function nv_block_data_config_html_submit($module, $lang_block)
{
$xhtml = filter_text_textarea('htmlcontent', '', NV_ALLOWED_HTML_TAGS);
$return = array();
$return['error'] = array();
$return['config'] = array();
$return['config']['htmlcontent'] = defined('NV_EDITOR') ? nv_editor_nl2br($xhtml) : nv_nl2br($xhtml, '<br />');
return $return;
}
/**
* BoldKeywordInStr()
*
* @param mixed $str
* @param mixed $keyword
* @return
*/
function BoldKeywordInStr($str, $keyword, $logic)
{
global $db;
$str = nv_br2nl($str);
$str = nv_nl2br($str, " ");
$str = nv_unhtmlspecialchars(strip_tags(trim($str)));
$str = $db->unfixdb($str);
$pos = false;
if ($logic == 'AND') {
$array_keyword = array($keyword, nv_EncString($keyword));
} else {
$keyword .= " " . nv_EncString($keyword);
$array_keyword = explode(" ", $keyword);
$array_keyword = array_unique($array_keyword);
}
foreach ($array_keyword as $k) {
unset($matches);
if (preg_match("/^(.*?)" . preg_quote($k) . "/uis", $str, $matches)) {
$strlen = nv_strlen($str);
$kstrlen = nv_strlen($k);
$residual = $strlen - 300;
if ($residual > 0) {
$lstrlen = nv_strlen($matches[1]);
$rstrlen = $strlen - $lstrlen - $kstrlen;
$medium = round((300 - $kstrlen) / 2);
if ($lstrlen <= $medium) {
$str = nv_clean60($str, 300);
} elseif ($rstrlen <= $medium) {
$str = nv_substr($str, $residual, 300);
$str = nv_substr_clean($str, 'l');
} else {
$str = nv_substr($str, $lstrlen - $medium, $strlen - $lstrlen + $medium);
$str = nv_substr($str, 0, 300);
$str = nv_substr_clean($str, 'lr');
}
}
$pos = true;
break;
}
}
if (!$pos) {
return nv_clean60($str, 300);
}
$pattern = array();
foreach ($array_keyword as $k) {
$pattern[] = "/(" . preg_quote($k) . ")/uis";
}
$str = preg_replace($pattern, "{\\1}", $str);
$str = str_replace(array("{", "}"), array("<span class=\"keyword\">", "</span>"), $str);
return $str;
}
/**
* BoldKeywordInStr()
*
* @param mixed $str
* @param mixed $keyword
* @return
*/
function BoldKeywordInStr($str, $keyword, $logic)
{
$str = nv_br2nl($str);
$str = nv_nl2br($str, ' ');
$str = nv_unhtmlspecialchars(strip_tags(trim($str)));
$pos = false;
if ($logic == 'AND') {
$array_keyword = array($keyword, nv_EncString($keyword));
} else {
$keyword .= ' ' . nv_EncString($keyword);
$array_keyword = explode(' ', $keyword);
$array_keyword = array_unique($array_keyword);
}
foreach ($array_keyword as $k) {
if (preg_match('/^(.*?)' . nv_preg_quote($k) . '/uis', $str, $matches)) {
$strlen = nv_strlen($str);
$kstrlen = nv_strlen($k);
$residual = $strlen - 300;
if ($residual > 0) {
$lstrlen = nv_strlen($matches[1]);
$rstrlen = $strlen - $lstrlen - $kstrlen;
$medium = round((300 - $kstrlen) / 2);
if ($lstrlen <= $medium) {
$str = nv_clean60($str, 300);
} elseif ($rstrlen <= $medium) {
$str = nv_substr($str, $residual, 300);
$str = nv_substr_clean($str, 'l');
} else {
$str = nv_substr($str, $lstrlen - $medium, $strlen - $lstrlen + $medium);
$str = nv_substr($str, 0, 300);
$str = nv_substr_clean($str, 'lr');
}
}
$pos = true;
break;
}
}
if (!$pos) {
return nv_clean60($str, 300);
}
$pattern = array();
foreach ($array_keyword as $k) {
$pattern[] = '/(' . nv_preg_quote($k) . ')/uis';
}
$str = preg_replace($pattern, '{\\1}', $str);
$str = str_replace(array('{', '}'), array('<span class="keyword">', '</span>'), $str);
return $str;
}
function nv_write_lang_mod_admin($mod, $lang, $arr_new_lang)
{
global $funname;
if (!empty($arr_new_lang)) {
if (file_exists(NV_ROOTDIR . '/modules/' . $mod . '/language/admin_' . $lang . '.php')) {
$content_lang = file_get_contents(NV_ROOTDIR . '/modules/' . $mod . '/language/admin_' . $lang . '.php');
$content_lang = trim($content_lang);
$content_lang = rtrim($content_lang, '?>');
} else {
$content_lang = "<?php\n\n";
$content_lang .= "/**\n";
$content_lang .= "* @Project NUKEVIET 4.x\n";
$content_lang .= "* @Author VINADES.,JSC (contact@vinades.vn)\n";
$content_lang .= "* @Copyright (C) " . date("Y") . " VINADES.,JSC. All rights reserved\n";
$content_lang .= "* @Language " . $language_array[$dirlang]['name'] . "\n";
$content_lang .= "* @License CC BY-SA (http://creativecommons.org/licenses/by-sa/4.0/)\n";
$content_lang .= "* @Createdate " . gmdate("M d, Y, h:i:s A", time()) . "\n";
$content_lang .= "*/\n";
$content_lang .= "\nif( ! defined( 'NV_ADMIN' ) or ! defined( 'NV_MAINFILE' ) )";
$content_lang .= " die( 'Stop!!!' );\n\n";
$array_translator['info'] = isset($array_translator['info']) ? $array_translator['info'] : "";
$content_lang .= "\$lang_translator['author'] = 'VINADES.,JSC (contact@vinades.vn)';\n";
$content_lang .= "\$lang_translator['createdate'] = '" . date('d/m/Y, H:i') . "';\n";
$content_lang .= "\$lang_translator['copyright'] = 'Copyright (C) ' . date( 'Y' ) . ' VINADES.,JSC. All rights reserved';\n";
$content_lang .= "\$lang_translator['info'] = '';\n";
$content_lang .= "\$lang_translator['langtype'] = 'lang_module';\n";
$content_lang .= "\n";
}
$content_lang .= "\n\n//Lang for function " . $funname . "\n";
foreach ($arr_new_lang as $lang_key => $lang_value) {
$lang_value = nv_unhtmlspecialchars($lang_value);
$lang_value = str_replace("\\'", "'", $lang_value);
$lang_value = str_replace("'", "\\'", $lang_value);
$lang_value = nv_nl2br($lang_value);
$lang_value = str_replace('<br />', '<br />', $lang_value);
$content_lang .= "\$lang_module['" . $lang_key . "'] = '" . $lang_value . "';\n";
}
if (!is_writable(NV_ROOTDIR . '/modules/' . $mod . '/language/admin_' . $lang . '.php')) {
if (substr($sys_info['os'], 0, 3) != 'WIN') {
chmod(NV_ROOTDIR . '/modules/' . $mod . '/language/admin_' . $lang . '.php', 0777);
}
}
file_put_contents(NV_ROOTDIR . '/modules/' . $mod . '/language/admin_' . $lang . '.php', $content_lang, LOCK_EX);
}
}
$fcode = filter_text_input('fcode', 'post', '');
$check_valid_email = nv_check_valid_email($femail);
if (empty($fname)) {
$error = $lang_module['error_fullname'];
} elseif (!empty($check_valid_email)) {
$error = $check_valid_email;
} elseif (empty($ftitle)) {
$error = $lang_module['error_title'];
} elseif (empty($fcon)) {
$error = $lang_module['error_content'];
} elseif (!isset($array_rows[$fpart])) {
$error = $lang_module['error_part'];
} elseif (!nv_capcha_txt($fcode)) {
$error = $lang_module['error_captcha'];
} else {
$fcon = nv_nl2br($fcon);
$sender_id = intval(defined('NV_IS_USER') ? $user_info['userid'] : 0);
$sql = "INSERT INTO `" . NV_PREFIXLANG . "_" . $module_data . "_send` VALUES \n (NULL , " . $fpart . ", " . $db->dbescape($ftitle) . ", " . $db->dbescape($fcon) . ", \n " . NV_CURRENTTIME . ", " . $sender_id . ", " . $db->dbescape($fname) . ", " . $db->dbescape($femail) . ", \n " . $db->dbescape($fphone) . ", " . $db->dbescape($client_info['ip']) . ", 0, 0, '', 0, 0);";
$db->sql_query($sql);
$website = "<a href=\"" . $global_config['site_url'] . "\">" . $global_config['site_name'] . "</a>";
$fcon .= "<br /><br />----------------------------------------<br /><br />";
if (empty($fphone)) {
$fcon .= sprintf($lang_module['sendinfo'], $website, $fname, $femail, $client_info['ip'], $array_rows[$fpart]['full_name']);
} else {
$fcon .= sprintf($lang_module['sendinfo2'], $website, $fname, $femail, $fphone, $client_info['ip'], $array_rows[$fpart]['full_name']);
}
nv_SendMail2User($fpart, $fcon, $ftitle, $femail, $fname);
$url = NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA;
$contents .= call_user_func("sendcontact", $url);
include NV_ROOTDIR . "/includes/header.php";
echo nv_site_theme($contents);
/**
* nv_admin_read_lang()
*
* @param mixed $dirlang
* @param mixed $idfile
* @return error read file
*/
function nv_admin_read_lang($dirlang, $module, $admin_file = 1)
{
global $db, $global_config, $include_lang, $lang_module;
$include_lang = '';
$modules_exit = nv_scandir(NV_ROOTDIR . '/modules', $global_config['check_module']);
if ($module == 'global' and preg_match('/^block\\.global\\.([a-zA-Z0-9\\-\\_]+)\\.php$/', $admin_file, $m)) {
$include_lang = NV_ROOTDIR . '/language/' . $dirlang . '/' . $admin_file;
$admin_file = 'block.global.' . $m[1];
} elseif (preg_match('/^block\\.(global|module)\\.([a-zA-Z0-9\\-\\_]+)\\_' . $dirlang . '\\.php$/', $admin_file, $m)) {
$include_lang = NV_ROOTDIR . '/modules/' . $module . '/language/' . $admin_file;
$admin_file = 'block.' . $m[1] . '.' . $m[2];
} elseif ($module == 'global' and $admin_file == 1) {
$include_lang = NV_ROOTDIR . '/language/' . $dirlang . '/admin_' . $module . '.php';
} elseif ($module == 'global' and $admin_file == 0) {
$include_lang = NV_ROOTDIR . '/language/' . $dirlang . '/' . $module . '.php';
} elseif ($module == 'install' and $admin_file == 0) {
$include_lang = NV_ROOTDIR . '/language/' . $dirlang . '/' . $module . '.php';
