예제 #1
        $file_name = change_alias($page_title) . "_" . $id_export_save;
        $result = "OK_GETFILE";
        $nv_Request->set_Session($module_data . '_id_export', $id_export_save);
        $nv_Request->set_Session($module_data . '_export_filename', $export_filename . "@" . $file_name);
    $objWriter->save(NV_ROOTDIR . "/" . NV_CACHEDIR . "/" . $file_name . "." . $excel_ext);
} elseif ($step == 2 and $nv_Request->isset_request($module_data . '_export_filename', 'session')) {
    $export_filename = $nv_Request->get_string($module_data . '_export_filename', 'session', '');
    $array_filename = explode("@", $export_filename);
    $arry_file_zip = array();
    foreach ($array_filename as $file_name) {
        if (!empty($file_name) and file_exists(NV_ROOTDIR . '/' . NV_CACHEDIR . '/' . $file_name . '.' . $excel_ext)) {
            $arry_file_zip[] = NV_ROOTDIR . "/" . NV_CACHEDIR . "/" . $file_name . "." . $excel_ext;
    $file_src = NV_ROOTDIR . '/' . NV_TEMP_DIR . '/' . NV_TEMPNAM_PREFIX . change_alias($lang_module['export']) . '_' . md5(nv_genpass(10) . session_id()) . '.zip';
    require_once NV_ROOTDIR . '/includes/class/pclzip.class.php';
    $zip = new PclZip($file_src);
    $zip->create($arry_file_zip, PCLZIP_OPT_REMOVE_PATH, NV_ROOTDIR . "/" . NV_CACHEDIR);
    $filesize = @filesize($file_src);
    $nv_Request->unset_request($module_data . '_export_filename', 'session');
    foreach ($arry_file_zip as $file) {
    //Download file
    require_once NV_ROOTDIR . '/includes/class/download.class.php';
    $download = new download($file_src, NV_ROOTDIR . "/" . NV_TEMP_DIR, basename(change_alias($lang_module['export']) . ".zip"));
예제 #2
if (!defined('NV_IS_FILE_ADMIN')) {
$title = filter_text_input('title', 'post', '');
$id = $nv_Request->get_int('id', 'post', 0);
$alias = change_alias($title);
list($number) = $db->sql_fetchrow($db->sql_query("SELECT COUNT(*) FROM `" . NV_PREFIXLANG . "_" . $module_data . "` WHERE `id` !=" . $id . " AND `alias` =  " . $db->dbescape($alias) . ""));
if (intval($number) > 0) {
    $result = $db->sql_query("SHOW TABLE STATUS WHERE `Name`='" . NV_PREFIXLANG . "_" . $module_data . "'");
    $item = $db->sql_fetch_assoc($result);
    if (isset($item['Auto_increment'])) {
        $alias = $alias . "-" . $item['Auto_increment'];
    } else {
        list($weight) = $db->sql_fetchrow($db->sql_query("SELECT COUNT(*) FROM `" . NV_PREFIXLANG . "_" . $module_data . "`"));
        $weight = intval($weight) + 1;
        $alias = $alias . "-" . $weight;
include NV_ROOTDIR . "/includes/header.php";
echo $alias;
include NV_ROOTDIR . "/includes/footer.php";
예제 #3
if (!defined('NV_IS_FILE_ADMIN')) {
$page_title = $lang_module['playlists'];
$error = '';
$savecat = 0;
list($playlist_id, $title, $alias, $description, $image, $keywords, $status, $private_mode) = array(0, '', '', '', '', '', 1, 1);
$savecat = $nv_Request->get_int('savecat', 'post', 0);
if (!empty($savecat)) {
    $playlist_id = $nv_Request->get_int('playlist_id', 'post', 0);
    $title = $nv_Request->get_title('title', 'post', '', 1);
    $keywords = $nv_Request->get_title('keywords', 'post', '', 1);
    $alias = $nv_Request->get_title('alias', 'post', '');
    $description = $nv_Request->get_string('description', 'post', '');
    $description = nv_nl2br(nv_htmlspecialchars(strip_tags($description)), '<br/>');
    $alias = $alias == '' ? change_alias($title) : change_alias($alias);
    $status = $nv_Request->get_int('status', 'post', 0);
    $private_mode = $nv_Request->get_int('private_mode', 'post', 0);
    $image = $nv_Request->get_string('image', 'post', '');
    if (is_file(NV_DOCUMENT_ROOT . $image)) {
        $lu = strlen(NV_BASE_SITEURL . NV_UPLOADS_DIR . '/' . $module_upload . '/img/');
        $image = substr($image, $lu);
    } else {
        $image = '';
    if (empty($title)) {
        $error = $lang_module['error_name'];
    } elseif ($playlist_id == 0) {
        $weight = $db->query("SELECT max(weight) FROM " . NV_PREFIXLANG . "_" . $module_data . "_playlist_cat")->fetchColumn();
        $weight = intval($weight) + 1;
        $sql = "INSERT INTO " . NV_PREFIXLANG . "_" . $module_data . "_playlist_cat ( numbers, title, alias, status, private_mode, userid, description, image, weight, keywords, add_time, edit_time) VALUES (20, :title , :alias, :status, :private_mode, :userid, :description, :image, :weight, :keywords, " . NV_CURRENTTIME . ", " . NV_CURRENTTIME . ")";
예제 #4
$page_title = $lang_module['categories'];
$error = $admins = "";
$savecat = 0;
list($catid, $parentid, $title, $alias, $description, $keywords) = array(0, 0, "", "", "", "");
$savecat = $nv_Request->get_int('savecat', 'post', 0);
if (!empty($savecat)) {
    $catid = $nv_Request->get_int('catid', 'post', 0);
    list($parentid_old) = $db->sql_fetchrow($db->sql_query("SELECT `parentid` FROM `" . NV_PREFIXLANG . "_" . $module_data . "_cat` WHERE `catid` = '" . $catid . "'"));
    $parentid = $nv_Request->get_int('parentid', 'post', 0);
    $title = filter_text_input('title', 'post', "", 1, 100);
    $catimage = filter_text_input('catimage', 'post');
    $keywords = filter_text_input('keywords', 'post');
    $alias = filter_text_input('alias', 'post');
    $description = filter_text_textarea('description', '', NV_ALLOWED_HTML_TAGS);
    $alias = $alias == "" ? change_alias($title) : change_alias($alias);
    if ($catid == 0 and !empty($title)) {
        $description = nv_nl2br($description, '<br />');
        list($weight) = $db->sql_fetchrow($db->sql_query("SELECT max(`weight`) FROM `" . NV_PREFIXLANG . "_" . $module_data . "_cat` WHERE `parentid`=" . $db->dbescape($parentid) . ""));
        $weight = intval($weight) + 1;
        $query = "INSERT INTO `" . NV_PREFIXLANG . "_" . $module_data . "_cat` (`catid`, `parentid`, `title`, `catimage`, `alias`, `description`, `weight`, `inhome`, `numlinks`, `keywords`, `add_time`, `edit_time`) VALUES (NULL, " . $db->dbescape($parentid) . ", " . $db->dbescape($title) . ", " . $db->dbescape($catimage) . " , " . $db->dbescape($alias) . ", " . $db->dbescape($description) . ", " . $db->dbescape($weight) . ", '1', '3', " . $db->dbescape($keywords) . ", UNIX_TIMESTAMP(), UNIX_TIMESTAMP())";
        if ($db->sql_query_insert_id($query)) {
            nv_insert_logs(NV_LANG_DATA, $module_name, 'log_add_cat', " ", $admin_info['userid']);
            Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=" . $op . "");
        } else {
            $error = $lang_module['errorsave'];
예제 #5
 $data['catid'] = $nv_Request->get_int('catid', 'post', 0);
 $data['typeprice'] = $nv_Request->get_int('typeprice', 'post', 2);
 $data['parentid_old'] = $nv_Request->get_int('parentid_old', 'post', 0);
 $data['parentid'] = $nv_Request->get_int('parentid', 'post', 0);
 $data['title'] = nv_substr($nv_Request->get_title('title', 'post', '', 1), 0, 255);
 $data['title_custom'] = nv_substr($nv_Request->get_title('title_custom', 'post', '', 1), 0, 255);
 $data['keywords'] = nv_substr($nv_Request->get_title('keywords', 'post', '', 1), 0, 255);
 $data['alias'] = nv_substr($nv_Request->get_title('alias', 'post', '', 1), 0, 255);
 $data['description'] = $nv_Request->get_string('description', 'post', '');
 $data['description'] = nv_nl2br(nv_htmlspecialchars(strip_tags($data['description'])), '<br />');
 $data['descriptionhtml'] = $nv_Request->get_editor('descriptionhtml', '', NV_ALLOWED_HTML_TAGS);
 $data['viewdescriptionhtml'] = $nv_Request->get_int('viewdescriptionhtml', 'post', 0);
 $data['cat_allow_point'] = $nv_Request->get_int('cat_allow_point', 'post', 0);
 $data['cat_number_point'] = $nv_Request->get_int('cat_number_point', 'post', 0);
 $data['cat_number_product'] = $nv_Request->get_int('cat_number_product', 'post', 0);
 $data['alias'] = $data['alias'] == '' ? change_alias($data['title']) : change_alias($data['alias']);
 // Cat mo ta cho chinh xac
 if (strlen($data['description']) > 255) {
