$file_name = change_alias($page_title) . "_" . $id_export_save;
$result = "OK_GETFILE";
$nv_Request->set_Session($module_data . '_id_export', $id_export_save);
$nv_Request->set_Session($module_data . '_export_filename', $export_filename . "@" . $file_name);
}
$objWriter->save(NV_ROOTDIR . "/" . NV_CACHEDIR . "/" . $file_name . "." . $excel_ext);
die($result);
} elseif ($step == 2 and $nv_Request->isset_request($module_data . '_export_filename', 'session')) {
$export_filename = $nv_Request->get_string($module_data . '_export_filename', 'session', '');
$array_filename = explode("@", $export_filename);
$arry_file_zip = array();
foreach ($array_filename as $file_name) {
if (!empty($file_name) and file_exists(NV_ROOTDIR . '/' . NV_CACHEDIR . '/' . $file_name . '.' . $excel_ext)) {
$arry_file_zip[] = NV_ROOTDIR . "/" . NV_CACHEDIR . "/" . $file_name . "." . $excel_ext;
}
}
$file_src = NV_ROOTDIR . '/' . NV_TEMP_DIR . '/' . NV_TEMPNAM_PREFIX . change_alias($lang_module['export']) . '_' . md5(nv_genpass(10) . session_id()) . '.zip';
require_once NV_ROOTDIR . '/includes/class/pclzip.class.php';
$zip = new PclZip($file_src);
$zip->create($arry_file_zip, PCLZIP_OPT_REMOVE_PATH, NV_ROOTDIR . "/" . NV_CACHEDIR);
$filesize = @filesize($file_src);
$nv_Request->unset_request($module_data . '_export_filename', 'session');
foreach ($arry_file_zip as $file) {
nv_deletefile($file);
}
//Download file
require_once NV_ROOTDIR . '/includes/class/download.class.php';
$download = new download($file_src, NV_ROOTDIR . "/" . NV_TEMP_DIR, basename(change_alias($lang_module['export']) . ".zip"));
$download->download_file();
exit;
}
<?php
/**
* @Project NUKEVIET 3.x
* @Author VINADES.,JSC (contact@vinades.vn)
* @Copyright (C) 2012 VINADES.,JSC. All rights reserved
* @Createdate 2-10-2010 18:49
*/
if (!defined('NV_IS_FILE_ADMIN')) {
die('Stop!!!');
}
$title = filter_text_input('title', 'post', '');
$id = $nv_Request->get_int('id', 'post', 0);
$alias = change_alias($title);
list($number) = $db->sql_fetchrow($db->sql_query("SELECT COUNT(*) FROM `" . NV_PREFIXLANG . "_" . $module_data . "` WHERE `id` !=" . $id . " AND `alias` = " . $db->dbescape($alias) . ""));
if (intval($number) > 0) {
$result = $db->sql_query("SHOW TABLE STATUS WHERE `Name`='" . NV_PREFIXLANG . "_" . $module_data . "'");
$item = $db->sql_fetch_assoc($result);
$db->sql_freeresult($result);
if (isset($item['Auto_increment'])) {
$alias = $alias . "-" . $item['Auto_increment'];
} else {
list($weight) = $db->sql_fetchrow($db->sql_query("SELECT COUNT(*) FROM `" . NV_PREFIXLANG . "_" . $module_data . "`"));
$weight = intval($weight) + 1;
$alias = $alias . "-" . $weight;
}
}
include NV_ROOTDIR . "/includes/header.php";
echo $alias;
include NV_ROOTDIR . "/includes/footer.php";
if (!defined('NV_IS_FILE_ADMIN')) {
die('Stop!!!');
}
$page_title = $lang_module['playlists'];
$error = '';
$savecat = 0;
list($playlist_id, $title, $alias, $description, $image, $keywords, $status, $private_mode) = array(0, '', '', '', '', '', 1, 1);
$savecat = $nv_Request->get_int('savecat', 'post', 0);
if (!empty($savecat)) {
$playlist_id = $nv_Request->get_int('playlist_id', 'post', 0);
$title = $nv_Request->get_title('title', 'post', '', 1);
$keywords = $nv_Request->get_title('keywords', 'post', '', 1);
$alias = $nv_Request->get_title('alias', 'post', '');
$description = $nv_Request->get_string('description', 'post', '');
$description = nv_nl2br(nv_htmlspecialchars(strip_tags($description)), '<br/>');
$alias = $alias == '' ? change_alias($title) : change_alias($alias);
$status = $nv_Request->get_int('status', 'post', 0);
$private_mode = $nv_Request->get_int('private_mode', 'post', 0);
$image = $nv_Request->get_string('image', 'post', '');
if (is_file(NV_DOCUMENT_ROOT . $image)) {
$lu = strlen(NV_BASE_SITEURL . NV_UPLOADS_DIR . '/' . $module_upload . '/img/');
$image = substr($image, $lu);
} else {
$image = '';
}
if (empty($title)) {
$error = $lang_module['error_name'];
} elseif ($playlist_id == 0) {
$weight = $db->query("SELECT max(weight) FROM " . NV_PREFIXLANG . "_" . $module_data . "_playlist_cat")->fetchColumn();
$weight = intval($weight) + 1;
$sql = "INSERT INTO " . NV_PREFIXLANG . "_" . $module_data . "_playlist_cat ( numbers, title, alias, status, private_mode, userid, description, image, weight, keywords, add_time, edit_time) VALUES (20, :title , :alias, :status, :private_mode, :userid, :description, :image, :weight, :keywords, " . NV_CURRENTTIME . ", " . NV_CURRENTTIME . ")";
}
$page_title = $lang_module['categories'];
$error = $admins = "";
$savecat = 0;
list($catid, $parentid, $title, $alias, $description, $keywords) = array(0, 0, "", "", "", "");
$savecat = $nv_Request->get_int('savecat', 'post', 0);
if (!empty($savecat)) {
$catid = $nv_Request->get_int('catid', 'post', 0);
list($parentid_old) = $db->sql_fetchrow($db->sql_query("SELECT `parentid` FROM `" . NV_PREFIXLANG . "_" . $module_data . "_cat` WHERE `catid` = '" . $catid . "'"));
$parentid = $nv_Request->get_int('parentid', 'post', 0);
$title = filter_text_input('title', 'post', "", 1, 100);
$catimage = filter_text_input('catimage', 'post');
$keywords = filter_text_input('keywords', 'post');
$alias = filter_text_input('alias', 'post');
$description = filter_text_textarea('description', '', NV_ALLOWED_HTML_TAGS);
$alias = $alias == "" ? change_alias($title) : change_alias($alias);
if ($catid == 0 and !empty($title)) {
$description = nv_nl2br($description, '<br />');
//
list($weight) = $db->sql_fetchrow($db->sql_query("SELECT max(`weight`) FROM `" . NV_PREFIXLANG . "_" . $module_data . "_cat` WHERE `parentid`=" . $db->dbescape($parentid) . ""));
$weight = intval($weight) + 1;
$query = "INSERT INTO `" . NV_PREFIXLANG . "_" . $module_data . "_cat` (`catid`, `parentid`, `title`, `catimage`, `alias`, `description`, `weight`, `inhome`, `numlinks`, `keywords`, `add_time`, `edit_time`) VALUES (NULL, " . $db->dbescape($parentid) . ", " . $db->dbescape($title) . ", " . $db->dbescape($catimage) . " , " . $db->dbescape($alias) . ", " . $db->dbescape($description) . ", " . $db->dbescape($weight) . ", '1', '3', " . $db->dbescape($keywords) . ", UNIX_TIMESTAMP(), UNIX_TIMESTAMP())";
if ($db->sql_query_insert_id($query)) {
nv_insert_logs(NV_LANG_DATA, $module_name, 'log_add_cat', " ", $admin_info['userid']);
$db->sql_freeresult();
nv_del_moduleCache($module_name);
Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=" . $op . "");
die;
} else {
$error = $lang_module['errorsave'];
}
$data['catid'] = $nv_Request->get_int('catid', 'post', 0);
$data['typeprice'] = $nv_Request->get_int('typeprice', 'post', 2);
$data['parentid_old'] = $nv_Request->get_int('parentid_old', 'post', 0);
$data['parentid'] = $nv_Request->get_int('parentid', 'post', 0);
$data['title'] = nv_substr($nv_Request->get_title('title', 'post', '', 1), 0, 255);
$data['title_custom'] = nv_substr($nv_Request->get_title('title_custom', 'post', '', 1), 0, 255);
$data['keywords'] = nv_substr($nv_Request->get_title('keywords', 'post', '', 1), 0, 255);
$data['alias'] = nv_substr($nv_Request->get_title('alias', 'post', '', 1), 0, 255);
$data['description'] = $nv_Request->get_string('description', 'post', '');
$data['description'] = nv_nl2br(nv_htmlspecialchars(strip_tags($data['description'])), '<br />');
$data['descriptionhtml'] = $nv_Request->get_editor('descriptionhtml', '', NV_ALLOWED_HTML_TAGS);
$data['viewdescriptionhtml'] = $nv_Request->get_int('viewdescriptionhtml', 'post', 0);
$data['cat_allow_point'] = $nv_Request->get_int('cat_allow_point', 'post', 0);
