function nv_block_config_bdown_news_submit($module, $lang_block) { global $nv_Request; $return = array(); $return['error'] = array(); $return['config'] = array(); $return['config']['title_length'] = $nv_Request->get_int('config_title_length', 'post', 24); $return['config']['numrow'] = $nv_Request->get_int('config_numrow', 'post', 5); $return['config']['class_name'] = filter_text_input('config_class_name', 'post', 'list_item'); $return['config']['img_bullet'] = filter_text_input('config_img_bullet', 'post', ''); return $return; }
/** * nv_block_data_config_rss_submit() * * @param mixed $module * @param mixed $lang_block * @return */ function nv_block_data_config_rss_submit($module, $lang_block) { global $nv_Request; $return = array(); $return['error'] = array(); $return['config'] = array(); $return['config']['url'] = filter_text_input('config_url', 'post', '', 0); $return['config']['number'] = $nv_Request->get_int('config_number', 'post', 0); $return['config']['isdescription'] = $nv_Request->get_int('config_isdescription', 'post', 0); $return['config']['ishtml'] = $nv_Request->get_int('config_ishtml', 'post', 0); $return['config']['ispubdate'] = $nv_Request->get_int('config_ispubdate', 'post', 0); $return['config']['istarget'] = $nv_Request->get_int('config_istarget', 'post', 0); $return['config']['title_length'] = $nv_Request->get_int('config_title_length', 'post', 0); if (!nv_is_url($return['config']['url'])) { $return['error'][] = $lang_block['error_url']; } return $return; }
$fpart = isset($array_op[0]) ? $array_op[0] : 0; $fpart = $nv_Request->get_int('fpart', 'post,get', $fpart); $ftitle = filter_text_input('ftitle', 'post,get', '', 1, 250); if (!empty($array_rows)) { $checkss = filter_text_input('checkss', 'post', ''); if ($checkss == md5($client_info['session_id'] . $global_config['sitekey'])) { if (defined('NV_IS_USER')) { $fname = !empty($user_info['full_name']) ? $user_info['full_name'] : $user_info['username']; $femail = $user_info['email']; } else { $fname = filter_text_input('fname', 'post', '', 1, 100); $femail = filter_text_input('femail', 'post', '', 1, 100); } $fphone = filter_text_input('fphone', 'post', '', 1, 100); $fcon = filter_text_textarea('fcon', '', NV_ALLOWED_HTML_TAGS); $fcode = filter_text_input('fcode', 'post', ''); $check_valid_email = nv_check_valid_email($femail); if (empty($fname)) { $error = $lang_module['error_fullname']; } elseif (!empty($check_valid_email)) { $error = $check_valid_email; } elseif (empty($ftitle)) { $error = $lang_module['error_title']; } elseif (empty($fcon)) { $error = $lang_module['error_content']; } elseif (!isset($array_rows[$fpart])) { $error = $lang_module['error_part']; } elseif (!nv_capcha_txt($fcode)) { $error = $lang_module['error_captcha']; } else { $fcon = nv_nl2br($fcon);
$theme_array_file = nv_scandir(NV_ROOTDIR . "/themes", $global_config['check_theme']); $theme_array_file = array_flip($theme_array_file); $theme_array_file = array_keys($theme_array_file); $sql = "SELECT DISTINCT `theme` FROM `" . NV_PREFIXLANG . "_modthemes` WHERE `func_id`=0"; $result = $db->sql_query($sql); while (list($theme) = $db->sql_fetchrow($result)) { if (in_array($theme, $theme_array_file)) { $theme_list[] = $theme; } } $groups_list = nv_groups_list(); if ($nv_Request->get_int('save', 'post') == '1') { nv_insert_logs(NV_LANG_DATA, $module_name, 'log_edit_modul', "module " . $mod, $admin_info['userid']); $custom_title = filter_text_input('custom_title', 'post', 1); $theme = filter_text_input('theme', 'post', '', 1); $keywords = filter_text_input('keywords', 'post', '', 1); $act = $nv_Request->get_int('act', 'post', 0); $rss = $nv_Request->get_int('rss', 'post', 0); if (!empty($theme) and !in_array($theme, $theme_list)) { $theme = ""; } if (!empty($keywords)) { $keywords = explode(",", $keywords); $keywords = array_map("trim", $keywords); $keywords = implode(", ", $keywords); } if ($mod != $global_config['site_home_module']) { $who_view = $nv_Request->get_int('who_view', 'post', 0); if ($who_view < 0 or $who_view > 3) { $who_view = 0; }
<?php /** * @Project NUKEVIET 3.x * @Author VINADES.,JSC (contact@vinades.vn) * @Copyright (C) 2012 VINADES.,JSC. All rights reserved * @Createdate 2-10-2010 17:30 */ if (!defined('NV_IS_FILE_MODULES')) { die('Stop!!!'); } $mod = filter_text_input('mod', 'post'); if (empty($mod) or !preg_match($global_config['check_module'], $mod)) { die("NO_" . $mod); } $sql = "SELECT `submenu` FROM `" . NV_MODULES_TABLE . "` WHERE `title`=" . $db->dbescape($mod); $result = $db->sql_query($sql); $numrows = $db->sql_numrows($result); if ($numrows != 1) { die('NO_' . $mod); } $row = $db->sql_fetchrow($result); $submenu = $row['submenu'] ? 0 : 1; $sql = "UPDATE `" . NV_MODULES_TABLE . "` SET `submenu`=" . $submenu . " WHERE `title`=" . $db->dbescape($mod); $db->sql_query($sql); nv_del_moduleCache('modules'); include NV_ROOTDIR . "/includes/header.php"; echo 'OK_' . $mod; include NV_ROOTDIR . "/includes/footer.php";