     $data['description'] = nv_clean60($data['description'], 250);
 $_groups_post = $nv_Request->get_array('groups_view', 'post', array());
 $data['groups_view'] = !empty($_groups_post) ? implode(',', nv_groups_post(array_intersect($_groups_post, array_keys($groups_list)))) : '';
 if ($data['title'] == '') {
     $error = $lang_module['error_cat_name'];
 $image = $nv_Request->get_string('image', 'post', '');
 if (is_file(NV_DOCUMENT_ROOT . $image)) {
     $lu = strlen(NV_BASE_SITEURL . NV_UPLOADS_DIR . '/' . $module_upload . '/');
     $data['image'] = substr($image, $lu);
 } else {
     $data['image'] = '';
예제 #6
if ($token != md5($nv_Request->session_id . $global_config['sitekey'])) {
    gltJsonResponse(array('code' => 200, 'message' => $lang_module['uploadErrorSess']));
// Chi admin moi co quyen upload
if (!defined('NV_IS_MODADMIN')) {
    gltJsonResponse(array('code' => 200, 'message' => $lang_module['uploadErrorPermission']));
// Tang thoi luong phien lam viec
if ($sys_info['allowed_set_time_limit']) {
    set_time_limit(5 * 3600);
// Get request value
$folder = $nv_Request->get_title('folder', 'post', '');
$fileName = $nv_Request->get_title('name', 'post', '');
$fileExt = nv_getextension($fileName);
$fileName = change_alias(substr($fileName, 0, -(strlen($fileExt) + 1))) . '.' . $fileExt;
$chunk = $nv_Request->get_int('chunk', 'post', 0);
$chunks = $nv_Request->get_int('chunks', 'post', 0);
if (empty($fileName) or empty($fileExt)) {
    gltJsonResponse(array('code' => 200, 'message' => $lang_module['uploadErrorFile']));
// Kiem tra file ton tai
$fileName2 = $fileName;
$i = 1;
while (file_exists(NV_ROOTDIR . '/' . NV_TEMP_DIR . '/' . $fileName2)) {
    $fileName2 = preg_replace('/(.*)(\\.[a-zA-Z0-9]+)$/', '\\1-' . $i . '\\2', $fileName);
$fileName = $fileName2;
$filePath = NV_ROOTDIR . '/' . NV_TEMP_DIR . '/' . $fileName;
// Open temp file
예제 #7
$array_site_cat_module = array();
if ($global_config['idsite']) {
    $_module = $db->query('SELECT module FROM ' . $db_config['dbsystem'] . '.' . $db_config['prefix'] . '_site_cat t1 INNER JOIN ' . $db_config['dbsystem'] . '.' . $db_config['prefix'] . '_site t2 ON t1.cid=t2.cid WHERE t2.idsite=' . $global_config['idsite'])->fetchColumn();
    if (!empty($_module)) {
        $array_site_cat_module = explode(',', $_module);
$title = $note = $modfile = $error = '';
$modules_site = nv_scandir(NV_ROOTDIR . '/modules', $global_config['check_module']);
if ($nv_Request->get_title('checkss', 'post') == NV_CHECK_SESSION) {
    $title = $nv_Request->get_title('title', 'post', '', 1);
    $modfile = $nv_Request->get_title('module_file', 'post', '', 1);
    $note = $nv_Request->get_title('note', 'post', '', 1);
    $title = strtolower(change_alias($title));
    $modules_admin = nv_scandir(NV_ROOTDIR . '/' . NV_ADMINDIR, $global_config['check_module']);
    $error = $lang_module['vmodule_exit'];
    if (!empty($title) and !empty($modfile) and !in_array($title, $modules_site) and !in_array($title, $modules_admin) and preg_match($global_config['check_module'], $title) and preg_match($global_config['check_module'], $modfile)) {
        $version = '';
        $author = '';
        $note = nv_nl2br($note, '<br />');
        $module_data = preg_replace('/(\\W+)/i', '_', $title);
        if (empty($array_site_cat_module) or in_array($modfile, $array_site_cat_module)) {
            try {
                $sth = $db->prepare('INSERT INTO ' . $db_config['prefix'] . '_setup_extensions (type, title, is_sys, is_virtual, basename, table_prefix, version, addtime, author, note) VALUES ( \'module\', :title, 0, 0, :basename, :table_prefix, :version, ' . NV_CURRENTTIME . ', :author, :note)');
                $sth->bindParam(':title', $title, PDO::PARAM_STR);
                $sth->bindParam(':basename', $modfile, PDO::PARAM_STR);
                $sth->bindParam(':table_prefix', $module_data, PDO::PARAM_STR);
                $sth->bindParam(':version', $version, PDO::PARAM_STR);
                $sth->bindParam(':author', $author, PDO::PARAM_STR);
예제 #8
 * detail_product()
 * @param mixed $data_content
 * @param mixed $data_unit
 * @param mixed $data_others
 * @param mixed $array_other_view
 * @param mixed $content_comment
 * @return
function detail_product($data_content, $data_unit, $data_others, $array_other_view, $content_comment, $compare_id, $popup, $idtemplate, $array_keyword)
    global $module_info, $lang_module, $module_file, $module_name, $module_upload, $pro_config, $global_config, $global_array_group, $array_wishlist_id, $client_info, $global_array_shops_cat, $meta_property, $pro_config, $user_info, $discounts_config, $my_head, $my_footer;
    $link = NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&amp;' . NV_NAME_VARIABLE . '=' . $module_name . '&amp;' . NV_OP_VARIABLE . '=';
    $link2 = NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=';
    $xtpl = new XTemplate('detail.tpl', NV_ROOTDIR . '/themes/' . $module_info['template'] . '/modules/' . $module_file);
    $xtpl->assign('GLANG', $lang_module);
    $xtpl->assign('LANG', $lang_module);
    $xtpl->assign('MODULE', $module_name);
    $xtpl->assign('MODULE_FILE', $module_file);
    $xtpl->assign('TEMPLATE', $module_info['template']);
    $xtpl->assign('NV_BASE_SITEURL', NV_BASE_SITEURL);
    $xtpl->assign('SELFURL', $client_info['selfurl']);
    $xtpl->assign('POPUP', $popup);
    $xtpl->assign('LINK_LOAD', NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=loadcart');
    $xtpl->assign('THEME_URL', NV_BASE_SITEURL . 'themes/' . $module_info['template']);
    $xtpl->assign('LINK_PRINT', NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=print_pro&id=' . $data_content['id']);
    if (!empty($data_content)) {
        $xtpl->assign('proid', $data_content['id']);
        $xtpl->assign('CAT_TITLE', $global_array_shops_cat[$data_content['listcatid']]['title']);
        $xtpl->assign('SRC_PRO_FULL', $global_config['site_url'] . $data_content['homeimgthumb']);
        $xtpl->assign('SRC_PRO', $data_content['homeimgthumb']);
        $xtpl->assign('SRC_PRO_LAGE', $data_content['homeimgfile']);
        if (!empty($data_content['homeimgfile']) and file_exists(NV_ROOTDIR . $data_content['homeimgfile'])) {
            $xtpl->assign('SRC_PRO_LAGE_INFO', nv_is_image(NV_ROOTDIR . $data_content['homeimgfile']));
        $xtpl->assign('TITLE', $data_content[NV_LANG_DATA . '_title']);
        $xtpl->assign('NUM_VIEW', $data_content['hitstotal']);
        $xtpl->assign('DATE_UP', $lang_module['detail_dateup'] . ' ' . nv_date('d-m-Y h:i:s A', $data_content['publtime']));
        $xtpl->assign('DETAIL', $data_content[NV_LANG_DATA . '_bodytext']);
        $xtpl->assign('LINK_ORDER', $link2 . 'setcart&id=' . $data_content['id']);
        $price = nv_get_price($data_content['id'], $pro_config['money_unit']);
        $xtpl->assign('PRICE', $price);
        $xtpl->assign('PRODUCT_CODE', $data_content['product_code']);
        $xtpl->assign('PRODUCT_NUMBER', $data_content['product_number']);
        $xtpl->assign('pro_unit', $data_unit['title']);
        if ($pro_config['active_gift'] and !empty($data_content[NV_LANG_DATA . '_gift_content']) and NV_CURRENTTIME >= $data_content['gift_from'] and NV_CURRENTTIME <= $data_content['gift_to']) {
            $xtpl->assign('gift_content', $data_content[NV_LANG_DATA . '_gift_content']);
        // Hien thi du lieu tuy bien o phan gioi thieu
        if (!empty($data_content['array_custom']) and !empty($data_content['array_custom_lang'])) {
            $custom_data = nv_custom_tpl('tab-introduce' . '.tpl', $data_content['array_custom'], $data_content['array_custom_lang'], $idtemplate);
            $xtpl->assign('CUSTOM_DATA', $custom_data);
        // San pham yeu thich
        if ($pro_config['active_wishlist']) {
            if (!empty($array_wishlist_id)) {
                if (in_array($data_content['id'], $array_wishlist_id)) {
        $exptime = $data_content['exptime'] != 0 ? date('d-m-Y', $data_content['exptime']) : 'N/A';
