function nv_copyright_info_config() { global $lang_global, $data_block; $html = '<tr>'; $html .= '<td>' . $lang_global['copyright_by'] . '</td>'; $html .= '<td><input type="text" name="copyright_by" value="' . nv_htmlspecialchars($data_block['copyright_by']) . '" size="80"></td>'; $html .= '</tr>'; $html .= '<tr>'; $html .= '<td>' . $lang_global['copyright_url'] . '</td>'; $html .= '<td><input type="text" name="copyright_url" value="' . nv_htmlspecialchars($data_block['copyright_url']) . '" size="80"></td>'; $html .= '</tr>'; $html .= '<tr>'; $html .= '<td>' . $lang_global['design_by'] . '</td>'; $html .= '<td><input type="text" name="design_by" value="' . nv_htmlspecialchars($data_block['design_by']) . '" size="80"></td>'; $html .= '</tr>'; $html .= '<tr>'; $html .= '<td>' . $lang_global['design_url'] . '</td>'; $html .= '<td><input type="text" name="design_url" value="' . nv_htmlspecialchars($data_block['design_url']) . '" size="80"></td>'; $html .= '</tr>'; $html .= '<tr>'; $html .= '<td>' . $lang_global['siteterms_url'] . '</td>'; $html .= '<td><input type="text" name="siteterms_url" value="' . nv_htmlspecialchars($data_block['siteterms_url']) . '" size="80"></td>'; $html .= '</tr>'; return $html; }
function nv_block_data_config_html($module, $data_block, $lang_block) { global $lang_module; if (defined('NV_EDITOR')) { require NV_ROOTDIR . '/' . NV_EDITORSDIR . '/' . NV_EDITOR . '/nv.php'; } $htmlcontent = defined('NV_EDITOR') ? nv_editor_br2nl($data_block['htmlcontent']) : nv_br2nl($data_block['htmlcontent']); $htmlcontent = nv_htmlspecialchars($htmlcontent); if (defined('NV_EDITOR') and nv_function_exists('nv_aleditor')) { $html = nv_aleditor("htmlcontent", '100%', '150px', $htmlcontent); } else { $html = "<textarea style=\"width: 100%\" name=\"htmlcontent\" id=\"htmlcontent\" cols=\"20\" rows=\"8\">" . $htmlcontent . "</textarea>"; } return '<tr><td colspan="2">' . $lang_block['htmlcontent'] . '<br>' . $html . '</td></tr>'; }
function nv_save_file_config_global() { global $db; $content_config = "<?php\n\n"; $content_config .= NV_FILEHEAD . "\n\n"; $content_config .= "if ( ! defined( 'NV_MAINFILE' ) ) die( 'Stop!!!' );\n\n"; $sql = "SELECT `config_name`, `config_value` FROM `" . NV_CONFIG_GLOBALTABLE . "` WHERE `lang`='sys' ORDER BY `config_name` ASC"; $result = $db->sql_query($sql); while (list($c_config_name, $c_config_value) = $db->sql_fetchrow($result)) { if (!is_numeric($c_config_value) || (isset($c_config_value[1]) and ($c_config_value[0] == '0' or $c_config_value[0] == '.'))) { $content_config .= "\$global_config['" . $c_config_name . "'] = \"" . nv_htmlspecialchars($c_config_value) . "\";\n"; } else { $content_config .= "\$global_config['" . $c_config_name . "'] = " . intval($c_config_value) . ";\n"; } } $content_config .= "\n"; $content_config .= "?>"; $return = file_put_contents(NV_ROOTDIR . "/" . NV_DATADIR . "/config_global.php", $content_config, LOCK_EX); nv_delete_all_cache(); return $return; }
// Cau hinh hien thi nguon tin $array_config_source = array($lang_module['config_source_title'], $lang_module['config_source_link'], $lang_module['config_source_logo']); foreach ($array_config_source as $key => $val) { $xtpl->assign('CONFIG_SOURCE', array('key' => $key, 'title' => $val, 'selected' => $key == $module_config[$module_name]['config_source'] ? ' selected="selected"' : '')); $xtpl->parse('main.config_source'); } $array_imgposition = array(0 => $lang_module['imgposition_0'], 1 => $lang_module['imgposition_1'], 2 => $lang_module['imgposition_2']); // position images while (list($id_imgposition, $title_imgposition) = each($array_imgposition)) { $sl = $id_imgposition == $module_config[$module_name]['imgposition'] ? ' selected="selected"' : ''; $xtpl->assign('id_imgposition', $id_imgposition); $xtpl->assign('title_imgposition', $title_imgposition); $xtpl->assign('posl', $sl); $xtpl->parse('main.looppos'); } $copyright = nv_htmlspecialchars(nv_editor_br2nl($module_config[$module_name]['copyright'])); if (defined('NV_EDITOR') and nv_function_exists('nv_aleditor')) { $_uploads_dir = NV_UPLOADS_DIR . '/' . $module_upload; $copyright = nv_aleditor('copyright', '100%', '100px', $copyright, 'Basic', $_uploads_dir, $_uploads_dir); } else { $copyright = "<textarea style=\"width: 100%\" name=\"copyright\" id=\"copyright\" cols=\"20\" rows=\"15\">" . $copyright . "</textarea>"; } $xtpl->assign('COPYRIGHTHTML', $copyright); $xtpl->assign('PATH', defined('NV_IS_SPADMIN') ? "" : NV_UPLOADS_DIR . '/' . $module_upload); $xtpl->assign('CURRENTPATH', defined('NV_IS_SPADMIN') ? "images" : NV_UPLOADS_DIR . '/' . $module_upload); if (defined('NV_IS_ADMIN_FULL_MODULE') or !in_array('admins', $allow_func)) { $groups_list = nv_groups_list(); unset($groups_list[6]); $savepost = $nv_Request->get_int('savepost', 'post', 0); if (!empty($savepost)) { $array_config = array();
} global $array_cat, $numcat; $contents = "<div id=\"module_show_list\">"; $contents .= nv_show_cat_list($array_cat, $numcat); $contents .= "</div><br>\n"; $catid = isset($_GET['catid']) ? intval($_GET['catid']) : 0; if ($catid > 0) { list($catid, $parentid, $title, $catimage, $alias, $description, $keywords) = $db->sql_fetchrow($db->sql_query("SELECT `catid`, `parentid`, `title`, `catimage`, `alias`, `description`, `keywords` FROM `" . NV_PREFIXLANG . "_" . $module_data . "_cat` where `catid`=" . $catid . "")); $caption = $lang_module['edit_cat']; $description = nv_br2nl($description); } else { $catimage = ''; $caption = $lang_module['add_cat']; $parentid = 0; } $description = nv_htmlspecialchars($description); if ($error != "") { $contents .= "<div class=\"quote\" style=\"width:780px;\">\n"; $contents .= "<blockquote class=\"error\"><span>" . $error . "</span></blockquote>\n"; $contents .= "</div>\n"; $contents .= "<div class=\"clear\"></div>\n"; } $contents .= "<form action=\"" . NV_BASE_ADMINURL . "index.php\" method=\"post\">"; $contents .= "<input type=\"hidden\" name =\"" . NV_NAME_VARIABLE . "\"value=\"" . $module_name . "\" />"; $contents .= "<input type=\"hidden\" name =\"" . NV_OP_VARIABLE . "\"value=\"" . $op . "\" />"; $contents .= "<input type=\"hidden\" name =\"catid\" value=\"" . $catid . "\" />"; $contents .= "<input type=\"hidden\" name =\"parentid_old\" value=\"" . $parentid . "\" />"; $contents .= "<input name=\"savecat\" type=\"hidden\" value=\"1\" />\n"; $contents .= "<table summary=\"\" class=\"tab1\">\n"; $contents .= "<caption>" . $caption . "</caption>\n"; $contents .= "<tr>";
