function __construct() { Form::Form('HeaderForm'); if (User::have_permit(ADMIN_LOGO)) { $this->link_css('style/aznet/ui.datepicker.css'); $this->link_js('javascript/jquery/ui.datepicker.js'); } if (User::is_login() && User::level()) { $this->link_header("<script>MM_preloadImages('style/images/newCart/icon_del.gif','style/images/newCart/Mua.png');</script>"); } // session session_id() CGlobal::$cart_sess_id = isset($_COOKIE['cart_sess_id']) ? $_COOKIE['cart_sess_id'] : ''; if (CGlobal::$cart_sess_id) { AZLib::my_setcookie('cart_sess_id', session_id(), time() + 3600 * 24 * 365); } $this->link_js(FOLDER_JS . 'jquery.min.js'); $this->link_js(FOLDER_JS . 'jquery-ui.js'); $this->link_js(FOLDER_JS . 'jcarousellite_1.0.1c4.js'); $this->link_js(FOLDER_JS . 'ui/jquery.ui.core.js'); $this->link_js(FOLDER_JS . 'ui/jquery.ui.widget.js'); $this->link_js(FOLDER_JS . 'ui/jquery.ui.tabs.js'); $this->link_js('static/lightbox/js/jquery.lightbox-0.5.js'); $this->link_js('static/adgallery/jquery.ad-gallery.js'); $this->link_css(FOLDER_CSS . 'menu.css@lang=vi-vn.css'); $this->link_css(FOLDER_CSS . 'sanpham.css@lang=vi-vn.css'); $this->link_css(FOLDER_CSS . 'style.css@lang=vi-vn.css'); $this->link_css(FOLDER_CSS . 'style_new.css@lang=vi-vn.css'); $this->link_css(FOLDER_CSS . 'tintuc.css@lang=vi-vn.css'); $this->link_css(FOLDER_CSS . 'trangchu.css@lang=vi-vn.css'); $this->link_css(FOLDER_CSS . 'custom.css'); $this->link_css(FOLDER_CSS . 'home.css'); $this->link_css(FOLDER_CSS . 'base/jquery.ui.all.css'); $this->link_css('static/lightbox/css/jquery.lightbox-0.5.css'); $this->link_css('static/adgallery/jquery.ad-gallery.css'); }
function on_submit() { if (Cart::$cart && Cart::$cart_items) { $user_id = User::id(); $user_name = User::user_name(); $customer_name = URL::get('customer_name'); $customer_email = URL::get('customer_email'); $customer_phone = URL::get('customer_phone'); $customer_address = URL::get('customer_address'); $customer_note = URL::get('customer_note'); $this->checkFormInput("Tên đầy đủ", 'customer_name', $customer_name, 'str', true, '', 2, 50); $this->checkFormInput("Email", 'customer_email', $customer_email, 'email', true, '', false, 50); $this->checkFormInput("Điện thoại liên hệ", 'customer_phone', $customer_phone, 'str', true, '', 9, 50); $this->checkFormInput("Địa chỉ", 'customer_address', $customer_address, 'str', true, '', false, 500); $this->checkFormInput("Ghi chú", 'customer_note', $customer_note, 'str', false, '', false, 500); if (!$this->errNum) { $status = 1; if (Url::get('cart_act') == 'send_cart') { $status = 2; } $arr = array('user_id' => $user_id, 'user_name' => $user_name, 'customer_name' => addslashes($customer_name), 'customer_email' => addslashes($customer_email), 'customer_phone' => addslashes($customer_phone), 'customer_address' => addslashes($customer_address), 'customer_note' => addslashes($customer_note), 'time_change' => TIME_NOW, 'status' => $status); if ($status == 2) { $arr['time_finish'] = TIME_NOW; } if (DB::update('cart', $arr, "id=" . Cart::$cart['id'], __LINE__ . __FILE__)) { if ($status == 2) { DB::update("cart_item", array('status' => $status), "cart_id=" . Cart::$cart['id'] . " AND checked=1"); //0:Chưa TT; 1: Đã gửi đơn hàng; 2:Đã TT; 3: Hủy đơn hàng AZLib::my_setcookie('cart_items', '', time() + 3600 * 24 * 365); URL::redirect_current(array('cmd' => 'success')); } else { URL::redirect_current(array('cmd')); } } else { $this->setFormError("customer_name", "Không cập nhật được, mời bạn thử lại!"); } } } }
function draw() { $this->beginForm(); global $display; $search_value = ''; $display->add('up_checked', 'checked="checked"'); if (Url::get('root_img')) { $search_value .= ($search_value != '' ? ' AND ' : ' WHERE') . ' root_id=0 '; $display->add('root_img_checked', 'checked="checked"'); } else { //$search_value.=($search_value!=''?' AND ':' WHERE').' img.root_id>0 '; $display->add('root_img_checked', ''); } if (Url::get('no_item_img')) { $search_value .= ($search_value != '' ? ' AND ' : ' WHERE') . ' item_id=0 '; $display->add('no_item_img_checked', 'checked="checked"'); } else { //$search_value.=($search_value!=''?' AND ':' WHERE').' root_id>0 '; $display->add('no_item_img_checked', ''); } // search ô textbox if (Url::get('user_name') != '') { $search_value .= ($search_value != '' ? ' AND ' : ' WHERE') . ' user_name LIKE "%' . Url::get('user_name') . '%" '; } //search theo ngay thang nam $created_time_from = 0; $created_time_to = 0; $current_time_from = null; $current_time_to = null; if (Url::get('created_time_from')) { $current_time_from = Url::get('created_time_from'); $date_arr = explode('-', $current_time_from); if (isset($date_arr[0]) && isset($date_arr[1]) && isset($date_arr[2])) { $created_time_from = mktime(0, 0, 0, (int) $date_arr[1], (int) $date_arr[0], (int) $date_arr[2]); } } if (Url::get('created_time_to')) { $current_time_to = Url::get('created_time_to'); $date_arr = explode('-', $current_time_to); if (isset($date_arr[0]) && isset($date_arr[1]) && isset($date_arr[2])) { $created_time_to = mktime(23, 59, 59, (int) $date_arr[1], (int) $date_arr[0], (int) $date_arr[2]); } } if ($created_time_from) { $search_value .= ($search_value != '' ? ' AND ' : ' WHERE') . ' time >= ' . $created_time_from; } if ($created_time_to) { $search_value .= ($search_value != '' ? ' AND ' : ' WHERE') . ' time <= ' . $created_time_to; } if ($search_value == '') { //create current date $date = Date('d-m-Y'); $current_time_from = $date; $date_arr = explode('-', $current_time_from); if (isset($date_arr[0]) && isset($date_arr[1]) && isset($date_arr[2])) { $created_time_from = mktime(0, 0, 0, (int) $date_arr[1], (int) $date_arr[0], (int) $date_arr[2]); } $current_time_to = $date; $date_arr = explode('-', $current_time_to); if (isset($date_arr[0]) && isset($date_arr[1]) && isset($date_arr[2])) { $created_time_to = mktime(23, 59, 59, (int) $date_arr[1], (int) $date_arr[0], (int) $date_arr[2]); } if ($created_time_from) { $search_value .= ($search_value != '' ? ' AND ' : ' WHERE') . ' time >= ' . $created_time_from; } if ($created_time_to) { $search_value .