        $xtpl->assign('exptime', $exptime);
        $xtpl->assign('height', $pro_config['homeheight']);
        $xtpl->assign('width', $pro_config['homewidth']);
        if ($pro_config['active_showhomtext'] == '1') {
            $xtpl->assign('hometext', $data_content[NV_LANG_DATA . '_hometext']);
        if (!$popup) {
            // Hien thi tabs
            if (!empty($data_content['tabs'])) {
                $i = 0;
                foreach ($data_content['tabs'] as $tabs_id => $tabs_value) {
                    $tabs_content = '';
                    $tabs_key = $tabs_value['content'];
                    if ($tabs_key == 'content_detail') {
                        $tabs_content = $data_content[NV_LANG_DATA . '_bodytext'];
                    } elseif ($tabs_key == 'content_download' and $pro_config['download_active'] == 1) {
                        $download_content = nv_download_content($data_content, $tabs_key . '-' . $tabs_id);
                        $tabs_content = !empty($download_content) ? $download_content : '';
                    } elseif ($tabs_key == 'content_otherimage') {
                        $tabs_content = nv_display_othersimage($data_content['otherimage']);
                    } elseif ($tabs_key == 'content_comments') {
                        $tabs_content = $content_comment;
                    } elseif ($tabs_key == 'content_rate') {
                        if (!empty($data_content['allowed_rating']) and !empty($pro_config['review_active'])) {
                            $tabs_content = nv_review_content($data_content);
                    } elseif ($tabs_key == 'content_customdata') {
                        if (!empty($data_content['array_custom']) and !empty($data_content['array_custom_lang'])) {
                            $tabs_content = nv_custom_tpl('tab-' . strtolower(change_alias($data_content['tabs'][$tabs_id][NV_LANG_DATA . '_title'])) . '.tpl', $data_content['array_custom'], $data_content['array_custom_lang'], $idtemplate);
                    if (!empty($tabs_content)) {
                        $xtpl->assign('TABS_TITLE', $tabs_value[NV_LANG_DATA . '_title']);
                        $xtpl->assign('TABS_ID', $tabs_id);
                        $xtpl->assign('TABS_KEY', $tabs_key);
                        if (!empty($tabs_value['icon'])) {
                            $xtpl->assign('TABS_ICON', NV_BASE_SITEURL . NV_UPLOADS_DIR . '/' . $module_upload . '/' . $tabs_value['icon']);
                        } else {
                        $xtpl->assign('TABS_CONTENT', $tabs_content);
                        if ($i == 0) {
            if (!empty($array_keyword)) {
                $t = sizeof($array_keyword) - 1;
                foreach ($array_keyword as $i => $value) {
                    $xtpl->assign('KEYWORD', $value['keyword']);
                    $xtpl->assign('LINK_KEYWORDS', NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&amp;' . NV_NAME_VARIABLE . '=' . $module_name . '&amp;' . NV_OP_VARIABLE . '=tag/' . urlencode($value['alias']));
                    $xtpl->assign('SLASH', $t == $i ? '' : ', ');
            if (!empty($data_others)) {
                $hmtl = view_home_all($data_others, $compare_id);
                $xtpl->assign('OTHER', $hmtl);
            if (!empty($array_other_view)) {
                $hmtl = view_home_all($array_other_view, $compare_id);
                $xtpl->assign('OTHER_VIEW', $hmtl);
            if (defined('NV_IS_MODADMIN')) {
                $xtpl->assign('ADMINLINK', nv_link_edit_page($data_content['id']) . '&nbsp;-&nbsp;' . nv_link_delete_page($data_content['id']));
            if ($data_content['rating_total'] > 0 and $data_content['rating_point'] > 0) {
                $xtpl->assign('RATE_TOTAL', $data_content['rating_total']);
                $xtpl->assign('RATE_VALUE', $data_content['rating_point']);
            if (!empty($data_content['homeimgfile'])) {
        if (!empty($pro_config['show_product_code']) and !empty($data_content['product_code'])) {
    // Nhom san pham
    $listgroupid = GetGroupID($data_content['id'], 1);
    if (!empty($listgroupid) and !empty($global_array_group)) {
        $have_group = 0;
        foreach ($listgroupid as $gid => $subid) {
            $parent_info = $global_array_group[$gid];
            if ($parent_info['in_order']) {
                $have_group = 1;
                $xtpl->assign('GROUPID', $parent_info['groupid']);
                $xtpl->assign('HEADER', $parent_info['title']);
                if (!empty($subid)) {
                    foreach ($subid as $sub_gr_id) {
                        $sub_info = $global_array_group[$sub_gr_id];
                        if ($sub_info['in_order']) {
                            $xtpl->assign('GROUP', $sub_info);
                            if (sizeof($subid) == 1) {
        if ($have_group) {
    // Hien thi danh sach nhom san pham
    $i = 0;
    foreach ($listgroupid as $gid => $subid) {
        $parent_info = $global_array_group[$gid];
        if ($parent_info['indetail']) {
            $xtpl->assign('MAINTITLE', $parent_info['title']);
            if (!empty($subid)) {
                foreach ($subid as $sub_gr_id) {
                    $sub_info = $global_array_group[$sub_gr_id];
                    if ($sub_info['indetail']) {
                        $xtpl->assign('SUBTITLE', $sub_info['title']);
        if ($i > 0) {
    if ($i > 0) {
    if ($global_array_shops_cat[$data_content['listcatid']]['typeprice'] == 2) {
        $price_config = unserialize($data_content['price_config']);
        if (!empty($price_config) and sizeof($price_config) > 1) {
            $before = 1;
            foreach ($price_config as $items) {
                $items['number_from'] = $before;
                $items['price'] = nv_currency_conversion($items['price'], $data_content['money_unit'], $pro_config['money_unit']);
                $items['price'] = nv_number_format($items['price'], nv_get_decimals($pro_config['money_unit']));
                $xtpl->assign('ITEMS', $items);
                $before = $items['number_to'] + 1;
            $xtpl->assign('money_unit', $price['unit']);
    if ($pro_config['active_price'] == '1') {
        if ($data_content['showprice'] == '1') {
            if ($data_content['discount_id'] and $price['discount_percent'] > 0) {
            } else {
        } else {
    if ($pro_config['active_order'] == '1') {
        if ($data_content['showprice'] == '1') {
            if ($data_content['product_number'] > 0 or $pro_config['active_order_number']) {
                if (!$pro_config['active_order_number']) {
            } else {
    if (!empty($data_content['allowed_send'])) {
    if (!empty($data_content['allowed_print'])) {
    if (!empty($data_content['allowed_save'])) {
    if (!defined('FACEBOOK_JSSDK')) {
        $lang = NV_LANG_DATA == 'vi' ? 'vi_VN' : 'en_US';
        $facebookappid = $pro_config['facebookappid'];
        $xtpl->assign('FACEBOOK_LANG', $lang);
        $xtpl->assign('FACEBOOK_APPID', $facebookappid);
        if (!empty($facebookappid)) {
            $meta_property['fb:app_id'] = $facebookappid;
        define('FACEBOOK_JSSDK', true);
    return $xtpl->text('main');
예제 #9

if (!defined('NV_IS_FILE_ADMIN')) {
if ($nv_Request->isset_request('get_alias_title', 'post')) {
    $alias = $nv_Request->get_title('get_alias_title', 'post', '');
    $alias = change_alias($alias);
//change status
if ($nv_Request->isset_request('change_status', 'post, get')) {
    $id = $nv_Request->get_int('id', 'post, get', 0);
    $content = 'NO_' . $id;
    $query = 'SELECT status FROM ' . NV_PREFIXLANG . '_' . $module_data . '_cat WHERE id=' . $id;
    $row = $db->query($query)->fetch();
    if (isset($row['status'])) {
        $status = $row['status'] ? 0 : 1;
        $query = 'UPDATE ' . NV_PREFIXLANG . '_' . $module_data . '_cat SET status=' . intval($status) . ' WHERE id=' . $id;
