/**
* nv_getExtVersion()
*
* @param integer $updatetime
* @return
*/
function nv_getExtVersion($updatetime = 3600)
{
global $global_config, $lang_global, $db, $db_config;
$my_file = NV_ROOTDIR . '/' . NV_CACHEDIR . '/extensions.version.' . NV_LANG_INTERFACE . '.xml';
$xmlcontent = false;
$p = NV_CURRENTTIME - $updatetime;
if (file_exists($my_file) and @filemtime($my_file) > $p) {
$xmlcontent = simplexml_load_file($my_file);
} else {
// Lấy các ứng dụng của hệ thống
$sql = 'SELECT * FROM ' . $db_config['prefix'] . '_setup_extensions WHERE title=basename ORDER BY title ASC';
$result = $db->query($sql);
$array = $array_ext_ids = array();
while ($row = $result->fetch()) {
$row['version'] = explode(' ', $row['version']);
$array[$row['title']] = array('id' => $row['id'], 'type' => $row['type'], 'name' => $row['title'], 'current_version' => trim($row['version'][0]), 'current_release' => trim($row['version'][1]), 'remote_version' => '', 'remote_release' => 0, 'updateable' => array(), 'author' => $row['author'], 'license' => '', 'mode' => $row['is_sys'] ? 'sys' : 'other', 'message' => $row['note'], 'link' => '', 'support' => '', 'origin' => false);
if (!empty($row['id'])) {
$array_ext_ids[] = $row['id'];
}
}
if (!empty($array_ext_ids)) {
include NV_ROOTDIR . '/includes/class/http.class.php';
$NV_Http = new NV_Http($global_config, NV_TEMP_DIR);
$args = array('headers' => array('Referer' => NUKEVIET_STORE_APIURL), 'body' => array('lang' > NV_LANG_INTERFACE, 'basever' => $global_config['version'], 'mode' => 'checkextver', 'ids' => implode(',', $array_ext_ids)));
$apidata = $NV_Http->post(NUKEVIET_STORE_APIURL, $args);
$apidata = !empty($apidata['body']) ? @unserialize($apidata['body']) : array();
$error = '';
if (!empty(NV_Http::$error)) {
$error = nv_http_get_lang(NV_Http::$error);
} elseif (!isset($apidata['error']) or !isset($apidata['data']) or !isset($apidata['pagination']) or !is_array($apidata['error']) or !is_array($apidata['data']) or !is_array($apidata['pagination']) or !empty($apidata['error']) and (!isset($apidata['error']['level']) or empty($apidata['error']['message']))) {
$error = $lang_global['error_valid_response'];
} elseif (!empty($apidata['error']['message'])) {
$error = $apidata['error']['message'];
}
if (!empty($error)) {
return $error;
}
$apidata = $apidata['data'];
$content = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<cms>\n";
// Xử lý dữ liệu
foreach ($array as $row) {
if (isset($apidata[$row['id']])) {
$row['remote_version'] = $apidata[$row['id']]['lastest_version'];
$row['remote_release'] = $apidata[$row['id']]['lastest_release'];
$row['updateable'] = $apidata[$row['id']]['updateable'];
if (empty($row['author'])) {
$row['author'] = $apidata[$row['id']]['author'];
}
$row['license'] = $apidata[$row['id']]['license'];
$row['message'] = $apidata[$row['id']]['note'];
$row['link'] = $apidata[$row['id']]['link'];
$row['support'] = $apidata[$row['id']]['support'];
$row['origin'] = true;
}
$content .= "\t<extension>\n";
$content .= "\t\t<id><![CDATA[" . $row['id'] . "]]></id>\n";
$content .= "\t\t<type><![CDATA[" . $row['type'] . "]]></type>\n";
$content .= "\t\t<name><![CDATA[" . $row['name'] . "]]></name>\n";
$content .= "\t\t<version><![CDATA[" . $row['current_version'] . "]]></version>\n";
$content .= "\t\t<date><![CDATA[" . gmdate("D, d M Y H:i:s", $row['current_release']) . " GMT]]></date>\n";
$content .= "\t\t<new_version><![CDATA[" . $row['remote_version'] . "]]></new_version>\n";
$content .= "\t\t<new_date><![CDATA[" . ($row['remote_release'] ? gmdate("D, d M Y H:i:s", $row['current_release']) . " GMT" : "") . "]]></new_date>\n";
$content .= "\t\t<author><![CDATA[" . $row['author'] . "]]></author>\n";
$content .= "\t\t<license><![CDATA[" . $row['license'] . "]]></license>\n";
$content .= "\t\t<mode><![CDATA[" . $row['mode'] . "]]></mode>\n";