= ($search_value != '' ? ' AND ' : ' WHERE') . ' time <= ' . $created_time_to; } } $display->add('created_time_from', $current_time_from); $display->add('created_time_to', $current_time_to); $item_per_page = 120; $sql_count = 'SELECT count(*) AS total_img FROM item_image ' . $search_value; $total = DB::fetch($sql_count, 'total_img', 0); $items = array(); if ($total) { $limit = ''; $paging = AZPagging::pagingSE($limit, $total, $item_per_page, 10, 'page_no', true); $sql = 'SELECT id,img_server, img_url,item_id, title, des, time, user_name, user_id, img_server FROM `item_image`'; $sql .= $search_value . ' ORDER BY id ASC ' . $limit; $item_ids = ''; $re = DB::query($sql); if ($re) { while ($row = mysql_fetch_assoc($re)) { $row['link_gallery'] = WEB_DIR . AZRewrite::formatUrl('?page=gallery&user_id=' . $row['user_id'] . '&year=' . date('Y', $row['time']) . '&month=' . (int) date('m', $row['time']) . '&day=' . (int) date('d', $row['time'])); if (date('d.m.y', $row['time']) == date('d.m.y', TIME_NOW)) { $row['time'] = date('H:i', $row['time']); } elseif (date('y', $row['time']) == date('y', TIME_NOW)) { $row['time'] = date('d/m H:i', $row['time']); } else { $row['time'] = date('d/m/y H:i', $row['time']); } //if(!eregi('/',$row['img_url'])){ // $row['link_img']='http://'.CGlobal::$img_server[$row['img_server']].'uploaded/items/'.$row['img_url']; //} //else{ $row['link_img'] = 'http://' . CGlobal::$img_server[$row['img_server']] . $row['img_url']; //} if ($row['item_id']) { $item_ids .= ($item_ids ? ',' : '') . $row['item_id']; if (isset($row['name'])) { $row['item_link'] = WEB_DIR . AZRewrite::formatUrl("?page=item_detail&id={$row['item_id']}&ebname=" . AZLib::safe_title($row['name'])); if (date('d.m.y', $row['created_time']) == date('d.m.y', TIME_NOW)) { $row['created_time'] = date('H:i', $row['created_time']); } elseif (date('y', $row['created_time']) == date('y', TIME_NOW)) { $row['created_time'] = date('d/m H:i', $row['created_time']); } else { $row['created_time'] = date('d/m/y H:i', $row['created_time']); } } else { $row['item_link'] = WEB_DIR . AZRewrite::formatUrl("?page=item_detail&id={$row['item_id']}"); $row['created_time'] = ''; } $row['title'] = stripslashes($row['title']); } else { $row['title'] = stripslashes($row['des']); $row['created_time'] = ''; $row['item_link'] = ''; } $row['image_thumb'] = AZLib::getImageThumb($row['img_url'], 110, 0, 1, $row["img_server"]); $row['image_max'] = AZLib::getImageThumbMax($row['img_url'], $row['title'], 1, $row["img_server"]); $row['images_url_root'] = 'http://' . CGlobal::$img_server[$row['img_server']]; $row['del_link'] = Url::build_all(array('chk_id', 'del_all', 'cmd', 'id'), 'cmd=delete&id=' . $row['id']); $items[$row['id']] = $row; } if ($item_ids) { $all_items = array(); $sql = "SELECT id, name, created_time FROM item WHERE id IN({$item_ids})"; $re = DB::query($sql); if ($re) { while ($item = mysql_fetch_assoc($re)) { $all_items[$item['id']] = $item; } } foreach ($items as &$item_img) { if ($item_img['item_id'] && isset($all_items[$item_img['item_id']])) { $item_img['item_link'] = WEB_DIR . AZRewrite::formatUrl("?page=item_detail&id={$item_img['item_id']}&ebname=" . AZLib::safe_title($all_items[$item_img['item_id']]['name'])); if (date('d.m.y', $all_items[$item_img['item_id']]['created_time']) == date('d.m.y', TIME_NOW)) { $item_img['created_time'] = date('H:i', $all_items[$item_img['item_id']]['created_time']); } elseif (date('y', $all_items[$item_img['item_id']]['created_time']) == date('y', TIME_NOW)) { $item_img['created_time'] = date('d/m H:i', $all_items[$item_img['item_id']]['created_time']); } else { $item_img['created_time'] = date('d/m/y H:i', $all_items[$item_img['item_id']]['created_time']); } } else { $item_img['item_link'] = ''; $item_img['created_time'] = ''; } } } } } else { $paging = ''; } AZLib::my_setcookie("page_img_id", Url::get("page_no") != "" ? intval(Url::get("page_no")) : 1, 60 * 60 * 24 * 365 + TIME_NOW); $display->add("uri", CGlobal::$request_uri); $display->add("images_url_root", 'http://' . CGlobal::$img_server[IMAGE_SERVER_NO]); $display->add('user_name', Url::get('user_name')); $display->add('item_title', Url::get('item_title')); $display->add('items', $items); $display->add('paging', $paging); $display->output('ManageImage'); $this->endForm(); }
function login_user() { $user_name = trim(AZLib::getParam('user')); $pass = Url::get('pass'); // check de ban IP $ip = AZLib::ip(); $arr_badwords = AZLib::checkBadWord($ip, true); if ($arr_badwords["bad"] != "" && $arr_badwords["bad_key"] != "") { echo "unsuccess"; exit; } // end check de ban IP if (strlen($user_name) < 3 || strlen($user_name) > 50 || preg_match('/[^A-Za-z0-9_]/', $user_name) || strlen($pass) < 6) { echo 'nodata'; exit; } $user = str_replace(array('"', '\\'), '_', $user_name); $user_data = DB::fetch('SELECT id,password,is_active,block_time FROM user WHERE user_name="' . $user . '"'); if (!USER_ACTIVE_ON && $user_data && $user_data['is_active']) { DB::query("UPDATE user SET is_active=0 WHERE id=" . $user_data['id']); DB::delete('user_active', 'user_id=' . $user_data['id']); User::getUser($user_data['id'], 0, 1); } if ($user_data['block_time'] == -1) { echo 'unsuccess'; exit; } elseif ($user_data && $user_data['password'] == User::encode_password($pass)) { if (USER_ACTIVE_ON && $user_data['is_active']) { //Chưa kích hoạt echo 'un_active'; } else { if ($user_data['block_time'] > TIME_NOW || $user_data['block_time'] == -1) { //Bị khóa hoặc khóa vĩnh viễn $alert = ''; $user_lock = DB::select('user_lock', 'user_id=' . $user_data['id'] . ' AND type IN(0,1,3) ORDER BY id DESC'); if ($user_lock) { if ($user_lock['type'] == 1) { //Khoá vĩnh viễn User::LogOut(); DB::delete(_SESS_TABLE, 'user_id=' . $user_id, __LINE__ . __FILE__); exit; } elseif ($user_lock['type'] == 3) { //Khoá vĩnh viễn + cookie User::lock4Ever(true, $user_data['id']); exit; } else { if ($user_lock['note']) { $user_lock['note'] = "\n" . 'Lý do:"' . str_replace(array('"', "'"), '', $user_lock['note']) . '"'; } $alert = 'Tài khoản của bạn đang tạm khoá tới ' . date('H:i, d/m/Y', $user_data['block_time']) . '!' . $user_lock['note']; } } $_SESSION['user_lock'] = true; } if (Url::get('set_cookie') == 'on') { $year = 60 * 60 * 24 * 365 + TIME_NOW; AZLib::my_setcookie("az_id", $user_data['id'], $year); AZLib::my_setcookie("password", $user_data['password'], $year); } $_SESSION['is_load_page_first'] = 1; // dung jQueryUI de load bang thong bao User::LogIn($user_data['id']); if (isset($_SESSION['user_lock']) && $_SESSION['user_lock']) { echo $alert; exit; } else { echo 'success'; } } } else { echo 'unsuccess'; exit; } exit; }
