function __construct()
{
Form::Form('HeaderForm');
if (User::have_permit(ADMIN_LOGO)) {
$this->link_css('style/aznet/ui.datepicker.css');
$this->link_js('javascript/jquery/ui.datepicker.js');
}
if (User::is_login() && User::level()) {
$this->link_header("<script>MM_preloadImages('style/images/newCart/icon_del.gif','style/images/newCart/Mua.png');</script>");
}
// session session_id()
CGlobal::$cart_sess_id = isset($_COOKIE['cart_sess_id']) ? $_COOKIE['cart_sess_id'] : '';
if (CGlobal::$cart_sess_id) {
AZLib::my_setcookie('cart_sess_id', session_id(), time() + 3600 * 24 * 365);
}
$this->link_js(FOLDER_JS . 'jquery.min.js');
$this->link_js(FOLDER_JS . 'jquery-ui.js');
$this->link_js(FOLDER_JS . 'jcarousellite_1.0.1c4.js');
$this->link_js(FOLDER_JS . 'ui/jquery.ui.core.js');
$this->link_js(FOLDER_JS . 'ui/jquery.ui.widget.js');
$this->link_js(FOLDER_JS . 'ui/jquery.ui.tabs.js');
$this->link_js('static/lightbox/js/jquery.lightbox-0.5.js');
$this->link_js('static/adgallery/jquery.ad-gallery.js');
$this->link_css(FOLDER_CSS . 'menu.css@lang=vi-vn.css');
$this->link_css(FOLDER_CSS . 'sanpham.css@lang=vi-vn.css');
$this->link_css(FOLDER_CSS . 'style.css@lang=vi-vn.css');
$this->link_css(FOLDER_CSS . 'style_new.css@lang=vi-vn.css');
$this->link_css(FOLDER_CSS . 'tintuc.css@lang=vi-vn.css');
$this->link_css(FOLDER_CSS . 'trangchu.css@lang=vi-vn.css');
$this->link_css(FOLDER_CSS . 'custom.css');
$this->link_css(FOLDER_CSS . 'home.css');
$this->link_css(FOLDER_CSS . 'base/jquery.ui.all.css');
$this->link_css('static/lightbox/css/jquery.lightbox-0.5.css');
$this->link_css('static/adgallery/jquery.ad-gallery.css');
}
function on_submit()
{
if (Cart::$cart && Cart::$cart_items) {
$user_id = User::id();
$user_name = User::user_name();
$customer_name = URL::get('customer_name');
$customer_email = URL::get('customer_email');
$customer_phone = URL::get('customer_phone');
$customer_address = URL::get('customer_address');
$customer_note = URL::get('customer_note');
$this->checkFormInput("Tên đầy đủ", 'customer_name', $customer_name, 'str', true, '', 2, 50);
$this->checkFormInput("Email", 'customer_email', $customer_email, 'email', true, '', false, 50);
$this->checkFormInput("Điện thoại liên hệ", 'customer_phone', $customer_phone, 'str', true, '', 9, 50);
$this->checkFormInput("Địa chỉ", 'customer_address', $customer_address, 'str', true, '', false, 500);
$this->checkFormInput("Ghi chú", 'customer_note', $customer_note, 'str', false, '', false, 500);
if (!$this->errNum) {
$status = 1;
if (Url::get('cart_act') == 'send_cart') {
$status = 2;
}
$arr = array('user_id' => $user_id, 'user_name' => $user_name, 'customer_name' => addslashes($customer_name), 'customer_email' => addslashes($customer_email), 'customer_phone' => addslashes($customer_phone), 'customer_address' => addslashes($customer_address), 'customer_note' => addslashes($customer_note), 'time_change' => TIME_NOW, 'status' => $status);
if ($status == 2) {
$arr['time_finish'] = TIME_NOW;
}
if (DB::update('cart', $arr, "id=" . Cart::$cart['id'], __LINE__ . __FILE__)) {
if ($status == 2) {
DB::update("cart_item", array('status' => $status), "cart_id=" . Cart::$cart['id'] . " AND checked=1");
//0:Chưa TT; 1: Đã gửi đơn hàng; 2:Đã TT; 3: Hủy đơn hàng
AZLib::my_setcookie('cart_items', '', time() + 3600 * 24 * 365);
URL::redirect_current(array('cmd' => 'success'));
} else {
URL::redirect_current(array('cmd'));
}
} else {
$this->setFormError("customer_name", "Không cập nhật được, mời bạn thử lại!");
}
}
}
}
function draw()
{
$this->beginForm();
global $display;
$search_value = '';
$display->add('up_checked', 'checked="checked"');
if (Url::get('root_img')) {
$search_value .= ($search_value != '' ? ' AND ' : ' WHERE') . ' root_id=0 ';
$display->add('root_img_checked', 'checked="checked"');
} else {
//$search_value.=($search_value!=''?' AND ':' WHERE').' img.root_id>0 ';
$display->add('root_img_checked', '');
}
if (Url::get('no_item_img')) {
$search_value .= ($search_value != '' ? ' AND ' : ' WHERE') . ' item_id=0 ';
$display->add('no_item_img_checked', 'checked="checked"');
} else {
//$search_value.=($search_value!=''?' AND ':' WHERE').' root_id>0 ';
$display->add('no_item_img_checked', '');
}
// search ô textbox
if (Url::get('user_name') != '') {
$search_value .= ($search_value != '' ? ' AND ' : ' WHERE') . ' user_name LIKE "%' . Url::get('user_name') . '%" ';
}
//search theo ngay thang nam
$created_time_from = 0;
$created_time_to = 0;
$current_time_from = null;
$current_time_to = null;
if (Url::get('created_time_from')) {
$current_time_from = Url::get('created_time_from');
$date_arr = explode('-', $current_time_from);
if (isset($date_arr[0]) && isset($date_arr[1]) && isset($date_arr[2])) {
$created_time_from = mktime(0, 0, 0, (int) $date_arr[1], (int) $date_arr[0], (int) $date_arr[2]);
}
}
if (Url::get('created_time_to')) {
$current_time_to = Url::get('created_time_to');
$date_arr = explode('-', $current_time_to);
if (isset($date_arr[0]) && isset($date_arr[1]) && isset($date_arr[2])) {
$created_time_to = mktime(23, 59, 59, (int) $date_arr[1], (int) $date_arr[0], (int) $date_arr[2]);
}
}
if ($created_time_from) {
$search_value .= ($search_value != '' ? ' AND ' : ' WHERE') . ' time >= ' . $created_time_from;
}
if ($created_time_to) {
$search_value .= ($search_value != '' ? ' AND ' : ' WHERE') . ' time <= ' . $created_time_to;
}
if ($search_value == '') {
//create current date
$date = Date('d-m-Y');
$current_time_from = $date;
$date_arr = explode('-', $current_time_from);
if (isset($date_arr[0]) && isset($date_arr[1]) && isset($date_arr[2])) {
$created_time_from = mktime(0, 0, 0, (int) $date_arr[1], (int) $date_arr[0], (int) $date_arr[2]);
}
$current_time_to = $date;
$date_arr = explode('-', $current_time_to);
if (isset($date_arr[0]) && isset($date_arr[1]) && isset($date_arr[2])) {
$created_time_to = mktime(23, 59, 59, (int) $date_arr[1], (int) $date_arr[0], (int) $date_arr[2]);
}
if ($created_time_from) {
$search_value .= ($search_value != '' ? ' AND ' : ' WHERE') . ' time >= ' . $created_time_from;
}
if ($created_time_to) {
$search_value .= ($search_value != '' ? ' AND ' : ' WHERE') . ' time <= ' . $created_time_to;
}
}
$display->add('created_time_from', $current_time_from);
$display->add('created_time_to', $current_time_to);
$item_per_page = 120;
$sql_count = 'SELECT count(*) AS total_img FROM item_image ' . $search_value;
$total = DB::fetch($sql_count, 'total_img', 0);
$items = array();
if ($total) {
$limit = '';
$paging = AZPagging::pagingSE($limit, $total, $item_per_page, 10, 'page_no', true);