<?php /** * @Project NUKEVIET 3.0 * @Author VINADES.,JSC (contact@vinades.vn) * @Copyright (C) 2010 VINADES.,JSC. All rights reserved * @Createdate 2-2-2010 12:55 */ if (!defined('NV_IS_FILE_MODULES')) { die('Stop!!!'); } $filename = filter_text_input('filename', 'get', ''); $checkss = filter_text_input('checkss', 'get', ''); $mod = filter_text_input('mod', 'get', ''); $path_filename = NV_ROOTDIR . "/" . NV_TEMP_DIR . "/" . $filename; if (!empty($mod) and file_exists($path_filename) and $checkss == md5($filename . $client_info['session_id'] . $global_config['sitekey'])) { //Download file require_once NV_ROOTDIR . '/includes/class/download.class.php'; $download = new download($path_filename, NV_ROOTDIR . "/" . NV_TEMP_DIR, $mod); $download->download_file(); exit; } else { $contents = 'file not exist !'; include NV_ROOTDIR . "/includes/header.php"; echo nv_admin_theme($contents); include NV_ROOTDIR . "/includes/footer.php"; }
} $xtpl = new XTemplate("copy.tpl", NV_ROOTDIR . "/themes/" . $global_config['module_theme'] . "/modules/" . $module_file); $xtpl->assign('LANG', $lang_module); $xtpl->assign('GLANG', $lang_global); if (empty($array_lang_exit)) { $xtpl->assign('URL', NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=setting"); $xtpl->parse('empty'); $contents = $xtpl->text('empty'); include NV_ROOTDIR . "/includes/header.php"; echo nv_admin_theme($contents); include NV_ROOTDIR . "/includes/footer.php"; exit; } if ($nv_Request->isset_request('newslang,typelang,checksess', 'post') and $nv_Request->get_string('checksess', 'post') == md5(session_id())) { $newslang = filter_text_input('newslang', 'post', ''); $typelang = filter_text_input('typelang', 'post', ''); if ($typelang == "-vi") { $typelang = "-"; $replace_lang_vi = true; } else { $replace_lang_vi = false; } if (isset($language_array[$newslang])) { nv_admin_add_field_lang($newslang); if ($replace_lang_vi == true) { nv_copyfile(NV_ROOTDIR . "/js/language/vi.js", NV_ROOTDIR . "/js/language/" . $newslang . ".js"); $db->sql_query("UPDATE `" . NV_LANGUAGE_GLOBALTABLE . "_file` SET `author_" . $newslang . "`=`author_vi`"); $query = "SELECT `id`, `lang_vi` FROM `" . NV_LANGUAGE_GLOBALTABLE . "`"; $result = $db->sql_query($query); while (list($id, $author_lang) = $db->sql_fetchrow($result)) { $author_lang = nv_EncString($author_lang);
cp_check_permission($nv_Request); $cp_permissions = unserialize($nv_Request->get_string('cp_permission', 'session')); } $can_write = $cp_permissions['can_write']; $can_publish = $cp_permissions['can_publish']; $stype = $nv_Request->get_string('stype', 'get', '-'); $catid = $nv_Request->get_int('catid', 'get', 0); $per_page_old = $nv_Request->get_int('per_page', 'cookie', 50); $per_page = $nv_Request->get_int('per_page', 'get', $per_page_old); if ($per_page < 1 and $per_page > 500) { $per_page = 50; } if ($per_page_old != $per_page) { $nv_Request->set_Cookie('per_page', $per_page, NV_LIVE_COOKIE_TIME); } $q = filter_text_input('q', 'get', '', 1); $ordername = $nv_Request->get_string('ordername', 'get', 'publtime'); $order = $nv_Request->get_string('order', 'get') == "asc" ? 'asc' : 'desc'; $array_search = array("-" => "---", "title" => $lang_module['search_title'], "bodytext" => $lang_module['search_bodytext'], "author" => $lang_module['search_author'], "admin_id" => $lang_module['search_admin']); $array_in_rows = array("title", "bodytext", "author"); $array_in_ordername = array("title", "publtime", "exptime"); if (!in_array($stype, array_keys($array_search))) { $stype = "-"; } if (!in_array($ordername, array_keys($array_in_ordername))) { $ordername = "id"; } if ($catid == 0) { $from = "`" . NV_PREFIXLANG . "_" . $module_data . "_rows`"; } else { $from = "`" . NV_PREFIXLANG . "_" . $module_data . "_" . $catid . "`";
<?php /** * @Project NUKEVIET 3.0 * @Author VINADES.,JSC (contact@vinades.vn) * @Copyright (C) 2010 VINADES., JSC. All rights reserved * @Createdate 3/7/2010 2:23 */ if (!defined('NV_IS_FILE_THEMES')) { die('Stop!!!'); } $func_id = $nv_Request->get_int('funcid', 'post'); $layout = filter_text_input('layout', 'post', '', 1); $selectthemes_old = $nv_Request->get_string('selectthemes', 'cookie', $global_config['site_theme']); $selectthemes = $nv_Request->get_string('selectthemes', 'get', $selectthemes_old); $numfunc = $db->sql_numrows($db->sql_query("SELECT func_id FROM `" . NV_PREFIXLANG . "_modthemes` WHERE `func_id`='" . $func_id . "' AND theme='" . $selectthemes . "'")); if ($numfunc) { $sql = "UPDATE `" . NV_PREFIXLANG . "_modthemes` SET `layout`=" . $db->dbescape($layout) . " WHERE `func_id`=" . $func_id; } else { $sql = "INSERT INTO `" . NV_PREFIXLANG . "_modthemes` VALUES('{$func_id}'," . $db->dbescape($layout) . ", " . $db->dbescape($selectthemes) . ")"; } $result = $db->sql_query($sql); if ($result) { echo $lang_module['setup_updated_layout']; } else { echo $lang_module['setup_error_layout']; } nv_del_moduleCache('themes');
$numrows = $db->sql_numrows($result); if ($numrows != 1) { Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name); die; } $row = $db->sql_fetchrow($result); $error = ""; if ($nv_Request->get_int('save', 'post', 0)) { $lev = $nv_Request->get_int('lev', 'post', 0); $editor = filter_text_input('editor', 'post'); $allow_files_type = $nv_Request->get_array('allow_files_type', 'post', array()); $allow_create_subdirectories = $nv_Request->get_int('allow_create_subdirectories', 'post', 0); $allow_modify_files = $nv_Request->get_int('allow_modify_files', 'post', 0); $allow_modify_subdirectories = $nv_Request->get_int('allow_modify_subdirectories', 'post', 0); $modules = $nv_Request->get_array('modules', 'post', array()); $position = filter_text_input('position', 'post', '', 1); if (empty($position)) { $error = $lang_module['position_incorrect']; } else { $lev = ($lev != 2 or !defined("NV_IS_GODADMIN")) ? 3 : 2; $mds = array(); if ($lev == 3 and !empty($modules)) { $is_delCache = false; foreach (array_keys($site_mods) as $mod) { if (!empty($mod) and in_array($mod, $modules)) { $site_mods_admins = $site_mods[$mod]['admins'] . (!empty($site_mods[$mod]['admins']) ? "," : "") . $userid; $site_mods_admins = explode(",", $site_mods_admins); $site_mods_admins = array_unique($site_mods_admins); $site_mods_admins = implode(",", $site_mods_admins); $sql = "UPDATE `" . NV_MODULES_TABLE . "` SET `admins`=" . $db->dbescape($site_mods_admins) . " WHERE `title`=" . $db->dbescape($mod); $db->sql_query($sql);