} elseif (in_array($module, $modules_exit) and $admin_file == 1) {
$include_lang = NV_ROOTDIR . '/modules/' . $module . '/language/admin_' . $dirlang . '.php';
} elseif (in_array($module, $modules_exit) and $admin_file == 0) {
$include_lang = NV_ROOTDIR . '/modules/' . $module . '/language/' . $dirlang . '.php';
} elseif (file_exists(NV_ROOTDIR . '/language/' . $dirlang . '/admin_' . $module . '.php')) {
$admin_file = 1;
$include_lang = NV_ROOTDIR . '/language/' . $dirlang . '/admin_' . $module . '.php';
}
if ($include_lang != '' and file_exists($include_lang)) {
$lang_module_temp = $lang_module;
$lang_module = array();
$lang_global = array();
$lang_block = array();
$lang_translator = array();
include $include_lang;
$sth = $db->prepare('SELECT idfile, langtype FROM ' . NV_LANGUAGE_GLOBALTABLE . '_file WHERE module = :module AND admin_file= :admin_file');
$sth->bindParam(':module', $module, PDO::PARAM_STR);
$sth->bindParam(':admin_file', $admin_file, PDO::PARAM_STR);
$sth->execute();
list($idfile, $langtype) = $sth->fetch(3);
if (empty($idfile)) {
$langtype = isset($lang_translator['langtype']) ? strip_tags($lang_translator['langtype']) : 'lang_module';
$lang_translator_save = array();
$lang_translator_save['author'] = isset($lang_translator['author']) ? strip_tags($lang_translator['author']) : 'VINADES.,JSC (contact@vinades.vn)';
$lang_translator_save['createdate'] = isset($lang_translator['createdate']) ? strip_tags($lang_translator['createdate']) : date('d/m/Y, H:i');
$lang_translator_save['copyright'] = isset($lang_translator['copyright']) ? strip_tags($lang_translator['copyright']) : 'Copyright (C) ' . date('Y') . ' VINADES.,JSC. All rights reserved';
$lang_translator_save['info'] = isset($lang_translator['info']) ? strip_tags($lang_translator['info']) : '';
$lang_translator_save['langtype'] = $langtype;
$author = var_export($lang_translator_save, true);
$data = array();
$data['module'] = $module;
$data['admin_file'] = $admin_file;
$data['langtype'] = $langtype;
$data['author'] = $author;
$idfile = $db->insert_id('INSERT INTO ' . NV_LANGUAGE_GLOBALTABLE . '_file (module, admin_file, langtype, author_' . $dirlang . ') VALUES (:module, :admin_file, :langtype, :author)', 'idfile', $data);
if (empty($idfile)) {
nv_info_die($lang_global['error_404_title'], $lang_global['error_404_title'], 'error read file: ' . str_replace(NV_ROOTDIR . '/', '', $include_lang));
}
} else {
$lang_translator_save = array();
$langtype = isset($lang_translator['langtype']) ? strip_tags($lang_translator['langtype']) : 'lang_module';
$lang_translator_save['author'] = isset($lang_translator['author']) ? strip_tags($lang_translator['author']) : 'VINADES.,JSC (contact@vinades.vn)';
$lang_translator_save['createdate'] = isset($lang_translator['createdate']) ? strip_tags($lang_translator['createdate']) : date('d/m/Y, H:i');
$lang_translator_save['copyright'] = isset($lang_translator['copyright']) ? strip_tags($lang_translator['copyright']) : 'Copyright (C) ' . date('Y') . ' VINADES.,JSC. All rights reserved';
$lang_translator_save['info'] = isset($lang_translator['info']) ? strip_tags($lang_translator['info']) : '';
$lang_translator_save['langtype'] = $langtype;
$author = var_export($lang_translator_save, true);
try {
$sth = $db->prepare('UPDATE ' . NV_LANGUAGE_GLOBALTABLE . '_file SET author_' . $dirlang . '= :author WHERE idfile= ' . $idfile);
$sth->bindParam(':author', $author, PDO::PARAM_STR, strlen($author));
$sth->execute();
} catch (PDOException $e) {
nv_info_die($lang_global['error_404_title'], $lang_global['error_404_title'], $e->getMessage());
}
}
$temp_lang = array();
switch ($langtype) {
case 'lang_global':
$temp_lang = $lang_global;
break;
case 'lang_module':
$temp_lang = $lang_module;
break;
case 'lang_block':
$temp_lang = $lang_block;
break;
}
$add_field = true;
$array_lang_key = array();
$array_lang_value = array();
$columns_array = $db->columns_array(NV_LANGUAGE_GLOBALTABLE . '_file');
foreach ($columns_array as $row) {
if (substr($row['field'], 0, 7) == 'author_' and $row['field'] != 'author_' . $dirlang) {
$array_lang_key[] = str_replace('author_', 'lang_', $row['field']);
$array_lang_value[] = '';
}
}
$string_lang_key = implode(', ', $array_lang_key);
$string_lang_value = '';
if ($string_lang_key != '') {
$string_lang_key = ', ' . $string_lang_key;
$string_lang_value = implode("', '", $array_lang_value);
$string_lang_value = ", '" . $string_lang_value . "'";
}
$read_type = intval($global_config['read_type']);
$sth_is = $db->prepare('INSERT INTO ' . NV_LANGUAGE_GLOBALTABLE . ' (idfile, lang_key, lang_' . $dirlang . ', update_' . $dirlang . ') VALUES (:idfile, :lang_key, :lang_value, ' . NV_CURRENTTIME . ')');
$sth_ud = $db->prepare('UPDATE ' . NV_LANGUAGE_GLOBALTABLE . ' SET lang_' . $dirlang . ' = :lang_value, update_' . $dirlang . ' = ' . NV_CURRENTTIME . ' WHERE idfile = :idfile AND lang_key = :lang_key');
while (list($lang_key, $lang_value) = each($temp_lang)) {
$check_type_update = false;
$lang_key = trim($lang_key);
$lang_value = nv_nl2br($lang_value);
$lang_value = preg_replace("/<br\\s*\\/>/", '<br />', $lang_value);
$lang_value = preg_replace("/<\\/\\s*br\\s*>/", '<br />', $lang_value);
if ($read_type == 0 or $read_type == 1) {
try {
$sth_is->bindParam(':idfile', $idfile, PDO::PARAM_INT);
$sth_is->bindParam(':lang_key', $lang_key, PDO::PARAM_STR);
$sth_is->bindParam(':lang_value', $lang_value, PDO::PARAM_STR);
$sth_is->execute();
if ($read_type == 0 and !$sth_is->rowCount()) {
$check_type_update = true;
}
} catch (PDOException $e) {
if ($read_type == 0) {
$check_type_update = true;
}
}
}
if ($read_type == 2 or $check_type_update) {
$sth_ud->bindParam(':idfile', $idfile, PDO::PARAM_INT);
$sth_ud->bindParam(':lang_key', $lang_key, PDO::PARAM_STR);
$sth_ud->bindParam(':lang_value', $lang_value, PDO::PARAM_STR);
$sth_ud->execute();
}
}
$lang_module = $lang_module_temp;
return '';
} else {
$include_lang = '';
return $lang_module['nv_error_exit_module'] . ' : ' . $module;
}
}
$db->sql_freeresult();
nv_del_moduleCache($module_name);
Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=" . $op . "");
die;
} else {
$error = $lang_module['errorsave'];
}
} elseif ($catid > 0 and !empty($title)) {
$check_exit = 0;
if ($parentid != $parentid_old) {
list($check_exit) = $db->sql_fetchrow($db->sql_query("SELECT count(*) FROM `" . NV_PREFIXLANG . "_" . $module_data . "_rows` WHERE `catid` = '" . $catid . "'"));
}
if (intval($check_exit) > 0) {
$error = "error delete cat";
} else {
$description = nv_nl2br($description, '<br />');
//
$query = "UPDATE `" . NV_PREFIXLANG . "_" . $module_data . "_cat` SET `parentid`=" . $db->dbescape($parentid) . ", `title`=" . $db->dbescape($title) . ", `catimage` = " . $db->dbescape($catimage) . ", `alias` = " . $db->dbescape($alias) . ", `description`=" . $db->dbescape($description) . ", `keywords`= " . $db->dbescape($keywords) . ", `edit_time`=UNIX_TIMESTAMP( ) WHERE `catid` =" . $catid . "";
$db->sql_query($query);
if ($db->sql_affectedrows() > 0) {
$db->sql_freeresult();
if ($parentid != $parentid_old) {
list($weight) = $db->sql_fetchrow($db->sql_query("SELECT max(`weight`) FROM `" . NV_PREFIXLANG . "_" . $module_data . "_cat` WHERE `parentid`=" . $db->dbescape($parentid) . ""));
$weight = intval($weight) + 1;
$sql = "UPDATE `" . NV_PREFIXLANG . "_" . $module_data . "_cat` SET `weight`=" . $weight . " WHERE `catid`=" . intval($catid);
$db->sql_query($sql);
nv_fix_cat($parentid);
nv_fix_cat($parentid_old);
nv_insert_logs(NV_LANG_DATA, $module_name, 'log_edit_cat', "catid " . $catid, $admin_info['userid']);
}
nv_del_moduleCache($module_name);
* begin: post data
*/
if ($nv_Request->get_int('save', 'post') == 1) {
$data['catid'] = $nv_Request->get_int('catid', 'post', 0);
$data['roomid'] = $nv_Request->get_int('roomid', 'post', 0);
$data['fieldid'] = $nv_Request->get_int('fieldid', 'post', 0);
$data['type'] = $nv_Request->get_int('type', 'post', 0);
$data['title'] = $nv_Request->get_string('title', 'post', '', 0);
$data['keywords'] = $nv_Request->get_string('keywords', 'post', '', 1);
$alias = $nv_Request->get_string('alias', 'post', '');
$data['alias'] = $alias == "" ? change_alias($data['title']) : change_alias($alias);
$hometext = $nv_Request->get_string('hometext', 'post', '');
$data['hometext'] = nv_nl2br(nv_htmlspecialchars(strip_tags($hometext)), '<br />');
$data['otherpath'] = $nv_Request->get_string('otherpath', 'post', '');
$bodytext = $nv_Request->get_string('bodytext', 'post', '');
$data['bodytext'] = defined('NV_EDITOR') ? nv_nl2br($bodytext, '') : nv_nl2br(nv_htmlspecialchars(strip_tags($bodytext)), '<br />');
