$xtpl = new XTemplate("reply.tpl", NV_ROOTDIR . "/themes/" . $global_config['module_theme'] . "/modules/" . $module_file); $xtpl->assign('LANG', $lang_module); $xtpl->assign('GLANG', $lang_global); $is_read = intval($row['is_read']); if (!$is_read) { $sql = "UPDATE `" . NV_PREFIXLANG . "_" . $module_data . "_send` SET `is_read`=1 WHERE `id`=" . $id; $result = $db->sql_query($sql); $is_read = 1; } $admin_name = $admin_info['full_name']; if (empty($admin_name)) { $admin_name = $admin_info['username']; } $mess_content = $error = ""; if ($nv_Request->get_int('save', 'post') == '1') { $mess_content = nv_editor_filter_textarea('mess_content', '', NV_ALLOWED_HTML_TAGS, true); if (strip_tags($mess_content) != "") { list($from) = $db->sql_fetchrow($db->sql_query("SELECT `email` FROM `" . NV_PREFIXLANG . "_" . $module_data . "_rows` WHERE `id`=" . $row['cid'])); if (nv_check_valid_email($from) != "") { $from = $admin_info['email']; } $from = array($admin_name, $from); $subject = "Re: " . $row['title']; if (nv_sendmail($from, $row['sender_email'], $subject, $mess_content)) { $sql = "UPDATE `" . NV_PREFIXLANG . "_" . $module_data . "_send` SET `is_reply`=1, `reply_content`=" . $db->dbescape($mess_content) . ", `reply_time`=" . NV_CURRENTTIME . ", `reply_aid`=" . $admin_info['admin_id'] . " WHERE `id`=" . $id; $db->sql_query($sql); Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=view&id=" . $id); die; } else { $error = $lang_global['error_sendmail_admin']; }
} if ($nv_Request->isset_request('save', 'post')) { $post['title'] = filter_text_input('title', 'post', '', 1); if (empty($post['title'])) { die($lang_module['title_empty']); } $_groupsList = $groupsList; if (isset($post['id'])) { unset($_groupsList[$post['id']]); } foreach ($_groupsList as $_group) { if (strcasecmp($_group['title'], $post['title']) == 0) { die(sprintf($lang_module['error_title_exists'], $post['title'])); } } $post['content'] = nv_editor_filter_textarea('content', '', NV_ALLOWED_HTML_TAGS); $test_content = trim(strip_tags($post['content'])); $post['content'] = !empty($test_content) ? nv_editor_nl2br($post['content']) : ""; $post['exp_time'] = filter_text_input('exp_time', 'post', ''); if (preg_match("/^([\\d]{1,2})\\.([\\d]{1,2})\\.([\\d]{4})\$/", $post['exp_time'], $matches)) { $post['exp_time'] = mktime(23, 59, 59, $matches[2], $matches[1], $matches[3]); } else { $post['exp_time'] = 0; } $post['public'] = $nv_Request->get_int('public', 'post', 0); if ($post['public'] != 1) { $post['public'] = 0; } if (isset($post['id'])) { $query = "UPDATE `" . NV_GROUPS_GLOBALTABLE . "` SET \n `title`=" . $db->dbescape($post['title']) . ", \n `content`=" . $db->dbescape($post['content']) . ", \n `exp_time`='" . $post['exp_time'] . "', \n `public`= " . $post['public'] . " \n WHERE `group_id`=" . $post['id'] . " LIMIT 1"; $ok = $db->sql_query($query);
define('IS_ADD', true); $page_title = $lang_module['faq_addfaq']; } $groups_list = nv_groups_list(); $array_who = array($lang_global['who_view0'], $lang_global['who_view1'], $lang_global['who_view2']); if (!empty($groups_list)) { $array_who[] = $lang_global['who_view3']; } $array = array(); $is_error = false; $error = ""; if ($nv_Request->isset_request('submit', 'post')) { $array['catid'] = $nv_Request->get_int('catid', 'post', 0); $array['title'] = filter_text_input('title', 'post', '', 1); $array['question'] = filter_text_textarea('question', '', NV_ALLOWED_HTML_TAGS); $array['answer'] = nv_editor_filter_textarea('answer', '', NV_ALLOWED_HTML_TAGS); $alias = change_alias($array['title']); if (defined('IS_ADD')) { $sql = "SELECT COUNT(*) FROM `" . NV_PREFIXLANG . "_" . $module_data . "` WHERE `alias`=" . $db->dbescape($alias); $result = $db->sql_query($sql); list($is_exists) = $db->sql_fetchrow($result); } else { $sql = "SELECT COUNT(*) FROM `" . NV_PREFIXLANG . "_" . $module_data . "` WHERE `id`!=" . $id . " AND `alias`=" . $db->dbescape($alias); $result = $db->sql_query($sql); list($is_exists) = $db->sql_fetchrow($result); } if (empty($array['title'])) { $is_error = true; $error = $lang_module['faq_error_title']; } elseif ($is_exists) { $is_error = true;
