public function login()
{
if (cookie("curr_user_name")) {
//一周内自动登录
$name = str_filter(cookie("curr_user_name"));
$name = \Common\Encrypt::decode($name);
$where = array("name" => $name, "is_admin" => 1);
$user = D("User")->where($where)->find();
unset($user["pwd"]);
session("user", $user);
$user["err_login"] = 0;
D("User")->where(array("id" => $user["id"]))->save($user);
header("location:main");
exit;
}
if (IS_POST) {
$name = I("post.name", NULL, "str_filter");
$pwd = I("post.pwd", NULL, "str_filter");
//提交登录
$remember = I("post.remember", 0, "intval");
$vcode = I("post.vcode", "", "str_filter");
$this->ajaxReturn(D("User")->adminLogin($name, $pwd, $remember, $vcode), "JSON");
}
$this->display();
}
function finish()
{
$sql = "insert into `test_history`(it,uid,comp,time) values('" . $_GET['it'] . "','" . $_SESSION["userid"] . "','" . $comp . "','" . $_POST["timee"] . "')";
$query = @mysql_query($sql);
$tid = @mysql_insert_id();
$comp = time() - $_POST["timee"];
$comp2 = round($comp / 60);
$sqlques = "SELECT * FROM `ques_parts` where `it`='" . $_GET['it'] . "'";
$queryques = @mysql_query($sqlques);
$i = 0;
$score = 0;
while ($rowques = @mysql_fetch_array($queryques)) {
$i++;
if ($rowques[answer] != NULL) {
$score2 = $score2 + $rowques[score];
if ($_POST["ans" . $i] == $rowques[tf]) {
$score = $score + $rowques[score];
$tf = 1;
} else {
$tf = 0;
}
$sqlqueshis = "insert into `ques_history`(qid,tid,content,tf) values('" . $rowques[id] . "','" . $tid . "','" . mysql_escape_string($_POST["ans" . $i]) . "','" . $tf . "')";
$queryqueshis = @mysql_query($sqlqueshis);
} else {
$sqlqueshis = "insert into `ques_history`(qid,tid,content,tf) values('" . $rowques[id] . "','" . $tid . "','" . mysql_escape_string($_POST["ans" . $i]) . "',3)";
$queryqueshis = @mysql_query($sqlqueshis);
}
}
$sql = "update `test_history` set `score`='" . $score . "',`comp`='" . $comp2 . "' where `id`=" . $tid . "";
$query = @mysql_query($sql);
$sql = "SELECT * FROM `tests` where `id`='" . $_GET['it'] . "'";
$query = @mysql_query($sql);
$row = @mysql_fetch_array($query);
echo "<h4 style='font-style: normal;'>Điểm: " . $score . "/" . $score2 . "</h4>";
echo "<h4 style='font-style: normal;'>Thời gian làm bài: " . $comp2 . " phút/" . $row[time2] . " phút</h4>";
echo "<center><p><a href='./bao-cao-lam-thu/" . strtolower(str_filter(account($_SESSION["userid"], username))) . "/" . strtolower(str_filter($row[title])) . "-" . $tid . "'><button class='button2'>Xem chi tiết kết quả</button></a><br/></p></center>";
}
el.addClass('on').next().stop(false,true).slideDown(400);
}else{
$('.on').removeClass('on').next().stop(false,true).slideUp(400);
}
})
})(jQuery);
</script>
<div class="clear"></div>
</div>
<div class="boxnav">
<h3 class="titlenav">Đề kiểm tra được xem nhiều</a></h3>
<?php
$sqlmost = "SELECT * FROM `tests` order by `view` DESC LIMIT 0,6";
$querymost = @mysql_query($sqlmost);
while ($rowmost = @mysql_fetch_array($querymost)) {
echo "\n\t\t\t\t\t\t\t<ul style='margin: 6px;'>\n\t\t\t\t\t\t\t<li style='padding-bottom: 4px;'>\n\t\t\t\t\t\t\t<table>\n\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<a href='./" . strtolower(str_filter($rowmost['title'])) . "." . $rowmost['id'] . ".php'>\n\t\t\t\t\t\t\t<img src='" . $rowmost['thumb'] . "' width='40' height='40' class='img' style='margin-right: 5px;'>\n\t\t\t\t\t\t\t</a></td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<a href='./" . strtolower(str_filter($rowmost['title'])) . "." . $rowmost['id'] . ".php'>\n\t\t\t\t\t\t\t<p style='font-size: 1.3em;'>\n\t\t\t\t\t\t\t" . cu_t($rowmost['title'], 90) . "\n\t\t\t\t\t\t\t</p>\n\t\t\t\t\t\t\t</a>\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t</table>\n\t\t\t\t\t\t\t</li>\n\t\t\t\t\t\t\t</ul>";
}
?>
<div class="clear"></div>
</div>
<div class="boxnav">
<h3 class="titlenav">Like us on Facebook</a></h3>
<div class="fb-like-box" data-href="https://www.facebook.com/<?php
echo settings("fb_id_page");
?>
" data-width="288" data-show-faces="true" data-stream="false" data-show-border="false" data-header="false"></div>