static function check_cookie_login($user_id, $password) { $user_data = DB::fetch('SELECT id, user_name, password, block_time, gids FROM user WHERE id=' . (int) $user_id, FALSE, FALSE, __LINE__ . __FILE__); if ($user_data && $user_data['password'] == $password) { if ($user_data['block_time'] > TIME_NOW) { //Nếu User bị khóa chưa hết hạn! self::LogOut(); } else { //TuanNK sửa check quyền đăng nhập, nếu thuộc nhóm quản trị ==>> không cho đăng nhập tự động $in_group_admin = FALSE; if ($user_data['gids'] && $user_data['gids'] != '0') { //$in_group_admin=(preg_match("/(".$user_data['gids'].")/is","2") || preg_match("/(".$user_data['gids'].")/is","1")); $in_group_admin = preg_match("/(" . $user_data['gids'] . ")/is", "3") || preg_match("/(" . $user_data['gids'] . ")/is", "2") || preg_match("/(" . $user_data['gids'] . ")/is", "1") || preg_match("/(" . $user_data['gids'] . ")/is", "9"); } if (!$in_group_admin) { User::Login($user_data); Url::redirect_url(Url::build_all()); } else { AZLib::my_setcookie('az_id', "", TIME_NOW - 3600); AZLib::my_setcookie('password', "", TIME_NOW - 3600); } } } else { self::LogOut(); } }
function Cart($row) { Module::Module($row); if (Url::get('cmd') == 'success') { require_once 'forms/CartSuccess.php'; $this->add_form(new CartSuccessForm()); return; } Cart::$cart_item_ids = isset($_COOKIE['cart_items']) ? $_COOKIE['cart_items'] : ''; if (CGlobal::$cart_sess_id == '') { CGlobal::$cart_sess_id = session_id(); AZLib::my_setcookie('cart_sess_id', session_id(), time() + 3600 * 24 * 365); } $cart_items = ''; Cart::$cart = DB::select("cart", "session='" . CGlobal::$cart_sess_id . "' AND status=1 ORDER BY id DESC"); $cart_price = 0; $cart_quantity = 0; if (Cart::$cart) { $items = array(); if (Cart::$cart_item_ids != '') { $re = DB::query("SELECT * FROM item WHERE id IN(" . Cart::$cart_item_ids . ") AND status=1 AND price>0 ORDER BY find_in_set(id,'" . Cart::$cart_item_ids . "')"); if ($re) { while ($item = mysql_fetch_assoc($re)) { $item['price'] = AZLib::convertCurrency($item['price'], $item['currency_id']); Cart::$items[$item['id']] = $item; } } $items = Cart::$items; $re = DB::query("SELECT * FROM cart_item WHERE cart_id=" . Cart::$cart['id'] . " ORDER BY find_in_set(item_id,'" . Cart::$cart_item_ids . "')"); } else { $re = DB::query("SELECT * FROM cart_item WHERE cart_id=" . Cart::$cart['id'] . " ORDER BY id DESC"); } $cart_item_del = ''; if ($re) { while ($cart_item = mysql_fetch_assoc($re)) { if (isset(Cart::$items[$cart_item['item_id']])) { if ($cart_item['price'] != Cart::$items[$cart_item['item_id']]['price'] || $cart_item['sku'] != Cart::$items[$cart_item['item_id']]['sku']) { $cart_item['price'] = Cart::$items[$cart_item['item_id']]['price']; $cart_item['sku'] = Cart::$items[$cart_item['item_id']]['sku']; DB::update('cart_item', array('price' => $cart_item['price'], 'sku' => $cart_item['sku']), "id={$cart_item['id']}"); } if ($cart_item['checked']) { $cart_price += $cart_item['price'] * $cart_item['quantity']; $cart_quantity += $cart_item['quantity']; } unset($items[$cart_item['item_id']]); $cart_items .= ($cart_items != '' ? ',' : '') . $cart_item['item_id']; Cart::$cart_items[$cart_item['id']] = $cart_item; } else { $cart_item_del .= ($cart_item_del != '' ? ',' : '') . $cart_item['id']; } } } if ($items) { foreach ($items as $item) { $cart_items .= ($cart_items != '' ? ',' : '') . $item['id']; $cart_item = array('cart_id' => Cart::$cart['id'], 'item_id' => $item['id'], 'sku' => $item['sku'], 'price' => $item['price'], 'quantity' => 1, 'user_id' => (int) User::id(), 'user_name' => User::user_name(), 'time_add' => TIME_NOW, 'time_change' => TIME_NOW, 'status' => 1, 'checked' => 1); $cart_item['id'] = DB::insert("cart_item", $cart_item); $cart_price += $cart_item['price']; $cart_quantity += 1; Cart::$cart_items[$cart_item['id']] = $cart_item; Cart::$items[$item['id']] = $item; } } if ($cart_item_del != '') { DB::delete('cart_item', "id IN({$cart_item_del})"); } } elseif (Cart::$cart_item_ids != '') { Cart::$cart = array('session' => CGlobal::$cart_sess_id, 'ip' => $_SERVER['REMOTE_ADDR'], 'time_create' => TIME_NOW, 'time_change' => TIME_NOW, 'time_finish' => 0, 'time_finish' => 0, 'user_id' => (int) User::id(), 'user_name' => User::user_name(), 'customer_name' => '', 'customer_email' => '', 'customer_phone' => '', 'customer_address' => '', 'customer_note' => '', 'note' => '', 'price' => 0, 'quantity' => 0, 'mm_user_id' => 0, 'mm_time_modify' => '', 'mm_user_name' => '', 'status' => 1); Cart::$cart['id'] = DB::insert("cart", Cart::$cart); $re = DB::query("SELECT * FROM item WHERE id IN(" . Cart::$cart_item_ids . ") AND status=1 AND price>0 ORDER BY find_in_set(id,'" . Cart::$cart_item_ids . "')"); if ($re) { while ($item = mysql_fetch_assoc($re)) { $item['price'] = AZLib::convertCurrency($item['price'], $item['currency_id']); $cart_items .= ($cart_items != '' ? ',' : '') . $item['id']; $cart_item = array('cart_id' => Cart::$cart['id'], 'item_id' => $item['id'], 'sku' => $item['sku'], 'price' => $item['price'], 'quantity' => 1, 'user_id' => (int) User::id(), 'user_name' => User::user_name(), 'time_add' => TIME_NOW, 'time_change' => TIME_NOW, 'status' => 1, 'checked' => 1); $cart_price += $item['price']; $cart_quantity += 1; $cart_item['id'] = DB::insert("cart_item", $cart_item); Cart::$cart_items[$cart_item['id']] = $cart_item; Cart::$items[$item['id']] = $item; } } } if (Cart::$cart['price'] != $cart_price || Cart::$cart['quantity'] != $cart_quantity) { Cart::$cart['price'] = $cart_price; Cart::$cart['quantity'] = $cart_quantity; DB::update("cart", array('price' => $cart_price, 'quantity' => $cart_quantity), 'id=' . Cart::$cart['id']); } if ($cart_items != Cart::$cart_item_ids) { Cart::$cart_item_ids = $cart_items; AZLib::my_setcookie('cart_items', Cart::$cart_item_ids, time() + 3600 * 24 * 365); } $cmd = Url::get('cmd'); switch ($cmd) { case 'delete': $id = Url::get('id', 0); if ($id && Cart::$cart && isset(Cart::$cart_items[$id])) { //echo Cart::$cart_item_ids,"<br /><br />"; //echo "$id"; System::debug(Cart::$cart_items); DB::delete('cart_item', "id={$id} AND cart_id=" . Cart::$cart['id']); DB::update("cart", array("time_change" => TIME_NOW), "id=" . Cart::$cart['id']); unset(Cart::$cart_items[$id]); Cart::$cart_item_ids = ''; if (Cart::$cart_items) { //Cart::$cart_item_ids = implode(',',array_keys(Cart::$cart_items)); foreach (Cart::$cart_items as $cart_item) { Cart::$cart_item_ids .