if (isset($_GET["username"])) {
$username = $_GET["username"];
}
$tbl = new table('admin');
if (isset($_POST["done"])) {
// get field
$field = array('name', 'password');
// get value
$values = array(format($_POST["name"], 0), format(md5($_POST["password"]), 0));
// updateObject($field=array(),$value=array(),$where)
$res = $tbl->updateObject($field, $values, 'per <> 0 and username='******'username=' . format($username, 0));
if ($res) {
$row = mysql_fetch_array($res);
?>
<div id="center-column">
<div class="top-bar">
<h1>Admin</h1>
<div class="breadcrumbs"><a href="#">Content</a> / <a href="#">Sửa</a></div>
</div><br />
<div class="table">
<img src="img/bg-th-left.gif" width="8" height="7" alt="" class="left" />
<img src="img/bg-th-right.gif" width="7" height="7" alt="" class="right" />
<form method="post" enctype="multipart/form-data">
echo $row_cat['name'];
?>
</option>
<?php
}
?>
</select></td>
</tr>
<tr class="bg">
<td class="first"><strong>Danh mục 2</strong></td>
<td colspan="3" class="last"><div id="cat2">
<select name="catid2">
<option value="">---Chọn một---</option>
<?php
$tbl_cat2 = new table('category2');
$res_cat2 = $tbl_cat2->loadOne('catid=' . $row['catid1'] . ' order by ordering');
while ($row_cat2 = mysql_fetch_array($res_cat2)) {
?>
<option value="<?php
echo $row_cat2['id'];
?>
" <?php
if ($row['catid2'] == $row_cat2['id']) {
echo 'selected';
}
?>
><?php
echo $row_cat2['name'];
?>
</option>
<?php
if (!isset($start)) {
$start = 0;
}
$nume = 0;
if (isset($_POST["search"])) {
// loadPaging(&$start,&$nume,$limit=20,$where='',$order='order by id desc');
// formatCompare($str,$pos=0);
$res = $tbl->loadPaging($start, $nume, $limit, 'where proid=' . $_POST["key"], 'order by proid desc');
} else {
// loadPaging(&$start,&$nume,$limit=20,$where='',$order='order by id desc');
$res = $tbl->loadPaging($start, $nume, $limit, '', 'order by proid desc');
}
if ($res) {
while ($row = mysql_fetch_array($res)) {
$tbl_pro = new table('products');
$res_pro = $tbl_pro->loadOne('id=' . $row['proid']);
$row_pro = mysql_fetch_array($res_pro);
$thumb_img = get_thumb('../Images/Products/', $row['image']);
?>
<tr>
<td class="first style1">
<a href="<?php
echo loadPage('editimg&id=' . $row['id']);
?>
"><?php
echo $row['name'];
?>
</a>
</td>
<td><a href="<?php
<a href="<?php
echo loadPage('editbaiviet&id=' . $row['id']);
?>
">
<img src="../<?php
echo $thumb_img;
?>
" height="50" align="absmiddle" />
</a>
</td>
<td>
<span class="first style1">
<?php
if ($row['catid'] != 0) {
$tbl_cat = new table('category_bv');
$res_cat = $tbl_cat->loadOne('id=' . $row['catid']);
$row_cat = mysql_fetch_array($res_cat);
echo $row_cat['name'];
}
?>
</span>
</td>
<td align="center">
<input type="text" value="<?php
echo $row['ordering'];
?>
"
onkeyup="update_order('ajax/ajax_order.php',<?php
echo $row['id'];
?>
,this.value,'baiviet')" class="txt_order"/>
function del_multi_img($root, $dir, $tbl_name, $field_name, $del)
{
foreach ($del as $val) {
//echo $val;
$tbl_ = new table($tbl_name);
$res_ = $tbl_->loadOne('id=' . $val);
$row_ = mysql_fetch_object($res_);
$tmp = explode('(*_^)', $row_->{$field_name});