$data['cat_number_point'] = $nv_Request->get_int('cat_number_point', 'post', 0);
$data['cat_number_product'] = $nv_Request->get_int('cat_number_product', 'post', 0);
$data['alias'] = $data['alias'] == '' ? change_alias($data['title']) : change_alias($data['alias']);
// Cat mo ta cho chinh xac
if (strlen($data['description']) > 255) {
$data['description'] = nv_clean60($data['description'], 250);
}
$_groups_post = $nv_Request->get_array('groups_view', 'post', array());
$data['groups_view'] = !empty($_groups_post) ? implode(',', nv_groups_post(array_intersect($_groups_post, array_keys($groups_list)))) : '';
if ($data['title'] == '') {
$error = $lang_module['error_cat_name'];
}
$image = $nv_Request->get_string('image', 'post', '');
if (is_file(NV_DOCUMENT_ROOT . $image)) {
$lu = strlen(NV_BASE_SITEURL . NV_UPLOADS_DIR . '/' . $module_upload . '/');
$data['image'] = substr($image, $lu);
} else {
$data['image'] = '';
if ($token != md5($nv_Request->session_id . $global_config['sitekey'])) {
gltJsonResponse(array('code' => 200, 'message' => $lang_module['uploadErrorSess']));
}
// Chi admin moi co quyen upload
if (!defined('NV_IS_MODADMIN')) {
gltJsonResponse(array('code' => 200, 'message' => $lang_module['uploadErrorPermission']));
}
// Tang thoi luong phien lam viec
if ($sys_info['allowed_set_time_limit']) {
set_time_limit(5 * 3600);
}
// Get request value
$folder = $nv_Request->get_title('folder', 'post', '');
$fileName = $nv_Request->get_title('name', 'post', '');
$fileExt = nv_getextension($fileName);
$fileName = change_alias(substr($fileName, 0, -(strlen($fileExt) + 1))) . '.' . $fileExt;
$chunk = $nv_Request->get_int('chunk', 'post', 0);
$chunks = $nv_Request->get_int('chunks', 'post', 0);
if (empty($fileName) or empty($fileExt)) {
gltJsonResponse(array('code' => 200, 'message' => $lang_module['uploadErrorFile']));
}
// Kiem tra file ton tai
$fileName2 = $fileName;
$i = 1;
while (file_exists(NV_ROOTDIR . '/' . NV_TEMP_DIR . '/' . $fileName2)) {
$fileName2 = preg_replace('/(.*)(\\.[a-zA-Z0-9]+)$/', '\\1-' . $i . '\\2', $fileName);
++$i;
}
$fileName = $fileName2;
$filePath = NV_ROOTDIR . '/' . NV_TEMP_DIR . '/' . $fileName;
// Open temp file
die('Stop!!!');
}
$array_site_cat_module = array();
if ($global_config['idsite']) {
$_module = $db->query('SELECT module FROM ' . $db_config['dbsystem'] . '.' . $db_config['prefix'] . '_site_cat t1 INNER JOIN ' . $db_config['dbsystem'] . '.' . $db_config['prefix'] . '_site t2 ON t1.cid=t2.cid WHERE t2.idsite=' . $global_config['idsite'])->fetchColumn();
if (!empty($_module)) {
$array_site_cat_module = explode(',', $_module);
}
}
$title = $note = $modfile = $error = '';
$modules_site = nv_scandir(NV_ROOTDIR . '/modules', $global_config['check_module']);
if ($nv_Request->get_title('checkss', 'post') == NV_CHECK_SESSION) {
$title = $nv_Request->get_title('title', 'post', '', 1);
$modfile = $nv_Request->get_title('module_file', 'post', '', 1);
$note = $nv_Request->get_title('note', 'post', '', 1);
$title = strtolower(change_alias($title));
$modules_admin = nv_scandir(NV_ROOTDIR . '/' . NV_ADMINDIR, $global_config['check_module']);
$error = $lang_module['vmodule_exit'];
if (!empty($title) and !empty($modfile) and !in_array($title, $modules_site) and !in_array($title, $modules_admin) and preg_match($global_config['check_module'], $title) and preg_match($global_config['check_module'], $modfile)) {
$version = '';
$author = '';
$note = nv_nl2br($note, '<br />');
$module_data = preg_replace('/(\\W+)/i', '_', $title);
if (empty($array_site_cat_module) or in_array($modfile, $array_site_cat_module)) {
try {
$sth = $db->prepare('INSERT INTO ' . $db_config['prefix'] . '_setup_extensions (type, title, is_sys, is_virtual, basename, table_prefix, version, addtime, author, note) VALUES ( \'module\', :title, 0, 0, :basename, :table_prefix, :version, ' . NV_CURRENTTIME . ', :author, :note)');
$sth->bindParam(':title', $title, PDO::PARAM_STR);
$sth->bindParam(':basename', $modfile, PDO::PARAM_STR);
$sth->bindParam(':table_prefix', $module_data, PDO::PARAM_STR);
$sth->bindParam(':version', $version, PDO::PARAM_STR);
$sth->bindParam(':author', $author, PDO::PARAM_STR);
/**
* detail_product()
*
* @param mixed $data_content
* @param mixed $data_unit
* @param mixed $data_others
* @param mixed $array_other_view
* @param mixed $content_comment
* @return
*/
function detail_product($data_content, $data_unit, $data_others, $array_other_view, $content_comment, $compare_id, $popup, $idtemplate, $array_keyword)
{
global $module_info, $lang_module, $module_file, $module_name, $module_upload, $pro_config, $global_config, $global_array_group, $array_wishlist_id, $client_info, $global_array_shops_cat, $meta_property, $pro_config, $user_info, $discounts_config, $my_head, $my_footer;
$link = NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=';
$link2 = NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=';
$xtpl = new XTemplate('detail.tpl', NV_ROOTDIR . '/themes/' . $module_info['template'] . '/modules/' . $module_file);
$xtpl->assign('GLANG', $lang_module);
$xtpl->assign('LANG', $lang_module);
$xtpl->assign('MODULE', $module_name);
$xtpl->assign('MODULE_FILE', $module_file);
$xtpl->assign('TEMPLATE', $module_info['template']);
$xtpl->assign('NV_BASE_SITEURL', NV_BASE_SITEURL);
$xtpl->assign('SELFURL', $client_info['selfurl']);
$xtpl->assign('POPUP', $popup);
$xtpl->assign('LINK_LOAD', NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=loadcart');
$xtpl->assign('THEME_URL', NV_BASE_SITEURL . 'themes/' . $module_info['template']);
$xtpl->assign('LINK_PRINT', NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=print_pro&id=' . $data_content['id']);
if (!empty($data_content)) {
$xtpl->assign('proid', $data_content['id']);
$xtpl->assign('CAT_TITLE', $global_array_shops_cat[$data_content['listcatid']]['title']);
$xtpl->assign('SRC_PRO_FULL', $global_config['site_url'] . $data_content['homeimgthumb']);
$xtpl->assign('SRC_PRO', $data_content['homeimgthumb']);
$xtpl->assign('SRC_PRO_LAGE', $data_content['homeimgfile']);
if (!empty($data_content['homeimgfile']) and file_exists(NV_ROOTDIR . $data_content['homeimgfile'])) {
$xtpl->assign('SRC_PRO_LAGE_INFO', nv_is_image(NV_ROOTDIR . $data_content['homeimgfile']));
}
$xtpl->assign('TITLE', $data_content[NV_LANG_DATA . '_title']);
$xtpl->assign('NUM_VIEW', $data_content['hitstotal']);
$xtpl->assign('DATE_UP', $lang_module['detail_dateup'] . ' ' . nv_date('d-m-Y h:i:s A', $data_content['publtime']));
$xtpl->assign('DETAIL', $data_content[NV_LANG_DATA . '_bodytext']);
$xtpl->assign('LINK_ORDER', $link2 . 'setcart&id=' . $data_content['id']);
$price = nv_get_price($data_content['id'], $pro_config['money_unit']);
$xtpl->assign('PRICE', $price);
$xtpl->assign('PRODUCT_CODE', $data_content['product_code']);
$xtpl->assign('PRODUCT_NUMBER', $data_content['product_number']);
$xtpl->assign('pro_unit', $data_unit['title']);
if ($pro_config['active_gift'] and !empty($data_content[NV_LANG_DATA . '_gift_content']) and NV_CURRENTTIME >= $data_content['gift_from'] and NV_CURRENTTIME <= $data_content['gift_to']) {
$xtpl->assign('gift_content', $data_content[NV_LANG_DATA . '_gift_content']);
$xtpl->parse('main.gift');
}
// Hien thi du lieu tuy bien o phan gioi thieu
if (!empty($data_content['array_custom']) and !empty($data_content['array_custom_lang'])) {
$custom_data = nv_custom_tpl('tab-introduce' . '.tpl', $data_content['array_custom'], $data_content['array_custom_lang'], $idtemplate);
$xtpl->assign('CUSTOM_DATA', $custom_data);
$xtpl->parse('main.custom_data');
}
// San pham yeu thich