<div class="clear"></div>
</div>
<div class="boxnav">
<h3 class="titlenav">Thống kê</h3>
<ul class="menunav">
// Lấy CSDL
while ($row2 = @mysql_fetch_array($query2)) {
if ($row2[it] != 0) {
$sqlt = "SELECT * from `tests` where `id`='" . $row2[it] . "'";
$queryt = @mysql_query($sqlt);
$rowt = @mysql_fetch_array($queryt);
$link = "../" . strtolower(str_filter($rowt['title'])) . "." . $rowt['id'] . ".php";
}
if ($row2[tid] != 0) {
$sqlvv = "SELECT * from `test_history` where `id`='" . $row2[tid] . "'";
$queryvv = @mysql_query($sqlvv);
$rowvv = @mysql_fetch_array($queryvv);
$sqlt = "SELECT * from `tests` where `id`='" . $rowvv[it] . "'";
$queryt = @mysql_query($sqlt);
$rowt = @mysql_fetch_array($queryt);
$link = "../" . strtolower(str_filter($rowt['title'])) . "." . $rowt['id'] . ".test";
}
$i++;
if ($i % 2 == 0) {
echo "<tr>";
} else {
echo "<tr class='odd'>";
}
echo "\n <td><a target='_blank' href='" . $link . "'>" . cu_t($row2[content], 135) . "</a></td>\n <td class='action'><a target='_blank' href='" . $link . "' class='view'>Xem</a><a href='editcmt.php?id=" . $row2['id'] . "' class='edit'>Sửa</a><a href='delcmt.php?id=" . $row2['id'] . "' class='delete'>Xóa</a></td>\n </tr>\n";
}
echo "</table></form><br/>";
if ($page > 1) {
if (isset($_GET['key'])) {
echo "<ul class='pagination' align='center'>";
$prev = $p - 1;
$next = $p + 1;
$db->query('delete from '.constant('db_prefix').' where id in('.$_REQUEST["del"].')');
if(empty($_REQUEST["url"]))
{
Utility::msg("删除成功");
}
else
{
Utility::msg("删除成功",$_REQUEST["url"]);
}
*/
$t = str_filter($_REQUEST['t']);
$del = str_filter($_REQUEST["del"]);
$url = str_filter($_REQUEST["url"]);
$type = str_filter($_REQUEST["type"]);
if ($del) {
if ($t == constant('PDO_CONNECT') . "pictures") {
//批量删除图片!
$list = $db->get_results(SqlText::select("*", $t, "id in(" . $del . ")", "sort desc,id desc", null, null, null));
foreach ($list as $item) {
@unlink(get_lcation_path($item["picture"]));
}
}
$db->query('delete from ' . $t . ' where id in(' . $del . ')');
if (!$url) {
msg_box("删除成功");
} else {
if ($type) {
msg_box("删除成功", $url . "?type=" . $type);
} else {
}
echo "</span>\n\t\t<a href='./" . strtolower(str_filter($row[title])) . "/" . strtolower(str_filter($row2[title])) . "." . $row2[id] . "'><span style='font-weight:bold'><img src='img/lv2.png' alt='Category' title='Category'> " . $row2[title] . "</span></a>\n\t\t</td>\n\t\t<!--<td class='action'><a href='addcate.php?cg2=" . $row2[id] . "' class='view'>Thêm</a><a href='editcate.php?cg2=" . $row2[id] . "' class='edit'>Sửa</a><a href='delcate.php?cg2=" . $row2[id] . "' class='delete'>Xóa</a></td>-->\n\t\t</tr>\n\t\t</tbody>\n\t\t</table>";
$sql3 = "SELECT * FROM `cate1` where `id2`='" . $row2[id] . "'";
$query3 = @mysql_query($sql3);
$num3 = @mysql_num_rows($query3);
$i = 0;
while ($row3 = @mysql_fetch_array($query3)) {
$i++;
echo "\n\t\t\t<table>\n\t\t\t<tbody>";
if ($j == $num2 && $i == $num3 && $z == $num) {
echo "<tr class='odd'>";
} else {
echo "<tr style='border-bottom: 0 !important;' class='odd'>";
}
echo "\n\t\t\t<td width='68%'>\n\t\t\t\t<span style='white-space:nowrap'>";
if ($j != $num2) {
echo "\n\t\t\t\t<img src='img/indent_line.gif' style='padding-top: 5px;'> ";
} else {
echo " ";
}
if ($i != $num3) {
echo "\n\t\t\t\t<img src='img/indent_middle.gif' style='padding-top: 5px;'>";
} else {
echo "\n\t\t\t\t<img src='img/indent_end.gif' style='padding-top: 5px;'>";
}
echo "\n\t\t\t\t</span>\n\t\t\t\t<a href='./" . strtolower(str_filter($row[title])) . "/" . strtolower(str_filter($row2[title])) . "/" . strtolower(str_filter($row3[title])) . "." . $row3[id] . "'>\n\t\t\t\t<span><img src='img/lv1.png' alt='Diễn Đàn' title='Diễn Đàn' > " . $row3[title] . "</span>\n\t\t\t\t</a>\n\t\t\t</td>\n\t\t\t<!--<td class='action'><a href='addcate.php?cg1=" . $row3[id] . "' class='view'>Thêm</a><a href='editcate.php?cg1=" . $row3[id] . "' class='edit'>Sửa</a><a href='delcate.php?cg1=" . $row3[id] . "' class='delete'>Xóa</a></td>-->\n\t\t\t</tr>\n\t\t\t</tbody>\n\t\t\t</table>";
