/** * nv_list_cats() * * @param bool $is_link * @param bool $is_parentlink * @return */ function nv_list_cats($is_link = false, $is_parentlink = true) { global $db, $module_data, $module_name, $module_info; $sql = "SELECT * FROM `" . NV_PREFIXLANG . "_" . $module_data . "_categories` WHERE `status`=1 ORDER BY `parentid`,`weight` ASC"; $result = $db->sql_query($sql); $list = array(); while ($row = $db->sql_fetchrow($result)) { if (nv_set_allow($row['who_view'], $row['groups_view'])) { $list[$row['id']] = array('id' => (int) $row['id'], 'title' => $row['title'], 'alias' => $row['alias'], 'description' => $row['description'], 'parentid' => (int) $row['parentid'], 'subcats' => array(), 'keywords' => $row['keywords']); } } $list2 = array(); if (!empty($list)) { foreach ($list as $row) { if (!$row['parentid'] or isset($list[$row['parentid']])) { $list2[$row['id']] = $list[$row['id']]; $list2[$row['id']]['name'] = $list[$row['id']]['title']; if ($is_link) { $list2[$row['id']]['name'] = "<a href=\"" . NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=" . $list2[$row['id']]['alias'] . "\">" . $list2[$row['id']]['name'] . "</a>"; } if ($row['parentid']) { $list2[$row['parentid']]['subcats'][] = $row['id']; $list2[$row['id']]['name'] = nv_setcats($row['parentid'], $list, $list2[$row['id']]['name'], $is_parentlink); } if ($is_parentlink) { $list2[$row['id']]['name'] = "<a href=\"" . NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "\">" . $module_info['custom_title'] . "</a> » " . $list2[$row['id']]['name']; } } } } return $list2; }
function nv_mod_down_config($module_data) { global $site_mods, $module_info; $sql = "SELECT `config_name`,`config_value` FROM `" . NV_PREFIXLANG . "_" . $module_data . "_config`"; $list = nv_db_cache($sql); $download_config = array(); foreach ($list as $values) { $download_config[$values['config_name']] = $values['config_value']; } $download_config['upload_filetype'] = !empty($download_config['upload_filetype']) ? explode(",", $download_config['upload_filetype']) : array(); if (!empty($download_config['upload_filetype'])) { $download_config['upload_filetype'] = array_map("trim", $download_config['upload_filetype']); } if (empty($download_config['upload_filetype'])) { $download_config['is_upload'] = 0; } if ($download_config['is_addfile']) { $download_config['is_addfile_allow'] = nv_set_allow($download_config['who_addfile'], $download_config['groups_addfile']); } else { $download_config['is_addfile_allow'] = false; } if ($download_config['is_addfile_allow'] and $download_config['is_upload']) { $download_config['is_upload_allow'] = nv_set_allow($download_config['who_upload'], $download_config['groups_upload']); } else { $download_config['is_upload_allow'] = false; } $download_config['is_autocomment_allow'] = nv_set_allow($download_config['who_autocomment'], $download_config['groups_autocomment']); return $download_config; }
/** * nv_sdown_cats() * * @param mixed $module_data * @return */ function nv_sdown_cats($module_data) { global $db; $sql = "SELECT `id`, `title`, `alias`, `who_view`, `groups_view` FROM `" . NV_PREFIXLANG . "_" . $module_data . "_categories` WHERE `status`=1"; $result = $db->sql_query($sql); $list = array(); while ($row = $db->sql_fetchrow($result)) { if (nv_set_allow($row['who_view'], $row['groups_view'])) { $list[$row['id']] = array('id' => (int) $row['id'], 'title' => $row['title'], 'alias' => $row['alias']); } } return $list; }
