function nv_block_global_banners($block_config) { global $global_config, $client_info; if ($global_config['idsite']) { $xmlfile = NV_ROOTDIR . '/' . NV_DATADIR . '/site_' . $global_config['idsite'] . '_bpl_' . $block_config['idplanbanner'] . '.xml'; } else { $xmlfile = NV_ROOTDIR . '/' . NV_DATADIR . '/bpl_' . $block_config['idplanbanner'] . '.xml'; } if (!file_exists($xmlfile)) { return ''; } $xml = simplexml_load_file($xmlfile); if ($xml === false) { return ''; } $width_banners = intval($xml->width); $height_banners = intval($xml->height); $array_banners = $xml->banners->banners_item; $array_banners_content = array(); foreach ($array_banners as $banners) { $banners = (array) $banners; if ($banners['publ_time'] < NV_CURRENTTIME and ($banners['exp_time'] == 0 or $banners['exp_time'] > NV_CURRENTTIME)) { $banners['file_height'] = round($banners['file_height'] * $width_banners / $banners['file_width']); $banners['file_width'] = $width_banners; if (!empty($banners['imageforswf']) and !empty($client_info['is_mobile'])) { $banners['file_name'] = $banners['imageforswf']; $banners['file_ext'] = nv_getextension($banners['file_name']); } $banners['file_alt'] = !empty($banners['file_alt']) ? $banners['file_alt'] : $banners['title']; $banners['file_image'] = NV_BASE_SITEURL . NV_UPLOADS_DIR . '/' . NV_BANNER_DIR . '/' . $banners['file_name']; $banners['link'] = NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=banners&' . NV_OP_VARIABLE . '=click&id=' . $banners['id']; $array_banners_content[] = $banners; } } if (!empty($array_banners_content)) { if ($xml->form == 'random') { shuffle($array_banners_content); } unset($xml, $array_banners); if (file_exists(NV_ROOTDIR . '/themes/' . $global_config['module_theme'] . '/modules/banners/global.banners.tpl')) { $block_theme = $global_config['module_theme']; } elseif (file_exists(NV_ROOTDIR . '/themes/' . $global_config['site_theme'] . '/modules/banners/global.banners.tpl')) { $block_theme = $global_config['site_theme']; } else { $block_theme = 'default'; } $xtpl = new XTemplate('global.banners.tpl', NV_ROOTDIR . '/themes/' . $block_theme . '/modules/banners'); foreach ($array_banners_content as $banners) { $xtpl->assign('DATA', $banners); if ($banners['file_ext'] == 'swf') { if (!empty($banners['file_click'])) { $xtpl->parse('main.loop.type_swf.fix_link'); } $xtpl->parse('main.loop.type_swf'); } elseif (!empty($banners['file_click'])) { $xtpl->parse('main.loop.type_image_link'); } else { $xtpl->parse('main.loop.type_image'); } $xtpl->parse('main.loop'); } $xtpl->parse('main'); return $xtpl->text('main'); } }
/** * set_reg_attribs() * * @param mixed $attribs * @return */ function set_reg_attribs($attribs) { global $crypt, $db, $db_config, $global_config, $module_upload; $reg_attribs = array(); $reg_attribs['server'] = $attribs['server']; $reg_attribs['username'] = ''; $reg_attribs['email'] = $attribs['contact/email']; $reg_attribs['first_name'] = ''; $reg_attribs['last_name'] = ''; $reg_attribs['gender'] = ''; $reg_attribs['yim'] = ''; $reg_attribs['photo'] = ''; $reg_attribs['openid'] = $attribs['id']; $reg_attribs['opid'] = $crypt->hash($attribs['id']); $username = explode('@', $attribs['contact/email']); $username = array_shift($username); if ($attribs['server'] == 'yahoo') { $reg_attribs['yim'] = $username; } $username = str_pad($username, NV_UNICKMIN, '0', STR_PAD_RIGHT); $username = substr($username, 0, NV_UNICKMAX - 2); $username2 = $username; for ($i = 0; $i < 100; ++$i) { if ($i > 0) { $username2 = $username . str_pad($i, 2, '0', STR_PAD_LEFT); } $query = "SELECT userid FROM " . NV_USERS_GLOBALTABLE . " WHERE md5username='******'"; $userid = $db->query($query)->fetchColumn(); if (!