}
}
}
echo "</form>\n\t\t\t\t\t<br/>";
require_once "footer.php";
$title = "Có lỗi";
$description = "Có lỗi";
$keyword = "Có lỗi,lỗi,co loi,loi";
require_once "header.php";
echo "<p class='message_red'>Đề kiểm tra này vẫn chưa hỗ trợ làm thử trực tuyến. Nếu bạn cho rằng đây là một lỗi bạn có thể liên hệ với quản trị viên!</p>";
} else {
$x = $_SERVER['REQUEST_URI'];
$kt = "/" . strtolower(str_filter($row[title])) . "." . $row[id] . ".test";
if ($x != $kt) {
header("refresh: 0; url=" . $kt . "");
}
$title = "Làm thử đề kiểm tra";
$description = "Làm thử đề kiểm tra " . $row[description];
$keyword = "Làm thử đề kiểm tra,lam thu de kiem tra,làm thử,lam thu,thử làm đề kiểm tra,thu lam de kiem tra," . $row[keyword];
$title2 = $row[title];
$link2 = strtolower(str_filter($row[title])) . "." . $_GET['it'] . ".php";
$sql = "SELECT * FROM `tests` where `id`='" . $_GET['it'] . "'";
$query = @mysql_query($sql);
$row = @mysql_fetch_array($query);
$sql1 = "SELECT * FROM `cate1` where `id`='" . $row[id1] . "'";
$query1 = @mysql_query($sql1);
$row1 = @mysql_fetch_array($query1);
$sql2 = "SELECT * FROM `cate2` where `id`='" . $row1[id2] . "'";
$query2 = @mysql_query($sql2);
$row2 = @mysql_fetch_array($query2);
$this3 = $row2[id3];
$view = $row[view] + 1;
$sqlview = "update `tests` set `view`='" . $view . "' where `id`='" . $_GET['it'] . "'";
$queryview = @mysql_query($sqlview);
require_once "header.php";
$sql = "SELECT * FROM `tests` where `id`='" . $_GET['it'] . "'";
$sql11 = "SELECT * FROM `cate1` where `id`='" . $row2[id1] . "'";
$query11 = @mysql_query($sql11);
$row11 = @mysql_fetch_array($query11);
// Lấy cate2
$sql22 = "SELECT * FROM `cate2` where `id`='" . $row11[id2] . "'";
$query22 = @mysql_query($sql22);
$row22 = @mysql_fetch_array($query22);
// Lấy cate3
$sql33 = "SELECT * FROM `cate3` where `id`='" . $row22[id3] . "'";
$query33 = @mysql_query($sql33);
$row33 = @mysql_fetch_array($query33);
echo "\n<table class='lololol' width='100%'>\n<tr>\n<td rowspan='3' align='center'>\n<img src='" . $row2['thumb'] . "' width='60' height='61' class='img2'>\n</td>\n<td class='title' colspan=2 width='100%'>\n<a href='./" . strtolower(str_filter($row2['title'])) . "." . $row2['id'] . ".php'><div class='more2'>Xem</div></a>\n<a href='./" . strtolower(str_filter($row2['title'])) . "." . $row2['id'] . ".php' style='font-size: 1.2em;' alt='" . $row2['title'] . "' title='" . $row2['title'] . "'><b>" . cu_t($row2[title], 50) . "</a></b>";
if ($row2[rt] != 0) {
echo " <img src='./images/blue-tick.png' width='18px' alt='Có thể làm thử đề kiểm tra' title='Có thể làm thử đề kiểm tra'>";
}
echo "\n</td>\n</tr>\n<tr>\n<td width='*'>\n<img src='./images/clock2.png' width='15px' style='margin-top: 0; margin-bottom: -2px'/> <i id='yeah'>" . ti_me($row2[time]) . "</i>\n</td>\n<td width='100px'>\n<img src='./images/eye.png' width='20px' style='margin-top: 0; margin-bottom: -5px'/> <span id='yeah'>" . $row2[view] . "</span>\n</td>\n</tr>\n<tr>\n<td width='*'>\n<img src='./images/list.png' width='16px' style='margin-top: 0; margin-bottom: -2px'/> <i id='yeah'><a href='./" . strtolower(str_filter($row33[title])) . "." . $row33[id] . "'>" . $row33[title] . "</a> > <a href='./" . strtolower(str_filter($row33[title])) . "/" . strtolower(str_filter($row22[title])) . "." . $row22[id] . "'>" . $row22[title] . "</a> > <a href='./" . strtolower(str_filter($row33[title])) . "/" . strtolower(str_filter($row22[title])) . "/" . strtolower(str_filter($row11[title])) . "." . $row11[id] . "'>" . $row11[title] . "</a></i></td>\n<td>\n<img src='./images/like.png' width='20px' style='margin-top: -5px; margin-bottom: -2px'/> <span id='yeah'>" . $row2[liked] . "</span>\n</td>\n</tr>\n</table>\n";
}
echo "</fieldset>";
if ($page > 1) {
echo "<ul class='pagination' align='center'>";
$prev = $p - 1;
$next = $p + 1;
if ($p - 1 > 1) {
echo "<li><b><a href='./latest_1' title='Trang đầu tiên - 1'>«</a></b></li> ";
}
if ($p > 1) {
echo "<li><b><a href='./latest_" . $prev . "' title='Trang trước - " . $prev . "' alt='Trang trước - " . $prev . "'><font face='arial'>◄</font></a></b></li> ";
