if ($rowcontent['id'] == 0) {
$_sql = "INSERT INTO " . NV_PREFIXLANG . "_" . $module_data . "_rows\n\t\t\t\t\t\t(catid, listcatid, topicid, admin_id, author, sourceid, addtime, edittime, status, publtime, exptime, archive, title, alias, hometext, homeimgfile, homeimgalt, homeimgthumb, inhome, allowed_comm, allowed_rating, hitstotal, hitscm, total_rating, click_rating) VALUES\n\t\t\t\t\t\t (" . intval($rowcontent['catid']) . ",\n\t\t\t\t\t\t " . $db->quote($rowcontent['listcatid']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['topicid']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['admin_id']) . ",\n\t\t\t\t\t\t " . $db->quote($rowcontent['author']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['sourceid']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['addtime']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['edittime']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['status']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['publtime']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['exptime']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['archive']) . ",\n\t\t\t\t\t\t " . $db->quote($rowcontent['title']) . ",\n\t\t\t\t\t\t " . $db->quote($rowcontent['alias']) . ",\n\t\t\t\t\t\t " . $db->quote($rowcontent['hometext']) . ",\n\t\t\t\t\t\t " . $db->quote($rowcontent['homeimgfile']) . ",\n\t\t\t\t\t\t " . $db->quote($rowcontent['homeimgalt']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['homeimgthumb']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['inhome']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['allowed_comm']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['allowed_rating']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['hitstotal']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['hitscm']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['total_rating']) . ",\n\t\t\t\t\t\t " . intval($rowcontent['click_rating']) . ")";
$rowcontent['id'] = $db->insert_id($_sql, 'id');
if ($rowcontent['id'] > 0) {
foreach ($catids as $catid) {
$db->query("INSERT INTO " . NV_PREFIXLANG . "_" . $module_data . "_" . $catid . " SELECT * FROM " . NV_PREFIXLANG . "_" . $module_data . "_rows WHERE id=" . $rowcontent['id']);
}
$tbhtml = NV_PREFIXLANG . "_" . $module_data . "_bodyhtml_" . ceil($rowcontent['id'] / 2000);
$db->query("CREATE TABLE IF NOT EXISTS " . $tbhtml . " (id int(11) unsigned NOT NULL, bodyhtml longtext NOT NULL, sourcetext varchar(255) NOT NULL default '', imgposition tinyint(1) NOT NULL default '1', copyright tinyint(1) NOT NULL default '0', allowed_send tinyint(1) NOT NULL default '0', allowed_print tinyint(1) NOT NULL default '0', allowed_save tinyint(1) NOT NULL default '0', PRIMARY KEY (id)) ENGINE=MyISAM");
$db->query("INSERT INTO " . $tbhtml . " (id, bodyhtml, sourcetext, imgposition, copyright, allowed_send, allowed_print, allowed_save, gid) VALUES (\n\t\t\t\t\t\t\t" . $rowcontent['id'] . ",\n\t\t\t\t\t\t\t" . $db->quote($rowcontent['bodyhtml']) . ",\n\t\t\t\t\t\t\t" . $db->quote($rowcontent['sourcetext']) . ",\n\t\t\t\t\t\t\t" . intval($rowcontent['imgposition']) . ",\n\t\t\t \t\t\t\t" . intval($rowcontent['copyright']) . ",\n\t\t\t \t\t\t\t" . intval($rowcontent['allowed_send']) . ",\n\t\t\t \t\t\t\t" . intval($rowcontent['allowed_print']) . ",\n\t\t\t \t\t\t\t" . intval($rowcontent['allowed_save']) . ", 0\n\t\t\t\t\t\t)");
$db->query('INSERT INTO ' . NV_PREFIXLANG . '_' . $module_data . '_bodytext VALUES (' . $rowcontent['id'] . ', ' . $db->quote($rowcontent['bodytext']) . ')');
$user_content = defined('NV_IS_USER') ? ' | ' . $user_info['username'] : '';
// Them vao thong bao