        $content = 'OK_' . $id;
    include NV_ROOTDIR . '/includes/header.php';
예제 #10
$editor = $nv_Request->get_title('editor', 'post,get', '');
$CKEditorFuncNum = $nv_Request->get_int('CKEditorFuncNum', 'post,get', 0);
if (!preg_match("/^([a-zA-Z0-9\\-\\_]+)\$/", $editor)) {
    $editor = '';
if (empty($error)) {
    if (isset($array_dirname[$path])) {
        $did = $array_dirname[$path];
        $info = nv_getFileInfo($path, $upload_info['basename']);
        $info['userid'] = $admin_info['userid'];
        $newalt = $nv_Request->get_title('filealt', 'post', '', true);
        if (empty($newalt)) {
            $newalt = preg_replace('/(.*)(\\.[a-zA-Z0-9]+)$/', '\\1', $upload_info['basename']);
            $newalt = str_replace('-', ' ', change_alias($newalt));
        $sth = $db->prepare("INSERT INTO " . NV_UPLOAD_GLOBALTABLE . "_file\n\t\t(name, ext, type, filesize, src, srcwidth, srcheight, sizes, userid, mtime, did, title, alt) VALUES\n\t\t('" . $info['name'] . "', '" . $info['ext'] . "', '" . $info['type'] . "', " . $info['filesize'] . ", '" . $info['src'] . "', " . $info['srcwidth'] . ", " . $info['srcheight'] . ", '" . $info['size'] . "', " . $info['userid'] . ", " . $info['mtime'] . ", " . $did . ", '" . $upload_info['basename'] . "', :newalt)");
        $sth->bindParam(':newalt', $newalt, PDO::PARAM_STR);
    nv_insert_logs(NV_LANG_DATA, $module_name, $lang_module['upload_file'], $path . '/' . $upload_info['basename'], $admin_info['userid']);
    if ($editor == 'ckeditor') {
        echo "<script type=\"text/javascript\">window.parent.CKEDITOR.tools.callFunction(" . $CKEditorFuncNum . ", '" . NV_BASE_SITEURL . $path . "/" . $upload_info['basename'] . "', '');</script>";
    } else {
        echo $upload_info['basename'];
} else {
    if ($editor == 'ckeditor') {
        echo "<script type=\"text/javascript\">window.parent.CKEDITOR.tools.callFunction(" . $CKEditorFuncNum . ", '', '" . $error . "');</script>";
    } else {
예제 #11
$array_data = array();
$page = (isset($array_op[0]) and substr($array_op[0], 0, 5) == 'page-') ? intval(substr($array_op[0], 5)) : 1;
$per_page = $array_config['per_page'];
$base_url = NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name;
if ($nv_Request->isset_request('search', 'get')) {
    $array_search['keywords'] = $nv_Request->get_title('keywords', 'get', '');
    $array_search['blood_group'] = $nv_Request->get_title('blood_group', 'get', '');
    $base_url .= '&search=1';
    if (!empty($array_search['keywords'])) {
        $where .= ' AND first_name like "%' . $array_search['keywords'] . '%" OR last_name like "%' . $array_search['keywords'] . '%" OR email like "%' . $array_search['keywords'] . '%" OR phone like "%' . $array_search['keywords'] . '%" OR identity_card like "%' . $array_search['keywords'] . '%" OR width like "%' . $array_search['keywords'] . '%" OR weight like "%' . $array_search['keywords'] . '%" OR organize like "%' . $array_search['keywords'] . '%"';
        $base_url .= '&keywords=' . $array_search['keywords'];
    if (!empty($array_search['blood_group'])) {
        $where .= ' AND blood_group=' . $db->quote($array_search['blood_group']);
        $base_url .= '&blood_group=' . $array_search['blood_group'];
$db->sqlreset()->select('COUNT(*)')->from(NV_PREFIXLANG . '_' . $module_data)->where('1=1' . $where);
$all_page = $db->query($db->sql())->fetchColumn();
$db->select('id, userid, organize, last_name, first_name, birthday, gender, blood_group')->order('id DESC')->limit($per_page)->offset(($page - 1) * $per_page);
$_query = $db->query($db->sql());
while ($row = $_query->fetch()) {
    $row['alias'] = change_alias($row['last_name'] . ' ' . $row['first_name']) . '-' . $row['id'];
    $row['link'] = NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&amp;' . NV_NAME_VARIABLE . '=' . $module_name . '/' . $row['alias'];
    $array_data[$row['id']] = $row;
$generate_page = nv_alias_page($page_title, $base_url, $all_page, $per_page, $page);
$contents = nv_theme_blood_bank_main($array_data, $array_search, $generate_page);
include NV_ROOTDIR . '/includes/header.php';
echo nv_site_theme($contents);
include NV_ROOTDIR . '/includes/footer.php';
예제 #12
    $sql = 'SELECT id FROM ' . $table_name . ' WHERE id=' . $id;
    $id = $db->query($sql)->fetchColumn();
    if (empty($id)) {
        die('NO_' . $id);
    $new_status = $nv_Request->get_bool('new_status', 'post');
    $new_status = (int) $new_status;
    $sql = 'UPDATE ' . $table_name . ' SET status=' . $new_status . ' WHERE id=' . $id;
    die('OK_' . $pid);
if (!empty($savecat)) {
    $preg_replace = array('pattern' => '/[^a-zA-Z0-9\\_]/', 'replacement' => '_');
    $data['title'] = nv_substr($nv_Request->get_title('title', 'post', ''), 0, 50);
    $data['alias'] = strtolower(change_alias($data['title']));
    $stmt = $db->query('SELECT * FROM ' . $db_config['prefix'] . '_' . $module_data . '_template where alias=' . $db->quote($data['alias']))->fetchColumn();
    if (empty($data['title'])) {
        $error = $lang_module['template_error_name'];
    } elseif (!empty($stmt)) {
        $error = $lang_module['block_error_alias'];
    } else {
        if ($data['id'] == 0) {
            $listfield = "";
            $listvalue = "";
            $sql = "INSERT INTO " . $table_name . " VALUES (NULL ,1, '" . $data['title'] . "','" . $data['alias'] . "')";
            $templaid = $db->insert_id($sql);
            if ($templaid != 0) {
                $sql = "CREATE TABLE IF NOT EXISTS " . $db_config['prefix'] . "_" . $module_data . "_info_" . $templaid . "(\n\t\t\t  shopid mediumint(8) unsigned NOT NULL DEFAULT '0',\n\t\t\t  status tinyint(1) NOT NULL DEFAULT '1',\n\t\t\t  PRIMARY KEY (shopid)\n\t\t\t) ENGINE=MyISAM ";
예제 #13
$error = "";
if (defined('NV_EDITOR')) {
    require_once NV_ROOTDIR . '/' . NV_EDITORSDIR . '/' . NV_EDITOR . '/nv.php';
if ($nv_Request->get_int('save', 'post') == '1') {
    $title = filter_text_input('title', 'post', '', 1);
    $alias = filter_text_input('alias', 'post', '', 1);
    $bodytext = nv_editor_filter_textarea('bodytext', '', NV_ALLOWED_HTML_TAGS);
    if (empty($title)) {
        $error = $lang_module['aabout9'];
    } elseif (strip_tags($bodytext) == "") {
        $error = $lang_module['aabout10'];
    } else {
        $bodytext = nv_editor_nl2br($bodytext);
        $alias = empty($alias) ? change_alias($title) : change_alias($alias);
        if (defined('IS_EDIT')) {
            nv_insert_logs(NV_LANG_DATA, $module_name, 'log_edit_about', "aboutid " . $id, $admin_info['userid']);
            $query = "UPDATE`" . NV_PREFIXLANG . "_" . $module_data . "` SET \r\n            `title`=" . $db->dbescape($title) . ", `alias` =  " . $db->dbescape($alias) . ", \r\n            `bodytext`=" . $db->dbescape($bodytext) . ", `keywords`='', `edit_time`=" . NV_CURRENTTIME . " WHERE `id` =" . $id;
        } else {
            list($weight) = $db->sql_fetchrow($db->sql_query("SELECT MAX(`weight`) FROM `" . NV_PREFIXLANG . "_" . $module_data . "`"));
            $weight = intval($weight) + 1;
            $query = "INSERT INTO `" . NV_PREFIXLANG . "_" . $module_data . "` VALUES (\r\n            NULL, " . $db->dbescape($title) . ", " . $db->dbescape($alias) . ", " . $db->dbescape($bodytext) . ", '', \r\n            " . $weight . ", " . $admin_info['admin_id'] . ", " . NV_CURRENTTIME . ", " . NV_CURRENTTIME . ", 1);";
            nv_insert_logs(NV_LANG_DATA, $module_name, 'log_add_about', " ", $admin_info['userid']);
        Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=main");
} else {
예제 #14
                 $array_fiter = array('create table if not exists', 'create table', '(', '`');
                 $table = str_replace($array_fiter, '', $table);
                 $table = preg_replace('/(\\W+)/i', '_', trim($table));
                 $table = preg_replace("/^" . nv_preg_quote(NV_PREFIXLANG . '_' . $data_system['module_data'] . '_') . "(.*)\$/", "\\1", $table);
