function update()
{
if (User::is_admin()) {
$item_id = EClassApi::getParam('item_id');
$info = EClassApi::getParam('id');
if ($info == 'description') {
$value = Url::get('value');
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}
require_once ROOT_PATH . 'includes/htmLawed.php';
$config = array('safe' => 1, 'elements' => '*', 'deny_attribute' => 'class, id');
$spec = 'a = title, href;';
// The 'a' element can have only these attributes
$value = htmLawed($value, $config, $spec);
$value = EClassApi::clean_value($value);
} else {
/* $value = EClassApi::cleanHtml(EClassApi::filter_title(Url::get('value')));
$value = EClassApi::trimSpace(str_replace("\n"," ",$value));
*/
$value = EClassApi::getParam('value');
mb_internal_encoding("UTF-8");
$value = mb_strtoupper(mb_substr($value, 0, 1)) . mb_substr($value, 1);
}
$info_array = array('name', 'description');
if (!in_array($info, $info_array)) {
die("no_info");
}
$row = Item::get_item($item_id);
$item_memcache = $row;
if ($info == 'description' && strlen(EClassApi::plainText(EClassApi::post_db_parse_html($value))) < 15) {
echo "unsuccess";
exit;
}
/* if(!User::is_foodnet_team()){
$arr_badwords = EClassApi::checkBadWord($value,true);
$value_badwords = $arr_badwords["bad"]."@enbac@".$arr_badwords["bad_key"];
if((strlen(trim($row['bad_words']))!=strlen(trim($value_badwords))) && strlen($arr_badwords["bad"])>0){
die('bad_content');
}
} */
//if( $item_id && User::is_login()){
if ($item_id) {
//if(($row["user_id"] == User::id() && !User::is_block()) || User::have_permit(ADMIN_ITEM) || User::have_cat_permit($row["category_id"])){
if ($info == 'name' && strlen($value) >= 5 && strlen($value) <= 150) {
$input = array('name' => $value);
$item_memcache['name'] = $value;
$output = $value;
if ($value != $row['name'] && $row['is_up_auto'] == 1) {
//Nếu thay đổi tên thì cập nhật cho cả lịch up tin
DB::query("UPDATE up_item_schedule SET des='{$value}' WHERE item_id=" . $row['id']);
}
} else {
if ($info == 'description') {
$sapo = EClassApi::word_limit(String::html2txt(EClassApi::post_db_parse_html($value)), 30, '');
$input = array('description' => $value, 'sapo' => $sapo);
$item_memcache['description'] = $value;
$output = preg_replace("/\\[([\\s]*[0-9]{1,2}[\\s]*)\\]/eis", "\$this->embeded('\$1','{$item_id}')", EClassApi::parseBBCode(Url::get('value')));
} else {
$input = array();
}
}
$item_memcache['modify_user_name'] = User::user_name();
$item_memcache['filter_des'] = "";
$input['modify_user_name'] = User::user_name();
if ($row["status"] == 2) {
$item_memcache['modify_time_user'] = TIME_NOW;
$input['modify_time_user'] = TIME_NOW;
}
if ($input) {
DB::Update('item', $input, "id='" . $item_id . "'");
///update realtime
if (SORL_FILTER_ON) {
$solr = new Solr_Search();
$solr->doUpdateItem($item_id);
}
//-----
if (MEMCACHE_ON) {
eb_memcache::do_put("item:{$item_id}", $item_memcache);
}
}
echo $output;
exit;
/* }
else{
die("no_permission");
} */
}
}
die("no_perm");
}
function show_mes_outbox()
{
$search_text = EClassApi::getParam('search_text');
$is_archive = Url::get('is_archive', 0);
$table_topics = 'message_topics';
$table_text = 'message_text';
$url_archive = '';
$url_cmd = '';
if ($is_archive) {
$table_topics = $table_topics . '_archive';
$table_text = $table_text . '_archive';
$url_cmd = '&cmd=archive';
$url_archive = '&is_archive=1';
}
$condition = $table_topics . '.mt_owner_id =' . User::id() . '
AND ' . $table_topics . '.mt_vid_folder = "sent"
AND ' . $table_topics . '.mt_newest = 0';
if ($search_text && $search_text != "Account thành viên") {