= (Cart::$cart_item_ids != '' ? ',' : '') . $cart_item['item_id']; } } //echo Cart::$cart_item_ids,"<br /><br />"; AZLib::my_setcookie('cart_items', Cart::$cart_item_ids, time() + 3600 * 24 * 365); } $cart_price = DB::fetch("SELECT SUM(price * quantity) AS price_total FROM cart_item WHERE cart_id=" . Cart::$cart['price'] . " AND checked=1 AND price>0 ANd quantity>0", 'price_total', 0); $cart_quantity = DB::fetch("SELECT SUM(quantity) AS price_quantity FROM cart_item WHERE cart_id=" . Cart::$cart['price'] . " AND checked=1 AND price>0 ANd quantity>0", 'price_quantity', 0); if (Cart::$cart['price'] != $cart_price || Cart::$cart['quantity'] != $cart_quantity) { Cart::$cart['price'] = $cart_price; Cart::$cart['quantity'] = $cart_quantity; DB::update("cart", array('price' => $cart_price, 'quantity' => $cart_quantity), 'id=' . Cart::$cart['id']); } Url::redirect_current(); break; case 'finish': require_once 'forms/CartFinish.php'; $this->add_form(new CartFinishForm()); break; case '': default: require_once 'forms/Cart.php'; $this->add_form(new CartForm()); break; } }
jQuery(function(){ jQuery("img.lazyload").lazyload({ placeholder : "<?=STATIC_URL?>style/images/spacer.gif"//,effect : "fadeIn" }); }); </script> */ //Set default debug if (isset($_GET["ebug"])) { AZLib::my_setcookie("ebug", (int) (bool) $_GET["ebug"]); } if (isset($_GET["abug"])) { AZLib::my_setcookie("abug", (int) (bool) $_GET["abug"]); } if (isset($_GET["tbug"])) { AZLib::my_setcookie("tbug", (int) $_GET["tbug"]); } //ob_flush(); //flush(); //Xoá SS của khách vãng lai /*if( AZLib::session_started() AND (!$_SESSION['user_id']) ){ session_destroy(); }*/ /*if ( REWRITE_ON){ $getcontents = ob_get_contents(); ob_end_clean(); @ob_start('ob_gzhandler'); echo AZRewrite::doReplace($getcontents); unset($getcontents); }*/
$request_refer = WEB_ROOT; } else { $request_refer = $_SERVER['HTTP_REFERER']; } Url::redirect_url($request_refer); } } if (!CGlobal::$curCity && isset($_COOKIE['province_id'])) { CGlobal::$curCity = (int) $_COOKIE['province_id']; } if (!User::is_login()) { if (isset($_COOKIE['az_id']) && isset($_COOKIE['password'])) { User::check_cookie_login($_COOKIE['az_id'], $_COOKIE['password']); } else { AZLib::my_setcookie('az_id', "", TIME_NOW - 3600); AZLib::my_setcookie('password', "", TIME_NOW - 3600); } } else { if (isset($_GET['login_as']) || isset($_GET['login_as_id'])) { if (User::is_admin()) { $user_id = (int) Url::get('login_as_id', 0); $user = array(); if ($user_id) { $user = User::getUser($user_id); } else { $user_name = Url::get('login_as'); if ($user_name != '') { $user = User::getByUserName($user_name); } } if ($user) {
function on_submit() { if (User::checkLock4Ever(1)) { Url::redirect_current(); } //check bảo mật $just_registed_s = 0; $just_registed_c = 0; if (isset($_SESSION['just_registed'])) { $just_registed_s = $_SESSION['just_registed']; } if (isset($_COOKIE['just_registed'])) { $just_registed_c = $_COOKIE['just_registed']; } if ($just_registed_s > TIME_NOW - 120 || $just_registed_c > TIME_NOW - 120 || !REG_ON) { Url::redirect_current(); } //END check bảo mật // check de ban IP $ip = AZLib::ip(); $arr_badwords = AZLib::checkBadWord($ip, true); if ($arr_badwords["bad"] != "" && $arr_badwords["bad_key"] != "") { $this->setFormError('ban_ip', "Có lỗi xẩy ra"); } // end check de ban IP $full_name = Url::get('full_name'); $email = Url::get('email'); $user_name = Url::get('register_user_name'); $mobile_phone = AZLib::trimSpace(Url::get('mobile_phone')); $password = AZLib::trimSpace(Url::get('register_password')); $confirm_password = AZLib::trimSpace(Url::get('confirm_password')); $this->checkFormInput('Tên đầy đủ', 'full_name', $full_name, 'str', false, '', 0, 50); $this->checkFormInput('Email', 'email', $email, 'email', true, '', 6, 50); $this->checkFormInput('Tên truy cập', 'user_name', $user_name, 'uname', true, '', 4, 50); $this->checkFormInput('Điện thoại di động', 'mobile_phone', $mobile_phone, 'str', false, '', 0, 50); $this->checkFormInput('Mật khẩu truy cập', 'register_password', $password, 'str', true, '', 6, 50); $this->checkFormInput('Nhập lại mật khẩu', 'confirm_password', $confirm_password, 'str', true, '', 6, 50); if (!$this->errNum) { if ($password != $confirm_password) { $this->setFormError('captcha_register', "Nhập lại Mật khẩu truy cập không khớp!"); return; } } $captcha_register = Url::get('captcha_register'); if ($mobile_phone && !AZLib::is_mobile($mobile_phone)) { $mobile_phone = ""; } if ($captcha_register == '') { $this->setFormError('captcha_register', "Bạn chưa nhập <b>Mã bảo mật</b>!"); } else { if (!isset($_SESSION["enbac_validate"]) || $captcha_register != $_SESSION["enbac_validate"]) { $this->setFormError('captcha_register', "<b>Mã bảo mật</b> không chính xác!"); } } if ((int) Url::get('confirm_register') != 1) { $this->setFormError('confirm_register', "Bạn phải đọc và đồng ý với những <a target=\"_blank\" href=\"http://help.enbac.com/content/4/5/en/Quy-che-thanh-vien.html\" >điều khoản của Enbac.com</a>!"); } if (!$this->errNum) { if (DB::exists('SELECT id FROM `user` WHERE `email`="' . $email . '"')) { $this->setFormError('email', "<b>Email</b> bạn chọn đã tồn tại, hãy chọn lại một <b>Email</b> khác!"); } elseif (DB::exists('SELECT id FROM `user` WHERE `user_name`="' . $user_name . '"')) { $this->setFormError('email', "<b>Tên truy cập</b> bạn chọn đã tồn tại, hãy chọn lại một <b>Tên truy cập</b> khác!"); } else { $user_info = array('user_name' => $user_name, 'email' => $email, 'password' => User::encode_password($password), 'full_name' => $full_name, 'mobile_phone' => $mobile_phone, 'create_time' => TIME_NOW, 'is_active' => (int) (bool) USER_ACTIVE_ON, 'reg_ip' => AZLib::ip()); $id = DB::insert('user', $user_info); if ($id) { $_SESSION['just_registed'] = TIME_NOW; AZLib::my_setcookie('just_registed', TIME_NOW); if (USER_ACTIVE_ON && $user_info['is_active'] == 1) { global $display; $active = DB::select('user_active', 'user_id=' . $id); $active_code = md5(TIME_NOW . $user_info['password']); if ($active) { $active = array('id' => $active['id'], 'user_id' => $id, 'active_code' => $active_code, 'time' => TIME_NOW); } else { $active = array('user_id' => $id, 'active_code' => $active_code, 'time' => TIME_NOW); } DB::insert('user_active', $active, true); $display->add('eb_url', WEB_ROOT); $display->add('user_id', $id); $display->add('user_name', $user_info['user_name']); $display->add('active_code', $active_code); $display->add('WEB_NAME', WEB_NAME); $display->add('MAIL_FOOTER', MAIL_FOOTER); $content_email = $display->output('send_active_mail', 1, 'RegisterSuccess'); //Send email here; if (System::sendEBEmail($user_info['email'], 'Kích hoạt tài khoản!', $content_email)) { //$this->setFormSucces('','<b>Chúc mừng bạn đã đăng ký tài khoản thành công!