if (empty($rowcontent['status'])) {
$content = array('title' => $rowcontent['title'], 'hometext' => $rowcontent['hometext']);
nv_insert_notification($module_name, 'post_queue', $content, $rowcontent['id']);
}
nv_insert_logs(NV_LANG_DATA, $module_name, $lang_module['add_content'], $rowcontent['title'] . ' | ' . $client_info['ip'] . $user_content, 0);
} else {
$error = $lang_module['errorsave'];
}
} else {
if ($rowcontent_old['status'] == 1) {
$rowcontent['status'] = 1;
}
$_sql = "UPDATE " . NV_PREFIXLANG . "_" . $module_data . "_rows SET\n\t\t\t\t\t\t catid=" . intval($rowcontent['catid']) . ",\n\t\t\t\t\t\t listcatid=" . $db->quote($rowcontent['listcatid']) . ",\n\t\t\t\t\t\t topicid=" . intval($rowcontent['topicid']) . ",\n\t\t\t\t\t\t author=" . $db->quote($rowcontent['author']) . ",\n\t\t\t\t\t\t sourceid=" . intval($rowcontent['sourceid']) . ",\n\t\t\t\t\t\t status=" . intval($rowcontent['status']) . ",\n\t\t\t\t\t\t publtime=" . intval($rowcontent['publtime']) . ",\n\t\t\t\t\t\t exptime=" . intval($rowcontent['exptime']) . ",\n\t\t\t\t\t\t archive=" . intval($rowcontent['archive']) . ",\n\t\t\t\t\t\t title=" . $db->quote($rowcontent['title']) . ",\n\t\t\t\t\t\t alias=" . $db->quote($rowcontent['alias']) . ",\n\t\t\t\t\t\t hometext=" . $db->quote($rowcontent['hometext']) . ",\n\t\t\t\t\t\t homeimgfile=" . $db->quote($rowcontent['homeimgfile']) . ",\n\t\t\t\t\t\t homeimgalt=" . $db->quote($rowcontent['homeimgalt']) . ",\n\t\t\t\t\t\t homeimgthumb=" . intval($rowcontent['homeimgthumb']) . ",\n\t\t\t\t\t\t inhome=" . intval($rowcontent['inhome']) . ",\n\t\t\t\t\t\t allowed_comm=" . intval($rowcontent['allowed_comm']) . ",\n\t\t\t\t\t\t allowed_rating=" . intval($rowcontent['allowed_rating']) . ",\n\t\t\t\t\t\t edittime=" . NV_CURRENTTIME . "\n\t\t\t\t\t\tWHERE id =" . $rowcontent['id'];
if ($db->exec($_sql)) {
$array_cat_old = explode(',', $rowcontent_old['listcatid']);
foreach ($array_cat_old as $catid) {
$db->query('DELETE FROM ' . NV_PREFIXLANG . '_' . $module_data . '_' . $catid . ' WHERE id = ' . $rowcontent['id']);
}
* @Author VINADES.,JSC (contact@vinades.vn)
* @Copyright (C) 2014 VINADES.,JSC. All rights reserved
* @License GNU/GPL version 2 or any later version
* @Createdate 3-6-2010 0:30
*/
if (!defined('NV_IS_MOD_DOWNLOAD')) {
die('Stop!!!');
}
if (!defined('NV_IS_AJAX')) {
die('Wrong URL');
}
$id = $nv_Request->get_int('id', 'post', 0);
$dlrp = $nv_Request->get_string('dlrp', 'session', '');
$dlrp = !empty($dlrp) ? unserialize($dlrp) : array();
if ($id and !in_array($id, $dlrp)) {
$dlrp[] = $id;
$dlrp = serialize($dlrp);
$nv_Request->set_Session('dlrp', $dlrp);
$query = 'SELECT id, title FROM ' . NV_MOD_TABLE . ' WHERE id=' . $id;
list($id, $title) = $db->query($query)->fetch(3);
if ($id) {
$stmt = $db->prepare('INSERT INTO ' . NV_MOD_TABLE . '_report VALUES (' . $id . ', :ip, ' . NV_CURRENTTIME . ')');
$stmt->bindParam(':ip', $client_info['ip'], PDO::PARAM_STR);
if ($stmt->execute()) {
// Them vao thong bao
$sender_id = !empty($user_info) ? $user_info['userid'] : 0;
nv_insert_notification($module_name, 'report', array('title' => $title), $id, 0, $sender_id, 1);
}
}
}
die('OK');
}
if (!defined('NV_IS_AJAX')) {
nv_create_submenu();
}
// Ket noi voi cac op cua module de thuc hien
if ($is_mobile and file_exists(NV_ROOTDIR . '/modules/' . $module_file . '/mobile/' . $op_file . '.php')) {
require NV_ROOTDIR . '/modules/' . $module_file . '/mobile/' . $op_file . '.php';
} else {
require NV_ROOTDIR . '/modules/' . $module_file . '/funcs/' . $op_file . '.php';
}
exit;
} elseif (isset($module_info['funcs']['main'])) {
$sth = $db->prepare('UPDATE ' . NV_MODULES_TABLE . ' SET act=2 WHERE title= :title');
