Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20 System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64 User : apache ( 48) PHP Version : 7.4.20 Disable Function : NONE Directory : /var/www/html/thietkewebvumi.com/admin_new/mod/ |
<?php
class card{
var $path_image = "upload/card/";
var $path_image_sub = "upload/card/sub_img/";
var $path_files = "upload/card/files/";
var $max_fsize = 1500000;
function card (){
global $CORE;
$arr_mid = array();
switch($CORE->input['code']){
default : $this->goList(); break;
case 'post': $this->goPost(); break;
case 'del': $this->goDel($arr_mid); break;
case 'showcard' : $this->goShowcard(); break;
case 'del_img_sub' : $this->del_img_sub(); break;
case 'del_file' : $this->del_file(); break;
case 'del_size' : $this->del_size(); break;
}
}
function del_file(){
global $DB,$CORE;
$file_id = $CORE->input['file_id'];
$id = intval(str_replace('cardfile_','',$file_id));
$row_check = $DB->fetch_row($DB->query("SELECT * FROM NNCCMS_card_files WHERE id = '$id'"));
if(!empty($row_check['file'])){
@unlink(ROOT_PATH.$this->path_files.$row_check['file']);
}
$DB->query("DELETE FROM NNCCMS_card_files WHERE id='$id'");
echo $id;
exit();
}
function del_size(){
global $DB,$CORE;
$size_id = $CORE->input['size_id'];
$id = intval(str_replace('size_','',$size_id));
$DB->query("DELETE FROM NNCCMS_card_options_size WHERE id='$id'");
echo $id;
exit();
}
function del_img_sub(){
global $DB,$CORE;
$img_id = $CORE->input['img_id'];
$id = intval(str_replace('cardimg_','',$img_id));
$row_check = $DB->fetch_row($DB->query("SELECT * FROM NNCCMS_images WHERE id = '$id'"));
if(!empty($row_check['image'])){
@unlink(ROOT_PATH.$this->path_image_sub.'thumb_'.$row_check['image']);
@unlink(ROOT_PATH.$this->path_image_sub.$row_check['image']);
}
$DB->query("DELETE FROM NNCCMS_images WHERE id='$id'");
echo $img_id;
exit();
}
function dequy_selected($id,$parentid,$aCats,$res,$sep){
foreach($aCats as $val){
if($val['parent_id']==$parentid){
if($id==$val['id'] and $parentid!=0){
$re = '<option value="'.$val['id'].'" selected>+'.$sep.''.$val['title'].'</option>';
}else{
$re = '<option value="'.$val['id'].'">+'.$sep.''.$val['title'].'</option>';
}
$res .= $this->dequy_selected($id,$val['id'],$aCats,$re,$sep.'+');
}
}
return $res;
}
function dequy_checked($arr_id,$parentid,$aCats,$res,$sep,$tep){
foreach($aCats as $val){
if($val['parent_id']==$parentid){
if(in_array($val['id'],$arr_id,true)){
$re = '<li>'.$sep.''.$val['title'].'<input type="checkbox" name="menu_id[]" value="'.$val['id'].'" checked />'.$tep.'</li>';
}else{
$re = '<li>'.$sep.''.$val['title'].'<input type="checkbox" name="menu_id[]" value="'.$val['id'].'" />'.$tep.'</li>';
}
$res .= $this->dequy_checked($arr_id,$val['id'],$aCats,$re,$sep.'<ul><li>',$tep.'</li></ul>');
}
}
return $res;
}
function goList(){
global $CORE, $DB, $smarty, $func, $print;
$smarty->assign('module_name','Quản lý thẻ thà nh viên');
$smarty->assign('title','card');
$smarty->assign('status',$CORE->input['status']);
$smarty->assign('section','list');
$aCats = array();
$where = "WHERE title<>''";
$fcat = intval($CORE->input['id_menu']);
$fstatus = $CORE->input['fstatus'];
$fkeyword = trim($CORE->input['fkeyword']);
if($fstatus!='')
{
$where .= " AND status = '".$fstatus."' ";
}
if($fkeyword!='')
{
$where .= " AND title LIKE '%".$fkeyword."%'";
$nsearch = 1;
}
$smarty->assign('nsearch',$nsearch);
if($CORE->input['nosearch']){ unset($_SESSION['fcat'],$_SESSION['fstatus'],$_SESSION['fkeyword']);}
$pageNum = ($_GET['pageNum']>0) ? intval($_GET['pageNum']) : 1;
$cardize = 20;
$from = (($pageNum * $cardize) - $cardize);
$t = $DB->fetch_row($DB->query("SELECT count(id) as total FROM NNCCMS_card ".$where));
$total = $t['total'];
$totalPage = ceil($total / $cardize);
$query = $DB->query("SELECT * FROM NNCCMS_card ".$where." LIMIT $from, $cardize");
while($row = $DB->fetch_row($query))
{
$row['time'] = date('d-m-Y',$row['time']);