if ($pro_config['active_wishlist']) {
if (!empty($array_wishlist_id)) {
if (in_array($data_content['id'], $array_wishlist_id)) {
$xtpl->parse('main.wishlist.disabled');
}
}
$xtpl->parse('main.wishlist');
}
$exptime = $data_content['exptime'] != 0 ? date('d-m-Y', $data_content['exptime']) : 'N/A';
$xtpl->assign('exptime', $exptime);
$xtpl->assign('height', $pro_config['homeheight']);
$xtpl->assign('width', $pro_config['homewidth']);
if ($pro_config['active_showhomtext'] == '1') {
$xtpl->assign('hometext', $data_content[NV_LANG_DATA . '_hometext']);
$xtpl->parse('main.hometext');
}
if (!$popup) {
// Hien thi tabs
if (!empty($data_content['tabs'])) {
$i = 0;
foreach ($data_content['tabs'] as $tabs_id => $tabs_value) {
$tabs_content = '';
$tabs_key = $tabs_value['content'];
if ($tabs_key == 'content_detail') {
$tabs_content = $data_content[NV_LANG_DATA . '_bodytext'];
} elseif ($tabs_key == 'content_download' and $pro_config['download_active'] == 1) {
$download_content = nv_download_content($data_content, $tabs_key . '-' . $tabs_id);
$tabs_content = !empty($download_content) ? $download_content : '';
} elseif ($tabs_key == 'content_otherimage') {
$tabs_content = nv_display_othersimage($data_content['otherimage']);
} elseif ($tabs_key == 'content_comments') {
$tabs_content = $content_comment;
} elseif ($tabs_key == 'content_rate') {
if (!empty($data_content['allowed_rating']) and !empty($pro_config['review_active'])) {
$tabs_content = nv_review_content($data_content);
}
} elseif ($tabs_key == 'content_customdata') {
if (!empty($data_content['array_custom']) and !empty($data_content['array_custom_lang'])) {
$tabs_content = nv_custom_tpl('tab-' . strtolower(change_alias($data_content['tabs'][$tabs_id][NV_LANG_DATA . '_title'])) . '.tpl', $data_content['array_custom'], $data_content['array_custom_lang'], $idtemplate);
}
}
if (!empty($tabs_content)) {
$xtpl->assign('TABS_TITLE', $tabs_value[NV_LANG_DATA . '_title']);
$xtpl->assign('TABS_ID', $tabs_id);
$xtpl->assign('TABS_KEY', $tabs_key);
if (!empty($tabs_value['icon'])) {
$xtpl->assign('TABS_ICON', NV_BASE_SITEURL . NV_UPLOADS_DIR . '/' . $module_upload . '/' . $tabs_value['icon']);
$xtpl->parse('main.product_detail.tabs.tabs_title.icon');
} else {
$xtpl->parse('main.product_detail.tabs.tabs_title.icon_default');
}
$xtpl->assign('TABS_CONTENT', $tabs_content);
if ($i == 0) {
$xtpl->parse('main.product_detail.tabs.tabs_title.active');
$xtpl->parse('main.product_detail.tabs.tabs_content.active');
}
$xtpl->parse('main.product_detail.tabs.tabs_title');
$xtpl->parse('main.product_detail.tabs.tabs_content');
}
$i++;
}
$xtpl->parse('main.product_detail.tabs');
}
if (!empty($array_keyword)) {
$t = sizeof($array_keyword) - 1;
foreach ($array_keyword as $i => $value) {
$xtpl->assign('KEYWORD', $value['keyword']);
$xtpl->assign('LINK_KEYWORDS', NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=tag/' . urlencode($value['alias']));
$xtpl->assign('SLASH', $t == $i ? '' : ', ');
$xtpl->parse('main.product_detail.keywords.loop');
}
$xtpl->parse('main.product_detail.keywords');
}
if (!empty($data_others)) {
$hmtl = view_home_all($data_others, $compare_id);
$xtpl->assign('OTHER', $hmtl);
$xtpl->parse('main.product_detail.other');
}
if (!empty($array_other_view)) {
$hmtl = view_home_all($array_other_view, $compare_id);
$xtpl->assign('OTHER_VIEW', $hmtl);
$xtpl->parse('main.product_detail.other_view');
}
if (defined('NV_IS_MODADMIN')) {
$xtpl->assign('ADMINLINK', nv_link_edit_page($data_content['id']) . ' - ' . nv_link_delete_page($data_content['id']));
$xtpl->parse('main.adminlink');
}
if ($data_content['rating_total'] > 0 and $data_content['rating_point'] > 0) {
$xtpl->assign('RATE_TOTAL', $data_content['rating_total']);
$xtpl->assign('RATE_VALUE', $data_content['rating_point']);
$xtpl->parse('main.allowed_rating_snippets');
}
$xtpl->parse('main.product_detail');
$xtpl->parse('main.social_icon');
if (!empty($data_content['homeimgfile'])) {
$xtpl->parse('main.imagemodal');
}
}
if (!empty($pro_config['show_product_code']) and !empty($data_content['product_code'])) {
$xtpl->parse('main.product_code');
}
}
// Nhom san pham
$listgroupid = GetGroupID($data_content['id'], 1);
if (!empty($listgroupid) and !empty($global_array_group)) {
$have_group = 0;
foreach ($listgroupid as $gid => $subid) {
$parent_info = $global_array_group[$gid];
if ($parent_info['in_order']) {
$have_group = 1;
$xtpl->assign('GROUPID', $parent_info['groupid']);
$xtpl->assign('HEADER', $parent_info['title']);
$xtpl->parse('main.group.items.header');
if (!empty($subid)) {
foreach ($subid as $sub_gr_id) {
$sub_info = $global_array_group[$sub_gr_id];
if ($sub_info['in_order']) {
$xtpl->assign('GROUP', $sub_info);
if (sizeof($subid) == 1) {
$xtpl->parse('main.group.items.loop.active');
$xtpl->parse('main.group.items.loop.checked');
}
$xtpl->parse('main.group.items.loop');
}
}
}
$xtpl->parse('main.group.items');
}
}
if ($have_group) {
$xtpl->parse('main.group');
}
}
// Hien thi danh sach nhom san pham
$i = 0;
foreach ($listgroupid as $gid => $subid) {
$parent_info = $global_array_group[$gid];
if ($parent_info['indetail']) {
$xtpl->assign('MAINTITLE', $parent_info['title']);
$xtpl->parse('main.group_detail.loop.maintitle');
if (!empty($subid)) {
foreach ($subid as $sub_gr_id) {
$sub_info = $global_array_group[$sub_gr_id];
if ($sub_info['indetail']) {
$xtpl->assign('SUBTITLE', $sub_info['title']);
$xtpl->parse('main.group_detail.loop.subtitle.loop');
}
}
$xtpl->parse('main.group_detail.loop.subtitle');
}
$i++;
}
if ($i > 0) {
$xtpl->parse('main.group_detail.loop');
}
}
if ($i > 0) {
$xtpl->parse('main.group_detail');
}
if ($global_array_shops_cat[$data_content['listcatid']]['typeprice'] == 2) {
$price_config = unserialize($data_content['price_config']);
if (!empty($price_config) and sizeof($price_config) > 1) {
$before = 1;
foreach ($price_config as $items) {
$items['number_from'] = $before;
$items['price'] = nv_currency_conversion($items['price'], $data_content['money_unit'], $pro_config['money_unit']);
$items['price'] = nv_number_format($items['price'], nv_get_decimals($pro_config['money_unit']));
$xtpl->assign('ITEMS', $items);
$xtpl->parse('main.typepeice.items');
$before = $items['number_to'] + 1;
}
$xtpl->assign('money_unit', $price['unit']);
$xtpl->parse('main.typepeice');
}
}
if ($pro_config['active_price'] == '1') {
if ($data_content['showprice'] == '1') {
if ($data_content['discount_id'] and $price['discount_percent'] > 0) {
$xtpl->parse('main.price.discounts');
} else {
$xtpl->parse('main.price.no_discounts');
}
$xtpl->parse('main.price');
$xtpl->parse('main.price1');
} else {
$xtpl->parse('main.contact');
}
}
if ($pro_config['active_order'] == '1') {
if ($data_content['showprice'] == '1') {
if ($data_content['product_number'] > 0 or $pro_config['active_order_number']) {
if (!$pro_config['active_order_number']) {
$xtpl->parse('main.order_number.product_number');
$xtpl->parse('main.order_number_limit');
$xtpl->parse('main.check_price');
}
$xtpl->parse('main.order_number');
$xtpl->parse('main.order');
} else {
$xtpl->parse('main.product_empty');
}
}
}
if (!empty($data_content['allowed_send'])) {
$xtpl->parse('main.allowed_send');
}
if (!empty($data_content['allowed_print'])) {
$xtpl->parse('main.allowed_print');
$xtpl->parse('main.allowed_print_js');
}
if (!empty($data_content['allowed_save'])) {
$xtpl->parse('main.allowed_save');
}
if (!defined('FACEBOOK_JSSDK')) {
$lang = NV_LANG_DATA == 'vi' ? 'vi_VN' : 'en_US';
$facebookappid = $pro_config['facebookappid'];
$xtpl->assign('FACEBOOK_LANG', $lang);