$sth->bindParam(':title', $module_name, PDO::PARAM_STR);
$sth->execute();
nv_insert_notification('modules', 'auto_deactive_module', array('custom_title' => $site_mods[$module_name]['custom_title']));
nv_del_moduleCache('modules');
}
} elseif (isset($sys_mods[$module_name])) {
$groups_view = (string) $sys_mods[$module_name]['groups_view'];
if (!defined('NV_IS_USER') and $groups_view == 4) {
// Login users
Header('Location: ' . NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=users&' . NV_OP_VARIABLE . '=login&nv_redirect=' . nv_base64_encode($client_info['selfurl']));
die;
} elseif (!defined('NV_IS_ADMIN') and ($groups_view == '2' or $groups_view == '1')) {
// Exit
nv_info_die($lang_global['error_404_title'], $lang_global['site_info'], $lang_global['module_for_admin']);
} elseif (defined('NV_IS_USER') and !nv_user_in_groups($groups_view)) {
nv_info_die($lang_global['error_404_title'], $lang_global['error_404_title'], $lang_global['error_404_content']);
}
}
$sth->bindParam(':title', $ftitle, PDO::PARAM_STR);
$sth->bindParam(':content', $fcon, PDO::PARAM_STR, strlen($fcon));
$sth->bindParam(':sender_name', $fname, PDO::PARAM_STR);
$sth->bindParam(':sender_email', $femail, PDO::PARAM_STR);
$sth->bindParam(':sender_phone', $fphone, PDO::PARAM_STR);
$sth->bindParam(':sender_ip', $client_info['ip'], PDO::PARAM_STR);
if ($sth->execute()) {
$website = '<a href="' . $global_config['site_url'] . '">' . $global_config['site_name'] . '</a>';
$fcon .= '<br /><br />----------------------------------------<br /><br />';
if (empty($fphone)) {
$fcon .= sprintf($lang_module['sendinfo'], $website, $fname, $femail, $client_info['ip'], $array_department[$fpart]['full_name']);
} else {
$fcon .= sprintf($lang_module['sendinfo2'], $website, $fname, $femail, $fphone, $client_info['ip'], $array_department[$fpart]['full_name']);
}
nv_SendMail2User($array_department[$fpart]['id'], $fcon, $ftitle, $femail, $fname);
nv_insert_notification($module_name, 'contact_new', array('title' => $ftitle), 0, $sender_id, 1);
$url = NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA;
$contents .= call_user_func('sendcontact', $url);
include NV_ROOTDIR . '/includes/header.php';
echo nv_site_theme($contents);
include NV_ROOTDIR . '/includes/footer.php';
exit;
}
}
} else {
$base_url_rewrite = $base_url;
if (isset($array_op[0]) and isset($array_department[$fpart])) {
$array_department_i = $array_department[$fpart];
$array_department = array($fpart => $array_department_i);
$base_url_rewrite .= '&' . NV_OP_VARIABLE . '=' . $fpart;
if (isset($array_op[1]) and $array_op[1] == 0) {
$data_insert['author_email'] = $array['author_email'];
$data_insert['author_url'] = $array['author_url'];
$data_insert['fileupload'] = $fileupload;
$data_insert['linkdirect'] = $array['linkdirect'];
$data_insert['version'] = $array['version'];
$data_insert['fileimage'] = $fileimage;
$data_insert['copyright'] = $array['copyright'];
$file_id = $db->insert_id($sql, 'id', $data_insert);
if (!$file_id) {
$is_error = true;
$error = $lang_module['upload_error3'];
} else {
$user_post = defined("NV_IS_USER") ? " | " . $user_info['username'] : "";
nv_insert_logs(NV_LANG_DATA, $module_name, $lang_module['upload_files_log'], $array['title'] . " | " . $client_info['ip'] . $user_post, 0);
$user_post = defined("NV_IS_USER") ? $user_info['userid'] : 0;
nv_insert_notification($module_name, 'upload_new', array('title' => $array['title']), $file_id, 0, $user_post, 1);
$url_back = nv_url_rewrite(NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name, true);
nv_theme_alert($lang_module['file_upload_success_title'], $lang_module['file_upload_success_content'], 'info', $url_back);