$condition .= " AND mt_to_name LIKE '%{$search_text}%' ";
}
$str_content = '<form name="message">
<div id="boxFunctions">
Chọn:
<a style="cursor:pointer" id="select_all">Tất cả</a>,
<a style="cursor:pointer" id="select_read">Đã đọc</a>,
<a style="cursor:pointer" id="select_unchecked">Không chọn</a>
<div id="boxFunctionRight">
<div id="btn_del_mess" align="center" class="btnAllNewFeedback" onmouseout="this.className=\'btnAllNewFeedback\'" onmouseover="this.className=\'btnAllNewFeedbackHover\'" style="width:40px;">
<div class="btnRightAllFeedback" align="center" style="width:40px"><a title="Xóa tất cả tin nhặn đã chọn" href="javascript:void(0)" onClick="return delMessage(0,\'true\',\'outbox\')">Xoá</a></div>
</div>
</div>
</div>
';
$str_content .= '<table cellpadding="3" cellspacing="0" border="0" width="100%">';
$sql_count = 'SELECT COUNT(mt_id) AS total_row FROM ' . $table_topics . ' WHERE ' . $condition;
$total_item = DB::fetch($sql_count, 'total_row', 0);
$item_per_page = 15;
$limit = '';
$divID = 'mess_content';
$url_path = WEB_DIR . 'ajax.php?act=personal&code=show_mes_outbox' . $url_archive . '&search_text=' . $search_text;
require_once ROOT_PATH . 'core/ECPagging.php';
$paging = ECPagging::AjaxPaging($limit, $total_item, $item_per_page, 5, 'page_mes', '', false, false, $url_path, $divID, true);
$sql = 'SELECT ' . $table_text . '.msg_id, ' . $table_text . '.msg_author_name, ' . $table_text . '.msg_date, ' . $table_text . '.msg_post, ' . $table_topics . '.mt_id, ' . $table_topics . '.mt_ref_id,
' . $table_topics . '.mt_title, ' . $table_topics . '.mt_from_id, ' . $table_topics . '.mt_owner_id, ' . $table_topics . '.mt_read, ' . $table_topics . '.mt_owner_name, ' . $table_topics . '.mt_to_name,
account.avatar_url, account.img_server
FROM ' . $table_text . ', ' . $table_topics . ', account
WHERE ' . $table_text . '.msg_id = ' . $table_topics . '.mt_msg_id AND ' . $table_topics . '.mt_from_id = account.id AND ' . $condition . '
ORDER BY ' . $table_text . '.msg_date DESC ' . $limit;
//echo $sql;
//exit;
$result = DB::query($sql);
$stt = 0;
if ($result) {
while ($row = mysql_fetch_assoc($result)) {
if ($stt < $item_per_page) {
if ($row['mt_ref_id']) {
$sourceTitle = DB::select($table_topics, 'mt_id = ' . $row['mt_ref_id']);
if ($sourceTitle['mt_title']) {
$row['mt_title'] = $sourceTitle['mt_title'];
}
//else
//{
// $sentTitle = DB::select($table_topics,'mt_mgsid = ' . $row['mt_ref_id']);
//}
$row["mt_id"] = $row['mt_ref_id'];
$row['mt_ref_id'] = 0;
}
if ($row['avatar_url']) {
$row['avatar_url'] = EClassApi::getImageThumb($row['avatar_url'], 50, 50, 0, $row['img_server']);
} else {
$row['avatar_url'] = "style/images/50x50.gif";
}
//$row['msg_date'] = EClassApi::duration_time($row['msg_date']);
$msg_date = date('H:i | ', $row['msg_date']);
if (date('d.m.y', $row['msg_date']) == date('d.m.y', TIME_NOW)) {
$msg_date .= '<font color="green">Hôm nay</font>';
} else {
$msg_date .= date('d.m.y', $row['msg_date']);
}
$row['msg_date'] = $msg_date;
$row['msg_post'] = preg_replace("/\n/", "<br />", $row['msg_post']);
$row['msg_post'] = strip_tags(EClassApi::parseBBCode(EClassApi::convert_one_br($row['msg_post'])), '<br />');
if (strlen($row['msg_post']) > 40) {
$row['msg_post_short'] = EClassApi::word_limit($row['msg_post'], 40, ' ...');
//$row['msg_post_short'] = EClassApi::cleanHtml(EClassApi::word_limit($row['msg_post'],40,' ...'));
} else {
$row['msg_post_short'] = $row['msg_post'];
//$row['msg_post_short'] = EClassApi::cleanHtml($row['msg_post']);
}
