$sql = "SELECT id, parentid, title, alias, keywords, description, weight FROM " . $BL->table_prefix . "_categories WHERE id=" . $id; $result = $db->query($sql); if ($result->rowCount() != 1) { nv_info_die($BL->glang('error_404_title'), $BL->glang('error_404_title'), $BL->glang('error_404_content')); } $row = $result->fetch(); $data = $row; } else { $data = array("parentid" => $nv_Request->get_int("parentid", "post,get", 0), "title" => "", "alias" => "", "keywords" => "", "description" => ""); } if ($nv_Request->isset_request("submit", "post")) { $data['parentid'] = $nv_Request->get_int("parentid", "post", 0); $data['title'] = nv_substr($nv_Request->get_title('title', 'post', '', 1), 0, 255); $data['alias'] = nv_substr($nv_Request->get_title('alias', 'post', '', 1), 0, 255); $data['keywords'] = nv_substr($nv_Request->get_title('keywords', 'post', '', 1), 0, 255); $data['description'] = nv_substr($nv_Request->get_title('description', 'post', '', 1), 0, 255); $data['alias'] = $data['alias'] ? strtolower(change_alias($data['alias'])) : strtolower(change_alias($data['title'])); $data['keywords'] = $data['keywords'] ? implode(", ", array_filter(array_unique(array_map("trim", explode(",", $data['keywords']))))) : ""; if (empty($data['title'])) { $error = $BL->lang('categoriesErrorTitle'); } elseif (empty($data['keywords'])) { $error = $BL->lang('errorKeywords'); } elseif (empty($data['description'])) { $error = $BL->lang('errorSescription'); } elseif ($BL->checkExistsAlias($data['alias'], "cat", $id)) { $error = $BL->lang('errorAliasExists'); } else { // Xac dinh thu tu moi $new_weight = 1; if (!$id or $id and $data['parentid'] != $row['parentid']) { $sql = "SELECT MAX(weight) AS new_weight FROM " . $BL->table_prefix . "_categories WHERE parentid=" . $data['parentid'];
* @License GNU/GPL version 2 or any later version * @Createdate Dec 11, 2013, 09:50:11 PM */ if (!defined('NV_BLOG_ADMIN')) { die('Stop!!!'); } $page_title = $BL->lang('cfgComment'); $set_active_op = 'config-master'; $array_commentFacebookColorscheme = array('light' => 'Light', 'dark' => 'Dark'); $array = array(); // Lay thong tin submit if ($nv_Request->isset_request('submit', 'post')) { $array['commentType'] = nv_substr($nv_Request->get_title('commentType', 'post', 'random', 1), 0, 255); $array['commentPerPage'] = $nv_Request->get_int('commentPerPage', 'post', 8); $array['commentDisqusShortname'] = nv_substr($nv_Request->get_title('commentDisqusShortname', 'post', '', 1), 0, 255); $array['commentFacebookColorscheme'] = nv_substr($nv_Request->get_title('commentFacebookColorscheme', 'post', 'light', 1), 0, 255); // Kiem tra xac nhan if (!in_array($array['commentType'], $BL->commentType)) { $array['commentType'] = $BL->commentType[0]; } if ($array['commentPerPage'] > 50 or $array['commentPerPage'] < 1) { $array['commentPerPage'] = 8; } if (!isset($array_commentFacebookColorscheme[$array['commentFacebookColorscheme']])) { $array['commentFacebookColorscheme'] = 'light'; } foreach ($array as $config_name => $config_value) { $sql = "REPLACE INTO " . $BL->table_prefix . "_config VALUES (" . $db->quote($config_name) . "," . $db->quote($config_value) . ")"; $db->query($sql); } nv_del_moduleCache($module_name);
} } } $title = $lang_module['config_database']; $contents = nv_step_5($db_config, $nextstep); } elseif ($step == 6) { $nextstep = 0; $error = ''; define('NV_USERS_GLOBALTABLE', $db_config['prefix'] . '_users'); // Bat dau phien lam viec cua MySQL $db = new NukeViet\Core\Database($db_config); if (!empty($db->error)) { $error = !empty($db->error['user_message']) ? $db->error['user_message'] : $db->error['message']; } $array_data['site_name'] = $nv_Request->get_title('site_name', 'post', $array_data['site_name'], 1); $array_data['nv_login'] = nv_substr($nv_Request->get_title('nv_login', 'post', $array_data['nv_login'], 1), 0, NV_UNICKMAX); $array_data['nv_email'] = $nv_Request->get_title('nv_email', 'post', $array_data['nv_email']); $array_data['nv_password'] = $nv_Request->get_title('nv_password', 'post', $array_data['nv_password']); $array_data['re_password'] = $nv_Request->get_title('re_password', 'post', $array_data['re_password']); $array_data['lang_multi'] = (int) $nv_Request->get_bool('lang_multi', 'post', $array_data['lang_multi']); $check_login = nv_check_valid_login($array_data['nv_login'], NV_UNICKMAX, NV_UNICKMIN); $check_pass = nv_check_valid_pass($array_data['nv_password'], NV_UPASSMAX, NV_UPASSMIN); $check_email = nv_check_valid_email($array_data['nv_email']); $array_data['question'] = $nv_Request->get_title('question', 'post', $array_data['question'], 1); $array_data['answer_question'] = $nv_Request->get_title('answer_question', 'post', $array_data['answer_question'], 1); $global_config['site_email'] = $array_data['nv_email']; if ($nv_Request->isset_request('nv_login,nv_password', 'post')) { if (empty($array_data['site_name'])) { $error = $lang_module['err_sitename']; } elseif (!empty($check_login)) { $error = $check_login;
} $custom_fields = $nv_Request->get_array('custom_fields', 'post'); if ($checkss == $array_register['checkss']) { $array_register['first_name'] = nv_substr($nv_Request->get_title('first_name', 'post', '', 1), 0, 255); $array_register['last_name'] = nv_substr($nv_Request->get_title('last_name', 'post', '', 1), 0, 255); $array_register['username'] = $nv_Request->get_title('username', 'post', '', 1); $array_register['password'] = $nv_Request->get_title('password', 'post', ''); $array_register['re_password'] = $nv_Request->get_title('re_password', 'post', ''); $array_register['email'] = nv_strtolower(nv_substr($nv_Request->get_title('email', 'post', '', 1), 0, 100)); $array_register['question'] = $nv_Request->get_int('question', 'post', 0); if (!isset($data_questions[$array_register['question']])) { $array_register['question'] = 0; } $data_questions[$array_register['question']]['selected'] = ' selected="selected"'; $array_register['your_question'] = $nv_Request->get_title('your_question', 'post', '', 1); $array_register['answer'] = nv_substr($nv_Request->get_title('answer', 'post', '', 1), 0, 255); $array_register['agreecheck'] = $nv_Request->get_int('agreecheck', 'post', 0); $nv_seccode = $nv_Request->get_title('nv_seccode', 'post', ''); $check_seccode = !$gfx_chk ? true : (nv_capcha_txt($nv_seccode) ? true : false); $complete = ''; if (!$check_seccode) { die(reg_result(array('status' => 'error', 'input' => 'nv_seccode', 'mess' => $lang_global['securitycodeincorrect']))); } if (($check_login = nv_check_username_reg($array_register['username'])) != '') { die(reg_result(array('status' => 'error', 'input' => 'username', 'mess' => $check_login))); } if (($check_email = nv_check_email_reg($array_register['email'])) != '') { die(reg_result(array('status' => 'error', 'input' => 'email', 'mess' => $check_email))); } if (($check_pass = nv_check_valid_pass($array_register['password'], NV_UPASSMAX, NV_UPASSMIN)) != '') { die(reg_result(array('status' => 'error', 'input' => 'password', 'mess' => $check_pass)));
