コード例 #1
0
ファイル: ajax_item.ajax.php プロジェクト: hqd276/bigs
 function update()
 {
     if (User::is_admin()) {
         $item_id = EClassApi::getParam('item_id');
         $info = EClassApi::getParam('id');
         if ($info == 'description') {
             $value = Url::get('value');
             if (get_magic_quotes_gpc()) {
                 $value = stripslashes($value);
             }
             require_once ROOT_PATH . 'includes/htmLawed.php';
             $config = array('safe' => 1, 'elements' => '*', 'deny_attribute' => 'class, id');
             $spec = 'a = title, href;';
             // The 'a' element can have only these attributes
             $value = htmLawed($value, $config, $spec);
             $value = EClassApi::clean_value($value);
         } else {
             /* $value		= EClassApi::cleanHtml(EClassApi::filter_title(Url::get('value')));
                 $value   	= EClassApi::trimSpace(str_replace("\n"," ",$value));
                */
             $value = EClassApi::getParam('value');
             mb_internal_encoding("UTF-8");
             $value = mb_strtoupper(mb_substr($value, 0, 1)) . mb_substr($value, 1);
         }
         $info_array = array('name', 'description');
         if (!in_array($info, $info_array)) {
             die("no_info");
         }
         $row = Item::get_item($item_id);
         $item_memcache = $row;
         if ($info == 'description' && strlen(EClassApi::plainText(EClassApi::post_db_parse_html($value))) < 15) {
             echo "unsuccess";
             exit;
         }
         /* if(!User::is_foodnet_team()){
                       $arr_badwords = EClassApi::checkBadWord($value,true);
         
                       $value_badwords = $arr_badwords["bad"]."@enbac@".$arr_badwords["bad_key"];
                       if((strlen(trim($row['bad_words']))!=strlen(trim($value_badwords))) && strlen($arr_badwords["bad"])>0){
                       die('bad_content');
                       }
                       } */
         //if( $item_id && User::is_login()){
         if ($item_id) {
             //if(($row["user_id"] == User::id() && !User::is_block()) || User::have_permit(ADMIN_ITEM) || User::have_cat_permit($row["category_id"])){
             if ($info == 'name' && strlen($value) >= 5 && strlen($value) <= 150) {
                 $input = array('name' => $value);
                 $item_memcache['name'] = $value;
                 $output = $value;
                 if ($value != $row['name'] && $row['is_up_auto'] == 1) {
                     //Nếu thay đổi tên thì cập nhật cho cả lịch up tin
                     DB::query("UPDATE up_item_schedule SET des='{$value}' WHERE item_id=" . $row['id']);
                 }
             } else {
                 if ($info == 'description') {
                     $sapo = EClassApi::word_limit(String::html2txt(EClassApi::post_db_parse_html($value)), 30, '');
                     $input = array('description' => $value, 'sapo' => $sapo);
                     $item_memcache['description'] = $value;
                     $output = preg_replace("/\\[([\\s]*[0-9]{1,2}[\\s]*)\\]/eis", "\$this->embeded('\$1','{$item_id}')", EClassApi::parseBBCode(Url::get('value')));
                 } else {
                     $input = array();
                 }
             }
             $item_memcache['modify_user_name'] = User::user_name();
             $item_memcache['filter_des'] = "";
             $input['modify_user_name'] = User::user_name();
             if ($row["status"] == 2) {
                 $item_memcache['modify_time_user'] = TIME_NOW;
                 $input['modify_time_user'] = TIME_NOW;
             }
             if ($input) {
                 DB::Update('item', $input, "id='" . $item_id . "'");
                 ///update realtime
                 if (SORL_FILTER_ON) {