//$str_title = '<a onclick="fn_show_mes_detail('.$row["mt_id"].')" rel="history" href="message.html'.$url_cmd.'#outbox/'.$row["mt_id"].'" id="a_'.$row["mt_id"].'" title="Hiển thị chi tiết" >'.$row["mt_title"].'</a> - <span class="textMestime">'.$row['msg_date'].'</span>';
if ($row['mt_owner_id'] != User::id()) {
$strUser = '******' . $row["mt_owner_name"] . '">' . $row["mt_owner_name"] . '</a>';
} else {
$strUser = '******' . $row["mt_to_name"] . '">' . $row["mt_to_name"] . '</a>';
}
if ($row["mt_read"] == 0 && !$is_archive) {
$str_title = '<a onclick="detail_reload_jcache = true;fn_show_mes_detail(' . $row["mt_id"] . ',1,\'outbox\')" rel="history" id="a_' . $row["mt_id"] . '" href="message.html?tab=gt' . $url_cmd . '#outbox/' . $row["mt_id"] . '" title="Hiển thị chi tiết" ><b>' . $row["mt_title"] . '</b></a>';
$read_class = ' unreadMessage';
} else {
$str_title = '<a onclick="detail_reload_jcache = true;fn_show_mes_detail(' . $row["mt_id"] . ',1,\'outbox\')" rel="history" id="a_' . $row["mt_id"] . '" href="message.html?tab=gt' . $url_cmd . '#outbox/' . $row["mt_id"] . '" title="Hiển thị chi tiết">' . $row["mt_title"] . '</a>';
$read_class = '';
}
$str_content .= '<tr id="' . $row["mt_id"] . '">
<td align="center" class="listMessage' . $read_class . '"><input type="checkbox" class="rowbox' . $read_class . '" id="inbox_' . $row["mt_id"] . '" name="inbox[]" value="' . $row["mt_id"] . '"></td>
<td align="center" class="listMessage' . $read_class . '">
<a href="' . $row["msg_author_name"] . '"><img src="' . $row["avatar_url"] . '"/></a>
</td>
<td valign="top" class="listMessage' . $read_class . '" style="white-space:nowrap; padding-right:15px; vertical-align:middle;">
<div>' . $strUser . '</div>
<div class="textMestime">' . $row['msg_date'] . '</div>
</td>
<td valign="top" class="listMessage clickable' . $read_class . '" style="padding-right:15px;width:65%;" lang="' . $row["mt_id"] . '">
<div style="margin-top:6px;">' . $str_title . '</div>
<div style="margin:6px 0;color:#808080">' . $row['msg_post_short'] . '</div>
</td>
<td align="center" class="listMessage' . $read_class . '" style="padding-right:10px;"> <span><a title="Xóa tin nhắn" onClick="return delMessage(' . $row["mt_id"] . ',\'false\',\'inbox\')" href="javascript:void(0)" style="padding:20px;" class="deleteButton"> </a></span></td>
</tr>
';
/*$str_content .= '<tr id="'.$row["mt_id"].'">
<td align="center" class="listMessage' . $read_class . '"><input type="checkbox" id="inbox_'.$row["mt_id"].'" name="inbox[]" value="'.$row["mt_id"].'"></td>
<td align="center" class="listMessage' . $read_class . '">
<a href="'.$row["mt_to_name"].'"><img src="'.$row["avatar_url"].'" vspace="4" hspace="4"/></a>
<div><a href="'.$row["mt_to_name"].'">'.$row["mt_to_name"].'</a></div>
</td>
<td valign="top" style="width:65%;" class="listMessage' . $read_class . '">
<div>'.$str_title.'</div>
<div style="margin-top:6px">'.$row['msg_post_short'].'</div>
</td>
<td align="center" class="listMessage' . $read_class . '"> <span><a title="Xóa tin nhắn" onClick="delMessage('.$row["mt_id"].',\'false\',\'sent\')" href="javascript:void(0)"> <img src="style/images/icon_delete.gif" width="9" height="9" /></a></span></td>
</tr>';*/
}
$stt++;
}
}
if ($stt > 0) {
$str_content .= '<tr><td></td><td>
</td><td colspan="2"><div style="float:right">' . $paging . '</div><div style="clear:right"></div></td></tr>';
} else {
$str_content .= '<tr><td></td><td colspan="3">
<center><div class="noMess">Không có Tin nhắn nào trong tin đã gửi</div></center>
</td></tr>';
}