$data['sign'] = $nv_Request->get_string('sign', 'post', '');
$signtime = $nv_Request->get_string('signtime', 'post', 0);
$data['organid'] = $nv_Request->get_int('organid', 'post', 0);
if (!empty($signtime) and !preg_match("/^([0-9]{1,2})\\/([0-9]{1,2})\\/([0-9]{4})\$/", $signtime)) {
$signtime = "";
}
if (empty($signtime)) {
$data['signtime'] = 0;
} else {
$phour = date('H');
$pmin = date('i');
unset($m);
preg_match("/^([0-9]{1,2})\\/([0-9]{1,2})\\/([0-9]{4})\$/", $signtime, $m);
$data['signtime'] = mktime($phour, $pmin, 0, $m[2], $m[1], $m[3]);
}
$error = $lang_module['edit_error_email_exist'];
} elseif (!empty($_user['password1']) and ($check_pass = nv_check_valid_pass($_user['password1'], NV_UPASSMAX, NV_UPASSMIN)) != '') {
$error = $check_pass;
} elseif (!empty($_user['password1']) and $_user['password1'] != $_user['password2']) {
$error = $lang_module['edit_error_password'];
} elseif (empty($_user['question'])) {
$error = $lang_module['edit_error_question'];
} elseif (empty($_user['answer'])) {
$error = $lang_module['edit_error_answer'];
} else {
$query_field = array();
if (!empty($array_field_config)) {
require NV_ROOTDIR . '/modules/users/fields.check.php';
}
if (empty($error)) {
$_user['sig'] = nv_nl2br($_user['sig'], '<br />');
if ($_user['gender'] != 'M' and $_user['gender'] != 'F') {
$_user['gender'] = '';
}
if (preg_match('/^([0-9]{1,2})\\/([0-9]{1,2})\\/([0-9]{4})$/', $_user['birthday'], $m)) {
$_user['birthday'] = mktime(0, 0, 0, $m[2], $m[1], $m[3]);
} else {
$_user['birthday'] = 0;
}
$password = !empty($_user['password1']) ? $crypt->hash_password($_user['password1'], $global_config['hashprefix']) : $row['password'];
// Check photo
if ($_user['delpic'] or empty($photo)) {
if (!empty($_user['photo'])) {
$tmp_photo = NV_ROOTDIR . '/' . NV_TEMP_DIR . '/' . $_user['photo'];
if (!file_exists($tmp_photo)) {
$_user['photo'] = '';
} elseif ($db->sql_numrows($db->sql_query("SELECT `userid` FROM `" . NV_USERS_GLOBALTABLE . "` WHERE `email`=" . $db->dbescape($_user['email']))) != 0) {
$error = $lang_module['edit_error_email_exist'];
} elseif ($db->sql_numrows($db->sql_query("SELECT `userid` FROM `" . NV_USERS_GLOBALTABLE . "_reg` WHERE `email`=" . $db->dbescape($_user['email']))) != 0) {
$error = $lang_module['edit_error_email_exist'];
} elseif ($db->sql_numrows($db->sql_query("SELECT `userid` FROM `" . NV_USERS_GLOBALTABLE . "_openid` WHERE `email`=" . $db->dbescape($_user['email']))) != 0) {
$error = $lang_module['edit_error_email_exist'];
} elseif (($check_pass = nv_check_valid_pass($_user['password1'], NV_UPASSMAX, NV_UPASSMIN)) != "") {
$error = $check_pass;
} elseif ($_user['password1'] != $_user['password2']) {
$error = $lang_module['edit_error_password'];
} elseif (empty($_user['question'])) {
$error = $lang_module['edit_error_question'];
} elseif (empty($_user['answer'])) {
$error = $lang_module['edit_error_answer'];
} else {
$_user['sig'] = nv_nl2br($_user['sig'], "<br />");
if ($_user['gender'] != "M" and $_user['gender'] != "F") {
$_user['gender'] = "";
}
if (preg_match("/^([0-9]{1,2})\\.([0-9]{1,2})\\.([0-9]{4})\$/", $_user['birthday'], $m)) {
$_user['birthday'] = mktime(0, 0, 0, $m[2], $m[1], $m[3]);
} else {
$_user['birthday'] = 0;
}
$data_in_groups = !empty($_user['in_groups']) ? implode(',', $_user['in_groups']) : '';
$password = $crypt->hash($_user['password1']);
$sql = "INSERT INTO `" . NV_USERS_GLOBALTABLE . "` (\n `userid`, `username`, `md5username`, `password`, `email`, `full_name`, `gender`, `birthday`, `sig`, `regdate`, \n `website`, `location`, `yim`, `telephone`, `fax`, `mobile`, `question`, `answer`, `passlostkey`, `view_mail`, \n `remember`, `in_groups`, `active`, `checknum`, `last_login`, `last_ip`, `last_agent`, `last_openid`) \n VALUES(\n\t\tNULL, \n\t\t" . $db->dbescape($_user['username']) . ",\n\t\t" . $db->dbescape(md5($_user['username'])) . ",\n\t\t" . $db->dbescape($password) . ",\n\t\t" . $db->dbescape($_user['email']) . ",\n\t\t" . $db->dbescape($_user['full_name']) . ",\n\t\t" . $db->dbescape($_user['gender']) . ",\n\t\t" . $_user['birthday'] . ",\n\t\t" . $db->dbescape($_user['sig']) . ",\n\t\t" . NV_CURRENTTIME . ",\n\t\t" . $db->dbescape($_user['website']) . ",\n\t\t" . $db->dbescape($_user['location']) . ",\n\t\t" . $db->dbescape($_user['yim']) . ",\n\t\t" . $db->dbescape($_user['telephone']) . ",\n\t\t" . $db->dbescape($_user['fax']) . ",\n\t\t" . $db->dbescape($_user['mobile']) . ",\n\t\t" . $db->dbescape($_user['question']) . ",\n\t\t" . $db->dbescape($_user['answer']) . ",\n\t\t'', \n " . $_user['view_mail'] . ", \n 1, \n " . $db->dbescape_string($data_in_groups) . ", \n 1, '', 0, '', '', '')";
$userid = $db->sql_query_insert_id($sql);
if ($userid) {
nv_insert_logs(NV_LANG_DATA, $module_name, 'log_add_user', "userid " . $userid, $admin_info['userid']);
if (isset($_FILES['photo']) and is_uploaded_file($_FILES['photo']['tmp_name'])) {
$is_error = true;
$error = $lang_module['file_error_title'];
} elseif ($is_exists) {
$is_error = true;
$error = $lang_module['file_title_exists'];
} elseif (!empty($array['author_email']) and ($check_valid_email = nv_check_valid_email($array['author_email'])) != '') {
$is_error = true;
$error = $check_valid_email;
} elseif (!empty($array['author_url']) and !nv_is_url($array['author_url'])) {
$is_error = true;
$error = $lang_module['file_error_author_url'];
} elseif (empty($array['fileupload']) and empty($array['linkdirect'])) {
$is_error = true;
$error = $lang_module['file_error_fileupload'];
} else {
$array['introtext'] = !empty($array['introtext']) ? nv_nl2br($array['introtext'], '<br />') : '';
$array['fileupload'] = !empty($array['fileupload']) ? implode('[NV]', $array['fileupload']) : '';
if (!empty($array['linkdirect'])) {
$array['linkdirect'] = array_map('nv_nl2br', $array['linkdirect']);
$array['linkdirect'] = implode('[NV]', $array['linkdirect']);
} else {
$array['linkdirect'] = '';
}
$sql = "INSERT INTO " . NV_PREFIXLANG . "_" . $module_data . " (catid, title, alias, description, introtext, uploadtime, updatetime, user_id, user_name, author_name, author_email, author_url, fileupload, linkdirect, version, filesize, fileimage, status, copyright, view_hits, download_hits, groups_comment, groups_view, groups_download, comment_hits, rating_detail) VALUES (\n\t\t\t " . $array['catid'] . ",\n\t\t\t :title,\n\t\t\t :alias ,\n\t\t\t :description ,\n\t\t\t :introtext ,\n\t\t\t " . NV_CURRENTTIME . ",\n\t\t\t " . NV_CURRENTTIME . ",\n\t\t\t " . $admin_info['admin_id'] . ",\n\t\t\t :username,\n\t\t\t :author_name ,\n\t\t\t :author_email ,\n\t\t\t :author_url ,\n\t\t\t :fileupload ,\n\t\t\t :linkdirect ,\n\t\t\t :version ,\n\t\t\t " . $array['filesize'] . ",\n\t\t\t :fileimage ,\n\t\t\t 1,\n\t\t\t :copyright ,\n\t\t\t 0, 0,\n\t\t\t :groups_comment ,\n\t\t\t :groups_view ,\n\t\t\t :groups_download ,\n\t\t\t 0, '')";
$data_insert = array();
$data_insert['title'] = $array['title'];
$data_insert['alias'] = $array['alias'];
$data_insert['description'] = $array['description'];
$data_insert['introtext'] = $array['introtext'];
$data_insert['username'] = $admin_info['username'];
$data_insert['author_name'] = $array['author_name'];
$array = array();
$is_error = false;
$error = "";
if ($nv_Request->isset_request('submit', 'post')) {
$array['subject'] = filter_text_input('subject', 'post', '', 1);
$array['comment'] = filter_text_textarea('comment', '', NV_ALLOWED_HTML_TAGS);
$array['admin_reply'] = filter_text_input('admin_reply', 'post', '', 1);
$array['admin_id'] = (int) $row['admin_id'];
if (empty($array['subject'])) {
$is_error = true;
$error = $lang_module['comment_edit_error1'];
} elseif (empty($array['comment'])) {
$is_error = true;
$error = $lang_module['comment_edit_error2'];
} else {
$array['comment'] = nv_nl2br($array['comment'], "<br />");
if (!empty($array['admin_reply']) and $array['admin_reply'] != $row['admin_reply']) {
$array['admin_id'] = $admin_info['admin_id'];
}
$sql = "UPDATE `" . NV_PREFIXLANG . "_" . $module_data . "_comments` SET \n `subject`=" . $db->dbescape($array['subject']) . ", \n `comment`=" . $db->dbescape($array['comment']) . ", \n `admin_reply`=" . $db->dbescape($array['admin_reply']) . ", \n `admin_id`=" . $array['admin_id'] . " \n WHERE `id`=" . $id;
$result = $db->sql_query($sql);
if (!$result) {
$is_error = true;
$error = $lang_module['file_error1'];
} else {
nv_del_moduleCache($module_name);
Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=comment&status=" . $row['status']);
exit;
}
}
} else {
}
$url = $nv_Request->get_string('url', 'post', '');