$content .= "\t\t<message><![CDATA[" . $row['message'] . "]]></message>\n";
$content .= "\t\t<link><![CDATA[" . $row['link'] . "]]></link>\n";
$content .= "\t\t<support><![CDATA[" . $row['support'] . "]]></support>\n";
$content .= "\t\t<updateable>\n";
if (!empty($row['updateable'])) {
$content .= "\t\t\t<upds>\n";
foreach ($row['updateable'] as $updateable) {
$content .= "\t\t\t\t<upd>\n";
$content .= "\t\t\t\t\t<upd_fid><![CDATA[" . $updateable['fid'] . "]]></upd_fid>\n";
$content .= "\t\t\t\t\t<upd_old><![CDATA[" . $updateable['old_ver'] . "]]></upd_old>\n";
$content .= "\t\t\t\t\t<upd_new><![CDATA[" . $updateable['new_ver'] . "]]></upd_new>\n";
$content .= "\t\t\t\t</upd>\n";
}
$content .= "\t\t\t</upds>\n";
unset($updateable);
}
$content .= "\t\t</updateable>\n";
$content .= "\t\t<origin><![CDATA[" . ($row['origin'] === true ? 'true' : 'false') . "]]></origin>\n";
$content .= "\t</extension>\n";
}
$content .= "</cms>";
$xmlcontent = simplexml_load_string($content);
if ($xmlcontent !== false) {
file_put_contents($my_file, $content);
}
}
}
return $xmlcontent;
}
/**
* NV_http_streams::verify_ssl_certificate()
*
* @param mixed $stream
* @param mixed $host
* @return
*/
public static function verify_ssl_certificate($stream, $host)
{
$context_options = stream_context_get_options($stream);
if (empty($context_options['ssl']['peer_certificate'])) {
return false;
}
$cert = openssl_x509_parse($context_options['ssl']['peer_certificate']);
if (!$cert) {
return false;
}
// If the request is being made to an IP address, we'll validate against IP fields in the cert (if they exist)
$host_type = NV_Http::is_ip_address($host) ? 'ip' : 'dns';
$certificate_hostnames = array();
if (!empty($cert['extensions']['subjectAltName'])) {
$match_against = preg_split('/,\\s*/', $cert['extensions']['subjectAltName']);
foreach ($match_against as $match) {
list($match_type, $match_host) = explode(':', $match);
if ($host_type == strtolower(trim($match_type))) {
// IP: or DNS:
$certificate_hostnames[] = strtolower(trim($match_host));
}
}
} elseif (!empty($cert['subject']['CN'])) {
// Only use the CN when the certificate includes no subjectAltName extension
$certificate_hostnames[] = strtolower($cert['subject']['CN']);
}
// Exact hostname/IP matches
if (in_array(strtolower($host), $certificate_hostnames)) {
return true;
}
// IP's can't be wildcards, Stop processing
if ($host_type == 'ip') {
return false;
}
// Test to see if the domain is at least 2 deep for wildcard support
if (substr_count($host, '.') < 2) {
return false;
}
// Wildcard subdomains certs (*.example.com) are valid for a.example.com but not a.b.example.com
$wildcard_host = preg_replace('/^[^.]+\\./', '*.', $host);
return in_array(strtolower($wildcard_host), $certificate_hostnames);
}
/**
* NV_http_curl::request()
*
* @param mixed $url
* @param mixed $args
* @return
*/
public function request($url, $args = array())
{
$defaults = array('method' => 'GET', 'timeout' => 5, 'redirection' => 5, 'httpversion' => '1.0', 'blocking' => true, 'headers' => array(), 'body' => null, 'cookies' => array());
$args = NV_Http::build_args($args, $defaults);
// Get User Agent
if (isset($args['headers']['User-Agent'])) {
$args['user-agent'] = $args['headers']['User-Agent'];
unset($args['headers']['User-Agent']);
} elseif (isset($args['headers']['user-agent'])) {
$args['user-agent'] = $args['headers']['user-agent'];
unset($args['headers']['user-agent']);
}
// Get Referer
if (isset($args['headers']['Referer'])) {
$args['referer'] = $args['headers']['Referer'];
unset($args['headers']['Referer']);
} elseif (isset($args['headers']['referer'])) {
$args['referer'] = $args['headers']['referer'];
unset($args['headers']['referer']);
}
// Construct Cookie: header if any cookies are set.
NV_Http::buildCookieHeader($args);
$handle = curl_init();
/*
// No Proxy setting so proxy be omitted
// cURL offers really easy proxy support.