die('Stop!!!'); } $page_title = $lang_module['content_list']; $stype = $nv_Request->get_string('stype', 'get', '-'); $sstatus = $nv_Request->get_string('sstatus', 'get', '-'); $catid = $nv_Request->get_int('catid', 'get', 0); $per_page_old = $nv_Request->get_int('per_page', 'cookie', 50); $per_page = $nv_Request->get_int('per_page', 'get', $per_page_old); if ($per_page < 1 and $per_page > 500) { $per_page = 50; } if ($per_page_old != $per_page) { $nv_Request->set_Cookie('per_page', $per_page, NV_LIVE_COOKIE_TIME); } $q = strip_tags($nv_Request->get_string('q', 'get', '')); $qhtml = nv_htmlspecialchars($q); $ordername = $nv_Request->get_string('ordername', 'get', 'publtime'); $order = $nv_Request->get_string('order', 'get') == "asc" ? 'asc' : 'desc'; $val_cat_content = array(); $val_cat_content[] = array("value" => 0, "selected" => $catid == 0 ? " selected=\"selected\"" : "", "title" => $lang_module['search_cat_all']); $array_cat_view = array(); foreach ($global_array_cat as $catid_i => $array_value) { $lev_i = $array_value['lev']; $check_cat = false; if (defined('NV_IS_ADMIN_MODULE')) { $check_cat = true; } elseif (isset($array_cat_admin[$admin_id][$catid_i])) { if ($array_cat_admin[$admin_id][$catid_i]['admin'] == 1) { $check_cat = true; } elseif ($array_cat_admin[$admin_id][$catid_i]['add_content'] == 1) { $check_cat = true;
if (!empty($endtime) && preg_match("/^([0-9]{1,2})\\.([0-9]{1,2})\\.([0-9]{4})\$/", $endtime, $m)) { $endtime = mktime(0, 0, 0, $m[2], $m[1], $m[3]); } else { $endtime = 0; } $notice = filter_text_input('notice', 'post', '', 1); if (empty($error)) { if ($cid > 0) { $db->sql_query("UPDATE `" . $db_config['prefix'] . "_banip` SET `ip`=" . $db->dbescape($ip) . ", `mask`=" . $db->dbescape($mask) . ",`area`=" . $area . ",`begintime`=" . $begintime . ", `endtime`=" . $endtime . ", `notice`=" . $db->dbescape($notice) . " WHERE `id`=" . $cid . ""); } else { $db->sql_query("REPLACE INTO `" . $db_config['prefix'] . "_banip` VALUES (NULL, " . $db->dbescape($ip) . "," . $db->dbescape($mask) . ",{$area},{$begintime}, {$endtime}," . $db->dbescape($notice) . " )"); } $save = nv_save_file_banip(); if ($save !== true) { $xtpl->assign('MESSAGE', sprintf($lang_module['banip_error_write'], NV_DATADIR, NV_DATADIR)); $xtpl->assign('CODE', str_replace(array("\n", "\t"), array("<br />", " "), nv_htmlspecialchars($save))); $xtpl->parse('main.manual_save'); } else { Header('Location: ' . NV_BASE_ADMINURL . 'index.php?' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=' . $op . '&rand=' . nv_genpass()); die; } } else { $xtpl->assign('ERROR', implode('<br/>', $error)); $xtpl->parse('main.error'); } } else { $id = $ip = $mask = $area = $begintime = $endtime = $notice = ''; } $mask_text_array = array(); $mask_text_array[0] = "255.255.255.255"; $mask_text_array[3] = "255.255.255.xxx";
$error = sprintf($lang_module['field_match_type_error'], $row_f['title']); } } elseif ($row_f['match_type'] == 'regex') { if (!preg_match("/" . $row_f['match_regex'] . "/", $value)) { $error = sprintf($lang_module['field_match_type_error'], $row_f['title']); } } elseif ($row_f['match_type'] == 'callback') { if (function_exists($row_f['func_callback'])) { if (!call_user_func($row_f['func_callback'], $value)) { $error = sprintf($lang_module['field_match_type_error'], $row_f['title']); } } else { $error = "error function not exists " . $row_f['func_callback']; } } else { $value = nv_htmlspecialchars($value); } $strlen = nv_strlen($value); if ($strlen < $row_f['min_length'] or $strlen > $row_f['max_length']) { $error = sprintf($lang_module['field_min_max_error'], $row_f['title'], $row_f['min_length'], $row_f['max_length']); } } elseif ($row_f['question_type'] == 'textarea' or $row_f['question_type'] == 'editor') { $allowed_html_tags = array_map("trim", explode(',', NV_ALLOWED_HTML_TAGS)); $allowed_html_tags = "<" . implode("><", $allowed_html_tags) . ">"; $value = strip_tags($value, $allowed_html_tags); $value = nv_nl2br($value, '<br />'); if ($row_f['match_type'] == 'regex') { if (!preg_match("/" . $row_f['match_regex'] . "/", $value)) { $error = sprintf($lang_module['field_match_type_error'], $row_f['title']); } } elseif ($row_f['match_type'] == 'callback') {
if (!empty($error)) { $xtpl->assign('ERROR', $error); $xtpl->parse('main.error'); } if (!empty($array_cat_list)) { if (empty($alias)) { $xtpl->parse('main.content.getalias'); } foreach ($cat_listsub as $data) { $xtpl->assign('cat_listsub', $data); $xtpl->parse('main.content.cat_listsub'); } foreach ($groups_views as $data) { $xtpl->assign('groups_views', $data); $xtpl->parse('main.content.groups_views'); } $descriptionhtml = nv_htmlspecialchars(nv_editor_br2nl($descriptionhtml)); if (defined('NV_EDITOR') and nv_function_exists('nv_aleditor')) { $_uploads_dir = NV_UPLOADS_DIR . '/' . $module_upload; $descriptionhtml = nv_aleditor('descriptionhtml', '100%', '200px', $descriptionhtml, 'Basic', $_uploads_dir, $_uploads_dir); } else { $descriptionhtml = "<textarea style=\"width: 100%\" name=\"descriptionhtml\" id=\"descriptionhtml\" cols=\"20\" rows=\"15\">" . $descriptionhtml . "</textarea>"; } $xtpl->assign('DESCRIPTIONHTML', $descriptionhtml); $xtpl->parse('main.content'); } $xtpl->parse('main'); $contents .= $xtpl->text('main'); include NV_ROOTDIR . '/includes/header.php'; echo nv_admin_theme($contents); include NV_ROOTDIR . '/includes/footer.php';
} } } } else { $full_name = $alias = $phone = $fax = $email = $yahoo = $skype = $note = ''; $view_level = $reply_level = $obt_level = array(); foreach ($adms as $admid => $values) { if ($values['level'] === 1) { $view_level[] = $admid; $reply_level[] = $admid; } } } } if (!empty($note)) { $note = nv_htmlspecialchars($note); } if (empty($row['alias'])) { $xtpl->parse('main.get_alias'); } if (!empty($error)) { $xtpl->assign('ERROR', $error); $xtpl->parse('main.error'); } if (defined('NV_EDITOR') and nv_function_exists('nv_aleditor')) { $note = nv_aleditor('note', '100%', '150px', $note); } else { $note = '<textarea style="width:100%;height:150px" name="note" id="note">' . $note . '</textarea>'; } $xtpl->assign('DATA', array('full_name' => $full_name, 'alias' => $alias, 'phone' => $phone, 'fax' => $fax, 'email' => $email, 'yahoo' => $yahoo, 'skype' => $skype, 'note' => $note)); //list danh sách bộ phận liên hệ
foreach ($array_typeprice as $key => $value) { $ck = $data['typeprice'] == $key ? 'checked="checked"' : ''; $xtpl->assign('TYPEPRICE', array('key' => $key, 'value' => $value, 'checked' => $ck)); $xtpl->parse('main.typeprice_loop'); } if ($pro_config['point_active']) { $xtpl->parse('main.point'); } if (!empty($cat_form_exit)) { foreach ($cat_form_exit as $_form) { $xtpl->assign('CAT_FORM', array('value' => $_form, 'selected' => $data['form'] == $_form ? ' selected="selected"' : '', 'title' => $_form)); $xtpl->parse('main.cat_form.loop'); } $xtpl->parse('main.cat_form'); } $descriptionhtml = nv_htmlspecialchars(nv_editor_br2nl($data[NV_LANG_DATA . '_descriptionhtml'])); if (defined('NV_EDITOR') and nv_function_exists('nv_aleditor')) { $descriptionhtml = nv_aleditor('descriptionhtml', '100%', '200px', $descriptionhtml, 'Basic'); } else { $descriptionhtml = "<textarea style=\"width: 100%\" name=\"descriptionhtml\" id=\"descriptionhtml\" cols=\"20\" rows=\"15\">" . $descriptionhtml . "</textarea>"; } $xtpl->assign('DESCRIPTIONHTML', $descriptionhtml); for ($i = 0; $i <= 2; $i++) { $xtpl->assign('VIEWDESCRIPTION', array('value' => $i, 'checked' => $data['viewdescriptionhtml'] == $i ? ' checked="checked"' : '', 'title' => $lang_module['content_bodytext_display_' . $i])); $xtpl->parse('main.viewdescriptionhtml'); } $xtpl->parse('main'); $contents = $xtpl->text('main'); include NV_ROOTDIR . '/includes/header.php'; echo nv_admin_theme($contents); include NV_ROOTDIR . '/includes/footer.php';
