if ($rowcontent['id'] == 0) { $_sql = "INSERT INTO " . NV_PREFIXLANG . "_" . $module_data . "_rows\n\t\t\t\t\t\t(catid, listcatid, topicid, admin_id, author, sourceid, addtime, edittime, status, publtime, exptime, archive, title, alias, hometext, homeimgfile, homeimgalt, homeimgthumb, inhome, allowed_comm, allowed_rating, hitstotal, hitscm, total_rating, click_rating) VALUES\n\t\t\t\t\t\t (" . intval($rowcontent['catid']) . ",\n\t\t\t\t\t\t " . $db->quote($rowcontent['listcatid']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['topicid']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['admin_id']) . ",\n\t\t\t\t\t\t " . $db->quote($rowcontent['author']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['sourceid']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['addtime']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['edittime']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['status']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['publtime']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['exptime']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['archive']) . ",\n\t\t\t\t\t\t " . $db->quote($rowcontent['title']) . ",\n\t\t\t\t\t\t " . $db->quote($rowcontent['alias']) . ",\n\t\t\t\t\t\t " . $db->quote($rowcontent['hometext']) . ",\n\t\t\t\t\t\t " . $db->quote($rowcontent['homeimgfile']) . ",\n\t\t\t\t\t\t " . $db->quote($rowcontent['homeimgalt']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['homeimgthumb']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['inhome']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['allowed_comm']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['allowed_rating']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['hitstotal']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['hitscm']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['total_rating']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['click_rating']) . ")"; $rowcontent['id'] = $db->insert_id($_sql, 'id'); if ($rowcontent['id'] > 0) { foreach ($catids as $catid) { $db->query("INSERT INTO " . NV_PREFIXLANG . "_" . $module_data . "_" . $catid . " SELECT * FROM " . NV_PREFIXLANG . "_" . $module_data . "_rows WHERE id=" . $rowcontent['id']); } $tbhtml = NV_PREFIXLANG . "_" . $module_data . "_bodyhtml_" . ceil($rowcontent['id'] / 2000); $db->query("CREATE TABLE IF NOT EXISTS " . $tbhtml . " (id int(11) unsigned NOT NULL, bodyhtml longtext NOT NULL, sourcetext varchar(255) NOT NULL default '', imgposition tinyint(1) NOT NULL default '1', copyright tinyint(1) NOT NULL default '0', allowed_send tinyint(1) NOT NULL default '0', allowed_print tinyint(1) NOT NULL default '0', allowed_save tinyint(1) NOT NULL default '0', PRIMARY KEY (id)) ENGINE=MyISAM"); $db->query("INSERT INTO " . $tbhtml . " (id, bodyhtml, sourcetext, imgposition, copyright, allowed_send, allowed_print, allowed_save, gid) VALUES (\n\t\t\t\t\t\t\t" . $rowcontent['id'] . ",\n\t\t\t\t\t\t\t" . $db->quote($rowcontent['bodyhtml']) . ",\n\t\t\t\t\t\t\t" . $db->quote($rowcontent['sourcetext']) . ",\n\t\t\t\t\t\t\t" . intval($rowcontent['imgposition']) . ",\n\t\t\t \t\t\t\t" . intval($rowcontent['copyright']) . ",\n\t\t\t \t\t\t\t" . intval($rowcontent['allowed_send']) . ",\n\t\t\t \t\t\t\t" . intval($rowcontent['allowed_print']) . ",\n\t\t\t \t\t\t\t" . intval($rowcontent['allowed_save']) . ", 0\n\t\t\t\t\t\t)"); $db->query('INSERT INTO ' . NV_PREFIXLANG . '_' . $module_data . '_bodytext VALUES (' . $rowcontent['id'] . ', ' . $db->quote($rowcontent['bodytext']) . ')'); $user_content = defined('NV_IS_USER') ? ' | ' . $user_info['username'] : ''; // Them vao