$row = $db->sql_fetchrow($result); define('IS_EDIT', true); $page_title = $lang_module['aabout12']; $action = NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=" . $op . "&id=" . $id; } else { $page_title = $lang_module['aabout1']; $action = NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=" . $op; } $error = ""; if (defined('NV_EDITOR')) { require_once NV_ROOTDIR . '/' . NV_EDITORSDIR . '/' . NV_EDITOR . '/nv.php'; } if ($nv_Request->get_int('save', 'post') == '1') { $title = filter_text_input('title', 'post', '', 1); $alias = filter_text_input('alias', 'post', '', 1); $bodytext = nv_editor_filter_textarea('bodytext', '', NV_ALLOWED_HTML_TAGS); if (empty($title)) { $error = $lang_module['aabout9']; } elseif (strip_tags($bodytext) == "") { $error = $lang_module['aabout10']; } else { $bodytext = nv_editor_nl2br($bodytext); $alias = empty($alias) ? change_alias($title) : change_alias($alias); if (defined('IS_EDIT')) { nv_insert_logs(NV_LANG_DATA, $module_name, 'log_edit_about', "aboutid " . $id, $admin_info['userid']); $query = "UPDATE`" . NV_PREFIXLANG . "_" . $module_data . "` SET \r\n `title`=" . $db->dbescape($title) . ", `alias` = " . $db->dbescape($alias) . ", \r\n `bodytext`=" . $db->dbescape($bodytext) . ", `keywords`='', `edit_time`=" . NV_CURRENTTIME . " WHERE `id` =" . $id; } else { list($weight) = $db->sql_fetchrow($db->sql_query("SELECT MAX(`weight`) FROM `" . NV_PREFIXLANG . "_" . $module_data . "`")); $weight = intval($weight) + 1; $query = "INSERT INTO `" . NV_PREFIXLANG . "_" . $module_data . "` VALUES (\r\n NULL, " . $db->dbescape($title) . ", " . $db->dbescape($alias) . ", " . $db->dbescape($bodytext) . ", '', \r\n " . $weight . ", " . $admin_info['admin_id'] . ", " . NV_CURRENTTIME . ", " . NV_CURRENTTIME . ", 1);"; nv_insert_logs(NV_LANG_DATA, $module_name, 'log_add_about', " ", $admin_info['userid']);
} else { Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name); exit; } $groups_list = nv_groups_list(); $array_who = array($lang_global['who_view0'], $lang_global['who_view1'], $lang_global['who_view2']); if (!empty($groups_list)) { $array_who[] = $lang_global['who_view3']; } $array = array(); $is_error = false; $error = ""; if ($nv_Request->isset_request('submit', 'post')) { $array['catid'] = $nv_Request->get_int('catid', 'post', 0); $array['title'] = filter_text_input('title', 'post', '', 1); $array['description'] = nv_editor_filter_textarea('description', '', NV_ALLOWED_HTML_TAGS); $array['introtext'] = filter_text_textarea('introtext', '', NV_ALLOWED_HTML_TAGS); $array['author_name'] = filter_text_input('author_name', 'post', '', 1); $array['author_email'] = filter_text_input('author_email', 'post', ''); $array['author_url'] = filter_text_input('author_url', 'post', ''); $array['fileupload'] = $nv_Request->get_typed_array('fileupload', 'post', 'string'); $array['linkdirect'] = $nv_Request->get_typed_array('linkdirect', 'post', 'string'); $array['version'] = filter_text_input('version', 'post', '', 1); $array['fileimage'] = filter_text_input('fileimage', 'post', ''); $array['copyright'] = filter_text_input('copyright', 'post', '', 1); $array['comment_allow'] = $nv_Request->get_int('comment_allow', 'post', 0); $array['who_comment'] = $nv_Request->get_int('who_comment', 'post', 0); $array['groups_comment'] = $nv_Request->get_typed_array('groups_comment', 'post', 'int'); $array['is_del_report'] = $nv_Request->get_int('is_del_report', 'post', 0); $array['who_view'] = $nv_Request->get_int('who_view', 'post', 0); $array['groups_view'] = $nv_Request->get_typed_array('groups_view', 'post', 'int');