</b><br /><br />Mã kích hoạt đã được gửi đi tới E-mail: "'.$user_info['email'].'"<br />Bạn hãy check lại Email để kích hoạt tài khoản của mình!'); Url::redirect('reg_success', array('cmd' => 'notify')); } else { $this->setFormError('', '<b>Chúc mừng bạn đã đăng ký tài khoản thành công!</b><br /><br />Tuy nhiên hệ thống chưa gửi được Mã kích hoạt tới E-mail: "' . $user_info['email'] . '"!<br />Bạn có thể <a href="' . Url::build('reg_success', array('cmd' => 'active')) . '">click vào đây</a> để hệ thống gửi lại mã kích hoạt vào Email của mình!'); } $this->show_form = false; } else { User::Login($id); Url::redirect('reg_success'); } } else { $this->setFormError('', "Chưa đăng ký được, mời bạn thử lại!"); } } } }
function Build($row) { Module::Module($row); ################################################################################################## $build_catids = @CGlobal::$configs['BuildCatIDs']['conf_val']; if ($build_catids != '') { $arr = explode(',', $build_catids); $build_catids = ''; $last = 0; if ($arr) { foreach ($arr as $catid) { if (isset(CGlobal::$allCategories[$catid]) && CGlobal::$allCategories[$catid]['status'] != 'HIDE') { $build_catids .= ($build_catids != '' ? ',' : '') . $catid; Build::$cats[$catid] = array('id' => $catid, 'name' => CGlobal::$allCategories[$catid]['name'], 'recomend' => str_replace(chr(13) . chr(10), "<br />", CGlobal::$allCategories[$catid]['recomend']), 'img' => AZLib::getImageThumb("category/{$catid}.gif", 40, 40, 0, 0), 'item_id' => 0, 'item_name' => '', 'item_url' => '', 'item_price' => '', 'item_warranty' => '', 'list_brief' => ''); if ($last) { Build::$cats[$last]['next_id'] = $catid; } $last = $catid; } } } } self::$bcatid = (int) Url::get('bcatid'); if (self::$bcatid) { if (isset(Build::$cats[self::$bcatid])) { self::$bcat = Build::$cats[self::$bcatid]; } else { Url::redirect_current(array('mode')); } } else { self::$bcat = reset(Build::$cats); if (self::$bcat) { self::$bcatid = (int) self::$bcat['id']; } } ################################################################################################## $item_ids = ''; $build_ids = isset($_SESSION['build_ids']) ? $_SESSION['build_ids'] : ''; $build_price = 0; if ($build_ids != '') { $items = array(); $re = DB::query("SELECT * FROM item WHERE id IN(" . $build_ids . ") AND status=1 AND price>0 AND quantity>0 ORDER BY find_in_set(category_id,'" . $build_catids . "')"); if ($re) { while ($item = mysql_fetch_assoc($re)) { if (isset(Build::$cats[$item['category_id']]) && Build::$cats[$item['category_id']]['item_id'] == 0) { Build::$price += $item['price']; $item_ids .= ($item_ids != '' ? ',' : '') . $item['id']; if (isset(CGlobal::$allCategories[$item['category_id']])) { $item_url = WEB_DIR . CGlobal::$allCategories[$item['category_id']]['nice_name'] . "/p{$item['id']}/" . AZLib::safe_title($item['name']) . ".html"; } else { $item_url = WEB_DIR . "p{$item['id']}/" . AZLib::safe_title($item['name']) . ".html"; } if ($item['list_brief'] == '') { $item['list_brief'] = $item['brief']; } $item['list_brief'] = preg_replace("/\\[([\\s]*[0-9]{1,2}[\\s]*)\\]/eis", " ", $item['list_brief']); $item['list_brief'] = str_replace(array("'", "\""), array("", " "), $item['list_brief']); $item['list_brief'] = AZLib::word_limit($item['list_brief'], 50, ''); Build::$items[$item['id']] = $item; Build::$cats[$item['category_id']]['item_id'] = $item['id']; Build::$cats[$item['category_id']]['item_name'] = $item['name']; Build::$cats[$item['category_id']]['item_url'] = $item_url; Build::$cats[$item['category_id']]['item_price'] = number_format($item['price'], 0, ',', '.') . " VNĐ"; Build::$cats[$item['category_id']]['item_warranty'] = $item['warranty']; Build::$cats[$item['category_id']]['list_brief'] = $item['list_brief']; } } } } $item_id = (int) Url::get('item_id'); $bcatid = (int) Url::get('bcatid'); if ($item_id && $bcatid) { $item = Item::get_item($item_id); if ($item && $item['status'] == 1 && $item['price'] > 0 && $item['quantity'] > 0 && isset(Build::$cats[$item['category_id']])) { if (!isset(Build::$items[$item['id']])) { if (Build::$cats[$item['category_id']]['item_id'] > 0) { unset(Build::$items[Build::$cats[$item['category_id']]['item_id']]); } Build::$items[$item['id']] = $item; //$item_ids .= ($item_ids!='' ? ',' : '') . $item['id']; $item_ids = implode(',', array_keys(Build::$items)); $_SESSION['build_ids'] = "{$item_ids}"; $last = 0; foreach (array_keys(Build::$cats) as $catid) { if ($last == self::$bcatid) { Url::redirect_current(array('mode', 'bcatid' => $catid), '#select_item'); } $last = $catid; } } } Url::redirect_current(array('mode', 'bcatid')); } $_SESSION['build_ids'] = "{$item_ids}"; $cmd = Url::get('cmd'); switch ($cmd) { case 'success': require_once 'forms/BuildSuccess.php'; $this->add_form(new BuildSuccessForm()); break; case 'reset': $_SESSION['build_ids'] = ""; Url::redirect_current(); break; case 'order': if ($item_ids != '') { $cart_item_ids = isset($_COOKIE['cart_items']) ? $_COOKIE['cart_items'] : ''; if ($cart_item_ids != '') { $buil_item_arr = explode(',', $item_ids); $item_ids = $cart_item_ids; $cat_item_arr = explode(',', $cart_item_ids); foreach ($buil_item_arr as $item_id) { if (!in_array($item_id, $cat_item_arr)) { $item_ids .= ($item_ids != '' ? ',' : '') . $item_id; } } } if ($item_ids != $cart_item_ids) { AZLib::my_setcookie('cart_items', $item_ids, time() + 3600 * 24 * 365); } $_SESSION['build_ids'] = ""; Url::redirect('cart'); } Url::redirect_current(); break; case '': default: require_once 'forms/Build.php'; $this->add_form(new BuildForm()); break; } }