echo "<li><b><a href='./latest_" . $prev . "' title='Trang " . $prev . "' alt='Trang " . $prev . "'>" . $prev . "</a></b></li> ";
}
echo "<li><b><a title='Trang hiện tại' alt='Trang hiện tại' class='current'>" . $p . "</a></b></li> ";
if ($p < $page) {
/**
* @param callable|string $allow
* @param callable|string|null $string
*
* @return callable
*/
function str_filter_dg($allow, $string = null)
{
if (null === $string) {
$string = tuple_get(0);
} elseif (is_string($string)) {
$string = return_dg($string);
} else {
debug_enforce_type($string, 'callable');
}
return function () use($allow, $string) {
$args = func_get_args();
return str_filter(call_user_func_array($string, $args), $allow);
};
}
$row22 = @mysql_fetch_array($query22);
// Lấy cate3
$sql33 = "SELECT * FROM `cate3` where `id`='" . $row22[id3] . "'";
$query33 = @mysql_query($sql33);
$row33 = @mysql_fetch_array($query33);
echo "\n<table class='lololol' width='100%'>\n<tr>\n<td rowspan='3' align='center'>\n<img src='" . $row2['thumb'] . "' width='60' height='61' class='img2'>\n</td>\n<td class='title' colspan=2 width='100%'>\n<a href='./" . strtolower(str_filter($row2['title'])) . "." . $row2['id'] . ".php'><div class='more2'>Xem</div></a>\n<a href='./" . strtolower(str_filter($row2['title'])) . "." . $row2['id'] . ".php' style='font-size: 1.2em;'><b>" . cu_t($row2[title], 40) . "</b></a>\n</td>\n</tr>\n<tr>\n<td width='*'>\nNgày đăng: <i id='yeah'>" . ti_me($row2[time]) . "</i>\n</td>\n<td width='100px' rowspan='2'>\nLượt xem: <i id='yeah'>" . $row2[view] . "</i>\n</td>\n</tr>\n<tr>\n<td width='*'>\nDanh mục: <i id='yeah'><a href='./" . strtolower(str_filter($row33[title])) . "." . $row33[id] . "'>" . $row33[title] . "</a> > <a href='./" . strtolower(str_filter($row33[title])) . "/" . strtolower(str_filter($row22[title])) . "." . $row22[id] . "'>" . $row22[title] . "</a> > <a href='./" . strtolower(str_filter($row33[title])) . "/" . strtolower(str_filter($row22[title])) . "/" . strtolower(str_filter($row11[title])) . "." . $row11[id] . "'>" . $row11[title] . "</a></i></td>\n</tr>\n</table>\n";
}
echo "</fieldset>";
if ($page > 1) {
echo "<ul class='pagination' align='center'>";
$prev = $p - 1;
$next = $p + 1;
if ($p - 1 > 1) {
echo "<li><b><a href='./danh-sach-de-da-tai-cua-" . strtolower(str_filter(account($id, username))) . "-" . $id . "' title='Trang đầu tiên - 1'>«</a></b></li> ";
}
if ($p > 1) {
echo "<li><b><a href='./danh-sach-de-da-tai-cua-" . strtolower(str_filter(account($id, username))) . "-" . $id . "_" . $prev . "' title='Trang trước - " . $prev . "' alt='Trang trước - " . $prev . "'><font face='arial'>◄</font></a></b></li> ";
echo "<li><b><a href='./danh-sach-de-da-tai-cua-" . strtolower(str_filter(account($id, username))) . "-" . $id . "_" . $prev . "' title='Trang " . $prev . "' alt='Trang " . $prev . "'>" . $prev . "</a></b></li> ";
}
echo "<li><b><a title='Trang hiện tại' alt='Trang hiện tại' class='current'>" . $p . "</a></b></li> ";
if ($p < $page) {
echo "<li><b><a href='./danh-sach-de-da-tai-cua-" . strtolower(str_filter(account($id, username))) . "-" . $id . "_" . $next . "' title='Trang " . $next . "' alt='Trang " . $next . "'>" . $next . "</a></b></li> ";
echo "<li><b><a href='./danh-sach-de-da-tai-cua-" . strtolower(str_filter(account($id, username))) . "-" . $id . "_" . $next . "' title='Trang sau - " . $next . "' alt='Trang sau - " . $next . "'><font face='arial'>►</font></a></b></li> ";
}
if ($p + 1 < $page) {
echo "<li><b><a href='./danh-sach-de-da-tai-cua-" . strtolower(str_filter(account($id, username))) . "-" . $id . "_" . $page . "' title='Trang cuối cùng - " . $page . "' alt='Trang cuối cùng - " . $page . "'>»</a></b></li>";
}
echo "</ul>";
}
}
require_once "footer.php";
unset($user["pwd"]);
$_SESSION["curr_user"] = $user;
$user["err_login"] = 0;
$id = $user["id"];
unset($user["id"]);
$db->query(SqlText::update("user", $user, "id = " . $id));
header("location:admin_index.php");
exit;
} elseif (isset($_SESSION["curr_user"])) {
