip_error_area'];
}
if (!empty($begintime) && preg_match("/^([0-9]{1,2})\\.([0-9]{1,2})\\.([0-9]{4})\$/", $begintime, $m)) {
$begintime = mktime(0, 0, 0, $m[2], $m[1], $m[3]);
} else {
$begintime = NV_CURRENTTIME;
}
if (!empty($endtime) && preg_match("/^([0-9]{1,2})\\.([0-9]{1,2})\\.([0-9]{4})\$/", $endtime, $m)) {
$endtime = mktime(0, 0, 0, $m[2], $m[1], $m[3]);
} else {
$endtime = 0;
}
$notice = filter_text_input('notice', 'post', '', 1);
if (empty($error)) {
if ($cid > 0) {
$db->sql_query("UPDATE `" . $db_config['prefix'] . "_banip` SET `ip`=" . $db->dbescape($ip) . ", `mask`=" . $db->dbescape($mask) . ",`area`=" . $area . ",`begintime`=" . $begintime . ", `endtime`=" . $endtime . ", `notice`=" . $db->dbescape($notice) . " WHERE `id`=" . $cid . "");
} else {
$db->sql_query("REPLACE INTO `" . $db_config['prefix'] . "_banip` VALUES (NULL, " . $db->dbescape($ip) . "," . $db->dbescape($mask) . ",{$area},{$begintime}, {$endtime}," . $db->dbescape($notice) . " )");
}
$save = nv_save_file_banip();
if ($save !== true) {
$xtpl->assign('MESSAGE', sprintf($lang_module['banip_error_write'], NV_DATADIR, NV_DATADIR));
$xtpl->assign('CODE', str_replace(array("\n", "\t"), array("<br />", " "), nv_htmlspecialchars($save)));
$xtpl->parse('main.manual_save');
} else {
Header('Location: ' . NV_BASE_ADMINURL . 'index.php?' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=' . $op . '&rand=' . nv_genpass());
die;
}
<?php
/**
* @Project NUKEVIET 3.x
* @Author VINADES.,JSC (contact@vinades.vn)
* @Copyright (C) 2012 VINADES.,JSC. All rights reserved
* @Createdate 3/25/2010 21:7
*/
if (!defined('NV_IS_MOD_BANNERS')) {
die('Stop!!!');
}
global $global_config, $module_name, $module_info, $lang_module, $banner_client_info;
if (defined('NV_IS_BANNER_CLIENT')) {
$type = filter_text_input('type', 'post,get', 'country', 1);
$month = $nv_Request->get_int('month', 'post,get');
$ads = $nv_Request->get_int('ads', 'post,get');
$year = (int) date('Y');
$month_array = array('1' => 31, '3' => 31, '4' => 30, '5' > 31, '6' => 30, '7' => 31, '8' => 31, '9' => 30, '10' => 31, '11' => 30, '12' => 31);
$month_array['2'] = $year % 100 == 0 && $year % 400 == 0 ? 29 : 28;
$firstdate = mktime(0, 0, 0, $month, 1, $year);
$enddate = mktime(24, 60, 60, $month, $month_array[$month], $year);
$onetype = '';
switch ($type) {
case 'country':
$onetype = 'click_country';
break;
case 'browser':
$onetype = 'click_browse_name';
break;
case 'os':
$onetype = 'click_os_name';