} $query = "SELECT * FROM `" . NV_PREFIXLANG . "_" . $module_data . "_comments` WHERE `id`=" . $id; $result = $db->sql_query($query); $numrows = $db->sql_numrows($result); if ($numrows != 1) { Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=comment&status=1"); exit; } $row = $db->sql_fetchrow($result); $array = array(); $is_error = false; $error = ""; if ($nv_Request->isset_request('submit', 'post')) { $array['subject'] = filter_text_input('subject', 'post', '', 1); $array['comment'] = filter_text_textarea('comment', '', NV_ALLOWED_HTML_TAGS); $array['admin_reply'] = filter_text_input('admin_reply', 'post', '', 1); $array['admin_id'] = (int) $row['admin_id']; if (empty($array['subject'])) { $is_error = true; $error = $lang_module['comment_edit_error1']; } elseif (empty($array['comment'])) { $is_error = true; $error = $lang_module['comment_edit_error2']; } else { $array['comment'] = nv_nl2br($array['comment'], "<br />"); if (!empty($array['admin_reply']) and $array['admin_reply'] != $row['admin_reply']) { $array['admin_id'] = $admin_info['admin_id']; } $sql = "UPDATE `" . NV_PREFIXLANG . "_" . $module_data . "_comments` SET \n `subject`=" . $db->dbescape($array['subject']) . ", \n `comment`=" . $db->dbescape($array['comment']) . ", \n `admin_reply`=" . $db->dbescape($array['admin_reply']) . ", \n `admin_id`=" . $array['admin_id'] . " \n WHERE `id`=" . $id; $result = $db->sql_query($sql); if (!$result) {
nv_info_die($global_config['site_description'], $lang_global['site_info'], $lang_global['firewallincorrect'] . "<META HTTP-EQUIV=\"refresh\" content=\"5;URL=" . $global_config['site_url'] . "\" />"); } $error = ""; $login = ""; $array_gfx_chk = array(1, 5, 6, 7); if (in_array($global_config['gfx_chk'], $array_gfx_chk)) { $global_config['gfx_chk'] = 1; } else { $global_config['gfx_chk'] = 0; } $admin_login_redirect = $nv_Request->get_string('admin_login_redirect', 'session', ''); if ($nv_Request->isset_request('nv_login,nv_password', 'post')) { $nv_username = filter_text_input('nv_login', 'post', '', '', 100); $nv_password = filter_text_input('nv_password', 'post', '', '', 50); if ($global_config['gfx_chk'] == 1) { $nv_seccode = filter_text_input('nv_seccode', 'post', ''); } if (empty($nv_username)) { $error = $lang_global['nickname_empty']; } elseif (empty($nv_password)) { $error = $lang_global['password_empty']; } elseif ($global_config['gfx_chk'] == 1 and !nv_capcha_txt($nv_seccode)) { $error = $lang_global['securitycodeincorrect']; } else { if (defined('NV_IS_USER_FORUM')) { define('NV_IS_MOD_USER', true); require_once NV_ROOTDIR . '/' . DIR_FORUM . '/nukeviet/login.php'; } $userid = 0; $sql = "SELECT userid, username, password FROM `" . NV_USERS_GLOBALTABLE . "` WHERE md5username ='******'"; $result = $db->sql_query($sql);
<?php /** * @Project NUKEVIET 3.0 * @Author VINADES.,JSC (contact@vinades.vn) * @Copyright (C) 2010 VINADES.,JSC. All rights reserved * @Createdate 2-1-2010 21:51 */ if (!defined('NV_IS_FILE_DATABASE')) { die('Stop!!!'); } if ($nv_Request->get_bool('show_tabs', 'post')) { nv_show_tables(); exit; } if ($nv_Request->isset_request('tab', 'get') and preg_match("/^(" . $db_config['prefix'] . ")\\_[a-zA-Z0-9\\_\\.\\-]+\$/", filter_text_input('tab', 'get'))) { nv_show_tab(); exit; } $database = array(); $database['db_host_info'] = mysql_get_host_info(); $database['db_sql_version'] = $db->sql_version; $database['db_proto_info'] = mysql_get_proto_info(); $database['server'] = $db->server; $database['db_dbname'] = $db->dbname; $database['db_uname'] = $db->user; $result = $db->sql_query('SELECT @@session.time_zone AS `db_time_zone`, @@session.character_set_database AS `db_charset`, @@session.collation_database AS `db_collation`'); $row = $db->sql_fetch_assoc($result); $db->sql_freeresult($result); $database['db_charset'] = $row['db_charset']; $database['db_collation'] = $row['db_collation'];
Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=cat"); exit; } $sql = "SELECT * FROM `" . NV_PREFIXLANG . "_" . $module_data . "_categories` WHERE `id`=" . $catid; $result = $db->sql_query($sql); $numcat = $db->sql_numrows($result); if ($numcat != 1) { Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=cat"); exit; } $row = $db->sql_fetchrow($result); $is_error = false; if ($nv_Request->isset_request('submit', 'post')) { $array['parentid'] = $nv_Request->get_int('parentid', 'post', 0); $array['title'] = filter_text_input('title', 'post', '', 1); $array['description'] = filter_text_input('description', 'post', ''); $array['who_view'] = $nv_Request->get_int('who_view', 'post', 0); $array['groups_view'] = $nv_Request->get_typed_array('groups_view', 'post', 'int'); $alias = change_alias($array['title']); if (empty($array['title'])) { $error = $lang_module['faq_error_cat2']; $is_error = true; } else { if (!empty($array['parentid'])) { $sql = "SELECT COUNT(*) AS count FROM `" . NV_PREFIXLANG . "_" . $module_data . "_categories` WHERE `id`=" . $array['parentid']; $result = $db->sql_query($sql); list($count) = $db->sql_fetchrow($result); if (!$count) { $error = $lang_module['faq_error_cat3']; $is_error = true; }