$is_myurl = $nv_Request->get_int('is_myurl', 'post', 0);
if (empty($url)) {
die($lang_module['file_checkUrl_error']);
}
$url = rawurldecode($url);
if ($is_myurl) {
$url = substr($url, strlen(NV_BASE_SITEURL));
$url = NV_ROOTDIR . '/' . $url;
if (!file_exists($url)) {
die($lang_module['file_checkUrl_error']);
}
} else {
$url = trim($url);
$url = nv_nl2br($url, "<br />");
$url = explode("<br />", $url);
$url = array_map("trim", $url);
foreach ($url as $l) {
if (!empty($l)) {
if (!nv_is_url($l)) {
die($lang_module['file_checkUrl_error']);
}
if (!nv_check_url($l)) {
die($lang_module['file_checkUrl_error']);
}
}
}
}
die($lang_module['file_checkUrl_ok']);
}
if ($submit) {
$array_config = array();
$array_config['site_theme'] = filter_text_input('site_theme', 'post', '', 1, 255);
$array_config['site_name'] = filter_text_input('site_name', 'post', '', 1, 255);
$array_config['site_logo'] = filter_text_input('site_logo', 'post', '', 1, 255);
if (!in_array($array_config['site_logo'], $images)) {
$array_config['site_logo'] = "logo.png";
}
$array_config['site_home_module'] = filter_text_input('site_home_module', 'post', '', 1, 255);
$array_config['site_description'] = filter_text_input('site_description', 'post', '', 1, 255);
$array_config['disable_site'] = $nv_Request->get_int('disable_site', 'post');
$array_config['disable_site_content'] = filter_text_textarea('disable_site_content', '', NV_ALLOWED_HTML_TAGS);
if (empty($array_config['disable_site_content'])) {
$array_config['disable_site_content'] = $lang_global['disable_site_content'];
}
$array_config['disable_site_content'] = nv_nl2br($array_config['disable_site_content'], '<br />');
// dung de save vao csdl
foreach ($array_config as $config_name => $config_value) {
$db->sql_query("UPDATE `" . NV_CONFIG_GLOBALTABLE . "` \r\n SET `config_value`=" . $db->dbescape($config_value) . " \r\n WHERE `config_name` = " . $db->dbescape($config_name) . " \r\n AND `lang` = '" . NV_LANG_DATA . "' AND `module`='global' \r\n LIMIT 1");
}
if ($array_config['site_theme'] != $global_config['site_theme']) {
$global_config['site_theme'] = $array_config['site_theme'];
nv_set_layout_site();
}
nv_save_file_config_global();
if (empty($errormess)) {
Header('Location: ' . NV_BASE_ADMINURL . 'index.php?' . NV_NAME_VARIABLE . '=' . $module_name . '&rand=' . nv_genpass());
exit;
} else {
$sql = $db->constructQuery("SELECT `module`, `config_name`, `config_value` FROM `" . NV_CONFIG_GLOBALTABLE . "` \r\n WHERE `lang`=[s] OR `lang`=[s] ORDER BY `module` ASC", 'sys', NV_LANG_DATA);
$result = $db->sql_query($sql);
/**
* nv_admin_read_lang()
*
* @param mixed $dirlang
* @param mixed $idfile
* @return error read file
*/
function nv_admin_read_lang($dirlang, $module, $admin_file = 1)
{
global $db, $global_config, $include_lang, $lang_module;
$include_lang = "";
$modules_exit = nv_scandir(NV_ROOTDIR . "/modules", $global_config['check_module']);
if ($module == "global" and preg_match("/^block\\.global\\.([a-zA-Z0-9\\-\\_]+)\\.php\$/", $admin_file, $m)) {
$include_lang = NV_ROOTDIR . "/language/" . $dirlang . "/" . $admin_file;
$admin_file = 'block.global.' . $m[1];
} elseif (preg_match("/^block\\.(global|module)\\.([a-zA-Z0-9\\-\\_]+)\\_" . $dirlang . "\\.php\$/", $admin_file, $m)) {
$include_lang = NV_ROOTDIR . "/modules/" . $module . "/language/" . $admin_file;
$admin_file = 'block.' . $m[1] . '.' . $m[2];
} elseif ($module == "global" and $admin_file == 1) {
$include_lang = NV_ROOTDIR . "/language/" . $dirlang . "/admin_" . $module . ".php";
} elseif ($module == "global" and $admin_file == 0) {
$include_lang = NV_ROOTDIR . "/language/" . $dirlang . "/" . $module . ".php";
} elseif ($module == "install" and $admin_file == 0) {
$include_lang = NV_ROOTDIR . "/language/" . $dirlang . "/" . $module . ".php";
} elseif (in_array($module, $modules_exit) and $admin_file == 1) {
$include_lang = NV_ROOTDIR . "/modules/" . $module . "/language/admin_" . $dirlang . ".php";
} elseif (in_array($module, $modules_exit) and $admin_file == 0) {
$include_lang = NV_ROOTDIR . "/modules/" . $module . "/language/" . $dirlang . ".php";
} elseif (file_exists(NV_ROOTDIR . "/language/" . $dirlang . "/admin_" . $module . ".php")) {
$admin_file = 1;
$include_lang = NV_ROOTDIR . "/language/" . $dirlang . "/admin_" . $module . ".php";
}
if ($include_lang != "" and file_exists($include_lang)) {
$lang_module_temp = $lang_module;
$lang_module = array();
$lang_global = array();
$lang_block = array();
$lang_translator = array();
include $include_lang;
list($idfile, $langtype) = $db->sql_fetchrow($db->sql_query("SELECT idfile, langtype FROM `" . NV_LANGUAGE_GLOBALTABLE . "_file` WHERE `module` =" . $db->dbescape($module) . " AND `admin_file`=" . $db->dbescape($admin_file)));
if (intval($idfile) == 0) {
$langtype = isset($lang_translator['langtype']) ? strip_tags($lang_translator['langtype']) : "lang_module";
$lang_translator_save = array();
$lang_translator_save['author'] = isset($lang_translator['author']) ? strip_tags($lang_translator['author']) : "VINADES.,JSC (contact@vinades.vn)";
$lang_translator_save['createdate'] = isset($lang_translator['createdate']) ? strip_tags($lang_translator['createdate']) : date("d/m/Y, H:i");
$lang_translator_save['copyright'] = isset($lang_translator['copyright']) ? strip_tags($lang_translator['copyright']) : "Copyright (C) 2010 VINADES.,JSC. All rights reserved";
$lang_translator_save['info'] = isset($lang_translator['info']) ? strip_tags($lang_translator['info']) : "";
$lang_translator_save['langtype'] = $langtype;
//$author = base64_encode( serialize( $lang_translator_save ) );
$author = var_export($lang_translator_save, true);
$idfile = $db->sql_query_insert_id("INSERT INTO `" . NV_LANGUAGE_GLOBALTABLE . "_file` (`idfile`, `module`, `admin_file`, `langtype`, `author_" . $dirlang . "`) VALUES (NULL, " . $db->dbescape($module) . ", " . $db->dbescape($admin_file) . ", " . $db->dbescape($langtype) . ", '" . mysql_real_escape_string($author) . "')");
if (!$idfile) {
nv_info_die($lang_global['error_404_title'], $lang_global['error_404_title'], "Error insert file: " . $filelang);
}
} else {
$lang_translator_save = array();
$langtype = isset($lang_translator['langtype']) ? strip_tags($lang_translator['langtype']) : "lang_module";
$lang_translator_save['author'] = isset($lang_translator['author']) ? strip_tags($lang_translator['author']) : "VINADES.,JSC (contact@vinades.vn)";
$lang_translator_save['createdate'] = isset($lang_translator['createdate']) ? strip_tags($lang_translator['createdate']) : date("d/m/Y, H:i");
$lang_translator_save['copyright'] = isset($lang_translator['copyright']) ? strip_tags($lang_translator['copyright']) : "Copyright (C) 2010 VINADES.,JSC. All rights reserved";
$lang_translator_save['info'] = isset($lang_translator['info']) ? strip_tags($lang_translator['info']) : "";
$lang_translator_save['langtype'] = $langtype;
//$author = base64_encode( serialize( $lang_translator_save ) );
$author = var_export($lang_translator_save, true);
$sql = "UPDATE `" . NV_LANGUAGE_GLOBALTABLE . "_file` SET `author_" . $dirlang . "` = '" . mysql_real_escape_string($author) . "' WHERE `idfile` = '" . $idfile . "'";
$db->sql_query($sql);
}
$temp_lang = array();
switch ($langtype) {
case 'lang_global':
$temp_lang = $lang_global;
break;
case 'lang_module':
$temp_lang = $lang_module;
break;
case 'lang_block':
$temp_lang = $lang_block;
break;
}
$result = $db->sql_query("SHOW COLUMNS FROM `" . NV_LANGUAGE_GLOBALTABLE . "_file`");
$add_field = true;
$array_lang_key = array();
$array_lang_value = array();
while ($row = $db->sql_fetch_assoc($result)) {
if (substr($row['Field'], 0, 7) == "author_" and $row['Field'] != "author_" . $dirlang) {
$array_lang_key[] = str_replace("author_", "lang_", $row['Field']);
$array_lang_value[] = "";
}
}
$string_lang_key = implode("`, `", $array_lang_key);
$string_lang_value = "";
if ($string_lang_key != "") {
$string_lang_key = ", `" . $string_lang_key . "`";
$string_lang_value = implode("', '", $array_lang_value);
$string_lang_value = ", '" . $string_lang_value . "'";
}
$read_type = intval($global_config['read_type']);
while (list($lang_key, $lang_value) = each($temp_lang)) {
$check_type_update = false;
$lang_key = trim($lang_key);
$lang_value = nv_nl2br($lang_value);
$lang_value = str_replace('<br />', '<br />', $lang_value);
$lang_value = str_replace('<br />', '<br />', $lang_value);
if ($read_type == 0 or $read_type == 1) {
$sql = "INSERT INTO `" . NV_LANGUAGE_GLOBALTABLE . "` (`id`, `idfile`, `lang_key`, `lang_" . $dirlang . "`, `update_" . $dirlang . "` " . $string_lang_key . ") VALUES (NULL, '" . $idfile . "', '" . mysql_real_escape_string($lang_key) . "', '" . mysql_real_escape_string($lang_value) . "', UNIX_TIMESTAMP( ) " . $string_lang_value . ")";