$userid) { $query = "SELECT userid FROM " . NV_USERS_GLOBALTABLE . "_reg WHERE md5username='******'"; $userid = $db->query($query)->fetchColumn(); if (!$userid) { $reg_attribs['username'] = $username2; break; } } } if (isset($attribs['namePerson/first']) and !empty($attribs['namePerson/first'])) { $reg_attribs['first_name'] = $attribs['namePerson/first']; } elseif (isset($attribs['namePerson/friendly']) and !empty($attribs['namePerson/friendly'])) { $reg_attribs['first_name'] = $attribs['namePerson/friendly']; } elseif (isset($attribs['namePerson']) and !empty($attribs['namePerson'])) { $reg_attribs['first_name'] = $attribs['namePerson']; } if (isset($attribs['namePerson/last']) and !empty($attribs['namePerson/last'])) { $reg_attribs['last_name'] = $attribs['namePerson/last']; } if (isset($attribs['person/gender']) and !empty($attribs['person/gender'])) { $reg_attribs['gender'] = $attribs['person/gender']; } if ($global_config['allowuserreg'] == 1 or $global_config['allowuserreg'] == 2) { if (!empty($attribs['picture_url']) and empty($attribs['picture_mode'])) { $upload = new NukeViet\Files\Upload(array('images'), $global_config['forbid_extensions'], $global_config['forbid_mimes'], NV_UPLOAD_MAX_FILESIZE, NV_MAX_WIDTH, NV_MAX_HEIGHT); $upload_info = $upload->save_urlfile($attribs['picture_url'], NV_UPLOADS_REAL_DIR . '/' . $module_upload, false); if (empty($upload_info['error'])) { $basename = change_alias($reg_attribs['username']) . '.' . nv_getextension($upload_info['basename']); $newname = $basename; $fullname = $upload_info['name']; $i = 1; while (file_exists(NV_UPLOADS_REAL_DIR . '/' . $module_upload . '/' . $newname)) { $newname = preg_replace('/(.*)(\\.[a-zA-Z0-9]+)$/', '\\1_' . $i . '\\2', $basename); ++$i; } $check = nv_renamefile($fullname, NV_UPLOADS_REAL_DIR . '/' . $module_upload . '/' . $newname); if ($check[0] == 1) { $reg_attribs['photo'] = NV_UPLOADS_DIR . '/' . $module_upload . '/' . $newname; } } } } return $reg_attribs; }
$token = $nv_Request->get_title('token', 'get', ''); if ($token != md5($nv_Request->session_id . $global_config['sitekey'])) { gltJsonResponse(array('code' => 200, 'message' => $lang_module['uploadErrorSess'])); } // Chi admin moi co quyen upload if (!defined('NV_IS_MODADMIN')) { gltJsonResponse(array('code' => 200, 'message' => $lang_module['uploadErrorPermission'])); } // Tang thoi luong phien lam viec if ($sys_info['allowed_set_time_limit']) { set_time_limit(5 * 3600); } // Get request value $folder = $nv_Request->get_title('folder', 'post', ''); $fileName = $nv_Request->get_title('name', 'post', ''); $fileExt = nv_getextension($fileName); $fileName = change_alias(substr($fileName, 0, -(strlen($fileExt) + 1))) . '.' . $fileExt; $chunk = $nv_Request->get_int('chunk', 'post', 0); $chunks = $nv_Request->get_int('chunks', 'post', 0); if (empty($fileName) or empty($fileExt)) { gltJsonResponse(array('code' => 200, 'message' => $lang_module['uploadErrorFile'])); } // Kiem tra file ton tai $fileName2 = $fileName; $i = 1; while (file_exists(NV_ROOTDIR . '/' . NV_TEMP_DIR . '/' . $fileName2)) { $fileName2 = preg_replace('/(.*)(\\.[a-zA-Z0-9]+)$/', '\\1-' . $i . '\\2', $fileName); ++$i; } $fileName = $fileName2; $filePath = NV_ROOTDIR . '/' . NV_TEMP_DIR . '/' . $fileName;