if (in_array($theme, $theme_site_array)) { $array_theme[] = $theme; $theme_list[] = $theme; } elseif (in_array($theme, $theme_mobile_array)) { $array_theme[] = $theme; $theme_mobile_list[] = $theme; } } $groups_list = nv_groups_list(); if ($nv_Request->get_int('save', 'post') == '1') { $custom_title = $nv_Request->get_title('custom_title', 'post', 1); $admin_title = $nv_Request->get_title('admin_title', 'post', 1); $theme = $nv_Request->get_title('theme', 'post', '', 1); $mobile = $nv_Request->get_title('mobile', 'post', '', 1); $description = $nv_Request->get_title('description', 'post', '', 1); $description = nv_substr($description, 0, 255); $keywords = $nv_Request->get_title('keywords', 'post', '', 1); $act = $nv_Request->get_int('act', 'post', 0); $rss = $nv_Request->get_int('rss', 'post', 0); if (!empty($theme) and !in_array($theme, $theme_list)) { $theme = ''; } if (!empty($mobile) and !in_array($mobile, $theme_mobile_list)) { $mobile = ''; } if (!empty($keywords)) { $keywords = explode(',', $keywords); $keywords = array_map('trim', $keywords); $keywords = implode(', ', $keywords); } if ($mod != $global_config['site_home_module']) {
} $BL->callFrameWorks('shadowbox'); $page_title = $BL->lang('cfgStructureData'); $array = array(); $_array_locales = nv_object2array(simplexml_load_file(NV_ROOTDIR . '/modules/' . $module_file . '/locales/locales.xml')->xpath('locale')); $array_locales = array(); foreach ($_array_locales as $locale) { $array_locales[$locale['codes']['code']['standard']['representation']] = $locale['englishName']; } unset($_array_locales, $locale); // Lay thong tin submit if ($nv_Request->isset_request('submit', 'post')) { $array['sysGoogleAuthor'] = nv_substr($nv_Request->get_title('sysGoogleAuthor', 'post', '', 0), 0, 30); $array['sysFbAppID'] = nv_substr($nv_Request->get_title('sysFbAppID', 'post', '', 0), 0, 30); $array['sysFbAdminID'] = nv_substr($nv_Request->get_title('sysFbAdminID', 'post', '', 0), 0, 30); $array['sysLocale'] = nv_substr($nv_Request->get_title('sysLocale', 'post', '', 0), 0, 255); $array['sysDefaultImage'] = $nv_Request->get_string('sysDefaultImage', 'post', ''); if (!preg_match("/^([0-9]+)\$/", $array['sysGoogleAuthor'])) { $array['sysGoogleAuthor'] = ''; } if (!preg_match("/^([0-9]+)\$/", $array['sysFbAppID'])) { $array['sysFbAppID'] = ''; } if (!preg_match("/^([0-9]+)\$/", $array['sysFbAdminID'])) { $array['sysFbAdminID'] = ''; } if (!empty($array['sysDefaultImage'])) { if (preg_match("/^\\//i", $array['sysDefaultImage'])) { $array['sysDefaultImage'] = substr($array['sysDefaultImage'], strlen(NV_BASE_SITEURL . NV_UPLOADS_DIR . "/" . $module_name)); if (!is_file(NV_UPLOADS_REAL_DIR . '/' . $module_name . $array['sysDefaultImage'])) { $array['sysDefaultImage'] = '';
$access_passus = (isset($access_admin['access_passus'][$admin_info['level']]) and $access_admin['access_passus'][$admin_info['level']] == 1) ? true : false; if ($nv_Request->isset_request('confirm', 'post')) { $_user['username'] = $nv_Request->get_title('username', 'post', '', 1); $_user['email'] = $nv_Request->get_title('email', 'post', '', 1); if ($access_passus) { $_user['password1'] = $nv_Request->get_title('password1', 'post', '', 0); $_user['password2'] = $nv_Request->get_title('password2', 'post', '', 0); } else { $_user['password1'] = $_user['password2'] = ''; } $_user['question'] = nv_substr($nv_Request->get_title('question', 'post', '', 1), 0, 255); $_user['answer'] = nv_substr($nv_Request->get_title('answer', 'post', '', 1), 0, 255); $_user['first_name'] = nv_substr($nv_Request->get_title('first_name', 'post', '', 1), 0, 255); $_user['last_name'] = nv_substr($nv_Request->get_title('last_name', 'post', '', 1), 0, 255); $_user['gender'] = nv_substr($nv_Request->get_title('gender', 'post', '', 1), 0, 1); $_user['photo'] = nv_substr($nv_Request->get_title('photo', 'post', '', 1), 0, 255); $_user['view_mail'] = $nv_Request->get_int('view_mail', 'post', 0); $_user['sig'] = $nv_Request->get_textarea('sig', '', NV_ALLOWED_HTML_TAGS); $_user['birthday'] = $nv_Request->get_title('birthday', 'post'); $_user['in_groups'] = $nv_Request->get_typed_array('group', 'post', 'int'); $_user['delpic'] = $nv_Request->get_int('delpic', 'post', 0); $custom_fields = $nv_Request->get_array('custom_fields', 'post'); if ($_user['username'] != $row['username'] and ($error_username = nv_check_valid_login($_user['username'], NV_UNICKMAX, NV_UNICKMIN)) != '') { $error = $error_username; } elseif ("'" . $_user['username'] . "'" != $db->quote($_user['username'])) { $error = sprintf($lang_module['account_deny_name'], '<strong>' . $_user['username'] . '</strong>'); } elseif (($error_xemail = nv_check_valid_email($_user['email'])) != '') { $error = $error_xemail; } elseif ($db->query('SELECT userid FROM ' . NV_USERS_GLOBALTABLE . ' WHERE userid!=' . $userid . ' AND md5username='******'username'])))->fetchColumn()) { $error = $lang_module['edit_error_username_exist']; } elseif ($db->query('SELECT userid FROM ' . NV_USERS_GLOBALTABLE . ' WHERE userid!=' . $userid . ' AND email=' . $db->quote($_user['email']))->fetchColumn()) {