$sql = 'SELECT id,img_server, img_url,item_id, title, des, time, user_name, user_id, img_server FROM `item_image`';
$sql .= $search_value . ' ORDER BY id ASC ' . $limit;
$item_ids = '';
$re = DB::query($sql);
if ($re) {
while ($row = mysql_fetch_assoc($re)) {
$row['link_gallery'] = WEB_DIR . AZRewrite::formatUrl('?page=gallery&user_id=' . $row['user_id'] . '&year=' . date('Y', $row['time']) . '&month=' . (int) date('m', $row['time']) . '&day=' . (int) date('d', $row['time']));
if (date('d.m.y', $row['time']) == date('d.m.y', TIME_NOW)) {
$row['time'] = date('H:i', $row['time']);
} elseif (date('y', $row['time']) == date('y', TIME_NOW)) {
$row['time'] = date('d/m H:i', $row['time']);
} else {
$row['time'] = date('d/m/y H:i', $row['time']);
}
//if(!eregi('/',$row['img_url'])){
// $row['link_img']='http://'.CGlobal::$img_server[$row['img_server']].'uploaded/items/'.$row['img_url'];
//}
//else{
$row['link_img'] = 'http://' . CGlobal::$img_server[$row['img_server']] . $row['img_url'];
//}
if ($row['item_id']) {
$item_ids .= ($item_ids ? ',' : '') . $row['item_id'];
if (isset($row['name'])) {
$row['item_link'] = WEB_DIR . AZRewrite::formatUrl("?page=item_detail&id={$row['item_id']}&ebname=" . AZLib::safe_title($row['name']));
if (date('d.m.y', $row['created_time']) == date('d.m.y', TIME_NOW)) {
$row['created_time'] = date('H:i', $row['created_time']);
} elseif (date('y', $row['created_time']) == date('y', TIME_NOW)) {
$row['created_time'] = date('d/m H:i', $row['created_time']);
} else {
$row['created_time'] = date('d/m/y H:i', $row['created_time']);
}
} else {
$row['item_link'] = WEB_DIR . AZRewrite::formatUrl("?page=item_detail&id={$row['item_id']}");
$row['created_time'] = '';
}
$row['title'] = stripslashes($row['title']);
} else {
$row['title'] = stripslashes($row['des']);
$row['created_time'] = '';
$row['item_link'] = '';
}
$row['image_thumb'] = AZLib::getImageThumb($row['img_url'], 110, 0, 1, $row["img_server"]);
$row['image_max'] = AZLib::getImageThumbMax($row['img_url'], $row['title'], 1, $row["img_server"]);
$row['images_url_root'] = 'http://' . CGlobal::$img_server[$row['img_server']];
$row['del_link'] = Url::build_all(array('chk_id', 'del_all', 'cmd', 'id'), 'cmd=delete&id=' . $row['id']);
$items[$row['id']] = $row;
}
if ($item_ids) {
$all_items = array();
$sql = "SELECT id, name, created_time FROM item WHERE id IN({$item_ids})";
$re = DB::query($sql);
if ($re) {
while ($item = mysql_fetch_assoc($re)) {
$all_items[$item['id']] = $item;
}
}
foreach ($items as &$item_img) {
if ($item_img['item_id'] && isset($all_items[$item_img['item_id']])) {
$item_img['item_link'] = WEB_DIR . AZRewrite::formatUrl("?page=item_detail&id={$item_img['item_id']}&ebname=" . AZLib::safe_title($all_items[$item_img['item_id']]['name']));
if (date('d.m.y', $all_items[$item_img['item_id']]['created_time']) == date('d.m.y', TIME_NOW)) {
$item_img['created_time'] = date('H:i', $all_items[$item_img['item_id']]['created_time']);
} elseif (date('y', $all_items[$item_img['item_id']]['created_time']) == date('y', TIME_NOW)) {
$item_img['created_time'] = date('d/m H:i', $all_items[$item_img['item_id']]['created_time']);
} else {
$item_img['created_time'] = date('d/m/y H:i', $all_items[$item_img['item_id']]['created_time']);
}
} else {
$item_img['item_link'] = '';
$item_img['created_time'] = '';
}
}
}
}
} else {
$paging = '';
}
AZLib::my_setcookie("page_img_id", Url::get("page_no") != "" ? intval(Url::get("page_no")) : 1, 60 * 60 * 24 * 365 + TIME_NOW);
$display->add("uri", CGlobal::$request_uri);
$display->add("images_url_root", 'http://' . CGlobal::$img_server[IMAGE_SERVER_NO]);
$display->add('user_name', Url::get('user_name'));
$display->add('item_title', Url::get('item_title'));
$display->add('items', $items);
$display->add('paging', $paging);
$display->output('ManageImage');
$this->endForm();
}
function login_user()
{
$user_name = trim(AZLib::getParam('user'));
$pass = Url::get('pass');
// check de ban IP
$ip = AZLib::ip();
$arr_badwords = AZLib::checkBadWord($ip, true);
if ($arr_badwords["bad"] != "" && $arr_badwords["bad_key"] != "") {
echo "unsuccess";
exit;
}
// end check de ban IP
if (strlen($user_name) < 3 || strlen($user_name) > 50 || preg_match('/[^A-Za-z0-9_]/', $user_name) || strlen($pass) < 6) {
echo 'nodata';
exit;
}
$user = str_replace(array('"', '\\'), '_', $user_name);
$user_data = DB::fetch('SELECT id,password,is_active,block_time FROM user WHERE user_name="' . $user . '"');
if (!USER_ACTIVE_ON && $user_data && $user_data['is_active']) {
DB::query("UPDATE user SET is_active=0 WHERE id=" . $user_data['id']);
DB::delete('user_active', 'user_id=' . $user_data['id']);
User::getUser($user_data['id'], 0, 1);
}
if ($user_data['block_time'] == -1) {
echo 'unsuccess';
exit;
} elseif ($user_data && $user_data['password'] == User::encode_password($pass)) {
if (USER_ACTIVE_ON && $user_data['is_active']) {
//Chưa kích hoạt
echo 'un_active';
} else {
if ($user_data['block_time'] > TIME_NOW || $user_data['block_time'] == -1) {
//Bị khóa hoặc khóa vĩnh viễn
$alert = '';
$user_lock = DB::select('user_lock', 'user_id=' . $user_data['id'] . ' AND type IN(0,1,3) ORDER BY id DESC');
if ($user_lock) {
if ($user_lock['type'] == 1) {
//Khoá vĩnh viễn
User::LogOut();
DB::delete(_SESS_TABLE, 'user_id=' . $user_id, __LINE__ . __FILE__);
exit;
} elseif ($user_lock['type'] == 3) {
//Khoá vĩnh viễn + cookie
User::lock4Ever(true, $user_data['id']);
exit;
} else {
if ($user_lock['note']) {
$user_lock['note'] = "\n" . 'Lý do:"' . str_replace(array('"', "'"), '', $user_lock['note']) . '"';
}
$alert = 'Tài khoản của bạn đang tạm khoá tới ' . date('H:i, d/m/Y', $user_data['block_time']) . '!' . $user_lock['note'];
}
}
$_SESSION['user_lock'] = true;
}
if (Url::get('set_cookie') == 'on') {
$year = 60 * 60 * 24 * 365 + TIME_NOW;
AZLib::my_setcookie("az_id", $user_data['id'], $year);
AZLib::my_setcookie("password", $user_data['password'], $year);
}
$_SESSION['is_load_page_first'] = 1;
// dung jQueryUI de load bang thong bao
User::LogIn($user_data['id']);
if (isset($_SESSION['user_lock']) && $_SESSION['user_lock']) {
echo $alert;
exit;
} else {
echo 'success';
}
}
} else {
echo 'unsuccess';
exit;
}
exit;
}
static function check_cookie_login($user_id, $password)
{
$user_data = DB::fetch('SELECT id, user_name, password, block_time, gids FROM user WHERE id=' . (int) $user_id, FALSE, FALSE, __LINE__ . __FILE__);
if ($user_data && $user_data['password'] == $password) {
if ($user_data['block_time'] > TIME_NOW) {
//Nếu User bị khóa chưa hết hạn!
