function on_submit() { $content = Url::get('content'); if (get_magic_quotes_gpc()) { $content = stripslashes($content); } $this->checkFormInput('Nội dung', 'content', $content, 'str', false); if (!$this->errNum) { if (isset(CGlobal::$configs['VI_Info_' . EClass::$page['name']])) { DB::update('configs', array("conf_val" => $content), "conf_key='VI_Info_" . EClass::$page['name'] . "'"); } else { DB::insert('configs', array("conf_key" => 'VI_Info_' . EClass::$page['name'], "conf_val" => $content)); } EClassApi::get_config(0, 1); Url::redirect_current(); } }
function addPerm() { $res = DB::query("SELECT * FROM module"); $perm= array(); while($r = @mysql_fetch_assoc($res)) { if($r['name'] != '.svn' && file_exists(DIR_MODULE.$r['name'].'/class.php')) { require_once DIR_MODULE.$r['name'].'/class.php'; eval('if(method_exists("'.$r['name'].'","permission")) { $tmp = '.$r['name'].'::permission(); if($tmp) { foreach($tmp as $id=>$val) { unset($tmp["$id"]); $id = str_replace(\' \',\'_\',$id); $tmp["$id"] = trim($val); } $perm["'.$r['name'].'"] = $tmp; } }'); } } $perm = serialize($perm); DB::insert("configs", array('conf_key' => 'site_permission', 'conf_val' => $perm),true); EClassApi::get_config(1); }
function draw() { $this->beginForm(); global $display; $acc_groups = CGlobal::$group; if (!User::is_root()) { unset($acc_groups[9]); } $user_permits = array(); $all_users = array(); $allist_users = array(); $gids = ''; foreach ($acc_groups as $group) { $acc_groups[$group['id']]['users'] = array(); $acc_groups[$group['id']]['pids'] = array(); $acc_groups[$group['id']]['pid_str'] = ''; if (!in_array($group['id'], array(1, 9))) { $gids .= ($gids ? ',' : '') . $group['id']; } } $re = DB::query("SELECT * FROM user_groups"); if ($re) { while ($group = mysql_fetch_assoc($re)) { if (!in_array($group['id'], array(1, 9))) { CGlobal::$group[$group['id']] = $group; $group['users'] = array(); $group['pids'] = array(); $group['pid_str'] = ''; $group['del_link'] = Url::build_current(array('cmd' => 'del_group', 'id' => $group['id'])); $group['edit_link'] = Url::build_current(array('cmd' => 'edit_group', 'id' => $group['id'])); $gids .= ($gids ? ',' : '') . $group['id']; $acc_groups[$group['id']] = $group; } } } EClassApi::get_config(); if (isset(CGlobal::$configs['site_permission'])) { CGlobal::$permit = unserialize(CGlobal::$configs['site_permission']['conf_val']); foreach (CGlobal::$permit as $permit) { if ($permit && is_array($permit)) { foreach ($permit as $pm => $des) { CGlobal::$all_permit[$pm] = $des; } } } } if ($gids) { //$sql = "SELECT pids,ref_id FROM user_permit WHERE ref_id IN(".$gids.") AND type=0";//lấy quyền của nhóm $sql = "SELECT type, ref_id, pids FROM user_permit"; //lấy quyền của nhóm $result = DB::query($sql); if ($result) { while ($row = mysql_fetch_assoc($result)) { if ($row['type'] == 0) { // $acc_groups[$row['ref_id']]['pid_str'].=($acc_groups[$row['ref_id']]['pid_str']?'|':'').$row['pids']; $acc_groups[$row['ref_id']]['pids'] = array(); if ($row['pids']) { $pids = explode('|', $row['pids']); if ($pids) { foreach ($pids as $pid) { if ($pid && isset(CGlobal::$all_permit[$pid])) { $acc_groups[$row['ref_id']]['pids'][$pid] = CGlobal::$all_permit[$pid]; } } } } } else { $user_permits[$row['ref_id']] = $row['pids']; } } } } ############################################################################################################ $sql = 'SELECT id,user_name, full_name, gids FROM account AS a WHERE a.gids != "0" AND a.gids != ""'; $result = DB::query($sql); if ($result) { while ($user = mysql_fetch_assoc($result)) { $user['full_name'] = String::trimSpace($user['full_name']); $all_users[$user['id']] = $user; $user['pid_str'] = isset($user_permits[$user['id']]) ? $user_permits[$user['id']] : ''; $groups = explode('|', $user['gids']); foreach ($groups as $gid) { if (isset($acc_groups[$gid])) { if (!User::is_root() && $gid == 9) { $user['del_enable'] = 0; } else { $user['del_enable'] = 1; } $acc_groups[$gid]['users'][] = $user; } } $pid_str = isset($user_permits[$user['id']]) ? $user_permits[$user['id']] : ''; $pid_arr = explode('|', $pid_str); $user['pids'] = array(); if ($pid_arr) { foreach ($pid_arr as $pid) { if ($pid && isset(CGlobal::$all_permit[$pid])) { $user['pids'][$pid] = CGlobal::$all_permit[$pid]; } } } if ($user['pids']) { $allist_users[$user['id']] = $user; } } } $display->add('acc_groups', $acc_groups); ############################################################################################################ $display->add('all_users', json_encode($all_users)); $display->add('allist_users', $allist_users); $all_groups = CGlobal::$group; if (!User::is_root()) { unset($all_groups[9]); } $display->add('all_groups', json_encode($all_groups)); $display->add('all_permits', json_encode(CGlobal::$permit)); $display->add('is_root', User::is_root()); $display->output('ListAdmin'); $this->endForm(); }