for ($i = 0; $i < count($tmp); $i++) {
$file1 = $root . $tmp[$i];
if (is_file($file1)) {
unlink($file1);
}
$file2 = $root . get_thumb($dir, $tmp[$i]);
if (is_file($file2)) {
unlink($file2);
}
}
$str = "delete from " . $tbl_name . " where id='{$val}'";
mysql_query($str);
}
}
<?php
include '../../library/loader.php';
echo "\r\n\r\n//var hide_empty_list=true; //uncomment this line to hide empty selection lists\r\n\r\nvar disable_empty_list=true; //uncomment this line to disable empty selection lists\r\n\r\naddListGroup('group', 'car-makers');\r\n\r\naddOption('car-makers', 'Chọn chủng loại rượu', 'null', '', 1); //Empty starter option\r\n\r\n";
$tbl = new table('sections2');
$res = $tbl->loadAll();
if ($res) {
while ($row = mysql_fetch_object($res)) {
echo " addList('car-makers', '{$row->name}', '{$row->id}', '{$row->name}.{$row->id}'); ";
echo " addOption('{$row->name}.{$row->id}', 'Chọn danh mục rượu', 'null', '', 1); ";
// list category
$tblCate = new table('category2');
$resCate = $tblCate->loadOne("sections = {$row->id}");
if ($resCate) {
while ($rowCate = mysql_fetch_object($resCate)) {
echo " addList('{$row->name}.{$row->id}', '{$rowCate->name}', '{$rowCate->id}', '{$rowCate->name}.{$rowCate->id}'); ";
// list subcate
$tblSub = new table('subcate2');
$resSub = $tblSub->loadOne("secid = {$row->id} and catid = {$rowCate->id}");
if ($resSub) {
echo " addOption('{$rowCate->name}.{$rowCate->id}', 'Chọn danh mục con', 'null'); ";
while ($rowSub = mysql_fetch_object($resSub)) {
echo " addOption('{$rowCate->name}.{$rowCate->id}', '{$rowSub->name}', '{$rowSub->id}'); ";
}
}
}
}
}
}
if ($_POST["newpassword"] != $_POST["againpassword"]) {
echo "Again new password wrong!!!";
} else {
// get field
$field = array('name', 'password');
// get value
$values = array(format($_POST["name"], 0), format(md5($_POST["newpassword"]), 0));
// updateObject($field=array(),$value=array(),$where)
$res = $tbl->updateObject($field, $values, 'username='******'location: ' . loadPage(''));
}
}
}
}
$res = $tbl->loadOne('username="******"log"] . '"');
if ($res) {
$row = mysql_fetch_array($res);
?>
<div id="center-column">
<div class="top-bar">
<h1>Change Password</h1>
<div class="breadcrumbs"><a href="#">Content</a> / <a href="#">Sửa</a></div>
</div><br />
<div class="table">
<img src="img/bg-th-left.gif" width="8" height="7" alt="" class="left" />
<img src="img/bg-th-right.gif" width="7" height="7" alt="" class="right" />
<form method="post" enctype="multipart/form-data">
<?php
$tbl = new table('counter');
if ($_POST["done"]) {
$res = $tbl->loadOne('(month(timelogin) < ' . (date('m') - 1) . ' and year(timelogin) =' . date('Y') . ') or year(timelogin) <' . date('Y'));
$num = mysql_num_rows($res);
mysql_query('update setting set visitall=visitall+' . $num . ' where id=1');
mysql_query('delete from counter where (month(timelogin) < ' . (date('m') - 1) . ' and year(timelogin) =' . date('Y') . ') or year(timelogin) <' . date('Y'));
header('location: ' . loadPage('report'));
}
?>
<div id="center-column">
<div class="top-bar">
<h1>Report</h1>
</div><br />
<div class="table">