self::LogOut();
} else {
//TuanNK sửa check quyền đăng nhập, nếu thuộc nhóm quản trị ==>> không cho đăng nhập tự động
$in_group_admin = FALSE;
if ($user_data['gids'] && $user_data['gids'] != '0') {
//$in_group_admin=(preg_match("/(".$user_data['gids'].")/is","2") || preg_match("/(".$user_data['gids'].")/is","1"));
$in_group_admin = preg_match("/(" . $user_data['gids'] . ")/is", "3") || preg_match("/(" . $user_data['gids'] . ")/is", "2") || preg_match("/(" . $user_data['gids'] . ")/is", "1") || preg_match("/(" . $user_data['gids'] . ")/is", "9");
}
if (!$in_group_admin) {
User::Login($user_data);
Url::redirect_url(Url::build_all());
} else {
AZLib::my_setcookie('az_id', "", TIME_NOW - 3600);
AZLib::my_setcookie('password', "", TIME_NOW - 3600);
}
}
} else {
self::LogOut();
}
}
function Cart($row)
{
Module::Module($row);
if (Url::get('cmd') == 'success') {
require_once 'forms/CartSuccess.php';
$this->add_form(new CartSuccessForm());
return;
}
Cart::$cart_item_ids = isset($_COOKIE['cart_items']) ? $_COOKIE['cart_items'] : '';
if (CGlobal::$cart_sess_id == '') {
CGlobal::$cart_sess_id = session_id();
AZLib::my_setcookie('cart_sess_id', session_id(), time() + 3600 * 24 * 365);
}
$cart_items = '';
Cart::$cart = DB::select("cart", "session='" . CGlobal::$cart_sess_id . "' AND status=1 ORDER BY id DESC");
$cart_price = 0;
$cart_quantity = 0;
if (Cart::$cart) {
$items = array();
if (Cart::$cart_item_ids != '') {
$re = DB::query("SELECT * FROM item WHERE id IN(" . Cart::$cart_item_ids . ") AND status=1 AND price>0 ORDER BY find_in_set(id,'" . Cart::$cart_item_ids . "')");
if ($re) {
while ($item = mysql_fetch_assoc($re)) {
$item['price'] = AZLib::convertCurrency($item['price'], $item['currency_id']);
Cart::$items[$item['id']] = $item;
}
}
$items = Cart::$items;
$re = DB::query("SELECT * FROM cart_item WHERE cart_id=" . Cart::$cart['id'] . " ORDER BY find_in_set(item_id,'" . Cart::$cart_item_ids . "')");
} else {
$re = DB::query("SELECT * FROM cart_item WHERE cart_id=" . Cart::$cart['id'] . " ORDER BY id DESC");
}
$cart_item_del = '';
if ($re) {
while ($cart_item = mysql_fetch_assoc($re)) {
if (isset(Cart::$items[$cart_item['item_id']])) {
if ($cart_item['price'] != Cart::$items[$cart_item['item_id']]['price'] || $cart_item['sku'] != Cart::$items[$cart_item['item_id']]['sku']) {
$cart_item['price'] = Cart::$items[$cart_item['item_id']]['price'];
$cart_item['sku'] = Cart::$items[$cart_item['item_id']]['sku'];
DB::update('cart_item', array('price' => $cart_item['price'], 'sku' => $cart_item['sku']), "id={$cart_item['id']}");
}
if ($cart_item['checked']) {
$cart_price += $cart_item['price'] * $cart_item['quantity'];
$cart_quantity += $cart_item['quantity'];
}
unset($items[$cart_item['item_id']]);
$cart_items .= ($cart_items != '' ? ',' : '') . $cart_item['item_id'];
Cart::$cart_items[$cart_item['id']] = $cart_item;
} else {
$cart_item_del .= ($cart_item_del != '' ? ',' : '') . $cart_item['id'];
}
}
}
if ($items) {
foreach ($items as $item) {
$cart_items .= ($cart_items != '' ? ',' : '') . $item['id'];
$cart_item = array('cart_id' => Cart::$cart['id'], 'item_id' => $item['id'], 'sku' => $item['sku'], 'price' => $item['price'], 'quantity' => 1, 'user_id' => (int) User::id(), 'user_name' => User::user_name(), 'time_add' => TIME_NOW, 'time_change' => TIME_NOW, 'status' => 1, 'checked' => 1);
$cart_item['id'] = DB::insert("cart_item", $cart_item);
$cart_price += $cart_item['price'];
$cart_quantity += 1;
Cart::$cart_items[$cart_item['id']] = $cart_item;
Cart::$items[$item['id']] = $item;
}
}
if ($cart_item_del != '') {
DB::delete('cart_item', "id IN({$cart_item_del})");
}
} elseif (Cart::$cart_item_ids != '') {
Cart::$cart = array('session' => CGlobal::$cart_sess_id, 'ip' => $_SERVER['REMOTE_ADDR'], 'time_create' => TIME_NOW, 'time_change' => TIME_NOW, 'time_finish' => 0, 'time_finish' => 0, 'user_id' => (int) User::id(), 'user_name' => User::user_name(), 'customer_name' => '', 'customer_email' => '', 'customer_phone' => '', 'customer_address' => '', 'customer_note' => '', 'note' => '', 'price' => 0, 'quantity' => 0, 'mm_user_id' => 0, 'mm_time_modify' => '', 'mm_user_name' => '', 'status' => 1);
Cart::$cart['id'] = DB::insert("cart", Cart::$cart);
$re = DB::query("SELECT * FROM item WHERE id IN(" . Cart::$cart_item_ids . ") AND status=1 AND price>0 ORDER BY find_in_set(id,'" . Cart::$cart_item_ids . "')");
if ($re) {
while ($item = mysql_fetch_assoc($re)) {
$item['price'] = AZLib::convertCurrency($item['price'], $item['currency_id']);
$cart_items .= ($cart_items != '' ? ',' : '') . $item['id'];
$cart_item = array('cart_id' => Cart::$cart['id'], 'item_id' => $item['id'], 'sku' => $item['sku'], 'price' => $item['price'], 'quantity' => 1, 'user_id' => (int) User::id(), 'user_name' => User::user_name(), 'time_add' => TIME_NOW, 'time_change' => TIME_NOW, 'status' => 1, 'checked' => 1);
$cart_price += $item['price'];
$cart_quantity += 1;
$cart_item['id'] = DB::insert("cart_item", $cart_item);
Cart::$cart_items[$cart_item['id']] = $cart_item;
Cart::$items[$item['id']] = $item;
}
}
}
if (Cart::$cart['price'] != $cart_price || Cart::$cart['quantity'] != $cart_quantity) {
Cart::$cart['price'] = $cart_price;
Cart::$cart['quantity'] = $cart_quantity;
DB::update("cart", array('price' => $cart_price, 'quantity' => $cart_quantity), 'id=' . Cart::$cart['id']);
}
if ($cart_items != Cart::$cart_item_ids) {
Cart::$cart_item_ids = $cart_items;
AZLib::my_setcookie('cart_items', Cart::$cart_item_ids, time() + 3600 * 24 * 365);
}
$cmd = Url::get('cmd');
switch ($cmd) {
case 'delete':
$id = Url::get('id', 0);
if ($id && Cart::$cart && isset(Cart::$cart_items[$id])) {
//echo Cart::$cart_item_ids,"<br /><br />";
//echo "$id";
System::debug(Cart::$cart_items);
DB::delete('cart_item', "id={$id} AND cart_id=" . Cart::$cart['id']);
DB::update("cart", array("time_change" => TIME_NOW), "id=" . Cart::$cart['id']);
unset(Cart::$cart_items[$id]);
Cart::$cart_item_ids = '';
if (Cart::$cart_items) {
//Cart::$cart_item_ids = implode(',',array_keys(Cart::$cart_items));
foreach (Cart::$cart_items as $cart_item) {
Cart::$cart_item_ids .= (Cart::$cart_item_ids != '' ? ',' : '') . $cart_item['item_id'];
}
}
//echo Cart::$cart_item_ids,"<br /><br />";
AZLib::my_setcookie('cart_items', Cart::$cart_item_ids, time() + 3600 * 24 * 365);
}