$str_content .= '</table></form>';
echo $str_content;
exit;
}
function get_comment_thoitrang($sql, $sub = 0)
{
global $user_id_arr, $stt, $item_per_page;
//echo $sql;exit;
$re = DB::query($sql);
$items = array();
$id_parent = '';
while ($item = mysql_fetch_assoc($re)) {
if ($sub == 0) {
$stt++;
}
// if($sub || ($sub == 0 && $stt<=$item_per_page)){
//$item['created_time'] = EClassApi::duration_time($item['time']);
$item['created_time'] = date('H:i | d.m.Y', $item['time']);
if ($item['sender_user_id']) {
$item['sender_link'] = Url::build('shop', array('user_name' => $item['sender_user_name']));
} else {
$item['sender_link'] = '';
}
if ($item['sender_user_id']) {
$item['user_id'] = $item['sender_user_id'];
if (!in_array($item['sender_user_id'], $user_id_arr)) {
$user_id_arr[$item['sender_user_id']] = $item['sender_user_id'];
}
} else {
$item['user_id'] = 0;
if ($item['id'] % 3 == 0) {
$item['sender_avatar_url'] = 'style/avatar/1.png';
} elseif ($item['id'] % 3 == 1) {
$item['sender_avatar_url'] = 'style/avatar/2.png';
} else {
$item['sender_avatar_url'] = 'style/avatar/3.png';
}
$html_content = '';
$item['is_block'] = 0;
$item['is_admin_mod'] = array();
}
$item['content'] = EClassApi::parseBBCode($item['content']);
$item['URL_badcontent'] = Url::build('item_detail', array('id' => Url::get('id'), 'ctype' => 'comment', 'id_comment' => $item['id']));
if ($sub) {
$items['item'][$item['parent_id']][$item['id']] = $item;
} else {
if ($item['have_child'] > 0) {
$id_parent .= ($id_parent ? ',' : '') . $item['id'];
}
$items['item'][$item['id']] = $item;
}
$items['id_parent'] = $id_parent;
}
//}
return $items;
}
function user_comment_reply()
{
$c_user_id = (int) Url::get('c_user_id', 0);
$content = trim(EClassApi::getParam('content'));
$json = "";
if (!User::is_login()) {
$json = '({"msg":"no_login"})';
echo $json;
exit;
}
if (User::is_block()) {
$json = '({"msg":"no_perm"})';
echo $json;
exit;
}
if ($c_user_id) {
$comment_user = DB::select('comment_user', "id={$c_user_id}");
if ($comment_user && $comment_user['receiver_user_id'] == User::id() && $comment_user['sender_user_id'] != User::id()) {
if ($content) {
$json = '({"msg":"success"';
if (EClassApi::checkBadWord($content)) {
$json = '({"msg":"bad_word"})';
echo $json;
exit;
}
$user = User::getUser($comment_user['sender_user_id']);
if ($user) {
$id = DB::insert('comment_user', array('content' => $content, 'time' => TIME_NOW, 'post_ip' => EClassApi::ip(), 'sender_user_id' => User::id(), 'sender_user_name' => User::user_name(), 'receiver_user_id' => $user['id'], 'receiver_user_name' => $user['user_name'], 'is_read' => 0, 'status' => 0));
if ($id) {
DB::query('UPDATE account set total_comment_user=total_comment_user+1 WHERE id=' . $user['id']);
// so luu but
User::getUser($user['id'], 0, 1);
if ($user['email'] && $user['email_alert'] && $user['id'] != User::id()) {
$link = WEB_ROOT . '?page=shop&user_name=' . $user['user_name'] . '&mode=comment';
$link = ECRewrite::formatUrl($link);
EClassApi::addCronJob('user_comment', EClassApi::parseBBCode($content, true), $user['id'], User::user_name(), '', 0, '', $link);
}
}
}
if ($comment_user['status'] == 0) {
DB::query("UPDATE comment_user SET status=1, is_read=1 WHERE id={$c_user_id}");
//Cập nhật đã đọc - trả lời cho feed
DB::query("UPDATE feed SET status = 1 WHERE ref_id = {$c_user_id} AND type=1");
}
$json .= "})";
echo $json;
exit;
} elseif (Url::get('act') == 'reply' && $content == '') {
$json = '({"msg":"short_content"})';
echo $json;
exit;
}
}
}
$json = "({'msg':'no_perm'})";
echo $json;
exit;
}