$xtpl->assign('FACEBOOK_APPID', $facebookappid);
$xtpl->parse('main.facebookjssdk');
if (!empty($facebookappid)) {
$meta_property['fb:app_id'] = $facebookappid;
}
define('FACEBOOK_JSSDK', true);
}
$xtpl->parse('main');
return $xtpl->text('main');
}
<?php
/**
* @Project NUKEVIET 4.x
* @Author VINADES.,JSC (contact@vinades.vn)
* @Copyright (C) 2015 VINADES.,JSC. All rights reserved
* @License GNU/GPL version 2 or any later version
* @Createdate Tue, 02 Jun 2015 07:53:31 GMT
*/
if (!defined('NV_IS_FILE_ADMIN')) {
die('Stop!!!');
}
if ($nv_Request->isset_request('get_alias_title', 'post')) {
$alias = $nv_Request->get_title('get_alias_title', 'post', '');
$alias = change_alias($alias);
die($alias);
}
//change status
if ($nv_Request->isset_request('change_status', 'post, get')) {
$id = $nv_Request->get_int('id', 'post, get', 0);
$content = 'NO_' . $id;
$query = 'SELECT status FROM ' . NV_PREFIXLANG . '_' . $module_data . '_cat WHERE id=' . $id;
$row = $db->query($query)->fetch();
if (isset($row['status'])) {
$status = $row['status'] ? 0 : 1;
$query = 'UPDATE ' . NV_PREFIXLANG . '_' . $module_data . '_cat SET status=' . intval($status) . ' WHERE id=' . $id;
$db->query($query);
$content = 'OK_' . $id;
}
nv_del_moduleCache($module_name);
include NV_ROOTDIR . '/includes/header.php';
}
}
$editor = $nv_Request->get_title('editor', 'post,get', '');
$CKEditorFuncNum = $nv_Request->get_int('CKEditorFuncNum', 'post,get', 0);
if (!preg_match("/^([a-zA-Z0-9\\-\\_]+)\$/", $editor)) {
$editor = '';
}
if (empty($error)) {
if (isset($array_dirname[$path])) {
$did = $array_dirname[$path];
$info = nv_getFileInfo($path, $upload_info['basename']);
$info['userid'] = $admin_info['userid'];
$newalt = $nv_Request->get_title('filealt', 'post', '', true);
if (empty($newalt)) {
$newalt = preg_replace('/(.*)(\\.[a-zA-Z0-9]+)$/', '\\1', $upload_info['basename']);
$newalt = str_replace('-', ' ', change_alias($newalt));
}
$sth = $db->prepare("INSERT INTO " . NV_UPLOAD_GLOBALTABLE . "_file\n\t\t(name, ext, type, filesize, src, srcwidth, srcheight, sizes, userid, mtime, did, title, alt) VALUES\n\t\t('" . $info['name'] . "', '" . $info['ext'] . "', '" . $info['type'] . "', " . $info['filesize'] . ", '" . $info['src'] . "', " . $info['srcwidth'] . ", " . $info['srcheight'] . ", '" . $info['size'] . "', " . $info['userid'] . ", " . $info['mtime'] . ", " . $did . ", '" . $upload_info['basename'] . "', :newalt)");
$sth->bindParam(':newalt', $newalt, PDO::PARAM_STR);
$sth->execute();
}
nv_insert_logs(NV_LANG_DATA, $module_name, $lang_module['upload_file'], $path . '/' . $upload_info['basename'], $admin_info['userid']);
if ($editor == 'ckeditor') {
echo "<script type=\"text/javascript\">window.parent.CKEDITOR.tools.callFunction(" . $CKEditorFuncNum . ", '" . NV_BASE_SITEURL . $path . "/" . $upload_info['basename'] . "', '');</script>";
} else {
echo $upload_info['basename'];
}
} else {
if ($editor == 'ckeditor') {
echo "<script type=\"text/javascript\">window.parent.CKEDITOR.tools.callFunction(" . $CKEditorFuncNum . ", '', '" . $error . "');</script>";
} else {
$array_data = array();
$page = (isset($array_op[0]) and substr($array_op[0], 0, 5) == 'page-') ? intval(substr($array_op[0], 5)) : 1;
$per_page = $array_config['per_page'];
$base_url = NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name;
if ($nv_Request->isset_request('search', 'get')) {
$array_search['keywords'] = $nv_Request->get_title('keywords', 'get', '');
$array_search['blood_group'] = $nv_Request->get_title('blood_group', 'get', '');
$base_url .= '&search=1';
if (!empty($array_search['keywords'])) {
$where .= ' AND first_name like "%' . $array_search['keywords'] . '%" OR last_name like "%' . $array_search['keywords'] . '%" OR email like "%' . $array_search['keywords'] . '%" OR phone like "%' . $array_search['keywords'] . '%" OR identity_card like "%' . $array_search['keywords'] . '%" OR width like "%' . $array_search['keywords'] . '%" OR weight like "%' . $array_search['keywords'] . '%" OR organize like "%' . $array_search['keywords'] . '%"';
$base_url .= '&keywords=' . $array_search['keywords'];
}
if (!empty($array_search['blood_group'])) {
$where .= ' AND blood_group=' . $db->quote($array_search['blood_group']);
$base_url .= '&blood_group=' . $array_search['blood_group'];
}
}
$db->sqlreset()->select('COUNT(*)')->from(NV_PREFIXLANG . '_' . $module_data)->where('1=1' . $where);
$all_page = $db->query($db->sql())->fetchColumn();
$db->select('id, userid, organize, last_name, first_name, birthday, gender, blood_group')->order('id DESC')->limit($per_page)->offset(($page - 1) * $per_page);
$_query = $db->query($db->sql());
while ($row = $_query->fetch()) {
$row['alias'] = change_alias($row['last_name'] . ' ' . $row['first_name']) . '-' . $row['id'];
$row['link'] = NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '/' . $row['alias'];
$array_data[$row['id']] = $row;
}
$generate_page = nv_alias_page($page_title, $base_url, $all_page, $per_page, $page);
$contents = nv_theme_blood_bank_main($array_data, $array_search, $generate_page);
include NV_ROOTDIR . '/includes/header.php';
echo nv_site_theme($contents);
include NV_ROOTDIR . '/includes/footer.php';
$sql = 'SELECT id FROM ' . $table_name . ' WHERE id=' . $id;
$id = $db->query($sql)->fetchColumn();
if (empty($id)) {
die('NO_' . $id);
}
$new_status = $nv_Request->get_bool('new_status', 'post');
$new_status = (int) $new_status;
$sql = 'UPDATE ' . $table_name . ' SET status=' . $new_status . ' WHERE id=' . $id;
$db->query($sql);
nv_del_moduleCache($module_name);
die('OK_' . $pid);
}
if (!empty($savecat)) {
$preg_replace = array('pattern' => '/[^a-zA-Z0-9\\_]/', 'replacement' => '_');
$data['title'] = nv_substr($nv_Request->get_title('title', 'post', ''), 0, 50);
$data['alias'] = strtolower(change_alias($data['title']));
$stmt = $db->query('SELECT * FROM ' . $db_config['prefix'] . '_' . $module_data . '_template where alias=' . $db->quote($data['alias']))->fetchColumn();
if (empty($data['title'])) {
$error = $lang_module['template_error_name'];
} elseif (!empty($stmt)) {
$error = $lang_module['block_error_alias'];
} else {
if ($data['id'] == 0) {
$listfield = "";
$listvalue = "";
$sql = "INSERT INTO " . $table_name . " VALUES (NULL ,1, '" . $data['title'] . "','" . $data['alias'] . "')";
$templaid = $db->insert_id($sql);
if ($templaid != 0) {
$sql = "CREATE TABLE IF NOT EXISTS " . $db_config['prefix'] . "_" . $module_data . "_info_" . $templaid . "(\n\t\t\t shopid mediumint(8) unsigned NOT NULL DEFAULT '0',\n\t\t\t status tinyint(1) NOT NULL DEFAULT '1',\n\t\t\t PRIMARY KEY (shopid)\n\t\t\t) ENGINE=MyISAM ";
$db->query($sql);
nv_del_moduleCache($module_name);
}
$error = "";
if (defined('NV_EDITOR')) {
require_once NV_ROOTDIR . '/' . NV_EDITORSDIR . '/' . NV_EDITOR . '/nv.php';
}
if ($nv_Request->get_int('save', 'post') == '1') {
$title = filter_text_input('title', 'post', '', 1);
$alias = filter_text_input('alias', 'post', '', 1);
$bodytext = nv_editor_filter_textarea('bodytext', '', NV_ALLOWED_HTML_TAGS);
if (empty($title)) {
$error = $lang_module['aabout9'];
} elseif (strip_tags($bodytext) == "") {
$error = $lang_module['aabout10'];
} else {
$bodytext = nv_editor_nl2br($bodytext);
$alias = empty($alias) ? change_alias($title) : change_alias($alias);
if (defined('IS_EDIT')) {
nv_insert_logs(NV_LANG_DATA, $module_name, 'log_edit_about', "aboutid " . $id, $admin_info['userid']);
