function updateAvatar($file) { global $db, $user_info, $module_upload; $tmp_photo = NV_ROOTDIR . '/' . NV_TEMP_DIR . '/' . $file; $new_photo_path = NV_ROOTDIR . '/' . SYSTEM_UPLOADS_DIR . '/' . $module_upload . '/'; $new_photo_name = $file; $i = 1; while (file_exists($new_photo_path . $new_photo_name)) { $new_photo_name = preg_replace('/(.*)(\\.[a-zA-Z0-9]+)$/', '\\1_' . $i . '\\2', $file); ++$i; } if (nv_copyfile($tmp_photo, $new_photo_path . $new_photo_name)) { $sql = 'SELECT photo FROM ' . NV_USERS_GLOBALTABLE . ' WHERE userid=' . $user_info['userid']; $result = $db->query($sql); $oldAvatar = $result->fetchColumn(); $result->closeCursor(); if (!empty($oldAvatar) and file_exists(NV_ROOTDIR . '/' . $oldAvatar)) { nv_deletefile(NV_ROOTDIR . '/' . $oldAvatar); } $photo = SYSTEM_UPLOADS_DIR . '/' . $module_upload . '/' . $new_photo_name; $stmt = $db->prepare('UPDATE ' . NV_USERS_GLOBALTABLE . ' SET photo=:photo WHERE userid=' . $user_info['userid']); $stmt->bindParam(':photo', $photo, PDO::PARAM_STR); $stmt->execute(); } nv_deletefile($tmp_photo); }
/** * * @param mixed $homeimgfile * @param mixed $module_upload * @return * */ function nv_news_check_image_exit($homeimgfile, $module_upload) { if (!empty($homeimgfile) and file_exists(NV_UPLOADS_REAL_DIR . '/news/' . $homeimgfile)) { $homeimgthumb = 1; if ($module_upload != 'news') { if (!(nv_copyfile(NV_ROOTDIR . '/' . NV_UPLOADS_DIR . '/news/' . $homeimgfile, NV_ROOTDIR . '/' . NV_UPLOADS_DIR . '/' . $module_upload . '/' . $homeimgfile) and nv_copyfile(NV_ROOTDIR . '/' . NV_FILES_DIR . '/news/' . $homeimgfile, NV_ROOTDIR . '/' . NV_FILES_DIR . '/' . $module_upload . '/' . $homeimgfile))) { $homeimgfile = ''; $homeimgthumb = 0; } } } else { $homeimgfile = ''; $homeimgthumb = 0; } return array($homeimgfile, $homeimgthumb); }
} else { $replace_lang_vi = false; } if (isset($language_array[$newslang])) { nv_admin_add_field_lang($newslang); if ($replace_lang_vi == true) { nv_copyfile(NV_ROOTDIR . "/js/language/vi.js", NV_ROOTDIR . "/js/language/" . $newslang . ".js"); $db->sql_query("UPDATE `" . NV_LANGUAGE_GLOBALTABLE . "_file` SET `author_" . $newslang . "`=`author_vi`"); $query = "SELECT `id`, `lang_vi` FROM `" . NV_LANGUAGE_GLOBALTABLE . "`"; $result = $db->sql_query($query); while (list($id, $author_lang) = $db->sql_fetchrow($result)) { $author_lang = nv_EncString($author_lang); $db->sql_query("UPDATE `" . NV_LANGUAGE_GLOBALTABLE . "` SET `lang_" . $newslang . "` ='" . $author_lang . "' WHERE `id` = '" . $id . "'"); } } elseif (isset($language_array[$typelang])) { nv_copyfile(NV_ROOTDIR . "/js/language/" . $typelang . ".js", NV_ROOTDIR . "/js/language/" . $newslang . ".js"); $db->sql_query("UPDATE `" . NV_LANGUAGE_GLOBALTABLE . "_file` SET `author_" . $newslang . "`=`author_" . $typelang . "`"); $db->sql_query("UPDATE `" . NV_LANGUAGE_GLOBALTABLE . "` SET `lang_" . $newslang . "`=`lang_" . $typelang . "`"); } $nv_Request->set_Cookie('dirlang', $newslang, NV_LIVE_COOKIE_TIME); $xtpl->assign('URL', NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=interface"); $xtpl->parse('copyok'); $contents = $xtpl->text('copyok'); include NV_ROOTDIR . "/includes/header.php"; echo nv_admin_theme($contents); include NV_ROOTDIR . "/includes/footer.php"; } } $lang_array_file = array(); $lang_array_file_temp = nv_scandir(NV_ROOTDIR . "/language", "/^[a-z]{2}+\$/"); foreach ($lang_array_file_temp as $value) {