<img src="img/bg-th-left.gif" width="8" height="7" alt="" class="left" />
<img src="img/bg-th-right.gif" width="7" height="7" alt="" class="right" />
<form method="post">
<table class="listing" cellpadding="0" cellspacing="0">
<tr>
<th>IP</th>
<th>Date</th>
</tr>
<?php
$pagename = $_SERVER["PHP_SELF"] . "?choose=ip";
$limit = 20;
$start = $_GET["start"];
if (!isset($start)) {
$start = 0;
<?php
//var_dump($rowDetails['productid']);
$tbl_price = new table('tabprice');
$res_price = $tbl_price->loadOne('proid=' . $rowDetails['productid']);
$row_price = mysql_fetch_object($res_price);
if ($rowDetails['color'] != 'undefined' && $rowDetails['color'] != 'NULL') {
//var_dump($rowDetails);
$tbl_color = new table('img');
//var_dump($rowDetails);
$res_color = $tbl_color->loadOne('proid=' . $rowDetails['color']);
$row_color = mysql_fetch_object($res_color);
} else {
$row_color = null;
}
$tblPro = new table('products');
$resPro = $tblPro->loadOne('id=' . $rowDetails['productid']);
$rowPro = mysql_fetch_array($resPro);
//var_dump($row_price);
$pricePro = 0;
if ($row_price) {
$pricePro = $row_price->price;
if ($row_price->price_promo != 0) {
$pricePro = $row_price->price_promo;
}
$sum_gia += $rowDetails['quantity'] * $pricePro;
}
echo $rowPro['name'];
?>
</td>
<td>
<?php
<?php
$tbl = new table('account');
$row = null;
$res = $tbl->loadOne('id=1');
$row = mysql_fetch_object($res);
if (isset($_POST["done"])) {
$field = array('name', 'pass');
if (isset($_POST["name"]) && $_POST["name"] != '') {
$name = $_POST["name"];
if (!Validator($name)) {
echo "<script language='javascript'>alert('Địa chỉ email không phù hợp!');</script>";
} else {
if (isset($_POST["pass"]) && $_POST["pass"] != "") {
$pass = $_POST["pass"];
$crypt = encrypt_decrypt('encrypt', $pass);
//var_dump($crypt);
/*$decrypt = encrypt_decrypt('decrypt', $crypt);
var_dump($decrypt);*/
if ($row) {
if ($crypt != $row->pass && $name != $row->name) {
$values = array(format($_POST["name"], 0), format($crypt, 0));
$res = $tbl->updateObject($field, $values, 'id=1');
//var_dump($res);
if ($res) {
echo "Update thành công!!!!";
$res = $tbl->loadOne('id=1');
$row = mysql_fetch_object($res);
}
}
} else {
</option>
<?php
}
}
?>
</select>
</div></td>
</tr>
<tr class="bg">
<td class="first"><strong>Danh mục 3</strong></td>
<td colspan="3" class="last"><div id="cat3">
<select name="catid3">
<option value="">---Chọn một---</option>
<?php
$tbl_cat3 = new table('category3');
$res_cat3 = $tbl_cat3->loadOne('catid1=' . $row['catid1'] . ' and catid2 = ' . $row['catid2'] . ' order by ordering');
while ($row_cat3 = mysql_fetch_array($res_cat3)) {
?>
<option value="<?php
echo $row_cat3['id'];
?>
" <?php
if ($row_cat3['id'] == $row['catid3']) {
echo 'selected';
}
?>
><?php
echo $row_cat3['name'];
?>
</option>
<?php
<?php
$tbl = new table('ketqua');
if ($_POST["done"]) {
// get field
$field = 'id,ms,image,solanchon';
// upload file
// uploadFile($file,$auto=1,$dir='uploads/images/')
$res_kt = $tbl->loadOne('ms="' . $_POST['ms'] . '"');
$num_kt = mysql_num_rows($res_kt);
if ($num_kt == 0) {
$image = uploadFile('image', 0, '../uploads/');
}
$id = $tbl->getLastId() + 1;