function on_submit() { if (User::checkLock4Ever(1)) { Url::redirect_current(); } $user_name = AZLib::getParam('user_name_this'); $password = AZLib::getParam('password_this'); $this->checkFormInput('Tên truy cập', 'user_name', $user_name, 'uname', true, '', 4, 50); $this->checkFormInput('Mật khẩu truy cập', 'password', $password, 'str', true, '', 6, 50); // check de ban IP $ip = AZLib::ip(); $arr_badwords = AZLib::checkBadWord($ip, true); if ($arr_badwords["bad"] != "" && $arr_badwords["bad_key"] != "") { $this->setFormError('ban_ip', "Có lỗi xẩy ra. Hãy kiểm tra lại"); } // end check de ban IP if (!$this->errNum) { $user_data = DB::fetch('SELECT id, user_name, password, is_active, block_time FROM user WHERE user_name="' . $user_name . '"'); if (!USER_ACTIVE_ON && $user_data && $user_data['is_active']) { DB::query("UPDATE user SET is_active=0 WHERE id=" . $user_data['id']); DB::delete('user_active', 'user_id=' . $user_data['id']); User::getUser($user_data['id'], 0, 1); } if ($user_data && $user_data['password'] == User::encode_password($password)) { if (USER_ACTIVE_ON && $user_data['is_active']) { //Chưa kích hoạt $this->setFormError('user_name', "Bạn chưa kích hoạt tài khoản!<br /><br />Bạn hãy check lại mail để kích hoạt lại tài khoản<br />\r\n\t\t\t\t\thoặc <a href=''>click vào đây</a> để hệ thống gửi lại email kích hoạt!"); } else { $alert = ''; $href = base64_decode(Url::get('href')); if (!$href) { $href = Url::build('home'); } if ($user_data['block_time'] == -1) { $this->setFormError('user_name', "Tài khoản hoặc mật khẩu không đúng!"); } elseif ($user_data['block_time'] > TIME_NOW) { $user_lock = DB::select('user_lock', 'user_id=' . $user_data['id']); if ($user_lock) { if ($user_lock['type'] == 1) { //Khoá vĩnh viễn User::LogOut(); DB::delete(_SESS_TABLE, 'user_id=' . $user_id, __LINE__ . __FILE__); Url::access_denied(); } elseif ($user_lock['type'] == 3) { //Khoá vĩnh viễn + cookie User::lock4Ever(true, $user_data['id']); Url::access_denied(); } else { if ($user_lock['note']) { $user_lock['note'] = '\\nLý do: ' . str_replace(array('"', "'"), '', $user_lock['note']); } $alert = '<script> alert("Tài khoản của bạn đang tạm khoá tới ' . date('h:i, d/m/Y', $user_data['block_time']) . '!' . $user_lock['note'] . '"); window.location="' . $href . '"; </script>'; //$this->setFormError('user_name',"Tài khoản của bạn đang tạm khoá tới ".date('d/m/Y H:i',$user_data['block_time'])."!".$user_lock['note']); } } $_SESSION['user_lock'] = true; } if (Url::get('set_cookie') == 'on') { $year = 60 * 60 * 24 * 365 + TIME_NOW; AZLib::my_setcookie("az_id", $user_data['id'], $year); AZLib::my_setcookie("password", $user_data['password'], $year); } $_SESSION['is_load_page_first'] = 1; // dung jQueryUI de load bang thong bao User::LogIn($user_data['id']); if (isset($_SESSION['user_lock']) && $_SESSION['user_lock']) { echo $alert; exit; } else { Url::redirect_url($href); } } } else { $this->setFormError('user_name', "Tài khoản hoặc mật khẩu không đúng!"); } } }
function feedback() { header("Content-type: application/xml"); $pattern = '/^xe360/i'; $content = trim(AZLib::getParam('content')); $comment_id = (int) Url::get('comment_id', 0); $sender_user_name = trim(AZLib::getParam('user_name')); $sender_email = trim(AZLib::getParam('sender_email')); $comment_row = array(); if (isset($_COOKIE['setTimeOutComment'])) { if (time() - $_COOKIE['setTimeOutComment'] <= 30) { // 30 giay echo "<comments><content>time_out</content></comments>"; exit; } } else { AZLib::my_setcookie("setTimeOutComment", time(), 30 + TIME_NOW); // 30 giay } if (preg_match($pattern, $sender_user_name) || preg_match($pattern, $sender_email) || preg_match($pattern, $content)) { echo "<comments><content>bad_word</content></comments>"; exit; } if (User::is_login() && User::is_block()) { echo "<comments><content>no_perm</content></comments>"; exit; } if ($comment_id) { $comment_row = DB::select('comment', "id={$comment_id}"); if (!$comment_row) { echo "<comments><content>no_perm</content></comments>"; exit; } if (User::is_login() && $comment_row['sender_user_id'] == User::id()) { //Không được trả lời cho chính mình! echo "<comments><content>no_perm</content></comments>"; exit; } if (!($item = Item::get_item($comment_row['item_id']))) { echo "<comments><content>no_perm</content></comments>"; exit; } } else { $item_id = (int) Url::get('item_id', 0); if (!$item_id || !($item = Item::get_item($item_id))) { echo "<comments><content>no_perm</content></comments>"; exit; } } $item_memcache = $item; if (AZLib::isBlackList(User::id(), $item['user_id'])) { echo "<comments><content>blacklist</content></comments>"; exit; } if (!User::is_login() && AZLib::checkBadWord($sender_user_name)) { echo "<comments><content>bad_word</content></comments>"; exit; } if ($item["state"] == 1 && !User::have_permit(ADMIN_ITEM)) { echo "<comments><content>no_perm</content></comments>"; exit; } $username = strtolower($sender_user_name); if (!User::is_login() && (strlen($username) < 3 || strlen($sender_email) < 3 || $username == 'admin' || $username == 'administrator' || $username == 'moderator' || $username == 'enbac')) { echo "<comments><content>bad_word</content></comments>"; exit; } if (AZLib::checkBadWord($content)) { echo "<comments><content>bad_word</content></comments>"; exit; } if (!User::is_login()) { $captcha = AZLib::getParam('captcha'); if (!isset($_SESSION["enbac_validate"]) || $captcha == '' || $captcha != $_SESSION["enbac_validate"]) { echo "<comments><content>false_captcha</content></comments>"; exit; } } $content = preg_replace("/\n/", "<br />", $content); $content = str_replace('<br /><br />', ' ', $content); $receiver_user_id = 0; $receiver_username = ''; if ($comment_id) { if ($comment_row['parent_id']) { $receiver_user_id = $comment_row['sender_user_id']; $receiver_username = $comment_row['sender_user_name']; if ($receiver_user_id) { $content = '@<a href="' . WEB_DIR . $receiver_username . '" class="fast_reply_link" title="' . $receiver_username . '">' . $receiver_username . '</a>: ' . $content; } else { $content = '<font color="#999">@<span style="text-decoration:underline">' . $receiver_username . '</span> </font>: ' . $content; } $parent_id = $comment_row['parent_id']; } else { $parent_id = $comment_row['id']; } } else { $parent_id = 0; } $user_item = User::getUser($item['user_id']); if ($user_item) { if (User::id()) { $sender_user_name = User::user_name(); } else { // set guest cookie $week = 60 * 60 * 24 * 365 + TIME_NOW; AZLib::my_setcookie("guest_name", $sender_user_name, $week); AZLib::my_setcookie("guest_email", $sender_email, $week); } $up_up_count = ''; if ($content != '') { $comment = array('content' => $content, 'item_id' => $item['id'], 'time' => TIME_NOW, 'order_time' => TIME_NOW, 'post_ip' => AZLib::ip(), 'parent_id' => $parent_id, 'receiver_user_id' => $item['user_id'], 'receiver_user_name' => $item['user_name'], 'display' => 1); if (User::id()) { if ($item['user_id'] == User::id()) { //Chuyển trạng thái đã trả lời khi comment chính topic của mình! $comment['status'] = 1; } $comment['sender_user_id'] = User::id(); $comment['sender_user_name'] = User::user_name(); } else { $comment['sender_user_id'] = 0; $comment['sender_user_name'] = $sender_user_name; $comment['sender_email'] = $sender_email; } if ($comment_row && $comment_row['sender_user_id'] && $comment_row['sender_user_id'] != $item['user_id']) { $comment['replied_user_id'] = $comment_row['sender_user_id']; $comment['replied_user_name'] = $comment_row['sender_user_name']; } elseif ($comment_row && $comment_row['sender_user_id'] == $item['user_id']) { $comment['replied_status'] = 1; } $id = DB::insert('comment', $comment); if ($id) { if (!User::id()) { AZLib::reload_captcha(); } if ($parent_id) { $re = DB::query("SELECT id FROM comment WHERE item_id = {$item['id']} AND parent_id = {$parent_id} AND display = 1 ORDER BY id DESC LIMIT 3,1"); if ($re) { if ($row = mysql_fetch_assoc($re)) { if ($row) { DB::query("UPDATE comment SET display = 0 WHERE parent_id = {$parent_id} AND display = 1 AND id<={$row['id']}"); } } } if ($comment_id == $parent_id) { if (User::is_login() && $item['user_id'] == User::id()) { DB::query("UPDATE comment SET have_child = have_child + 1, order_time = " . time() . ", status=1 WHERE id = {$parent_id}"); } else { DB::query("UPDATE comment SET have_child = have_child + 1, order_time = " . time() . " WHERE id = {$parent_id}"); } } else { DB::query("UPDATE comment SET have_child = have_child + 1, order_time = " . time() . " WHERE id = {$parent_id}"); if (User::is_login() && $item['user_id'] == User::id()) { DB::query("UPDATE comment SET status=1 WHERE id = {$comment_id}"); //Cập nhật đã đọc - trả lời cho feed DB::query("UPDATE feed SET status = 1 WHERE ref_id = {$comment_id} AND type=1"); } } if (User::is_login()) { //Nếu là thành viên //Cập nhật lại replied_status nếu chưa được check! if ($item['user_id'] != User::id() && $comment_row['replied_user_id'] == User::id() && $comment_row['replied_status'] == 0) { DB::query("UPDATE comment SET replied_status=1 WHERE id = {$comment_id}"); //Cập nhật đã đọc - trả lời cho feed DB::query("UPDATE feed SET status = 1 WHERE ref_id = {$comment_id} AND type=2"); //Cập nhật comment mới cho chính mình DB::query('UPDATE user SET total_new_comment = total_new_comment - 1 WHERE id=' . User::id() . ' AND total_new_comment>0'); User::getUser(User::id(), 0, 1); } if ($item['user_id'] != User::id()) { //Nếu ko fải giao dịch của mình //Cập nhật comment mới cho chủ topic DB::query('UPDATE user SET total_new_comment = total_new_comment + 1 WHERE id=' . $item['user_id']); User::getUser($item['user_id'], 0, 1); } elseif ($comment_row && $comment_row['status'] == 0) { //Cập nhật comment mới cho chính mình DB::query('UPDATE user SET total_new_comment = total_new_comment - 1 WHERE id=' . User::id() . ' AND total_new_comment>0'); User::getUser(User::id(), 0, 1); } //Cập nhật comment mới cho người có comment được trả lời if ($comment_row['sender_user_id'] && $comment_row['sender_user_id'] != $item['user_id'] && $comment_row['sender_user_id'] != User::id() && $comment_row['sender_user_id'] != $item['user_id']) { //Nếu trả lời comment cho 1 người nào đó ko fải chủ topic DB::query('UPDATE user SET total_new_comment = total_new_comment + 1 WHERE id=' . $comment_row['sender_user_id']); User::getUser($comment_row['sender_user_id'], 0, 1); } } else { //Nếu là khách vãng lai //Cập nhật comment mới cho chủ topic DB::query('UPDATE user SET total_new_comment = total_new_comment + 1 WHERE id=' . $item['user_id']); User::getUser($item['user_id'], 0, 1); //Cập nhật comment mới cho người có comment được trả lời if ($comment_row['sender_user_id'] && $comment_row['sender_user_id'] != $item['user_id'] && $comment_row['sender_user_id'] != $item['user_id']) { //Nếu trả lời comment cho 1 người nào đó ko fải chủ topic DB::query('UPDATE user SET total_new_comment = total_new_comment + 1 WHERE id=' . $comment_row['sender_user_id']); User::getUser($comment_row['sender_user_id'], 0, 1); } } } } $total_feedback = DB::count('comment', "item_id={$item['id']}"); $up_up_count = '<up_count>'; $up_up_count .= $user_item['up_item']; DB::update_id('item', array('reply_count' => $total_feedback), $item['id']); if (MEMCACHE_ON) { $item_memcache['reply_count'] = $total_feedback; AZMemcache::do_put("item:{$item['id']}", $item_memcache); } $up_up_count .= '</up_count>'; //Cập nhật cron job if ($user_item && $user_item['email'] && $user_item['email_alert'] && $user_item['id'] != User::id()) { if (User::id()) { $sender_email = ''; } $link = WEB_ROOT . AZRewrite::formatUrl('?page=item_detail&id=' . $item['id'] . '&ebname=' . AZLib::safe_title($item['name'])); $title = "<a href='{$link}' target='_blank' style='text-decoration:none;color:#003399;'><font color='#003399'>{$item['name']}</font></a>"; AZLib::addCronJob('item_comment', AZLib::parseBBCode($content, true), $user_item['id'], User::id() ? User::user_name() : $sender_user_name, $sender_email, $item['id'], $title, $link); } } else { $id = 0; } $time = date('H:i - d/m'); $xml = "<comments><content><![CDATA[" . AZLib::parseBBCode($content) . "]]></content><post_time>" . date('H:i') . "</post_time>"; $action = 'item_comment'; if (User::id() != $item['user_id']) { require_once ROOT_PATH . 'includes/enbac/comment.php'; Comment::addNewComment($item['user_id']); } $xml .= $up_up_count . "<id>" . $id % 3 . "</id></comments>"; //del cache html $caheFile = 'fb_' . $item['id']; StaticCache::delCache($caheFile); echo $xml; System::halt(); } }