$cart_price = DB::fetch("SELECT SUM(price * quantity) AS price_total FROM cart_item WHERE cart_id=" . Cart::$cart['price'] . " AND checked=1 AND price>0 ANd quantity>0", 'price_total', 0);
$cart_quantity = DB::fetch("SELECT SUM(quantity) AS price_quantity FROM cart_item WHERE cart_id=" . Cart::$cart['price'] . " AND checked=1 AND price>0 ANd quantity>0", 'price_quantity', 0);
if (Cart::$cart['price'] != $cart_price || Cart::$cart['quantity'] != $cart_quantity) {
Cart::$cart['price'] = $cart_price;
Cart::$cart['quantity'] = $cart_quantity;
DB::update("cart", array('price' => $cart_price, 'quantity' => $cart_quantity), 'id=' . Cart::$cart['id']);
}
Url::redirect_current();
break;
case 'finish':
require_once 'forms/CartFinish.php';
$this->add_form(new CartFinishForm());
break;
case '':
default:
require_once 'forms/Cart.php';
$this->add_form(new CartForm());
break;
}
}
jQuery(function(){
jQuery("img.lazyload").lazyload({
placeholder : "<?=STATIC_URL?>style/images/spacer.gif"//,effect : "fadeIn"
});
});
</script>
*/
//Set default debug
if (isset($_GET["ebug"])) {
AZLib::my_setcookie("ebug", (int) (bool) $_GET["ebug"]);
}
if (isset($_GET["abug"])) {
AZLib::my_setcookie("abug", (int) (bool) $_GET["abug"]);
}
if (isset($_GET["tbug"])) {
AZLib::my_setcookie("tbug", (int) $_GET["tbug"]);
}
//ob_flush();
//flush();
//Xoá SS của khách vãng lai
/*if( AZLib::session_started() AND (!$_SESSION['user_id']) ){
session_destroy();
}*/
/*if ( REWRITE_ON){
$getcontents = ob_get_contents();
ob_end_clean();
@ob_start('ob_gzhandler');
echo AZRewrite::doReplace($getcontents);
unset($getcontents);
}*/
$request_refer = WEB_ROOT;
} else {
$request_refer = $_SERVER['HTTP_REFERER'];
}
Url::redirect_url($request_refer);
}
}
if (!CGlobal::$curCity && isset($_COOKIE['province_id'])) {
CGlobal::$curCity = (int) $_COOKIE['province_id'];
}
if (!User::is_login()) {
if (isset($_COOKIE['az_id']) && isset($_COOKIE['password'])) {
User::check_cookie_login($_COOKIE['az_id'], $_COOKIE['password']);
} else {
AZLib::my_setcookie('az_id', "", TIME_NOW - 3600);
AZLib::my_setcookie('password', "", TIME_NOW - 3600);
}
} else {
if (isset($_GET['login_as']) || isset($_GET['login_as_id'])) {
if (User::is_admin()) {
$user_id = (int) Url::get('login_as_id', 0);
$user = array();
if ($user_id) {
$user = User::getUser($user_id);
} else {
$user_name = Url::get('login_as');
if ($user_name != '') {
$user = User::getByUserName($user_name);
}
}
if ($user) {
function on_submit()
{
if (User::checkLock4Ever(1)) {
Url::redirect_current();
}
//check bảo mật
$just_registed_s = 0;
$just_registed_c = 0;
if (isset($_SESSION['just_registed'])) {
$just_registed_s = $_SESSION['just_registed'];
}
if (isset($_COOKIE['just_registed'])) {
$just_registed_c = $_COOKIE['just_registed'];
}
if ($just_registed_s > TIME_NOW - 120 || $just_registed_c > TIME_NOW - 120 || !REG_ON) {
Url::redirect_current();
}
//END check bảo mật
// check de ban IP
$ip = AZLib::ip();
$arr_badwords = AZLib::checkBadWord($ip, true);
if ($arr_badwords["bad"] != "" && $arr_badwords["bad_key"] != "") {
$this->setFormError('ban_ip', "Có lỗi xẩy ra");
}
// end check de ban IP
$full_name = Url::get('full_name');
$email = Url::get('email');
$user_name = Url::get('register_user_name');
$mobile_phone = AZLib::trimSpace(Url::get('mobile_phone'));
$password = AZLib::trimSpace(Url::get('register_password'));
$confirm_password = AZLib::trimSpace(Url::get('confirm_password'));
$this->checkFormInput('Tên đầy đủ', 'full_name', $full_name, 'str', false, '', 0, 50);
$this->checkFormInput('Email', 'email', $email, 'email', true, '', 6, 50);
$this->checkFormInput('Tên truy cập', 'user_name', $user_name, 'uname', true, '', 4, 50);
$this->checkFormInput('Điện thoại di động', 'mobile_phone', $mobile_phone, 'str', false, '', 0, 50);
$this->checkFormInput('Mật khẩu truy cập', 'register_password', $password, 'str', true, '', 6, 50);
$this->checkFormInput('Nhập lại mật khẩu', 'confirm_password', $confirm_password, 'str', true, '', 6, 50);
if (!$this->errNum) {
if ($password != $confirm_password) {
$this->setFormError('captcha_register', "Nhập lại Mật khẩu truy cập không khớp!");
return;
}
}
$captcha_register = Url::get('captcha_register');
if ($mobile_phone && !AZLib::is_mobile($mobile_phone)) {
$mobile_phone = "";
}
if ($captcha_register == '') {
$this->setFormError('captcha_register', "Bạn chưa nhập <b>Mã bảo mật</b>!");
} else {
if (!isset($_SESSION["enbac_validate"]) || $captcha_register != $_SESSION["enbac_validate"]) {
$this->setFormError('captcha_register', "<b>Mã bảo mật</b> không chính xác!");
}
}
if ((int) Url::get('confirm_register') != 1) {
$this->setFormError('confirm_register', "Bạn phải đọc và đồng ý với những <a target=\"_blank\" href=\"http://help.enbac.com/content/4/5/en/Quy-che-thanh-vien.html\" >điều khoản của Enbac.com</a>!");
}
if (!$this->errNum) {
if (DB::exists('SELECT id FROM `user` WHERE `email`="' . $email . '"')) {
$this->setFormError('email', "<b>Email</b> bạn chọn đã tồn tại, hãy chọn lại một <b>Email</b> khác!");
} elseif (DB::exists('SELECT id FROM `user` WHERE `user_name`="' . $user_name . '"')) {
$this->setFormError('email', "<b>Tên truy cập</b> bạn chọn đã tồn tại, hãy chọn lại một <b>Tên truy cập</b> khác!");
} else {
$user_info = array('user_name' => $user_name, 'email' => $email, 'password' => User::encode_password($password), 'full_name' => $full_name, 'mobile_phone' => $mobile_phone, 'create_time' => TIME_NOW, 'is_active' => (int) (bool) USER_ACTIVE_ON, 'reg_ip' => AZLib::ip());
$id = DB::insert('user', $user_info);
if ($id) {
$_SESSION['just_registed'] = TIME_NOW;
AZLib::my_setcookie('just_registed', TIME_NOW);
if (USER_ACTIVE_ON && $user_info['is_active'] == 1) {
global $display;
$active = DB::select('user_active', 'user_id=' . $id);
$active_code = md5(TIME_NOW . $user_info['password']);
if ($active) {
$active = array('id' => $active['id'], 'user_id' => $id, 'active_code' => $active_code, 'time' => TIME_NOW);
} else {
$active = array('user_id' => $id, 'active_code' => $active_code, 'time' => TIME_NOW);
}
DB::insert('user_active', $active, true);
$display->add('eb_url', WEB_ROOT);
$display->add('user_id', $id);
$display->add('user_name', $user_info['user_name']);
$display->add('active_code', $active_code);
$display->add('WEB_NAME', WEB_NAME);
$display->add('MAIL_FOOTER', MAIL_FOOTER);
$content_email = $display->output('send_active_mail', 1, 'RegisterSuccess');
//Send email here;