* @Project NUKEVIET 3.0 * @Author VINADES.,JSC (contact@vinades.vn) * @Copyright (C) 2010 VINADES., JSC. All rights reserved * @Createdate 3-6-2010 0:14 */ if (!defined('NV_IS_MOD_NEWS')) { die('Stop!!!'); } if (!defined('NV_IS_AJAX')) { die('Wrong URL'); } $contents = ""; $array_point = array(1, 2, 3, 4, 5); $id = $nv_Request->get_int('id', 'post', 0); $point = $nv_Request->get_int('point', 'post', 0); $checkss = filter_text_input('checkss', 'post'); $time_set = $nv_Request->get_int($module_name . '_' . $op . '_' . $id, 'session', 0); if ($id > 0 and in_array($point, $array_point) and $checkss == md5($id . $client_info['session_id'] . $global_config['sitekey'])) { if (!empty($time_set)) { die($lang_module['rating_error2']); } $nv_Request->set_Session($module_name . '_' . $op . '_' . $id, NV_CURRENTTIME); $query = $db->sql_query("SELECT `listcatid`, `allowed_rating`, `ratingdetail` FROM `" . NV_PREFIXLANG . "_" . $module_data . "_rows` WHERE `id` = " . $id . " AND `status`=1 AND `publtime` < " . NV_CURRENTTIME . " AND (`exptime`=0 OR `exptime`>" . NV_CURRENTTIME . ")"); $row = $db->sql_fetchrow($query); if (isset($row['allowed_rating']) and $row['allowed_rating'] == 1) { $ratingdetail = array_map("intval", explode("|", $row['ratingdetail'])); $rating['total'] = $ratingdetail[0] + $point; $rating['click'] = $ratingdetail[1] + 1; $rating['points'] = round($rating['total'] / $rating['click']); $ratingdetail = $rating['total'] . '|' . $rating['click']; $query = "UPDATE `" . NV_PREFIXLANG . "_" . $module_data . "_rows` SET `ratingdetail`=" . $db->dbescape($ratingdetail) . " WHERE `id`=" . $id;
} $query = "SELECT * FROM `" . NV_CRONJOBS_GLOBALTABLE . "` WHERE `id`=" . $id . " AND `is_sys`=0"; $result = $db->sql_query($query); $numrows = $db->sql_numrows($result); if (empty($numrows)) { Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&op=cronjobs"); die; } $row = $db->sql_fetchrow($result); $error = ""; if ($nv_Request->get_int('save', 'post') == '1') { nv_insert_logs(NV_LANG_DATA, $module_name, 'log_cronjob_edit', "id " . $id, $admin_info['userid']); $cron_name = filter_text_input('cron_name', 'post', '', 1); $run_file = filter_text_input('run_file', 'post', ''); $run_func = filter_text_input('run_func_iavim', 'post', ''); $params = filter_text_input('params_iavim', 'post', ''); $interval = $nv_Request->get_int('interval_iavim', 'post', 0); $del = $nv_Request->get_int('del', 'post', 0); $min = $nv_Request->get_int('min', 'post', 0); $hour = $nv_Request->get_int('hour', 'post', 0); $day = $nv_Request->get_int('day', 'post', 0); $month = $nv_Request->get_int('month', 'post', 0); $year = $nv_Request->get_int('year', 'post', 0); if (empty($cron_name)) { $error = $lang_module['cron_name_empty']; } elseif (!empty($run_file) and !file_exists(NV_ROOTDIR . '/includes/cronjobs/' . $run_file)) { $error = $lang_module['file_not_exist']; } elseif (empty($run_func) or !preg_match($global_config['check_cron'], $run_func)) { $error = $lang_module['func_name_invalid']; } else { $start_time = mktime($hour, $min, 0, $month, $day, $year);
$_user['email'] = filter_text_input('email', 'post', '', 1, 100); $_user['password1'] = filter_text_input('password1', 'post', '', 0, NV_UPASSMAX); $_user['password2'] = filter_text_input('password2', 'post', '', 0, NV_UPASSMAX); $_user['question'] = filter_text_input('question', 'post', '', 1, 255); $_user['answer'] = filter_text_input('answer', 'post', '', 1, 255); $_user['full_name'] = filter_text_input('full_name', 'post', '', 1, 255); $_user['gender'] = filter_text_input('gender', 'post', '', 1, 1); $_user['website'] = filter_text_input('website', 'post', ''); $_user['location'] = filter_text_input('location', 'post', '', 1); $_user['yim'] = filter_text_input('yim', 'post', '', 1, 100); $_user['telephone'] = filter_text_input('telephone', 'post', '', 1, 100); $_user['fax'] = filter_text_input('fax', 'post', '', 1, 100); $_user['mobile'] = filter_text_input('mobile', 'post', '', 1, 100); $_user['view_mail'] = $nv_Request->get_int('view_mail', 'post', 0); $_user['sig'] = filter_text_textarea('sig', '', NV_ALLOWED_HTML_TAGS); $_user['birthday'] = filter_text_input('birthday', 'post', '', 1, 10); $_user['in_groups'] = $nv_Request->get_typed_array('group', 'post', 'int'); if (!empty($_user['website'])) { if (!preg_match("#^(http|https|ftp|gopher)\\:\\/\\/#", $_user['website'])) { $_user['website'] = "http://" . $_user['website']; } if (!nv_is_url($_user['website'])) { $_user['website'] = ""; } } if (($error_username = nv_check_valid_login($_user['username'], NV_UNICKMAX, NV_UNICKMIN)) != "") { $error = $error_username; } elseif ($_user['username'] != $db->fixdb($_user['username'])) { $error = sprintf($lang_module['account_deny_name'], '<strong>' . $_user['username'] . '</strong>'); } elseif (($error_xemail = nv_check_valid_email($_user['email'])) != "") { $error = $error_xemail;