*/ if (!defined('NV_ADMIN') or !defined('NV_MAINFILE') or !defined('NV_IS_MODADMIN')) { die('Stop!!!'); } $page_title = $lang_module['smtp_config']; $smtp_encrypted_array = array(); $smtp_encrypted_array[0] = 'None'; $smtp_encrypted_array[1] = 'SSL'; $smtp_encrypted_array[2] = 'TSL'; $array_config = array(); $errormess = ''; $array_config['mailer_mode'] = nv_substr($nv_Request->get_title('mailer_mode', 'post', $global_config['mailer_mode'], 1), 0, 255); $array_config['smtp_host'] = nv_substr($nv_Request->get_title('smtp_host', 'post', $global_config['smtp_host'], 1), 0, 255); $array_config['smtp_port'] = nv_substr($nv_Request->get_title('smtp_port', 'post', $global_config['smtp_port'], 1), 0, 255); $array_config['smtp_username'] = nv_substr($nv_Request->get_title('smtp_username', 'post', $global_config['smtp_username']), 0, 255); $array_config['smtp_password'] = nv_substr($nv_Request->get_title('smtp_password', 'post', $global_config['smtp_password']), 0, 255); if ($nv_Request->isset_request('mailer_mode', 'post')) { $array_config['smtp_ssl'] = $nv_Request->get_int('smtp_ssl', 'post', 0); } else { $array_config['smtp_ssl'] = intval($global_config['smtp_ssl']); } if ($nv_Request->isset_request('mailer_mode', 'post')) { $smtp_password = $array_config['smtp_password']; $array_config['smtp_password'] = nv_base64_encode($crypt->aes_encrypt($smtp_password)); $sth = $db->prepare("UPDATE " . NV_CONFIG_GLOBALTABLE . " SET config_value = :config_value WHERE lang = 'sys' AND module = 'site' AND config_name = :config_name"); foreach ($array_config as $config_name => $config_value) { $sth->bindParam(':config_name', $config_name, PDO::PARAM_STR, 30); $sth->bindParam(':config_value', $config_value, PDO::PARAM_STR); $sth->execute(); } nv_del_moduleCache('settings');
if (!empty($rowcontent['alias'])) { $stmt = $db->prepare('SELECT COUNT(*) FROM ' . $db_config['prefix'] . '_' . $module_data . '_rows WHERE id !=' . $rowcontent['id'] . ' AND ' . NV_LANG_DATA . '_alias = :alias'); $stmt->bindParam(':alias', $rowcontent['alias'], PDO::PARAM_STR); $stmt->execute(); if ($stmt->fetchColumn()) { $rows_id = $rowcontent['id']; if ($rows_id == 0) { $rows_id = $db->query('SELECT MAX(id) FROM ' . $db_config['prefix'] . '_' . $module_data . '_rows')->fetchColumn(); $rows_id = intval($rows_id) + 1; } $rowcontent['alias'] = $rowcontent['alias'] . '-' . $rows_id; } } $hometext = $nv_Request->get_string('hometext', 'post', ''); $rowcontent['hometext'] = defined('NV_EDITOR') ? nv_nl2br($hometext, '') : nv_nl2br(nv_htmlspecialchars(strip_tags($hometext)), '<br />'); $rowcontent['product_code'] = nv_substr($nv_Request->get_title('product_code', 'post', '', 1), 0, 255); $rowcontent['product_number'] = $nv_Request->get_int('product_number', 'post', 0); $rowcontent['product_price'] = $nv_Request->get_string('product_price', 'post', ''); $rowcontent['product_price'] = floatval(preg_replace('/[^0-9\\.]/', '', $rowcontent['product_price'])); $rowcontent['discount_id'] = $nv_Request->get_int('discount_id', 'post', 0); $rowcontent['money_unit'] = $nv_Request->get_string('money_unit', 'post', ''); $rowcontent['product_weight'] = $nv_Request->get_string('product_weight', 'post', ''); $rowcontent['product_weight'] = floatval(preg_replace('/[^0-9\\.]/', '', $rowcontent['product_weight'])); $rowcontent['weight_unit'] = $nv_Request->get_string('weight_unit', 'post', ''); $rowcontent['product_unit'] = $nv_Request->get_int('product_unit', 'post', 0); $rowcontent['homeimgfile'] = $nv_Request->get_title('homeimg', 'post', ''); $rowcontent['homeimgalt'] = $nv_Request->get_title('homeimgalt', 'post', '', 1); $typeprice = $rowcontent['listcatid'] ? $global_array_shops_cat[$rowcontent['listcatid']]['typeprice'] : 0; if ($typeprice == 2) { $price_config = $nv_Request->get_array('price_config', 'post'); $sortArray = array();
/** * @Project NUKEVIET 4.x * @Author VINADES.,JSC (contact@vinades.vn) * @Copyright (C) 2014 VINADES.,JSC. All rights reserved * @License GNU/GPL version 2 or any later version * @Createdate 2-2-2010 12:55 */ if (!defined('NV_IS_FILE_SETTINGS')) { die('Stop!!!'); } $errormess = ''; if ($nv_Request->isset_request('submit', 'post')) { $preg_replace = array('pattern' => '/[^a-zA-Z0-9\\_]/', 'replacement' => ''); $array_config_global = array(); $array_config_global['cookie_prefix'] = nv_substr($nv_Request->get_title('cookie_prefix', 'post', '', 0, $preg_replace), 0, 255); $array_config_global['session_prefix'] = nv_substr($nv_Request->get_title('session_prefix', 'post', '', 0, $preg_replace), 0, 255); $array_config_global['cookie_secure'] = (int) $nv_Request->get_bool('cookie_secure', 'post', 0); $array_config_global['cookie_httponly'] = (int) $nv_Request->get_bool('cookie_httponly', 'post', 0); $sth = $db->prepare("UPDATE " . NV_CONFIG_GLOBALTABLE . " SET config_value = :config_value WHERE lang = 'sys' AND module = 'global' AND config_name = :config_name"); foreach ($array_config_global as $config_name => $config_value) { $sth->bindParam(':config_name', $config_name, PDO::PARAM_STR, 30); $sth->bindParam(':config_value', $config_value, PDO::PARAM_STR); $sth->execute(); } $array_config_define = array(); $array_config_define['nv_live_cookie_time'] = 86400 * $nv_Request->get_int('nv_live_cookie_time', 'post', 1); $array_config_define['nv_live_session_time'] = 60 * $nv_Request->get_int('nv_gfx_width', 'post', 0); $sth = $db->prepare("UPDATE " . NV_CONFIG_GLOBALTABLE . " SET config_value = :config_value WHERE lang = 'sys' AND module = 'define' AND config_name = :config_name"); foreach ($array_config_define as $config_name => $config_value) { $sth->bindParam(':config_name', $config_name, PDO::PARAM_STR, 30); $sth->bindParam(':config_value', $config_value, PDO::PARAM_STR);