$query = "UPDATE`" . NV_PREFIXLANG . "_" . $module_data . "` SET \r\n `title`=" . $db->dbescape($title) . ", `alias` = " . $db->dbescape($alias) . ", \r\n `bodytext`=" . $db->dbescape($bodytext) . ", `keywords`='', `edit_time`=" . NV_CURRENTTIME . " WHERE `id` =" . $id;
} else {
list($weight) = $db->sql_fetchrow($db->sql_query("SELECT MAX(`weight`) FROM `" . NV_PREFIXLANG . "_" . $module_data . "`"));
$weight = intval($weight) + 1;
$query = "INSERT INTO `" . NV_PREFIXLANG . "_" . $module_data . "` VALUES (\r\n NULL, " . $db->dbescape($title) . ", " . $db->dbescape($alias) . ", " . $db->dbescape($bodytext) . ", '', \r\n " . $weight . ", " . $admin_info['admin_id'] . ", " . NV_CURRENTTIME . ", " . NV_CURRENTTIME . ", 1);";
nv_insert_logs(NV_LANG_DATA, $module_name, 'log_add_about', " ", $admin_info['userid']);
}
$db->sql_query($query);
nv_del_moduleCache($module_name);
Header("Location: " . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=main");
die;
}
} else {
$array_fiter = array('create table if not exists', 'create table', '(', '`');
$table = str_replace($array_fiter, '', $table);
$table = preg_replace('/(\\W+)/i', '_', trim($table));
$table = preg_replace("/^" . nv_preg_quote(NV_PREFIXLANG . '_' . $data_system['module_data'] . '_') . "(.*)\$/", "\\1", $table);
$table = preg_replace("/^" . nv_preg_quote(NV_PREFIXLANG . '_' . $data_system['module_data']) . "(.*)\$/", "\\1", $table);
$table = preg_replace("/^" . nv_preg_quote($db_config['prefix'] . '_' . $data_system['module_data'] . '_') . "(.*)\$/", "\\1", $table);
$table = preg_replace("/^" . nv_preg_quote($db_config['prefix'] . '_' . $data_system['module_data']) . "(.*)\$/", "\\1", $table);
$table = preg_replace("/^" . nv_preg_quote(NV_PREFIXLANG . '_') . "(.*)\$/", "\\1", $table);
$table = preg_replace("/^" . nv_preg_quote($db_config['prefix'] . '_') . "(.*)\$/", "\\1", $table);
}
$data_sql[] = array('table' => $table, 'sql' => $sql);
} elseif (strlen($sql) > 10) {
$table = $tablename[$key];
if (!empty($table)) {
$table = str_replace("_", "-", $table);
$table = change_alias($table);
$table = str_replace("-", "_", $table);
}
$data_sql[] = array('table' => $table, 'sql' => $sql);
}
}
}
if (!empty($data_system['module_name'])) {
if ($nv_Request->get_string('download', 'post', 0)) {
$tempdir = 'nv4_module_' . $data_system['module_name'] . '_' . md5(nv_genpass(10) . session_id());
if (is_dir(NV_ROOTDIR . "/" . NV_TEMP_DIR . "/" . $tempdir)) {
nv_deletefile(NV_ROOTDIR . "/" . NV_TEMP_DIR . "/" . $tempdir, true);
}
nv_mkdir_nvtools(NV_ROOTDIR . "/" . NV_TEMP_DIR, $tempdir);
nv_mkdir_nvtools(NV_ROOTDIR . "/" . NV_TEMP_DIR . "/" . $tempdir, "modules");
nv_mkdir_nvtools(NV_ROOTDIR . "/" . NV_TEMP_DIR . "/" . $tempdir . "/modules", $data_system['module_name'], 1);
$row['imagealt'] = $nv_Request->get_title('imagealt', 'post', '', 1);
$row['imageposition'] = $nv_Request->get_int('imageposition', 'post', 0);
$row['description'] = $nv_Request->get_textarea('description', '', 'br', 1);
$row['bodytext'] = $nv_Request->get_editor('bodytext', '', NV_ALLOWED_HTML_TAGS);
$row['keywords'] = nv_strtolower($nv_Request->get_title('keywords', 'post', '', 0));
$row['socialbutton'] = $nv_Request->get_int('socialbutton', 'post', 0);
$row['layout_func'] = $nv_Request->get_title('layout_func', 'post', '');
$row['gid'] = $nv_Request->get_int('gid', 'post', 0);
$_groups_post = $nv_Request->get_array('activecomm', 'post', array());
$row['activecomm'] = !empty($_groups_post) ? implode(',', nv_groups_post(array_intersect($_groups_post, array_keys($groups_list)))) : '';
if (empty($row['title'])) {
$error = $lang_module['empty_title'];
} elseif (strip_tags($row['bodytext']) == '') {
$error = $lang_module['empty_bodytext'];
} elseif (empty($row['layout_func']) or in_array('layout.' . $row['layout_func'] . '.tpl', $layout_array)) {
$row['alias'] = empty($row['alias']) ? change_alias($row['title']) : change_alias($row['alias']);
if (empty($row['keywords'])) {
$row['keywords'] = nv_get_keywords($row['title']);
if (empty($row['keywords'])) {
$row['keywords'] = nv_unhtmlspecialchars($row['keywords']);
$row['keywords'] = strip_punctuation($row['keywords']);
$row['keywords'] = trim($row['keywords']);
$row['keywords'] = nv_strtolower($row['keywords']);
$row['keywords'] = preg_replace('/[ ]+/', ',', $row['keywords']);
}
}
if ($id) {
$_sql = 'UPDATE ' . NV_PREFIXLANG . '_' . $module_data . ' SET title = :title, alias = :alias, image = :image, imagealt = :imagealt, imageposition = :imageposition, description = :description, bodytext = :bodytext, keywords = :keywords, socialbutton = :socialbutton, activecomm = :activecomm, layout_func = :layout_func, gid = :gid, admin_id = :admin_id, edit_time = ' . NV_CURRENTTIME . ' WHERE id =' . $id;
$publtime = $row['add_time'];
} else {
if ($page_config['news_first']) {
$row['provinceid'] = $nv_Request->get_int('provinceid', 'post,get', 0);
$row['countryid'] = $nv_Request->get_int('countryid', 'post,get', 0);
$sql = 'SELECT * FROM ' . $db_config['prefix'] . '_' . $module_data . '_country WHERE status=1';
$array_country = $nv_Cache->db($sql, 'countryid', $module_name);
if (!isset($array_country[$row['countryid']])) {
Header('Location: ' . NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=country');
die;
}
if ($nv_Request->isset_request('submit', 'post')) {
$row['countryid'] = $nv_Request->get_int('countryid', 'post,get', 0);
$row['title'] = $nv_Request->get_title('title', 'post', '');
$row['code'] = $nv_Request->get_title('code', 'post,get', '');
$row['type'] = $nv_Request->get_title('type', 'post', '');
$row['alias'] = $nv_Request->get_title('alias', 'post', '', 1);
if (empty($row['alias'])) {
$row['alias'] = change_alias($row['title']);
$stmt = $db->prepare('SELECT COUNT(*) FROM ' . $db_config['prefix'] . '_' . $module_data . '_province WHERE provinceid != :provinceid AND alias = :alias');
$stmt->bindParam(':provinceid', $row['provinceid'], PDO::PARAM_STR);
$stmt->bindParam(':alias', $row['alias'], PDO::PARAM_STR);
$stmt->execute();
if ($stmt->fetchColumn()) {
$weight = $db->query('SELECT MAX(weight) FROM ' . $db_config['prefix'] . '_' . $module_data . '_province WHERE countryid=' . $row['countryid'])->fetchColumn();
$weight = intval($weight) + 1;
$row['alias'] = $row['alias'] . '-' . $weight;
}
}
if (empty($row['title'])) {
$error[] = $lang_module['error_required_title'];
} elseif (empty($row['countryid'])) {
$error[] = $lang_module['error_required_province_countryid'];
}
}
if (!empty($obt_level)) {
foreach ($obt_level as $admid) {
$admins[$admid]['view_level'] = 1;
if (!isset($admins[$admid]['reply_level'])) {
$admins[$admid]['reply_level'] = 0;
}
$admins[$admid]['obt_level'] = 1;
}
}
if (empty($full_name)) {
$error = $lang_module['err_part_row_title'];
} elseif (empty($alias)) {
$error = $lang_module['error_alias'];
} else {
$alias = empty($alias) ? change_alias($full_name) : change_alias($alias);
$admins_list = array();
foreach ($adms as $admid => $values) {
if ($values['level'] === 1) {
$obt_level = isset($admins[$admid]) ? $admins[$admid]['obt_level'] : 0;
$admins_list[] = $admid . '/1/1/' . $obt_level;
} else {
if (isset($admins[$admid])) {
$admins_list[] = $admid . '/' . $admins[$admid]['view_level'] . '/' . $admins[$admid]['reply_level'] . '/' . $admins[$admid]['obt_level'];
}
}
}
$admins_list = implode(';', $admins_list);
if ($id) {
$sql = 'UPDATE ' . NV_PREFIXLANG . '_' . $module_data . '_department SET full_name=:full_name, alias=:alias, phone = :phone, fax=:fax, email=:email, yahoo=:yahoo, skype=:skype, note=:note, admins=:admins WHERE id =' . $id;
$name_key = 'log_edit_row';
$page_title = $lang_module['addcat_titlebox'];
