Example #1
0
<?php

// useronline.php
if (defined('MAIN_INIT')) {
    // บอกว่ายังไม่มีคนเปลี่ยนแปลงไว้ก่อน
    $validtime = $mmktime - COUNTER_GAP;
    // แอเรย์เก็บ id ที่ต้องการลบ
    $session_id = session_id();
    $login = gcms::getVars($_SESSION, 'login', array('id' => 0, 'status' => -1, 'displayname' => '', 'email' => '', 'password' => ''));
    // ลบคนที่หมดเวลาและตัวเอง
    $db->query("DELETE FROM `" . DB_USERONLINE . "` WHERE `time`<{$validtime} OR `session`='{$session_id}'");
    // เพิ่มตัวเอง
    $save = array();
    $save['member_id'] = (int) $login['id'];
    $save['displayname'] = trim(gcms::cutstring(empty($login['displayname']) ? $login['email'] : $login['displayname'], 10));
    $save['time'] = $mmktime;
    $save['session'] = $session_id;
    $db->add(DB_USERONLINE, $save);
}
Example #2
0
 $error = false;
 $tab = false;
 // details
 $details = array();
 $alias_topic = '';
 foreach ($config['languages'] as $value) {
     $topic = $db->sql_trim_str($_POST, "write_topic_{$value}");
     $alias = gcms::aliasName($_POST["write_topic_{$value}"]);
     $relate = $db->sql_trim($_POST, "write_relate_{$value}");
     $keywords = gcms::getTags($_POST["write_keywords_{$value}"]);
     $description = $db->sql_trim($_POST, "write_description_{$value}");
     if ($topic != '') {
         $save = array();
         $save['topic'] = $topic;
         $save['keywords'] = $db->sql_clean(gcms::cutstring(preg_replace('/[\'\\"\\r\\n\\s]{1,}/isu', ' ', $keywords == '' ? gcms::getTags($_POST["write_topic_{$value}"]) : $keywords), 255));
         $save['description'] = gcms::cutstring(gcms::html2txt($description == '' ? $_POST["write_detail_{$value}"] : $description), 255);
         $save['detail'] = gcms::ckDetail($_POST["write_detail_{$value}"]);
         $save['language'] = $value;
         $save['relate'] = $relate == '' ? $save['keywords'] : $relate;
         $details[$value] = $save;
         $alias_topic = $alias_topic == '' ? $alias : $alias_topic;
     }
 }
 $save = array();
 $save['alias'] = gcms::aliasName($_POST['write_alias']);
 // id ที่แก้ไข
 $id = gcms::getVars($_POST, 'write_id', 0);
 $module_id = gcms::getVars($_POST, 'module_id', 0);
 if ($id > 0) {
     // ตรวจสอบโมดูล หรือ เรื่องที่เลือก (แก้ไข)
     $sql = "SELECT I.`id`,I.`module_id`,M.`module`,M.`config`,I.`picture`,I.`member_id`";
Example #3
0
         $id = $item['id'];
         $tr = '<tr id=M_' . $id . '>';
         $tr .= '<th headers=c0 id=r' . $id . ' class=topic scope=row><a href="../index.php?module=' . $index['module'] . '&amp;id=' . $id . '" title="{LNG_PREVIEW}" target=_blank>' . $item['topic'] . '</a></th>';
         $tr .= '<td headers="r' . $id . ' c1" class=check-column><a id=check_' . $id . ' class=icon-uncheck></a></td>';
         if (!empty($index['img_typies']) && is_file(DATA_PATH . "document/{$item['picture']}")) {
             $tr .= '<td headers="r' . $id . ' c2" class="menu mobile"><img src="' . DATA_URL . 'document/' . $item['picture'] . '" title="' . $lng['LNG_THUMBNAILS'][1] . '" width=22 height=22 alt=thumbnail>';
         } else {
             $tr .= '<td headers="r' . $id . ' c2" class="menu mobile"><span class=icon-thumbnail title="' . $lng['LNG_THUMBNAILS'][0] . '"></span>';