function nv_dump_restore($file) { global $db, $db_config, $sys_info; if ($sys_info['allowed_set_time_limit']) { set_time_limit(1200); } //kiem tra file if (!file_exists($file)) { return false; } //bat doc doc file $arr_file = explode('/', $file); $ext = nv_getextension(end($arr_file)); $str = $ext == 'gz' ? @gzfile($file) : @file($file); $sql = $insert = ''; $query_len = 0; $execute = false; foreach ($str as $stKey => $st) { $st = trim(str_replace("\\\\", "", $st)); // Remove BOM if ($stKey == 0) { $st = preg_replace("/^/", "", $st); } if (empty($st) || preg_match('/^(#|--)/', $st)) { continue; } else { $query_len += strlen($st); unset($m); if (empty($insert) and preg_match("/^(INSERT INTO `?[^` ]+`? .*?VALUES)(.*)\$/i", $st, $m)) { $insert = $m[1] . ' '; $sql .= $m[2]; } else { $sql .= $st; } if ($sql) { if (preg_match("/;\\s*\$/", $st) and (empty($insert) or !((substr_count($sql, '\'') - substr_count($sql, '\\\'')) % 2))) { $sql = rtrim($insert . $sql, ';'); $insert = ''; $execute = true; } if ($query_len >= 65536 and preg_match("/,\\s*\$/", $st)) { $sql = rtrim($insert . $sql, ','); $execute = true; } if ($execute) { $sql = preg_replace(array("/\\{\\|prefix\\|\\}/", "/\\{\\|lang\\|\\}/"), array($db_config['prefix'], NV_LANG_DATA), $sql); try { $db->query($sql); } catch (PDOException $e) { return false; } $sql = ''; $query_len = 0; $execute = false; } } } } return true; }
$check_allow_upload_dir = nv_check_allow_upload_dir($path); if (!isset($check_allow_upload_dir['rename_file'])) { die('ERROR_' . $lang_module['notlevel']); } $file = htmlspecialchars(trim($nv_Request->get_string('file', 'post')), ENT_QUOTES); $file = basename($file); if (empty($file) or !nv_is_file(NV_BASE_SITEURL . $path . '/' . $file, $path)) { die('ERROR_' . $lang_module['errorNotSelectFile']); } $newname = htmlspecialchars(trim($nv_Request->get_string('newname', 'post')), ENT_QUOTES); $newname = nv_string_to_filename(basename($newname)); if (empty($newname)) { die('ERROR_' . $lang_module['rename_noname']); } $newalt = $nv_Request->get_title('newalt', 'post', $newname, 1); $ext = nv_getextension($file); $newname = $newname . '.' . $ext; if ($file != $newname) { $newname2 = $newname; $i = 1; while (file_exists(NV_ROOTDIR . '/' . $path . '/' . $newname2)) { $newname2 = preg_replace('/(.*)(\\.[a-zA-Z0-9]+)$/', '\\1_' . $i . '\\2', $newname); ++$i; } $newname = $newname2; if (!@rename(NV_ROOTDIR . '/' . $path . '/' . $file, NV_ROOTDIR . '/' . $path . '/' . $newname)) { die('ERROR_' . $lang_module['errorNotRenameFile']); } if (preg_match('/^' . nv_preg_quote(NV_UPLOADS_DIR) . '\\/(([a-z0-9\\-\\_\\/]+\\/)*([a-z0-9\\-\\_\\.]+)(\\.(gif|jpg|jpeg|png|bmp)))$/i', $path . '/' . $file, $m)) { @nv_deletefile(NV_ROOTDIR . '/' . NV_FILES_DIR . '/' . $m[1]); }
/** * nv_renamefile() * * @param mixed $file * @param mixed $newname * @return */ function nv_renamefile($file, $newname) { global $lang_global; $realpath = realpath($file); if (empty($realpath)) { return array(0, sprintf($lang_global['error_non_existent_file'], $file)); } $realpath = str_replace('\\', '/', $realpath); $realpath = rtrim($realpath, "\\/"); $preg_match = preg_match("/^(" . nv_preg_quote(NV_ROOTDIR) . ")(\\/[\\S]+)/", $realpath, $path); if (empty($preg_match)) { return array(0, sprintf($lang_global['error_rename_forbidden'], $file)); } $newname = basename(trim($newname)); $pathinfo = pathinfo($realpath); if (file_exists($pathinfo['dirname'] . '/' . $newname)) { return array(0, sprintf($lang_global['error_rename_file_exists'], $newname)); } if (is_dir($realpath) and !preg_match('/^[a-zA-Z0-9-_]+$/', $newname)) { return array(0, sprintf($lang_global['error_rename_directories_invalid'], $newname)); } if (!is_dir($realpath) and !preg_match('/^[a-zA-Z0-9-_.]