header("location:admin_index.php");
exit;
}
$smarty->display(WEBPATH_ADMIN . '/index.html');
} elseif ($act == "login") {
$name = str_filter($_REQUEST["name"]);
$pwd = str_filter($_REQUEST["pwd"]);
$sql = "select * from user where name = '" . $name . "'";
$user = $db->get_row($sql, ARRAY_A);
if ($user) {
if ($user["err_login"] >= 3) {
if (isset($_REQUEST["vcode"]) && isset($_SESSION["admin_vcode"])) {
if (strtolower($_REQUEST["vcode"]) != strtolower($_SESSION["admin_vcode"])) {
output_json(1, "验证码错误");
}
unset($_SESSION["admin_vcode"]);
} else {
output_json(2);
}
}
if ($user["pwd"] == $pwd) {
unset($user["pwd"]);
<?php
require 'init.php';
$act = isset($_REQUEST["act"]) ? $_REQUEST["act"] : "default";
if ($act == "default") {
$id = intval($_REQUEST["id"]);
$sql = "select * from articlesingle where id = " . $id;
$row = $db->get_row($sql, ARRAY_A);
$row["content"] = html_entity_decode($row["content"]);
$smarty->assign('row', $row);
$smarty->display('admin/admin_articlesingle.html');
} elseif ($act == "update") {
$id = intval($_REQUEST["id"]);
$content = str_filter($_REQUEST["content"]);
$sql = "update articlesingle set content = '" . $content . "' where id = " . $id;
$db->query($sql);
output_json(0, "更新成功");
}
$kt = 2;
foreach ($y as $id2) {
if ($id2 == $_SESSION["userid"]) {
$kt = 1;
}
}
} else {
$kt = 3;
}
echo "\n<table style='margin-bottom: 3px;'>\n<tr><td valign='top' class='cmtAvatar'>\n<a href='thong-tin-thanh-vien-" . strtolower(str_filter(account($rowcmt[uid], username))) . "-" . $rowcmt[uid] . "'>";
if (account($rowcmt[uid], avatar) == NULL) {
$ava = "./images/noavatar.jpg";
} else {
$ava = account($rowcmt[uid], avatar);
}
echo "\n<img src='" . $ava . "' width='52' height='52' class='img3'/></a>\n</td>\n<td width='100%'>\n<div class='cmtContent'>\n<div class='cmtHeader'>\n<a href='thong-tin-thanh-vien-" . strtolower(str_filter(account($rowcmt[uid], username))) . "-" . $rowcmt[uid] . "'>\n" . account($rowcmt[uid], username) . "</a>\n<span class='cmtTime'>" . ti_me($rowcmt[time]) . "</span>\n</div>\n<p>" . $rowcmt[content] . "</p>\n<div class='cmtFooter'>";
if ($kt == 3) {
echo "<a href='?lightbox[width]=*&lightbox[height]=*#login-to-cmt' class='cmtLike lightbox'>Thích</a>";
} else {
if ($kt == 2) {
echo "<a href='uplike.php?id=" . $rowcmt[id] . "&lightbox[iframe]=true&lightbox[width]=330&lightbox[height]=60' class='cmtLike lightbox'>Thích</a>";
} else {
if ($kt == 1) {
echo "<a href='unlike.php?id=" . $rowcmt[id] . "&lightbox[iframe]=true&lightbox[width]=330&lightbox[height]=60' class='cmtLike cmtLiked lightbox'>Bỏ thích</a>";
}
}
}
echo "\n Có " . $rowcmt[liked] . " người thích điều này<rr/>\n</div></p>\n</div></td></tr>\n</table>\n";
}
}
?>
}
output_json(0, "请求成功", $data);
} elseif ($act == "add") {
$id = isset($_REQUEST["id"]) ? intval($_REQUEST["id"]) : 0;
$type = isset($_REQUEST["type"]) ? intval($_REQUEST["type"]) : 0;
$row = NULL;
if ($id) {
$sql = "select * from dataclass where id = " . $id;
$row = $db->get_row($sql, ARRAY_A);
} else {
$row = array("id" => 0, "name" => "", "type" => $type, "parent_id" => 0, "sort" => 0);
}
$smarty->assign("row", $row);
$smarty->display('admin/admin_dataclass_add.html');
} elseif ($act == "addsubmit") {
$list = array("name" => str_filter($_REQUEST["name"]), "sort" => intval($_REQUEST["sort"]), "parent_id" => intval($_REQUEST["parent_id"]), "type" => intval($_REQUEST['type']));
$id = isset($_REQUEST["id"]) ? intval($_REQUEST["id"]) : 0;
if ($id) {
$sql = SqlText::update("dataclass", $list, "id = " . $id);
$db->query($sql);
output_json(0, "更新成功");
} else {
$sql = SqlText::insert("dataclass", $list);
$db->query($sql);
output_json(0, "添加成功");
}
} elseif ($act == "get_tree_selector") {
//获取
$type = isset($_REQUEST["type"]) ? intval($_REQUEST["type"]) : 0;
$data = get_tree_selector($type);
output_json(0, "请求成功", $data);
function arr_content_replace($array)
{
if (is_array($array)) {
foreach ($array as $k => $v) {
$array[$k] = arr_content_replace($array[$k]);
}
} else {
$array = str_filter($array);
}
return $array;