$count = $stmt->rowCount(); } if ($count) { nv_insert_logs(NV_LANG_DATA, $module_name, $lang_module['edit_title'] . ': ' . $row['module'] . ', id: ' . $row['id'] . ', cid: ' . $row['cid'], $row['content'], $admin_info['userid']); if (isset($site_mods[$row['module']])) { $mod_info = $site_mods[$row['module']]; if (file_exists(NV_ROOTDIR . '/modules/' . $mod_info['module_file'] . '/comment.php')) { include NV_ROOTDIR . '/modules/' . $mod_info['module_file'] . '/comment.php'; nv_del_moduleCache($row['module']); } } } header('Location: ' . NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name); die; } $row['content'] = nv_htmlspecialchars(nv_br2nl($row['content'])); $row['status'] = $row['status'] ? 'checked="checked"' : ''; $xtpl = new XTemplate('edit.tpl', NV_ROOTDIR . '/themes/' . $global_config['module_theme'] . '/modules/' . $module_file); $xtpl->assign('LANG', $lang_module); $xtpl->assign('GLANG', $lang_global); $xtpl->assign('NV_BASE_ADMINURL', NV_BASE_ADMINURL); $xtpl->assign('NV_NAME_VARIABLE', NV_NAME_VARIABLE); $xtpl->assign('MODULE_NAME', $module_name); $xtpl->assign('NV_OP_VARIABLE', NV_OP_VARIABLE); $xtpl->assign('OP', $op); $xtpl->assign('CID', $cid); $xtpl->assign('ROW', $row); $xtpl->parse('main'); $contents = $xtpl->text('main'); include NV_ROOTDIR . '/includes/header.php'; echo nv_admin_theme($contents);
} } elseif (empty($id)) { $row['image'] = ''; $row['imagealt'] = ''; $row['imageposition'] = 0; $row['layout_func'] = ''; $row['description'] = ''; $row['bodytext'] = ''; $row['activecomm'] = $module_config[$module_name]['setcomm']; $row['socialbutton'] = 1; $row['gid'] = 0; } if (defined('NV_EDITOR')) { require_once NV_ROOTDIR . '/' . NV_EDITORSDIR . '/' . NV_EDITOR . '/nv.php'; } $row['description'] = nv_htmlspecialchars(nv_br2nl($row['description'])); $row['bodytext'] = htmlspecialchars(nv_editor_br2nl($row['bodytext'])); if (defined('NV_EDITOR') and nv_function_exists('nv_aleditor')) { $row['bodytext'] = nv_aleditor('bodytext', '100%', '300px', $row['bodytext']); } else { $row['bodytext'] = '<textarea style="width:100%;height:300px" name="bodytext">' . $row['bodytext'] . '</textarea>'; } if (!empty($row['image']) and is_file(NV_UPLOADS_REAL_DIR . '/' . $module_upload . '/' . $row['image'])) { $row['image'] = NV_BASE_SITEURL . NV_UPLOADS_DIR . '/' . $module_upload . '/' . $row['image']; } $lang_global['title_suggest_max'] = sprintf($lang_global['length_suggest_max'], 65); $lang_global['description_suggest_max'] = sprintf($lang_global['length_suggest_max'], 160); $xtpl = new XTemplate('content.tpl', NV_ROOTDIR . '/themes/' . $global_config['module_theme'] . '/modules/' . $module_file); $xtpl->assign('LANG', $lang_module); $xtpl->assign('GLANG', $lang_global); $xtpl->assign('FORM_ACTION', $action);
if ($value == 0) { $rbcontents[] = "Disallow: " . $key; } } if ($global_config['is_url_rewrite']) { $rbcontents[] = "Sitemap: " . $global_config['site_url'] . "/index.php/SitemapIndex" . $global_config['rewrite_endurl']; } else { $rbcontents[] = "Sitemap: " . $global_config['site_url'] . "/index.php?" . NV_NAME_VARIABLE . "=SitemapIndex"; } $rbcontents = implode("\n", $rbcontents); if (is_writable(NV_ROOTDIR . "/robots.txt")) { file_put_contents(NV_ROOTDIR . "/robots.txt", $rbcontents, LOCK_EX); $redirect = true; } else { $xtpl->assign('TITLE', $lang_module['robots_error_writable']); $xtpl->assign('CONTENT', str_replace(array("\n", "\t"), array("<br />", " "), nv_htmlspecialchars($rbcontents))); $xtpl->parse('main.nowrite'); } } if ($redirect) { Header('Location: ' . NV_BASE_ADMINURL . 'index.php?' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=' . $op . '&rand=' . nv_genpass()); exit; } } $robots_data = array(); if (file_exists($cache_file)) { include $cache_file; $robots_data = unserialize($cache); } else { $robots_data['/' . NV_CACHEDIR . '/'] = 0; $robots_data['/' . NV_DATADIR . '/'] = 0;
/** * main_theme() * * @param mixed $array_content * @param mixed $array_department * @param mixed $base_url * @param mixed $checkss * @return */ function contact_main_theme($array_content, $array_department, $catsName, $base_url, $checkss) { global $module_file, $lang_global, $lang_module, $module_info; $xtpl = new XTemplate('main.tpl', NV_ROOTDIR . '/themes/' . $module_info['template'] . '/modules/' . $module_file); $xtpl->assign('LANG', $lang_module); $xtpl->assign('GLANG', $lang_global); $xtpl->assign('CHECKSS', $checkss); $xtpl->assign('CONTENT', $array_content); if (!empty($array_content['bodytext'])) { $xtpl->parse('main.bodytext'); } if (!empty($array_department)) { foreach ($array_department as $dep) { $xtpl->assign('DEP', $dep); if (!empty($dep['note'])) { $xtpl->parse('main.dep.note'); } if (!empty($dep['phone'])) { $nums = array_map("trim", explode("|", nv_unhtmlspecialchars($dep['phone']))); foreach ($nums as $k => $num) { unset($m); if (preg_match("/^(.*)\\s*\\[([0-9\\+\\.\\,\\;\\*\\#]+)\\]\$/", $num, $m)) { $phone = array('number' => nv_htmlspecialchars($m[1]), 'href' => $m[2]); $xtpl->assign('PHONE', $phone); $xtpl->parse('main.dep.phone.item.href'); $xtpl->parse('main.dep.phone.item.href2'); } else { $num = preg_replace("/\\[[^\\]]*\\]/", "", $num); $phone = array('number' => nv_htmlspecialchars($num)); $xtpl->assign('PHONE', $phone); } if ($k) { $xtpl->parse('main.dep.phone.item.comma'); } $xtpl->parse('main.dep.phone.item'); } $xtpl->parse('main.dep.phone'); } if (!empty($dep['fax'])) { $xtpl->parse('main.dep.fax'); } if (!empty($dep['email'])) { $emails = array_map("trim", explode(",", $dep['email'])); foreach ($emails as $k => $email) { $xtpl->assign('EMAIL', $email); if ($k) { $xtpl->parse('main.dep.email.item.comma'); } $xtpl->parse('main.dep.email.item'); } $xtpl->parse('main.dep.email'); } if (!empty($dep['others'])) { $others = json_decode($dep['others'], true); if (!empty($others)) { foreach ($others as $key => $value) { if (!empty($value)) { if (strtolower($key) == "yahoo") { $ys = array_map("trim", explode(",", $value)); foreach ($ys as $k => $y) { $xtpl->assign('YAHOO', array('name' => $key, 'value' => $y)); if ($k) { $xtpl->parse('main.dep.yahoo.item.comma'); } $xtpl->parse('main.dep.yahoo.item'); } $xtpl->parse('main.dep.yahoo'); } elseif (strtolower($key) == "skype") { $ss = array_map("trim", explode(",", $value)); foreach ($ss as $k => $s) { $xtpl->assign('SKYPE', array('name' => $key, 'value' => $s)); if ($k) { $xtpl->parse('main.dep.skype.item.comma'); } $xtpl->parse('main.dep.skype.item'); } $xtpl->parse('main.dep.skype'); } elseif (strtolower($key) == "viber") { $ss = array_map("trim", explode(",", $value)); foreach ($ss as $k => $s) { $xtpl->assign('VIBER', array('name' => $key, 'value' => $s)); if ($k) { $xtpl->parse('main.dep.viber.item.comma'); } $xtpl->parse('main.dep.viber.item'); } $xtpl->parse('main.dep.viber'); } elseif (strtolower($key) == "icq") { $ss = array_map("trim", explode(",", $value)); foreach ($ss as $k => $s) { $xtpl->assign('ICQ', array('name' => $key, 'value' => $s)); if ($k) { $xtpl->parse('main.dep.icq.item.comma'); } $xtpl->parse('main.dep.icq.item'); } $xtpl->parse('main.dep.icq'); } elseif (strtolower($key) == "whatsapp") { $ss = array_map("trim", explode(",", $value)); foreach ($ss as $k => $s) { $xtpl->assign('WHATSAPP', array('name' => $key, 'value' => $s)); if ($k) { $xtpl->parse('main.dep.whatsapp.item.comma'); } $xtpl->parse('main.dep.whatsapp.item'); } $xtpl->parse('main.dep.whatsapp'); } else { $xtpl->assign('OTHER', array('name' => $key, 'value' => $value)); $xtpl->parse('main.dep.other'); } } } } } $xtpl->parse('main.dep'); } } $form = contact_form_theme($array_content, $catsName, $base_url, $checkss); $xtpl->assign('FORM', $form); $xtpl->parse('main'); return $xtpl->text('main'); }
/** * nv_rss_generate() * * @param mixed $channel * @param mixed $items * @return void */ function nv_rss_generate($channel, $items) { global $db, $global_config, $client_info; $xtpl = new XTemplate('rss.tpl', NV_ROOTDIR . '/themes/default/layout/'); $xtpl->assign('CSSPATH', NV_BASE_SITEURL . 'themes/default/css/rss.xsl'); //Chi co tac dung voi IE6 va Chrome $channel['title'] = nv_htmlspecialchars($channel['title']); $channel['atomlink'] = str_replace('&', '&', $client_info['selfurl']); $channel['lang'] = $global_config['site_lang']; $channel['copyright'] = $global_config['site_name']; $channel['docs'] = NV_MY_DOMAIN . nv_url_rewrite(NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=rss', true); $channel['generator'] = 'Nukeviet Version 4'; if (preg_match('/^' . nv_preg_quote(NV_MY_DOMAIN . NV_BASE_SITEURL) . '(.+)$/', $channel['link'], $matches)) { $channel['link'] = $matches[1]; } elseif (preg_match('/^' . nv_preg_quote(NV_BASE_SITEURL) . '(.+)$/', $channel['link'], $matches)) { $channel['link'] = $matches[1]; } $channel['link'] = NV_MY_DOMAIN . nv_url_rewrite(NV_BASE_SITEURL . $channel['link'], true); if (preg_match('/^' . nv_preg_quote(NV_MY_DOMAIN . NV_BASE_SITEURL) . '(.+)$/', $channel['atomlink'], $matches)) { $channel['atomlink'] = $matches[1]; } elseif (preg_match('/^' . nv_preg_quote(NV_BASE_SITEURL) . '(.+)$/', $channel['atomlink'], $matches)) { $channel['atomlink'] = $matches[1]; } $channel['atomlink'] = NV_MY_DOMAIN . nv_url_rewrite(NV_BASE_SITEURL . $channel['atomlink'], true); $channel['pubDate'] = 0; if (!empty($items)) { foreach ($items as $item) { if (!empty($item['title']) and !empty($item['link'])) { $item['title'] = nv_htmlspecialchars($item['title']); if (isset($item['pubdate']) and !empty($item['pubdate'])) { $item['pubdate'] = intval($item['pubdate']); $channel['pubDate'] = max($channel['pubDate'], $item['pubdate']); $item['pubdate'] = gmdate('D, j M Y H:m:s', $item['pubdate']) . ' GMT'; } if (preg_match('/^' . nv_preg_quote(NV_MY_DOMAIN . NV_BASE_SITEURL) . '(.+)$/', $item['link'], $matches)) { $item['link'] = $matches[1]; } elseif (preg_match('/^' . nv_preg_quote(NV_BASE_SITEURL) . '(.+)$/', $item['link'], $matches)) { $item['link'] = $matches[1]; } $item['link'] = NV_MY_DOMAIN . nv_url_rewrite(NV_BASE_SITEURL . $item['link'], true); $xtpl->assign('ITEM', $item); if (isset($item['guid']) and !empty($item['guid'])) { $xtpl->parse('main.item.guid'); } if (isset($item['pubdate']) and !empty($item['pubdate'])) { $xtpl->parse('main.item.pubdate'); } $xtpl->parse('main.item'); } } } $lastModified = NV_CURRENTTIME; if (!empty($channel['pubDate'])) { $lastModified = $channel['pubDate']; $channel['pubDate'] = gmdate('D, j M Y H:m:s', $channel['pubDate']) . ' GMT'; } $xtpl->assign('CHANNEL', $channel); if (!empty($channel['description'])) { $xtpl->parse('main.description'); } if (!empty($channel['pubDate'])) { $xtpl->parse('main.pubDate'); } $image = file_exists(NV_ROOTDIR . '/' . $global_config['site_logo']) ? NV_ROOTDIR . '/' . $global_config['site_logo'] : NV_ROOTDIR . '/images/logo.png'; $image = nv_ImageInfo($image, 144, true, NV_UPLOADS_REAL_DIR); if (!empty($image)) { $resSize = nv_imageResize($image['width'], $image['height'], 144, 400); $image['width'] = $resSize['width']; $image['height'] = $resSize['height']; $image['title'] = $channel['title']; $image['link'] = $channel['link']; $image['src'] = NV_MY_DOMAIN . nv_url_rewrite($image['src'], true); $xtpl->assign('IMAGE', $image); $xtpl->parse('main.image'); } $xtpl->parse('main'); $content = $xtpl->text('main'); nv_xmlOutput($content, $lastModified); }
// Captcha $gfx_chk = in_array($global_config['gfx_chk'], array(3, 4, 6, 7)) ? 1 : 0; $array_register = array(); $array_register['checkss'] = md5($client_info['session_id'] . $global_config['sitekey']); $array_register['nv_redirect'] = $nv_redirect; $checkss = $nv_Request->get_title('checkss', 'post', ''); // Dang ky thong thuong $page_title = $lang_module['register']; $key_words = $module_info['keywords']; $mod_title = $lang_module['register']; $array_field_config = array(); $result_field = $db->query('SELECT * FROM ' . NV_USERS_GLOBALTABLE . '_field ORDER BY weight ASC'); while ($row_field = $result_field->fetch()) { $language = unserialize($row_field['language']); $row_field['title'] = isset($language[NV_LANG_DATA]) ? $language[NV_LANG_DATA][0] : $row['field']; $row_field['description'] = isset($language[NV_LANG_DATA]) ? nv_htmlspecialchars($language[NV_LANG_DATA][1]) : ''; if (!empty($row_field['field_choices'])) { $row_field['field_choices'] = unserialize($row_field['field_choices']); } elseif (!empty($row_field['sql_choices'])) { $row_field['sql_choices'] = explode('|', $row_field['sql_choices']); $query = 'SELECT ' . $row_field['sql_choices'][2] . ', ' . $row_field['sql_choices'][3] . ' FROM ' . $row_field['sql_choices'][1]; $result = $db->query($query); $weight = 0; while (list($key, $val) = $result->fetch(3)) { $row_field['field_choices'][$key] = $val; } } $array_field_config[] = $row_field; } if (defined('NV_EDITOR')) { require_once NV_ROOTDIR . '/' . NV_EDITORSDIR . '/' . NV_EDITOR . '/nv.php';