function nv_block_voting_select($block_config, $global_array_cat) { global $module_info, $global_config, $db, $site_mods, $module_name, $my_head, $client_info; $module = $block_config['module']; $mod_data = $site_mods[$module]['module_data']; $sql = "SELECT `vid`, `question`, `link`, `acceptcm`, `who_view`, `groups_view`, `publ_time`, `exp_time` \n FROM `" . NV_PREFIXLANG . "_" . $site_mods['voting']['module_data'] . "` \n WHERE `act`=1"; $list = nv_db_cache($sql, 'vid', 'voting'); if (isset($list[$block_config['vid']])) { $current_voting = $list[$block_config['vid']]; if ($current_voting['publ_time'] <= NV_CURRENTTIME and nv_set_allow($current_voting['who_view'], $current_voting['groups_view'])) { $sql = "SELECT `id`, `vid`, `title`, `url` FROM `" . NV_PREFIXLANG . "_" . $site_mods['voting']['module_data'] . "_rows` \n WHERE `vid` = " . $block_config['vid'] . " ORDER BY `id` ASC"; $list = nv_db_cache($sql, '', 'voting'); if (empty($list)) { return ""; } include NV_ROOTDIR . "/modules/" . $site_mods['voting']['module_file'] . "/language/" . NV_LANG_INTERFACE . ".php"; if (file_exists(NV_ROOTDIR . "/themes/" . $global_config['module_theme'] . "/modules/" . $site_mods['voting']['module_file'] . "/global.voting.tpl")) { $block_theme = $global_config['module_theme']; } elseif (file_exists(NV_ROOTDIR . "/themes/" . $global_config['site_theme'] . "/modules/" . $site_mods['voting']['module_file'] . "/global.voting.tpl")) { $block_theme = $global_config['site_theme']; } else { $block_theme = "default"; } if (!defined('SHADOWBOX')) { $my_head .= "<link rel=\"Stylesheet\" href=\"" . NV_BASE_SITEURL . "js/shadowbox/shadowbox.css\" />\n"; $my_head .= "<script type=\"text/javascript\" src=\"" . NV_BASE_SITEURL . "js/shadowbox/shadowbox.js\"></script>\n"; $my_head .= "<script type=\"text/javascript\">Shadowbox.init();</script>"; define('SHADOWBOX', true); } $my_head .= "<script type=\"text/javascript\" src=\"" . NV_BASE_SITEURL . "modules/" . $site_mods['voting']['module_file'] . "/js/user.js\"></script>\n"; $action = NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=voting"; $voting_array = array("checkss" => md5($current_voting['vid'] . $client_info['session_id'] . $global_config['sitekey']), "accept" => $current_voting['acceptcm'], "errsm" => $current_voting['acceptcm'] > 1 ? sprintf($lang_module['voting_warning_all'], $current_voting['acceptcm']) : $lang_module['voting_warning_accept1'], "vid" => $current_voting['vid'], "question" => empty($current_voting['link']) ? $current_voting['question'] : '<a target="_blank" href="' . $current_voting['link'] . '">' . $current_voting['question'] . '</a>', "action" => $action, "langresult" => $lang_module['voting_result'], "langsubmit" => $lang_module['voting_hits']); $xtpl = new XTemplate("global.voting.tpl", NV_ROOTDIR . "/themes/" . $block_theme . "/modules/" . $site_mods['voting']['module_file']); $xtpl->assign('VOTING', $voting_array); foreach ($list as $row) { if (!empty($row['url'])) { $row['title'] = '<a target="_blank" href="' . $row['url'] . '">' . $row['title'] . '</a>'; } $xtpl->assign('RESULT', $row); if ((int) $current_voting['acceptcm'] > 1) { $xtpl->parse('main.resultn'); } else { $xtpl->parse('main.result1'); } } $xtpl->parse('main'); return $xtpl->text('main'); } } }
