Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20 System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64 User : apache ( 48) PHP Version : 7.4.20 Disable Function : NONE Directory : /var/www/html/thietkewebvumi.com/admin_new/mod/ |
<?php
class pages{
var $path_image = "upload/pages/";
var $path_image_sub = "upload/pages/sub_img/";
var $path_files = "upload/pages/files/";
var $max_fsize = 1500000;
var $thumb_width = 370;
var $thumb_height = 270;
function pages (){
global $CORE;
$arr_mid = array();
switch($CORE->input['code']){
default : $this->goList(); break;
case 'post': $this->goPost(); break;
case 'del': $this->goDel($arr_mid); break;
case 'showpages' : $this->goShowpages(); break;
case 'del_img_sub' : $this->del_img_sub(); break;
case 'del_file' : $this->del_file(); break;
case 'del_size' : $this->del_size(); break;
}
}
function del_file(){
global $DB,$CORE;
$file_id = $CORE->input['file_id'];
$id = intval(str_replace('pagesfile_','',$file_id));
$row_check = $DB->fetch_row($DB->query("SELECT * FROM NNCCMS_pages_files WHERE id = '$id'"));
if(!empty($row_check['file'])){
@unlink(ROOT_PATH.$this->path_files.$row_check['file']);
}
$DB->query("DELETE FROM NNCCMS_pages_files WHERE id='$id'");
echo $id;
exit();
}
function del_size(){
global $DB,$CORE;
$size_id = $CORE->input['size_id'];
$id = intval(str_replace('size_','',$size_id));
$DB->query("DELETE FROM NNCCMS_pages_options_size WHERE id='$id'");
echo $id;
exit();
}
function del_img_sub(){
global $DB,$CORE;
$img_id = $CORE->input['img_id'];
$id = intval(str_replace('pagesimg_','',$img_id));
$row_check = $DB->fetch_row($DB->query("SELECT * FROM NNCCMS_images WHERE id = '$id'"));
if(!empty($row_check['image'])){
@unlink(ROOT_PATH.$this->path_image_sub.'thumb_'.$row_check['image']);
@unlink(ROOT_PATH.$this->path_image_sub.$row_check['image']);
}
$DB->query("DELETE FROM NNCCMS_images WHERE id='$id'");
echo $img_id;
exit();
}
function dequy_selected($id,$parentid,$aCats,$res,$sep){
foreach($aCats as $val){
if($val['parent_id']==$parentid){
if($id==$val['id'] and $parentid!=0){
$re = '<option value="'.$val['id'].'" selected>+'.$sep.''.$val['title'].'</option>';
}else{
$re = '<option value="'.$val['id'].'">+'.$sep.''.$val['title'].'</option>';
}
$res .= $this->dequy_selected($id,$val['id'],$aCats,$re,$sep.'+');
}
}
return $res;
}
function dequy_checked($arr_id,$parentid,$aCats,$res,$sep,$tep){
foreach($aCats as $val){
if($val['parent_id']==$parentid){
if(in_array($val['id'],$arr_id,true)){
$re = '<li>'.$sep.''.$val['title'].'<input type="checkbox" name="menu_id[]" value="'.$val['id'].'" checked />'.$tep.'</li>';
}else{
$re = '<li>'.$sep.''.$val['title'].'<input type="checkbox" name="menu_id[]" value="'.$val['id'].'" />'.$tep.'</li>';
}
$res .= $this->dequy_checked($arr_id,$val['id'],$aCats,$re,$sep.'<ul><li>',$tep.'</li></ul>');
}
}
return $res;
}
function goList(){
global $CORE, $DB, $smarty, $func, $print;
$smarty->assign('module_name','Quản lý bà i viết');
$smarty->assign('title','pages');
$smarty->assign('status',$CORE->input['status']);
$smarty->assign('section','list');
$aCats = array();
$query_menu = $DB->query("SELECT * FROM NNCCMS_menu WHERE `type`='menu'");
while($rows_menu = $DB->fetch_row($query_menu))
{
$aCats[] = $rows_menu;
}
$menu = $this->dequy_selected(0,0,$aCats,'<option value="0">Tất cả</option>','','');
$smarty->assign('menu',$menu);
$where = "WHERE title<>''";
$fcat = intval($CORE->input['id_menu']);
$fstatus = $CORE->input['fstatus'];
$fkeyword = trim($CORE->input['fkeyword']);
if($fcat!=0){
$where .= " AND id IN (SELECT pages_id FROM NNCCMS_menu_pages WHERE menu_id='".$fcat."') ";
}
if($fstatus!='')
{
$where .= " AND status = '".$fstatus."' ";
}
if($fkeyword!='')
{
$where .= " AND title LIKE '%".$fkeyword."%'";
$nsearch = 1;
}
$smarty->assign('nsearch',$nsearch);
if($CORE->input['nosearch']){ unset($_SESSION['fcat'],$_SESSION['fstatus'],$_SESSION['fkeyword']);}
$pageNum = ($_GET['pageNum']>0) ? intval($_GET['pageNum']) : 1;
$pageSize = 20;