                 $table = preg_replace("/^" . nv_preg_quote(NV_PREFIXLANG . '_' . $data_system['module_data']) . "(.*)\$/", "\\1", $table);
                 $table = preg_replace("/^" . nv_preg_quote($db_config['prefix'] . '_' . $data_system['module_data'] . '_') . "(.*)\$/", "\\1", $table);
                 $table = preg_replace("/^" . nv_preg_quote($db_config['prefix'] . '_' . $data_system['module_data']) . "(.*)\$/", "\\1", $table);
                 $table = preg_replace("/^" . nv_preg_quote(NV_PREFIXLANG . '_') . "(.*)\$/", "\\1", $table);
                 $table = preg_replace("/^" . nv_preg_quote($db_config['prefix'] . '_') . "(.*)\$/", "\\1", $table);
             $data_sql[] = array('table' => $table, 'sql' => $sql);
         } elseif (strlen($sql) > 10) {
             $table = $tablename[$key];
             if (!empty($table)) {
                 $table = str_replace("_", "-", $table);
                 $table = change_alias($table);
                 $table = str_replace("-", "_", $table);
             $data_sql[] = array('table' => $table, 'sql' => $sql);
 if (!empty($data_system['module_name'])) {
     if ($nv_Request->get_string('download', 'post', 0)) {
         $tempdir = 'nv4_module_' . $data_system['module_name'] . '_' . md5(nv_genpass(10) . session_id());
         if (is_dir(NV_ROOTDIR . "/" . NV_TEMP_DIR . "/" . $tempdir)) {
             nv_deletefile(NV_ROOTDIR . "/" . NV_TEMP_DIR . "/" . $tempdir, true);
         nv_mkdir_nvtools(NV_ROOTDIR . "/" . NV_TEMP_DIR, $tempdir);
         nv_mkdir_nvtools(NV_ROOTDIR . "/" . NV_TEMP_DIR . "/" . $tempdir, "modules");
         nv_mkdir_nvtools(NV_ROOTDIR . "/" . NV_TEMP_DIR . "/" . $tempdir . "/modules", $data_system['module_name'], 1);
예제 #15
 $row['imagealt'] = $nv_Request->get_title('imagealt', 'post', '', 1);
 $row['imageposition'] = $nv_Request->get_int('imageposition', 'post', 0);
 $row['description'] = $nv_Request->get_textarea('description', '', 'br', 1);
 $row['bodytext'] = $nv_Request->get_editor('bodytext', '', NV_ALLOWED_HTML_TAGS);
 $row['keywords'] = nv_strtolower($nv_Request->get_title('keywords', 'post', '', 0));
 $row['socialbutton'] = $nv_Request->get_int('socialbutton', 'post', 0);
 $row['layout_func'] = $nv_Request->get_title('layout_func', 'post', '');
 $row['gid'] = $nv_Request->get_int('gid', 'post', 0);
 $_groups_post = $nv_Request->get_array('activecomm', 'post', array());
 $row['activecomm'] = !empty($_groups_post) ? implode(',', nv_groups_post(array_intersect($_groups_post, array_keys($groups_list)))) : '';
 if (empty($row['title'])) {
     $error = $lang_module['empty_title'];
 } elseif (strip_tags($row['bodytext']) == '') {
     $error = $lang_module['empty_bodytext'];
 } elseif (empty($row['layout_func']) or in_array('layout.' . $row['layout_func'] . '.tpl', $layout_array)) {
     $row['alias'] = empty($row['alias']) ? change_alias($row['title']) : change_alias($row['alias']);
     if (empty($row['keywords'])) {
         $row['keywords'] = nv_get_keywords($row['title']);
         if (empty($row['keywords'])) {
             $row['keywords'] = nv_unhtmlspecialchars($row['keywords']);
             $row['keywords'] = strip_punctuation($row['keywords']);
             $row['keywords'] = trim($row['keywords']);
             $row['keywords'] = nv_strtolower($row['keywords']);
             $row['keywords'] = preg_replace('/[ ]+/', ',', $row['keywords']);
     if ($id) {
         $_sql = 'UPDATE ' . NV_PREFIXLANG . '_' . $module_data . ' SET title = :title, alias = :alias, image = :image, imagealt = :imagealt, imageposition = :imageposition, description = :description, bodytext = :bodytext, keywords = :keywords, socialbutton = :socialbutton, activecomm = :activecomm, layout_func = :layout_func, gid = :gid, admin_id = :admin_id, edit_time = ' . NV_CURRENTTIME . ' WHERE id =' . $id;
         $publtime = $row['add_time'];
     } else {
         if ($page_config['news_first']) {
예제 #16
$row['provinceid'] = $nv_Request->get_int('provinceid', 'post,get', 0);
$row['countryid'] = $nv_Request->get_int('countryid', 'post,get', 0);
$sql = 'SELECT * FROM ' . $db_config['prefix'] . '_' . $module_data . '_country WHERE status=1';
$array_country = $nv_Cache->db($sql, 'countryid', $module_name);
if (!isset($array_country[$row['countryid']])) {
    Header('Location: ' . NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=country');
if ($nv_Request->isset_request('submit', 'post')) {
    $row['countryid'] = $nv_Request->get_int('countryid', 'post,get', 0);
    $row['title'] = $nv_Request->get_title('title', 'post', '');
    $row['code'] = $nv_Request->get_title('code', 'post,get', '');
    $row['type'] = $nv_Request->get_title('type', 'post', '');
    $row['alias'] = $nv_Request->get_title('alias', 'post', '', 1);
    if (empty($row['alias'])) {
        $row['alias'] = change_alias($row['title']);
        $stmt = $db->prepare('SELECT COUNT(*) FROM ' . $db_config['prefix'] . '_' . $module_data . '_province WHERE provinceid != :provinceid AND alias = :alias');
        $stmt->bindParam(':provinceid', $row['provinceid'], PDO::PARAM_STR);
        $stmt->bindParam(':alias', $row['alias'], PDO::PARAM_STR);
        if ($stmt->fetchColumn()) {
            $weight = $db->query('SELECT MAX(weight) FROM ' . $db_config['prefix'] . '_' . $module_data . '_province WHERE countryid=' . $row['countryid'])->fetchColumn();
            $weight = intval($weight) + 1;
            $row['alias'] = $row['alias'] . '-' . $weight;
    if (empty($row['title'])) {
        $error[] = $lang_module['error_required_title'];
    } elseif (empty($row['countryid'])) {
        $error[] = $lang_module['error_required_province_countryid'];
예제 #17
 if (!empty($obt_level)) {
     foreach ($obt_level as $admid) {
         $admins[$admid]['view_level'] = 1;
         if (!isset($admins[$admid]['reply_level'])) {
             $admins[$admid]['reply_level'] = 0;
         $admins[$admid]['obt_level'] = 1;
 if (empty($full_name)) {
     $error = $lang_module['err_part_row_title'];
 } elseif (empty($alias)) {
     $error = $lang_module['error_alias'];
 } else {
     $alias = empty($alias) ? change_alias($full_name) : change_alias($alias);
     $admins_list = array();
     foreach ($adms as $admid => $values) {
         if ($values['level'] === 1) {
             $obt_level = isset($admins[$admid]) ? $admins[$admid]['obt_level'] : 0;
             $admins_list[] = $admid . '/1/1/' . $obt_level;
         } else {
             if (isset($admins[$admid])) {
                 $admins_list[] = $admid . '/' . $admins[$admid]['view_level'] . '/' . $admins[$admid]['reply_level'] . '/' . $admins[$admid]['obt_level'];
     $admins_list = implode(';', $admins_list);
     if ($id) {
         $sql = 'UPDATE ' . NV_PREFIXLANG . '_' . $module_data . '_department SET full_name=:full_name, alias=:alias, phone = :phone, fax=:fax, email=:email, yahoo=:yahoo, skype=:skype, note=:note, admins=:admins WHERE id =' . $id;
         $name_key = 'log_edit_row';
예제 #18
    $page_title = $lang_module['addcat_titlebox'];
    $form_action = NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&amp;' . NV_NAME_VARIABLE . '=' . $module_name . '&amp;' . NV_OP_VARIABLE . '=' . $op . '&amp;pid=' . $pid;
    $array['parentid'] = $pid;
    $array['title'] = '';
    $array['alias'] = '';
    $array['description'] = '';
    $array['groups_view'] = $array['groups_onlineview'] = $array['groups_download'] = '6';
$error = '';
$groups_list = nv_groups_list();
if ($nv_Request->isset_request('submit', 'post')) {
    $array['parentid'] = $nv_Request->get_int('parentid', 'post', 0);
    $array['title'] = $nv_Request->get_title('title', 'post', '', 1);
    $array['description'] = $nv_Request->get_title('description', 'post', '', 1);
    $array['alias'] = $nv_Request->get_title('alias', 'post', '');
    $array['alias'] = $array['alias'] == '' ? change_alias($array['title']) : change_alias($array['alias']);