         }
         $tr .= '<td headers="r' . $id . ' c2" class="menu mobile"><span class="icon-reply reply' . $item['can_reply'] . '" title="' . $lng['LNG_CAN_REPLIES'][$item['can_reply']] . '"></span></td>';
         $tr .= '<td headers="r' . $id . ' c2" class="menu mobile"><span class="icon-published' . $item['published'] . '" title="' . $lng['LNG_PUBLISHEDS'][$item['published']] . '"></span></td>';
         $tr .= '<td headers="r' . $id . ' c2" class="menu mobile"><span class="icon-widgets reply' . (preg_match('/news=1/', $item['show_news']) ? 1 : 0) . '"></span></td>';
         $tr .= '<td headers="r' . $id . ' c5" class=mobile>';
         if (isset($categories[$item['category_id']])) {
             $category = $categories[$item['category_id']];
             $tr .= '<a href="{URLQUERY?cat=' . $item['category_id'] . '}" title="{LNG_SELECT_ITEM}">' . gcms::cutstring($category, 10) . '</a>';
         }
         $tr .= '</td>';
         $tr .= '<td headers="r' . $id . ' c6" class="username tablet"><a href="index.php?module=editprofile&amp;id=' . $item['member_id'] . '" class=status' . $item['status'] . ' title="{LNG_MEMBER_PROFILE}">' . $item['sender'] . '</a></td>';
         $tr .= '<td headers="r' . $id . ' c7" class="date tablet">' . gcms::mktime2date($item['create_date'], 'd M Y H:i') . '</td>';
         $tr .= '<td headers="r' . $id . ' c8" class="date tablet">' . gcms::mktime2date($item['last_update'], 'd M Y H:i') . '</td>';
         $tr .= '<td headers="r' . $id . ' c9" class="visited tablet">' . $item['visited'] . '</td>';
         $tr .= '<td headers="r' . $id . ' c10" class=menu><a href="{URLQUERY?module=document-write&src=document-setup&spage=' . $page . '&qid=' . $item['id'] . '}" title="{LNG_EDIT}" class=icon-edit></a></td>';
         $tr .= '</tr>';
         $content[] = $tr;
     }
 }
 $content[] = '</tbody>';
 $content[] = '<tfoot>';
 $content[] = '<tr>';
 $content[] = '<td headers=c0>&nbsp;</td>';
Example #4
0
     }
     foreach ($words as $a => $word) {
         if (mb_stripos($item['topic'], $word) !== false) {
             $v = $v + (90 - $a);
         }
         if (mb_stripos($item['detail'], $word) !== false) {
             $v = $v + (85 - $a);
         }
     }
     $search_result[$i]['id'] = $item['id'];
     $search_result[$i]['category_id'] = gcms::getVars($item, 'category_id', 0);
     $search_result[$i]['topic'] = $item['topic'];
     $search_result[$i]['alias'] = $item['alias'];
     $search_result[$i]['index'] = $item['index'];
     if ($item['description'] == '') {
         $search_result[$i]['detail'] = gcms::cutstring(gcms::html2txt($item['detail']), 149);
     } else {
         $search_result[$i]['detail'] = $item['description'];
     }
     $search_result[$i]['module'] = $item['module'];
     $search_result[$i]['owner'] = $item['owner'];
     $search_result[$i]['value'] = $v * ($item['level'] + $item['index']);
 }
 if (sizeof($search_result) > 0) {
     // เรียงลำดับผลลัพท์ตาม score
     gcms::sortby($search_result, 'value', false);
     // จัดรูปแบบข้อความ
     $searchitem = gcms::loadtemplate('search', 'search', 'searchitem');
     $match = array('/{URL}/', '/{TOPIC}/', '/{DETAIL}/', '/{LINK}/');