                     $solr = new Solr_Search();
                     $solr->doUpdateItem($item_id);
                 }
                 //-----
                 if (MEMCACHE_ON) {
                     eb_memcache::do_put("item:{$item_id}", $item_memcache);
                 }
             }
             echo $output;
             exit;
             /* }
                else{
                die("no_permission");
                } */
         }
     }
     die("no_perm");
 }
コード例 #2
0
ファイル: ajax_personal.ajax.php プロジェクト: hqd276/bigs
    function show_mes_outbox()
    {
        $search_text = EClassApi::getParam('search_text');
        $is_archive = Url::get('is_archive', 0);
        $table_topics = 'message_topics';
        $table_text = 'message_text';
        $url_archive = '';
        $url_cmd = '';
        if ($is_archive) {
            $table_topics = $table_topics . '_archive';
            $table_text = $table_text . '_archive';
            $url_cmd = '&cmd=archive';
            $url_archive = '&is_archive=1';
        }
        $condition = $table_topics . '.mt_owner_id =' . User::id() . ' 
					AND ' . $table_topics . '.mt_vid_folder = "sent" 
					AND ' . $table_topics . '.mt_newest = 0';
        if ($search_text && $search_text != "Account thành viên") {
            $condition .= " AND mt_to_name LIKE '%{$search_text}%' ";
        }
        $str_content = '<form name="message">
						<div id="boxFunctions">
							Chọn: 
							<a style="cursor:pointer" id="select_all">Tất cả</a>,
							<a style="cursor:pointer" id="select_read">Đã đọc</a>,
							<a style="cursor:pointer" id="select_unchecked">Không chọn</a>
							<div id="boxFunctionRight">
								<div id="btn_del_mess" align="center" class="btnAllNewFeedback" onmouseout="this.className=\'btnAllNewFeedback\'"  onmouseover="this.className=\'btnAllNewFeedbackHover\'"  style="width:40px;">
									<div class="btnRightAllFeedback" align="center" style="width:40px"><a title="Xóa tất cả tin nhặn đã chọn" href="javascript:void(0)" onClick="return delMessage(0,\'true\',\'outbox\')">Xoá</a></div>
								</div>
							</div>
						</div>
						
						';
        $str_content .= '<table cellpadding="3" cellspacing="0" border="0" width="100%">';
        $sql_count = 'SELECT COUNT(mt_id) AS total_row FROM ' . $table_topics . ' WHERE ' . $condition;
        $total_item = DB::fetch($sql_count, 'total_row', 0);
        $item_per_page = 15;
        $limit = '';
        $divID = 'mess_content';
        $url_path = WEB_DIR . 'ajax.php?act=personal&code=show_mes_outbox' . $url_archive . '&search_text=' . $search_text;
        require_once ROOT_PATH . 'core/ECPagging.php';
        $paging = ECPagging::AjaxPaging($limit, $total_item, $item_per_page, 5, 'page_mes', '', false, false, $url_path, $divID, true);
        $sql = 'SELECT ' . $table_text . '.msg_id,	' . $table_text . '.msg_author_name, ' . $table_text . '.msg_date, ' . $table_text . '.msg_post, ' . $table_topics . '.mt_id, ' . $table_topics . '.mt_ref_id, 
					' . $table_topics . '.mt_title, ' . $table_topics . '.mt_from_id, ' . $table_topics . '.mt_owner_id, ' . $table_topics . '.mt_read, ' . $table_topics . '.mt_owner_name, ' . $table_topics . '.mt_to_name, 
					account.avatar_url, account.img_server 
				FROM ' . $table_text . ', ' . $table_topics . ', account 
				WHERE ' . $table_text . '.msg_id  = ' . $table_topics . '.mt_msg_id AND ' . $table_topics . '.mt_from_id = account.id AND ' . $condition . ' 
				ORDER BY ' . $table_text . '.msg_date DESC ' . $limit;
        //echo $sql;
        //exit;
        $result = DB::query($sql);
        $stt = 0;
        if ($result) {
            while ($row = mysql_fetch_assoc($result)) {
                if ($stt < $item_per_page) {
                    if ($row['mt_ref_id']) {