include NV_ROOTDIR . '/includes/header.php';
echo nv_site_theme($contents);
include NV_ROOTDIR . '/includes/footer.php';
exit;
}
}
}
}
} else {
$array['catid'] = sizeof($array_op) == 2 ? (int) $array_op[1] : 0;
$array['filesize'] = 0;
$array['title'] = $array['description'] = $array['introtext'] = $array['author_name'] = $array['author_email'] = $array['author_url'] = $array['linkdirect'] = $array['version'] = $array['copyright'] = $array['user_name'] = '';
if (defined('NV_IS_USER')) {
$check_run_cronjobs = NV_ROOTDIR . '/' . NV_LOGS_DIR . '/data_logs/cronjobs_' . md5($cron_row['run_file'] . $cron_row['run_func'] . $global_config['sitekey']) . '.txt';
$p = NV_CURRENTTIME - 300;
if (file_exists($check_run_cronjobs) and @filemtime($check_run_cronjobs) > $p) {
continue;
}
file_put_contents($check_run_cronjobs, '');
$params = !empty($cron_row['params']) ? array_map('trim', explode(',', $cron_row['params'])) : array();
$result2 = call_user_func_array($cron_row['run_func'], $params);
if (!$result2) {
nv_insert_notification('settings', 'auto_deactive_cronjobs', array('cron_id' => $cron_row['id']));
$db->query('UPDATE ' . $db_config['dbsystem'] . '.' . NV_CRONJOBS_GLOBALTABLE . ' SET act=0, last_time=' . NV_CURRENTTIME . ', last_result=0 WHERE id=' . $cron_row['id']);
} else {
if ($cron_row['del']) {
$db->query('DELETE FROM ' . $db_config['dbsystem'] . '.' . NV_CRONJOBS_GLOBALTABLE . ' WHERE id = ' . $cron_row['id']);
} elseif (empty($cron_row['inter_val'])) {
nv_insert_notification('settings', 'auto_deactive_cronjobs', array('cron_id' => $cron_row['id']));
$db->query('UPDATE ' . $db_config['dbsystem'] . '.' . NV_CRONJOBS_GLOBALTABLE . ' SET act=0, last_time=' . NV_CURRENTTIME . ', last_result=1 WHERE id=' . $cron_row['id']);
} else {
$db->query('UPDATE ' . $db_config['dbsystem'] . '.' . NV_CRONJOBS_GLOBALTABLE . ' SET last_time=' . NV_CURRENTTIME . ', last_result=1 WHERE id=' . $cron_row['id']);
$cronjobs_next_time = NV_CURRENTTIME + $interval;
if ($db->exec("UPDATE " . NV_CONFIG_GLOBALTABLE . " SET config_value = '" . $cronjobs_next_time . "' WHERE lang = '" . NV_LANG_DATA . "' AND module = 'global' AND config_name = 'cronjobs_next_time' AND (config_value < '" . NV_CURRENTTIME . "' OR config_value > '" . $cronjobs_next_time . "')")) {
nv_del_moduleCache('settings');
}
}
}
unlink($check_run_cronjobs);
clearstatcache();
}
}
$image = imagecreate(1, 1);
Header('Content-type: image/jpg');
if (file_exists($content_file)) {
$content = file_get_contents($content_file);
$content = nv_editor_br2nl($content);
} else {
$content = $lang_module['order_payment_email'];
}
foreach ($replace_data as $key => $value) {
$content = str_replace('{' . $key . '}', $value, $content);
}
$email_contents = call_user_func('email_new_order', $content, $data_order, $data_pro);
$email_title = empty($order_info) ? $lang_module['order_email_title'] : $lang_module['order_email_edit_title'];
nv_sendmail(array($global_config['site_name'], $global_config['site_email']), $data_order['order_email'], sprintf($email_title, $module_info['custom_title'], $data_order['order_code']), $email_contents);
// Them vao notification
$content = array('order_id' => $data_order['id'], 'order_code' => $data_order['order_code'], 'order_name' => $data_order['order_name']);
$userid = isset($user_info['userid']) and !empty($user_info['userid']) ? $user_info['userid'] : 0;
nv_insert_notification($module_name, empty($order_info) ? 'order_new' : 'order_edit', $content, 0, $userid, 1);
// Gui mail thong bao den nguoi quan ly shops