if ($_user['delpic'] or empty($photo)) { if (!empty($_user['photo'])) { $tmp_photo = NV_ROOTDIR . '/' . NV_TEMP_DIR . '/' . $_user['photo']; if (!file_exists($tmp_photo)) { $_user['photo'] = ''; } else { $new_photo_name = $_user['photo']; $new_photo_path = NV_UPLOADS_REAL_DIR . '/' . $module_upload . '/'; $new_photo_name2 = $new_photo_name; $i = 1; while (file_exists($new_photo_path . $new_photo_name2)) { $new_photo_name2 = preg_replace('/(.*)(\\.[a-zA-Z0-9]+)$/', '\\1_' . $i . '\\2', $new_photo_name); ++$i; } $new_photo = $new_photo_path . $new_photo_name2; if (nv_copyfile($tmp_photo, $new_photo)) { $_user['photo'] = substr($new_photo, strlen(NV_ROOTDIR . '/')); } else { $_user['photo'] = ''; } nv_deletefile($tmp_photo); } } // Delete old photo if ($_user['delpic'] and !empty($row['photo']) and file_exists(NV_ROOTDIR . '/' . $row['photo'])) { nv_deletefile(NV_ROOTDIR . '/' . $row['photo']); } } else { $_user['photo'] = $row['photo']; if (!empty($_user['photo'])) { if (!file_exists(NV_ROOTDIR . '/' . $_user['photo'])) {
$array['fileimage'] = $array['fileimage2']; } elseif (!empty($array['fileimage'])) { $fileimage = NV_UPLOADS_DIR . $array['fileimage']; $array['fileimage'] = ''; if (file_exists(NV_ROOTDIR . '/' . $fileimage)) { $newfile = basename($fileimage); if (preg_match('/(.*)(\\.[a-zA-Z0-9]{32})(\\.[a-zA-Z]+)$/', $newfile, $m)) { $newfile = $m[1] . $m[3]; } $newfile2 = $newfile; $i = 1; while (file_exists(NV_UPLOADS_REAL_DIR . '/' . $module_upload . '/images/' . $newfile2)) { $newfile2 = preg_replace('/(.*)(\\.[a-zA-Z]+)$/', '\\1_' . $i . '\\2', $newfile); ++$i; } if (@nv_copyfile(NV_ROOTDIR . '/' . $fileimage, NV_UPLOADS_REAL_DIR . '/' . $module_upload . '/images/' . $newfile2)) { $array['fileimage'] = '/' . $module_upload . '/images/' . $newfile2; } } } $sql = "INSERT INTO " . NV_PREFIXLANG . "_" . $module_data . " (catid, title, alias, description, introtext, uploadtime, updatetime, user_id, user_name, author_name, author_email, author_url, fileupload, linkdirect, version, filesize, fileimage, status, copyright, view_hits, download_hits, groups_comment, groups_view, groups_download, comment_hits, rating_detail) VALUES (\n\t\t\t\t " . $array['catid'] . ", :title, :alias, :description, :introtext, " . $row['uploadtime'] . ", " . NV_CURRENTTIME . ", " . $row['user_id'] . ", :user_name, :author_name, :author_email, :author_url, :fileupload, :linkdirect, :version, " . $array['filesize'] . ", :fileimage, 1, :copyright, 0, 0, :groups_comment, :groups_view, :groups_download, 0, '')"; $data_insert = array(); $data_insert['title'] = $array['title']; $data_insert['alias'] = $alias; $data_insert['description'] = $array['description']; $data_insert['user_name'] = $array['user_name']; $data_insert['author_name'] = $array['author_name']; $data_insert['introtext'] = $array['introtext']; $data_insert['author_email'] = $array['author_email']; $data_insert['author_url'] = $array['author_url']; $data_insert['fileupload'] = $array['fileupload'];