$array = $sth->fetch(); if (empty($array)) { nv_info_die($lang_global['error_404_title'], $lang_global['error_404_title'], $lang_global['error_404_content']); } $page_title = $lang_module['edit']; $form_action = NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=' . $op . '&client_id=' . $client_id; } else { $array = array('client_id' => '', 'client_title' => '', 'client_secret' => '', 'redirect_uri' => ''); $page_title = $lang_module['add']; $form_action = NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=' . $op; } if ($nv_Request->isset_request('submit', 'post')) { $array['client_id'] = nv_substr($nv_Request->get_title('client_id', 'post', '', true), 0, 80); $array['client_title'] = nv_substr($nv_Request->get_title('client_title', 'post', '', true), 0, 80); $array['client_secret'] = nv_substr($nv_Request->get_title('client_secret', 'post', '', true), 0, 80); $array['redirect_uri'] = nv_substr($nv_Request->get_title('redirect_uri', 'post', '', false), 0, 2000); if (empty($array['client_id'])) { $error = $lang_module['content_error_id']; } elseif (empty($array['client_title'])) { $error = $lang_module['content_error_title']; } elseif (empty($array['client_secret'])) { $error = $lang_module['content_error_secret']; } else { $sql = 'SELECT * FROM ' . $db_config['prefix'] . '_' . $module_data . '_clients WHERE client_id = :client_id' . ($client_id ? ' AND client_id != ' . $db->quote($client_id) : ''); $sth = $db->prepare($sql); $sth->bindParam(':client_id', $array['client_id'], PDO::PARAM_STR); $sth->execute(); $num = $sth->fetchColumn(); if (!empty($num)) { $error = $lang_module['content_error_exists']; } else {
$fpart = isset($array_op[0]) ? $array_op[0] : ''; $fpart = $nv_Request->get_title('fpart', 'post,get', $fpart); $ftitle = nv_substr($nv_Request->get_title('ftitle', 'post,get', '', 1), 0, 250); $full = isset($array_op[1]) ? $array_op[1] : 1; $base_url = NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name; if (!empty($array_department)) { $checkss = $nv_Request->get_title('checkss', 'post', ''); if ($checkss == md5($client_info['session_id'] . $global_config['sitekey'])) { if (defined('NV_IS_USER')) { $fname = !empty($user_info['full_name']) ? $user_info['full_name'] : $user_info['username']; $femail = $user_info['email']; } else { $fname = nv_substr($nv_Request->get_title('fname', 'post', '', 1), 0, 100); $femail = nv_substr($nv_Request->get_title('femail', 'post', '', 1), 0, 100); } $fphone = nv_substr($nv_Request->get_title('fphone', 'post', '', 1), 0, 100); $fcon = $nv_Request->get_editor('fcon', '', NV_ALLOWED_HTML_TAGS); $fcode = $nv_Request->get_title('fcode', 'post', ''); $check_valid_email = nv_check_valid_email($femail); if (empty($fname)) { $error = $lang_module['error_fullname']; } elseif (!empty($check_valid_email)) { $error = $check_valid_email; } elseif (empty($ftitle)) { $error = $lang_module['error_title']; } elseif (empty($fcon)) { $error = $lang_module['error_content']; } elseif (!isset($array_department[$fpart])) { $error = $lang_module['error_part']; } elseif (!nv_capcha_txt($fcode)) { $error = $lang_module['error_captcha'];
/** * nv_clean60() * * @param mixed $string * @param integer $num * @return */ function nv_clean60($string, $num = 60, $specialchars = false) { global $global_config; $string = nv_unhtmlspecialchars($string); $len = nv_strlen($string); if ($num and $num < $len) { if (ord(nv_substr($string, $num, 1)) == 32) { $string = nv_substr($string, 0, $num) . '...'; } elseif (strpos($string, ' ') === false) { $string = nv_substr($string, 0, $num); } else { $string = nv_clean60($string, $num - 1); } } if ($specialchars) { $string = nv_htmlspecialchars($string); } return $string; }
$id = $nv_Request->get_int('id', 'post', 0); $sql = 'SELECT id FROM ' . $table_name . ' WHERE id=' . $id; $id = $db->query($sql)->fetchColumn(); if (empty($id)) { die('NO_' . $id); } $new_status = $nv_Request->get_bool('new_status', 'post'); $new_status = (int) $new_status; $sql = 'UPDATE ' . $table_name . ' SET status=' . $new_status . ' WHERE id=' . $id; $db->query($sql); nv_del_moduleCache($module_name); die('OK_' . $pid); } if (!empty($savecat)) { $preg_replace = array('pattern' => '/[^a-zA-Z0-9\\_]/', 'replacement' => '_'); $data['title'] = nv_substr($nv_Request->get_title('title', 'post', ''), 0, 50); $data['alias'] = strtolower(change_alias($data['title'])); $stmt = $db->query('SELECT * FROM ' . $db_config['prefix'] . '_' . $module_data . '_template where alias=' . $db->quote($data['alias']))->fetchColumn(); if (empty($data['title'])) { $error = $lang_module['template_error_name']; } elseif (!empty($stmt)) { $error = $lang_module['block_error_alias']; } else { if ($data['id'] == 0) { $listfield = ""; $listvalue = ""; $sql = "INSERT INTO " . $table_name . " VALUES (NULL ,1, '" . $data['title'] . "','" . $data['alias'] . "')"; $templaid = $db->insert_id($sql); if ($templaid != 0) { $sql = "CREATE TABLE IF NOT EXISTS " . $db_config['prefix'] . "_" . $module_data . "_info_" . $templaid . "(\n\t\t\t shopid mediumint(8) unsigned NOT NULL DEFAULT '0',\n\t\t\t status tinyint(1) NOT NULL DEFAULT '1',\n\t\t\t PRIMARY KEY (shopid)\n\t\t\t) ENGINE=MyISAM "; $db->query($sql);
$caption = $lang_module['category_add']; } if ($nv_Request->get_int('save', 'post') == 1) { $data['category_id'] = $nv_Request->get_int('category_id', 'post', 0); $data['parentid_old'] = $nv_Request->get_int('parentid_old', 'post', 0); $data['parent_id'] = $nv_Request->get_int('parent_id', 'post', 0); $data['inhome'] = $nv_Request->get_int('inhome', 'post', 0); $data['status'] = $nv_Request->get_int('status', 'post', 0); $data['name'] = nv_substr($nv_Request->get_title('name', 'post', '', ''), 0, 255); $data['alias'] = nv_substr($nv_Request->get_title('alias', 'post', '', ''), 0, 255); $description = $nv_Request->get_string('description', 'post', ''); $data['description'] = defined('NV_EDITOR') ? nv_nl2br($description, '') : nv_nl2br(nv_htmlspecialchars(strip_tags($description)), '<br />'); $data['meta_title'] = nv_substr($nv_Request->get_title('meta_title', 'post', '', ''), 0, 255); $data['meta_description'] = nv_substr($nv_Request->get_title('meta_description', 'post', '', ''), 0, 255); $data['meta_keyword'] = nv_substr($nv_Request->get_title('meta_keyword', 'post', '', ''), 0, 255); $data['layout'] = nv_substr($nv_Request->get_title('layout', 'post', '', ''), 0, 255); if (empty($data['name'])) { $error['name'] = $lang_module['category_error_name']; } if (!empty($error) && !isset($error['warning'])) { $error['warning'] = $lang_module['category_error_warning']; } $_groups_post = $nv_Request->get_array('groups_view', 'post', array()); $data['groups_view'] = !empty($_groups_post) ? implode(',', nv_groups_post(array_intersect($_groups_post, array_keys($groups_list)))) : ''; $stmt = $db->prepare('SELECT COUNT(*) FROM ' . TABLE_PHOTO_NAME . '_category WHERE category_id !=' . $data['category_id'] . ' AND alias= :alias'); $stmt->bindParam(':alias', $data['alias'], PDO::PARAM_STR); $stmt->execute(); $check_alias = $stmt->fetchColumn(); if ($check_alias) { $error['warning'] = $lang_module['duplicate_alias']; } elseif ($check_alias and $data['parent_id'] > 0) {