} else { $url = NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name; $msg1 = $lang_module['content_saveok']; $msg2 = $lang_module['content_main'] . ' ' . $module_info['custom_title']; redriect($msg1, $msg2, $url, $module_data . '_bodyhtml'); } } } else { $url = 'javascript: history.go(-1)'; $msg1 = implode('<br />', $error); $msg2 = $lang_module['content_back']; redriect($msg1, $msg2, $url, $module_data . '_bodyhtml', 'back'); } $id_block_content = $id_block_content_post; } $rowcontent['hometext'] = nv_htmlspecialchars(nv_br2nl($rowcontent['hometext'])); $rowcontent['bodyhtml'] = htmlspecialchars(nv_editor_br2nl($rowcontent['bodyhtml'])); if (!empty($rowcontent['homeimgfile']) and file_exists(NV_UPLOADS_REAL_DIR . '/' . $module_upload . '/img/' . $rowcontent['homeimgfile'])) { $rowcontent['homeimgfile'] = NV_BASE_SITEURL . NV_UPLOADS_DIR . '/' . $module_upload . '/img/' . $rowcontent['homeimgfile']; } if (!empty($rowcontent['vid_path']) and file_exists(NV_UPLOADS_REAL_DIR . '/' . $module_upload . '/vid/' . $rowcontent['vid_path'])) { $rowcontent['vid_path'] = NV_BASE_SITEURL . NV_UPLOADS_DIR . '/' . $module_upload . '/vid/' . $rowcontent['vid_path']; } $array_catid_in_row = explode(',', $rowcontent['listcatid']); $sql = 'SELECT sourceid, title FROM ' . NV_PREFIXLANG . '_' . $module_data . '_sources ORDER BY weight ASC'; $result = $db->query($sql); $array_source_module = array(); $array_source_module[0] = $lang_module['sources_sl']; while (list($sourceid_i, $title_i) = $result->fetch(3)) { $array_source_module[$sourceid_i] = $title_i; }
} else { $mess_content .= "<br /><br />----------<br />Best regards,<br /><br />" . $admin_name . "<br />"; if (!empty($admin_info['position'])) { $mess_content .= $admin_info['position'] . "<br />"; } $mess_content .= "<br />"; $mess_content .= "E-mail: " . $admin_info['email'] . "<br />"; $mess_content .= "Website: " . $global_config['site_name'] . "<br />" . $global_config['site_url'] . "<br /><br />"; $mess_content .= "--------------------------------------------------------------------------------<br />"; $mess_content .= "<strong>From:</strong> " . $row['sender_name'] . " [mailto:" . $row['sender_email'] . "]<br />"; $mess_content .= "<strong>Sent:</strong> " . date("r", $row['send_time']) . "<br />"; $mess_content .= "<strong>To:</strong> " . $contact_allowed['view'][$row['cid']] . "<br />"; $mess_content .= "<strong>Subject:</strong> " . $row['title'] . "<br /><br />"; $mess_content .= $row['content']; } $mess_content = nv_htmlspecialchars($mess_content); if (defined('NV_EDITOR') and nv_function_exists('nv_aleditor')) { $mess_content = nv_aleditor("mess_content", '100%', '300px', $mess_content); } else { $mess_content = "<textarea style=\"width:99%\" name=\"mess_content\" id=\"mess_content\" cols=\"20\" rows=\"8\">" . $mess_content . "</textarea>"; } $xtpl->assign('FORM_ACTION', NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=" . $op . "&id=" . $id); $xtpl->assign('MESS_CONTENT', $mess_content); if (!empty($error)) { $xtpl->assign('ERROR', $error); $xtpl->parse('main.error'); } $xtpl->parse('main'); $contents = $xtpl->text('main'); include NV_ROOTDIR . "/includes/header.php"; echo nv_admin_theme($contents);
FROM ' . TABLE_PHOTO_NAME . '_category WHERE category_id=' . $data['category_id'])->fetch(); $caption = $lang_module['category_edit']; } else { $caption = $lang_module['category_add']; } if ($nv_Request->get_int('save', 'post') == 1) { $data['category_id'] = $nv_Request->get_int('category_id', 'post', 0); $data['parentid_old'] = $nv_Request->get_int('parentid_old', 'post', 0); $data['parent_id'] = $nv_Request->get_int('parent_id', 'post', 0); $data['inhome'] = $nv_Request->get_int('inhome', 'post', 0); $data['status'] = $nv_Request->get_int('status', 'post', 0); $data['name'] = nv_substr($nv_Request->get_title('name', 'post', '', ''), 0, 255); $data['alias'] = nv_substr($nv_Request->get_title('alias', 'post', '', ''), 0, 255); $description = $nv_Request->get_string('description', 'post', ''); $data['description'] = defined('NV_EDITOR') ? nv_nl2br($description, '') : nv_nl2br(nv_htmlspecialchars(strip_tags($description)), '<br />'); $data['meta_title'] = nv_substr($nv_Request->get_title('meta_title', 'post', '', ''), 0, 255); $data['meta_description'] = nv_substr($nv_Request->get_title('meta_description', 'post', '', ''), 0, 255); $data['meta_keyword'] = nv_substr($nv_Request->get_title('meta_keyword', 'post', '', ''), 0, 255); $data['layout'] = nv_substr($nv_Request->get_title('layout', 'post', '', ''), 0, 255); if (empty($data['name'])) { $error['name'] = $lang_module['category_error_name']; } if (!empty($error) && !isset($error['warning'])) { $error['warning'] = $lang_module['category_error_warning']; } $_groups_post = $nv_Request->get_array('groups_view', 'post', array()); $data['groups_view'] = !empty($_groups_post) ? implode(',', nv_groups_post(array_intersect($_groups_post, array_keys($groups_list)))) : ''; $stmt = $db->prepare('SELECT COUNT(*) FROM ' . TABLE_PHOTO_NAME . '_category WHERE category_id !=' . $data['category_id'] . ' AND alias= :alias'); $stmt->bindParam(':alias', $data['alias'], PDO::PARAM_STR); $stmt->execute();
$query = "UPDATE `" . NV_USERS_GLOBALTABLE . "_config` SET \n `content`=" . $db->dbescape($content) . ", \n `edit_time`='" . NV_CURRENTTIME . "' \n WHERE `config` ='siteterms_" . NV_LANG_DATA . "'"; } else { $query = "INSERT INTO `" . NV_USERS_GLOBALTABLE . "_config` VALUES( \n 'siteterms_" . NV_LANG_DATA . "', " . $db->dbescape($content) . ", " . NV_CURRENTTIME . ")"; } $db->sql_query($query); if ($db->sql_affectedrows() > 0) { $error = $lang_module['saveok']; } else { $error = $lang_module['errorsave']; } } } else { $content = nv_editor_br2nl($row['content']); } if (!empty($content)) { $content = nv_htmlspecialchars($content); } $xtpl = new XTemplate("siteterms.tpl", NV_ROOTDIR . "/themes/" . $global_config['module_theme'] . "/modules/" . $module_file); $xtpl->assign('LANG', $lang_module); $xtpl->assign('GLANG', $lang_global); $xtpl->assign('FORM_ACTION', NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=" . $op); if (!empty($error)) { $xtpl->assign('ERROR', $error); $xtpl->parse('main.error'); } if (defined('NV_EDITOR') and nv_function_exists('nv_aleditor')) { $data = nv_aleditor("content", '100%', '300px', $content); } else { $data = "<textarea style=\"width: 100%\" name=\"content\" id=\"content\" cols=\"20\" rows=\"8\">" . $content . "</textarea>"; } $xtpl->assign('DATA', $data);