                        $sourceTitle = DB::select($table_topics, 'mt_id = ' . $row['mt_ref_id']);
                        if ($sourceTitle['mt_title']) {
                            $row['mt_title'] = $sourceTitle['mt_title'];
                        }
                        //else
                        //{
                        //	$sentTitle = DB::select($table_topics,'mt_mgsid = ' . $row['mt_ref_id']);
                        //}
                        $row["mt_id"] = $row['mt_ref_id'];
                        $row['mt_ref_id'] = 0;
                    }
                    if ($row['avatar_url']) {
                        $row['avatar_url'] = EClassApi::getImageThumb($row['avatar_url'], 50, 50, 0, $row['img_server']);
                    } else {
                        $row['avatar_url'] = "style/images/50x50.gif";
                    }
                    //$row['msg_date'] = EClassApi::duration_time($row['msg_date']);
                    $msg_date = date('H:i | ', $row['msg_date']);
                    if (date('d.m.y', $row['msg_date']) == date('d.m.y', TIME_NOW)) {
                        $msg_date .= '<font color="green">H&#244;m nay</font>';
                    } else {
                        $msg_date .= date('d.m.y', $row['msg_date']);
                    }
                    $row['msg_date'] = $msg_date;
                    $row['msg_post'] = preg_replace("/\n/", "<br />", $row['msg_post']);
                    $row['msg_post'] = strip_tags(EClassApi::parseBBCode(EClassApi::convert_one_br($row['msg_post'])), '<br />');
                    if (strlen($row['msg_post']) > 40) {
                        $row['msg_post_short'] = EClassApi::word_limit($row['msg_post'], 40, ' ...');
                        //$row['msg_post_short'] = EClassApi::cleanHtml(EClassApi::word_limit($row['msg_post'],40,' ...'));
                    } else {
                        $row['msg_post_short'] = $row['msg_post'];
                        //$row['msg_post_short'] = EClassApi::cleanHtml($row['msg_post']);
                    }
                    //$str_title = '<a onclick="fn_show_mes_detail('.$row["mt_id"].')" rel="history" href="message.html'.$url_cmd.'#outbox/'.$row["mt_id"].'" id="a_'.$row["mt_id"].'" title="Hiển thị chi tiết" >'.$row["mt_title"].'</a> - <span class="textMestime">'.$row['msg_date'].'</span>';
                    if ($row['mt_owner_id'] != User::id()) {
                        $strUser = '******' . $row["mt_owner_name"] . '">' . $row["mt_owner_name"] . '</a>';
                    } else {
                        $strUser = '******' . $row["mt_to_name"] . '">' . $row["mt_to_name"] . '</a>';
                    }
                    if ($row["mt_read"] == 0 && !$is_archive) {
                        $str_title = '<a onclick="detail_reload_jcache = true;fn_show_mes_detail(' . $row["mt_id"] . ',1,\'outbox\')" rel="history" id="a_' . $row["mt_id"] . '" href="message.html?tab=gt' . $url_cmd . '#outbox/' . $row["mt_id"] . '" title="Hiển thị chi tiết" ><b>' . $row["mt_title"] . '</b></a>';
                        $read_class = ' unreadMessage';
                    } else {
                        $str_title = '<a onclick="detail_reload_jcache = true;fn_show_mes_detail(' . $row["mt_id"] . ',1,\'outbox\')" rel="history" id="a_' . $row["mt_id"] . '" href="message.html?tab=gt' . $url_cmd . '#outbox/' . $row["mt_id"] . '" title="Hiển thị chi tiết">' . $row["mt_title"] . '</a>';
                        $read_class = '';
                    }
                    $str_content .= '<tr id="' . $row["mt_id"] . '">
									<td align="center" class="listMessage' . $read_class . '"><input type="checkbox" class="rowbox' . $read_class . '" id="inbox_' . $row["mt_id"] . '" name="inbox[]" value="' . $row["mt_id"] . '"></td>
									<td align="center" class="listMessage' . $read_class . '">