/** * @Project NUKEVIET 3.0 * @Author VINADES.,JSC (contact@vinades.vn) * @copyright 2009 * @createdate 10/03/2010 10:51 */ if (!defined('NV_IS_MOD_USER')) { die('Stop!!!'); } if (defined('NV_IS_USER') or defined('NV_IS_USER_FORUM') or $global_config['allowuserreg'] != 2) { Header("Location: " . NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name); die; } $userid = $nv_Request->get_int('userid', 'get', '', 1); $checknum = filter_text_input('checknum', 'get', '', 1); if (empty($userid) or empty($checknum)) { Header("Location: " . NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name); die; } $del = NV_CURRENTTIME - 86400; $sql = "DELETE FROM `" . NV_USERS_GLOBALTABLE . "_reg` WHERE `regdate` < " . $del; $db->sql_query($sql); $sql = "SELECT * FROM `" . NV_USERS_GLOBALTABLE . "_reg` WHERE `userid`=" . $userid; $result = $db->sql_query($sql); $numrows = $db->sql_numrows($result); if ($numrows != 1) { Header("Location: " . NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name); die; } $page_title = $mod_title = $lang_module['register'];
if (!defined('NV_IS_FILE_ADMIN')) { die('Stop!!!'); } $page_title = $lang_module['categories']; $error = $admins = ""; $savecat = 0; list($catid, $parentid, $title, $alias, $description, $keywords) = array(0, 0, "", "", "", ""); $savecat = $nv_Request->get_int('savecat', 'post', 0); if (!empty($savecat)) { $catid = $nv_Request->get_int('catid', 'post', 0); list($parentid_old) = $db->sql_fetchrow($db->sql_query("SELECT `parentid` FROM `" . NV_PREFIXLANG . "_" . $module_data . "_cat` WHERE `catid` = '" . $catid . "'")); $parentid = $nv_Request->get_int('parentid', 'post', 0); $title = filter_text_input('title', 'post', "", 1, 100); $catimage = filter_text_input('catimage', 'post'); $keywords = filter_text_input('keywords', 'post'); $alias = filter_text_input('alias', 'post'); $description = filter_text_textarea('description', '', NV_ALLOWED_HTML_TAGS); $alias = $alias == "" ? change_alias($title) : change_alias($alias); if ($catid == 0 and !empty($title)) { $description = nv_nl2br($description, '<br />'); // list($weight) = $db->sql_fetchrow($db->sql_query("SELECT max(`weight`) FROM `" . NV_PREFIXLANG . "_" . $module_data . "_cat` WHERE `parentid`=" . $db->dbescape($parentid) . "")); $weight = intval($weight) + 1; $query = "INSERT INTO `" . NV_PREFIXLANG . "_" . $module_data . "_cat` (`catid`, `parentid`, `title`, `catimage`, `alias`, `description`, `weight`, `inhome`, `numlinks`, `keywords`, `add_time`, `edit_time`) VALUES (NULL, " . $db->dbescape($parentid) . ", " . $db->dbescape($title) . ", " . $db->dbescape($catimage) . " , " . $db->dbescape($alias) . ", " . $db->dbescape($description) . ", " . $db->dbescape($weight) . ", '1', '3', " . $db->dbescape($keywords) . ", UNIX_TIMESTAMP(), UNIX_TIMESTAMP())"; if ($db->sql_query_insert_id($query)) { nv_insert_logs(NV_LANG_DATA, $module_name, 'log_add_cat', " ", $admin_info['userid']); $db->sql_freeresult(); nv_del_moduleCache($module_name); Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=" . $op . ""); die; } else {
$id = $id == 0 ? $report_id : $id; $sql = "SELECT `title`, `alias` FROM `" . NV_PREFIXLANG . "_" . $module_data . "_rows` WHERE `id`='" . $id . "'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); unset($sql, $result); $row['error'] = ""; $row['action'] = nv_url_rewrite(NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=reportlink-" . $row['alias'] . "-" . $id, true); $row['id'] = $id; if ($id) { $check = false; if ($submit and $report_id) { $sql = "SELECT `type` FROM `" . NV_PREFIXLANG . "_" . $module_data . "_report` WHERE `id`='" . $report_id . "'"; $result = $db->sql_query($sql); $rows = $db->sql_fetchrow($result); $report = $nv_Request->get_int('report', 'post'); $report_note = filter_text_input('report_note', 'post', '', 1, 255); $row['report_note'] = $report_note; if ($report == 0 and empty($report_note)) { $row['error'] = $lang_module['error']; } elseif (!empty($report_note) and !isset($report_note[9])) { $row['error'] = $lang_module['error_word_min']; } elseif ($rows['type'] == $report) { $check = true; } else { $report_note = nv_nl2br($report_note); $sql = "INSERT INTO `" . NV_PREFIXLANG . "_" . $module_data . "_report` (`id`, `type`, `report_time`, `report_userid`, `report_ip`, `report_browse_key`, `report_browse_name`, `report_os_key`, `report_os_name`, `report_note`) VALUE ('" . $report_id . "', '" . $report . "', UNIX_TIMESTAMP(), '0', " . $db->dbescape_string($client_info['ip']) . ", " . $db->dbescape_string($client_info['browser']['key']) . ", " . $db->dbescape_string($client_info['browser']['name']) . ", " . $db->dbescape_string($client_info['client_os']['key']) . ", " . $db->dbescape_string($client_info['client_os']['name']) . ", " . $db->dbescape_string($report_note) . ")"; $check = $db->sql_query($sql); } } $contents = call_user_func("report", $row, $check); } else {