if (!$db->sql_query_insert_id($sql) and $read_type == 0) {
$check_type_update = true;
}
}
if ($read_type == 2 or $check_type_update) {
$sql = "UPDATE `" . NV_LANGUAGE_GLOBALTABLE . "` SET `lang_" . $dirlang . "` = '" . mysql_real_escape_string($lang_value) . "', `update_" . $dirlang . "` = UNIX_TIMESTAMP( ) WHERE `idfile` = '" . $idfile . "' AND `lang_key` = '" . mysql_real_escape_string($lang_key) . "' LIMIT 1";
$db->sql_query($sql);
}
}
$lang_module = $lang_module_temp;
return "";
} else {
$include_lang = "";
return $lang_module['nv_error_exit_module'] . " : " . $module;
}
}
FROM ' . TABLE_PHOTO_NAME . '_category
WHERE category_id=' . $data['category_id'])->fetch();
$caption = $lang_module['category_edit'];
} else {
$caption = $lang_module['category_add'];
}
if ($nv_Request->get_int('save', 'post') == 1) {
$data['category_id'] = $nv_Request->get_int('category_id', 'post', 0);
$data['parentid_old'] = $nv_Request->get_int('parentid_old', 'post', 0);
$data['parent_id'] = $nv_Request->get_int('parent_id', 'post', 0);
$data['inhome'] = $nv_Request->get_int('inhome', 'post', 0);
$data['status'] = $nv_Request->get_int('status', 'post', 0);
$data['name'] = nv_substr($nv_Request->get_title('name', 'post', '', ''), 0, 255);
$data['alias'] = nv_substr($nv_Request->get_title('alias', 'post', '', ''), 0, 255);
$description = $nv_Request->get_string('description', 'post', '');
$data['description'] = defined('NV_EDITOR') ? nv_nl2br($description, '') : nv_nl2br(nv_htmlspecialchars(strip_tags($description)), '<br />');
$data['meta_title'] = nv_substr($nv_Request->get_title('meta_title', 'post', '', ''), 0, 255);
$data['meta_description'] = nv_substr($nv_Request->get_title('meta_description', 'post', '', ''), 0, 255);
$data['meta_keyword'] = nv_substr($nv_Request->get_title('meta_keyword', 'post', '', ''), 0, 255);
$data['layout'] = nv_substr($nv_Request->get_title('layout', 'post', '', ''), 0, 255);
if (empty($data['name'])) {
$error['name'] = $lang_module['category_error_name'];
}
if (!empty($error) && !isset($error['warning'])) {
$error['warning'] = $lang_module['category_error_warning'];
}
$_groups_post = $nv_Request->get_array('groups_view', 'post', array());
$data['groups_view'] = !empty($_groups_post) ? implode(',', nv_groups_post(array_intersect($_groups_post, array_keys($groups_list)))) : '';
$stmt = $db->prepare('SELECT COUNT(*) FROM ' . TABLE_PHOTO_NAME . '_category WHERE category_id !=' . $data['category_id'] . ' AND alias= :alias');
$stmt->bindParam(':alias', $data['alias'], PDO::PARAM_STR);
$stmt->execute();
/**
* nv_admin_write_lang()
*
* @param mixed $dirlang
* @param mixed $idfile
* @return error write file
*/
function nv_admin_write_lang($dirlang, $idfile)
{
global $db, $language_array, $global_config, $include_lang, $lang_module, $array_lang_exit, $array_lang_no_check;
list($module, $admin_file, $langtype, $author_lang) = $db->sql_fetchrow($db->sql_query("SELECT `module`, `admin_file`, `langtype`, `author_" . $dirlang . "` FROM `" . NV_LANGUAGE_GLOBALTABLE . "_file` WHERE `idfile` ='" . intval($idfile) . "'"));
if (!empty($dirlang) and !empty($module)) {
if (empty($author_lang)) {
$array_translator = array();
$array_translator['author'] = "";
$array_translator['createdate'] = "";
$array_translator['copyright'] = "";
$array_translator['info'] = "";
$array_translator['langtype'] = $langtype;
} else {
eval('$array_translator = ' . $author_lang . ';');
}
$include_lang = "";
$modules_exit = nv_scandir(NV_ROOTDIR . "/modules", $global_config['check_module']);
if ($module == "global" and preg_match("/^block\\.global\\.([a-zA-Z0-9\\-\\_]+)\$/", $admin_file)) {
$include_lang = NV_ROOTDIR . "/language/" . $dirlang . "/" . $admin_file . ".php";
} elseif (in_array($module, $modules_exit) and preg_match("/^block\\.(global|module)\\.([a-zA-Z0-9\\-\\_]+)\$/", $admin_file)) {
$include_lang = NV_ROOTDIR . "/modules/" . $module . "/language/" . $admin_file . "_" . $dirlang . ".php";
} elseif (in_array($module, $modules_exit) and $admin_file == 1) {
$include_lang = NV_ROOTDIR . "/modules/" . $module . "/language/admin_" . $dirlang . ".php";
} elseif (in_array($module, $modules_exit) and $admin_file == 0) {
$include_lang = NV_ROOTDIR . "/modules/" . $module . "/language/" . $dirlang . ".php";
} elseif ($module == "global" and $admin_file == 1) {
$include_lang = NV_ROOTDIR . "/language/" . $dirlang . "/admin_" . $module . ".php";
} elseif ($module == "global" and $admin_file == 0) {
$include_lang = NV_ROOTDIR . "/language/" . $dirlang . "/" . $module . ".php";
} elseif ($module == "install" and $admin_file == 0) {
$include_lang = NV_ROOTDIR . "/language/" . $dirlang . "/" . $module . ".php";
} else {
$admin_file = 1;
$include_lang = NV_ROOTDIR . "/language/" . $dirlang . "/admin_" . $module . ".php";
}
if ($include_lang == "") {
return $lang_module['nv_error_write_module'] . " : " . $module;
} else {
if (preg_match("/^(0?\\d|[1-2]{1}\\d|3[0-1]{1})[\\-\\/\\.]{1}(0?\\d|1[0-2]{1})[\\-\\/\\.]{1}(19[\\d]{2}|20[\\d]{2})[\\-\\/\\.\\,\\s]{2}(0?\\d|[1]{1}\\d|2[0-4]{1})[\\-\\/\\.\\:]{1}([0-5]?[0-9])\$/", $array_translator['createdate'], $m)) {
$createdate = mktime($m[4], $m[5], 0, $m[2], $m[1], $m[3]);
} elseif (preg_match("/^(0?\\d|[1-2]{1}\\d|3[0-1]{1})[\\-\\/\\.]{1}(0?\\d|1[0-2]{1})[\\-\\/\\.]{1}(19[\\d]{2}|20[\\d]{2})\$/", $array_translator['createdate'], $m)) {
$createdate = mktime(0, 0, 0, $m[2], $m[1], $m[3]);
} else {
$createdate = time();
}
$content_lang_no_tran = "";
$content_lang = "<?php\n\n";
$content_lang .= "/**\n";
$content_lang .= "* @Project NUKEVIET 3.x\n";
$content_lang .= "* @Author VINADES.,JSC (contact@vinades.vn)\n";
$content_lang .= "* @Copyright (C) " . date("Y") . " VINADES.,JSC. All rights reserved\n";
$content_lang .= "* @Language " . $language_array[$dirlang]['name'] . "\n";
$content_lang .= "* @Createdate " . gmdate("M d, Y, h:i:s A", $createdate) . "\n";
$content_lang .= "*/\n";
if ($admin_file) {
$content_lang .= "\nif( ! defined( 'NV_ADMIN' ) or ! defined( 'NV_MAINFILE' ) ) ";
} else {
$content_lang .= "\nif( ! defined( 'NV_MAINFILE' ) ) ";
}
$content_lang .= " die( 'Stop!!!' );\n\n";
$array_translator['info'] = isset($array_translator['info']) ? $array_translator['info'] : "";
$content_lang .= "\$lang_translator['author'] = '" . $array_translator['author'] . "';\n";
$content_lang .= "\$lang_translator['createdate'] = '" . $array_translator['createdate'] . "';\n";
$content_lang .= "\$lang_translator['copyright'] = '" . $array_translator['copyright'] . "';\n";
$content_lang .= "\$lang_translator['info'] = '" . $array_translator['info'] . "';\n";
$content_lang .= "\$lang_translator['langtype'] = '" . $array_translator['langtype'] . "';\n";
$content_lang .= "\n";
$content_lang_no_check = "";
$numrows = 0;
if (in_array("vi", $array_lang_exit) and in_array("en", $array_lang_exit) and $dirlang != "vi" and $dirlang != "en") {
$sql = "SELECT `lang_key`, `lang_vi`, `lang_en`, `lang_" . $dirlang . "`, `update_" . $dirlang . "` FROM `" . NV_LANGUAGE_GLOBALTABLE . "` WHERE `idfile`='" . $idfile . "' ORDER BY `id` ASC";
$result = $db->sql_query($sql);
while (list($lang_key, $lang_value_vi, $lang_value_en, $lang_value, $update_time) = $db->sql_fetchrow($result)) {
if ($lang_value != "") {
$numrows++;
$lang_value = nv_unhtmlspecialchars($lang_value);
$lang_value = str_replace("\\'", "'", $lang_value);
$lang_value = str_replace("'", "\\'", $lang_value);
$lang_value = nv_nl2br($lang_value);
$lang_value = str_replace('<br />', '<br />', $lang_value);
$content_temp = "\$" . $langtype . "['" . $lang_key . "'] = '{$lang_value}';\n";
$content_temp .= "/*\n";
if ($dirlang != "vi" and !empty($lang_value_vi)) {
$lang_value_vi = nv_unhtmlspecialchars($lang_value_vi);
$lang_value_vi = str_replace("\\'", "'", $lang_value_vi);
$lang_value_vi = str_replace("'", "\\'", $lang_value_vi);
$lang_value_vi = nv_nl2br($lang_value_vi);
$lang_value_vi = str_replace('<br />', '<br />', $lang_value_vi);
$content_temp .= "\t vietnam:\t " . $lang_value_vi . "\n";
}
if ($dirlang != "en" and !empty($lang_value_en)) {
$lang_value_en = nv_unhtmlspecialchars($lang_value_en);
$lang_value_en = str_replace("\\'", "'", $lang_value_en);
$lang_value_en = str_replace("'", "\\'", $lang_value_en);
$lang_value_en = nv_nl2br($lang_value_en);
$lang_value_en = str_replace('<br />', '<br />', $lang_value_en);
$content_temp .= "\t english:\t " . $lang_value_en . "\n";
}
$content_temp .= "*/\n\n";
if ($update_time > 0) {
$content_lang .= $content_temp;