$proxy = new NV_http_proxy();
if( $proxy->is_enabled() and $proxy->send_through_proxy( $url ) )
{
curl_setopt( $handle, CURLOPT_PROXYTYPE, CURLPROXY_HTTP );
curl_setopt( $handle, CURLOPT_PROXY, $proxy->host() );
curl_setopt( $handle, CURLOPT_PROXYPORT, $proxy->port() );
if( $proxy->use_authentication() )
{
curl_setopt( $handle, CURLOPT_PROXYAUTH, CURLAUTH_ANY );
curl_setopt( $handle, CURLOPT_PROXYUSERPWD, $proxy->authentication() );
}
}
*/
$is_local = isset($args['local']) and $args['local'];
$ssl_verify = isset($args['sslverify']) and $args['sslverify'];
// CURLOPT_TIMEOUT and CURLOPT_CONNECTTIMEOUT expect integers. Have to use ceil since
// a value of 0 will allow an unlimited timeout.
$timeout = (int) ceil($args['timeout']);
curl_setopt($handle, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($handle, CURLOPT_TIMEOUT, $timeout);
curl_setopt($handle, CURLOPT_URL, $url);
curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
curl_setopt($handle, CURLOPT_SSL_VERIFYHOST, $ssl_verify === true ? 2 : false);
curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, $ssl_verify);
curl_setopt($handle, CURLOPT_CAINFO, $args['sslcertificates']);
curl_setopt($handle, CURLOPT_USERAGENT, $args['user-agent']);
// Add Curl referer if not empty
if (!is_null($args['referer']) or !empty($args['referer'])) {
curl_setopt($handle, CURLOPT_AUTOREFERER, true);
curl_setopt($handle, CURLOPT_REFERER, $args['referer']);
}
// The option doesn't work with safe mode or when open_basedir is set, and there's a
curl_setopt($handle, CURLOPT_FOLLOWLOCATION, false);
if (defined('CURLOPT_PROTOCOLS')) {
// PHP 5.2.10 / cURL 7.19.4
curl_setopt($handle, CURLOPT_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS);
}
switch ($args['method']) {
case 'HEAD':
curl_setopt($handle, CURLOPT_NOBODY, true);
break;
case 'POST':
curl_setopt($handle, CURLOPT_POST, true);
curl_setopt($handle, CURLOPT_POSTFIELDS, $args['body']);
break;
case 'PUT':
curl_setopt($handle, CURLOPT_CUSTOMREQUEST, 'PUT');
curl_setopt($handle, CURLOPT_POSTFIELDS, $args['body']);
break;
default:
curl_setopt($handle, CURLOPT_CUSTOMREQUEST, $args['method']);
if (!is_null($args['body'])) {
curl_setopt($handle, CURLOPT_POSTFIELDS, $args['body']);
}
break;
}
if ($args['blocking'] === true) {
curl_setopt($handle, CURLOPT_HEADERFUNCTION, array($this, 'stream_headers'));
curl_setopt($handle, CURLOPT_WRITEFUNCTION, array($this, 'stream_body'));
}
curl_setopt($handle, CURLOPT_HEADER, false);
if (isset($args['limit_response_size'])) {
$this->max_body_length = intval($args['limit_response_size']);
} else {
$this->max_body_length = false;
}
// If streaming to a file open a file handle, and setup our curl streaming handler
if ($args['stream']) {
$this->stream_handle = @fopen($args['filename'], 'w+');
if (!$this->stream_handle) {
NV_Http::set_error(10);
return $this;
}
} else {
$this->stream_handle = false;
}
if (!empty($args['headers'])) {
// cURL expects full header strings in each element
$headers = array();
foreach ($args['headers'] as $name => $value) {
$headers[] = "{$name}: {$value}";
}
curl_setopt($handle, CURLOPT_HTTPHEADER, $headers);
}
if ($args['httpversion'] == '1.0') {
curl_setopt($handle, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0);
} else {
curl_setopt($handle, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
}
// We don't need to return the body, so don't. Just execute request and return.