$form_action = NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=' . $op . '&pid=' . $pid;
$array['parentid'] = $pid;
$array['title'] = '';
$array['alias'] = '';
$array['description'] = '';
$array['groups_view'] = $array['groups_onlineview'] = $array['groups_download'] = '6';
}
$error = '';
$groups_list = nv_groups_list();
if ($nv_Request->isset_request('submit', 'post')) {
$array['parentid'] = $nv_Request->get_int('parentid', 'post', 0);
$array['title'] = $nv_Request->get_title('title', 'post', '', 1);
$array['description'] = $nv_Request->get_title('description', 'post', '', 1);
$array['alias'] = $nv_Request->get_title('alias', 'post', '');
$array['alias'] = $array['alias'] == '' ? change_alias($array['title']) : change_alias($array['alias']);
if (empty($array['title'])) {
$error = $lang_module['error_cat2'];
} else {
if (!empty($array['parentid'])) {
$sql = 'SELECT COUNT(*) AS count FROM ' . NV_MOD_TABLE . '_categories WHERE id=' . $array['parentid'];
$count = $db->query($sql)->fetchColumn();
if (!$count) {
$error = $lang_module['error_cat3'];
}
}
if (empty($error)) {
$stmt = $db->prepare('SELECT COUNT(*) FROM ' . NV_MOD_TABLE . '_categories WHERE alias= :alias' . (!empty($catid) ? ' AND id!=' . $catid : ''));
$stmt->bindParam(':alias', $array['alias'], PDO::PARAM_STR);
$stmt->execute();
$count = $stmt->fetchColumn();
if (empty($user_info['userid'])) {
$user_info['userid'] = 0;
}
$data = array("id" => 0, "catid" => $catid, "title" => "", "hometext" => "", "bodytext" => "", "keywords" => "", "filepath" => "", "otherpath" => "", "roomid" => $roomid, "fieldid" => $fieldid, "addtime" => NV_CURRENTTIME, "edittime" => NV_CURRENTTIME, "down" => 0, "view" => 0, "userid" => $user_info['userid'], "status" => $data_config['status'], "type" => 0, "sign" => "", "signtime" => NV_CURRENTTIME, "organid" => $organid);
/**
* begin: post data
*/
if ($nv_Request->get_int('save', 'post') == 1) {
$data['catid'] = $nv_Request->get_int('catid', 'post', 0);
$data['roomid'] = $nv_Request->get_int('roomid', 'post', 0);
$data['fieldid'] = $nv_Request->get_int('fieldid', 'post', 0);
$data['type'] = $nv_Request->get_int('type', 'post', 0);
$data['title'] = $nv_Request->get_string('title', 'post', '', 0);
$data['keywords'] = $nv_Request->get_string('keywords', 'post', '', 1);
$alias = $nv_Request->get_string('alias', 'post', '');
$data['alias'] = $alias == "" ? change_alias($data['title']) : change_alias($alias);
$hometext = $nv_Request->get_string('hometext', 'post', '');
$data['hometext'] = nv_nl2br(nv_htmlspecialchars(strip_tags($hometext)), '<br />');
$data['otherpath'] = $nv_Request->get_string('otherpath', 'post', '');
$bodytext = $nv_Request->get_string('bodytext', 'post', '');
$data['bodytext'] = defined('NV_EDITOR') ? nv_nl2br($bodytext, '') : nv_nl2br(nv_htmlspecialchars(strip_tags($bodytext)), '<br />');
$data['sign'] = $nv_Request->get_string('sign', 'post', '');
$signtime = $nv_Request->get_string('signtime', 'post', 0);
$data['organid'] = $nv_Request->get_int('organid', 'post', 0);
if (!empty($signtime) and !preg_match("/^([0-9]{1,2})\\/([0-9]{1,2})\\/([0-9]{4})\$/", $signtime)) {
$signtime = "";
}
if (empty($signtime)) {
$data['signtime'] = 0;
} else {
$phour = date('H');
$array_topic_module = array();
$array_topic_module[0] = $lang_module['topic_sl'];
while (list($topicid_i, $title_i) = $result->fetch(3)) {
$array_topic_module[$topicid_i] = $title_i;
}
$error = '';
if ($nv_Request->isset_request('contentid', 'post')) {
$rowcontent['id'] = $contentid;
$fcode = $nv_Request->get_title('fcode', 'post', '');
$catids = array_unique($nv_Request->get_typed_array('catids', 'post', 'int', array()));
$rowcontent['listcatid'] = implode(',', $catids);
$rowcontent['topicid'] = $nv_Request->get_int('topicid', 'post', 0);
$rowcontent['author'] = $nv_Request->get_title('author', 'post', '', 1);
$rowcontent['title'] = $nv_Request->get_title('title', 'post', '', 1);
$alias = $nv_Request->get_title('alias', 'post', '');
$rowcontent['alias'] = $alias == '' ? change_alias($rowcontent['title']) : change_alias($alias);
$rowcontent['hometext'] = $nv_Request->get_title('hometext', 'post', '');
$rowcontent['homeimgfile'] = $nv_Request->get_title('homeimgfile', 'post', '');
$rowcontent['homeimgalt'] = $nv_Request->get_title('homeimgalt', 'post', '', 1);
$rowcontent['imgposition'] = $nv_Request->get_int('imgposition', 'post', 0);
$rowcontent['sourcetext'] = $nv_Request->get_title('sourcetext', 'post', '');
// Xu ly anh minh hoa
$rowcontent['homeimgthumb'] = 0;
if (!nv_is_url($rowcontent['homeimgfile']) and nv_is_file($rowcontent['homeimgfile'], NV_UPLOADS_DIR . '/' . $module_upload)) {
$lu = strlen(NV_BASE_SITEURL . NV_UPLOADS_DIR . '/' . $module_upload . '/');
$rowcontent['homeimgfile'] = substr($rowcontent['homeimgfile'], $lu);
if (is_file(NV_ROOTDIR . '/' . NV_FILES_DIR . '/' . $module_upload . '/' . $rowcontent['homeimgfile'])) {
$rowcontent['homeimgthumb'] = 1;
} else {
$rowcontent['homeimgthumb'] = 2;
}
}
}
$db->sqlreset()->select('COUNT(*)')->from(NV_USERS_GLOBALTABLE)->where('active=1');
$num_items = $db->query($db->sql())->fetchColumn();
$db->select('userid, username, md5username, first_name, last_name, photo, gender, regdate')->order($orderby . ' ' . $sortby)->limit($per_page)->offset(($page - 1) * $per_page);
$result = $db->query($db->sql());
$users_array = array();
while ($item = $result->fetch()) {
$item['full_name'] = nv_show_name_user($item['first_name'], $item['last_name']);
if (!empty($item['photo']) and file_exists(NV_ROOTDIR . '/' . $item['photo'])) {
$item['photo'] = NV_BASE_SITEURL . $item['photo'];
} else {
$item['photo'] = NV_BASE_SITEURL . 'themes/' . $module_info['template'] . '/images/' . $module_file . '/no_avatar.png';
}
$item['regdate'] = nv_date('d/m/Y', $item['regdate']);
$item['link'] = NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=memberlist/' . change_alias($item['username']) . '-' . $item['md5username'];
$item['gender'] = $item['gender'] == 'M' ? $lang_module['male'] : ($item['gender'] == 'F' ? $lang_module['female'] : $lang_module['na']);
$users_array[$item['userid']] = $item;
}
$result->closeCursor();
// Khong cho dat trang tuy tien
if (empty($users_array) and $page > 0) {
Header('Location: ' . nv_url_rewrite(NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name, true));
exit;
}
// Them vao tieu de trang
if (!empty($orderby)) {
$page_title .= ' ' . sprintf($lang_module['listusers_sort_by'], $lang_module['listusers_sort_by_' . $orderby], $lang_module['listusers_order_' . $sortby]);
}
// Tieu de khi phan trang
if ($page > 1) {
/**
* set_reg_attribs()
*
* @param mixed $attribs
* @return
*/
function set_reg_attribs($attribs)
{
global $crypt, $db, $db_config, $global_config, $module_upload;
$reg_attribs = array();
$reg_attribs['server'] = $attribs['server'];
$reg_attribs['username'] = '';
$reg_attribs['email'] = $attribs['contact/email'];
$reg_attribs['first_name'] = '';
$reg_attribs['last_name'] = '';
$reg_attribs['gender'] = '';
$reg_attribs['yim'] = '';
$reg_attribs['photo'] = '';
$reg_attribs['openid'] = $attribs['id'];
$reg_attribs['opid'] = $crypt->hash($attribs['id']);
$username = explode('@', $attribs['contact/email']);
$username = array_shift($username);
if ($attribs['server'] == 'yahoo') {
$reg_attribs['yim'] = $username;
}
$username = str_pad($username, NV_UNICKMIN, '0', STR_PAD_RIGHT);
$username = substr($username, 0, NV_UNICKMAX - 2);
$username2 = $username;
for ($i = 0; $i < 100; ++$i) {
if ($i > 0) {
$username2 = $username . str_pad($i, 2, '0', STR_PAD_LEFT);
}