+$/', $newname)) { return array(0, sprintf($lang_global['error_rename_file_invalid'], $newname)); } if (!is_dir($realpath) and $pathinfo['extension'] != nv_getextension($newname)) { return array(0, sprintf($lang_global['error_rename_extension_changed'], $newname, $pathinfo['basename'])); } if (!@rename($realpath, $pathinfo['dirname'] . '/' . $newname)) { if (!@nv_copyfile($realpath, $pathinfo['dirname'] . '/' . $newname)) { return array(0, sprintf($lang_global['error_rename_failed'], $pathinfo['basename'], $newname)); } else { @nv_deletefile($realpath); } } return array(1, sprintf($lang_global['file_has_been_renamed'], $pathinfo['basename'], $newname)); }
die('Wrong URL'); } $upload_dir = 'files'; $is_zip = false; $is_resume = false; $max_speed = 0; $filepdf = $nv_Request->get_int('filepdf', 'get', 0); if ($filepdf == 1) { if (!nv_user_in_groups($row['groups_onlineview']) or !nv_user_in_groups($list_cats[$row['catid']]['groups_onlineview'])) { die('Wrong URL'); } $download_config = nv_mod_down_config(); $file_url = ''; $file_src = $session_files['fileupload'][$filename]['src']; if ($download_config['pdf_handler'] == 'filetmp') { $file_src_new = NV_ROOTDIR . '/' . NV_TEMP_DIR . '/' . NV_TEMPNAM_PREFIX . md5($file_src) . '.' . nv_getextension($file_src); if (file_exists($file_src_new) or nv_copyfile($file_src, $file_src_new)) { $file_url = NV_MY_DOMAIN . NV_BASE_SITEURL . substr($file_src_new, strlen(NV_ROOTDIR . '/')); } } elseif ($download_config['pdf_handler'] == 'base64') { $file_url = 'data:application/pdf;base64,' . base64_encode(file_get_contents($file_src)); } else { $file_url = NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=down&filepdf=2&filename=' . $filename; } if (empty($file_url)) { nv_info_die($lang_global['error_404_title'], $lang_global['error_404_title'], $lang_global['error_404_content'], 404); } $html = theme_viewpdf($file_url); die($html); } elseif (empty($filepdf)) { $sql = 'UPDATE ' . NV_MOD_TABLE . ' SET download_hits=download_hits+1 WHERE id=' . intval($session_files['fileupload'][$filename]['id']);
$data['extension'] = ''; if (empty($data['title'])) { die('NO_' . $lang_module['download_files_error_title']); } if (empty($data['path'])) { die('NO_' . $lang_module['download_files_error_path']); } if (nv_is_url($data['path'])) { $data['path'] = $data['path']; } else { $lu = strlen(NV_BASE_SITEURL . NV_UPLOADS_DIR . '/' . $module_upload . '/files/'); $data['path'] = substr($data['path'], $lu); $real_file = NV_ROOTDIR . '/' . NV_UPLOADS_DIR . '/' . $module_upload . '/files/' . $data['path']; if (file_exists($real_file) and ($filesize = filesize($real_file)) != 0) { $data['filesize'] = $filesize; $data['extension'] = nv_getextension($real_file); } else { die('NO_' . $lang_module['download_files_error_path_valid']); } } if ($data['id'] > 0) { $stmt = $db->prepare("UPDATE " . $table_name . " SET path=:path, filesize=:filesize, extension=:extension, download_groups=:download_groups, " . NV_LANG_DATA . "_title=:title, " . NV_LANG_DATA . "_description=:description WHERE id =" . $data['id']); $stmt->bindParam(':title', $data['title'], PDO::PARAM_STR); $stmt->bindParam(':path', $data['path'], PDO::PARAM_STR); $stmt->bindParam(':filesize', $data['filesize'], PDO::PARAM_STR); $stmt->bindParam(':extension', $data['extension'], PDO::PARAM_STR); $stmt->bindParam(':download_groups', $data['download_groups'], PDO::PARAM_STR); $stmt->bindParam(':description', $data['description'], PDO::PARAM_STR); if ($stmt->execute()) { $nv_Cache->delMod($module_name); die('OK');
$row['is_download_allow'] = (int) nv_user_in_groups($row['groups_download']); } $session_files = array(); $session_files['fileupload'] = array(); $session_files['linkdirect'] = array(); if ($row['is_download_allow']) { if (!empty($row['fileupload'])) { $fileupload = explode('[NV]', $row['fileupload']); $row['fileupload'] = array(); $a = 1; $count_file = sizeof($fileupload); foreach ($fileupload as $file) { if (!empty($file)) { $file2 = NV_UPLOADS_DIR . $file; if (file_exists(NV_ROOTDIR . '/' . $file2) and ($filesize = filesize(NV_ROOTDIR . '/' . $file2)) != 0) { $new_name = str_replace('-', '_', $filealias) . ($count_file > 1 ? '_part' . str_pad($a, 2, '0', STR_PAD_LEFT) : '') . '.' . nv_getextension($file); $row['fileupload'][] = array('link' => '#', 'title' => $new_name); $session_files['fileupload'][$new_name] = array('src' => NV_ROOTDIR . '/' . $file2, 'id' => $row['id']); ++$a; } } } } else { $row['fileupload'] = array(); } if (!empty($row['linkdirect'])) { $linkdirect = explode('[NV]', $row['linkdirect']); $row['linkdirect'] = array(); foreach ($linkdirect as $links) { if (!empty($links)) { $links = explode('<br />', $links);
$row['is_download_allow'] = (int) nv_set_allow($row['who_download'], $row['groups_download']); } $session_files = array(); $session_files['fileupload'] = array(); $session_files['linkdirect'] = array(); if ($row['is_download_allow']) { if (!empty($row['fileupload'])) { $fileupload = explode("[NV]", $row['fileupload']); $row['fileupload'] = array(); $a = 1; $count_file = sizeof($fileupload); foreach ($fileupload as $file) { if (!empty($file)) { $file2 = NV_UPLOADS_DIR . $file; if (file_exists(NV_ROOTDIR . '/' . $file2) and ($filesize = filesize(NV_ROOTDIR . '/' . $file2)) != 0) { $new_name = str_replace("-", "_", $filealias) . ($count_file > 1 ? "_part" . str_pad($a, 2, '0', STR_PAD_LEFT) : "") . "." . nv_getextension($file); $row['fileupload'][] = array('link' => '#', 'title' => $new_name); $session_files['fileupload'][$new_name] = array('src' => NV_ROOTDIR . '/' . $file2, 'id' => $row['id']); ++$a; } } } } else { $row['fileupload'] = array(); } if (!empty($row['linkdirect'])) { $linkdirect = explode("[NV]", $row['linkdirect']); $row['linkdirect'] = array(); foreach ($linkdirect as $links) { if (!empty($links)) { $links = explode("<br />", $links);