// Check photo if (!empty($_user['photo'])) { $tmp_photo = NV_BASE_SITEURL . NV_TEMP_DIR . '/' . $_user['photo']; if (!nv_is_file($tmp_photo, NV_TEMP_DIR)) { $_user['photo'] = ''; } else { $new_photo_name = $_user['photo']; $new_photo_path = NV_ROOTDIR . '/' . SYSTEM_UPLOADS_DIR . '/' . $module_upload . '/'; $new_photo_name2 = $new_photo_name; $i = 1; while (file_exists($new_photo_path . $new_photo_name2)) { $new_photo_name2 = preg_replace('/(.*)(\\.[a-zA-Z0-9]+)$/', '\\1_' . $i . '\\2', $new_photo_name); ++$i; } $new_photo = $new_photo_path . $new_photo_name2; if (nv_copyfile(NV_DOCUMENT_ROOT . $tmp_photo, $new_photo)) { $_user['photo'] = substr($new_photo, strlen(NV_ROOTDIR . '/')); } else { $_user['photo'] = ''; } nv_deletefile(NV_DOCUMENT_ROOT . $tmp_photo); } if (!empty($_user['photo'])) { $stmt = $db->prepare('UPDATE ' . NV_MOD_TABLE . ' SET photo= :file_name WHERE userid=' . $userid); $stmt->bindParam(':file_name', $_user['photo'], PDO::PARAM_STR, strlen($file_name)); $stmt->execute(); } } if (!empty($_user['in_groups'])) { foreach ($_user['in_groups'] as $group_id) { if ($group_id != 7) {
} $upload_dir = 'files'; $is_zip = false; $is_resume = false; $max_speed = 0; $filepdf = $nv_Request->get_int('filepdf', 'get', 0); if ($filepdf == 1) { if (!nv_user_in_groups($row['groups_onlineview']) or !nv_user_in_groups($list_cats[$row['catid']]['groups_onlineview'])) { die('Wrong URL'); } $download_config = nv_mod_down_config(); $file_url = ''; $file_src = $session_files['fileupload'][$filename]['src']; if ($download_config['pdf_handler'] == 'filetmp') { $file_src_new = NV_ROOTDIR . '/' . NV_TEMP_DIR . '/' . NV_TEMPNAM_PREFIX . md5($file_src) . '.' . nv_getextension($file_src); if (file_exists($file_src_new) or nv_copyfile($file_src, $file_src_new)) { $file_url = NV_MY_DOMAIN . NV_BASE_SITEURL . substr($file_src_new, strlen(NV_ROOTDIR . '/')); } } elseif ($download_config['pdf_handler'] == 'base64') { $file_url = 'data:application/pdf;base64,' . base64_encode(file_get_contents($file_src)); } else { $file_url = NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=down&filepdf=2&filename=' . $filename; } if (empty($file_url)) { nv_info_die($lang_global['error_404_title'], $lang_global['error_404_title'], $lang_global['error_404_content'], 404); } $html = theme_viewpdf($file_url); die($html); } elseif (empty($filepdf)) { $sql = 'UPDATE ' . NV_MOD_TABLE . ' SET download_hits=download_hits+1 WHERE id=' . intval($session_files['fileupload'][$filename]['id']); $db->query($sql);
} file_put_contents($theme_dir . '/layout/layout.' . $layout_i . '.tpl', $content_layout, LOCK_EX); } $xtpl->parse('main'); $config_css = $xtpl->text('main'); file_put_contents($theme_dir . '/css/screen.css', $config_css, LOCK_EX); unset($config_css); if ($theme_css['horizontalMenuHeight'] > 0 and in_array('MENU_SITE', $position_tag)) { $content_menu_site = "<div id=\"navigation\">[MENU_SITE]</div>"; } elseif ($theme_css['horizontalMenuHeight'] > 0) { $content_menu_site = "<div id=\"navigation\"></div>"; } else { $content_menu_site = ""; } if (in_array($theme_css['css_reset'], array_keys($array_css_reset)) and $theme_css['css_reset'] != "none") { nv_copyfile($theme_default_dir . "/css/reset_" . $theme_css['css_reset'] . ".css", $theme_dir . "/css/reset.css"); $stylesheetrese = "<link rel=\"stylesheet\" type=\"text/css\" href=\"{NV_BASE_SITEURL}themes/{TEMPLATE}/css/reset.css\" />"; } else { $stylesheetrese = ""; } //header.tpl if ($theme_css['doctype'] == "html5") { //HTML 5 $config_header = "<!DOCTYPE HTML>\n<html>\n"; } elseif ($theme_css['doctype'] == "xhtmlStrict") { //XHTML 1.0 Strict $config_header = "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\n"; } elseif ($theme_css['doctype'] == "xhtmlTrans") { //XHTML 1.0 Transitional $config_header = "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\n"; } elseif ($theme_css['doctype'] == "htmlTrans") {
} // Xử lý file upload nếu duyệt file if (empty($array['fileupload_new']) and !empty($array['fileupload_tmp'])) { foreach ($array['fileupload_tmp'] as $file) { $file = NV_UPLOADS_DIR . $file; $newfile = basename($file); if (preg_match('/(.*)(\\.[a-zA-Z0-9]{32})(\\.[a-zA-Z]+)$/', $newfile, $m)) { $newfile = $m[1] . $m[3]; } $newfile2 = $newfile; $i = 1; while (file_exists(NV_ROOTDIR . '/' . $currentpath_files . '/' . $newfile2)) { $newfile2 = preg_replace('/(.*)(\\.[a-zA-Z]+)$/', '\\1_' . $i . '\\2', $newfile); ++$i; } if (@nv_copyfile(NV_ROOTDIR . '/' . $file, NV_ROOTDIR . '/' . $currentpath_files . '/' . $newfile2)) { $array['fileupload_new'][] = array('file_path' => substr($currentpath_files . '/' . $newfile2, strlen(NV_UPLOADS_DIR)), 'scorm_path' => '', 'filesize' => filesize(NV_ROOTDIR . '/' . $currentpath_files . '/' . $newfile2)); } } } if (!empty($array['fileupload_new'])) { foreach ($array['fileupload_new'] as $fileuploadkey => $file_new) { $file = $file_new['file_path']; // Xác định file scorm $file_ext = nv_getextension($file); $file_name = basename($file); $file_path = dirname($file); if ($file_ext == 'zip') { $zip = new PclZip(NV_UPLOADS_REAL_DIR . $file); $ziplistContent = $zip->listContent(); if (!empty($ziplistContent)) {
/** * nv_renamefile() * * @param mixed $file * @param mixed $newname * @return */ function nv_renamefile($file, $newname) { global $lang_global; $realpath = realpath($file); if (empty($realpath)) { return array(0, sprintf($lang_global['error_non_existent_file'], $file)); } $realpath = str_replace('\\', '/', $realpath); $realpath = rtrim($realpath, "\\/"); $preg_match = preg_match("/^(" . nv_preg_quote(NV_ROOTDIR) . ")(\\/[\\S]+)/", $realpath, $path); if (empty($preg_match)) { return array(0, sprintf($lang_global['error_rename_forbidden'], $file)); } $newname = basename(trim($newname)); $pathinfo = pathinfo($realpath); if (file_exists($pathinfo['dirname'] . '/' . $newname)) { return array(0, sprintf($lang_global['error_rename_file_exists'], $newname)); } if (is_dir($realpath) and !preg_match('/^[a-zA-Z0-9-_]+$/', $newname)) { return array(0, sprintf($lang_global['error_rename_directories_invalid'], $newname)); } if (!is_dir($realpath) and !preg_match('/^[a-zA-Z0-9-_.]+$/', $newname)) { return array(0, sprintf($lang_global['error_rename_file_invalid'], $newname)); } if (!is_dir($realpath) and $pathinfo['extension'] != nv_getextension($newname)) { return array(0, sprintf($lang_global['error_rename_extension_changed'], $newname, $pathinfo['basename'])); } if (!@rename($realpath, $pathinfo['dirname'] . '/' . $newname)) { if (!@nv_copyfile($realpath, $pathinfo['dirname'] . '/' . $newname)) { return array(0, sprintf($lang_global['error_rename_failed'], $pathinfo['basename'], $newname)); } else { @nv_deletefile($realpath); } } return array(1, sprintf($lang_global['file_has_been_renamed'], $pathinfo['basename'], $newname)); }