}
<?php
require __DIR__ . '/../file_system.php';
require __DIR__ . '/../cli.php';
require __DIR__ . '/../debug.php';
require __DIR__ . '/../lst.php';
require __DIR__ . '/../string.php';
require __DIR__ . '/../bool.php';
debug_assert(str_filter('0A--B', not_dg(and_dg(eq_dg(tuple_get(), return_dg('-')), eq_dg(tuple_carry(), tuple_get())))) === '0A-B');
debug_assert(eq_dg(str_filter_dg(not_dg(and_dg(eq_dg(tuple_get(), return_dg('-')), eq_dg(tuple_carry(), tuple_get()))), '0A--B'), return_dg('0A-B')));
debug_assert(eq_dg(str_filter_dg(not_dg(and_dg(eq_dg(tuple_get(), return_dg('-')), eq_dg(tuple_carry(), tuple_get()))), return_dg('0A--B')), return_dg('0A-B')));
debug_assert(call_chain(return_dg('0A--B'), str_filter_dg(not_dg(and_dg(eq_dg(tuple_get(), return_dg('-')), eq_dg(tuple_carry(), tuple_get())))), eq_dg(tuple_get(0), return_dg('0A-B'))));
foreach ($list as &$v) {
$v["add_time"] = date("Y-m-d H:i:s", $v["add_time"]);
}
output_json(0, "请求成功", array("total" => $total, "page" => $page, "page_count" => $page_count, "list" => $list));
} elseif ($act == "add") {
$id = isset($_REQUEST["id"]) ? intval($_REQUEST["id"]) : 0;
if ($id) {
$row = $db->get_row("select * from data where id = " . $id, ARRAY_A);
$row["content"] = html_entity_decode($row["content"]);
} else {
$row = array("id" => 0, "name" => "", "sort" => 0, "dataclass_id" => 0, "content" => "", "type" => intval($_REQUEST['type']));
}
$smarty->assign('row', $row);
$smarty->display('admin/admin_data_add.html');
} elseif ($act == "addsubmit") {
$list = array("name" => str_filter($_REQUEST["name"]), "content" => str_filter($_REQUEST["content"]), "sort" => intval($_REQUEST["sort"]), "dataclass_id" => intval($_REQUEST["dataclass_id"]), "type" => intval($_REQUEST["type"]));
$id = isset($_REQUEST["id"]) ? intval($_REQUEST["id"]) : 0;
if ($id) {
$sql = SqlText::update("data", $list, "id=" . $id);
$db->query($sql);
output_json(0, "更新成功");
} else {
$list["add_time"] = time();
$list["hits"] = 0;
$sql = SqlText::insert("data", $list);
$db->query($sql);
output_json(0, "添加成功");
}
} elseif ($act == "del") {
$sql = "delete from data where id = " . intval($_REQUEST["id"]);
$db->query($sql);
case 3:
echo "Không xem được đề kiểm tra";
break;
case 4:
echo "Không download được đề kiểm tra";
break;
case 5:
echo "Khác";
}
if ($row2['note'] != NULL) {
echo ": " . $row2['note'];
}
$sql3 = "SELECT * FROM `tests` where `id`='" . $row2['testid'] . "'";
$query3 = @mysql_query($sql3);
$row3 = @mysql_fetch_array($query3);
echo " </td>\n <td class='action'><a href='../" . strtolower(str_filter($row3['title'])) . "." . $row3['id'] . ".php' class='view'>Xem</a><a href='./edittest.php?id=" . $row2['testid'] . "' class='edit'>Sửa lỗi</a><a href='./delreport.php?id=" . $row2['id'] . "' class='delete'>Xóa</a></td>\n </tr>";
}
echo "\n </table>\n\t\t\t\t\t\t<br/>\n </form>";
if ($page > 1) {
echo "<ul class='pagination' align='center'>";
$prev = $p - 1;
$next = $p + 1;
if ($p - 1 > 1) {
echo "<li><b><a href='./testreport.php?p=' title='Trang đầu tiên - 1'>«</a></b></li> ";
}
if ($p > 1) {
echo "<li><b><a href='./testreport?p=" . $prev . "' title='Trang trước - " . $prev . "' alt='Trang trước - " . $prev . "'><font face='arial'>◄</font></a></b></li> ";
echo "<li><b><a href='./testreport?p=" . $prev . "' title='Trang " . $prev . "' alt='Trang " . $prev . "'>" . $prev . "</a></b></li> ";
}
echo "<li><b><a title='Trang hiện tại' alt='Trang hiện tại' class='current'>" . $p . "</a></b></li> ";
if ($p < $page) {
<?php
function str_filter($str)
{
$unicode = array('a' => 'á|à|ả|ã|ạ|ă|ắ|ặ|ằ|ẳ|ẵ|â|ấ|ầ|ẩ|ẫ|ậ|ä|å|æ', 'd' => 'đ|ð', 'e' => 'é|è|ẻ|ẽ|ẹ|ê|ế|ề|ể|ễ|ệ', 'i' => 'í|ì|ỉ|ĩ|ị|î|ï', 'o' => 'ó|ò|ỏ|õ|ọ|ô|ố|ồ|ổ|ỗ|ộ|ơ|ớ|ờ|ở|ỡ|ợ', 'u' => 'ú|ù|ủ|ũ|ụ|ư|ứ|ừ|ử|ữ|ự', 'y' => 'ý|ỳ|ỷ|ỹ|ỵ', 'A' => 'Á|À|Ả|Ã|Ạ|Ă|Ắ|Ặ|Ằ|Ẳ|Ẵ|Â|Ấ|Ầ|Ẩ|Ẫ|Ậ|Ä|Å|Æ', 'D' => 'Đ', 'E' => 'É|È|Ẻ|Ẽ|Ẹ|Ê|Ế|Ề|Ể|Ễ|Ệ|Ë', 'I' => 'Í|Ì|Ỉ|Ĩ|Ị|Î|Ï', 'O' => 'Ó|Ò|Ỏ|Õ|Ọ|Ô|Ố|Ồ|Ổ|Ỗ|Ộ|Ơ|Ớ|Ờ|Ở|Ỡ|Ợ', 'U' => 'Ú|Ù|Ủ|Ũ|Ụ|Ư|Ứ|Ừ|Ử|Ữ|Ự', 'Y' => 'Ý|Ỳ|Ỷ|Ỹ|Ỵ');
foreach ($unicode as $nonUnicode => $uni) {