     foreach ($search_result as $item) {
         unset($data);
Example #5
0
                 $id = $db->add(DB_DOWNLOAD, $save);
                 $ret['action'] = 'new';
             } else {
                 // แก้ไข
                 $db->edit(DB_DOWNLOAD, $id, $save);
                 $ret['action'] = 'edit';
             }
             // id
             $ret['id'] = $id;
             // รายการที่ส่งกลับ
             $tr = '<tr id="M_' . $id . '">';
             $tr .= '<th headers="c0" id="r' . $id . '" scope="row"><a id="edit-' . $id . '" href="' . WEB_URL . '/admin/index.php?module=download-setup" title="' . $lng['LNG_EDIT'] . '">' . $save['name'] . '.' . $save['ext'] . '</a></th>';
             $tr .= '<td headers="r' . $id . ' c0" class="menu"><img src="' . $icon . '" alt="thumbnail" width="16" height="16"></td>';
             $tr .= '<td headers="r' . $id . ' c1" class="check-column"><a id="check_' . $id . '" class="uncheck"></a></td>';
             $tr .= '<td headers="r' . $id . ' c2" class="no">{WIDGET_DOWNLOAD_' . $id . '}</td>';
             $tr .= '<td headers="r' . $id . ' c3">' . gcms::cutstring($save['description'], 50) . '</td>';
             $tr .= '<td headers="r' . $id . ' c4" class="size">' . gcms::formatFileSize($save['size']) . '</td>';
             $tr .= '<td headers="r' . $id . ' c5" class="date">' . gcms::mktime2date($save['last_update']) . '</td>';
             $tr .= '<td headers="r' . $id . ' c6" class="visited">' . $save['count'] . '</td>';
             $icon = "modules/download/icons/{$save['ext']}.png";
             $icon = WEB_URL . (is_file(ROOT_PATH . $icon) ? "/{$icon}" : "/modules/download/icons/file.png");
             $tr .= '<td headers="r' . $id . ' c7" class="menu">';
             $tr .= '<a href="' . WEB_URL . '/modules/download/admin_download.php?file=' . $save['file'] . '&amp;size=' . $save['size'] . '" target="_blank" title="' . $lng['LNG_CLICK_TO'] . ' ' . $lng['LNG_DOWNLOAD'] . '"><img src="' . $icon . '" alt="' . $save['ext'] . '" width="16" height="16"></a>';
             $tr .= '</td>';
             $tr .= '</tr>';
             $ret['content'] = rawurlencode($tr);
         }
     }
 }
 // คืนค่าเป็น JSON
 echo gcms::array2json($ret);
Example #6
0
// modules/event/admin_write_save.php
header("content-type: text/html; charset=UTF-8");
// inint
include '../../bin/inint.php';
$ret = array();
// ตรวจสอบ referer และ สมาชิก
if (gcms::isReferer() && gcms::canConfig($config, 'event_can_write')) {
    if (isset($_SESSION['login']['account']) && $_SESSION['login']['account'] == 'demo') {
        $ret['error'] = 'EX_MODE_ERROR';
    } else {
        // ค่าที่ส่งมา
        $save['topic'] = gcms::getTags($_POST['write_topic']);
        $keywords = gcms::getTags($_POST['write_keywords']);
        $save['keywords'] = $db->sql_clean(gcms::cutstring(preg_replace('/[\'\\"\\r\\n\\s]{1,}/isu', ' ', $keywords == '' ? $save['topic'] : $keywords), 149));
        $description = trim(gcms::getVars($_POST, 'write_description', ''));
        $save['description'] = $db->sql_trim_str(gcms::cutstring(gcms::html2txt($description == '' ? $_POST['write_detail'] : $description), 149));