if (System::sendEBEmail($user_info['email'], 'Kích hoạt tài khoản!', $content_email)) {
//$this->setFormSucces('','<b>Chúc mừng bạn đã đăng ký tài khoản thành công!</b><br /><br />Mã kích hoạt đã được gửi đi tới E-mail: "'.$user_info['email'].'"<br />Bạn hãy check lại Email để kích hoạt tài khoản của mình!');
Url::redirect('reg_success', array('cmd' => 'notify'));
} else {
$this->setFormError('', '<b>Chúc mừng bạn đã đăng ký tài khoản thành công!</b><br /><br />Tuy nhiên hệ thống chưa gửi được Mã kích hoạt tới E-mail: "' . $user_info['email'] . '"!<br />Bạn có thể <a href="' . Url::build('reg_success', array('cmd' => 'active')) . '">click vào đây</a> để hệ thống gửi lại mã kích hoạt vào Email của mình!');
}
$this->show_form = false;
} else {
User::Login($id);
Url::redirect('reg_success');
}
} else {
$this->setFormError('', "Chưa đăng ký được, mời bạn thử lại!");
}
}
}
}
function Build($row)
{
Module::Module($row);
##################################################################################################
$build_catids = @CGlobal::$configs['BuildCatIDs']['conf_val'];
if ($build_catids != '') {
$arr = explode(',', $build_catids);
$build_catids = '';
$last = 0;
if ($arr) {
foreach ($arr as $catid) {
if (isset(CGlobal::$allCategories[$catid]) && CGlobal::$allCategories[$catid]['status'] != 'HIDE') {
$build_catids .= ($build_catids != '' ? ',' : '') . $catid;
Build::$cats[$catid] = array('id' => $catid, 'name' => CGlobal::$allCategories[$catid]['name'], 'recomend' => str_replace(chr(13) . chr(10), "<br />", CGlobal::$allCategories[$catid]['recomend']), 'img' => AZLib::getImageThumb("category/{$catid}.gif", 40, 40, 0, 0), 'item_id' => 0, 'item_name' => '', 'item_url' => '', 'item_price' => '', 'item_warranty' => '', 'list_brief' => '');
if ($last) {
Build::$cats[$last]['next_id'] = $catid;
}
$last = $catid;
}
}
}
}
self::$bcatid = (int) Url::get('bcatid');
if (self::$bcatid) {
if (isset(Build::$cats[self::$bcatid])) {
self::$bcat = Build::$cats[self::$bcatid];
} else {
Url::redirect_current(array('mode'));
}
} else {
self::$bcat = reset(Build::$cats);
if (self::$bcat) {
self::$bcatid = (int) self::$bcat['id'];
}
}
##################################################################################################
$item_ids = '';
$build_ids = isset($_SESSION['build_ids']) ? $_SESSION['build_ids'] : '';
$build_price = 0;
if ($build_ids != '') {
$items = array();
$re = DB::query("SELECT * FROM item WHERE id IN(" . $build_ids . ") AND status=1 AND price>0 AND quantity>0 ORDER BY find_in_set(category_id,'" . $build_catids . "')");
if ($re) {
while ($item = mysql_fetch_assoc($re)) {
if (isset(Build::$cats[$item['category_id']]) && Build::$cats[$item['category_id']]['item_id'] == 0) {
Build::$price += $item['price'];
$item_ids .= ($item_ids != '' ? ',' : '') . $item['id'];
if (isset(CGlobal::$allCategories[$item['category_id']])) {
$item_url = WEB_DIR . CGlobal::$allCategories[$item['category_id']]['nice_name'] . "/p{$item['id']}/" . AZLib::safe_title($item['name']) . ".html";
} else {
$item_url = WEB_DIR . "p{$item['id']}/" . AZLib::safe_title($item['name']) . ".html";
}
if ($item['list_brief'] == '') {
$item['list_brief'] = $item['brief'];
}
$item['list_brief'] = preg_replace("/\\[([\\s]*[0-9]{1,2}[\\s]*)\\]/eis", " ", $item['list_brief']);
$item['list_brief'] = str_replace(array("'", "\""), array("", " "), $item['list_brief']);
$item['list_brief'] = AZLib::word_limit($item['list_brief'], 50, '');
Build::$items[$item['id']] = $item;
Build::$cats[$item['category_id']]['item_id'] = $item['id'];
Build::$cats[$item['category_id']]['item_name'] = $item['name'];
Build::$cats[$item['category_id']]['item_url'] = $item_url;
Build::$cats[$item['category_id']]['item_price'] = number_format($item['price'], 0, ',', '.') . " VNĐ";
Build::$cats[$item['category_id']]['item_warranty'] = $item['warranty'];
Build::$cats[$item['category_id']]['list_brief'] = $item['list_brief'];
}
}
}
}
$item_id = (int) Url::get('item_id');
$bcatid = (int) Url::get('bcatid');
if ($item_id && $bcatid) {
$item = Item::get_item($item_id);
if ($item && $item['status'] == 1 && $item['price'] > 0 && $item['quantity'] > 0 && isset(Build::$cats[$item['category_id']])) {
if (!isset(Build::$items[$item['id']])) {
if (Build::$cats[$item['category_id']]['item_id'] > 0) {
unset(Build::$items[Build::$cats[$item['category_id']]['item_id']]);
}
Build::$items[$item['id']] = $item;
//$item_ids .= ($item_ids!='' ? ',' : '') . $item['id'];
$item_ids = implode(',', array_keys(Build::$items));
$_SESSION['build_ids'] = "{$item_ids}";
$last = 0;
foreach (array_keys(Build::$cats) as $catid) {
if ($last == self::$bcatid) {
Url::redirect_current(array('mode', 'bcatid' => $catid), '#select_item');
}
$last = $catid;
}
}
}
Url::redirect_current(array('mode', 'bcatid'));
}
$_SESSION['build_ids'] = "{$item_ids}";
$cmd = Url::get('cmd');
switch ($cmd) {
case 'success':
require_once 'forms/BuildSuccess.php';
$this->add_form(new BuildSuccessForm());
break;
case 'reset':
$_SESSION['build_ids'] = "";
Url::redirect_current();
break;
case 'order':
if ($item_ids != '') {
$cart_item_ids = isset($_COOKIE['cart_items']) ? $_COOKIE['cart_items'] : '';
if ($cart_item_ids != '') {
$buil_item_arr = explode(',', $item_ids);
$item_ids = $cart_item_ids;
$cat_item_arr = explode(',', $cart_item_ids);
foreach ($buil_item_arr as $item_id) {
if (!in_array($item_id, $cat_item_arr)) {
$item_ids .= ($item_ids != '' ? ',' : '') . $item_id;
}
}
}
if ($item_ids != $cart_item_ids) {
AZLib::my_setcookie('cart_items', $item_ids, time() + 3600 * 24 * 365);
}
$_SESSION['build_ids'] = "";
Url::redirect('cart');
}
Url::redirect_current();
break;
case '':
default:
require_once 'forms/Build.php';
$this->add_form(new BuildForm());
break;
}
}
function on_submit()
{
if (User::checkLock4Ever(1)) {
Url::redirect_current();
}
$user_name = AZLib::getParam('user_name_this');
$password = AZLib::getParam('password_this');
$this->checkFormInput('Tên truy cập', 'user_name', $user_name, 'uname', true, '', 4, 50);
$this->checkFormInput('Mật khẩu truy cập', 'password', $password, 'str', true, '', 6, 50);
// check de ban IP
$ip = AZLib::ip();
$arr_badwords = AZLib::checkBadWord($ip, true);
if ($arr_badwords["bad"] != "" && $arr_badwords["bad_key"] != "") {
$this->setFormError('ban_ip', "Có lỗi xẩy ra. Hãy kiểm tra lại");
}
// end check de ban IP
if (!$this->errNum) {