$str = preg_replace("/({$uni})/i", $nonUnicode, $str);
}
return $str;
}
echo str_filter($_GET['str']);
$sqlt = "SELECT * FROM `tests` where `id`='" . $row2[it] . "'";
$queryt = @mysql_query($sqlt);
$rowt = @mysql_fetch_array($queryt);
// Lấy cate1
$sql11 = "SELECT * FROM `cate1` where `id`='" . $rowt[id1] . "'";
$query11 = @mysql_query($sql11);
$row11 = @mysql_fetch_array($query11);
// Lấy cate2
$sql22 = "SELECT * FROM `cate2` where `id`='" . $row11[id2] . "'";
$query22 = @mysql_query($sql22);
$row22 = @mysql_fetch_array($query22);
// Lấy cate3
$sql33 = "SELECT * FROM `cate3` where `id`='" . $row22[id3] . "'";
$query33 = @mysql_query($sql33);
$row33 = @mysql_fetch_array($query33);
echo "\n<table class='lololol' width='100%'>\n<tr>\n<td rowspan='3' align='center'>\n<img src='" . $rowt['thumb'] . "' width='60' height='61' class='img2'>\n</td>\n<td class='title' colspan=2 width='100%'>\n<a href='./bao-cao-lam-thu/" . strtolower(str_filter(account($row2[uid], username))) . "/" . strtolower(str_filter($rowt[title])) . "-" . $row2['id'] . "'><div class='more2'>Xem</div></a>\n<a href='./bao-cao-lam-thu/" . strtolower(str_filter(account($row2[uid], username))) . "/" . strtolower(str_filter($rowt[title])) . "-" . $row2['id'] . "' style='font-size: 1.2em;' alt='" . $rowt['title'] . "' title='" . $rowt['title'] . "'><b>" . cu_t($rowt[title], 50) . "</a></b>\n</td>\n</tr>\n<tr>\n<td width='*'>\nNgày làm: <i id='yeah'>" . ti_me($row2[time]) . "</i>\n</td>\n<td width='100px'>\nĐiểm: <i id='yeah'>" . $row2[score] . "</i>\n</td>\n</tr>\n<tr>\n<td width='*'>\nDanh mục: <i id='yeah'><a href='./" . strtolower(str_filter($row33[title])) . "." . $row33[id] . "'>" . $row33[title] . "</a> > <a href='./" . strtolower(str_filter($row33[title])) . "/" . strtolower(str_filter($row22[title])) . "." . $row22[id] . "'>" . $row22[title] . "</a> > <a href='./" . strtolower(str_filter($row33[title])) . "/" . strtolower(str_filter($row22[title])) . "/" . strtolower(str_filter($row11[title])) . "." . $row11[id] . "'>" . $row11[title] . "</a></i></td>\n<td>\nThời gian hoàn thành: " . $row2[comp] . " phút\n</td>\n</tr>\n</table>\n";
}
echo "</fieldset>";
if ($page > 1) {
echo "<ul class='pagination' align='center'>";
$prev = $p - 1;
$next = $p + 1;
if ($p - 1 > 1) {
echo "<li><b><a href='./danh-sach-bao-cao-lam-thu-moi-nhat' title='Trang đầu tiên - 1'>«</a></b></li> ";
}
if ($p > 1) {
echo "<li><b><a href='./danh-sach-bao-cao-lam-thu-moi-nhat_" . $prev . "' title='Trang trước - " . $prev . "' alt='Trang trước - " . $prev . "'><font face='arial'>◄</font></a></b></li> ";
echo "<li><b><a href='./danh-sach-bao-cao-lam-thu-moi-nhat_" . $prev . "' title='Trang " . $prev . "' alt='Trang " . $prev . "'>" . $prev . "</a></b></li> ";
}
echo "<li><b><a title='Trang hiện tại' alt='Trang hiện tại' class='current'>" . $p . "</a></b></li> ";
if ($p < $page) {
} elseif ($act == "del") {
$id = intval($_REQUEST["id"]);
if ($id == $_SESSION["curr_user"]["id"]) {
output_json(1, "不能删除自己");
} else {
$where = "id=" . $_REQUEST["id"];
$sql = SqlText::delete("user", $where);
$db->query($sql);
output_json(0, "删除成功");
}
} elseif ($act == "pwd") {
$smarty->display('admin/admin_admin_pwd.html');
} elseif ($act == "pwdsubmit") {
$old_pwd = str_filter($_REQUEST["old_pwd"]);
$pwd = str_filter($_REQUEST["pwd"]);
$pwd2 = str_filter($_REQUEST["pwd2"]);
if ($pwd == $pwd2) {
$sql = SqlText::func("count", "id", "user", "name='" . $_SESSION["curr_user"]["name"] . "' and pwd='" . $old_pwd . "'");
$result = $db->get_var($sql);
if ($result) {
$list = array("pwd" => $pwd);
$db->query(SqlText::update("user", $list, "name='" . $_SESSION["curr_user"]["name"] . "'"));
output_json(0, "修改成功");
} else {
output_json(1, "旧密码错误");
}
} else {
output_json(1, "第二次输入密码不正确");
}
} else {
exit("错误请求");
$sql2 = "SELECT * FROM `tests` where `rt`=0 and `keyword` LIKE '%" . mysql_escape_string($_GET['key']) . "%' order by `id` DESC LIMIT " . $start . "," . $display;
// Lấy CSDL
} else {
$sql2 = "SELECT * FROM `tests` where `rt`=0 order by `id` DESC LIMIT " . $start . "," . $display;