    if (empty($array['title'])) {
        $error = $lang_module['error_cat2'];
    } else {
        if (!empty($array['parentid'])) {
            $sql = 'SELECT COUNT(*) AS count FROM ' . NV_MOD_TABLE . '_categories WHERE id=' . $array['parentid'];
            $count = $db->query($sql)->fetchColumn();
            if (!$count) {
                $error = $lang_module['error_cat3'];
        if (empty($error)) {
            $stmt = $db->prepare('SELECT COUNT(*) FROM ' . NV_MOD_TABLE . '_categories WHERE alias= :alias' . (!empty($catid) ? ' AND id!=' . $catid : ''));
            $stmt->bindParam(':alias', $array['alias'], PDO::PARAM_STR);
            $count = $stmt->fetchColumn();
예제 #19
if (empty($user_info['userid'])) {
    $user_info['userid'] = 0;
$data = array("id" => 0, "catid" => $catid, "title" => "", "hometext" => "", "bodytext" => "", "keywords" => "", "filepath" => "", "otherpath" => "", "roomid" => $roomid, "fieldid" => $fieldid, "addtime" => NV_CURRENTTIME, "edittime" => NV_CURRENTTIME, "down" => 0, "view" => 0, "userid" => $user_info['userid'], "status" => $data_config['status'], "type" => 0, "sign" => "", "signtime" => NV_CURRENTTIME, "organid" => $organid);
 * begin: post data 
if ($nv_Request->get_int('save', 'post') == 1) {
    $data['catid'] = $nv_Request->get_int('catid', 'post', 0);
    $data['roomid'] = $nv_Request->get_int('roomid', 'post', 0);
    $data['fieldid'] = $nv_Request->get_int('fieldid', 'post', 0);
    $data['type'] = $nv_Request->get_int('type', 'post', 0);
    $data['title'] = $nv_Request->get_string('title', 'post', '', 0);
    $data['keywords'] = $nv_Request->get_string('keywords', 'post', '', 1);
    $alias = $nv_Request->get_string('alias', 'post', '');
    $data['alias'] = $alias == "" ? change_alias($data['title']) : change_alias($alias);
    $hometext = $nv_Request->get_string('hometext', 'post', '');
    $data['hometext'] = nv_nl2br(nv_htmlspecialchars(strip_tags($hometext)), '<br />');
    $data['otherpath'] = $nv_Request->get_string('otherpath', 'post', '');
    $bodytext = $nv_Request->get_string('bodytext', 'post', '');
    $data['bodytext'] = defined('NV_EDITOR') ? nv_nl2br($bodytext, '') : nv_nl2br(nv_htmlspecialchars(strip_tags($bodytext)), '<br />');
    $data['sign'] = $nv_Request->get_string('sign', 'post', '');
    $signtime = $nv_Request->get_string('signtime', 'post', 0);
    $data['organid'] = $nv_Request->get_int('organid', 'post', 0);
    if (!empty($signtime) and !preg_match("/^([0-9]{1,2})\\/([0-9]{1,2})\\/([0-9]{4})\$/", $signtime)) {
        $signtime = "";
    if (empty($signtime)) {
        $data['signtime'] = 0;
    } else {
        $phour = date('H');
예제 #20
 $array_topic_module = array();
 $array_topic_module[0] = $lang_module['topic_sl'];
 while (list($topicid_i, $title_i) = $result->fetch(3)) {
     $array_topic_module[$topicid_i] = $title_i;
 $error = '';
 if ($nv_Request->isset_request('contentid', 'post')) {
     $rowcontent['id'] = $contentid;
     $fcode = $nv_Request->get_title('fcode', 'post', '');
     $catids = array_unique($nv_Request->get_typed_array('catids', 'post', 'int', array()));
     $rowcontent['listcatid'] = implode(',', $catids);
     $rowcontent['topicid'] = $nv_Request->get_int('topicid', 'post', 0);
     $rowcontent['author'] = $nv_Request->get_title('author', 'post', '', 1);
     $rowcontent['title'] = $nv_Request->get_title('title', 'post', '', 1);
     $alias = $nv_Request->get_title('alias', 'post', '');
     $rowcontent['alias'] = $alias == '' ? change_alias($rowcontent['title']) : change_alias($alias);
     $rowcontent['hometext'] = $nv_Request->get_title('hometext', 'post', '');
     $rowcontent['homeimgfile'] = $nv_Request->get_title('homeimgfile', 'post', '');
     $rowcontent['homeimgalt'] = $nv_Request->get_title('homeimgalt', 'post', '', 1);
     $rowcontent['imgposition'] = $nv_Request->get_int('imgposition', 'post', 0);
     $rowcontent['sourcetext'] = $nv_Request->get_title('sourcetext', 'post', '');
     // Xu ly anh minh hoa
     $rowcontent['homeimgthumb'] = 0;
     if (!nv_is_url($rowcontent['homeimgfile']) and nv_is_file($rowcontent['homeimgfile'], NV_UPLOADS_DIR . '/' . $module_upload)) {
         $lu = strlen(NV_BASE_SITEURL . NV_UPLOADS_DIR . '/' . $module_upload . '/');
         $rowcontent['homeimgfile'] = substr($rowcontent['homeimgfile'], $lu);
         if (is_file(NV_ROOTDIR . '/' . NV_FILES_DIR . '/' . $module_upload . '/' . $rowcontent['homeimgfile'])) {
             $rowcontent['homeimgthumb'] = 1;
         } else {
             $rowcontent['homeimgthumb'] = 2;
예제 #21
 $num_items = $db->query($db->sql())->fetchColumn();
 $db->select('userid, username, md5username, first_name, last_name, photo, gender, regdate')->order($orderby . ' ' . $sortby)->limit($per_page)->offset(($page - 1) * $per_page);
 $result = $db->query($db->sql());
 $users_array = array();
 while ($item = $result->fetch()) {
     $item['full_name'] = nv_show_name_user($item['first_name'], $item['last_name']);
     if (!empty($item['photo']) and file_exists(NV_ROOTDIR . '/' . $item['photo'])) {
         $item['photo'] = NV_BASE_SITEURL . $item['photo'];
     } else {
         $item['photo'] = NV_BASE_SITEURL . 'themes/' . $module_info['template'] . '/images/' . $module_file . '/no_avatar.png';
     $item['regdate'] = nv_date('d/m/Y', $item['regdate']);
     $item['link'] = NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=memberlist/' . change_alias($item['username']) . '-' . $item['md5username'];
     $item['gender'] = $item['gender'] == 'M' ? $lang_module['male'] : ($item['gender'] == 'F' ? $lang_module['female'] : $lang_module['na']);
     $users_array[$item['userid']] = $item;
 // Khong cho dat trang tuy tien
 if (empty($users_array) and $page > 0) {
     Header('Location: ' . nv_url_rewrite(NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name, true));
 // Them vao tieu de trang
 if (!empty($orderby)) {
     $page_title .= ' ' . sprintf($lang_module['listusers_sort_by'], $lang_module['listusers_sort_by_' . $orderby], $lang_module['listusers_order_' . $sortby]);
 // Tieu de khi phan trang
 if ($page > 1) {
예제 #22
 * set_reg_attribs()
 * @param mixed $attribs
 * @return
function set_reg_attribs($attribs)
    global $crypt, $db, $db_config, $global_config, $module_upload;
    $reg_attribs = array();
    $reg_attribs['server'] = $attribs['server'];
    $reg_attribs['username'] = '';
    $reg_attribs['email'] = $attribs['contact/email'];
    $reg_attribs['first_name'] = '';
    $reg_attribs['last_name'] = '';
    $reg_attribs['gender'] = '';
    $reg_attribs['yim'] = '';
    $reg_attribs['photo'] = '';
    $reg_attribs['openid'] = $attribs['id'];
    $reg_attribs['opid'] = $crypt->hash($attribs['id']);
    $username = explode('@', $attribs['contact/email']);
    $username = array_shift($username);
    if ($attribs['server'] == 'yahoo') {
        $reg_attribs['yim'] = $username;
    $username = str_pad($username, NV_UNICKMIN, '0', STR_PAD_RIGHT);
    $username = substr($username, 0, NV_UNICKMAX - 2);
    $username2 = $username;
    for ($i = 0; $i < 100; ++$i) {
        if ($i > 0) {
            $username2 = $username . str_pad($i, 2, '0', STR_PAD_LEFT);
        $query = "SELECT userid FROM " . NV_USERS_GLOBALTABLE . " WHERE md5username='******'";
        $userid = $db->query($query)->fetchColumn();
        if (!$userid) {
            $query = "SELECT userid FROM " . NV_USERS_GLOBALTABLE . "_reg WHERE md5username='******'";
            $userid = $db->query($query)->fetchColumn();
            if (!$userid) {
                $reg_attribs['username'] = $username2;
    if (isset($attribs['namePerson/first']) and !empty($attribs['namePerson/first'])) {
        $reg_attribs['first_name'] = $attribs['namePerson/first'];
    } elseif (isset($attribs['namePerson/friendly']) and !empty($attribs['namePerson/friendly'])) {
        $reg_attribs['first_name'] = $attribs['namePerson/friendly'];