$values = format($id, 1);
$values .= format($_POST["ms"], 1);
$values .= format(str_replace('../', '', $image), 1);
$values .= format($_POST["solanchon"], 0);
if ($num_kt == 0) {
// insertObject($field,$value)
if ($num_kt == 0) {
$res = $tbl->insertObject($field, $values);
if ($res) {
echo "OK";
}
}
} else {
echo "Mã số không được trùng";
}
}
?>
<?php
if (!isset($_GET['choose'])) {
include '../../library/loader.php';
}
$catid = $_GET['id'];
$tbl_cat2 = new table('category2');
$res_cat2 = $tbl_cat2->loadOne('catid=' . $catid . ' order by ordering');
?>
<select name="catid2">
<option value="">---Chọn một---</option>
<?php
while ($row_cat2 = mysql_fetch_array($res_cat2)) {
?>
<option value="<?php
echo $row_cat2['id'];
?>
"><?php
echo $row_cat2['name'];
?>
</option>
<?php
}
?>
</select>
<tr>
<td ><?php
echo $stt;
?>
</td>
<td class="first style1"><a href="<?php
echo loadPage('editAdmin&username='******'username']);
?>
"></a><?php
echo $row['mail'];
?>
</td>
<td><span class="first style1"><a href="#">
<?php
$tblPer = new table('permission');
$resPer = $tblPer->loadOne('id=' . $row['per']);
if ($resPer) {
$rowPer = mysql_fetch_array($resPer);
echo $rowPer['name'];
}
?>
</a></span></td>
<td><?php
echo $row['name'];
?>
</td>
<td><?php
echo $row['ngaysinh'];
?>
</td>
<td><?php
<?php
if ($row['catid1'] != '' && $row['catid1'] != 0) {
$tbl_cat1 = new table('category1');
$res_cat1 = $tbl_cat1->loadOne('id=' . $row['catid1']);
if ($res_cat1) {
$row_cat1 = mysql_fetch_array($res_cat1);
echo $row_cat1['name'];
}
}
?>
</td>
<td>
<?php
if ($row['catid2'] != '' && $row['catid2'] != 0) {
$tbl_cat2 = new table('category2');
$res_cat2 = $tbl_cat2->loadOne('id=' . $row['catid2']);
if ($res_cat2) {
$row_cat2 = mysql_fetch_array($res_cat2);
echo $row_cat2['name'];
}
}
?>
</td>
<td align="center"><?php
if ($row['pro_new'] == 1) {
?>
<img src="img/icon_check.gif" /><?php
}
?>
</td>
<td align="center"><?php
<?php
if ($row['catid2'] != '' && $row['catid2'] != 0) {
$tbl_cat2 = new table('category2');
$res_cat2 = $tbl_cat2->loadOne('id=' . $row['catid2']);
if ($res_cat2) {
$row_cat2 = mysql_fetch_array($res_cat2);
echo $row_cat2['name'];
}
}
?>
</td>
<td>
<?php
if ($row['catid3'] != '' && $row['catid3'] != 0) {
$tbl_cat3 = new table('category3');
$res_cat3 = $tbl_cat3->loadOne('id=' . $row['catid3']);
if ($res_cat3) {
$row_cat3 = mysql_fetch_array($res_cat3);
echo $row_cat3['name'];
}
}
?>
</td>
<td>
<a href="index.php?choose=addprice&proid=<?php
echo $row['id'];
?>
"><img src="img/plus.gif" border="0" /></a>
</td>
<td>
<?php
if (isset($_GET['id'])) {
$id = $_GET["id"];
}
$tbl = new table('ketqua');
if ($_POST["done"]) {
// get field
$res_kt = $tbl->loadOne('ms="' . $_POST['ms'] . '"');
$num_kt = mysql_num_rows($res_kt);
if ($_POST['tmpms'] == $_POST['ms']) {
$filea = $_FILES["image"]["name"];
if ($filea == '') {
$image = '../' . $_POST['tmpimage'];
} else {
$image = uploadFile('image', 0, '../uploads/');
}
} else {
if ($num_kt == 0) {
$filea = $_FILES["image"]["name"];
if ($filea == '') {
$image = '../' . $_POST['tmpimage'];
} else {
$image = uploadFile('image', 0, '../uploads/');
}
} else {