// Lấy CSDL
}
$query2 = @mysql_query($sql2);
// Lấy CSDL
while ($row2 = @mysql_fetch_array($query2)) {
$i++;
if ($i % 2 == 0) {
echo "<tr>";
} else {
echo "<tr class='odd'>";
}
echo "\n <td><a target='_blank' href='../" . strtolower(str_filter($row2['title'])) . "." . $row2['id'] . ".php'>" . cu_t($row2[title], 135) . "</a></td>\n <td class='action'><a target='_blank' href='../" . strtolower(str_filter($row2['title'])) . "." . $row2['id'] . ".php' class='view'>Xem</a><a href='tposttest2.php?id=" . $row2['id'] . "' class='edit'>Chọn</a></td>\n </tr>\n";
}
echo "</table></form><br/>";
if ($page > 1) {
if (isset($_GET['key'])) {
echo "<ul class='pagination' align='center'>";
$prev = $p - 1;
$next = $p + 1;
if ($p - 1 > 1) {
echo "<li><b><a href='./tposttest.php?key=" . $_GET[key] . "' title='Trang đầu tiên - 1'>«</a></b></li> ";
}
if ($p > 1) {
echo "<li><b><a href='./tposttest.php?p=" . $prev . "&key=" . $_GET[key] . "' title='Trang trước - " . $prev . "' alt='Trang trước - " . $prev . "'><font face='arial'>◄</font></a></b></li> ";
echo "<li><b><a href='./tposttest.php?p=" . $prev . "&key=" . $_GET[key] . "' title='Trang " . $prev . "' alt='Trang " . $prev . "'>" . $prev . "</a></b></li> ";
}
echo "<li><b><a title='Trang hiện tại' alt='Trang hiện tại' class='current'>" . $p . "</a></b></li> ";
// Lấy CSDL
}
$query2 = @mysql_query($sql2);
// Lấy CSDL
while ($row2 = @mysql_fetch_array($query2)) {
// Lấy test
$sqlt = "SELECT * FROM `tests` where `id`='" . $row2[it] . "'";
$queryt = @mysql_query($sqlt);
$rowt = @mysql_fetch_array($queryt);
$i++;
if ($i % 2 == 0) {
echo "<tr>";
} else {
echo "<tr class='odd'>";
}
echo "\n <td><a target='_blank' href='../" . strtolower(str_filter($rowt['title'])) . "." . $row2['id'] . ".test'>" . cu_t($rowt[title], 135) . "</a></td>\n <td class='action'><a target='_blank' href='../" . strtolower(str_filter($rowt['title'])) . "." . $row2['id'] . ".test' class='view'>Xem</a><a href='tdeltesth.php?id=" . $row2['id'] . "' class='delete'>Xóa</a></td>\n </tr>\n";
}
echo "</table></form><br/>";
if ($page > 1) {
if (isset($_GET['key'])) {
echo "<ul class='pagination' align='center'>";
$prev = $p - 1;
$next = $p + 1;
if ($p - 1 > 1) {
echo "<li><b><a href='./ttesthistory.php?key=" . $_GET[key] . "' title='Trang đầu tiên - 1'>«</a></b></li> ";
}
if ($p > 1) {
echo "<li><b><a href='./ttesthistory.php?p=" . $prev . "&key=" . $_GET[key] . "' title='Trang trước - " . $prev . "' alt='Trang trước - " . $prev . "'><font face='arial'>◄</font></a></b></li> ";
echo "<li><b><a href='./ttesthistory.php?p=" . $prev . "&key=" . $_GET[key] . "' title='Trang " . $prev . "' alt='Trang " . $prev . "'>" . $prev . "</a></b></li> ";
}
echo "<li><b><a title='Trang hiện tại' alt='Trang hiện tại' class='current'>" . $p . "</a></b></li> ";
echo "</td>\n</tr>\n<tr>\n<td><b>Giới Tính :</b> ";
if (account($id, sex) == 1) {
echo "Nam";
} else {
if (account($id, sex) == 2) {
echo "Nữ";
} else {
echo "Chưa biết";
}
}
echo "</td>\n</tr>\n<tr>\n<td><b>Địa Chỉ :</b> ";
if (account($id, address) == NULL) {
echo "Chưa biết";
} else {
echo account($id, address);
}
echo "</td>\n</tr>\n<tr>\n<td><b>Yahoo :</b> ";
if (account($id, yahoo) == NULL) {
echo "Chưa biết";
} else {
echo account($id, yahoo);
}
echo "</td>\n</tr>\n<tr>\n<td><b>Mail :</b> " . account($id, email) . "</td>\n</tr>\n<tr>\n<td><b>Điện Thoại :</b> ";
if (account($id, phone) == NULL) {
echo "Chưa biết";
} else {
echo account($id, phone);
}
echo "</td>\n</tr>\n</table>\n</fieldset>\n<p style='float: left'><a href='danh-sach-de-da-dong-gop-cua-" . strtolower(str_filter(account($id, username))) . "-" . $id . "'>Danh sách đề đã đóng góp</a></p>\n<p style='float: right'><a href='danh-sach-de-da-tai-cua-" . strtolower(str_filter(account($id, username))) . "-" . $id . "'>Danh sách đề đã tải</a></p>\n<p style='float: none; text-align: center;'><a href='/danh-sach-bao-cao-lam-thu/" . strtolower(str_filter(account($id, username))) . "-" . account($id, id) . "'>Danh sách báo cáo làm thử đề kiểm tra</a></p>";
}
require_once "footer.php";