function nv_show_tab() { global $db, $db_config, $module_name, $page_title, $lang_global, $lang_module, $nv_Request; $tab = filter_text_input('tab', 'get'); $result = $db->sql_query("SHOW TABLE STATUS WHERE `Name`=" . $db->dbescape($tab)); $item = $db->sql_fetch_assoc($result); $db->sql_freeresult($result); if (empty($item)) { Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name); die; } if (in_array(filter_text_input('show_highlight', 'post'), array('php', 'sql'))) { $content = nv_highlight_string($tab, filter_text_input('show_highlight', 'post')); include NV_ROOTDIR . "/includes/header.php"; echo $content; include NV_ROOTDIR . "/includes/footer.php"; } $tablename = substr($item['Name'], strlen($db_config['prefix']) + 1); $contents = array(); $contents['table']['caption'] = sprintf($lang_module['table_caption'], $tablename); $contents['table']['info']['name'] = array($lang_module['table_name'], $tablename); $contents['table']['info']['engine'] = array($lang_module['table_type'], isset($item['Engine']) ? $item['Engine'] : $item['Type']); $contents['table']['info']['row_format'] = array($lang_module['row_format'], $item['Row_format']); $contents['table']['info']['data_length'] = array($lang_module['table_size'], nv_convertfromBytes(intval($item['Data_length']) + intval($item['Index_length']))); $contents['table']['info']['max_data_length'] = array($lang_module['table_max_size'], !empty($item['Max_data_length']) ? nv_convertfromBytes(floatval($item['Max_data_length'])) : 'n/a'); $contents['table']['info']['data_free'] = array($lang_module['table_datafree'], !empty($item['Data_free']) ? nv_convertfromBytes(intval($item['Data_free'])) : 0); $contents['table']['info']['rows'] = array($lang_module['table_numrow'], $item['Rows']); $contents['table']['info']['auto_increment'] = array($lang_module['table_auto_increment'], isset($item['Auto_increment']) ? intval($item['Auto_increment']) : "n/a"); $contents['table']['info']['create_time'] = array($lang_module['table_create_time'], !empty($item['Create_time']) ? strftime("%H:%M:%S %d/%m/%Y", strtotime($item['Create_time'])) : "n/a"); $contents['table']['info']['update_time'] = array($lang_module['table_update_time'], !empty($item['Update_time']) ? strftime("%H:%M:%S %d/%m/%Y", strtotime($item['Update_time'])) : "n/a"); $contents['table']['info']['check_time'] = array($lang_module['table_check_time'], !empty($item['Check_time']) ? strftime("%H:%M:%S %d/%m/%Y", strtotime($item['Check_time'])) : "n/a"); $contents['table']['info']['collation'] = array($lang_module['table_charset'], !empty($item['Collation']) && preg_match("/^([a-z0-9]+)_/i", $item['Collation'], $m) ? $m[1] : ""); $contents['table']['show'] = nv_highlight_string($tab, "php"); $contents['table']['show_lang'] = array($lang_module['php_code'], $lang_module['sql_code']); $contents['table']['row']['caption'] = sprintf($lang_module['table_row_caption'], $tablename); $contents['table']['row']['columns'] = array($lang_module['field_name'], $lang_module['field_type'], $lang_module['field_null'], $lang_module['field_key'], $lang_module['field_default'], $lang_module['field_extra']); $contents['table']['row']['detail'] = array(); $result = $db->sql_query("SHOW COLUMNS FROM `" . $tab . "`"); while ($row = $db->sql_fetch_assoc($result)) { $row['Null'] = $row['Null'] == "NO" ? "NOT NULL" : "NULL"; $row['Key'] = empty($row['Key']) ? "" : ($row['Key'] == 'PRI' ? "PRIMARY KEY" : ($row['Key'] == 'UNI' ? "UNIQUE KEY" : "KEY")); $contents['table']['row']['detail'][] = $row; } $db->sql_freeresult($result); $contents = call_user_func("nv_show_tab_theme", $contents); $page_title = sprintf($lang_module['nv_show_tab'], $tablename); include NV_ROOTDIR . "/includes/header.php"; echo nv_admin_theme($contents); include NV_ROOTDIR . "/includes/footer.php"; }
$last_reason = !empty($susp_reason) ? $susp_reason[0] : ""; } $old_suspend = intval($row['is_suspend']); if (empty($old_suspend)) { $allow_change = true; } else { $allow_change = defined("NV_IS_GODADMIN") ? true : ((defined("NV_IS_SPADMIN") and $last_reason['start_admin'] == $admin_info['login'] and $global_config['spadmin_add_admin'] == 1) ? true : false); } $contents = array(); $contents['change_suspend'] = array(); if ($allow_change) { $new_suspend = $old_suspend ? 0 : 1; $save = $nv_Request->get_int('save', 'post', 0); $error = ""; if ($save) { $new_reason = !empty($new_suspend) ? filter_text_input('new_reason', 'post', '', 1) : ""; $sendmail = $nv_Request->get_int('sendmail', 'post', 0); $clean_history = defined("NV_IS_GODADMIN") ? $nv_Request->get_int('clean_history', 'post', 0) : 0; if (!empty($new_suspend) and empty($new_reason)) { $error = sprintf($lang_module['susp_reason_empty'], $row_user['username']); } else { if ($new_suspend) { if ($clean_history) { $susp_reason = array(); $susp_reason[] = array('starttime' => NV_CURRENTTIME, 'endtime' => 0, 'start_admin' => $admin_info['admin_id'], 'end_admin' => '', 'info' => $new_reason); } else { array_unshift($susp_reason, array('starttime' => NV_CURRENTTIME, 'endtime' => 0, 'start_admin' => $admin_info['admin_id'], 'end_admin' => '', 'info' => $new_reason)); } } else { if ($clean_history) { $susp_reason = array();