$order_url = $global_config['site_url'] . NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=or_view&order_id=' . $data_order['id'];
$lang_module['order_email_thanks'] = sprintf($lang_module['order_email_thanks_to_admin'], $data_order['order_name']);
$lang_module['order_email_review'] = sprintf($lang_module['order_email_review_to_admin'], $order_url);
$listmail_notify = nv_listmail_notify();
if (!empty($listmail_notify)) {
$email_contents_to_admin = call_user_func('email_new_order', $data_order, $data_pro);
nv_sendmail(array($global_config['site_name'], $global_config['site_email']), $listmail_notify, sprintf($email_title, $module_info['custom_title'], $data_order['order_code']), $email_contents_to_admin);
}
// Chuyen trang xem thong tin don hang vua dat
unset($_SESSION[$module_data . '_cart']);
unset($_SESSION[$module_data . '_order_info']);
unset($_SESSION[$module_data . '_coupons']);
Header('Location: ' . $review_url);
$action = 1;
} elseif (empty($rating)) {
$contents = "NO_" . $lang_module['rate_empty_rating'];
} elseif ($pro_config['review_captcha'] and !nv_capcha_txt($fcode)) {
$contents = "NO_" . $lang_module['rate_empty_captcha'];
} else {
$userid = !empty($user_info) ? $user_info['userid'] : 0;
$status = $pro_config['review_check'] ? 0 : 1;
$sth = $db->prepare('INSERT INTO ' . $db_config['prefix'] . '_' . $module_data . '_review( product_id, userid, sender, content, rating, add_time, edit_time, status) VALUES( :product_id, :userid, :sender, :content, :rating, ' . NV_CURRENTTIME . ', ' . NV_CURRENTTIME . ', ' . $status . ')');
$sth->bindParam(':product_id', $id, PDO::PARAM_STR);
$sth->bindParam(':userid', $userid, PDO::PARAM_INT);
$sth->bindParam(':sender', $sender, PDO::PARAM_STR, strlen($sender));
$sth->bindParam(':content', $comment, PDO::PARAM_STR, strlen($comment));
$sth->bindParam(':rating', $rating, PDO::PARAM_INT);
if ($sth->execute()) {
$content = array('product_id' => $id, 'content' => $comment, 'rating' => $rating, 'status' => $status);
nv_insert_notification($module_name, 'review_new', $content, 0, $userid, 1);
$nv_Cache->delMod($module_name);
$contents = "OK_" . ($pro_config['review_check'] ? $lang_module['rate_success_queue'] : $lang_module['rate_success_ok']);
} else {
$contents = "NO_" . $lang_module['rate_success_fail'];
}
$nv_Request->set_Cookie($module_data . '_' . $op . '_' . $id, NV_CURRENTTIME);
}
} else {
$timeout = ceil(($difftimeout - NV_CURRENTTIME + $timeout) / 60);
$timeoutmsg = sprintf($lang_module['detail_rate_timeout'], $timeout);
$contents = "NO_" . $timeoutmsg;
}
include NV_ROOTDIR . '/includes/header.php';
echo $contents;
include NV_ROOTDIR . '/includes/footer.php';
$new_id = $db->insert_id($_sql, 'cid', $data_insert);
if ($new_id > 0) {
$nv_Request->set_Cookie($site_mods[$module]['module_data'] . '_timeout_' . $area . '_' . $id, NV_CURRENTTIME, $difftimeout);
if ($status) {
$mod_info = $site_mods[$module];
if (file_exists(NV_ROOTDIR . '/modules/' . $mod_info['module_file'] . '/comment.php')) {
$row = array();
$row['module'] = $module;
$row['id'] = $id;
include NV_ROOTDIR . '/modules/' . $mod_info['module_file'] . '/comment.php';
}
}
if (!$status) {
$comment_success = $lang_module['comment_success_queue'];
// Gui thong bao kiem duyet
nv_insert_notification($module_name, 'comment_queue', array('content' => $content), $new_id);
} else {
$comment_success = $lang_module['comment_success'];
}
$contents = 'OK_' . nv_base64_encode($comment_success);
}
} catch (PDOException $e) {
$contents = 'ERR_' . $e->getMessage();
}
} else {
$timeout = ceil(($difftimeout - NV_CURRENTTIME + $timeout) / 60);
$timeoutmsg = sprintf($lang_module['comment_timeout'], $timeout);
$contents = 'ERR_' . $timeoutmsg;
}
}
}