$arr[] = $row;
}
$smarty->assign('list',$arr);
$nav = $print->Pagination($totalPage,$pageNum,'card',$CORE->admin_url.'&act=card&id_menu='.$fcat.'&fstatus='.$fstatus.'&fkeyword='.$fkeyword);
$smarty->assign('nav',$nav);
$arr_mid = $CORE->input['mid_for_del'];
if(!empty($arr_mid)){
$type = $CORE->input['type'];
switch($type){
case 'del':
$this->goDel($arr_mid);
break;
default:
$this->goAction($arr_mid,$type);
break;
}
}
}
function goPost(){
global $CORE, $DB, $func, $smarty, $print;
$smarty->assign('module_name','Quản lý thẻ thà nh viên');
$smarty->assign('title','card');
$smarty->assign('status',$CORE->input['status']);
$smarty->assign('section','post');
$aCats = array();
$query_menu = $DB->query("SELECT * FROM NNCCMS_menu WHERE `type`='menu'");
while($rows_menu = $DB->fetch_row($query_menu))
{
$aCats[] = $rows_menu;
}
$menu = $this->dequy_selected(0,0,$aCats,'<option value="0">Tất cả</option>','','');
$smarty->assign('menu',$menu);
if($_SESSION['error']) unset($CORE->input['bsubmit']);
if(!$CORE->input['bsubmit']){
$id = intval($CORE->input['id']);
if ($_SESSION['error']) $prevError = $_SESSION['error']; unset($_SESSION['error']);
if ($_SESSION['state']) $prevState = $_SESSION['state']; unset($_SESSION['state']);
if($prevState!=NULL){
$data = $prevState;
}else{
if($id==0){
$data['status'] = 1;
}else{
$query = $DB->query("SELECT * FROM NNCCMS_card WHERE id='".$id."'");
$data = $DB->fetch_row($query);
}
}
$data['status'] = $func->yes_no($data['status'],'status');
$error[] = $prevError;
$smarty->assign('error',$error);
$smarty->assign('post',$data);
}else{
$id = $state['id'] = intval($CORE->input['id']);
$title = trim($CORE->input['title']);
$diem = trim($CORE->input['diem']);
$gia = trim($CORE->input['gia']);
$time = time();
$status = $CORE->input['status'];
if($id==0){
$DB->query("INSERT INTO `NNCCMS_card` ( `title`, `diem`, `gia`, `time`, `status`) VALUES ( '$title', '$diem', '$gia', '$time', '$status');");
$id = mysql_insert_id();
}else{
$DB->query("UPDATE `NNCCMS_card` SET `title` = '$title',
`diem` = '$diem',
`gia` = '$gia',
`status` = '$status' WHERE `id` ='$id';");
}
//tab option
return $print->refresh("index.php?act=card&code=post&status=edit_success&id=".$id);
}
}
function goAction($arr_mid,$type){
global $DB, $print;
foreach($arr_mid as $val){
switch($type){
case 'active':
$DB->query("UPDATE NNCCMS_card SET status='1' WHERE id='".$val."'");
break;
case 'deactive':
$DB->query("UPDATE NNCCMS_card SET status='0' WHERE id='".$val."'");
break;
case 'hot':
$DB->query("UPDATE NNCCMS_card SET noibat='1' WHERE id='".$val."'");
break;
case 'dehot':
$DB->query("UPDATE NNCCMS_card SET noibat='0' WHERE id='".$val."'");
break;
}
}
$print->refresh('index.php?act=card&status=edit_success');
}
function goDel($arr_id){
global $CORE, $DB, $print;
if($CORE->admin_user['ug_id']!=4) exit('Chỉ có admin má»›i có quyá»n xóa bà i!...');
if(empty($arr_id)){
$id = intval($CORE->input['id']);
$query = $DB->query("SELECT path_img,img FROM NNCCMS_card WHERE id='".$id."'");
$result = $DB->fetch_row($query);
if($result['img'] !=''){
unlink(ROOT_PATH.$this->path_image.'thumb_'.$result['img']);
unlink(ROOT_PATH.$this->path_image.$result['img']);
}
$DB->query("DELETE FROM NNCCMS_menu_card WHERE card_id='$id'");
$DB->query("DELETE FROM NNCCMS_card WHERE id='".$id."'");
$print->refresh("index.php?act=card&status=del_success&cat=".$result['cid']);
exit();
}else{
foreach($arr_id as $val){
$query = $DB->query("SELECT img FROM NNCCMS_card WHERE id='".$val."'");
$result = $DB->fetch_row($query);
if($result['img'] !=''){
unlink(ROOT_PATH.$this->path_image.'thumb_'.$result['img']);
unlink(ROOT_PATH.$this->path_image.$result['img']);
}
$DB->query("DELETE FROM NNCCMS_menu_card WHERE card_id='$val'");
$DB->query("DELETE FROM NNCCMS_card WHERE id='".$val."'");
}
}
$print->refresh("index.php?act=card&status=del_success");
}
}
$run = new card();
?>