if (empty($post['title'])) { die($lang_module['title_empty']); } $_groupsList = $groupsList; if (isset($post['id'])) { unset($_groupsList[$post['id']]); } foreach ($_groupsList as $_group) { if (strcasecmp($_group['title'], $post['title']) == 0) { die(sprintf($lang_module['error_title_exists'], $post['title'])); } } $post['content'] = nv_editor_filter_textarea('content', '', NV_ALLOWED_HTML_TAGS); $test_content = trim(strip_tags($post['content'])); $post['content'] = !empty($test_content) ? nv_editor_nl2br($post['content']) : ""; $post['exp_time'] = filter_text_input('exp_time', 'post', ''); if (preg_match("/^([\\d]{1,2})\\.([\\d]{1,2})\\.([\\d]{4})\$/", $post['exp_time'], $matches)) { $post['exp_time'] = mktime(23, 59, 59, $matches[2], $matches[1], $matches[3]); } else { $post['exp_time'] = 0; } $post['public'] = $nv_Request->get_int('public', 'post', 0); if ($post['public'] != 1) { $post['public'] = 0; } if (isset($post['id'])) { $query = "UPDATE `" . NV_GROUPS_GLOBALTABLE . "` SET \n `title`=" . $db->dbescape($post['title']) . ", \n `content`=" . $db->dbescape($post['content']) . ", \n `exp_time`='" . $post['exp_time'] . "', \n `public`= " . $post['public'] . " \n WHERE `group_id`=" . $post['id'] . " LIMIT 1"; $ok = $db->sql_query($query); } else { $query = "INSERT INTO `" . NV_GROUPS_GLOBALTABLE . "` \n VALUES (NULL, " . $db->dbescape($post['title']) . ", \n " . $db->dbescape($post['content']) . ", \n " . NV_CURRENTTIME . ", \n " . $post['exp_time'] . ", \n '', " . $post['public'] . ", " . ($groupcount + 1) . ", 1);"; $ok = $post['id'] = $db->sql_query_insert_id($query);
$msg = $numtitle > 0 ? false : true; return $msg; } $rowcat = array("id" => "", "catid" => "", "title" => "", "alias" => "", "url" => "", "urlimg" => "", "description" => "", "add_time" => "", "edit_time" => "", "hits_total" => "", "status" => 1); $error = ""; $id = $nv_Request->get_int('id', 'post,get', 0); $submit = $nv_Request->get_string('submit', 'post'); if (!empty($submit)) { $error = 0; $catid = $nv_Request->get_int('catid', 'post', 0); $title = filter_text_input('title', 'post', '', 1); $alias = filter_text_input('alias', 'post', '', 1); $parentid = $nv_Request->get_int('parentid', 'post', 0); $alias = $alias == "" ? change_alias($title) : change_alias($alias); $url = filter_text_input('url', 'post', ''); $image = filter_text_input('image', 'post', ''); if (!nv_is_url($image) and file_exists(NV_DOCUMENT_ROOT . $image)) { $lu = strlen(NV_BASE_SITEURL . NV_UPLOADS_DIR . "/"); if (substr($image, 0, $lu) == NV_BASE_SITEURL . NV_UPLOADS_DIR . "/") { $image = substr($image, $lu); } } $admin_phone = ""; $admin_email = ""; $note = ""; $description = filter_text_textarea('description', '', NV_ALLOWED_HTML_TAGS); $description = defined('NV_EDITOR') ? nv_editor_nl2br($description) : nv_nl2br($description, '<br />'); $status = $nv_Request->get_int('status', 'post') == 1 ? 1 : 0; //check url if (empty($url) || !nv_is_url($url) || !check_url($id, $url)) { $error = $lang_module['error_url'];
$xtpl = new XTemplate("ftp.tpl", NV_ROOTDIR . "/themes/" . $global_config['module_theme'] . "/modules/" . $module_file); $xtpl->assign('LANG', $lang_module); if ($sys_info['ftp_support']) { $array_config = array(); $array_config['ftp_server'] = filter_text_input('ftp_server', 'post', $global_config['ftp_server'], 1, 255); $array_config['ftp_port'] = filter_text_input('ftp_port', 'post', $global_config['ftp_port'], 1, 255); $array_config['ftp_user_name'] = filter_text_input('ftp_user_name', 'post', $global_config['ftp_user_name'], 1, 255); $array_config['ftp_user_pass'] = filter_text_input('ftp_user_pass', 'post', $global_config['ftp_user_pass'], 1, 255); $array_config['ftp_path'] = filter_text_input('ftp_path', 'post', $global_config['ftp_path'], 1, 255); $array_config['ftp_check_login'] = $global_config['ftp_check_login']; // Tu dong nhan dang Remove Path if ($nv_Request->isset_request('tetectftp', 'post')) { $ftp_server = nv_unhtmlspecialchars(filter_text_input('ftp_server', 'post', '', 1, 255)); $ftp_port = intval(filter_text_input('ftp_port', 'post', '21', 1, 255)); $ftp_user_name = nv_unhtmlspecialchars(filter_text_input('ftp_user_name', 'post', '', 1, 255)); $ftp_user_pass = nv_unhtmlspecialchars(filter_text_input('ftp_user_pass', 'post', '', 1, 255)); if (!$ftp_server or !$ftp_user_name or !$ftp_user_pass) { die('ERROR|' . $lang_module['ftp_error_full']); } if (!defined('NV_FTP_CLASS')) { require NV_ROOTDIR . '/includes/class/ftp.class.php'; } if (!defined('NV_BUFFER_CLASS')) { require NV_ROOTDIR . '/includes/class/buffer.class.php'; } $ftp = new NVftp($ftp_server, $ftp_user_name, $ftp_user_pass, array('timeout' => 10), $ftp_port); if (!empty($ftp->error)) { $ftp->close(); die('ERROR|' . (string) $ftp->error); } else { $list_valid = array(NV_CACHEDIR, NV_DATADIR, "images", "includes", "js", "language", NV_LOGS_DIR, "modules", NV_SESSION_SAVE_PATH, "themes", NV_TEMP_DIR, NV_UPLOADS_DIR);
$catdata['alias'] = filter_text_input('alias', 'post', '', 1); $catdata['image'] = filter_text_input('image', 'post', ''); $catdata['meta_title'] = filter_text_input('meta_title', 'post', '', 1); $catdata['meta_keywords'] = filter_text_input('meta_keywords', 'post', '', 1); $catdata['tags_cloud'] = $catdata['meta_keywords']; $catdata['meta_description'] = filter_text_input('meta_description', 'post', '', 1); $catdata['who_view'] = $nv_Request->get_int('who_view', 'post', 0); $groups_view = ""; if (!nv_is_url($catdata['image']) and file_exists(NV_DOCUMENT_ROOT . $catdata['image'])) { $lu = strlen(NV_BASE_SITEURL . NV_UPLOADS_DIR . "/" . $module_name . "/"); $catdata['image'] = substr($catdata['image'], $lu); } $groups = $nv_Request->get_typed_array('groups_view', 'post', 'int', array()); $groups = array_intersect($groups, array_keys($groups_list)); $catdata['groups_view'] = implode(",", $groups); $oldAdminArray = filter_text_input('old_admins', 'post', '', 1); if (empty($catdata['alias'])) { $catdata['alias'] = change_alias($catdata['title']); } $newAdminArray = array_unique($nv_Request->get_typed_array('adminids', 'post', 'int', array())); $old_parentid = $nv_Request->get_int('old_parentid', 'post', 0); $catdata['adminids'] = implode(',', $newAdminArray); if (empty($catdata['title'])) { $np->error[] = "- Chưa có tiêu đề"; } if ($catdata['catid'] > 0) { $np->CheckAdminAccess('listcatid', $catdata['catid']); $np->updateItem('category', $catdata, 'catid'); //np_create_CatDataTable( $catdata['catid'] ); if ($db->sql_affectedrows() > 0) { $np->setAdminRoll($newAdminArray, $oldAdminArray, 'admins', 'listcatid', 'userid', $catdata['catid']);