exit; } $error = $lang_module['edit_add_error']; } } else { $_user['username'] = $_user['email'] = $_user['password1'] = $_user['password2'] = $_user['question'] = $_user['answer'] = ""; $_user['full_name'] = $_user['gender'] = $_user['website'] = $_user['location'] = $_user['yim'] = $_user['telephone'] = ""; $_user['fax'] = $_user['mobile'] = $_user['sig'] = $_user['birthday'] = ""; $_user['view_mail'] = 0; $_user['in_groups'] = array(); } $genders = array('N' => array('key' => 'N', 'title' => $lang_module['NA'], 'selected' => ''), 'M' => array('key' => 'M', 'title' => $lang_module['male'], 'selected' => $_user['gender'] == "M" ? " selected=\"selected\"" : ""), 'F' => array('key' => 'F', 'title' => $lang_module['female'], 'selected' => $_user['gender'] == "F" ? " selected=\"selected\"" : "")); // $_user['view_mail'] = $_user['view_mail'] ? " checked=\"checked\"" : ""; if (!empty($_user['sig'])) { $_user['sig'] = nv_htmlspecialchars($_user['sig']); } $groups = array(); if (!empty($groups_list)) { foreach ($groups_list as $group_id => $grtl) { $groups[] = array('id' => $group_id, 'title' => $grtl, 'checked' => (!empty($_user['in_groups']) and in_array($group_id, $_user['in_groups'])) ? " checked=\"checked\"" : ""); } } $xtpl = new XTemplate("user_add.tpl", NV_ROOTDIR . "/themes/" . $global_config['module_theme'] . "/modules/" . $module_file); $xtpl->assign('LANG', $lang_module); $xtpl->assign('DATA', $_user); $xtpl->assign('FORM_ACTION', NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=user_add"); $xtpl->assign('NV_BASE_SITEURL', NV_BASE_SITEURL); if (!empty($error)) { $xtpl->assign('ERROR', $error); $xtpl->parse('main.error');
/** * nv_html_page_title() * * @param bool $html * @return */ function nv_html_page_title($html = true) { global $home, $module_info, $op, $global_config, $page_title; if ($home) { $_title = $global_config['site_name']; } else { if (!isset($global_config['pageTitleMode']) or empty($global_config['pageTitleMode'])) { $global_config['pageTitleMode'] = 'pagetitle ' . NV_TITLEBAR_DEFIS . ' sitename'; } if (empty($page_title) and !preg_match('/(funcname|modulename|sitename)/i', $global_config['pageTitleMode'])) { $_title = $module_info['funcs'][$op]['func_custom_name'] . ' ' . NV_TITLEBAR_DEFIS . ' ' . $module_info['custom_title']; } else { $_title = preg_replace(array('/pagetitle/i', '/funcname/i', '/modulename/i', '/sitename/i'), array($page_title, $module_info['funcs'][$op]['func_custom_name'], $module_info['custom_title'], $global_config['site_name']), $global_config['pageTitleMode']); } } $_title = nv_htmlspecialchars(strip_tags($_title)); if ($html) { return "<title>" . nv_htmlspecialchars(strip_tags($_title)) . "</title>" . PHP_EOL; } return $_title; }
$head_tds['regdate']['title'] = $lang_module['register_date']; $head_tds['regdate']['href'] = NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=user_waiting&sortby=regdate&sorttype=ASC'; foreach ($orders as $order) { if ($orderby == $order and $ordertype == 'ASC') { $head_tds[$order]['href'] = NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=user_waiting&sortby=' . $order . '&sorttype=DESC'; $head_tds[$order]['title'] .= ' ↓'; } elseif ($orderby == $order and $ordertype == 'DESC') { $head_tds[$order]['href'] = NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=user_waiting&sortby=' . $order . '&sorttype=ASC'; $head_tds[$order]['title'] .= ' ↑'; } } $xtpl = new XTemplate('user_waitting.tpl', NV_ROOTDIR . '/themes/' . $global_config['module_theme'] . '/modules/' . $module_file); $xtpl->assign('LANG', $lang_module); $xtpl->assign('FORM_ACTION', NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=user_waiting'); $xtpl->assign('SORTURL', NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name); $xtpl->assign('SEARCH_VALUE', nv_htmlspecialchars($methodvalue)); $xtpl->assign('TABLE_CAPTION', $table_caption); if (defined('NV_IS_USER_FORUM')) { $xtpl->parse('main.is_forum'); } foreach ($methods as $m) { $xtpl->assign('METHODS', $m); $xtpl->parse('main.method'); } foreach ($head_tds as $head_td) { $xtpl->assign('HEAD_TD', $head_td); $xtpl->parse('main.head_td'); } foreach ($users_list as $u) { $xtpl->assign('CONTENT_TD', $u); $xtpl->assign('ACTIVATE_URL', NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=user_waiting&act=1&userid=' . $u['userid']);
die("OK"); } else { die($lang_module['errorsave']); } } if ($nv_Request->isset_request('edit', 'get')) { $post = $groupsList[$post['id']]; $post['content'] = nv_editor_br2nl($post['content']); $post['exp_time'] = !empty($post['exp_time']) ? date("d.m.Y", $post['exp_time']) : ""; $post['public'] = $post['public'] ? " checked=\"checked\"" : ""; } else { $post['title'] = $post['content'] = $post['exp_time'] = ""; $post['public'] = ""; } if (!empty($post['content'])) { $post['content'] = nv_htmlspecialchars($post['content']); } $xtpl->assign('DATA', $post); if (defined('NV_EDITOR') and nv_function_exists('nv_aleditor')) { $xtpl->parse('add.is_editor'); $_cont = nv_aleditor('content', '100%', '300px', $post['content']); } else { $_cont = "<textarea style=\"width:100%;height:300px\" name=\"content\" id=\"content\">" . $post['content'] . "</textarea>"; } $xtpl->assign('CONTENT', $_cont); $xtpl->parse('add'); $contents = $xtpl->text('add'); $my_head .= "<script type=\"text/javascript\" src=\"" . NV_BASE_SITEURL . "js/popcalendar/popcalendar.js\"></script>\n"; include NV_ROOTDIR . "/includes/header.php"; echo nv_admin_theme($contents); include NV_ROOTDIR . "/includes/footer.php";
} else { $row['value'] = isset($custom_fields[$row['field']]) ? $custom_fields[$row['field']] : $row['default_value']; } $row['required'] = $row['required'] ? 'required' : ''; $xtpl->assign('FIELD', $row); if ($row['required']) { $xtpl->parse('main.edit_user.field.loop.required'); } if ($row['field_type'] == 'textbox' or $row['field_type'] == 'number') { $xtpl->parse('main.edit_user.field.loop.textbox'); } elseif ($row['field_type'] == 'date') { $row['value'] = empty($row['value']) ? '' : date('d/m/Y', $row['value']); $xtpl->assign('FIELD', $row); $xtpl->parse('main.edit_user.field.loop.date'); } elseif ($row['field_type'] == 'textarea') { $row['value'] = nv_htmlspecialchars(nv_br2nl($row['value'])); $xtpl->assign('FIELD', $row); $xtpl->parse('main.edit_user.field.loop.textarea'); } elseif ($row['field_type'] == 'editor') { $row['value'] = htmlspecialchars(nv_editor_br2nl($row['value'])); if (defined('NV_EDITOR') and nv_function_exists('nv_aleditor')) { $array_tmp = explode('@', $row['class']); $edits = nv_aleditor('custom_fields[' . $row['field'] . ']', $array_tmp[0], $array_tmp[1], $row['value']); $xtpl->assign('EDITOR', $edits); $xtpl->parse('main.edit_user.field.loop.editor'); } else { $row['class'] = ''; $xtpl->assign('FIELD', $row); $xtpl->parse('main.edit_user.field.loop.textarea'); } } elseif ($row['field_type'] == 'select') {