thong bao if (empty($rowcontent['status'])) { $content = array('title' => $rowcontent['title'], 'hometext' => $rowcontent['hometext']); nv_insert_notification($module_name, 'post_queue', $content, $rowcontent['id']); } nv_insert_logs(NV_LANG_DATA, $module_name, $lang_module['add_content'], $rowcontent['title'] . ' | ' . $client_info['ip'] . $user_content, 0); } else { $error = $lang_module['errorsave']; } } else { if ($rowcontent_old['status'] == 1) { $rowcontent['status'] = 1; } $_sql = "UPDATE " . NV_PREFIXLANG . "_" . $module_data . "_rows SET\n\t\t\t\t\t\t catid=" . intval($rowcontent['catid']) . ",\n\t\t\t\t\t\t listcatid=" . $db->quote($rowcontent['listcatid']) . ",\n\t\t\t\t\t\t topicid=" . intval($rowcontent['topicid']) . ",\n\t\t\t\t\t\t author=" . $db->quote($rowcontent['author']) . ",\n\t\t\t\t\t\t sourceid=" . intval($rowcontent['sourceid']) . ",\n\t\t\t\t\t\t status=" . intval($rowcontent['status']) . ",\n\t\t\t\t\t\t publtime=" . intval($rowcontent['publtime']) . ",\n\t\t\t\t\t\t exptime=" . intval($rowcontent['exptime']) . ",\n\t\t\t\t\t\t archive=" . intval($rowcontent['archive']) . ",\n\t\t\t\t\t\t title=" . $db->quote($rowcontent['title']) . ",\n\t\t\t\t\t\t alias=" . $db->quote($rowcontent['alias']) . ",\n\t\t\t\t\t\t hometext=" . $db->quote($rowcontent['hometext']) . ",\n\t\t\t\t\t\t homeimgfile=" . $db->quote($rowcontent['homeimgfile']) . ",\n\t\t\t\t\t\t homeimgalt=" . $db->quote($rowcontent['homeimgalt']) . ",\n\t\t\t\t\t\t homeimgthumb=" . intval($rowcontent['homeimgthumb']) . ",\n\t\t\t\t\t\t inhome=" . intval($rowcontent['inhome']) . ",\n\t\t\t\t\t\t allowed_comm=" . intval($rowcontent['allowed_comm']) . ",\n\t\t\t\t\t\t allowed_rating=" . intval($rowcontent['allowed_rating']) . ",\n\t\t\t\t\t\t edittime=" . NV_CURRENTTIME . "\n\t\t\t\t\t\tWHERE id =" . $rowcontent['id']; if ($db->exec($_sql)) { $array_cat_old = explode(',', $rowcontent_old['listcatid']); foreach ($array_cat_old as $catid) { $db->query('DELETE FROM ' . NV_PREFIXLANG . '_' . $module_data . '_' . $catid . ' WHERE id = ' . $rowcontent['id']); }
* @Author VINADES.,JSC (contact@vinades.vn) * @Copyright (C) 2014 VINADES.,JSC. All rights reserved * @License GNU/GPL version 2 or any later version * @Createdate 3-6-2010 0:30 */ if (!defined('NV_IS_MOD_DOWNLOAD')) { die('Stop!!!'); } if (!defined('NV_IS_AJAX')) { die('Wrong URL'); } $id = $nv_Request->get_int('id', 'post', 0); $dlrp = $nv_Request->get_string('dlrp', 'session', ''); $dlrp = !empty($dlrp) ? unserialize($dlrp) : array(); if ($id and !in_array($id, $dlrp)) { $dlrp[] = $id; $dlrp = serialize($dlrp); $nv_Request->set_Session('dlrp', $dlrp); $query = 'SELECT id, title FROM ' . NV_MOD_TABLE . ' WHERE id=' . $id; list($id, $title) = $db->query($query)->fetch(3); if ($id) { $stmt = $db->prepare('INSERT INTO ' . NV_MOD_TABLE . '_report VALUES (' . $id . ', :ip, ' . NV_CURRENTTIME . ')'); $stmt->bindParam(':ip', $client_info['ip'], PDO::PARAM_STR); if ($stmt->execute()) { // Them vao thong bao $sender_id = !empty($user_info) ? $user_info['userid'] : 0; nv_insert_notification($module_name, 'report', array('title' => $title), $id, 0, $sender_id, 1); } } } die('OK');