} $page_title = $lang_module['setting']; $savesetting = $nv_Request->get_int('savesetting', 'post', 0); if (!empty($savesetting)) { $photo_setting = array(); $photo_setting['origin_size_width'] = $nv_Request->get_int('origin_size_width', 'post', 0); $photo_setting['origin_size_height'] = $nv_Request->get_int('origin_size_height', 'post', 0); $photo_setting['cr_thumb_width'] = $nv_Request->get_int('cr_thumb_width', 'post', 0); $photo_setting['cr_thumb_height'] = $nv_Request->get_int('cr_thumb_height', 'post', 0); $photo_setting['cr_thumb_quality'] = $nv_Request->get_int('cr_thumb_quality', 'post', 0); $photo_setting['per_line'] = $nv_Request->get_int('per_line', 'post', 0); $photo_setting['per_page_album'] = $nv_Request->get_int('per_page_album', 'post', 0); $photo_setting['per_page_photo'] = $nv_Request->get_int('per_page_photo', 'post', 20); $photo_setting['home_title_cut'] = $nv_Request->get_int('home_title_cut', 'post', 20); $photo_setting['home_view'] = $nv_Request->get_title('home_view', 'post', '', 0); $photo_setting['home_layout'] = nv_substr($nv_Request->get_title('home_layout', 'post', '', ''), 0, 255); $photo_setting['album_view'] = $nv_Request->get_title('album_view', 'post', '', 0); $photo_setting['module_logo'] = $nv_Request->get_title('module_logo', 'post', '', 0); $photo_setting['social_tool'] = $nv_Request->get_int('social_tool', 'post', 0); $photo_setting['fbappid'] = $nv_Request->get_int('fbappid', 'post', 0); $photo_setting['active_logo'] = $nv_Request->get_int('active_logo', 'post', 0); $photo_setting['autologosize1'] = $nv_Request->get_int('autologosize1', 'post', 50); $photo_setting['autologosize2'] = $nv_Request->get_int('autologosize2', 'post', 40); $photo_setting['autologosize3'] = $nv_Request->get_int('autologosize3', 'post', 30); $photo_setting['structure_upload'] = $nv_Request->get_title('structure_upload', 'post', '', 0); $photo_setting['maxupload'] = $nv_Request->get_int('maxupload', 'post', 0); $photo_setting['maxupload'] = min(nv_converttoBytes(ini_get('upload_max_filesize')), nv_converttoBytes(ini_get('post_max_size')), $photo_setting['maxupload']); if (!nv_is_url($photo_setting['module_logo']) and file_exists(NV_DOCUMENT_ROOT . $photo_setting['module_logo'])) { $lu = strlen(NV_BASE_SITEURL); $photo_setting['module_logo'] = substr($photo_setting['module_logo'], $lu); } elseif (!nv_is_url($photo_setting['module_logo'])) {
$site_favicon = $nv_Request->get_title('site_favicon', 'post'); if (empty($site_favicon) or $site_favicon == NV_ASSETS_DIR . '/favicon.ico') { $array_config['site_favicon'] = ''; } elseif (!nv_is_url($site_favicon)) { if (nv_is_file($site_favicon) === true) { $lu = strlen(NV_BASE_SITEURL); $array_config['site_favicon'] = substr($site_favicon, $lu); } else { $array_config['site_favicon'] = ''; } } $array_config['site_home_module'] = nv_substr($nv_Request->get_title('site_home_module', 'post', '', 1), 0, 255); if (!isset($site_mods[$array_config['site_home_module']])) { $array_config['site_home_module'] = $global_config['site_home_module']; } $array_config['site_description'] = nv_substr($nv_Request->get_title('site_description', 'post', '', 1), 0, 255); $array_config['disable_site_content'] = $nv_Request->get_editor('disable_site_content', '', NV_ALLOWED_HTML_TAGS); if (empty($array_config['disable_site_content'])) { $array_config['disable_site_content'] = $lang_global['disable_site_content']; } $array_config['ssl_https_modules'] = $nv_Request->get_array('ssl_https_modules', 'post', array()); $array_config['ssl_https_modules'] = array_intersect($array_config['ssl_https_modules'], array_keys($site_mods)); $array_config['ssl_https_modules'] = empty($array_config['ssl_https_modules']) ? '' : implode(',', $array_config['ssl_https_modules']); $sth = $db->prepare("UPDATE " . NV_CONFIG_GLOBALTABLE . " SET config_value= :config_value WHERE config_name = :config_name AND lang = '" . NV_LANG_DATA . "' AND module='global'"); foreach ($array_config as $config_name => $config_value) { $sth->bindParam(':config_name', $config_name, PDO::PARAM_STR, 30); $sth->bindParam(':config_value', $config_value, PDO::PARAM_STR); $sth->execute(); } $nv_Cache->delAll(); if (empty($errormess)) {
/** * @Project NUKEVIET 4.x * @Author VINADES.,JSC (contact@vinades.vn) * @Copyright (C) 2014 VINADES.,JSC. All rights reserved * @License GNU/GPL version 2 or any later version * @Createdate 2-1-2010 22:5 */ if (!defined('NV_IS_FILE_EXTENSIONS')) { die('Stop!!!'); } $page_title = $lang_global['mod_extensions']; $request = array(); $request['page'] = $nv_Request->get_int('page', 'get', 1); $request['mode'] = $nv_Request->get_title('mode', 'get', ''); $request['q'] = nv_substr($nv_Request->get_title('q', 'get', ''), 0, 64); // Fixed request $request['per_page'] = 10; $request['lang'] = NV_LANG_INTERFACE; $request['basever'] = $global_config['version']; // Mode filter if (!in_array($request['mode'], array('search', 'newest', 'popular', 'featured', 'downloaded', 'favorites'))) { header('Location:' . NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=manage'); die; } if ($request['mode'] != 'search') { $set_active_op = $request['mode']; } $xtpl = new XTemplate($op . '.tpl', NV_ROOTDIR . '/themes/' . $global_config['module_theme'] . '/modules/' . $module_file); $xtpl->assign('LANG', $lang_module); $xtpl->assign('REQUEST', $request);