} else {
$content_lang_no_check .= $content_temp;
}
}
}
if (!empty($content_lang_no_check)) {
$content_lang .= "\n\n/*---------------------------------------- Language untested ----------------------------------------------*/\n";
$content_lang .= $content_lang_no_check;
$array_lang_no_check[] = $include_lang;
}
} else {
$sql = "SELECT `lang_key`, `lang_" . $dirlang . "` FROM `" . NV_LANGUAGE_GLOBALTABLE . "` WHERE `idfile`='" . $idfile . "' ORDER BY `id` ASC";
$result = $db->sql_query($sql);
while (list($lang_key, $lang_value) = $db->sql_fetchrow($result)) {
if ($lang_value != "") {
$numrows++;
$lang_value = nv_unhtmlspecialchars($lang_value);
$lang_value = str_replace("\\'", "'", $lang_value);
$lang_value = str_replace("'", "\\'", $lang_value);
$lang_value = nv_nl2br($lang_value);
$lang_value = str_replace('<br />', '<br />', $lang_value);
$content_lang .= "\$" . $langtype . "['" . $lang_key . "'] = '{$lang_value}';\n";
}
}
}
if ($numrows) {
$content_lang .= "\n";
$content_lang .= "?>";
$number_bytes = file_put_contents($include_lang, $content_lang, LOCK_EX);
if (empty($number_bytes)) {
$errfile = str_replace(NV_ROOTDIR, "", str_replace('\\', '/', $include_lang));
return $lang_module['nv_error_write_file'] . " : " . $errfile;
}
}
}
return "";
} else {
return $lang_module['nv_error_exit_module'] . " : " . $module;
}
}
}
$title = nv_htmlspecialchars(strip_tags($nv_Request->get_string('title', 'post', '')));
$description = defined('NV_EDITOR') ? $nv_Request->get_string('description', 'post', '') : strip_tags($nv_Request->get_string('description', 'post', ''));
$form = $nv_Request->get_string('form', 'post', 'sequential');
if (!in_array($form, $forms)) {
$form = 'sequential';
}
$width = $nv_Request->get_int('width', 'post', 0);
$height = $nv_Request->get_int('height', 'post', 0);
if (empty($title)) {
$error = $lang_module['title_empty'];
} elseif ($width < 50 or $height < 50) {
$error = $lang_module['size_incorrect'];
} else {
if (!empty($description)) {
$description = defined('NV_EDITOR') ? nv_nl2br($description, '') : nv_nl2br(nv_htmlspecialchars($description), '<br />');
}
list($blang_old, $form_old) = $db->query('SELECT blang, form FROM ' . NV_BANNERS_GLOBALTABLE . '_plans WHERE id=' . intval($id))->fetch(3);
$stmt = $db->prepare('UPDATE ' . NV_BANNERS_GLOBALTABLE . '_plans SET blang= :blang, title= :title, description= :description, form= :form, width=' . $width . ', height=' . $height . ' WHERE id=' . $id);
$stmt->bindParam(':blang', $blang, PDO::PARAM_STR);
$stmt->bindParam(':title', $title, PDO::PARAM_STR);
$stmt->bindParam(':description', $description, PDO::PARAM_STR);
$stmt->bindParam(':form', $form, PDO::PARAM_STR);
$stmt->execute();
if ($form_old != $form or $blang_old != $blang) {
nv_fix_banner_weight($id);
}
nv_insert_logs(NV_LANG_DATA, $module_name, 'log_edit_plan', 'planid ' . $id, $admin_info['userid']);
nv_CreateXML_bannerPlan();
Header('Location: ' . NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=info_plan&id=' . $id);
die;
/**
* nv_admin_write_lang()
*
* @param mixed $dirlang
* @param mixed $idfile
* @return error write file
*/
function nv_admin_write_lang($dirlang, $idfile)
{
global $db, $language_array, $global_config, $include_lang, $lang_module, $array_lang_exit, $array_lang_no_check;
list($module, $admin_file, $langtype, $author_lang) = $db->query('SELECT module, admin_file, langtype, author_' . $dirlang . ' FROM ' . NV_LANGUAGE_GLOBALTABLE . '_file WHERE idfile =' . intval($idfile))->fetch(3);
if (!empty($dirlang) and !empty($module)) {
if (empty($author_lang)) {
$array_translator = array();
$array_translator['author'] = '';
$array_translator['createdate'] = '';
$array_translator['copyright'] = '';
$array_translator['info'] = '';
$array_translator['langtype'] = $langtype;
} else {
eval('$array_translator = ' . $author_lang . ';');
}
$include_lang = '';
$modules_exit = nv_scandir(NV_ROOTDIR . '/modules', $global_config['check_module']);
if ($module == 'global' and preg_match('/^block\\.global\\.([a-zA-Z0-9\\-\\_]+)$/', $admin_file)) {
$include_lang = NV_ROOTDIR . '/includes/language/' . $dirlang . '/' . $admin_file . '.php';
} elseif (in_array($module, $modules_exit) and preg_match('/^block\\.(global|module)\\.([a-zA-Z0-9\\-\\_]+)$/', $admin_file)) {
$include_lang = NV_ROOTDIR . '/modules/' . $module . '/language/' . $admin_file . '_' . $dirlang . '.php';
} elseif (in_array($module, $modules_exit) and $admin_file == 1) {
$include_lang = NV_ROOTDIR . '/modules/' . $module . '/language/admin_' . $dirlang . '.php';
} elseif (in_array($module, $modules_exit) and $admin_file == 0) {
$include_lang = NV_ROOTDIR . '/modules/' . $module . '/language/' . $dirlang . '.php';
} elseif ($module == 'global' and $admin_file == 1) {
$include_lang = NV_ROOTDIR . '/includes/language/' . $dirlang . '/admin_' . $module . '.php';
} elseif ($module == 'global' and $admin_file == 0) {
$include_lang = NV_ROOTDIR . '/includes/language/' . $dirlang . '/' . $module . '.php';
} elseif ($module == 'install' and $admin_file == 0) {
$include_lang = NV_ROOTDIR . '/includes/language/' . $dirlang . '/' . $module . '.php';
} else {
$admin_file = 1;
$include_lang = NV_ROOTDIR . '/includes/language/' . $dirlang . '/admin_' . $module . '.php';
}
if ($include_lang == '') {
return $lang_module['nv_error_write_module'] . ' : ' . $module;
} else {
if (preg_match('/^(0?\\d|[1-2]{1}\\d|3[0-1]{1})[\\-\\/\\.]{1}(0?\\d|1[0-2]{1})[\\-\\/\\.]{1}(19[\\d]{2}|20[\\d]{2})[\\-\\/\\.\\,\\s]{2}(0?\\d|[1]{1}\\d|2[0-4]{1})[\\-\\/\\.\\:]{1}([0-5]?[0-9])$/', $array_translator['createdate'], $m)) {
$createdate = mktime($m[4], $m[5], 0, $m[2], $m[1], $m[3]);
} elseif (preg_match('/^(0?\\d|[1-2]{1}\\d|3[0-1]{1})[\\-\\/\\.]{1}(0?\\d|1[0-2]{1})[\\-\\/\\.]{1}(19[\\d]{2}|20[\\d]{2})$/', $array_translator['createdate'], $m)) {
$createdate = mktime(0, 0, 0, $m[2], $m[1], $m[3]);
} else {
$createdate = time();
}
$content_lang_no_tran = '';
$content_lang = "<?php\n\n";
$content_lang .= "/**\n";
$content_lang .= "* @Project NUKEVIET 4.x\n";
$content_lang .= "* @Author VINADES.,JSC (contact@vinades.vn)\n";
$content_lang .= "* @Copyright (C) " . date("Y") . " VINADES.,JSC. All rights reserved\n";
$content_lang .= "* @Language " . $language_array[$dirlang]['name'] . "\n";
$content_lang .= "* @License CC BY-SA (http://creativecommons.org/licenses/by-sa/4.0/)\n";
$content_lang .= "* @Createdate " . gmdate("M d, Y, h:i:s A", $createdate) . "\n";
$content_lang .= "*/\n";
if ($admin_file) {
$content_lang .= "\nif (! defined('NV_ADMIN') or ! defined('NV_MAINFILE')) {";
} else {
$content_lang .= "\nif (! defined('NV_MAINFILE')) {";
}
$content_lang .= "\n die( 'Stop!!!' );\n}\n\n";
$array_translator['info'] = isset($array_translator['info']) ? $array_translator['info'] : "";
$content_lang .= "\$lang_translator['author'] = '" . $array_translator['author'] . "';\n";
$content_lang .= "\$lang_translator['createdate'] = '" . $array_translator['createdate'] . "';\n";
$content_lang .= "\$lang_translator['copyright'] = '" . $array_translator['copyright'] . "';\n";
$content_lang .= "\$lang_translator['info'] = '" . $array_translator['info'] . "';\n";
$content_lang .= "\$lang_translator['langtype'] = '" . $array_translator['langtype'] . "';\n";
$content_lang .= "\n";
$content_lang_no_check = '';
$numrows = 0;
if (in_array('vi', $array_lang_exit) and in_array('en', $array_lang_exit) and $dirlang != 'vi' and $dirlang != 'en') {
$result = $db->query('SELECT lang_key, lang_vi, lang_en, lang_' . $dirlang . ', update_' . $dirlang . ' FROM ' . NV_LANGUAGE_GLOBALTABLE . ' WHERE idfile=' . $idfile . ' ORDER BY id ASC');
while (list($lang_key, $lang_value_vi, $lang_value_en, $lang_value, $update_time) = $result->fetch(3)) {
if ($lang_value != '') {
$numrows++;
$lang_value = nv_unhtmlspecialchars($lang_value);
$lang_value = str_replace("\\'", "'", $lang_value);
$lang_value = str_replace("'", "\\'", $lang_value);
$lang_value = nv_nl2br($lang_value);
$lang_value = str_replace('<br />', '<br />', $lang_value);
$content_temp = "\$" . $langtype . "['" . $lang_key . "'] = '{$lang_value}';\n";
if ($update_time > 0) {
$content_lang .= $content_temp;
} else {
$content_lang_no_check .= $content_temp;
}
}
}
if (!empty($content_lang_no_check)) {
$content_lang .= "\n\n/*---------------------------------------- Language untested ----------------------------------------------*/\n";
$content_lang .= $content_lang_no_check;
$array_lang_no_check[] = $include_lang;
}
} else {
$result = $db->query('SELECT lang_key, lang_' . $dirlang . ' FROM ' . NV_LANGUAGE_GLOBALTABLE . ' WHERE idfile=' . $idfile . ' ORDER BY id ASC');