    } elseif (isset($attribs['namePerson']) and !empty($attribs['namePerson'])) {
        $reg_attribs['first_name'] = $attribs['namePerson'];
    if (isset($attribs['namePerson/last']) and !empty($attribs['namePerson/last'])) {
        $reg_attribs['last_name'] = $attribs['namePerson/last'];
    if (isset($attribs['person/gender']) and !empty($attribs['person/gender'])) {
        $reg_attribs['gender'] = $attribs['person/gender'];
    if ($global_config['allowuserreg'] == 1 or $global_config['allowuserreg'] == 2) {
        if (!empty($attribs['picture_url']) and empty($attribs['picture_mode'])) {
            $upload = new NukeViet\Files\Upload(array('images'), $global_config['forbid_extensions'], $global_config['forbid_mimes'], NV_UPLOAD_MAX_FILESIZE, NV_MAX_WIDTH, NV_MAX_HEIGHT);
            $upload_info = $upload->save_urlfile($attribs['picture_url'], NV_UPLOADS_REAL_DIR . '/' . $module_upload, false);
            if (empty($upload_info['error'])) {
                $basename = change_alias($reg_attribs['username']) . '.' . nv_getextension($upload_info['basename']);
                $newname = $basename;
                $fullname = $upload_info['name'];
                $i = 1;
                while (file_exists(NV_UPLOADS_REAL_DIR . '/' . $module_upload . '/' . $newname)) {
                    $newname = preg_replace('/(.*)(\\.[a-zA-Z0-9]+)$/', '\\1_' . $i . '\\2', $basename);
                $check = nv_renamefile($fullname, NV_UPLOADS_REAL_DIR . '/' . $module_upload . '/' . $newname);
                if ($check[0] == 1) {
                    $reg_attribs['photo'] = NV_UPLOADS_DIR . '/' . $module_upload . '/' . $newname;
    return $reg_attribs;
예제 #23
파일: edit.php 프로젝트: nukeplus/nuke
             $sth2->bindParam(':theme', $selectthemes, PDO::PARAM_STR);
 $sth = $db->prepare('UPDATE ' . NV_MODULES_TABLE . ' SET custom_title=:custom_title, admin_title=:admin_title, theme= :theme, mobile= :mobile, description= :description, keywords= :keywords, groups_view= :groups_view, act=' . $act . ', rss=' . $rss . ' WHERE title= :title');
 $sth->bindParam(':custom_title', $custom_title, PDO::PARAM_STR);
 $sth->bindParam(':admin_title', $admin_title, PDO::PARAM_STR);
 $sth->bindParam(':theme', $theme, PDO::PARAM_STR);
 $sth->bindParam(':mobile', $mobile, PDO::PARAM_STR);
 $sth->bindParam(':description', $description, PDO::PARAM_STR);
 $sth->bindParam(':keywords', $keywords, PDO::PARAM_STR);
 $sth->bindParam(':groups_view', $groups_view, PDO::PARAM_STR);
 $sth->bindParam(':title', $mod, PDO::PARAM_STR);
 $mod_name = change_alias($nv_Request->get_title('mod_name', 'post'));
 if ($mod_name != $mod and preg_match($global_config['check_module'], $mod_name)) {
     $module_version = array();
     $version_file = NV_ROOTDIR . '/modules/' . $row['module_file'] . '/version.php';
     if (file_exists($version_file)) {
         include $version_file;
         if (isset($module_version['virtual']) and $module_version['virtual']) {
             $sth = $db->prepare('UPDATE ' . NV_MODULES_TABLE . ' SET title= :mod_name WHERE title= :mod_old');
             $sth->bindParam(':mod_name', $mod_name, PDO::PARAM_STR);
             $sth->bindParam(':mod_old', $mod, PDO::PARAM_STR);
             if ($sth->execute()) {
                 // Change module name
                 $sth = $db->prepare('UPDATE ' . NV_MODFUNCS_TABLE . ' SET in_module= :mod_name WHERE in_module= :mod_old');
                 $sth->bindParam(':mod_name', $mod_name, PDO::PARAM_STR);
                 $sth->bindParam(':mod_old', $mod, PDO::PARAM_STR);
예제 #24
 $catdata['meta_title'] = filter_text_input('meta_title', 'post', '', 1);
 $catdata['meta_keywords'] = filter_text_input('meta_keywords', 'post', '', 1);
 $catdata['tags_cloud'] = $catdata['meta_keywords'];
 $catdata['meta_description'] = filter_text_input('meta_description', 'post', '', 1);
 $catdata['who_view'] = $nv_Request->get_int('who_view', 'post', 0);
 $groups_view = "";
 if (!nv_is_url($catdata['image']) and file_exists(NV_DOCUMENT_ROOT . $catdata['image'])) {
     $lu = strlen(NV_BASE_SITEURL . NV_UPLOADS_DIR . "/" . $module_name . "/");
     $catdata['image'] = substr($catdata['image'], $lu);
 $groups = $nv_Request->get_typed_array('groups_view', 'post', 'int', array());
 $groups = array_intersect($groups, array_keys($groups_list));
 $catdata['groups_view'] = implode(",", $groups);
 $oldAdminArray = filter_text_input('old_admins', 'post', '', 1);
 if (empty($catdata['alias'])) {
     $catdata['alias'] = change_alias($catdata['title']);
 $newAdminArray = array_unique($nv_Request->get_typed_array('adminids', 'post', 'int', array()));
 $old_parentid = $nv_Request->get_int('old_parentid', 'post', 0);
 $catdata['adminids'] = implode(',', $newAdminArray);
 if (empty($catdata['title'])) {
     $np->error[] = "- Chưa có tiêu đề";
 if ($catdata['catid'] > 0) {
     $np->CheckAdminAccess('listcatid', $catdata['catid']);
     $np->updateItem('category', $catdata, 'catid');
     //np_create_CatDataTable( $catdata['catid'] );
     if ($db->sql_affectedrows() > 0) {
         $np->setAdminRoll($newAdminArray, $oldAdminArray, 'admins', 'listcatid', 'userid', $catdata['catid']);
         if ($catdata['parentid'] != $old_parentid) {
예제 #25
     $db->query('DELETE FROM ' . NV_PREFIXLANG . '_' . $module_data . '_playlist WHERE id = ' . $rowcontent['id'] . ' AND playlist_id = ' . $playlist_id_i);
     $array_playlist_fix[] = $playlist_id_i;
 $array_playlist_fix = array_unique($array_playlist_fix);
 foreach ($array_playlist_fix as $playlist_id_i) {
     nv_news_fix_playlist($playlist_id_i, false);
 if ($rowcontent['keywords'] != $rowcontent['keywords_old']) {
     $keywords = explode(',', $rowcontent['keywords']);
     $keywords = array_map('strip_punctuation', $keywords);
     $keywords = array_map('trim', $keywords);
     $keywords = array_diff($keywords, array(''));
     $keywords = array_unique($keywords);
     foreach ($keywords as $keyword) {
         if (!in_array($keyword, $array_keywords_old)) {
             $alias_i = $module_config[$module_name]['tags_alias'] ? change_alias($keyword) : str_replace(' ', '-', $keyword);
             $alias_i = nv_strtolower($alias_i);
             $sth = $db->prepare('SELECT tid, alias, description, keywords FROM ' . NV_PREFIXLANG . '_' . $module_data . '_tags where alias= :alias OR FIND_IN_SET(:keyword, keywords)>0');
             $sth->bindParam(':alias', $alias_i, PDO::PARAM_STR);
             $sth->bindParam(':keyword', $keyword, PDO::PARAM_STR);
             list($tid, $alias, $keywords_i) = $sth->fetch(3);
             if (empty($tid)) {
                 $array_insert = array();
                 $array_insert['alias'] = $alias_i;
                 $array_insert['keyword'] = $keyword;
                 $tid = $db->insert_id("INSERT INTO " . NV_PREFIXLANG . "_" . $module_data . "_tags (numnews, alias, description, image, keywords) VALUES (1, :alias, '', '', :keyword)", "tid", $array_insert);
             } else {
                 if ($alias != $alias_i) {
                     if (!empty($keywords_i)) {
                         $keyword_arr = explode(',', $keywords_i);
예제 #26
     $is_error = true;
     $error = $lang_module['file_error_title'];
 } elseif ($is_exists) {
     $is_error = true;
     $error = $lang_module['file_title_exists'];
 } elseif (!empty($array['author_email']) and ($check_valid_email = nv_check_valid_email($array['author_email'])) != '') {
     $is_error = true;
     $error = $check_valid_email;
 } elseif (!empty($array['author_url']) and !nv_is_url($array['author_url'])) {
     $is_error = true;
     $error = $lang_module['file_error_author_url'];
 } elseif (empty($array['fileupload']) and empty($array['linkdirect']) and empty($array['fileupload2'])) {
     $is_error = true;
     $error = $lang_module['file_error_fileupload'];
 } else {
     $alias = change_alias($array['title']);
     $array['introtext'] = nv_nl2br($array['introtext'], '<br />');