function nv_bdown_news($block_config) { global $db, $module_info, $site_mods; $module = $block_config['module']; $file = $site_mods[$module]['module_file']; // Lay thong tin phan quyen $sql = "SELECT `id`, `alias`, `who_view`, `groups_view` FROM `" . NV_PREFIXLANG . "_" . $site_mods[$module]['module_data'] . "_categories` WHERE `status`=1"; $_tmp = nv_db_cache($sql, 'id', $module); $list_cat = array(); if ($_tmp) { foreach ($_tmp as $row) { if (nv_set_allow($row['who_view'], $row['groups_view'])) { $list_cat[$row['id']] = $row['alias']; } } } unset($_tmp, $sql); if ($list_cat) { $sql = "SELECT `id`, `catid`, `title`, `alias`, `updatetime` FROM `" . NV_PREFIXLANG . "_" . $site_mods[$module]['module_data'] . "` WHERE `status` AND `catid` IN(" . implode(",", array_keys($list_cat)) . ") ORDER BY `updatetime` DESC LIMIT 0 , " . $block_config['numrow']; $list = nv_db_cache($sql, 'id', $module); if (!empty($list)) { if (file_exists(NV_ROOTDIR . "/themes/" . $module_info['template'] . "/modules/" . $file . "/block_new_files.tpl")) { $block_theme = $module_info['template']; } else { $block_theme = "default"; } $xtpl = new XTemplate("block_new_files.tpl", NV_ROOTDIR . "/themes/" . $block_theme . "/modules/" . $file); $xtpl->assign('CONFIG', $block_config); foreach ($list as $row) { $row['link'] = NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module . "&" . NV_OP_VARIABLE . "=" . $list_cat[$row['catid']] . "/" . $row['alias']; $row['updatetime'] = nv_date("d/m/Y", $row['updatetime']); $row['stitle'] = nv_clean60($row['title'], $block_config['title_length']); $xtpl->assign('ROW', $row); if ($block_config['img_bullet']) { $xtpl->parse('main.loop.bullet'); } $xtpl->parse('main.loop'); } $xtpl->parse('main'); return $xtpl->text('main'); } } }
if ($checkss != md5($vid . $client_info['session_id'] . $global_config['sitekey']) or $vid <= 0 or $lid == '') { header("location:" . $global_config['site_url']); exit; } $sql = "SELECT `vid`, `question`,`acceptcm`, `who_view`, `groups_view`, `publ_time`, `exp_time` \r\n FROM `" . NV_PREFIXLANG . "_" . $module_data . "` \r\n WHERE `act`=1"; $list = nv_db_cache($sql, 'vid', 'voting'); if (empty($list) or !isset($list[$vid])) { header("location:" . $global_config['site_url']); exit; } $row = $list[$vid]; if ((int) $row['exp_time'] < 0 or (int) $row['exp_time'] > 0 and $row['exp_time'] < NV_CURRENTTIME) { header("location:" . $global_config['site_url']); exit; } if (!nv_set_allow($row['who_view'], $row['groups_view'])) { header("location:" . $global_config['site_url']); exit; } $difftimeout = 3600; $dir = NV_ROOTDIR . '/' . NV_LOGS_DIR . '/voting_logs'; $log_fileext = preg_match("/[a-z]+/i", NV_LOGS_EXT) ? NV_LOGS_EXT : 'log'; $pattern = "/^(.*)\\." . $log_fileext . "\$/i"; $logs = nv_scandir($dir, $pattern); if (!empty($logs)) { foreach ($logs as $file) { $vtime = filemtime($dir . '/' . $file); if (!$vtime or $vtime <= NV_CURRENTTIME - $difftimeout) { @unlink($dir . '/' . $file); } }
$session_files = serialize($session_files); $nv_Request->set_Session('session_files', $session_files); $row['filesize'] = !empty($row['filesize']) ? nv_convertfromBytes($row['filesize']) : $lang_module['unknown']; $img = NV_UPLOADS_DIR . $row['fileimage']; $row['fileimage'] = nv_ImageInfo(NV_ROOTDIR . '/' . $img, 300, true, NV_UPLOADS_REAL_DIR . '/' . $module_name . '/thumb'); $dfile = $nv_Request->get_string('dfile', 'session', ''); $dfile = !empty($dfile) ? unserialize($dfile) : array(); if (!in_array($row['id'], $dfile)) { $dfile[] = $row['id']; $dfile = serialize($dfile); $nv_Request->set_Session('dfile', $dfile); $sql = "UPDATE `" . NV_PREFIXLANG . "_" . $module_data . "` SET `view_hits`=view_hits+1 WHERE `id`=" . $row['id']; $db->sql_query($sql); ++$row['view_hits']; } $row['is_comment_allow'] = $row['comment_allow'] ? nv_set_allow($row['who_comment'], $row['groups_comment']) : false; $row['rating_point'] = 0; if (!empty($row['rating_detail'])) { $row['rating_detail'] = explode("|", $row['rating_detail']); if ($row['rating_detail'][1]) { $row['rating_point'] = round((int) $row['rating_detail'][0] / (int) $row['rating_detail'][1]); } } $row['rating_string'] = $lang_module['file_rating' . $row['rating_point']]; if ($row['rating_point']) { $row['rating_string'] = $lang_module['file_rating_note3'] . ": " . $row['rating_string']; } $flrt = $nv_Request->get_string('flrt', 'session', ''); $flrt = !empty($flrt) ? unserialize($flrt) : array(); $row['rating_disabled'] = !in_array($row['id'], $flrt) ? false : true; $row['edit_link'] = NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&edit=1&id=" . (int) $row['id'];