$user_data = DB::fetch('SELECT id, user_name, password, is_active, block_time FROM user WHERE user_name="' . $user_name . '"');
if (!USER_ACTIVE_ON && $user_data && $user_data['is_active']) {
DB::query("UPDATE user SET is_active=0 WHERE id=" . $user_data['id']);
DB::delete('user_active', 'user_id=' . $user_data['id']);
User::getUser($user_data['id'], 0, 1);
}
if ($user_data && $user_data['password'] == User::encode_password($password)) {
if (USER_ACTIVE_ON && $user_data['is_active']) {
//Chưa kích hoạt
$this->setFormError('user_name', "Bạn chưa kích hoạt tài khoản!<br /><br />Bạn hãy check lại mail để kích hoạt lại tài khoản<br />\r\n\t\t\t\t\thoặc <a href=''>click vào đây</a> để hệ thống gửi lại email kích hoạt!");
} else {
$alert = '';
$href = base64_decode(Url::get('href'));
if (!$href) {
$href = Url::build('home');
}
if ($user_data['block_time'] == -1) {
$this->setFormError('user_name', "Tài khoản hoặc mật khẩu không đúng!");
} elseif ($user_data['block_time'] > TIME_NOW) {
$user_lock = DB::select('user_lock', 'user_id=' . $user_data['id']);
if ($user_lock) {
if ($user_lock['type'] == 1) {
//Khoá vĩnh viễn
User::LogOut();
DB::delete(_SESS_TABLE, 'user_id=' . $user_id, __LINE__ . __FILE__);
Url::access_denied();
} elseif ($user_lock['type'] == 3) {
//Khoá vĩnh viễn + cookie
User::lock4Ever(true, $user_data['id']);
Url::access_denied();
} else {
if ($user_lock['note']) {
$user_lock['note'] = '\\nLý do: ' . str_replace(array('"', "'"), '', $user_lock['note']);
}
$alert = '<script>
alert("Tài khoản của bạn đang tạm khoá tới ' . date('h:i, d/m/Y', $user_data['block_time']) . '!' . $user_lock['note'] . '");
window.location="' . $href . '";
</script>';
//$this->setFormError('user_name',"Tài khoản của bạn đang tạm khoá tới ".date('d/m/Y H:i',$user_data['block_time'])."!".$user_lock['note']);
}
}
$_SESSION['user_lock'] = true;
}
if (Url::get('set_cookie') == 'on') {
$year = 60 * 60 * 24 * 365 + TIME_NOW;
AZLib::my_setcookie("az_id", $user_data['id'], $year);
AZLib::my_setcookie("password", $user_data['password'], $year);
}
$_SESSION['is_load_page_first'] = 1;
// dung jQueryUI de load bang thong bao
User::LogIn($user_data['id']);
if (isset($_SESSION['user_lock']) && $_SESSION['user_lock']) {
echo $alert;
exit;
} else {
Url::redirect_url($href);
}
}
} else {
$this->setFormError('user_name', "Tài khoản hoặc mật khẩu không đúng!");
}
}
}
function feedback()
{
header("Content-type: application/xml");
$pattern = '/^xe360/i';
$content = trim(AZLib::getParam('content'));
$comment_id = (int) Url::get('comment_id', 0);
$sender_user_name = trim(AZLib::getParam('user_name'));
$sender_email = trim(AZLib::getParam('sender_email'));
$comment_row = array();
if (isset($_COOKIE['setTimeOutComment'])) {
if (time() - $_COOKIE['setTimeOutComment'] <= 30) {
// 30 giay
echo "<comments><content>time_out</content></comments>";
exit;
}
} else {
AZLib::my_setcookie("setTimeOutComment", time(), 30 + TIME_NOW);
// 30 giay
}
if (preg_match($pattern, $sender_user_name) || preg_match($pattern, $sender_email) || preg_match($pattern, $content)) {
echo "<comments><content>bad_word</content></comments>";
exit;
}
if (User::is_login() && User::is_block()) {
echo "<comments><content>no_perm</content></comments>";
exit;
}
if ($comment_id) {
$comment_row = DB::select('comment', "id={$comment_id}");
if (!$comment_row) {
echo "<comments><content>no_perm</content></comments>";
exit;
}
if (User::is_login() && $comment_row['sender_user_id'] == User::id()) {
//Không được trả lời cho chính mình!
echo "<comments><content>no_perm</content></comments>";
exit;
}
if (!($item = Item::get_item($comment_row['item_id']))) {
echo "<comments><content>no_perm</content></comments>";
exit;
}
} else {
$item_id = (int) Url::get('item_id', 0);
if (!$item_id || !($item = Item::get_item($item_id))) {
echo "<comments><content>no_perm</content></comments>";
exit;
}
}
$item_memcache = $item;
if (AZLib::isBlackList(User::id(), $item['user_id'])) {
echo "<comments><content>blacklist</content></comments>";
exit;
}
if (!User::is_login() && AZLib::checkBadWord($sender_user_name)) {
echo "<comments><content>bad_word</content></comments>";
exit;
}
if ($item["state"] == 1 && !User::have_permit(ADMIN_ITEM)) {
echo "<comments><content>no_perm</content></comments>";
exit;
}
$username = strtolower($sender_user_name);
if (!User::is_login() && (strlen($username) < 3 || strlen($sender_email) < 3 || $username == 'admin' || $username == 'administrator' || $username == 'moderator' || $username == 'enbac')) {
echo "<comments><content>bad_word</content></comments>";
exit;
}
if (AZLib::checkBadWord($content)) {
echo "<comments><content>bad_word</content></comments>";
exit;
}
if (!User::is_login()) {
$captcha = AZLib::getParam('captcha');
if (!isset($_SESSION["enbac_validate"]) || $captcha == '' || $captcha != $_SESSION["enbac_validate"]) {
echo "<comments><content>false_captcha</content></comments>";
exit;
}
}
$content = preg_replace("/\n/", "<br />", $content);
$content = str_replace('<br /><br />', ' ', $content);
$receiver_user_id = 0;
$receiver_username = '';
if ($comment_id) {
if ($comment_row['parent_id']) {
$receiver_user_id = $comment_row['sender_user_id'];
$receiver_username = $comment_row['sender_user_name'];
if ($receiver_user_id) {
$content = '@<a href="' . WEB_DIR . $receiver_username . '" class="fast_reply_link" title="' . $receiver_username . '">' . $receiver_username . '</a>: ' . $content;
} else {
$content = '<font color="#999">@<span style="text-decoration:underline">' . $receiver_username . '</span> </font>: ' . $content;
}
$parent_id = $comment_row['parent_id'];
} else {
$parent_id = $comment_row['id'];
}
} else {
$parent_id = 0;
}
$user_item = User::getUser($item['user_id']);
if ($user_item) {
if (User::id()) {
$sender_user_name = User::user_name();
} else {
// set guest cookie
$week = 60 * 60 * 24 * 365 + TIME_NOW;
AZLib::my_setcookie("guest_name", $sender_user_name, $week);
AZLib::my_setcookie("guest_email", $sender_email, $week);
}
$up_up_count = '';
if ($content != '') {
$comment = array('content' => $content, 'item_id' => $item['id'], 'time' => TIME_NOW, 'order_time' => TIME_NOW, 'post_ip' => AZLib::ip(), 'parent_id' => $parent_id, 'receiver_user_id' => $item['user_id'], 'receiver_user_name' => $item['user_name'], 'display' => 1);
if (User::id()) {
if ($item['user_id'] == User::id()) {
//Chuyển trạng thái đã trả lời khi comment chính topic của mình!