while (list($lang_key, $lang_value) = $result->fetch(3)) {
if ($lang_value != '') {
$numrows++;
$lang_value = nv_unhtmlspecialchars($lang_value);
$lang_value = str_replace("\\'", "'", $lang_value);
$lang_value = str_replace("'", "\\'", $lang_value);
$lang_value = nv_nl2br($lang_value);
$lang_value = str_replace('<br />', '<br />', $lang_value);
$content_lang .= "\$" . $langtype . "['" . $lang_key . "'] = '" . $lang_value . "';\n";
}
}
}
if ($numrows) {
$number_bytes = file_put_contents($include_lang, trim($content_lang), LOCK_EX);
if (empty($number_bytes)) {
$errfile = str_replace(NV_ROOTDIR, '', str_replace('\\', '/', $include_lang));
return $lang_module['nv_error_write_file'] . ' : ' . $errfile;
}
}
}
return '';
} else {
return $lang_module['nv_error_exit_module'] . ' : ' . $module;
}
}
} else {
$rowcontent['homeimgthumb'] = 2;
}
} elseif (nv_is_url($rowcontent['homeimgfile'])) {
$rowcontent['homeimgthumb'] = 3;
} else {
$rowcontent['homeimgfile'] = '';
}
if (!array_key_exists($rowcontent['imgposition'], $array_imgposition)) {
$rowcontent['imgposition'] = 1;
}
if (!array_key_exists($rowcontent['topicid'], $array_topic_module)) {
$rowcontent['topicid'] = 0;
}
$bodyhtml = $nv_Request->get_string('bodyhtml', 'post', '');
$rowcontent['bodyhtml'] = defined('NV_EDITOR') ? nv_nl2br($bodyhtml, '') : nv_nl2br(nv_htmlspecialchars(strip_tags($bodyhtml)), '<br />');
$rowcontent['keywords'] = $nv_Request->get_title('keywords', 'post', '', 1);
if (empty($rowcontent['title'])) {
$error = $lang_module['error_title'];
} elseif (empty($rowcontent['listcatid'])) {
$error = $lang_module['error_cat'];
} elseif (trim(strip_tags($rowcontent['bodyhtml'])) == '') {
$error = $lang_module['error_bodytext'];
} elseif (!nv_capcha_txt($fcode)) {
$error = $lang_module['error_captcha'];
} else {
if ($array_post_user['postcontent'] && $nv_Request->isset_request('status1', 'post')) {
$rowcontent['status'] = 1;
} elseif ($nv_Request->isset_request('status0', 'post')) {
$rowcontent['status'] = 5;
} elseif ($nv_Request->isset_request('status4', 'post')) {
}
$url = $nv_Request->get_string('url', 'post', '');
$is_myurl = $nv_Request->get_int('is_myurl', 'post', 0);
if (empty($url)) {
die($lang_module['file_checkUrl_error']);
}
$url = rawurldecode($url);
if ($is_myurl) {
$url = substr($url, strlen(NV_BASE_SITEURL));
$url = NV_ROOTDIR . '/' . $url;
if (!file_exists($url)) {
die($lang_module['file_checkUrl_error']);
}
} else {
$url = trim($url);
$url = nv_nl2br($url, '<br />');
$url = explode('<br />', $url);
$url = array_map('trim', $url);
foreach ($url as $l) {
if (!empty($l)) {
if (!nv_is_url($l)) {
die($lang_module['file_checkUrl_error']);
}
if (!nv_check_url($l)) {
die($lang_module['file_checkUrl_error']);
}
}
}
}
die($lang_module['file_checkUrl_ok']);
}
$row = $db->sql_fetchrow($result);
unset($sql, $result);
$row['error'] = "";
$row['action'] = nv_url_rewrite(NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=reportlink-" . $row['alias'] . "-" . $id, true);
$row['id'] = $id;
if ($id) {
$check = false;
if ($submit and $report_id) {
$sql = "SELECT `type` FROM `" . NV_PREFIXLANG . "_" . $module_data . "_report` WHERE `id`='" . $report_id . "'";
$result = $db->sql_query($sql);
$rows = $db->sql_fetchrow($result);
$report = $nv_Request->get_int('report', 'post');
$report_note = filter_text_input('report_note', 'post', '', 1, 255);
$row['report_note'] = $report_note;
if ($report == 0 and empty($report_note)) {
$row['error'] = $lang_module['error'];
} elseif (!empty($report_note) and !isset($report_note[9])) {
$row['error'] = $lang_module['error_word_min'];
} elseif ($rows['type'] == $report) {
$check = true;
} else {
$report_note = nv_nl2br($report_note);
$sql = "INSERT INTO `" . NV_PREFIXLANG . "_" . $module_data . "_report` (`id`, `type`, `report_time`, `report_userid`, `report_ip`, `report_browse_key`, `report_browse_name`, `report_os_key`, `report_os_name`, `report_note`) VALUE ('" . $report_id . "', '" . $report . "', UNIX_TIMESTAMP(), '0', " . $db->dbescape_string($client_info['ip']) . ", " . $db->dbescape_string($client_info['browser']['key']) . ", " . $db->dbescape_string($client_info['browser']['name']) . ", " . $db->dbescape_string($client_info['client_os']['key']) . ", " . $db->dbescape_string($client_info['client_os']['name']) . ", " . $db->dbescape_string($report_note) . ")";
$check = $db->sql_query($sql);
}
}
$contents = call_user_func("report", $row, $check);
} else {
die("you don't permission to access!!!");
exit;
}
$array_site_cat_module = explode(',', $_module);
}
}
$title = $note = $modfile = $error = '';
$modules_site = nv_scandir(NV_ROOTDIR . '/modules', $global_config['check_module']);
if ($nv_Request->get_title('checkss', 'post') == NV_CHECK_SESSION) {
$title = $nv_Request->get_title('title', 'post', '', 1);
$modfile = $nv_Request->get_title('module_file', 'post', '', 1);
$note = $nv_Request->get_title('note', 'post', '', 1);
$title = strtolower(change_alias($title));
$modules_admin = nv_scandir(NV_ROOTDIR . '/' . NV_ADMINDIR, $global_config['check_module']);
$error = $lang_module['vmodule_exit'];
if (!empty($title) and !empty($modfile) and !in_array($title, $modules_site) and !in_array($title, $modules_admin) and preg_match($global_config['check_module'], $title) and preg_match($global_config['check_module'], $modfile)) {
$version = '';
$author = '';
$note = nv_nl2br($note, '<br />');
$module_data = preg_replace('/(\\W+)/i', '_', $title);
if (empty($array_site_cat_module) or in_array($modfile, $array_site_cat_module)) {
try {
$sth = $db->prepare('INSERT INTO ' . $db_config['prefix'] . '_setup_extensions (type, title, is_sys, is_virtual, basename, table_prefix, version, addtime, author, note) VALUES ( \'module\', :title, 0, 0, :basename, :table_prefix, :version, ' . NV_CURRENTTIME . ', :author, :note)');
$sth->bindParam(':title', $title, PDO::PARAM_STR);
$sth->bindParam(':basename', $modfile, PDO::PARAM_STR);
$sth->bindParam(':table_prefix', $module_data, PDO::PARAM_STR);
$sth->bindParam(':version', $version, PDO::PARAM_STR);
$sth->bindParam(':author', $author, PDO::PARAM_STR);
$sth->bindParam(':note', $note, PDO::PARAM_STR);
if ($sth->execute()) {
nv_insert_logs(NV_LANG_DATA, $module_name, $lang_module['vmodule_add'] . ' ' . $module_data, '', $admin_info['userid']);
Header('Location: ' . NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=setup&setmodule=' . $title . '&checkss=' . md5($title . NV_CHECK_SESSION));
die;
}
$sql = "UPDATE `" . NV_AUTHORS_GLOBALTABLE . "` SET `edittime`=" . NV_CURRENTTIME . ", `is_suspend`=" . $new_suspend . ", `susp_reason`=" . $db->dbescape(serialize($susp_reason)) . " WHERE `admin_id`=" . $admin_id;
if ($db->sql_query($sql)) {
if (!empty($sendmail)) {
$title = sprintf($lang_module['suspend_sendmail_title'], $global_config['site_name']);
$my_sig = !empty($admin_info['sig']) ? $admin_info['sig'] : "All the best";
$my_mail = $admin_info['view_mail'] ? $admin_info['email'] : $global_config['site_email'];
if ($new_suspend) {
$message = sprintf($lang_module['suspend_sendmail_mess1'], $global_config['site_name'], nv_date("d/m/Y H:i", NV_CURRENTTIME), $new_reason, $my_mail);
} else {
$message = sprintf($lang_module['suspend_sendmail_mess0'], $global_config['site_name'], nv_date("d/m/Y H:i", NV_CURRENTTIME), $last_reason['info']);
}
$message = trim($message);
$mess = $message;
$mess .= "\r\n\r\n............................\r\n\r\n";
$mess .= nv_EncString($message);
$mess = nv_nl2br($mess, "<br />");
$xtpl = new XTemplate("message.tpl", NV_ROOTDIR . "/themes/" . $global_config['admin_theme'] . "/system");
$xtpl->assign('SITE_CHARSET', $global_config['site_charset']);
$xtpl->assign('SITE_NAME', $global_config['site_name']);
$xtpl->assign('SITE_SLOGAN', $global_config['site_description']);
$xtpl->assign('SITE_EMAIL', $global_config['site_email']);
$xtpl->assign('SITE_FONE', $global_config['site_phone']);
$xtpl->assign('SITE_URL', $global_config['site_url']);
$xtpl->assign('TITLE', $title);
$xtpl->assign('CONTENT', $mess);
$xtpl->assign('AUTHOR_SIG', $my_sig);
$xtpl->assign('AUTHOR_NAME', $admin_info['username']);
$xtpl->assign('AUTHOR_POS', $admin_info['position']);
$xtpl->assign('AUTHOR_EMAIL', $my_mail);
$xtpl->parse('main');
$content = $xtpl->text('main');
if (preg_match('/^cat\\_form\\_([a-zA-Z0-9\\-\\_]+)\\.tpl$/', $_form, $m)) {
$cat_form_exit[] = $m[1];
}
}
if (!empty($savecat)) {
$field_lang = nv_file_table($table_name);
$data['catid'] = $nv_Request->get_int('catid', 'post', 0);
$data['typeprice'] = $nv_Request->get_int('typeprice', 'post', 2);