$query = "SELECT userid FROM " . NV_USERS_GLOBALTABLE . " WHERE md5username='******'";
$userid = $db->query($query)->fetchColumn();
if (!$userid) {
$query = "SELECT userid FROM " . NV_USERS_GLOBALTABLE . "_reg WHERE md5username='******'";
$userid = $db->query($query)->fetchColumn();
if (!$userid) {
$reg_attribs['username'] = $username2;
break;
}
}
}
if (isset($attribs['namePerson/first']) and !empty($attribs['namePerson/first'])) {
$reg_attribs['first_name'] = $attribs['namePerson/first'];
} elseif (isset($attribs['namePerson/friendly']) and !empty($attribs['namePerson/friendly'])) {
$reg_attribs['first_name'] = $attribs['namePerson/friendly'];
} elseif (isset($attribs['namePerson']) and !empty($attribs['namePerson'])) {
$reg_attribs['first_name'] = $attribs['namePerson'];
}
if (isset($attribs['namePerson/last']) and !empty($attribs['namePerson/last'])) {
$reg_attribs['last_name'] = $attribs['namePerson/last'];
}
if (isset($attribs['person/gender']) and !empty($attribs['person/gender'])) {
$reg_attribs['gender'] = $attribs['person/gender'];
}
if ($global_config['allowuserreg'] == 1 or $global_config['allowuserreg'] == 2) {
if (!empty($attribs['picture_url']) and empty($attribs['picture_mode'])) {
$upload = new NukeViet\Files\Upload(array('images'), $global_config['forbid_extensions'], $global_config['forbid_mimes'], NV_UPLOAD_MAX_FILESIZE, NV_MAX_WIDTH, NV_MAX_HEIGHT);
$upload_info = $upload->save_urlfile($attribs['picture_url'], NV_UPLOADS_REAL_DIR . '/' . $module_upload, false);
if (empty($upload_info['error'])) {
$basename = change_alias($reg_attribs['username']) . '.' . nv_getextension($upload_info['basename']);
$newname = $basename;
$fullname = $upload_info['name'];
$i = 1;
while (file_exists(NV_UPLOADS_REAL_DIR . '/' . $module_upload . '/' . $newname)) {
$newname = preg_replace('/(.*)(\\.[a-zA-Z0-9]+)$/', '\\1_' . $i . '\\2', $basename);
++$i;
}
$check = nv_renamefile($fullname, NV_UPLOADS_REAL_DIR . '/' . $module_upload . '/' . $newname);
if ($check[0] == 1) {
$reg_attribs['photo'] = NV_UPLOADS_DIR . '/' . $module_upload . '/' . $newname;
}
}
}
}
return $reg_attribs;
}
$sth2->bindParam(':theme', $selectthemes, PDO::PARAM_STR);
$sth2->execute();
}
}
}
$sth = $db->prepare('UPDATE ' . NV_MODULES_TABLE . ' SET custom_title=:custom_title, admin_title=:admin_title, theme= :theme, mobile= :mobile, description= :description, keywords= :keywords, groups_view= :groups_view, act=' . $act . ', rss=' . $rss . ' WHERE title= :title');
$sth->bindParam(':custom_title', $custom_title, PDO::PARAM_STR);
$sth->bindParam(':admin_title', $admin_title, PDO::PARAM_STR);
$sth->bindParam(':theme', $theme, PDO::PARAM_STR);
$sth->bindParam(':mobile', $mobile, PDO::PARAM_STR);
$sth->bindParam(':description', $description, PDO::PARAM_STR);
$sth->bindParam(':keywords', $keywords, PDO::PARAM_STR);
$sth->bindParam(':groups_view', $groups_view, PDO::PARAM_STR);
$sth->bindParam(':title', $mod, PDO::PARAM_STR);
$sth->execute();
$mod_name = change_alias($nv_Request->get_title('mod_name', 'post'));
if ($mod_name != $mod and preg_match($global_config['check_module'], $mod_name)) {
$module_version = array();
$version_file = NV_ROOTDIR . '/modules/' . $row['module_file'] . '/version.php';
if (file_exists($version_file)) {
include $version_file;
if (isset($module_version['virtual']) and $module_version['virtual']) {
$sth = $db->prepare('UPDATE ' . NV_MODULES_TABLE . ' SET title= :mod_name WHERE title= :mod_old');
$sth->bindParam(':mod_name', $mod_name, PDO::PARAM_STR);
$sth->bindParam(':mod_old', $mod, PDO::PARAM_STR);
if ($sth->execute()) {
// Change module name
$sth = $db->prepare('UPDATE ' . NV_MODFUNCS_TABLE . ' SET in_module= :mod_name WHERE in_module= :mod_old');
$sth->bindParam(':mod_name', $mod_name, PDO::PARAM_STR);
$sth->bindParam(':mod_old', $mod, PDO::PARAM_STR);
$sth->execute();
$catdata['meta_title'] = filter_text_input('meta_title', 'post', '', 1);
$catdata['meta_keywords'] = filter_text_input('meta_keywords', 'post', '', 1);
$catdata['tags_cloud'] = $catdata['meta_keywords'];
$catdata['meta_description'] = filter_text_input('meta_description', 'post', '', 1);
$catdata['who_view'] = $nv_Request->get_int('who_view', 'post', 0);
$groups_view = "";
if (!nv_is_url($catdata['image']) and file_exists(NV_DOCUMENT_ROOT . $catdata['image'])) {
$lu = strlen(NV_BASE_SITEURL . NV_UPLOADS_DIR . "/" . $module_name . "/");
$catdata['image'] = substr($catdata['image'], $lu);
}
$groups = $nv_Request->get_typed_array('groups_view', 'post', 'int', array());
$groups = array_intersect($groups, array_keys($groups_list));
$catdata['groups_view'] = implode(",", $groups);
$oldAdminArray = filter_text_input('old_admins', 'post', '', 1);
if (empty($catdata['alias'])) {
$catdata['alias'] = change_alias($catdata['title']);
}
$newAdminArray = array_unique($nv_Request->get_typed_array('adminids', 'post', 'int', array()));
$old_parentid = $nv_Request->get_int('old_parentid', 'post', 0);
$catdata['adminids'] = implode(',', $newAdminArray);
if (empty($catdata['title'])) {
$np->error[] = "- Chưa có tiêu đề";
}
if ($catdata['catid'] > 0) {
$np->CheckAdminAccess('listcatid', $catdata['catid']);
$np->updateItem('category', $catdata, 'catid');
//np_create_CatDataTable( $catdata['catid'] );
if ($db->sql_affectedrows() > 0) {
$np->setAdminRoll($newAdminArray, $oldAdminArray, 'admins', 'listcatid', 'userid', $catdata['catid']);
$db->sql_freeresult();
if ($catdata['parentid'] != $old_parentid) {
$db->query('DELETE FROM ' . NV_PREFIXLANG . '_' . $module_data . '_playlist WHERE id = ' . $rowcontent['id'] . ' AND playlist_id = ' . $playlist_id_i);
$array_playlist_fix[] = $playlist_id_i;
}
$array_playlist_fix = array_unique($array_playlist_fix);
foreach ($array_playlist_fix as $playlist_id_i) {
nv_news_fix_playlist($playlist_id_i, false);
}
if ($rowcontent['keywords'] != $rowcontent['keywords_old']) {
$keywords = explode(',', $rowcontent['keywords']);
$keywords = array_map('strip_punctuation', $keywords);
$keywords = array_map('trim', $keywords);
$keywords = array_diff($keywords, array(''));
$keywords = array_unique($keywords);
foreach ($keywords as $keyword) {
if (!in_array($keyword, $array_keywords_old)) {
$alias_i = $module_config[$module_name]['tags_alias'] ? change_alias($keyword) : str_replace(' ', '-', $keyword);
$alias_i = nv_strtolower($alias_i);
$sth = $db->prepare('SELECT tid, alias, description, keywords FROM ' . NV_PREFIXLANG . '_' . $module_data . '_tags where alias= :alias OR FIND_IN_SET(:keyword, keywords)>0');
$sth->bindParam(':alias', $alias_i, PDO::PARAM_STR);
$sth->bindParam(':keyword', $keyword, PDO::PARAM_STR);
$sth->execute();
list($tid, $alias, $keywords_i) = $sth->fetch(3);
if (empty($tid)) {
$array_insert = array();
$array_insert['alias'] = $alias_i;
$array_insert['keyword'] = $keyword;
$tid = $db->insert_id("INSERT INTO " . NV_PREFIXLANG . "_" . $module_data . "_tags (numnews, alias, description, image, keywords) VALUES (1, :alias, '', '', :keyword)", "tid", $array_insert);
} else {
if ($alias != $alias_i) {
if (!empty($keywords_i)) {
$keyword_arr = explode(',', $keywords_i);
$is_error = true;
$error = $lang_module['file_error_title'];
} elseif ($is_exists) {
$is_error = true;
$error = $lang_module['file_title_exists'];
} elseif (!empty($array['author_email']) and ($check_valid_email = nv_check_valid_email($array['author_email'])) != '') {
$is_error = true;
$error = $check_valid_email;
} elseif (!empty($array['author_url']) and !nv_is_url($array['author_url'])) {
$is_error = true;
$error = $lang_module['file_error_author_url'];