										<a href="' . $row["msg_author_name"] . '"><img src="' . $row["avatar_url"] . '"/></a>
									</td>
									<td valign="top" class="listMessage' . $read_class . '" style="white-space:nowrap; padding-right:15px; vertical-align:middle;">
										<div>' . $strUser . '</div>
										<div class="textMestime">' . $row['msg_date'] . '</div>
									</td>
									<td valign="top" class="listMessage clickable' . $read_class . '" style="padding-right:15px;width:65%;" lang="' . $row["mt_id"] . '">
										<div style="margin-top:6px;">' . $str_title . '</div>
										<div style="margin:6px 0;color:#808080">' . $row['msg_post_short'] . '</div>
									</td>
									<td align="center" class="listMessage' . $read_class . '" style="padding-right:10px;"> <span><a title="Xóa tin nhắn" onClick="return delMessage(' . $row["mt_id"] . ',\'false\',\'inbox\')" href="javascript:void(0)" style="padding:20px;" class="deleteButton"> &nbsp;</a></span></td>
								</tr>
								';
                    /*$str_content .= '<tr id="'.$row["mt_id"].'">
                    			<td align="center" class="listMessage' . $read_class . '"><input type="checkbox" id="inbox_'.$row["mt_id"].'" name="inbox[]" value="'.$row["mt_id"].'"></td>
                    			<td align="center" class="listMessage' . $read_class . '">
                    				<a href="'.$row["mt_to_name"].'"><img src="'.$row["avatar_url"].'"  vspace="4" hspace="4"/></a>
                    				<div><a href="'.$row["mt_to_name"].'">'.$row["mt_to_name"].'</a></div>	
                    			</td>
                    			<td valign="top" style="width:65%;" class="listMessage' . $read_class . '">
                    				<div>'.$str_title.'</div>
                    				<div style="margin-top:6px">'.$row['msg_post_short'].'</div>
                    			</td>
                    			<td align="center" class="listMessage' . $read_class . '"> <span><a title="Xóa tin nhắn" onClick="delMessage('.$row["mt_id"].',\'false\',\'sent\')" href="javascript:void(0)"> <img src="style/images/icon_delete.gif" width="9" height="9" /></a></span></td>
                    		</tr>';*/
                }
                $stt++;
            }
        }
        if ($stt > 0) {
            $str_content .= '<tr><td></td><td>
								</td><td colspan="2"><div style="float:right">' . $paging . '</div><div style="clear:right"></div></td></tr>';
        } else {
            $str_content .= '<tr><td></td><td colspan="3">
								<center><div class="noMess">Không có Tin nhắn nào trong tin đã gửi</div></center>
								</td></tr>';
        }
        $str_content .= '</table></form>';
        echo $str_content;
        exit;
    }
コード例 #3
0
ファイル: ajax_comment.ajax.php プロジェクト: hqd276/bigs
 function get_comment_thoitrang($sql, $sub = 0)
 {
     global $user_id_arr, $stt, $item_per_page;
     //echo $sql;exit;
     $re = DB::query($sql);
     $items = array();
     $id_parent = '';
     while ($item = mysql_fetch_assoc($re)) {
         if ($sub == 0) {
             $stt++;
         }
         //	if($sub || ($sub == 0 && $stt<=$item_per_page)){
         //$item['created_time'] = EClassApi::duration_time($item['time']);
         $item['created_time'] = date('H:i | d.m.Y', $item['time']);
         if ($item['sender_user_id']) {
             $item['sender_link'] = Url::build('shop', array('user_name' => $item['sender_user_name']));
         } else {
             $item['sender_link'] = '';
         }
         if ($item['sender_user_id']) {
             $item['user_id'] = $item['sender_user_id'];
             if (!in_array($item['sender_user_id'], $user_id_arr)) {
                 $user_id_arr[$item['sender_user_id']] = $item['sender_user_id'];
             }
         } else {
             $item['user_id'] = 0;
             if ($item['id'] % 3 == 0) {