        $save['detail'] = gcms::ckDetail($_POST['write_detail']);
        $save['published_date'] = $db->sql_trim_str($_POST, 'write_published_date');
        $save['published'] = $_POST['write_published'] == '1' ? '1' : '0';
        $save['begin_date'] = "{$_POST['write_d']} {$_POST['write_h']}:{$_POST['write_m']}:00";
        $save['color'] = $db->sql_trim_str($_POST, 'write_color');
        $id = gcms::getVars($_POST, 'write_id', 0);
        if ($id > 0) {
            // ตรวจสอบโมดูล หรือ เรื่องที่เลือก (แก้ไข)
            $sql = "SELECT I.`module_id`,M.`module`";
            $sql .= " FROM `" . DB_EVENTCALENDAR . "` AS I";
            $sql .= " INNER JOIN `" . DB_MODULES . "` AS M ON M.`owner`='event' AND M.`id`=I.`module_id`";
            $sql .= " WHERE I.`id`='{$id}'";
            $sql .= " LIMIT 1";
        } else {
            // ตรวจสอบโมดูล (ใหม่)
Example #7
0
<?php

// modules/gallery/feed.php
if (isset($modules)) {
    // ค่าที่ีส่งมา
    $aid = gcms::getVars($_GET, 'album', 0);
    // query
    $sql = "SELECT C.`id`,C.`topic`,C.`detail`,C.`last_update`,G.`image` FROM `" . DB_GALLERY . "` AS G";
    $sql .= " INNER JOIN `" . DB_GALLERY_ALBUM . "` AS C ON C.`module_id`='{$modules['id']}' AND C.`id`=G.`album_id`";
    $sql .= " WHERE G.`module_id`='{$modules['id']}'";
    if ($aid == -1) {
        $sql .= " AND G.`count`='0'";
    } elseif ($aid > 0) {
        $sql .= " AND G.`album_id`={$aid}";
    }
    $sql .= ' ORDER BY ' . (isset($_GET['rnd']) ? 'RAND()' : 'G.`id` DESC');
    $sql .= " LIMIT {$count}";
    foreach ($db->customQuery($sql) as $item) {
        $link = gcms::getURL($modules['module'], '', 0, 0, "id={$item['id']}");
        echo '<item>';
        echo '<title>' . $item['topic'] . '</title>';
        echo '<link>' . $link . '</link>';
        echo '<description><![CDATA[' . gcms::cutstring(gcms::html2txt($item['detail']), 50) . ']]></description>';
        echo '<enclosure url="' . urldecode(DATA_URL . "gallery/{$item['id']}/thumb_{$item['image']}") . '" type="image/jpeg"></enclosure>';
        echo '<guid isPermaLink="true">' . $link . '</guid>';
        echo '<pubDate>' . date("D, d M Y H:M", $item['last_update']) . ':00 +0700</pubDate>';
        echo '</item>';
    }
}
Example #8
0
 $sql .= " ORDER BY " . $orders[$order][1];
 $sql .= " LIMIT {$start}, {$list_per_page}";
 foreach ($db->customQuery($sql) as $item) {
     $id = $item['id'];
     $tr = '<tr id=L_' . $id . '>';
     $tr .= '<th headers=c0 id=r' . $id . ' scope=row class=topic>' . $item['key'] . '</th>';
     foreach ($install_languages as $k) {
         if ($item[$k] == '') {
             $t = '';
         } elseif ($item['type'] == 'array') {
             $datas = unserialize($item[$k]);
             $t = implode(', ', $datas);
         } else {
             $t = strip_tags(str_replace(array("\r", "\n"), array('', ' '), $item[$k]));
         }
         $tr .= '<td headers="r' . $id . ' c' . $k . '" class="' . ($k == LANGUAGE ? 'mobile' : 'tablet') . '" title="' . gcms::detail2TXT($t) . '">' . gcms::detail2TXT(gcms::cutstring($t, 50)) . '</td>';
     }
     $tr .= '<td headers="r' . $id . ' c1" class="center tablet">' . $item['owner'] . '</td>';