function produc_hot() { if (!User::is_login()) { echo 'no_login'; exit; } if (!User::have_permit(ADMIN_CATEGORY)) { echo 'no_perm'; exit; } $cat_id = EClassApi::getParam('cat_id', '0'); $item_ids = EClassApi::getParam('item_ids'); $vip_item_ids = EClassApi::getParam('vip_item_ids'); if ($item_ids == '' && $vip_item_ids == '') { //$file = DIR_CACHE."html/product_hot/data_".$cat_id.".js"; //if(@file_exists($file)){ // StaticCache::delCache("product_hot/data_".$cat_id,"js"); //} $sql = "update configs set conf_val = '' where conf_key = 'product_hot_" . $cat_id . "'"; $sql_vip = "delete from item_vip where product_hot_cat_id =" . $cat_id; DB::query($sql); DB::query($sql_vip); EClassApi::get_item_vip(0, true); EClassApi::get_config(0, true); exit; } // item thuong $item_array = explode(',', $item_ids); $items = array(); foreach ($item_array as $item) { if ($item) { $items[] = intval($item); } } $id_items_after = ''; $item_ids = join(',', $items); $sql = "delete from configs where conf_key = 'product_hot_" . $cat_id . "'"; DB::query($sql); EClassApi::get_config(0, true); if ($item_ids != '') { $sql = "SELECT id, name, brief, price, currency_id, original_image_url\n\t\t\t\t\t FROM item \n\t\t\t\t\t WHERE status = 1 AND id IN({$item_ids})"; $result = DB::query($sql); $i = 0; while ($item = mysql_fetch_array($result)) { if (isset($item['id'])) { $id_items[$i] = $item['id']; $i++; } } $id_items_after = ''; for ($i = 0; $i < count($item_array); $i++) { for ($j = 0; $j < count($id_items); $j++) { if ($item_array[$i] == $id_items[$j]) { $id_items_after .= $id_items[$j] . ","; } } } if ($id_items_after != '') { $id_items_after = substr($id_items_after, 0, -1); } $sql_check = "SELECT id FROM configs WHERE conf_key = 'product_hot_" . $cat_id . "'"; DB::query($sql_check); $row = DB::fetch_row(); if ($row['id'] != '') { $sql = "UPDATE configs SET conf_val = '" . $id_items_after . "' WHERE conf_key = 'product_hot_" . $cat_id . "'"; DB::query($sql); EClassApi::get_config(0, true); // xoa cache config } else { $sql = "INSERT INTO configs (`conf_key`,`conf_val`) values ('product_hot_" . $cat_id . "','" . $id_items_after . "')"; DB::query($sql); EClassApi::get_config(0, true); // xoa cache config } } //item vip $vip_item_array = explode(',', $vip_item_ids); $vip_items = array(); foreach ($vip_item_array as $vip_item) { if ($vip_item) { $vip_items[] = intval($vip_item); } } $vip_id_items_after = ''; $vip_item_ids = join(',', $vip_items); $sql_vip = "delete from item_vip where product_hot_cat_id =" . $cat_id; DB::query($sql_vip); EClassApi::get_item_vip(0, true); if ($vip_item_ids != '') { $sql = "SELECT id, name, brief, price, currency_id, original_image_url\n\t\t\t\t\t FROM item \n\t\t\t\t\t WHERE status > 0 AND id IN({$vip_item_ids})"; $result = DB::query($sql); while ($item = mysql_fetch_array($result)) { if (isset($item['id'])) { $vip_id_items_after .= $item['id'] . ","; $sql_check = "select count(*) AS total from item_vip where item_id = " . $item['id'] . " And product_hot_cat_id=" . $cat_id; DB::query($sql_check); $row = DB::fetch_row(); if ($row['total'] == 0) { $sql = "insert into item_vip (`item_id`,`product_hot_cat_id`) values (" . $item['id'] . "," . $cat_id . ")"; DB::query($sql); EClassApi::get_item_vip(0, true); } } } if ($vip_id_items_after != '') { $vip_id_items_after = substr($vip_id_items_after, 0, -1); } } $id_items_after .= '|' . $vip_id_items_after; // check file //if(@file_exists(DIR_CACHE."html/product_hot/data_".$cat_id.".js")){ //StaticCache::delCache("product_hot/data_".$cat_id,"js"); //} EBArrCache::del_cache('arrProductHotCache'); echo $id_items_after; exit; }