function nv_dump_restore($file) { global $db, $db_config, $sys_info; if ($sys_info['allowed_set_time_limit']) { set_time_limit(1200); } //kiem tra file if (!file_exists($file)) { return false; } //bat doc doc file $ext = nv_getextension(end(explode("/", $file))); $str = $ext == "gz" ? @gzfile($file) : @file($file); $sql = $insert = ""; $query_len = 0; $execute = false; foreach ($str as $st) { if (empty($st) || preg_match("/^(#|--)/", $st)) { continue; } else { $query_len += strlen($st); unset($m); if (empty($insert) && preg_match("/^(INSERT INTO `?[^` ]+`? .*?VALUES)(.*)\$/i", $st, $m)) { $insert = $m[1] . ' '; $sql .= $m[2]; } else { $sql .= $st; } if ($sql) { if (preg_match("/;\\s*\$/", $st)) { $sql = rtrim($insert . $sql, ";"); $insert = ''; $execute = true; } if ($query_len >= 65536 && preg_match("/,\\s*\$/", $st)) { $sql = rtrim($insert . $sql, ","); $execute = true; } if ($execute) { $sql = preg_replace(array("/\\{\\|prefix\\|\\}/", "/\\{\\|lang\\|\\}/"), array($db_config['prefix'], NV_LANG_DATA), $sql); if (!$db->sql_query($sql)) { return false; } $sql = ''; $query_len = 0; $execute = false; } } } } return true; }
<?php /** * @Project NUKEVIET 3.x * @Author VINADES.,JSC (contact@vinades.vn) * @Copyright (C) 2012 VINADES.,JSC. All rights reserved * @Createdate 2-2-2010 12:55 */ if (!defined('NV_IS_FILE_ADMIN')) { die('Stop!!!'); } $path = nv_check_path_upload($nv_Request->get_string('path', 'post')); $check_allow_upload_dir = nv_check_allow_upload_dir($path); if (!isset($check_allow_upload_dir['delete_file'])) { die("ERROR_" . $lang_module['notlevel']); } $file = htmlspecialchars(trim($nv_Request->get_string('file', 'post')), ENT_QUOTES); $file = basename($file); if (empty($file) or !is_file(NV_ROOTDIR . '/' . $path . '/' . $file)) { die("ERROR_" . $lang_module['errorNotSelectFile']); } @nv_deletefile(NV_ROOTDIR . '/' . $path . '/' . $file); $md5_view_image = NV_ROOTDIR . "/" . NV_FILES_DIR . "/images/" . md5($path . '/' . $file) . "." . nv_getextension($file); if (file_exists($md5_view_image)) { @nv_deletefile($md5_view_image); } nv_filesList($path, false, '', $file); nv_insert_logs(NV_LANG_DATA, $module_name, $lang_module['upload_delfile'], $path . '/' . $file, $admin_info['userid']); echo "OK";
$check_allow_upload_dir = nv_check_allow_upload_dir($newfolder); if (!isset($check_allow_upload_dir['create_file'])) { die("ERROR_" . $lang_module['notlevel']); } $image = htmlspecialchars(trim($nv_Request->get_string('file', 'post')), ENT_QUOTES); $image = basename($image); if (empty($image) or !is_file(NV_ROOTDIR . '/' . $path . '/' . $image)) { die("ERROR_" . $lang_module['errorNotSelectFile']); } $mirror = $nv_Request->get_int('mirror', 'post', 0); $file = $image; $i = 1; while (file_exists(NV_ROOTDIR . '/' . $newfolder . '/' . $file)) { $file = preg_replace('/(.*)(\\.[a-zA-Z0-9]+)$/', '\\1_' . $i . '\\2', $image); ++$i; } if (!nv_copyfile(NV_ROOTDIR . '/' . $path . '/' . $image, NV_ROOTDIR . '/' . $newfolder . '/' . $file)) { die("ERROR_" . $lang_module['errorNotCopyFile']); } nv_filesList($newfolder, false, $file); if (!$mirror) { @nv_deletefile(NV_ROOTDIR . '/' . $path . '/' . $image); $md5_view_image = NV_ROOTDIR . '/' . NV_FILES_DIR . '/images/' . md5($path . '/' . $image) . "." . nv_getextension($image); if (file_exists($md5_view_image)) { @nv_deletefile($md5_view_image); } nv_filesList($path, false, '', $image); } nv_insert_logs(NV_LANG_DATA, $module_name, $lang_module['move'], $path . '/' . $image . " -> " . $newfolder . '/' . $file, $admin_info['userid']); echo $file; exit;