/** * nv_menu_site() * * @param mixed $block_config * @return */ function nv_menu_site($block_config) { global $db; $list_cats = array(); $sql = "SELECT `id`, `parentid`, `title`, `link`, `note`, `subitem`, `who_view`, `groups_view`, `module_name`, `op`, `target`, `css`, `active_type` FROM `" . NV_PREFIXLANG . "_menu_rows` WHERE `status`=1 AND `mid` = " . $block_config['menuid'] . " ORDER BY `weight` ASC"; $list = nv_db_cache($sql, '', 'menu'); foreach ($list as $row) { if (nv_set_allow($row['who_view'], $row['groups_view'])) { switch ($row['target']) { case 1: $row['target'] = ''; break; default: $row['target'] = ' onclick="this.target=\'_blank\'"'; } $list_cats[$row['id']] = array('id' => $row['id'], 'parentid' => $row['parentid'], 'subcats' => $row['subitem'], 'title' => nv_clean60($row['title'], $block_config['title_length']), 'target' => $row['target'], 'note' => ($block_config['is_viewdes'] and $row['note']) ? $row['note'] : $row['title'], 'link' => nv_url_rewrite(nv_unhtmlspecialchars($row['link']), true), 'html_class' => $row['css'], 'current' => nv_bmenu_check_currit($row['link'], (int) $row['active_type'])); } } if ($block_config['type'] == 1) { $style = 'with_supersubs'; return nv_style_type($style, $list_cats, $block_config); } elseif ($block_config['type'] == 2) { $style = 'nav_bar'; return nv_style_type($style, $list_cats, $block_config); } elseif ($block_config['type'] == 3) { $style = 'vertical'; return nv_style_type($style, $list_cats, $block_config); } elseif ($block_config['type'] == 4) { $style = 'treeview'; return nv_style_type($style, $list_cats, $block_config); } elseif ($block_config['type'] == 5) { return nv_style_type5($list_cats, $block_config); } elseif ($block_config['type'] == 7) { return nv_style_type7($list_cats, $block_config); } elseif ($block_config['type'] == 8) { return nv_style_type8($list_cats, $block_config); } else { $style = 'side_menu_bar'; return nv_style_type($style, $list_cats, $block_config); } }
} //if ( ! defined( 'NV_IS_AJAX' ) ) die( 'Wrong URL' ); $list_cats = nv_list_cats(true); //dang thao luan if ($nv_Request->isset_request('ajax', 'post')) { if (!empty($list_cats)) { $in = implode(",", array_keys($list_cats)); $id = $nv_Request->get_int('id', 'post', 0); $data = $error = array(); if ($id) { $query = "SELECT `who_comment`, `groups_comment` FROM `" . NV_PREFIXLANG . "_" . $module_data . "` WHERE `id`=" . $id . " AND `catid` IN (" . $in . ") AND `status`=1 AND `comment_allow`=1"; $result = $db->sql_query($query); $numrows = $db->sql_numrows($result); if ($numrows) { list($who_comment, $groups_comment) = $db->sql_fetchrow($result); if (nv_set_allow($who_comment, $groups_comment)) { $uname = filter_text_input('uname', 'post', '', 1); $uemail = filter_text_input('uemail', 'post', ''); $subject = filter_text_input('subject', 'post', '', 1); $content = filter_text_textarea('content', '', NV_ALLOWED_HTML_TAGS); $seccode = filter_text_input('seccode', 'post', ''); $post_id = 0; if (defined('NV_IS_USER')) { $uname = !empty($user_info['full_name']) ? $user_info['full_name'] : $user_info['username']; $uemail = $user_info['email']; $post_id = $user_info['userid']; } if (!nv_capcha_txt($seccode)) { $error[] = $lang_module['comment_error2']; } if (empty($uname) or nv_strlen($uname) < 3) {