if (!defined('NV_IS_FILE_WEBTOOLS')) { die('Stop!!!'); } $timezone_array = array_keys($nv_parse_ini_timezone); $googleAnalyticsMethod = array('classic' => 'Classic Analytics', 'universal' => 'Universal Analytics'); $array_config_global = array(); if ($nv_Request->isset_request('submit', 'post')) { $array_config_global['online_upd'] = $nv_Request->get_int('online_upd', 'post'); $array_config_global['statistic'] = $nv_Request->get_int('statistic', 'post'); $statistics_timezone = nv_substr($nv_Request->get_title('statistics_timezone', 'post', '', 0), 0, 255); if (!empty($statistics_timezone) and in_array($statistics_timezone, $timezone_array)) { $array_config_global['statistics_timezone'] = $statistics_timezone; } else { $array_config_global['statistics_timezone'] = NV_SITE_TIMEZONE_NAME; } $array_config_global['googleAnalyticsID'] = nv_substr($nv_Request->get_title('googleAnalyticsID', 'post', '', 1), 0, 20); if (!preg_match('/^UA-\\d{4,}-\\d+$/', $array_config_global['googleAnalyticsID'])) { $array_config_global['googleAnalyticsID'] = ''; } $array_config_global['googleAnalyticsSetDomainName'] = $nv_Request->get_int('googleAnalyticsSetDomainName', 'post'); $array_config_global['googleAnalyticsMethod'] = $nv_Request->get_title('googleAnalyticsMethod', 'post', '', 1); if (!isset($googleAnalyticsMethod[$array_config_global['googleAnalyticsMethod']])) { $googleAnalyticsMethod['googleAnalyticsMethod'] = 'classic'; } $sth = $db->prepare("UPDATE " . NV_CONFIG_GLOBALTABLE . " SET config_value = :config_value WHERE lang = 'sys' AND module = 'site' AND config_name = :config_name"); foreach ($array_config_global as $config_name => $config_value) { $sth->bindParam(':config_name', $config_name, PDO::PARAM_STR); $sth->bindParam(':config_value', $config_value, PDO::PARAM_STR); $sth->execute(); } nv_delete_all_cache(false);
} elseif (file_exists(NV_ROOTDIR . '/modules/' . $mod_file . '/language/block.' . $matches[1] . '.' . $matches[2] . '_' . NV_LANG_DATA . '.php')) { $path_file_lang = NV_ROOTDIR . '/modules/' . $mod_file . '/language/block.' . $matches[1] . '.' . $matches[2] . '_' . NV_LANG_DATA . '.php'; } elseif (file_exists(NV_ROOTDIR . '/modules/' . $mod_file . '/language/block.' . $matches[1] . '.' . $matches[2] . '_en.php')) { $path_file_lang = NV_ROOTDIR . '/modules/' . $mod_file . '/language/block.' . $matches[1] . '.' . $matches[2] . '_en.php'; } } } if (empty($row['title'])) { $row['title'] = str_replace('_', ' ', $matches[1] . ' ' . $matches[2]); } } else { $error[] = $lang_module['block_error_nsblock']; } $row['link'] = $nv_Request->get_title('link', 'post', ''); $row['template'] = nv_substr($nv_Request->get_title('template', 'post', '', 0), 0, 55); $row['position'] = nv_substr($nv_Request->get_title('position', 'post', '', 0), 0, 55); if (preg_match('/^([0-9]{1,2})\\/([0-9]{1,2})\\/([0-9]{4})$/', $nv_Request->get_string('exp_time', 'post'), $m)) { $row['exp_time'] = mktime(0, 0, 0, $m[2], $m[1], $m[3]); } else { $row['exp_time'] = 0; } $row['active'] = $nv_Request->get_int('active', 'post', 0); $groups_view = $nv_Request->get_array('groups_view', 'post', array()); $row['groups_view'] = !empty($groups_view) ? implode(',', nv_groups_post(array_intersect($groups_view, array_keys($groups_list)))) : ''; $all_func = ($nv_Request->get_int('all_func', 'post') == 1 and ((preg_match($global_config['check_block_module'], $row['file_name']) or preg_match($global_config['check_block_theme'], $row['file_name'])) and preg_match('/^global\\.([a-zA-Z0-9\\-\\_\\.]+)\\.php$/', $row['file_name']))) ? 1 : 0; $array_funcid_post = $nv_Request->get_array('func_id', 'post'); if (empty($all_func) and empty($array_funcid_post)) { $error[] = $lang_module['block_no_func']; } $row['leavegroup'] = $nv_Request->get_int('leavegroup', 'post', 0); if (!empty($row['leavegroup']) and !empty($row['bid'])) {
/** * @Project NUKEVIET 4.x * @Author VINADES.,JSC (contact@vinades.vn) * @Copyright (C) 2014 VINADES.,JSC. All rights reserved * @License GNU/GPL version 2 or any later version * @Createdate 3-6-2010 0:30 */ if (!defined('NV_IS_MOD_DOWNLOAD')) { die('Stop!!!'); } global $global_config, $lang_module, $lang_global, $module_info, $module_name, $module_file, $nv_Request; $list_cats = nv_list_cats(true); $download_config = nv_mod_down_config(); $page = $nv_Request->get_int('page', 'get', 1); $per_page = $download_config['per_page_child']; $key = nv_substr($nv_Request->get_title('q', 'post', '', 1), 0, NV_MAX_SEARCH_LENGTH); $cat = $nv_Request->get_int('cat', 'post', 0); $page_title = $lang_module['search'] . ' ' . $key; $base_url = NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=search'; $array_where = array(); $db->sqlreset()->select('COUNT(*)')->from(NV_PREFIXLANG . '_' . $module_data); if (!empty($key)) { $array_where[] = '(title LIKE :keyword1 OR description LIKE :keyword2 OR introtext LIKE :keyword3)'; } if (!empty($cat) and isset($list_cats[$cat])) { $allcat = $list_cats[$cat]['subcats']; if (!empty($allcat)) { $allcat[] = $cat; $array_where[] = 'catid IN (' . implode(',', $allcat) . ')'; } else { $array_where[] = 'catid = ' . $cat;
} $ss_safesend = $nv_Request->get_int('safesend', 'session', 0); if ($ss_safesend < NV_CURRENTTIME) { $name = $global_config['name_show'] ? array($row['first_name'], $row['last_name']) : array($row['last_name'], $row['first_name']); $name = array_filter($name); $name = implode(' ', $name); $sitename = '<a href="' . NV_MY_DOMAIN . NV_BASE_SITEURL . '">' . $global_config['site_name'] . '</a>'; $message = sprintf($lang_module['safe_send_content'], $name, $sitename, $row['safekey']); @nv_sendmail($global_config['site_email'], $row['email'], $lang_module['safe_send_subject'], $message); $ss_safesend = NV_CURRENTTIME + 600; $nv_Request->set_Session('safesend', $ss_safesend); } $ss_safesend = ceil(($ss_safesend - NV_CURRENTTIME) / 60); die(json_encode(array('status' => 'ok', 'input' => '', 'mess' => sprintf($lang_module['safe_send_ok'], $ss_safesend)))); } $safe_key = nv_substr($nv_Request->get_title('safe_key', 'post', '', 1), 0, 32); if (empty($row['safekey']) or $safe_key != $row['safekey']) { die(json_encode(array('status' => 'error', 'input' => 'safe_key', 'mess' => $lang_module['verifykey_error']))); } $stmt = $db->prepare('UPDATE ' . NV_USERS_GLOBALTABLE . ' SET safemode=1, safekey= :safekey WHERE userid=' . $user_info['userid']); $stmt->bindParam(':safekey', $row['safekey'], PDO::PARAM_STR); $stmt->execute(); die(json_encode(array('status' => 'ok', 'input' => nv_url_rewrite(NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=editinfo', true), 'mess' => $lang_module['safe_activate_ok']))); } $page_title = $mod_title = $lang_module['editinfo_pagetitle']; $key_words = $module_info['keywords']; if (!defined('NV_EDITOR')) { define('NV_EDITOR', 'ckeditor'); } require_once NV_ROOTDIR . '/' . NV_EDITORSDIR . '/' . NV_EDITOR . '/nv.php'; $sql = 'SELECT * FROM ' . NV_USERS_GLOBALTABLE . '_info WHERE userid=' . $user_info['userid'];