} if (!defined('NV_IS_AJAX')) { nv_create_submenu(); } // Ket noi voi cac op cua module de thuc hien if ($is_mobile and file_exists(NV_ROOTDIR . '/modules/' . $module_file . '/mobile/' . $op_file . '.php')) { require NV_ROOTDIR . '/modules/' . $module_file . '/mobile/' . $op_file . '.php'; } else { require NV_ROOTDIR . '/modules/' . $module_file . '/funcs/' . $op_file . '.php'; } exit; } elseif (isset($module_info['funcs']['main'])) { $sth = $db->prepare('UPDATE ' . NV_MODULES_TABLE . ' SET act=2 WHERE title= :title'); $sth->bindParam(':title', $module_name, PDO::PARAM_STR); $sth->execute(); nv_insert_notification('modules', 'auto_deactive_module', array('custom_title' => $site_mods[$module_name]['custom_title'])); nv_del_moduleCache('modules'); } } elseif (isset($sys_mods[$module_name])) { $groups_view = (string) $sys_mods[$module_name]['groups_view']; if (!defined('NV_IS_USER') and $groups_view == 4) { // Login users Header('Location: ' . NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=users&' . NV_OP_VARIABLE . '=login&nv_redirect=' . nv_base64_encode($client_info['selfurl'])); die; } elseif (!defined('NV_IS_ADMIN') and ($groups_view == '2' or $groups_view == '1')) { // Exit nv_info_die($lang_global['error_404_title'], $lang_global['site_info'], $lang_global['module_for_admin']); } elseif (defined('NV_IS_USER') and !nv_user_in_groups($groups_view)) { nv_info_die($lang_global['error_404_title'], $lang_global['error_404_title'], $lang_global['error_404_content']); } }
$sth->bindParam(':title', $ftitle, PDO::PARAM_STR); $sth->bindParam(':content', $fcon, PDO::PARAM_STR, strlen($fcon)); $sth->bindParam(':sender_name', $fname, PDO::PARAM_STR); $sth->bindParam(':sender_email', $femail, PDO::PARAM_STR); $sth->bindParam(':sender_phone', $fphone, PDO::PARAM_STR); $sth->bindParam(':sender_ip', $client_info['ip'], PDO::PARAM_STR); if ($sth->execute()) { $website = '<a href="' . $global_config['site_url'] . '">' . $global_config['site_name'] . '</a>'; $fcon .= '<br /><br />----------------------------------------<br /><br />'; if (empty($fphone)) { $fcon .= sprintf($lang_module['sendinfo'], $website, $fname, $femail, $client_info['ip'], $array_department[$fpart]['full_name']); } else { $fcon .= sprintf($lang_module['sendinfo2'], $website, $fname, $femail, $fphone, $client_info['ip'], $array_department[$fpart]['full_name']); } nv_SendMail2User($array_department[$fpart]['id'], $fcon, $ftitle, $femail, $fname); nv_insert_notification($module_name, 'contact_new', array('title' => $ftitle), 0, $sender_id, 1); $url = NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA; $contents .= call_user_func('sendcontact', $url); include NV_ROOTDIR . '/includes/header.php'; echo nv_site_theme($contents); include NV_ROOTDIR . '/includes/footer.php'; exit; } } } else { $base_url_rewrite = $base_url; if (isset($array_op[0]) and isset($array_department[$fpart])) { $array_department_i = $array_department[$fpart]; $array_department = array($fpart => $array_department_i); $base_url_rewrite .= '&' . NV_OP_VARIABLE . '=' . $fpart; if (isset($array_op[1]) and $array_op[1] == 0) {
$data_insert['author_email'] = $array['author_email']; $data_insert['author_url'] = $array['author_url']; $data_insert['fileupload'] = $fileupload; $data_insert['linkdirect'] = $array['linkdirect']; $data_insert['version'] = $array['version']; $data_insert['fileimage'] = $fileimage; $data_insert['copyright'] = $array['copyright']; $file_id = $db->insert_id($sql, 'id', $data_insert); if (!$file_id) { $is_error = true; $error = $lang_module['upload_error3']; } else { $user_post = defined("NV_IS_USER") ? " | " . $user_info['username'] : ""; nv_insert_logs(NV_LANG_DATA, $module_name, $lang_module['upload_files_log'], $array['title'] . " | " . $client_info['ip'] . $user_post, 0); $user_post = defined("NV_IS_USER") ? $user_info['userid'] : 0; nv_insert_notification($module_name, 'upload_new', array('title' => $array['title']), $file_id, 0, $user_post, 1); $url_back = nv_url_rewrite(NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name, true); nv_theme_alert($lang_module['file_upload_success_title'], $lang_module['file_upload_success_content'], 