$bytes = nv_convertfromBytes($listFiles[$i]['size']); } else { $bytes = ''; } $info['filelist'][$j] = array('title' => '[' . $j . '] ' . ($info['exttype'] == 'theme' ? 'themes/' : '') . $listFiles[$i]['filename'] . ' ' . $bytes, 'class' => array()); // Kiem tra file ton tai tren he thong if (empty($listFiles[$i]['folder']) and ($info['exttype'] == 'theme' and file_exists(NV_ROOTDIR . '/themes/' . trim($listFiles[$i]['filename'])) or $info['exttype'] != 'theme' and file_exists(NV_ROOTDIR . '/' . trim($listFiles[$i]['filename'])))) { $info['existsnum']++; $info['filelist'][$j]['class'][] = $info['classcfg']['exists']; if ($info['checkresult'] != 'fail') { $info['checkresult'] = 'warning'; } } // Check valid folder structure nukeviet (modules, themes, uploads) $folder = explode('/', $listFiles[$i]['filename']); if (trim($listFiles[$i]['filename']) != 'config.ini' and ($info['exttype'] == 'theme' and $folder[0] != $info['extname'] or $info['exttype'] != 'theme' and !in_array($folder[0], $arraySysOption['allowfolder']) and (isset($folder[1]) and !in_array($folder[0] . '/' . $folder[1], $arraySysOption['allowfolder'])) or $folder[0] == 'assets' and in_array(nv_getextension($listFiles[$i]['filename']), $arraySysOption['forbidExt']))) { $info['invaildnum']++; $info['filelist'][$j]['class'][] = $info['classcfg']['invaild']; $info['checkresult'] = 'fail'; // Delete file nv_deletefile($filename); } } } } else { $error = $lang_module['autoinstall_error_invalidfile']; } } if (!empty($error)) { $xtpl->assign('ERROR', $error); $xtpl->parse('info.error');
/** * nv_get_viewImage() * * @param mixed $fileName * @param integer $w * @param integer $h * @return */ function nv_get_viewImage($fileName, $w = 80, $h = 80) { $ext = nv_getextension($fileName); $md5_view_image = md5($fileName); $viewDir = NV_FILES_DIR . '/images'; $viewFile = $viewDir . '/' . $md5_view_image . '.' . $ext; if (file_exists(NV_ROOTDIR . '/' . $viewFile)) { $size = @getimagesize(NV_ROOTDIR . '/' . $viewFile); return array($viewFile, $size[0], $size[1]); } include_once NV_ROOTDIR . "/includes/class/image.class.php"; $image = new image(NV_ROOTDIR . '/' . $fileName, NV_MAX_WIDTH, NV_MAX_HEIGHT); $image->resizeXY($w, $h); $image->save(NV_ROOTDIR . '/' . $viewDir, $md5_view_image, 75); $create_Image_info = $image->create_Image_info; $error = $image->error; $image->close(); if (empty($error)) { return array($viewDir . '/' . basename($create_Image_info['src']), $create_Image_info['width'], $create_Image_info['height']); } return false; }
if (preg_match('/^(.*?)\\[\\]$/', $key, $match)) { $all_ini[$section][$match[1]][] = $value; } else { $all_ini[$section][$key][] = $value; } } $ini = array(); foreach ($all_ini as $section => $line) { $ini = array_merge($ini, $line); } // Kiem tra mime file foreach ($ziplistContent as $array_file) { $array_name_i = explode('/', $array_file['stored_filename']); if (!preg_match("/\\.(tpl|php)\$/i", $array_file['stored_filename']) and empty($array_file['folder']) and $array_name_i[sizeof($array_name_i) - 1] != '.htaccess' and $array_file['stored_filename'] != 'config.ini') { $mime_real = $mime_check = nv_get_mime_type(NV_ROOTDIR . '/' . $temp_extract_dir . '/' . $array_file['filename']); if (!empty($mime_check) and !in_array($mime_check, $ini[nv_getextension($array_file['filename'])])) { $mime_check = ''; } if (empty($mime_check)) { $array_error_mine[] = array('mime' => $mime_real, 'filename' => $array_file['stored_filename']); } } } } if (empty($array_error_mine)) { // Tao thu muc tren he thong neu chua co $extract_dir = NV_ROOTDIR; if (isset($extConfig['extension']['type']) and $extConfig['extension']['type'] == 'theme') { $extract_dir .= '/themes'; if (!($ftp_check_login == 1 and ftp_mkdir($conn_id, 'themes'))) { @mkdir($extract_dir);