     $tr .= '<td headers="r' . $id . ' c2" class="center tablet">' . $item['type'] . '</td>';
     $tr .= '<td headers="r' . $id . ' c3" class=menu><a class=icon-edit href="{URLQUERY?src=language&module=languageedit&id=' . $id . '&spage=' . $page . '}" title="{LNG_EDIT}"></a></td>';
     $tr .= '<td headers="r' . $id . ' c3" class=menu><a class=icon-delete id=delete_language_' . $id . ' title="{LNG_DELETE}"></a></td>';
     $tr .= '</tr>';
     $content[] = $tr;
 }
 $content[] = '</tbody>';
 $content[] = '</table>';
 // แบ่งหน้า
 $url = '<a href="{URLQUERY?module=language&page=%d}" title="{LNG_DISPLAY_PAGE} %d">%d</a>';
 $content[] = '<div class=splitpage>' . gcms::pagination($totalpage, $page, $url) . '</div>';
 $content[] = '<div class=table_nav>';
 // เพิ่มข้อความ
     } elseif (preg_match('/^(https?:\\/\\/(www.)?google[\\.a-z]+\\/url\\?).*&url=(.*)($|\\&.*)/iU', $item['referer'], $match) && $match[3] != '') {
         // จาก google cached
         $a = rawurldecode(rawurldecode($match[3]));
         $text = gcms::cutstring($match[1] . 'url=' . htmlspecialchars($a), 170);
         $name = '<a href="' . $a . '" target=_blank>' . $text . '</a>';
         $graphs['Google Cached'] += $item['total'];
     } elseif ($item['referer'] == '') {
         $name = '&nbsp;';
         $graphs['Direct'] += $item['total'];
     } elseif (preg_match('/' . preg_quote(WEB_URL, '/') . '/', $item['referer'], $match)) {
         $graphs['Inbound'] += $item['total'];
         $text = gcms::cutstring(htmlspecialchars(rawurldecode(rawurldecode($item['referer']))), 170);
         $name = '<a href="' . htmlspecialchars($item['referer']) . '" target=_blank>' . $text . '</a>';
     } else {
         $graphs['other'] += $item['total'];
         $text = gcms::cutstring(htmlspecialchars(rawurldecode(rawurldecode($item['referer']))), 170);
         $name = '<a href="' . htmlspecialchars($item['referer']) . '" target=_blank>' . $text . '</a>';
     }
     $bg = $bg == 'bg1' ? 'bg2' : 'bg1';
     $row = '<tr class=' . $bg . '><td class="center mobile">' . $i . '</td>';
     if ($ip == '') {
         $row .= '<td><a href="index.php?module=report&amp;date=' . $date . '&amp;ip=' . $item['ip'] . '">' . $item['ip'] . '</a></td><td class="center tablet">' . $item['total'] . '</td>';
     } else {
         $row .= '<td>' . $item['time'] . '</td>';
     }
     $row .= '<td>' . $name . '</td></tr>';
     $list[] = $row;
 }
 // รวม bot
 foreach ($agents as $a => $b) {
     $total = $total + $b;
Example #10
0
 $content[] = '</thead>';
 $content[] = '<tbody>';
 // เรียกสมาชิกทั้งหมด
 $sql = "SELECT * FROM `" . DB_PERSONNEL . "`";
 $sql .= " {$where} ORDER BY `order` ASC,`id` ASC";
 $sql .= " LIMIT {$start}, {$list_per_page}";
 foreach ($db->customQuery($sql) as $item) {
     $id = $item['id'];
     $tr = '<tr id=L_' . $id . '>';
     $tr .= '<th headers=c0 id=r' . $id . ' scope=row class=topic>' . $item['name'] . '</th>';
     $icon = is_file(DATA_PATH . "personnel/{$item['picture']}") ? DATA_URL . "personnel/{$item['picture']}" : WEB_URL . '/modules/personnel/img/noicon.jpg';
     $tr .= '<td headers="r' . $id . ' c0" class=thumb><img src=' . $icon . ' alt=personnel></td>';