                 $item['sender_avatar_url'] = 'style/avatar/1.png';
             } elseif ($item['id'] % 3 == 1) {
                 $item['sender_avatar_url'] = 'style/avatar/2.png';
             } else {
                 $item['sender_avatar_url'] = 'style/avatar/3.png';
             }
             $html_content = '';
             $item['is_block'] = 0;
             $item['is_admin_mod'] = array();
         }
         $item['content'] = EClassApi::parseBBCode($item['content']);
         $item['URL_badcontent'] = Url::build('item_detail', array('id' => Url::get('id'), 'ctype' => 'comment', 'id_comment' => $item['id']));
         if ($sub) {
             $items['item'][$item['parent_id']][$item['id']] = $item;
         } else {
             if ($item['have_child'] > 0) {
                 $id_parent .= ($id_parent ? ',' : '') . $item['id'];
             }
             $items['item'][$item['id']] = $item;
         }
         $items['id_parent'] = $id_parent;
     }
     //}
     return $items;
 }
コード例 #4
0
ファイル: ajax_user.ajax.php プロジェクト: hqd276/bigs
 function user_comment_reply()
 {
     $c_user_id = (int) Url::get('c_user_id', 0);
     $content = trim(EClassApi::getParam('content'));
     $json = "";
     if (!User::is_login()) {
         $json = '({"msg":"no_login"})';
         echo $json;
         exit;
     }
     if (User::is_block()) {
         $json = '({"msg":"no_perm"})';
         echo $json;
         exit;
     }
     if ($c_user_id) {
         $comment_user = DB::select('comment_user', "id={$c_user_id}");
         if ($comment_user && $comment_user['receiver_user_id'] == User::id() && $comment_user['sender_user_id'] != User::id()) {
             if ($content) {
                 $json = '({"msg":"success"';
                 if (EClassApi::checkBadWord($content)) {
                     $json = '({"msg":"bad_word"})';
                     echo $json;
                     exit;
                 }
                 $user = User::getUser($comment_user['sender_user_id']);
                 if ($user) {
                     $id = DB::insert('comment_user', array('content' => $content, 'time' => TIME_NOW, 'post_ip' => EClassApi::ip(), 'sender_user_id' => User::id(), 'sender_user_name' => User::user_name(), 'receiver_user_id' => $user['id'], 'receiver_user_name' => $user['user_name'], 'is_read' => 0, 'status' => 0));
                     if ($id) {
                         DB::query('UPDATE account set total_comment_user=total_comment_user+1 WHERE id=' . $user['id']);
                         // so luu but
                         User::getUser($user['id'], 0, 1);
                         if ($user['email'] && $user['email_alert'] && $user['id'] != User::id()) {
                             $link = WEB_ROOT . '?page=shop&user_name=' . $user['user_name'] . '&mode=comment';
                             $link = ECRewrite::formatUrl($link);
                             EClassApi::addCronJob('user_comment', EClassApi::parseBBCode($content, true), $user['id'], User::user_name(), '', 0, '', $link);
                         }
                     }
                 }
                 if ($comment_user['status'] == 0) {
                     DB::query("UPDATE comment_user SET status=1, is_read=1 WHERE id={$c_user_id}");
                     //Cập nhật đã đọc - trả lời cho feed
                     DB::query("UPDATE feed SET status = 1 WHERE ref_id = {$c_user_id} AND type=1");
                 }
                 $json .= "})";
                 echo $json;
                 exit;
             } elseif (Url::get('act') == 'reply' && $content == '') {
                 $json = '({"msg":"short_content"})';
                 echo $json;
                 exit;
             }
         }
     }
     $json = "({'msg':'no_perm'})";
     echo $json;
     exit;
 }