$lang_global['title_suggest_max'] = sprintf($lang_global['length_suggest_max'], 65); $lang_global['description_suggest_max'] = sprintf($lang_global['length_suggest_max'], 160); $xtpl = new XTemplate('playlists.tpl', NV_ROOTDIR . '/themes/' . $global_config['module_theme'] . '/modules/' . $module_file); $xtpl->assign('LANG', $lang_module); $xtpl->assign('GLANG', $lang_global); $xtpl->assign('NV_BASE_ADMINURL', NV_BASE_ADMINURL); $xtpl->assign('NV_NAME_VARIABLE', NV_NAME_VARIABLE); $xtpl->assign('MODULE_NAME', $module_name); $xtpl->assign('OP', $op); $page = 1; $xtpl->assign('PLAYLIST_CAT_LIST', nv_show_playlist_cat_list($page)); $xtpl->assign('PLAYLIST_ID', $playlist_id); $xtpl->assign('title', $title); $xtpl->assign('alias', $alias); $xtpl->assign('keywords', $keywords); $xtpl->assign('description', nv_htmlspecialchars(nv_br2nl($description))); if (!empty($image) and file_exists(NV_UPLOADS_REAL_DIR . "/" . $module_upload . "/img/" . $image)) { $image = NV_BASE_SITEURL . NV_UPLOADS_DIR . "/" . $module_upload . "/img/" . $image; } $xtpl->assign('image', $image); $xtpl->assign('UPLOAD_CURRENT', NV_UPLOADS_DIR . '/' . $module_upload . "/img/playlists/"); foreach ($array_status as $key => $val) { $xtpl->assign('STATUS', array('key' => $key, 'title' => $val, 'selected' => $key == $status ? ' selected="selected"' : '')); $xtpl->parse('main.status'); } foreach ($array_private_mode as $key => $val) { $xtpl->assign('PRIVATE_MODE', array('key' => $key, 'title' => $val, 'selected' => $key == $private_mode ? ' selected="selected"' : '')); $xtpl->parse('main.private_mode'); } if (!empty($error)) { $xtpl->assign('ERROR', $error);
* begin: post data */ if ($nv_Request->get_int('save', 'post') == 1) { $data['catid'] = $nv_Request->get_int('catid', 'post', 0); $data['roomid'] = $nv_Request->get_int('roomid', 'post', 0); $data['fieldid'] = $nv_Request->get_int('fieldid', 'post', 0); $data['type'] = $nv_Request->get_int('type', 'post', 0); $data['title'] = $nv_Request->get_string('title', 'post', '', 0); $data['keywords'] = $nv_Request->get_string('keywords', 'post', '', 1); $alias = $nv_Request->get_string('alias', 'post', ''); $data['alias'] = $alias == "" ? change_alias($data['title']) : change_alias($alias); $hometext = $nv_Request->get_string('hometext', 'post', ''); $data['hometext'] = nv_nl2br(nv_htmlspecialchars(strip_tags($hometext)), '<br />'); $data['otherpath'] = $nv_Request->get_string('otherpath', 'post', ''); $bodytext = $nv_Request->get_string('bodytext', 'post', ''); $data['bodytext'] = defined('NV_EDITOR') ? nv_nl2br($bodytext, '') : nv_nl2br(nv_htmlspecialchars(strip_tags($bodytext)), '<br />'); $data['sign'] = $nv_Request->get_string('sign', 'post', ''); $signtime = $nv_Request->get_string('signtime', 'post', 0); $data['organid'] = $nv_Request->get_int('organid', 'post', 0); if (!empty($signtime) and !preg_match("/^([0-9]{1,2})\\/([0-9]{1,2})\\/([0-9]{4})\$/", $signtime)) { $signtime = ""; } if (empty($signtime)) { $data['signtime'] = 0; } else { $phour = date('H'); $pmin = date('i'); unset($m); preg_match("/^([0-9]{1,2})\\/([0-9]{1,2})\\/([0-9]{4})\$/", $signtime, $m); $data['signtime'] = mktime($phour, $pmin, 0, $m[2], $m[1], $m[3]); }
$sql = "SELECT `id`,`title`,`blang` FROM `" . NV_BANNERS_PLANS_GLOBALTABLE . "` ORDER BY `blang`, `title` ASC"; $result = $db->sql_query($sql); $plans = array(); while ($pl_row = $db->sql_fetchrow($result)) { $plans[$pl_row['id']] = $pl_row['title'] . " (" . (!empty($pl_row['blang']) ? $language_array[$pl_row['blang']]['name'] : $lang_module['blang_all']) . ")"; } if (empty($plans)) { Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=add_plan"); die; } $error = ""; if ($nv_Request->get_int('save', 'post') == '1') { $title = nv_htmlspecialchars(strip_tags($nv_Request->get_string('title', 'post', ''))); $pid = $nv_Request->get_int('pid', 'post', 0); $clid = $nv_Request->get_int('clid', 'post', 0); $file_alt = nv_htmlspecialchars(strip_tags($nv_Request->get_string('file_alt', 'post', ''))); $click_url = strip_tags($nv_Request->get_string('click_url', 'post', '')); $publ_date = strip_tags($nv_Request->get_string('publ_date', 'post', '')); $exp_date = strip_tags($nv_Request->get_string('exp_date', 'post', '')); if (!empty($publ_date) and !preg_match("/^([0-9]{1,2})\\.([0-9]{1,2})\\.([0-9]{4})\$/", $publ_date)) { $publ_date = ""; } if (!empty($exp_date) and !preg_match("/^([0-9]{1,2})\\.([0-9]{1,2})\\.([0-9]{4})\$/", $exp_date)) { $exp_date = ""; } if (!empty($clid) and !isset($clients[$clid])) { $clid = 0; } if ($click_url == "http://") { $click_url = ""; }
/** * nv_save_file_config_global() * * @return */ function nv_save_file_config_global() { global $db, $sys_info, $global_config, $db_config; if ($global_config['idsite']) { return false; } $content_config = "<?php" . "\n\n"; $content_config .= NV_FILEHEAD . "\n\n"; $content_config .= "if ( ! defined( 'NV_MAINFILE' ) ) die( 'Stop!!!' );\n\n"; //disable_classes $sys_info['disable_classes'] = (($disable_classes = ini_get('disable_classes')) != '' and $disable_classes != false) ? array_map('trim', preg_split("/[\\s,]+/", $disable_classes)) : array(); if (!empty($sys_info['disable_classes'])) { $disable_classes = "'" . implode("','", $sys_info['disable_classes']) . "'"; } else { $disable_classes = ''; } $content_config .= "\$sys_info['disable_classes']=array(" . $disable_classes . ");\n"; //disable_functions $sys_info['disable_functions'] = (($disable_functions = ini_get('disable_functions')) != '' and $disable_functions != false) ? array_map('trim', preg_split("/[\\s,]+/", $disable_functions)) : array(); if (extension_loaded('suhosin')) { $sys_info['disable_functions'] = array_merge($sys_info['disable_functions'], array_map('trim', preg_split("/[\\s,]+/", ini_get('suhosin.executor.func.blacklist')))); } if (!empty($sys_info['disable_functions'])) { $disable_functions = "'" . implode("','", $sys_info['disable_functions']) . "'"; } else { $disable_functions = ''; } $content_config .= "\$sys_info['disable_functions']=array(" . $disable_functions . ");\n"; //ini_set_support $sys_info['ini_set_support'] = (function_exists('ini_set') and !in_array('ini_set', $sys_info['disable_functions'])) ? true : false; $ini_set_support = $sys_info['ini_set_support'] ? 'true' : 'false'; $content_config .= "\$sys_info['ini_set_support']= " . $ini_set_support . ";\n"; //Kiem tra ho tro rewrite if (function_exists('apache_get_modules')) { $apache_modules = apache_get_modules(); if (in_array('mod_rewrite', $apache_modules)) { $sys_info['supports_rewrite'] = 'rewrite_mode_apache'; } else { $sys_info['supports_rewrite'] = false; } } elseif (strpos($_SERVER['SERVER_SOFTWARE'], 'Microsoft-IIS/7.') !== false) { if (isset($_SERVER['IIS_UrlRewriteModule']) and class_exists('DOMDocument')) { $sys_info['supports_rewrite'] = 'rewrite_mode_iis'; } else { $sys_info['supports_rewrite'] = false; } } if ($sys_info['supports_rewrite'] == 'rewrite_mode_iis' or $sys_info['supports_rewrite'] == 'rewrite_mode_apache') { $content_config .= "\$sys_info['supports_rewrite']='" . $sys_info['supports_rewrite'] . "';\n"; } else { $content_config .= "\$sys_info['supports_rewrite']=false;\n"; } $content_config .= "\n"; $config_variable = array(); $allowed_html_tags = ''; $sql = "SELECT module, config_name, config_value FROM " . NV_CONFIG_GLOBALTABLE . " WHERE lang='sys' AND (module='global' OR module='define') ORDER BY config_name ASC"; $result = $db->query($sql); while (list($c_module, $c_config_name, $c_config_value) = $result->fetch(3)) { if ($c_module == 'define') { if (preg_match('/^\\d+$/', $c_config_value)) { $content_config .