$sql = "SELECT t1.admin_id as id, t1.lev as level, t2.username as admin_login, t2.email as admin_email, t2.full_name as admin_fullname FROM \r\n`" . NV_AUTHORS_GLOBALTABLE . "` AS t1 INNER JOIN `" . NV_USERS_GLOBALTABLE . "` AS t2 ON t1.admin_id = t2.userid WHERE t1.lev!=0 AND t1.is_suspend=0"; $result = $db->sql_query($sql); $adms = array(); while ($row = $db->sql_fetchrow($result)) { $adms[$row['id']] = array('login' => $row['admin_login'], 'fullname' => $row['admin_fullname'], 'email' => $row['admin_email'], 'level' => intval($row['level'])); } $error = ""; if (defined('NV_EDITOR')) { require_once NV_ROOTDIR . '/' . NV_EDITORSDIR . '/' . NV_EDITOR . '/nv.php'; } if ($nv_Request->get_int('save', 'post') == '1') { $full_name = filter_text_input('full_name', 'post', '', 1); $phone = filter_text_input('phone', 'post', '', 1); $fax = filter_text_input('fax', 'post', '', 1); $email = filter_text_input('email', 'post', '', 1); $note = nv_editor_filter_textarea('note', '', NV_ALLOWED_HTML_TAGS); $view_level = $nv_Request->get_array('view_level', 'post', array()); $reply_level = $nv_Request->get_array('reply_level', 'post', array()); $obt_level = $nv_Request->get_array('obt_level', 'post', array()); $check_valid_email = nv_check_valid_email($email); $admins = array(); if (!empty($view_level)) { foreach ($view_level as $admid) { $admins[$admid]['view_level'] = 1; $admins[$admid]['reply_level'] = 0; $admins[$admid]['obt_level'] = 0; } } if (!empty($reply_level)) { foreach ($reply_level as $admid) { $admins[$admid]['view_level'] = 1;
if (!empty($keywords) and !is_numeric($keywords)) { $array_config['site_keywords'][] = $keywords; } } } $array_config['site_keywords'] = !empty($array_config['site_keywords']) ? implode(", ", $array_config['site_keywords']) : ""; } if (!nv_is_url($site_logo) and file_exists(NV_DOCUMENT_ROOT . $site_logo)) { $lu = strlen(NV_BASE_SITEURL); $array_config['site_logo'] = substr($site_logo, $lu); } elseif (!nv_is_url($site_logo)) { $array_config['site_logo'] = "images/logo.png"; } $array_config['site_home_module'] = filter_text_input('site_home_module', 'post', '', 1, 255); $array_config['site_description'] = filter_text_input('site_description', 'post', '', 1, 255); $array_config['disable_site_content'] = nv_editor_filter_textarea('disable_site_content', '', NV_ALLOWED_HTML_TAGS); if (empty($array_config['disable_site_content'])) { $array_config['disable_site_content'] = $lang_global['disable_site_content']; } $array_config['disable_site_content'] = nv_editor_nl2br($array_config['disable_site_content']); foreach ($array_config as $config_name => $config_value) { $db->sql_query("REPLACE INTO `" . NV_CONFIG_GLOBALTABLE . "` (`lang`, `module`, `config_name`, `config_value`) VALUES('" . NV_LANG_DATA . "', 'global', " . $db->dbescape($config_name) . ", " . $db->dbescape($config_value) . ")"); } nv_delete_all_cache(); if (empty($errormess)) { Header('Location: ' . NV_BASE_ADMINURL . 'index.php?' . NV_NAME_VARIABLE . '=' . $module_name . '&rand=' . nv_genpass()); exit; } else { $sql = $db->constructQuery("SELECT `module`, `config_name`, `config_value` FROM `" . NV_CONFIG_GLOBALTABLE . "` \n WHERE `lang`=[s] OR `lang`=[s] ORDER BY `module` ASC", 'sys', NV_LANG_DATA); $result = $db->sql_query($sql); while (list($c_module, $c_config_name, $c_config_value) = $db->sql_fetchrow($result)) {