<?php /** * @Project NUKEVIET 3.x * @Author VINADES.,JSC (contact@vinades.vn) * @Copyright (C) 2012 VINADES.,JSC. All rights reserved * @Createdate 2-10-2010 18:49 */ if (!defined('NV_IS_FILE_ADMIN')) { die('Stop!!!'); } $title = filter_text_input('title', 'post', ''); $id = $nv_Request->get_int('id', 'post', 0); $alias = change_alias($title); list($number) = $db->sql_fetchrow($db->sql_query("SELECT COUNT(*) FROM `" . NV_PREFIXLANG . "_" . $module_data . "` WHERE `id` !=" . $id . " AND `alias` = " . $db->dbescape($alias) . "")); if (intval($number) > 0) { $result = $db->sql_query("SHOW TABLE STATUS WHERE `Name`='" . NV_PREFIXLANG . "_" . $module_data . "'"); $item = $db->sql_fetch_assoc($result); $db->sql_freeresult($result); if (isset($item['Auto_increment'])) { $alias = $alias . "-" . $item['Auto_increment']; } else { list($weight) = $db->sql_fetchrow($db->sql_query("SELECT COUNT(*) FROM `" . NV_PREFIXLANG . "_" . $module_data . "`")); $weight = intval($weight) + 1; $alias = $alias . "-" . $weight; } } include NV_ROOTDIR . "/includes/header.php"; echo $alias; include NV_ROOTDIR . "/includes/footer.php";
} } else { define('IS_ADD', true); $page_title = $lang_module['faq_addfaq']; } $groups_list = nv_groups_list(); $array_who = array($lang_global['who_view0'], $lang_global['who_view1'], $lang_global['who_view2']); if (!empty($groups_list)) { $array_who[] = $lang_global['who_view3']; } $array = array(); $is_error = false; $error = ""; if ($nv_Request->isset_request('submit', 'post')) { $array['catid'] = $nv_Request->get_int('catid', 'post', 0); $array['title'] = filter_text_input('title', 'post', '', 1); $array['question'] = filter_text_textarea('question', '', NV_ALLOWED_HTML_TAGS); $array['answer'] = nv_editor_filter_textarea('answer', '', NV_ALLOWED_HTML_TAGS); $alias = change_alias($array['title']); if (defined('IS_ADD')) { $sql = "SELECT COUNT(*) FROM `" . NV_PREFIXLANG . "_" . $module_data . "` WHERE `alias`=" . $db->dbescape($alias); $result = $db->sql_query($sql); list($is_exists) = $db->sql_fetchrow($result); } else { $sql = "SELECT COUNT(*) FROM `" . NV_PREFIXLANG . "_" . $module_data . "` WHERE `id`!=" . $id . " AND `alias`=" . $db->dbescape($alias); $result = $db->sql_query($sql); list($is_exists) = $db->sql_fetchrow($result); } if (empty($array['title'])) { $is_error = true; $error = $lang_module['faq_error_title'];
$error[] = $lang_module['banip_error_validip']; } if (empty($area)) { $error[] = $lang_module['banip_error_area']; } if (!empty($begintime) && preg_match("/^([0-9]{1,2})\\.([0-9]{1,2})\\.([0-9]{4})\$/", $begintime, $m)) { $begintime = mktime(0, 0, 0, $m[2], $m[1], $m[3]); } else { $begintime = NV_CURRENTTIME; } if (!empty($endtime) && preg_match("/^([0-9]{1,2})\\.([0-9]{1,2})\\.([0-9]{4})\$/", $endtime, $m)) { $endtime = mktime(0, 0, 0, $m[2], $m[1], $m[3]); } else { $endtime = 0; } $notice = filter_text_input('notice', 'post', '', 1); if (empty($error)) { if ($cid > 0) { $db->sql_query("UPDATE `" . $db_config['prefix'] . "_banip` SET `ip`=" . $db->dbescape($ip) . ", `mask`=" . $db->dbescape($mask) . ",`area`=" . $area . ",`begintime`=" . $begintime . ", `endtime`=" . $endtime . ", `notice`=" . $db->dbescape($notice) . " WHERE `id`=" . $cid . ""); } else { $db->sql_query("REPLACE INTO `" . $db_config['prefix'] . "_banip` VALUES (NULL, " . $db->dbescape($ip) . "," . $db->dbescape($mask) . ",{$area},{$begintime}, {$endtime}," . $db->dbescape($notice) . " )"); } $save = nv_save_file_banip(); if ($save !== true) { $xtpl->assign('MESSAGE', sprintf($lang_module['banip_error_write'], NV_DATADIR, NV_DATADIR)); $xtpl->assign('CODE', str_replace(array("\n", "\t"), array("<br />", " "), nv_htmlspecialchars($save))); $xtpl->parse('main.manual_save'); } else { Header('Location: ' . NV_BASE_ADMINURL . 'index.php?' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=' . $op . '&rand=' . nv_genpass()); die; }
<?php /** * @Project NUKEVIET 3.x * @Author VINADES.,JSC (contact@vinades.vn) * @Copyright (C) 2012 VINADES.,JSC. All rights reserved * @Createdate 3/25/2010 21:7 */ if (!defined('NV_IS_MOD_BANNERS')) { die('Stop!!!'); } global $global_config, $module_name, $module_info, $lang_module, $banner_client_info; if (defined('NV_IS_BANNER_CLIENT')) { $type = filter_text_input('type', 'post,get', 'country', 1); $month = $nv_Request->get_int('month', 'post,get'); $ads = $nv_Request->get_int('ads', 'post,get'); $year = (int) date('Y'); $month_array = array('1' => 31, '3' => 31, '4' => 30, '5' > 31, '6' => 30, '7' => 31, '8' => 31, '9' => 30, '10' => 31, '11' => 30, '12' => 31); $month_array['2'] = $year % 100 == 0 && $year % 400 == 0 ? 29 : 28; $firstdate = mktime(0, 0, 0, $month, 1, $year); $enddate = mktime(24, 60, 60, $month, $month_array[$month], $year); $onetype = ''; switch ($type) { case 'country': $onetype = 'click_country'; break; case 'browser': $onetype = 'click_browse_name'; break; case 'os': $onetype = 'click_os_name';