echo 'Mã số không được trùng';
}
}
$field = array('ms', 'image', 'solanchon');
// get values
$sql = "select count(*) as thisweek from counter where date(timelogin)>='" . date('Y-m-d', $dow['first']) . "' and date(timelogin)<='" . date('Y-m-d', $dow['last']) . "'";
$result = mysql_query($sql);
$row = mysql_fetch_array($result);
$_SESSION['counter']['thisweek'] = $row['thisweek'];
$thisweek = $row['thisweek'];
//last week
$dow = getCountofWeek(mktime(0, 0, 0, date("m"), date("d") - 7, date("Y")));
$sql = "select count(*) as lastweek from counter where date(timelogin)>='" . date('Y-m-d', $dow['first']) . "' and date(timelogin)<='" . date('Y-m-d', $dow['last']) . "'";
$result = mysql_query($sql);
$row = mysql_fetch_array($result);
$_SESSION['counter']['lastweek'] = $row['lastweek'];
//month
$sql = "select count(*) as thismonth from counter where month(timelogin)=" . date('m') . " and year(timelogin) =" . date('Y');
$result = mysql_query($sql);
$row = mysql_fetch_array($result);
$_SESSION['counter']['thismonth'] = $row['thismonth'];
$thismonth = $row['thismonth'];
//last month
$lastmonth = mktime(0, 0, 0, date("m") - 1, date("d"), date("Y"));
$sql = "select count(*) as lastmonth from counter where month(timelogin)=" . date('m', $lastmonth) . " and year(timelogin) =" . date('Y');
$result = mysql_query($sql);
$row = mysql_fetch_array($result);
$_SESSION['counter']['lastmonth'] = $row['lastmonth'];
$tbl_set = new table('setting');
$res_set = $tbl_set->loadOne('id=1');
$row_set = mysql_fetch_object($res_set);
//echo"
// <div>Online: <span style='color:#b10000'>".($row_set->online+online())."</span></div>
// <div>Total: <span style='color:#b10000'>".($row_set->visitall+$_SESSION['counter']['allcounter'])."</span></div> ";
}
}
// get field
$field = array('name', 'ordering', 'lang');
// get values
// format
// format($str,$isComma=1)
$name = format($_POST["name"], 0);
$ordering = format($_POST["ordering"], 0);
// values
$values = array($name, $ordering, $lang);
// updateObject($field=array(),$value=array(),$where)
$res = $tbl->updateObject($field, $values, 'id=' . $id);
if ($res) {
echo "OK!";
}
}
$res = $tbl->loadOne('id=' . $id);
if ($res) {
$row = mysql_fetch_array($res);
?>
<div id="center-column">
<div class="top-bar">
<h1>category advertise</h1>
<div class="breadcrumbs"><a href="#">Content</a> / <a href="#">Sửa</a></div>
</div><br />
<div class="table">
<img src="../Copy of categoryadvertise/img/bg-th-left.gif" width="8" height="7" alt="" class="left" />
<img src="../Copy of categoryadvertise/img/bg-th-right.gif" width="7" height="7" alt="" class="right" />
<form method="post">
echo $row_cat2['id'];
?>
"><?php
echo $row_cat2['name'];
?>
</option>
<?php
}
?>
</select>
<?php
}
if ($cmd == 'cat3') {
$catid2 = $_GET['id1'];
$tbl_cat3 = new table('category3');
$res_cat3 = $tbl_cat3->loadOne('catid1=' . $catid1 . ' and catid2 = ' . $catid2 . ' order by ordering');
?>
<select name="catid3">
<option value="">---Chọn một---</option>
<?php
while ($row_cat3 = mysql_fetch_array($res_cat3)) {
?>
<option value="<?php
echo $row_cat3['id'];
?>
"><?php
echo $row_cat3['name'];
?>
</option>
<?php
}