     $tr .= '<td headers="r' . $id . '" class=check-column><a id=check_' . $id . ' class=icon-uncheck></a></td>';
     $tr .= '<td headers="r' . $id . ' c2"><a href="{URLQUERY?cat=' . $item['category_id'] . '}">' . $categories[$item['category_id']] . '</a></td>';
     $tr .= '<td headers="r' . $id . ' c3" class="center tablet"><label><input type=text size=5 id=order_' . $id . ' value="' . $item['order'] . '"></label></td>';
     $tr .= '<td headers="r' . $id . ' c4" class="email mobile"><a href="{URLQUERY?module=sendmail&src=personnel-setup&spage=' . $page . '&mail=' . $item['email'] . '}" title="{LNG_EMAIL_SEND} {LNG_TO} ' . $item['email'] . '">' . gcms::cutstring($item['email'], 20) . '</a></td>';
     $tr .= '<td headers="r' . $id . ' c5" class=mobile>' . $item['position'] . '</td>';
     $tr .= '<td headers="r' . $id . ' c6" class="center mobile">' . $item['phone'] . '</td>';
     $tr .= '<td headers="r' . $id . ' c7" class=menu><a title="{LNG_EDIT}" href="{URLQUERY?module=personnel-write&src=personnel-setup&spage=' . $page . '&id=' . $id . '}" class=icon-edit></a></td>';
     $tr .= '</tr>';
     $content[] = $tr;
 }
 $content[] = '</tbody>';
 $content[] = '<tfoot>';
 $content[] = '<tr>';
 $content[] = '<td headers=c0 colspan=2>&nbsp;</td>';
 $content[] = '<td headers=c1 class=check-column><a class="checkall icon-uncheck"></a></td>';
 $content[] = '<td headers=c2 colspan=6>&nbsp;</td>';
 $content[] = '</tr>';
 $content[] = '</tfoot>';
 $content[] = '</table>';
Example #11
0
            $replace[] = gcms::mktime2date($index['create_date']);
            $replace[] = date(DATE_ISO8601, $index['create_date']);
            $replace[] = number_format($index['visited']);
            $replace[] = number_format($index['comments']);
            $replace[] = !$canReply || $index['locked'] == 1 ? '' : gcms::loadtemplate($index['module'], 'board', 'reply');
            $replace[] = $isMember ? '' : '$1';
            $replace[] = $index['img_upload_type'] == '' ? '' : '$1';
            $replace[] = $login['password'];
            $replace[] = $login['email'];
            $replace[] = $register_antispamchar;
            $replace[] = $isAdmin ? $_SESSION[$register_antispamchar] : '';
            $replace[] = $index['id'];
            $replace[] = $moderator ? '{LNG_DELETE}' : '{LNG_SEND_DELETE}';
            $content = gcms::pregReplace($patt, $replace, gcms::loadtemplate($index['module'], 'board', 'view'));
            // ตัวแปรหลังจากแสดงผลแล้ว
            $custom_patt['/{MODULE}/'] = $index['module'];
            $custom_patt['/{MODULEID}/'] = $index['module_id'];
            $custom_patt['/{SIZE}/'] = $index['img_upload_size'];
            $custom_patt['/{TYPE}/'] = $index['img_upload_type'];
            // title,keywords,description
            $title = $index['topic'];
            $keywords = $index['topic'];
            $description = gcms::cutstring(strip_tags(preg_replace('/[\\r\\n\\{\\}]+/', ' ', $detail)), 149);
        } else {
            $title = $lng['LNG_NOT_LOGIN'];
            $content = '<div class=error>' . $title . '</div>';
        }
        // เลือกเมนู
        $menu = empty($install_modules[$index['module']]['alias']) ? $index['module'] : $install_modules[$index['module']]['alias'];
    }
}