$createImage->save($folder_album, $basename); } $photo['file'] = substr($newFilePath, strlen(NV_UPLOADS_REAL_DIR . '/' . $module_upload . '/images/')); // Copy file thumb //$thum_folder = floor( $data['album_id'] / 1000 ); $thumbName = $fileName = substr($photo['thumb'], strlen(NV_BASE_SITEURL . NV_TEMP_DIR . '/')); $fileName2 = $fileName; $i = 1; while (file_exists(NV_ROOTDIR . '/' . $currentpaththumb . '/' . $fileName2)) { $fileName2 = preg_replace('/(.*)(\\.[a-zA-Z0-9]+)$/', '\\1_' . $i . '\\2', $fileName); ++$i; } $fileName = $fileName2; $filePath = NV_ROOTDIR . '/' . NV_TEMP_DIR . '/' . $thumbName; $newFilePath = NV_ROOTDIR . '/' . $currentpaththumb . '/' . $fileName; $rename = nv_copyfile($filePath, $newFilePath); if (!$rename) { $error .= $lang_module['album_error_copy_photo'] . basename($filePath); unset($data['albums'][$key]); } else { // Xoa anh tam @nv_deletefile($filePath); $photo['thumb'] = substr($newFilePath, strlen(NV_UPLOADS_REAL_DIR . '/' . $module_upload . '/thumb/')); $sth = $db->prepare('INSERT INTO ' . TABLE_PHOTO_NAME . '_rows SET album_id = ' . (int) $data['album_id'] . ', defaults = ' . (int) $photo['defaults'] . ', size = ' . (int) $photo['size'] . ', width = ' . (int) $photo['width'] . ', height = ' . (int) $photo['height'] . ', status=' . intval(1) . ', date_added=' . intval(NV_CURRENTTIME) . ',
if (!nv_is_file(NV_BASE_SITEURL . $path . '/' . $file, $path)) { die('ERROR#' . $lang_module['file_no_exists'] . ': ' . $file); } } $mirror = $nv_Request->get_int('mirror', 'post', 0); $moved_images = array(); foreach ($images as $image) { $i = 1; $file = $image; // Change file name if exists while (file_exists(NV_ROOTDIR . '/' . $newfolder . '/' . $file)) { $file = preg_replace('/(.*)(\\.[a-zA-Z0-9]+)$/', '\\1_' . $i . '\\2', $image); ++$i; } $moved_images[] = $file; if (!nv_copyfile(NV_ROOTDIR . '/' . $path . '/' . $image, NV_ROOTDIR . '/' . $newfolder . '/' . $file)) { die("ERROR#" . $lang_module['errorNotCopyFile']); } if (isset($array_dirname[$newfolder])) { $did = $array_dirname[$newfolder]; $info = nv_getFileInfo($newfolder, $file); $info['userid'] = $admin_info['userid']; $db->query("INSERT INTO " . NV_UPLOAD_GLOBALTABLE . "_file (name, ext, type, filesize, src, srcwidth, srcheight, sizes, userid, mtime, did, title) VALUES ('" . $info['name'] . "', '" . $info['ext'] . "', '" . $info['type'] . "', " . $info['filesize'] . ", '" . $info['src'] . "', " . $info['srcwidth'] . ", " . $info['srcheight'] . ", '" . $info['size'] . "', " . $info['userid'] . ", " . $info['mtime'] . ", " . $did . ", '" . $file . "')"); } if (!$mirror) { @nv_deletefile(NV_ROOTDIR . '/' . $path . '/' . $image); // Delete old thumb if (preg_match('/^' . nv_preg_quote(NV_UPLOADS_DIR) . '\\/(([a-z0-9\\-\\_\\/]+\\/)*([a-z0-9\\-\\_\\.]+)(\\.(gif|jpg|jpeg|png|bmp)))$/i', $path . '/' . $image, $m)) { @nv_deletefile(NV_ROOTDIR . '/' . NV_FILES_DIR . '/' . $m[1]); } if (isset($array_dirname[$path])) {