'info', $url_back); include NV_ROOTDIR . '/includes/header.php'; echo nv_site_theme($contents); include NV_ROOTDIR . '/includes/footer.php'; exit; } } } } } else { $array['catid'] = sizeof($array_op) == 2 ? (int) $array_op[1] : 0; $array['filesize'] = 0; $array['title'] = $array['description'] = $array['introtext'] = $array['author_name'] = $array['author_email'] = $array['author_url'] = $array['linkdirect'] = $array['version'] = $array['copyright'] = $array['user_name'] = ''; if (defined('NV_IS_USER')) {
$check_run_cronjobs = NV_ROOTDIR . '/' . NV_LOGS_DIR . '/data_logs/cronjobs_' . md5($cron_row['run_file'] . $cron_row['run_func'] . $global_config['sitekey']) . '.txt'; $p = NV_CURRENTTIME - 300; if (file_exists($check_run_cronjobs) and @filemtime($check_run_cronjobs) > $p) { continue; } file_put_contents($check_run_cronjobs, ''); $params = !empty($cron_row['params']) ? array_map('trim', explode(',', $cron_row['params'])) : array(); $result2 = call_user_func_array($cron_row['run_func'], $params); if (!$result2) { nv_insert_notification('settings', 'auto_deactive_cronjobs', array('cron_id' => $cron_row['id'])); $db->query('UPDATE ' . $db_config['dbsystem'] . '.' . NV_CRONJOBS_GLOBALTABLE . ' SET act=0, last_time=' . NV_CURRENTTIME . ', last_result=0 WHERE id=' . $cron_row['id']); } else { if ($cron_row['del']) { $db->query('DELETE FROM ' . $db_config['dbsystem'] . '.' . NV_CRONJOBS_GLOBALTABLE . ' WHERE id = ' . $cron_row['id']); } elseif (empty($cron_row['inter_val'])) { nv_insert_notification('settings', 'auto_deactive_cronjobs', array('cron_id' => $cron_row['id'])); $db->query('UPDATE ' . $db_config['dbsystem'] . '.' . NV_CRONJOBS_GLOBALTABLE . ' SET act=0, last_time=' . NV_CURRENTTIME . ', last_result=1 WHERE id=' . $cron_row['id']); } else { $db->query('UPDATE ' . $db_config['dbsystem'] . '.' . NV_CRONJOBS_GLOBALTABLE . ' SET last_time=' . NV_CURRENTTIME . ', last_result=1 WHERE id=' . $cron_row['id']); $cronjobs_next_time = NV_CURRENTTIME + $interval; if ($db->exec("UPDATE " . NV_CONFIG_GLOBALTABLE . " SET config_value = '" . $cronjobs_next_time . "' WHERE lang = '" . NV_LANG_DATA . "' AND module = 'global' AND config_name = 'cronjobs_next_time' AND (config_value < '" . NV_CURRENTTIME . "' OR config_value > '" . $cronjobs_next_time . "')")) { nv_del_moduleCache('settings'); } } } unlink($check_run_cronjobs); clearstatcache(); } } $image = imagecreate(1, 1); Header('Content-type: image/jpg');
if (file_exists($content_file)) { $content = file_get_contents($content_file); $content = nv_editor_br2nl($content); } else { $content = $lang_module['order_payment_email']; } foreach ($replace_data as $key => $value) { $content = str_replace('{' . $key . '}', $value, $content); } $email_contents = call_user_func('email_new_order', $content, $data_order, $data_pro); $email_title = empty($order_info) ? $lang_module['order_email_title'] : $lang_module['order_email_edit_title']; nv_sendmail(array($global_config['site_name'], $global_config['site_email']), $data_order['order_email'], sprintf($email_title, $module_info['custom_title'], $data_order['order_code']), $email_contents); // Them vao notification $content = array('order_id' => $data_order['id'], 'order_code' => $data_order['order_code'], 'order_name' => $data_order['order_name']); $userid = isset($user_info['userid']) and !empty($user_info['userid']) ? $user_info['userid'] : 0; nv_insert_notification($module_name, empty($order_info) ? 