= "define('" . strtoupper($c_config_name) . "', " . $c_config_value . ");\n"; } else { $content_config .= "define('" . strtoupper($c_config_name) . "', '" . $c_config_value . "');\n"; } if ($c_config_name == 'nv_allowed_html_tags') { $allowed_html_tags = $c_config_value; } } else { $config_variable[$c_config_name] = $c_config_value; } } $nv_eol = strtoupper(substr(PHP_OS, 0, 3) == 'WIN') ? '"\\r\\n"' : (strtoupper(substr(PHP_OS, 0, 3) == 'MAC') ? '"\\r"' : '"\\n"'); $upload_max_filesize = min(nv_converttoBytes(ini_get('upload_max_filesize')), nv_converttoBytes(ini_get('post_max_size')), $config_variable['nv_max_size']); $content_config .= "define('NV_EOL', " . $nv_eol . ");\n"; $content_config .= "define('NV_UPLOAD_MAX_FILESIZE', " . floatval($upload_max_filesize) . ");\n"; if ($config_variable['openid_mode']) { $content_config .= "define('NV_OPENID_ALLOWED', true);\n\n"; } $my_domains = array_map('trim', explode(',', $config_variable['my_domains'])); $my_domains[] = NV_SERVER_NAME; $config_variable['my_domains'] = implode(',', array_unique($my_domains)); $config_variable['check_rewrite_file'] = nv_check_rewrite_file(); $config_variable['allow_request_mods'] = NV_ALLOW_REQUEST_MODS != '' ? NV_ALLOW_REQUEST_MODS : "request"; $config_variable['request_default_mode'] = NV_REQUEST_DEFAULT_MODE != '' ? trim(NV_REQUEST_DEFAULT_MODE) : 'request'; $config_variable['session_save_path'] = NV_SESSION_SAVE_PATH; $config_variable['log_errors_list'] = NV_LOG_ERRORS_LIST; $config_variable['display_errors_list'] = NV_DISPLAY_ERRORS_LIST; $config_variable['send_errors_list'] = NV_SEND_ERRORS_LIST; $config_variable['error_log_path'] = NV_LOGS_DIR . '/error_logs'; $config_variable['error_log_filename'] = NV_ERRORLOGS_FILENAME; $config_variable['error_log_fileext'] = NV_LOGS_EXT; $config_variable['error_send_email'] = $config_variable['error_send_email']; $config_name_array = array('file_allowed_ext', 'forbid_extensions', 'forbid_mimes', 'allow_sitelangs', 'openid_servers', 'allow_request_mods', 'config_sso'); if (empty($config_variable['openid_servers'])) { $config_variable['openid_mode'] = 0; } if ($config_variable['is_user_forum']) { $forum_files = @scandir(NV_ROOTDIR . '/' . DIR_FORUM . '/nukeviet'); if (!empty($forum_files) and in_array('is_user.php', $forum_files) and in_array('changepass.php', $forum_files) and in_array('editinfo.php', $forum_files) and in_array('login.php', $forum_files) and in_array('logout.php', $forum_files) and in_array('lostpass.php', $forum_files) and in_array('register.php', $forum_files)) { $content_config .= "define( 'NV_IS_USER_FORUM', true );\n\n"; } else { $config_variable['is_user_forum'] = 0; } } foreach ($config_variable as $c_config_name => $c_config_value) { if ($c_config_name == 'config_sso') { $config_sso = empty($c_config_value) ? '' : nv_var_export(unserialize($c_config_value)); $content_config .= "\$global_config['" . $c_config_name . "']=" . $config_sso . ";\n"; } elseif (in_array($c_config_name, $config_name_array)) { if (!empty($c_config_value)) { $c_config_value = "'" . implode("','", array_map("trim", explode(',', $c_config_value))) . "'"; } else { $c_config_value = ''; } $content_config .= "\$global_config['" . $c_config_name . "']=array(" . $c_config_value . ");\n"; } else { if (preg_match('/^\\d+$/', $c_config_value) and $c_config_name != 'facebook_client_id') { $content_config .= "\$global_config['" . $c_config_name . "']=" . $c_config_value . ";\n"; } else { $c_config_value = nv_unhtmlspecialchars($c_config_value); if (!preg_match("/^[a-z0-9\\-\\_\\.\\,\\;\\:\\@\\/\\s]+\$/i", $c_config_value) and $c_config_name != 'my_domains') { $c_config_value = nv_htmlspecialchars($c_config_value); } $content_config .= "\$global_config['" . $c_config_name . "']='" . $c_config_value . "';\n"; } } } $content_config .= "\$global_config['array_theme_type']=" . nv_var_export(array_filter(array_map('trim', explode(',', NV_THEME_TYPE)))) . ";\n"; //allowed_html_tags if (!empty($allowed_html_tags)) { $allowed_html_tags = "'" . implode("','", array_map('trim', explode(',', $allowed_html_tags))) . "'"; } else { $allowed_html_tags = ''; } $content_config .= "\$global_config['allowed_html_tags']=array(" . $allowed_html_tags . ");\n"; //Xac dinh cac search_engine $engine_allowed = file_exists(NV_ROOTDIR . '/' . NV_DATADIR . '/search_engine.xml') ? nv_object2array(simplexml_load_file(NV_ROOTDIR . '/' . NV_DATADIR . '/search_engine.xml')) : array(); $content_config .= "\$global_config['engine_allowed']=" . nv_var_export($engine_allowed) . ";\n"; $content_config .= "\n"; $language_array = nv_parse_ini_file(NV_ROOTDIR . '/includes/ini/langs.ini', true); $tmp_array = array(); $lang_array_exit = nv_scandir(NV_ROOTDIR . "/language", "/^[a-z]{2}+\$/"); foreach ($lang_array_exit as $lang) { $tmp_array[$lang] = $language_array[$lang]; } unset($language_array); $content_config .= "\$language_array=" . nv_var_export($tmp_array) . ";\n"; $tmp_array = nv_parse_ini_file(NV_ROOTDIR . '/includes/ini/br.ini', true); $content_config .= "\$nv_parse_ini_browsers=" . nv_var_export($tmp_array) . ";\n"; $tmp_array = nv_parse_ini_file(NV_ROOTDIR . '/includes/ini/mobile.ini', true); $content_config .= "\$nv_parse_ini_mobile=" . nv_var_export($tmp_array) . ";\n"; $tmp_array = nv_parse_ini_file(NV_ROOTDIR . '/includes/ini/os.ini', true); $content_config .= "\$nv_parse_ini_os=" . nv_var_export($tmp_array) . ";\n"; $tmp_array = nv_parse_ini_file(NV_ROOTDIR . '/includes/ini/timezone.ini', true); $content_config .= "\$nv_parse_ini_timezone=" . nv_var_export($tmp_array) . ";\n"; $rewrite = array(); $global_config['rewrite_optional'] = $config_variable['rewrite_optional']; $global_config['rewrite_op_mod'] = $config_variable['rewrite_op_mod']; $global_config['rewrite_endurl'] = $config_variable['rewrite_endurl']; $global_config['rewrite_exturl'] = $config_variable['rewrite_exturl']; if ($config_variable['check_rewrite_file']) { require NV_ROOTDIR . '/includes/rewrite.php'; } else { require NV_ROOTDIR . '/includes/rewrite_index.php'; } $content_config .= "\n"; $nv_plugin_area = array(); $_sql = 'SELECT * FROM ' . $db_config['prefix'] . '_plugin ORDER BY plugin_area ASC, weight ASC'; $_query = $db->query($_sql); while ($row = $_query->fetch()) { $nv_plugin_area[$row['plugin_area']][] = $row['plugin_file']; } $content_config .= "\$nv_plugin_area=" . nv_var_export($nv_plugin_area) . ";\n\n"; $content_config .= "\$rewrite_keys=" . nv_var_export(array_keys($rewrite)) . ";\n"; $content_config .= "\$rewrite_values=" . nv_var_export(array_values($rewrite)) . ";\n"; $return = file_put_contents(NV_ROOTDIR . "/" . NV_DATADIR . "/config_global.php", trim($content_config), LOCK_EX); nv_delete_all_cache(); return $return; }