$array_config_global['site_lang'] = $site_lang; } if ($array_config_global['lang_multi'] == 0) { $array_config_global['rewrite_optional'] = $nv_Request->get_int('rewrite_optional', 'post', 0); $array_config_global['lang_geo'] = 0; $array_config_global['rewrite_op_mod'] = $nv_Request->get_title('rewrite_op_mod', 'post'); if (!isset($site_mods[$array_config_global['rewrite_op_mod']]) or $array_config_global['rewrite_optional'] == 0) { $array_config_global['rewrite_op_mod'] = ''; } } else { $array_config_global['rewrite_optional'] = 0; $array_config_global['lang_geo'] = $nv_Request->get_int('lang_geo', 'post', 0); $array_config_global['rewrite_op_mod'] = ''; } $array_config_global['error_set_logs'] = $nv_Request->get_int('error_set_logs', 'post', 0); $error_send_email = nv_substr($nv_Request->get_title('error_send_email', 'post', '', 1), 0, 255); if (nv_check_valid_email($error_send_email) == '') { $array_config_global['error_send_email'] = $error_send_email; } $array_config_global['cdn_url'] = ''; $cdn_url = rtrim($nv_Request->get_string('cdn_url', 'post'), '/'); if (!empty($cdn_url)) { $cdn_url = preg_replace('/^(http|https)\\:\\/\\//', '', $cdn_url); $cdn_url = preg_replace('/^([^\\/]+)\\/*(.*)$/', '\\1', $cdn_url); $_p = ''; if (preg_match('/(.*)\\:([0-9]+)$/', $cdn_url, $m)) { $cdn_url = $m[1]; $_p = ':' . $m[2]; } $cdn_url = nv_check_domain(nv_strtolower($cdn_url)); if (!empty($cdn_url)) {
} opidr(array('status' => 'success', 'mess' => $lang_module['account_register_to_admin'])); die; } $page_title = $lang_global['openid_login']; $key_words = $module_info['keywords']; $mod_title = $lang_global['openid_login']; $contents .= user_openid_login($gfx_chk, $attribs); include NV_ROOTDIR . '/includes/header.php'; echo nv_site_theme($contents, false); include NV_ROOTDIR . '/includes/footer.php'; exit; } //Dang nhap kieu thong thuong if ($nv_Request->isset_request('nv_login', 'post')) { $nv_username = nv_substr($nv_Request->get_title('nv_login', 'post', '', 1), 0, 100); $nv_password = $nv_Request->get_title('nv_password', 'post', ''); $nv_seccode = $nv_Request->get_title('nv_seccode', 'post', ''); $check_seccode = !$gfx_chk ? true : (nv_capcha_txt($nv_seccode) ? true : false); if (!$check_seccode) { die(signin_result(array('status' => 'error', 'input' => 'nv_seccode', 'mess' => $lang_global['securitycodeincorrect']))); } if (empty($nv_username)) { die(signin_result(array('status' => 'error', 'input' => 'nv_login', 'mess' => $lang_global['username_empty']))); } if (empty($nv_password)) { die(signin_result(array('status' => 'error', 'input' => 'nv_password', 'mess' => $lang_global['password_empty']))); } if (defined('NV_IS_USER_FORUM')) { $error = ''; require_once NV_ROOTDIR . '/' . DIR_FORUM . '/nukeviet/login.php';
$_form_exit = scandir(NV_ROOTDIR . '/' . NV_ASSETS_DIR . '/' . $module_file . '/files_tpl'); foreach ($_form_exit as $_form) { if (preg_match('/^cat\\_form\\_([a-zA-Z0-9\\-\\_]+)\\.tpl$/', $_form, $m)) { $cat_form_exit[] = $m[1]; } } if (!empty($savecat)) { $field_lang = nv_file_table($table_name); $data['catid'] = $nv_Request->get_int('catid', 'post', 0); $data['typeprice'] = $nv_Request->get_int('typeprice', 'post', 2); $data['parentid_old'] = $nv_Request->get_int('parentid_old', 'post', 0); $data['parentid'] = $nv_Request->get_int('parentid', 'post', 0); $data['title'] = nv_substr($nv_Request->get_title('title', 'post', '', 1), 0, 255); $data['title_custom'] = nv_substr($nv_Request->get_title('title_custom', 'post', '', 1), 0, 255); $data['keywords'] = nv_substr($nv_Request->get_title('keywords', 'post', '', 1), 0, 255); $data['alias'] = nv_substr($nv_Request->get_title('alias', 'post', '', 1), 0, 255); $data['description'] = $nv_Request->get_string('description', 'post', ''); $data['description'] = nv_nl2br(nv_htmlspecialchars(strip_tags($data['description'])), '<br />'); $data['descriptionhtml'] = $nv_Request->get_editor('descriptionhtml', '', NV_ALLOWED_HTML_TAGS); $data['viewdescriptionhtml'] = $nv_Request->get_int('viewdescriptionhtml', 'post', 0); $data['cat_allow_point'] = $nv_Request->get_int('cat_allow_point', 'post', 0); $data['cat_number_point'] = $nv_Request->get_int('cat_number_point', 'post', 0); $data['cat_number_product'] = $nv_Request->get_int('cat_number_product', 'post', 0); $data['alias'] = $data['alias'] == '' ? change_alias($data['title']) : change_alias($data['alias']); // Cat mo ta cho chinh xac if (strlen($data['description']) > 255) { $data['description'] = nv_clean60($data['description'], 250); } $_groups_post = $nv_Request->get_array('groups_view', 'post', array()); $data['groups_view'] = !empty($_groups_post) ? implode(',', nv_groups_post(array_intersect($_groups_post, array_keys($groups_list)))) : ''; if ($data['title'] == '') {
} elseif (empty($dataform['field'])) { $error = $lang_module['field_error_empty']; } else { // Kiểm tra trùng trường dữ liệu $stmt = $db->prepare('SELECT * FROM ' . NV_USERS_GLOBALTABLE . '_field WHERE field= :field'); $stmt->bindParam(':field', $dataform['field'], PDO::PARAM_STR); $stmt->execute(); if ($stmt->fetchColumn()) { $error = $lang_module['field_error']; } } } $language[NV_LANG_DATA] = array($dataform['title'], $dataform['description']); if ($dataform['field_type'] == 'textbox' || $dataform['field_type'] == 'textarea' || $dataform['field_type'] == 'editor') { $text_fields = 1; $dataform['match_type'] = nv_substr($nv_Request->get_title('match_type', 'post', '', 0, $preg_replace), 0, 50); $dataform['match_regex'] = $dataform['match_type'] == 'regex' ? $nv_Request->get_string('match_regex', 'post', '', false) : ''; $dataform['func_callback'] = $dataform['match_type'] == 'callback' ? $nv_Request->get_string('match_callback', 'post', '', false) : ''; if ($dataform['func_callback'] != '' and !function_exists($dataform['func_callback'])) { $dataform['func_callback'] = ''; } if ($dataform['field_type'] == 'editor') { $dataform['editor_width'] = $nv_Request->get_string('editor_width', 'post', '100%', 0); $dataform['editor_height'] = $nv_Request->get_string('editor_height', 'post', '300px', 0); if (!preg_match('/^([0-9]+)(\\%|px)+$/', $dataform['editor_width'])) { $dataform['editor_width'] = '100%'; } if (!preg_match('/^([0-9]+)(\\%|px)+$/', $dataform['editor_height'])) { $dataform['editor_height'] = '300px'; } $dataform['class'] = $dataform['editor_width'] . '@' . $dataform['editor_height'];