     if ($row['user_id']) {
         $array['user_name'] = $row['user_name'];
     if (!empty($array['fileupload2'])) {
         $array['fileupload'] = $array['fileupload2'];
     } elseif (!empty($array['fileupload'])) {
         $fileupload = $array['fileupload'];
         $array['fileupload'] = array();
         foreach ($fileupload as $file) {
             $file = NV_UPLOADS_DIR . $file;
             $newfile = basename($file);
             if (preg_match('/(.*)(\\.[a-zA-Z0-9]{32})(\\.[a-zA-Z]+)$/', $newfile, $m)) {
                 $newfile = $m[1] . $m[3];
예제 #27

if (!defined('NV_IS_FILE_ADMIN')) {
$name = $nv_Request->get_title('name', 'post', '');
$alias = strtolower(change_alias($name));
$id = $nv_Request->get_int('id', 'post', 0);
$mod = $nv_Request->get_string('mod', 'post', '');
if ($mod == 'category') {
    $tab = TABLE_PHOTO_NAME . '_category';
    $stmt = $db->prepare('SELECT COUNT(*) FROM ' . $tab . ' WHERE category_id!=' . $id . ' AND alias= :alias');
    $stmt->bindParam(':alias', $alias, PDO::PARAM_STR);
    $nb = $stmt->fetchColumn();
    if (!empty($nb)) {
        $nb = $db->query('SELECT MAX(category_id) FROM ' . $tab)->fetchColumn();
        $alias .= '-' . (intval($nb) + 1);
} elseif ($mod == 'album') {
    $tab = TABLE_PHOTO_NAME . '_album';
    $stmt = $db->prepare('SELECT COUNT(*) FROM ' . $tab . ' WHERE album_id !=' . $id . ' AND alias= :alias');
    $stmt->bindParam(':alias', $alias, PDO::PARAM_STR);
예제 #28
function nv_filters($urlink, $urlimages, $tieude, $linktd, $tomtat, $hinhanh, $chitiet, $thoigian, $e)
    global $folder, $module, $module_name, $module_config, $global_config;
    $title = $e->find($tieude, 0)->innertext;
    $title = trim(nv_unhtmlspecialchars(strip_tags($title)));
    $link = $urlink . $e->find($linktd, 0)->href;
    $alias = change_alias($title);
    if ($e->find($tomtat, 0)) {
        $hometext = $e->find($tomtat, 0)->innertext;
        $hometext = trim($hometext);
    } else {
        $hometext = '';
    $getContent = new UrlGetContents($global_config);
    $link_t = $getContent->get($link);
    $html = str_get_html($link_t);
    $date = $html->find($thoigian, 0)->plaintext;
    $number = preg_replace("/[^0-9]/", "", $date);
    $image = array();
    $homeimgthumb = "";
    if ($html->find($chitiet, 0)->find('img')) {
        foreach ($html->find($chitiet, 0)->find('img') as $img) {
            if (!nv_is_url($img)) {
                $abc = $img->src = $urlimages . $img->src;
            } else {
                $abc = $img->src;
            $image[] = $abc;
            if ($module_config[$module_name]['load_image'] == 1) {
                $images = filter_images($folder, $abc);
                $img->src = NV_BASE_SITEURL . NV_UPLOADS_DIR . "/" . $module . "/" . $images;
    if ($html->find($chitiet, 0)->find('a')) {
        foreach ($html->find($chitiet, 0)->find('a') as $href) {
            if (substr($href->href, 0, 1) == "/") {
                $href->href = $urlink . $href->href;
    if ($image) {
        $homeimg = filter_images($folder, $image[0]);
        $homeimgfile = NV_UPLOADS_REAL_DIR . "/" . $module . "/" . $homeimg;
        if (file_exists($homeimgfile)) {
            require_once NV_ROOTDIR . "/includes/class/image.class.php";
            $basename = basename($homeimgfile);
            $image = new image($homeimgfile, NV_MAX_WIDTH, NV_MAX_HEIGHT);
            $thumb_basename = $basename;
            $i = 1;
            while (file_exists(NV_ROOTDIR . '/' . NV_FILES_DIR . '/' . $module . '/thumb/' . $thumb_basename)) {
                $thumb_basename = preg_replace('/(.*)(\\.[a-zA-Z]+)$/', '\\1_' . $i . '\\2', $basename);
            $image->resizeXY($module_config[$module]['homewidth'], $module_config[$module]['homeheight']);
            $image->save(NV_ROOTDIR . '/' . NV_FILES_DIR . '/' . $module . '/thumb', $thumb_basename);
            $image_info = $image->create_Image_info;
            $thumb_name = str_replace(NV_ROOTDIR . '/' . NV_FILES_DIR . '/' . $module . '/', '', $image_info['src']);
            $block_basename = $basename;
            $i = 1;
            while (file_exists(NV_ROOTDIR . '/' . NV_FILES_DIR . '/' . $module . '/block/' . $block_basename)) {
                $block_basename = preg_replace('/(.*)(\\.[a-zA-Z]+)$/', '\\1_' . $i . '\\2', $basename);
            $image->resizeXY($module_config[$module]['blockwidth'], $module_config[$module]['blockheight']);
            $image->save(NV_ROOTDIR . '/' . NV_FILES_DIR . '/' . $module . '/block', $block_basename);
            $image_info = $image->create_Image_info;
            $block_name = str_replace(NV_ROOTDIR . '/' . NV_FILES_DIR . '/' . $module . '/', '', $image_info['src']);
            $homeimgthumb = $thumb_name . "|" . $block_name;
    } else {
        if ($e->find($hinhanh, 0)) {
            $homeimg1 = $e->find($hinhanh, 0)->src;
            if (nv_is_url($homeimg1)) {
                $home_img = $urlimages . $homeimg1;
            } else {
                $home_img = $homeimg1;
            if ($module_config[$module_name]['load_image'] == 1) {
                $homeimg = filter_images($folder, $home_img);
            } else {
                $homeimg = $home_img;
        } else {
            $homeimg = "";
    $bodyhtml = $html->find($chitiet, 0)->innertext;
    $bodyhtml = nv_unhtmlspecialchars($bodyhtml);
    $content = array($title, $link, $alias, $hometext, $homeimg, $homeimgthumb, $number, $bodyhtml);
    return $content;
예제 #29
$path = nv_check_path_upload(NV_UPLOADS_DIR . '/' . $mod_name);
$check_allow_upload_dir = nv_check_allow_upload_dir($path);
$data = $nv_Request->get_string('data', 'post', '');
if (isset($check_allow_upload_dir['upload_file']) and in_array('images', $admin_info['allow_files_type']) and preg_match_all('/<\\s*img [^\\>]*src\\s*=\\s*[\\""\']?([^\\""\'\\s>]*)/i', $data, $matches)) {
    $imageMatch = array_unique($matches[1]);
    $mod_name = $nv_Request->get_title('module_name', 'post', '');
    $pathsave = $nv_Request->get_title('pathsave', 'post', '');
    $upload_real_dir_page = NV_ROOTDIR . '/' . NV_UPLOADS_DIR . '/' . $mod_name;
    if (!empty($pathsave)) {
        if (!preg_match('/^[a-z0-9\\-\\_]+$/i', $module_name)) {
            $pathsave = change_alias($pathsave);
        $pathsave = $mod_name . '/' . $pathsave;
        $e = explode('/', $pathsave);
        if (!empty($e)) {
            $cp = '';
            foreach ($e as $p) {
                if (!empty($p) and !is_dir(NV_ROOTDIR . '/' . NV_UPLOADS_DIR . '/' . $cp . $p)) {
                    $mk = nv_mkdir(NV_ROOTDIR . '/' . NV_UPLOADS_DIR . '/' . $cp, $p);
                    if ($mk[0] > 0) {
                        $upload_real_dir_page = $mk[2];
                } elseif (!empty($p)) {
                    $upload_real_dir_page = NV_ROOTDIR . '/' . NV_UPLOADS_DIR . '/' . $cp . $p;
                $cp .= $p . '/';
예제 #30
        $j = $i + 1;
        $tmp = $nv_Request->get_int($module_name . '_song' . $j, 'cookie', 0);
        $nv_Request->set_Cookie($module_name . '_song' . $i, $tmp);
    $numprev = $num - 1;
    $nv_Request->set_Cookie($module_name . '_numlist', $numprev);
// Luu playlist
if ($nv_Request->isset_request('savealbum', 'post')) {
    if (!defined('NV_IS_AJAX')) {
        die('Wrong URL');
    $difftimeout = 180;
    $name = filter_text_input('name', 'post', '');
    $keyname = change_alias($name);
    $singer = filter_text_input('singer', 'post', '');
    $message = nv_br2nl(filter_text_textarea('message', '', NV_ALLOWED_HTML_TAGS));
    if (defined('NV_IS_USER')) {
        $username = $user_info['username'];
        $userid = $user_info['userid'];
    } else {
        $username = "";
        $userid = 0;
    $num = $nv_Request->get_int($module_name . '_numlist', 'cookie', 0);
    $songdata = array();
    for ($i = 1; $i <= $num; $i++) {
        $tmp = $nv_Request->get_int($module_name . '_song' . $i, 'cookie', 0);
        $songdata[] = $tmp;