'order_new' : 'order_edit', $content, 0, $userid, 1); // Gui mail thong bao den nguoi quan ly shops $order_url = $global_config['site_url'] . NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=or_view&order_id=' . $data_order['id']; $lang_module['order_email_thanks'] = sprintf($lang_module['order_email_thanks_to_admin'], $data_order['order_name']); $lang_module['order_email_review'] = sprintf($lang_module['order_email_review_to_admin'], $order_url); $listmail_notify = nv_listmail_notify(); if (!empty($listmail_notify)) { $email_contents_to_admin = call_user_func('email_new_order', $data_order, $data_pro); nv_sendmail(array($global_config['site_name'], $global_config['site_email']), $listmail_notify, sprintf($email_title, $module_info['custom_title'], $data_order['order_code']), $email_contents_to_admin); } // Chuyen trang xem thong tin don hang vua dat unset($_SESSION[$module_data . '_cart']); unset($_SESSION[$module_data . '_order_info']); unset($_SESSION[$module_data . '_coupons']); Header('Location: ' . $review_url); $action = 1;
} elseif (empty($rating)) { $contents = "NO_" . $lang_module['rate_empty_rating']; } elseif ($pro_config['review_captcha'] and !nv_capcha_txt($fcode)) { $contents = "NO_" . $lang_module['rate_empty_captcha']; } else { $userid = !empty($user_info) ? $user_info['userid'] : 0; $status = $pro_config['review_check'] ? 0 : 1; $sth = $db->prepare('INSERT INTO ' . $db_config['prefix'] . '_' . $module_data . '_review( product_id, userid, sender, content, rating, add_time, edit_time, status) VALUES( :product_id, :userid, :sender, :content, :rating, ' . NV_CURRENTTIME . ', ' . NV_CURRENTTIME . ', ' . $status . ')'); $sth->bindParam(':product_id', $id, PDO::PARAM_STR); $sth->bindParam(':userid', $userid, PDO::PARAM_INT); $sth->bindParam(':sender', $sender, PDO::PARAM_STR, strlen($sender)); $sth->bindParam(':content', $comment, PDO::PARAM_STR, strlen($comment)); $sth->bindParam(':rating', $rating, PDO::PARAM_INT); if ($sth->execute()) { $content = array('product_id' => $id, 'content' => $comment, 'rating' => $rating, 'status' => $status); nv_insert_notification($module_name, 'review_new', $content, 0, $userid, 1); $nv_Cache->delMod($module_name); $contents = "OK_" . ($pro_config['review_check'] ? $lang_module['rate_success_queue'] : $lang_module['rate_success_ok']); } else { $contents = "NO_" . $lang_module['rate_success_fail']; } $nv_Request->set_Cookie($module_data . '_' . $op . '_' . $id, NV_CURRENTTIME); } } else { $timeout = ceil(($difftimeout - NV_CURRENTTIME + $timeout) / 60); $timeoutmsg = sprintf($lang_module['detail_rate_timeout'], $timeout); $contents = "NO_" . $timeoutmsg; } include NV_ROOTDIR . '/includes/header.php'; echo $contents; include NV_ROOTDIR . '/includes/footer.php';
$new_id = $db->insert_id($_sql, 'cid', $data_insert); if ($new_id > 0) { $nv_Request->set_Cookie($site_mods[$module]['module_data'] . '_timeout_' . $area . '_' . $id, NV_CURRENTTIME, $difftimeout); if ($status) { $mod_info = $site_mods[$module]; if (file_exists(NV_ROOTDIR . '/modules/' . $mod_info['module_file'] . '/comment.php')) { $row = array(); $row['module'] = $module; $row['id'] = $id; include NV_ROOTDIR . '/modules/' . $mod_info['module_file'] . '/comment.php'; } } if (!$status) { $comment_success = $lang_module['comment_success_queue']; // Gui thong bao kiem duyet nv_insert_notification($module_name, 'comment_queue', array('content' => $content), $new_id); } else { $comment_success = $lang_module['comment_success']; } $contents = 'OK_' . nv_base64_encode($comment_success); } } catch (PDOException $e) { $contents = 'ERR_' . $e->getMessage(); } } else { $timeout = ceil(($difftimeout - NV_CURRENTTIME + $timeout) / 60); $timeoutmsg = sprintf($lang_module['comment_timeout'], $timeout); $contents = 'ERR_' . $timeoutmsg; } } }