$comment['status'] = 1;
}
$comment['sender_user_id'] = User::id();
$comment['sender_user_name'] = User::user_name();
} else {
$comment['sender_user_id'] = 0;
$comment['sender_user_name'] = $sender_user_name;
$comment['sender_email'] = $sender_email;
}
if ($comment_row && $comment_row['sender_user_id'] && $comment_row['sender_user_id'] != $item['user_id']) {
$comment['replied_user_id'] = $comment_row['sender_user_id'];
$comment['replied_user_name'] = $comment_row['sender_user_name'];
} elseif ($comment_row && $comment_row['sender_user_id'] == $item['user_id']) {
$comment['replied_status'] = 1;
}
$id = DB::insert('comment', $comment);
if ($id) {
if (!User::id()) {
AZLib::reload_captcha();
}
if ($parent_id) {
$re = DB::query("SELECT id FROM comment WHERE item_id = {$item['id']} AND parent_id = {$parent_id} AND display = 1 ORDER BY id DESC LIMIT 3,1");
if ($re) {
if ($row = mysql_fetch_assoc($re)) {
if ($row) {
DB::query("UPDATE comment SET display = 0 WHERE parent_id = {$parent_id} AND display = 1 AND id<={$row['id']}");
}
}
}
if ($comment_id == $parent_id) {
if (User::is_login() && $item['user_id'] == User::id()) {
DB::query("UPDATE comment SET have_child = have_child + 1, order_time = " . time() . ", status=1 WHERE id = {$parent_id}");
} else {
DB::query("UPDATE comment SET have_child = have_child + 1, order_time = " . time() . " WHERE id = {$parent_id}");
}
} else {
DB::query("UPDATE comment SET have_child = have_child + 1, order_time = " . time() . " WHERE id = {$parent_id}");
if (User::is_login() && $item['user_id'] == User::id()) {
DB::query("UPDATE comment SET status=1 WHERE id = {$comment_id}");
//Cập nhật đã đọc - trả lời cho feed
DB::query("UPDATE feed SET status = 1 WHERE ref_id = {$comment_id} AND type=1");
}
}
if (User::is_login()) {
//Nếu là thành viên
//Cập nhật lại replied_status nếu chưa được check!
if ($item['user_id'] != User::id() && $comment_row['replied_user_id'] == User::id() && $comment_row['replied_status'] == 0) {
DB::query("UPDATE comment SET replied_status=1 WHERE id = {$comment_id}");
//Cập nhật đã đọc - trả lời cho feed
DB::query("UPDATE feed SET status = 1 WHERE ref_id = {$comment_id} AND type=2");
//Cập nhật comment mới cho chính mình
DB::query('UPDATE user SET total_new_comment = total_new_comment - 1 WHERE id=' . User::id() . ' AND total_new_comment>0');
User::getUser(User::id(), 0, 1);
}
if ($item['user_id'] != User::id()) {
//Nếu ko fải giao dịch của mình
//Cập nhật comment mới cho chủ topic
DB::query('UPDATE user SET total_new_comment = total_new_comment + 1 WHERE id=' . $item['user_id']);
User::getUser($item['user_id'], 0, 1);
} elseif ($comment_row && $comment_row['status'] == 0) {
//Cập nhật comment mới cho chính mình
DB::query('UPDATE user SET total_new_comment = total_new_comment - 1 WHERE id=' . User::id() . ' AND total_new_comment>0');
User::getUser(User::id(), 0, 1);
}
//Cập nhật comment mới cho người có comment được trả lời
if ($comment_row['sender_user_id'] && $comment_row['sender_user_id'] != $item['user_id'] && $comment_row['sender_user_id'] != User::id() && $comment_row['sender_user_id'] != $item['user_id']) {
//Nếu trả lời comment cho 1 người nào đó ko fải chủ topic
DB::query('UPDATE user SET total_new_comment = total_new_comment + 1 WHERE id=' . $comment_row['sender_user_id']);
User::getUser($comment_row['sender_user_id'], 0, 1);
}
} else {
//Nếu là khách vãng lai
//Cập nhật comment mới cho chủ topic
DB::query('UPDATE user SET total_new_comment = total_new_comment + 1 WHERE id=' . $item['user_id']);
User::getUser($item['user_id'], 0, 1);
//Cập nhật comment mới cho người có comment được trả lời
if ($comment_row['sender_user_id'] && $comment_row['sender_user_id'] != $item['user_id'] && $comment_row['sender_user_id'] != $item['user_id']) {
//Nếu trả lời comment cho 1 người nào đó ko fải chủ topic
DB::query('UPDATE user SET total_new_comment = total_new_comment + 1 WHERE id=' . $comment_row['sender_user_id']);
User::getUser($comment_row['sender_user_id'], 0, 1);
}
}
}
}
$total_feedback = DB::count('comment', "item_id={$item['id']}");
$up_up_count = '<up_count>';
$up_up_count .= $user_item['up_item'];
DB::update_id('item', array('reply_count' => $total_feedback), $item['id']);
if (MEMCACHE_ON) {
$item_memcache['reply_count'] = $total_feedback;
AZMemcache::do_put("item:{$item['id']}", $item_memcache);
}
$up_up_count .= '</up_count>';
//Cập nhật cron job
if ($user_item && $user_item['email'] && $user_item['email_alert'] && $user_item['id'] != User::id()) {
if (User::id()) {
$sender_email = '';
}
$link = WEB_ROOT . AZRewrite::formatUrl('?page=item_detail&id=' . $item['id'] . '&ebname=' . AZLib::safe_title($item['name']));
$title = "<a href='{$link}' target='_blank' style='text-decoration:none;color:#003399;'><font color='#003399'>{$item['name']}</font></a>";
AZLib::addCronJob('item_comment', AZLib::parseBBCode($content, true), $user_item['id'], User::id() ? User::user_name() : $sender_user_name, $sender_email, $item['id'], $title, $link);
}
} else {
$id = 0;
}
$time = date('H:i - d/m');
$xml = "<comments><content><![CDATA[" . AZLib::parseBBCode($content) . "]]></content><post_time>" . date('H:i') . "</post_time>";
$action = 'item_comment';
if (User::id() != $item['user_id']) {
require_once ROOT_PATH . 'includes/enbac/comment.php';
Comment::addNewComment($item['user_id']);
}
$xml .= $up_up_count . "<id>" . $id % 3 . "</id></comments>";
//del cache html
$caheFile = 'fb_' . $item['id'];
StaticCache::delCache($caheFile);
echo $xml;
System::halt();
}
}
function fn_comment()
{
header("Content-type: application/xml");
$content = trim(AZLib::getParam('content'));
$comment_id = (int) Url::get('comment_id', 0);
$comment_row = array();
if ($content == '') {
echo "<comments><content>no_perm</content></comments>";
exit;
}
if (User::is_login()) {
if (User::is_block()) {
echo "<comments><content>no_perm</content></comments>";
exit;
}
$sender_user_name = User::user_name();
$sender_email = '';
} else {
$sender_user_name = AZLib::getParam('user_name');
$sender_email = AZLib::getParam('sender_email', '');
$username_lower = strtolower($sender_user_name);
if (strlen($username_lower) < 3 || $username_lower == 'admin' || $username_lower == 'administrator' || $username_lower == 'moderator' || $username_lower == 'enbac') {
echo "<comments><content>bad_word</content></comments>";
exit;
}
}
if ($comment_id) {
$comment_row = DB::select("user_entry_comment", "id={$comment_id}");
if (!$comment_row || $comment_row && User::is_login() && $comment_row['sender_user_id'] == User::id()) {
//Không được trả lời cho chính mình!