if (!$args['blocking']) {
curl_exec($handle);
if ($curl_error = curl_error($handle)) {
curl_close($handle);
NV_Http::set_error(11);
return $this;
}
if (in_array(curl_getinfo($handle, CURLINFO_HTTP_CODE), array(301, 302))) {
curl_close($handle);
NV_Http::set_error(5);
return $this;
}
curl_close($handle);
return array('headers' => array(), 'body' => '', 'response' => array('code' => false, 'message' => false), 'cookies' => array());
}
$theResponse = curl_exec($handle);
$theHeaders = NV_Http::processHeaders($this->headers, $url);
$theBody = $this->body;
$this->headers = '';
$this->body = '';
$curl_error = curl_errno($handle);
// If an error occured, or, no response
if ($curl_error or strlen($theBody) == 0 and empty($theHeaders['headers'])) {
if (CURLE_WRITE_ERROR == $curl_error and $args['stream']) {
fclose($this->stream_handle);
NV_Http::set_error(9);
return $this;
}
if ($curl_error = curl_error($handle)) {
curl_close($handle);
NV_Http::set_error(11);
return $this;
}
if (in_array(curl_getinfo($handle, CURLINFO_HTTP_CODE), array(301, 302))) {
curl_close($handle);
NV_Http::set_error(5);
return $this;
}
}
$response = array();
$response['code'] = curl_getinfo($handle, CURLINFO_HTTP_CODE);
$response['message'] = $response['code'];
curl_close($handle);
if ($args['stream']) {
fclose($this->stream_handle);
}
$response = array('headers' => $theHeaders['headers'], 'body' => null, 'response' => $response, 'cookies' => $theHeaders['cookies'], 'filename' => $args['filename']);
// Handle redirects
if (($redirect_response = NV_Http::handle_redirects($url, $args, $response)) !== false) {
return $redirect_response;
}
if ($args['decompress'] === true and NV_http_encoding::should_decode($theHeaders['headers']) === true) {
$theBody = NV_http_encoding::decompress($theBody);
}
$response['body'] = str_replace("", "", $theBody);
return $response;
}
}
$xtpl->parse('complete.error_move_folder');
} else {
$xtpl->assign('URL_GO', NV_BASE_SITEURL . 'install/update.php');
$xtpl->parse('complete.ok');
}
$xtpl->parse('complete');
echo $xtpl->text('complete');
}
die;
}
if ($nv_Request->get_title('checksess', 'get', '') == md5('download' . $version . $global_config['sitekey'] . session_id())) {
$xtpl = new XTemplate('getupdate.tpl', NV_ROOTDIR . '/themes/' . $global_config['module_theme'] . '/modules/' . $module_file);
$xtpl->assign('LANG', $lang_module);
require NV_ROOTDIR . '/includes/class/http.class.php';
$NV_Http = new NV_Http($global_config, NV_TEMP_DIR);
$filename = NV_TEMPNAM_PREFIX . 'sysupd_' . md5($global_config['sitekey'] . session_id()) . '.zip';
// Debug
$args = array('headers' => array('Referer' => NUKEVIET_STORE_APIURL), 'stream' => true, 'filename' => NV_ROOTDIR . '/' . NV_TEMP_DIR . '/' . $filename, 'body' => array('lang' => NV_LANG_INTERFACE, 'basever' => $global_config['version'], 'mode' => 'getsysupd', 'version' => $version));
// Delete temp file if exists
if (file_exists(NV_ROOTDIR . '/' . NV_TEMP_DIR . '/' . $filename)) {
@nv_deletefile(NV_ROOTDIR . '/' . NV_TEMP_DIR . '/' . $filename);
}
$apidata = $NV_Http->post(NUKEVIET_STORE_APIURL, $args);
if (!empty(NV_Http::$error)) {
$error = nv_http_get_lang(NV_Http::$error);
} elseif (empty($apidata['filename']) or !file_exists($apidata['filename'])) {
$error = $lang_module['get_update_error_file_download'];
}
if (!empty($error)) {
$xtpl->assign('ERROR', $error);
$xtpl->assign('LANG', $lang_module);
$xtpl->assign('GLANG', $lang_global);
$xtpl->assign('REQUEST', $request);
$xtpl->assign('NV_BASE_ADMINURL', NV_BASE_ADMINURL);
$xtpl->assign('NV_LANG_VARIABLE', NV_LANG_VARIABLE);
$xtpl->assign('NV_LANG_DATA', NV_LANG_DATA);
$xtpl->assign('NV_NAME_VARIABLE', NV_NAME_VARIABLE);
$xtpl->assign('MODULE_NAME', $module_name);
if (!empty($request['username']) and !empty($request['password'])) {
// Fixed request
$request['lang'] = NV_LANG_INTERFACE;
$request['basever'] = $global_config['version'];
$request['mode'] = 'login';
$request['domain'] = NV_MY_DOMAIN;
require NV_ROOTDIR . '/includes/class/http.class.php';
$NV_Http = new NV_Http($global_config, NV_TEMP_DIR);
$stored_cookies = nv_get_cookies();
// Debug
$args = array('headers' => array('Referer' => NUKEVIET_STORE_APIURL), 'cookies' => $stored_cookies, 'body' => $request);
$array = $NV_Http->post(NUKEVIET_STORE_APIURL, $args);
$cookies = $array['cookies'];
$array = !empty($array['body']) ? is_serialized_string($array['body']) ? unserialize($array['body']) : array() : array();
$error = '';
if (!empty(NV_Http::$error)) {
$error = nv_http_get_lang(NV_Http::$error);
} elseif (empty($array['status']) or !isset($array['error']) or !isset($array['data']) or !isset($array['pagination']) or !is_array($array['error']) or !is_array($array['data']) or !is_array($array['pagination']) or !empty($array['error']) and (!isset($array['error']['level']) or empty($array['error']['message']))) {
$error = $lang_global['error_valid_response'];
} elseif (!empty($array['error']['message'])) {
$error = $array['error']['message'];
}
// Show error