* @License GNU/GPL version 2 or any later version * @Createdate 2-9-2010 14:43 */ if (!defined('NV_IS_FILE_ADMIN')) { die('Stop!!!'); } $page_title = $lang_module['prounit']; $error = ""; $savecat = 0; $data = array("title" => "", 'note' => ""); $table_name = $db_config['prefix'] . "_" . $module_data . "_units"; $data['id'] = $nv_Request->get_int('id', 'post,get', 0); $savecat = $nv_Request->get_int('savecat', 'post', 0); if (!empty($savecat)) { $field_lang = nv_file_table($table_name); $data['title'] = nv_substr($nv_Request->get_title('title', 'post', '', 1), 0, 255); $data['note'] = $nv_Request->get_title('note', 'post', '', 1); if ($data['id'] == 0) { $listfield = ""; $listvalue = ""; foreach ($field_lang as $field_lang_i) { list($flang, $fname) = $field_lang_i; $listfield .= ", " . $flang . "_" . $fname; if ($flang == NV_LANG_DATA) { $listvalue .= ", " . $db->quote($data[$fname]); } else { $listvalue .= ", " . $db->quote($data[$fname]); } } $sql = "INSERT INTO " . $table_name . " (id " . $listfield . ") VALUES (NULL " . $listvalue . ")"; if ($db->insert_id($sql)) {
<?php /** * @Project NUKEVIET BLOG 4.x * @Author PHAN TAN DUNG (phantandung92@gmail.com) * @Copyright (C) 2014 PHAN TAN DUNG. All rights reserved * @License GNU/GPL version 2 or any later version * @Createdate Dec 11, 2013, 09:50:11 PM */ if (!defined('NV_IS_MOD_BLOG')) { die('Stop!!!'); } $page_title = $mod_title = $BL->lang('search'); // Breadcrumbs $array_mod_title[] = array('catid' => 0, 'title' => $BL->lang('search'), 'link' => NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=" . $op); $array = array('q' => nv_substr($nv_Request->get_title('q', 'get', '', NV_MIN_SEARCH_LENGTH), 0, NV_MAX_SEARCH_LENGTH), 'catid' => $nv_Request->get_int('catid', 'get', 0), 'contents' => array()); // Phân trang $page = $nv_Request->get_int('page', 'get', 1); $generate_page = ''; $total_pages = 0; $all_page = 0; // Chuyển đến trang xem theo theo mục nếu để trống từ khóa mà tìm theo danh mục if (empty($array['q']) and isset($global_array_cat[$array['catid']])) { header('Location:' . nv_url_rewrite(NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=" . $global_array_cat[$array['catid']]['alias'], true)); die; } // Chỉnh lại đường dẫn cho phù hợp if ($page < 1 or $page == 1 and $nv_Request->isset_request('page', 'get') or $nv_Request->isset_request('q', 'get') and empty($array['q']) or empty($array['q']) and isset($_GET['catid']) or isset($_GET['catid']) and (!is_numeric($_GET['catid']) or !isset($global_array_cat[$array['catid']]) and $array['catid'] != 0)) { header('Location:' . nv_url_rewrite(NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=" . $op, true)); die; }
} if (empty($block)) { include NV_ROOTDIR . '/includes/header.php'; echo json_encode(array('status' => 'error', 'message' => 'Invalid data', 'data' => array(), 'error' => array())); include NV_ROOTDIR . '/includes/footer.php'; } // Add + Edit submit if ($nv_Request->isset_request('submit', 'post')) { $data = $error = array(); $message = ''; $data['id'] = $nv_Request->get_int('id', 'post', 0); $data['title'] = nv_substr($nv_Request->get_title('title', 'post', ''), 0, 255); $data['description'] = $nv_Request->get_editor('description', '', NV_ALLOWED_HTML_TAGS); $data['link'] = nv_substr($nv_Request->get_string('link', 'post', ''), 0, 255); $data['target'] = nv_substr($nv_Request->get_title('target', 'post', ''), 0, 10); $data['image'] = nv_substr($nv_Request->get_title('image', 'post', ''), 0, 255); $data['status'] = $nv_Request->get_int('status', 'post', 0) == 0 ? 0 : 1; $data['exptime'] = $nv_Request->get_int('exptime', 'post', 0); if (empty($data['title'])) { $error[] = array('name' => 'title', 'value' => $lang_module['content_title_error']); } if (!empty($data['link'])) { if (!preg_match("/\\:\\/\\//i", $data['link'])) { $data['link'] = 'http://' . $data['link']; } if (!nv_is_url($data['link'])) { $error[] = array('name' => 'link', 'value' => $lang_module['content_link_error']); } } // Prosess image if (is_file(NV_DOCUMENT_ROOT . $data['image'])) {
if (empty($addfile) or $addfile != md5($client_info['session_id'])) { Header('Location: ' . nv_url_rewrite(NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name, true)); exit; } $array['catid'] = $nv_Request->get_int('upload_catid', 'post', 0); $array['title'] = nv_substr($nv_Request->get_title('upload_title', 'post', '', 1), 0, 255); $array['description'] = $nv_Request->get_editor('upload_description', '', NV_ALLOWED_HTML_TAGS); $array['introtext'] = $nv_Request->get_textarea('upload_introtext', '', NV_ALLOWED_HTML_TAGS); $array['author_name'] = nv_substr($nv_Request->get_title('upload_author_name', 'post', '', 1), 0, 100); $array['author_email'] = nv_substr($nv_Request->get_title('upload_author_email', 'post', ''), 0, 60); $array['author_url'] = nv_substr($nv_Request->get_title('upload_author_url', 'post', '', 0), 0, 255); $array['linkdirect'] = $nv_Request->get_textarea('upload_linkdirect', ''); $array['version'] = nv_substr($nv_Request->get_title('upload_version', 'post', '', 1), 0, 20); $array['filesize'] = $nv_Request->get_int('upload_filesize', 'post', 0); $array['copyright'] = nv_substr($nv_Request->get_title('upload_copyright', 'post', '', 1), 0, 255); $array['user_name'] = nv_substr($nv_Request->get_title('upload_user_name', 'post', '', 1), 0, 100); $array['user_id'] = 0; $seccode = $nv_Request->get_title('upload_seccode', 'post', ''); if (defined('NV_IS_USER')) { $array['user_name'] = $user_info['username']; $array['user_id'] = $user_info['userid']; } if (!empty($array['author_url'])) { if (!preg_match("#^(http|https|ftp|gopher)\\:\\/\\/#", $array['author_url'])) { $array['author_url'] = 'http://' . $array['author_url']; } } if (!empty($array['linkdirect'])) { $linkdirect = $array['linkdirect']; $linkdirect = nv_nl2br($linkdirect, '<br />'); $linkdirect = explode('<br />', $linkdirect);