$data['parentid_old'] = $nv_Request->get_int('parentid_old', 'post', 0);
$data['parentid'] = $nv_Request->get_int('parentid', 'post', 0);
$data['title'] = nv_substr($nv_Request->get_title('title', 'post', '', 1), 0, 255);
$data['title_custom'] = nv_substr($nv_Request->get_title('title_custom', 'post', '', 1), 0, 255);
$data['keywords'] = nv_substr($nv_Request->get_title('keywords', 'post', '', 1), 0, 255);
$data['alias'] = nv_substr($nv_Request->get_title('alias', 'post', '', 1), 0, 255);
$data['description'] = $nv_Request->get_string('description', 'post', '');
$data['description'] = nv_nl2br(nv_htmlspecialchars(strip_tags($data['description'])), '<br />');
$data['descriptionhtml'] = $nv_Request->get_editor('descriptionhtml', '', NV_ALLOWED_HTML_TAGS);
$data['viewdescriptionhtml'] = $nv_Request->get_int('viewdescriptionhtml', 'post', 0);
$data['cat_allow_point'] = $nv_Request->get_int('cat_allow_point', 'post', 0);
$data['cat_number_point'] = $nv_Request->get_int('cat_number_point', 'post', 0);
$data['cat_number_product'] = $nv_Request->get_int('cat_number_product', 'post', 0);
$data['alias'] = $data['alias'] == '' ? change_alias($data['title']) : change_alias($data['alias']);
// Cat mo ta cho chinh xac
if (strlen($data['description']) > 255) {
$data['description'] = nv_clean60($data['description'], 250);
}
$_groups_post = $nv_Request->get_array('groups_view', 'post', array());
$data['groups_view'] = !empty($_groups_post) ? implode(',', nv_groups_post(array_intersect($_groups_post, array_keys($groups_list)))) : '';
if ($data['title'] == '') {
$error = $lang_module['error_cat_name'];
}
$alias = filter_text_input('alias', 'post', '', 1);
$parentid = $nv_Request->get_int('parentid', 'post', 0);
$alias = $alias == "" ? change_alias($title) : change_alias($alias);
$url = filter_text_input('url', 'post', '');
$image = filter_text_input('image', 'post', '');
if (!nv_is_url($image) and file_exists(NV_DOCUMENT_ROOT . $image)) {
$lu = strlen(NV_BASE_SITEURL . NV_UPLOADS_DIR . "/");
if (substr($image, 0, $lu) == NV_BASE_SITEURL . NV_UPLOADS_DIR . "/") {
$image = substr($image, $lu);
}
}
$admin_phone = "";
$admin_email = "";
$note = "";
$description = filter_text_textarea('description', '', NV_ALLOWED_HTML_TAGS);
$description = defined('NV_EDITOR') ? nv_editor_nl2br($description) : nv_nl2br($description, '<br />');
$status = $nv_Request->get_int('status', 'post') == 1 ? 1 : 0;
//check url
if (empty($url) || !nv_is_url($url) || !check_url($id, $url)) {
$error = $lang_module['error_url'];
} elseif (empty($title)) {
$error = $lang_module['error_title'];
} elseif (strip_tags($description) == "") {
$error = $lang_module['error_description'];
} else {
if ($id > 0) {
$query = "UPDATE `" . NV_PREFIXLANG . "_" . $module_data . "_rows` SET `catid`=" . $catid . ", `title`=" . $db->dbescape($title) . ", `alias` = " . $db->dbescape($alias) . ", `url` = " . $db->dbescape($url) . ", `urlimg` = " . $db->dbescape($image) . ", `description`=" . $db->dbescape($description) . ", `edit_time` = UNIX_TIMESTAMP(), `status`=" . $status . " WHERE `id` =" . $id . "";
$db->sql_query($query);
if ($db->sql_affectedrows() > 0) {
nv_insert_logs(NV_LANG_DATA, $module_name, 'log_edit_content', "id " . $id, $admin_info['userid']);
Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "");
$value = strip_tags($value, $allowed_html_tags);
$value = nv_nl2br($value, '<br />');
if ($row_f['match_type'] == 'regex') {
if (!preg_match("/" . $row_f['match_regex'] . "/", $value)) {
$error = sprintf($lang_module['field_match_type_error'], $row_f['title']);
}
} elseif ($row_f['match_type'] == 'callback') {
if (function_exists($row_f['func_callback'])) {
if (!call_user_func($row_f['func_callback'], $value)) {
$error = sprintf($lang_module['field_match_type_error'], $row_f['title']);
}
} else {
$error = "error function not exists " . $row_f['func_callback'];
}
}
$value = $row_f['question_type'] == 'textarea' ? nv_nl2br($value, '<br />') : nv_editor_nl2br($value);
$strlen = nv_strlen($value);
if ($strlen < $row_f['min_length'] or $strlen > $row_f['max_length']) {
$error = sprintf($lang_module['field_min_max_error'], $row_f['title'], $row_f['min_length'], $row_f['max_length']);
}
} elseif ($row_f['question_type'] == 'checkbox' or $row_f['question_type'] == 'multiselect') {
$temp_value = array();
$row_f['question_choices'] = unserialize($row_f['question_choices']);
foreach ($value as $value_i) {
if (isset($row_f['question_choices'][$value_i])) {
$temp_value[] = $value_i;
}
}
$value = implode(',', $temp_value);
} elseif ($row_f['question_type'] == 'select' or $row_f['question_type'] == 'radio') {
$row_f['question_choices'] = unserialize($row_f['question_choices']);
list($is_exists) = $db->sql_fetchrow($result);
}
if (empty($array['title'])) {
$is_error = true;
$error = $lang_module['faq_error_title'];
} elseif ($is_exists) {
$is_error = true;
$error = $lang_module['faq_title_exists'];
} elseif (empty($array['question'])) {
$is_error = true;
$error = $lang_module['faq_error_question'];
} elseif (empty($array['answer'])) {
$is_error = true;
$error = $lang_module['faq_error_answer'];
} else {
$array['question'] = nv_nl2br($array['question'], "<br />");
$array['answer'] = nv_editor_nl2br($array['answer']);
if (defined('IS_EDIT')) {
if ($array['catid'] != $row['catid']) {
$sql = "SELECT MAX(weight) AS new_weight FROM `" . NV_PREFIXLANG . "_" . $module_data . "` WHERE `catid`=" . $array['catid'];
$result = $db->sql_query($sql);
list($new_weight) = $db->sql_fetchrow($result);
$new_weight = (int) $new_weight;
$new_weight++;
} else {
$new_weight = $row['weight'];
}
$sql = "UPDATE `" . NV_PREFIXLANG . "_" . $module_data . "` SET \r\n `catid`=" . $array['catid'] . ", \r\n `title`=" . $db->dbescape($array['title']) . ", \r\n `alias`=" . $db->dbescape($alias) . ", \r\n `question`=" . $db->dbescape($array['question']) . ", \r\n `answer`=" . $db->dbescape($array['answer']) . ", \r\n `weight`=" . $new_weight . " \r\n WHERE `id`=" . $id;
$result = $db->sql_query($sql);
if (!$result) {
$is_error = true;
*/
if (!defined('NV_IS_FILE_ADMIN')) {
die('Stop!!!');
}
$page_title = $lang_module['playlists'];
$error = '';
$savecat = 0;
list($playlist_id, $title, $alias, $description, $image, $keywords, $status, $private_mode) = array(0, '', '', '', '', '', 1, 1);
$savecat = $nv_Request->get_int('savecat', 'post', 0);
if (!empty($savecat)) {
$playlist_id = $nv_Request->get_int('playlist_id', 'post', 0);
$title = $nv_Request->get_title('title', 'post', '', 1);
$keywords = $nv_Request->get_title('keywords', 'post', '', 1);
$alias = $nv_Request->get_title('alias', 'post', '');
$description = $nv_Request->get_string('description', 'post', '');
$description = nv_nl2br(nv_htmlspecialchars(strip_tags($description)), '<br/>');
$alias = $alias == '' ? change_alias($title) : change_alias($alias);
$status = $nv_Request->get_int('status', 'post', 0);
$private_mode = $nv_Request->get_int('private_mode', 'post', 0);
$image = $nv_Request->get_string('image', 'post', '');
if (is_file(NV_DOCUMENT_ROOT . $image)) {
$lu = strlen(NV_BASE_SITEURL . NV_UPLOADS_DIR . '/' . $module_upload . '/img/');
$image = substr($image, $lu);
} else {
$image = '';
}
if (empty($title)) {
$error = $lang_module['error_name'];
} elseif ($playlist_id == 0) {
$weight = $db->query("SELECT max(weight) FROM " . NV_PREFIXLANG . "_" . $module_data . "_playlist_cat")->fetchColumn();
$weight = intval($weight) + 1;
$error = $lang_module['file_error_title'];
} elseif ($is_exists) {
$is_error = true;
$error = $lang_module['file_title_exists'];
} elseif (!empty($array['author_email']) and ($check_valid_email = nv_check_valid_email($array['author_email'])) != '') {
$is_error = true;
$error = $check_valid_email;
} elseif (!empty($array['author_url']) and !nv_is_url($array['author_url'])) {
$is_error = true;
$error = $lang_module['file_error_author_url'];
} elseif (empty($array['fileupload']) and empty($array['linkdirect']) and empty($array['fileupload2'])) {
$is_error = true;
$error = $lang_module['file_error_fileupload'];
} else {
$alias = change_alias($array['title']);
$array['introtext'] = nv_nl2br($array['introtext'], '<br />');
if ($row['user_id']) {
$array['user_name'] = $row['user_name'];
}
if (!empty($array['fileupload2'])) {
$array['fileupload'] = $array['fileupload2'];
} elseif (!empty($array['fileupload'])) {
$fileupload = $array['fileupload'];
$array['fileupload'] = array();
foreach ($fileupload as $file) {
$file = NV_UPLOADS_DIR . $file;
$newfile = basename($file);
if (preg_match('/(.*)(\\.[a-zA-Z0-9]{32})(\\.[a-zA-Z]+)$/', $newfile, $m)) {
$newfile = $m[1] . $m[3];
}
$newfile2 = $newfile;