} elseif (empty($array['fileupload']) and empty($array['linkdirect']) and empty($array['fileupload2'])) {
$is_error = true;
$error = $lang_module['file_error_fileupload'];
} else {
$alias = change_alias($array['title']);
$array['introtext'] = nv_nl2br($array['introtext'], '<br />');
if ($row['user_id']) {
$array['user_name'] = $row['user_name'];
}
if (!empty($array['fileupload2'])) {
$array['fileupload'] = $array['fileupload2'];
} elseif (!empty($array['fileupload'])) {
$fileupload = $array['fileupload'];
$array['fileupload'] = array();
foreach ($fileupload as $file) {
$file = NV_UPLOADS_DIR . $file;
$newfile = basename($file);
if (preg_match('/(.*)(\\.[a-zA-Z0-9]{32})(\\.[a-zA-Z]+)$/', $newfile, $m)) {
$newfile = $m[1] . $m[3];
}
<?php
/**
* @Project PHOTOS 4.x
* @Author KENNY NGUYEN (nguyentiendat713@gmail.com)
* @Copyright (C) 2015 tradacongnghe.com. All rights reserved
* @Based on NukeViet CMS
* @License GNU/GPL version 2 or any later version
* @Createdate Fri, 18 Sep 2015 11:52:59 GMT
*/
if (!defined('NV_IS_FILE_ADMIN')) {
die('Stop!!!');
}
$name = $nv_Request->get_title('name', 'post', '');
$alias = strtolower(change_alias($name));
$id = $nv_Request->get_int('id', 'post', 0);
$mod = $nv_Request->get_string('mod', 'post', '');
if ($mod == 'category') {
$tab = TABLE_PHOTO_NAME . '_category';
$stmt = $db->prepare('SELECT COUNT(*) FROM ' . $tab . ' WHERE category_id!=' . $id . ' AND alias= :alias');
$stmt->bindParam(':alias', $alias, PDO::PARAM_STR);
$stmt->execute();
$nb = $stmt->fetchColumn();
if (!empty($nb)) {
$nb = $db->query('SELECT MAX(category_id) FROM ' . $tab)->fetchColumn();
$alias .= '-' . (intval($nb) + 1);
}
} elseif ($mod == 'album') {
$tab = TABLE_PHOTO_NAME . '_album';
$stmt = $db->prepare('SELECT COUNT(*) FROM ' . $tab . ' WHERE album_id !=' . $id . ' AND alias= :alias');
$stmt->bindParam(':alias', $alias, PDO::PARAM_STR);
function nv_filters($urlink, $urlimages, $tieude, $linktd, $tomtat, $hinhanh, $chitiet, $thoigian, $e)
{
global $folder, $module, $module_name, $module_config, $global_config;
$title = $e->find($tieude, 0)->innertext;
$title = trim(nv_unhtmlspecialchars(strip_tags($title)));
$link = $urlink . $e->find($linktd, 0)->href;
$alias = change_alias($title);
if ($e->find($tomtat, 0)) {
$hometext = $e->find($tomtat, 0)->innertext;
$hometext = trim($hometext);
} else {
$hometext = '';
}
$getContent = new UrlGetContents($global_config);
$link_t = $getContent->get($link);
$html = str_get_html($link_t);
$date = $html->find($thoigian, 0)->plaintext;
$number = preg_replace("/[^0-9]/", "", $date);
$image = array();
$homeimgthumb = "";
if ($html->find($chitiet, 0)->find('img')) {
foreach ($html->find($chitiet, 0)->find('img') as $img) {
if (!nv_is_url($img)) {
$abc = $img->src = $urlimages . $img->src;
} else {
$abc = $img->src;
}
$image[] = $abc;
if ($module_config[$module_name]['load_image'] == 1) {
$images = filter_images($folder, $abc);
$img->src = NV_BASE_SITEURL . NV_UPLOADS_DIR . "/" . $module . "/" . $images;
}
}
}
if ($html->find($chitiet, 0)->find('a')) {
foreach ($html->find($chitiet, 0)->find('a') as $href) {
if (substr($href->href, 0, 1) == "/") {
$href->href = $urlink . $href->href;
}
}
}
if ($image) {
$homeimg = filter_images($folder, $image[0]);
$homeimgfile = NV_UPLOADS_REAL_DIR . "/" . $module . "/" . $homeimg;
if (file_exists($homeimgfile)) {
require_once NV_ROOTDIR . "/includes/class/image.class.php";
$basename = basename($homeimgfile);
$image = new image($homeimgfile, NV_MAX_WIDTH, NV_MAX_HEIGHT);
$thumb_basename = $basename;
$i = 1;
while (file_exists(NV_ROOTDIR . '/' . NV_FILES_DIR . '/' . $module . '/thumb/' . $thumb_basename)) {
$thumb_basename = preg_replace('/(.*)(\\.[a-zA-Z]+)$/', '\\1_' . $i . '\\2', $basename);
++$i;
}
$image->resizeXY($module_config[$module]['homewidth'], $module_config[$module]['homeheight']);
$image->save(NV_ROOTDIR . '/' . NV_FILES_DIR . '/' . $module . '/thumb', $thumb_basename);
$image_info = $image->create_Image_info;
$thumb_name = str_replace(NV_ROOTDIR . '/' . NV_FILES_DIR . '/' . $module . '/', '', $image_info['src']);
$block_basename = $basename;
$i = 1;
while (file_exists(NV_ROOTDIR . '/' . NV_FILES_DIR . '/' . $module . '/block/' . $block_basename)) {
$block_basename = preg_replace('/(.*)(\\.[a-zA-Z]+)$/', '\\1_' . $i . '\\2', $basename);
++$i;
}
$image->resizeXY($module_config[$module]['blockwidth'], $module_config[$module]['blockheight']);
$image->save(NV_ROOTDIR . '/' . NV_FILES_DIR . '/' . $module . '/block', $block_basename);
$image_info = $image->create_Image_info;
$block_name = str_replace(NV_ROOTDIR . '/' . NV_FILES_DIR . '/' . $module . '/', '', $image_info['src']);
$image->close();
$homeimgthumb = $thumb_name . "|" . $block_name;
}
} else {
if ($e->find($hinhanh, 0)) {
$homeimg1 = $e->find($hinhanh, 0)->src;
if (nv_is_url($homeimg1)) {
$home_img = $urlimages . $homeimg1;
} else {
$home_img = $homeimg1;
}
if ($module_config[$module_name]['load_image'] == 1) {
$homeimg = filter_images($folder, $home_img);
} else {
$homeimg = $home_img;
}
} else {
$homeimg = "";
}
}
$bodyhtml = $html->find($chitiet, 0)->innertext;
$html->clear();
unset($html);
$bodyhtml = nv_unhtmlspecialchars($bodyhtml);
$content = array($title, $link, $alias, $hometext, $homeimg, $homeimgthumb, $number, $bodyhtml);
return $content;
}
* @Project NUKEVIET 4.x
* @Author Mr.Thang (kid.apt@gmail.com)
* @License GNU/GPL version 2 or any later version
* @Createdate 16-03-2015 12:55
*/
$path = nv_check_path_upload(NV_UPLOADS_DIR . '/' . $mod_name);
$check_allow_upload_dir = nv_check_allow_upload_dir($path);
$data = $nv_Request->get_string('data', 'post', '');
if (isset($check_allow_upload_dir['upload_file']) and in_array('images', $admin_info['allow_files_type']) and preg_match_all('/<\\s*img [^\\>]*src\\s*=\\s*[\\""\']?([^\\""\'\\s>]*)/i', $data, $matches)) {
$imageMatch = array_unique($matches[1]);
$mod_name = $nv_Request->get_title('module_name', 'post', '');
$pathsave = $nv_Request->get_title('pathsave', 'post', '');
$upload_real_dir_page = NV_ROOTDIR . '/' . NV_UPLOADS_DIR . '/' . $mod_name;
if (!empty($pathsave)) {
if (!preg_match('/^[a-z0-9\\-\\_]+$/i', $module_name)) {
$pathsave = change_alias($pathsave);
}
$pathsave = $mod_name . '/' . $pathsave;
$e = explode('/', $pathsave);
if (!empty($e)) {
$cp = '';
foreach ($e as $p) {
if (!empty($p) and !is_dir(NV_ROOTDIR . '/' . NV_UPLOADS_DIR . '/' . $cp . $p)) {
$mk = nv_mkdir(NV_ROOTDIR . '/' . NV_UPLOADS_DIR . '/' . $cp, $p);
if ($mk[0] > 0) {
$upload_real_dir_page = $mk[2];
}
} elseif (!empty($p)) {
$upload_real_dir_page = NV_ROOTDIR . '/' . NV_UPLOADS_DIR . '/' . $cp . $p;
}
$cp .= $p . '/';
$j = $i + 1;
$tmp = $nv_Request->get_int($module_name . '_song' . $j, 'cookie', 0);
$nv_Request->set_Cookie($module_name . '_song' . $i, $tmp);
}
$numprev = $num - 1;
$nv_Request->set_Cookie($module_name . '_numlist', $numprev);
die($contents);
}
// Luu playlist
if ($nv_Request->isset_request('savealbum', 'post')) {
if (!defined('NV_IS_AJAX')) {
die('Wrong URL');
}
$difftimeout = 180;
$name = filter_text_input('name', 'post', '');
$keyname = change_alias($name);
$singer = filter_text_input('singer', 'post', '');
$message = nv_br2nl(filter_text_textarea('message', '', NV_ALLOWED_HTML_TAGS));
if (defined('NV_IS_USER')) {
$username = $user_info['username'];
$userid = $user_info['userid'];
} else {
$username = "";
$userid = 0;
}
$num = $nv_Request->get_int($module_name . '_numlist', 'cookie', 0);
$songdata = array();
for ($i = 1; $i <= $num; $i++) {
$tmp = $nv_Request->get_int($module_name . '_song' . $i, 'cookie', 0);
$songdata[] = $tmp;
}