function fn_comment() { header("Content-type: application/xml"); $content = trim(AZLib::getParam('content')); $comment_id = (int) Url::get('comment_id', 0); $comment_row = array(); if ($content == '') { echo "<comments><content>no_perm</content></comments>"; exit; } if (User::is_login()) { if (User::is_block()) { echo "<comments><content>no_perm</content></comments>"; exit; } $sender_user_name = User::user_name(); $sender_email = ''; } else { $sender_user_name = AZLib::getParam('user_name'); $sender_email = AZLib::getParam('sender_email', ''); $username_lower = strtolower($sender_user_name); if (strlen($username_lower) < 3 || $username_lower == 'admin' || $username_lower == 'administrator' || $username_lower == 'moderator' || $username_lower == 'enbac') { echo "<comments><content>bad_word</content></comments>"; exit; } } if ($comment_id) { $comment_row = DB::select("user_entry_comment", "id={$comment_id}"); if (!$comment_row || $comment_row && User::is_login() && $comment_row['sender_user_id'] == User::id()) { //Không được trả lời cho chính mình! echo "<comments><content>no_perm</content></comments>"; exit; } $entry_id = $comment_row['entry_id']; } else { $entry_id = (int) Url::get('entry_id', 0); } if (!$entry_id || !($user_entry = DB::select('user_entry', "id={$entry_id}"))) { echo "<comments><content>no_perm</content></comments>"; exit; } if (User::is_login() && AZLib::isBlackList(User::id(), $user_entry['user_id'])) { echo "<comments><content>blacklist</content></comments>"; exit; } if (!User::is_login() && AZLib::checkBadWord($sender_user_name) || AZLib::checkBadWord($content)) { echo "<comments><content>bad_word</content></comments>"; exit; } if (AZLib::checkBadWord($content)) { echo "<comments><content>bad_word</content></comments>"; exit; } if (!User::is_login()) { $captcha = AZLib::getParam('captcha'); if (!isset($_SESSION["enbac_validate"]) || $captcha == '' || $captcha != $_SESSION["enbac_validate"]) { echo "<comments><content>false_captcha</content></comments>"; exit; } } $content = preg_replace("/\n/", "<br />", $content); $content = str_replace('<br /><br />', ' ', $content); if ($comment_row) { if ($comment_row['parent_id']) { $parent_id = $comment_row['parent_id']; //$sender_user_name = $comment_row['sender_user_name']; $sender_user_name = User::user_name(); if ($comment_row['sender_user_id']) { $content = '@<a href="' . WEB_DIR . $comment_row['sender_user_name'] . '" class="fast_reply_link" title="' . $sender_user_name . '">' . $comment_row['sender_user_name'] . '</a>: ' . $content; } else { $content = '<font color="#999">@<span style="text-decoration:underline">' . $sender_user_name . '</span> </font>: ' . $content; } } else { $parent_id = $comment_row['id']; } } else { $parent_id = 0; } // set guest cookie if (!User::id()) { $week = 60 * 60 * 24 * 365 + TIME_NOW; AZLib::my_setcookie("guest_name", $sender_user_name, $week); AZLib::my_setcookie("guest_email", $sender_email, $week); } $user_entry_comment = array('content' => $content, 'entry_id' => $user_entry['id'], 'time' => TIME_NOW, 'order_time' => TIME_NOW, 'post_ip' => AZLib::ip(), 'parent_id' => $parent_id, 'receiver_user_id' => $user_entry['user_id'], 'display' => 1, 'receiver_user_name' => $user_entry['user_name']); if (User::id()) { $user_entry_comment['sender_user_id'] = User::id(); } else { $user_entry_comment['sender_user_id'] = 0; $user_entry_comment['sender_email'] = $sender_email; } $user_entry_comment['sender_user_name'] = $sender_user_name; if ($comment_row && $comment_row['sender_user_id'] && $comment_row['sender_user_id'] != $user_entry['user_id']) { //Lưu lại người được trả lời $user_entry_comment['replied_user_id'] = $comment_row['sender_user_id']; $user_entry_comment['replied_user_name'] = $comment_row['sender_user_name']; } elseif ($comment_row && $comment_row['sender_user_id'] == $user_entry['user_id']) { $user_entry_comment['replied_status'] = 1; } $id = DB::insert('user_entry_comment', $user_entry_comment); if ($id) { if (!User::id()) { AZLib::reload_captcha(); } if ($parent_id) { $re = DB::query("SELECT id FROM user_entry_comment WHERE parent_id = {$parent_id} AND display = 1 ORDER BY id DESC LIMIT 3,1"); if ($re) { if ($row = mysql_fetch_assoc($re)) { if ($row) { DB::query("UPDATE user_entry_comment SET display = 0 WHERE parent_id = {$comment_id} AND display = 1 AND id<={$row['id']}"); } } } if ($comment_id == $parent_id) { if (User::is_login() && $user_entry['user_id'] == User::id()) { DB::query("UPDATE user_entry_comment SET have_child = have_child + 1, order_time = " . time() . ", status=1 WHERE id = {$parent_id}"); } else { DB::query("UPDATE user_entry_comment SET have_child = have_child + 1, order_time = " . time() . " WHERE id = {$parent_id}"); } } else { DB::query("UPDATE user_entry_comment SET have_child = have_child + 1, order_time = " . time() . " WHERE id = {$parent_id}"); if (User::is_login() && $user_entry['user_id'] == User::id()) { DB::query("UPDATE user_entry_comment SET status=1 WHERE id = {$comment_id}"); } } //Cập nhật đã đọc - trả lời cho feed DB::query("UPDATE feed SET status = 1 WHERE ref_id = {$comment_id} AND type=5"); //Cập nhật lại replied_status nếu chưa được check! if (User::is_login() && $comment_row['replied_user_id'] == User::id() && $comment_row['replied_status'] == 0) { DB::query("UPDATE user_entry_comment SET replied_status=1 WHERE id = {$comment_id}"); //Cập nhật đã đọc - trả lời cho feed DB::query("UPDATE feed SET status = 1 WHERE ref_id = {$comment_id} AND type=6"); } } } $total_feedback = DB::count('user_entry_comment', 'entry_id="' . $user_entry['id'] . '"'); DB::update_id('user_entry', array('reply_count' => $total_feedback), $user_entry['id']); $xml = "<comments><content><![CDATA[" . AZLib::parseBBCode($content) . "]]></content><post_time>vài giây trước</post_time>"; $xml .= "<id>" . $id % 3 . "</id><parent_id>{$parent_id}</parent_id></comments>"; echo $xml; $user_item = User::getUser($user_entry['user_id']); if ($user_item && $user_item['email'] && $user_item['email_alert'] && $user_item['id'] != User::id()) { if (User::id()) { $sender_email = ''; } $link = WEB_ROOT . '?page=user_entry&user_name=' . $user_entry['user_name'] . '&cmd_entry=view&entry_id=' . $user_entry['id'] . '&ebname=' . AZLib::safe_title($user_entry['title']); $link = AZRewrite::formatUrl($link); $title = "<a href='{$link}' target='_blank' style='text-decoration:none;color:#003399;'><font color='#003399'>{$user_entry['title']}</font></a>"; AZLib::addCronJob('entry_comment', AZLib::parseBBCode($content, true), $user_item['id'], User::id() ? User::user_name() : $sender_user_name, $sender_email, $user_entry['id'], $title, $link); } System::halt(); }