echo "<comments><content>no_perm</content></comments>";
exit;
}
$entry_id = $comment_row['entry_id'];
} else {
$entry_id = (int) Url::get('entry_id', 0);
}
if (!$entry_id || !($user_entry = DB::select('user_entry', "id={$entry_id}"))) {
echo "<comments><content>no_perm</content></comments>";
exit;
}
if (User::is_login() && AZLib::isBlackList(User::id(), $user_entry['user_id'])) {
echo "<comments><content>blacklist</content></comments>";
exit;
}
if (!User::is_login() && AZLib::checkBadWord($sender_user_name) || AZLib::checkBadWord($content)) {
echo "<comments><content>bad_word</content></comments>";
exit;
}
if (AZLib::checkBadWord($content)) {
echo "<comments><content>bad_word</content></comments>";
exit;
}
if (!User::is_login()) {
$captcha = AZLib::getParam('captcha');
if (!isset($_SESSION["enbac_validate"]) || $captcha == '' || $captcha != $_SESSION["enbac_validate"]) {
echo "<comments><content>false_captcha</content></comments>";
exit;
}
}
$content = preg_replace("/\n/", "<br />", $content);
$content = str_replace('<br /><br />', ' ', $content);
if ($comment_row) {
if ($comment_row['parent_id']) {
$parent_id = $comment_row['parent_id'];
//$sender_user_name = $comment_row['sender_user_name'];
$sender_user_name = User::user_name();
if ($comment_row['sender_user_id']) {
$content = '@<a href="' . WEB_DIR . $comment_row['sender_user_name'] . '" class="fast_reply_link" title="' . $sender_user_name . '">' . $comment_row['sender_user_name'] . '</a>: ' . $content;
} else {
$content = '<font color="#999">@<span style="text-decoration:underline">' . $sender_user_name . '</span> </font>: ' . $content;
}
} else {
$parent_id = $comment_row['id'];
}
} else {
$parent_id = 0;
}
// set guest cookie
if (!User::id()) {
$week = 60 * 60 * 24 * 365 + TIME_NOW;
AZLib::my_setcookie("guest_name", $sender_user_name, $week);
AZLib::my_setcookie("guest_email", $sender_email, $week);
}
$user_entry_comment = array('content' => $content, 'entry_id' => $user_entry['id'], 'time' => TIME_NOW, 'order_time' => TIME_NOW, 'post_ip' => AZLib::ip(), 'parent_id' => $parent_id, 'receiver_user_id' => $user_entry['user_id'], 'display' => 1, 'receiver_user_name' => $user_entry['user_name']);
if (User::id()) {
$user_entry_comment['sender_user_id'] = User::id();
} else {
$user_entry_comment['sender_user_id'] = 0;
$user_entry_comment['sender_email'] = $sender_email;
}
$user_entry_comment['sender_user_name'] = $sender_user_name;
if ($comment_row && $comment_row['sender_user_id'] && $comment_row['sender_user_id'] != $user_entry['user_id']) {
//Lưu lại người được trả lời
$user_entry_comment['replied_user_id'] = $comment_row['sender_user_id'];
$user_entry_comment['replied_user_name'] = $comment_row['sender_user_name'];
} elseif ($comment_row && $comment_row['sender_user_id'] == $user_entry['user_id']) {
$user_entry_comment['replied_status'] = 1;
}
$id = DB::insert('user_entry_comment', $user_entry_comment);
if ($id) {
if (!User::id()) {
AZLib::reload_captcha();
}
if ($parent_id) {
$re = DB::query("SELECT id FROM user_entry_comment WHERE parent_id = {$parent_id} AND display = 1 ORDER BY id DESC LIMIT 3,1");
if ($re) {
if ($row = mysql_fetch_assoc($re)) {
if ($row) {
DB::query("UPDATE user_entry_comment SET display = 0 WHERE parent_id = {$comment_id} AND display = 1 AND id<={$row['id']}");
}
}
}
if ($comment_id == $parent_id) {
if (User::is_login() && $user_entry['user_id'] == User::id()) {
DB::query("UPDATE user_entry_comment SET have_child = have_child + 1, order_time = " . time() . ", status=1 WHERE id = {$parent_id}");
} else {
DB::query("UPDATE user_entry_comment SET have_child = have_child + 1, order_time = " . time() . " WHERE id = {$parent_id}");
}
} else {
DB::query("UPDATE user_entry_comment SET have_child = have_child + 1, order_time = " . time() . " WHERE id = {$parent_id}");
if (User::is_login() && $user_entry['user_id'] == User::id()) {
DB::query("UPDATE user_entry_comment SET status=1 WHERE id = {$comment_id}");
}
}
//Cập nhật đã đọc - trả lời cho feed
DB::query("UPDATE feed SET status = 1 WHERE ref_id = {$comment_id} AND type=5");
//Cập nhật lại replied_status nếu chưa được check!
if (User::is_login() && $comment_row['replied_user_id'] == User::id() && $comment_row['replied_status'] == 0) {
DB::query("UPDATE user_entry_comment SET replied_status=1 WHERE id = {$comment_id}");
//Cập nhật đã đọc - trả lời cho feed
DB::query("UPDATE feed SET status = 1 WHERE ref_id = {$comment_id} AND type=6");
}
}
}
$total_feedback = DB::count('user_entry_comment', 'entry_id="' . $user_entry['id'] . '"');
DB::update_id('user_entry', array('reply_count' => $total_feedback), $user_entry['id']);
$xml = "<comments><content><![CDATA[" . AZLib::parseBBCode($content) . "]]></content><post_time>vài giây trước</post_time>";
$xml .= "<id>" . $id % 3 . "</id><parent_id>{$parent_id}</parent_id></comments>";
echo $xml;
$user_item = User::getUser($user_entry['user_id']);
if ($user_item && $user_item['email'] && $user_item['email_alert'] && $user_item['id'] != User::id()) {
if (User::id()) {
$sender_email = '';
}
$link = WEB_ROOT . '?page=user_entry&user_name=' . $user_entry['user_name'] . '&cmd_entry=view&entry_id=' . $user_entry['id'] . '&ebname=' . AZLib::safe_title($user_entry['title']);
$link = AZRewrite::formatUrl($link);
$title = "<a href='{$link}' target='_blank' style='text-decoration:none;color:#003399;'><font color='#003399'>{$user_entry['title']}</font></a>";
AZLib::addCronJob('entry_comment', AZLib::parseBBCode($content, true), $user_item['id'], User::id() ? User::user_name() : $sender_user_name, $sender_email, $user_entry['id'], $title, $link);
}
System::halt();
}