/** * nv_block_voting() * * @return */ function nv_block_voting() { global $db, $my_head, $site_mods, $global_config, $client_info; $content = ""; if (!isset($site_mods['voting'])) { return ""; } $sql = "SELECT `vid`, `question`,`acceptcm`, `who_view`, `groups_view`, `publ_time`, `exp_time` \r\n FROM `" . NV_PREFIXLANG . "_" . $site_mods['voting']['module_data'] . "` \r\n WHERE `act`=1"; $list = nv_db_cache($sql, 'vid', 'voting'); if (empty($list)) { return ""; } $allowed = array(); $is_update = array(); $a = 0; foreach ($list as $row) { if ((int) $row['exp_time'] < 0 or (int) $row['exp_time'] > 0 and $row['exp_time'] < NV_CURRENTTIME) { $is_update = $row['vid']; } else { if (nv_set_allow($row['who_view'], $row['groups_view'])) { $allowed[$a] = $row; $a++; } } } if (!empty($is_update)) { $is_update = implode(",", $is_update); $sql = "UPDATE `" . NV_PREFIXLANG . "_" . $site_mods['voting']['module_data'] . "` \r\n SET `act`=0 WHERE `id` IN (" . $is_update . ")"; $db->sql_query($sql); nv_del_moduleCache('voting'); } if ($allowed) { $a--; $rand = rand(0, $a); $current_voting = $allowed[$rand]; $sql = "SELECT `id`, `vid`, `title` FROM `" . NV_PREFIXLANG . "_" . $site_mods['voting']['module_data'] . "_rows` \r\n WHERE `vid` = " . $current_voting['vid'] . " ORDER BY `id` ASC"; $list = nv_db_cache($sql, '', 'voting'); if (empty($list)) { return ""; } include_once NV_ROOTDIR . "/modules/" . $site_mods['voting']['module_file'] . "/language/" . NV_LANG_INTERFACE . ".php"; if (file_exists(NV_ROOTDIR . "/themes/" . $global_config['module_theme'] . "/modules/" . $site_mods['voting']['module_file'] . "/global.voting.tpl")) { $block_theme = $global_config['module_theme']; } elseif (file_exists(NV_ROOTDIR . "/themes/" . $global_config['site_theme'] . "/modules/" . $site_mods['voting']['module_file'] . "/global.voting.tpl")) { $block_theme = $global_config['site_theme']; } else { $block_theme = "default"; } if (!defined('SHADOWBOX')) { $my_head .= "<link rel=\"Stylesheet\" href=\"" . NV_BASE_SITEURL . "js/shadowbox/shadowbox.css\" />\n"; $my_head .= "<script type=\"text/javascript\" src=\"" . NV_BASE_SITEURL . "js/shadowbox/shadowbox.js\"></script>\n"; $my_head .= "<script type=\"text/javascript\">Shadowbox.init();</script>"; define('SHADOWBOX', true); } $my_head .= "<script type=\"text/javascript\" src=\"" . NV_BASE_SITEURL . "modules/" . $site_mods['voting']['module_file'] . "/js/user.js\"></script>\n"; $action = NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=voting"; $voting_array = array("checkss" => md5($current_voting['vid'] . $client_info['session_id'] . $global_config['sitekey']), "accept" => (int) $current_voting['acceptcm'], "errsm" => (int) $current_voting['acceptcm'] > 1 ? sprintf($lang_module['voting_warning_all'], (int) $current_voting['acceptcm']) : $lang_module['voting_warning_accept1'], "vid" => $current_voting['vid'], "question" => $current_voting['question'], "action" => $action, "langresult" => $lang_module['voting_result'], "langsubmit" => $lang_module['voting_hits']); $xtpl = new XTemplate("global.voting.tpl", NV_ROOTDIR . "/themes/" . $block_theme . "/modules/" . $site_mods['voting']['module_file']); $xtpl->assign('VOTING', $voting_array); foreach ($list as $row) { $xtpl->assign('RESULT', $row); if ((int) $current_voting['acceptcm'] > 1) { $xtpl->parse('main.resultn'); } else { $xtpl->parse('main.result1'); } } $xtpl->parse('main'); $content = $xtpl->text('main'); } return $content; }