$from = (($pageNum * $pageSize) - $pageSize);
$t = $DB->fetch_row($DB->query("SELECT count(id) as total FROM NNCCMS_pages ".$where));
$total = $t['total'];
$totalPage = ceil($total / $pageSize);
$query = $DB->query("SELECT * FROM NNCCMS_pages ".$where." LIMIT $from, $pageSize");
$arr_color = array('color:#FF0000','color:#00FF00','color:#0099FF','color:#333333','color:#663366');
while($row = $DB->fetch_row($query))
{
$q_list_menu = $DB->query("SELECT id,title,ftitle FROM NNCCMS_menu WHERE id IN (SELECT menu_id FROM NNCCMS_menu_pages WHERE pages_id='".$row['id']."') ORDER BY `pos` DESC");
while($r_list_menu = $DB->fetch_row($q_list_menu)){
$row['text_menu_name'] .= '<a href="index.php?act=pages&code=list&id_menu='.$r_list_menu['id'].'" style="'.$arr_color[rand(0,count($arr_color))].'">'.$r_list_menu['title'].'</a>, ';
$row['ftitle_menu'] = $r_list_menu['ftitle'];
}
$row['text_menu_name'] = $func->remove_lastchar($row['text_menu_name'],2);
$row['time'] = date('d-m-Y',$row['time']);
$arr[] = $row;
}
$smarty->assign('list',$arr);
$nav = $print->Pagination($totalPage,$pageNum,'pages',$CORE->admin_url.'&act=pages&id_menu='.$fcat.'&fstatus='.$fstatus.'&fkeyword='.$fkeyword);
$smarty->assign('nav',$nav);
$arr_mid = $CORE->input['mid_for_del'];
if(!empty($arr_mid)){
$type = $CORE->input['type'];
switch($type){
case 'del':
$this->goDel($arr_mid);
break;
default:
$this->goAction($arr_mid,$type);
break;
}
}
}
function goPost(){
global $CORE, $DB, $func, $smarty, $print;
$smarty->assign('module_name','Quản lý bà i viết');
$smarty->assign('title','pages');
$smarty->assign('status',$CORE->input['status']);
$smarty->assign('section','post');
$aCats = array();
$query_menu = $DB->query("SELECT * FROM NNCCMS_menu WHERE `type`='menu'");
while($rows_menu = $DB->fetch_row($query_menu))
{
$aCats[] = $rows_menu;
}
$menu = $this->dequy_selected(0,0,$aCats,'<option value="0">Tất cả</option>','','');
$smarty->assign('menu',$menu);
if($_SESSION['error']) unset($CORE->input['bsubmit']);
if(!$CORE->input['bsubmit']){
$id = intval($CORE->input['id']);
if ($_SESSION['error']) $prevError = $_SESSION['error']; unset($_SESSION['error']);
if ($_SESSION['state']) $prevState = $_SESSION['state']; unset($_SESSION['state']);
if($prevState!=NULL){
$data = $prevState;
}else{
if($id==0){
$data['status'] = 1;
}else{
$query = $DB->query("SELECT * FROM NNCCMS_pages WHERE id='".$id."'");
$data = $DB->fetch_row($query);
}
}
$temp = $DB->query("SELECT * FROM NNCCMS_menu");
while($data1 = $DB->fetch_row($temp)){
$list_menu[] = $data1;
}
if($id>0){
$q_menu_page = $DB->query("SELECT menu_id FROM NNCCMS_menu_pages WHERE pages_id='$id'");
while($r_menu_page = $DB->fetch_row($q_menu_page)){
$arr_id[] = $r_menu_page['menu_id'];
}
}else{
$arr_id = array();
}
$data['op_menu'] = $this->dequy_checked($arr_id,0,$list_menu,'------------Root-----------','','');
$data['body'] = $func->editor_new('body',$data['body'],15);
$data['ebody'] = $func->editor_new('ebody',$data['ebody'],15);
$data['noibat'] = $func->makebox($data['noibat'],'noibat');
$data['khuyenmai'] = $func->makebox($data['khuyenmai'],'khuyenmai');
$data['status'] = $func->yes_no($data['status'],'status');
$data['allow_comment'] = $func->makebox($data['allow_comment'],'allow_comment');
//show option data
$r_op = $DB->fetch_row($DB->query("SELECT * FROM NNCCMS_pages_options WHERE pages_id = '$id'"));
$data['price'] = $r_op['price'];
$data['sprice'] = $r_op['sprice'];
$data['quantity'] = $r_op['quantity'];
$data['in_stock'] = $func->yes_no($r_op['in_stock'],'in_stock');
$data['time_begin'] = $r_op['time_begin'];
$data['time_end'] = $r_op['time_end'];
//show size data;
$q_size = $DB->query("SELECT * FROM NNCCMS_pages_options_size WHERE pages_id='$id'");
while($r_size = $DB->fetch_row($q_size)){
$list_size[] = $r_size;
}
$smarty->assign('list_size',$list_size);
//show img sub
$query_img = $DB->query("SELECT * FROM NNCCMS_images WHERE id_pagesimg='$id'");
while($row_img = $DB->fetch_row($query_img)){
$list_img[] = $row_img;
}
$smarty->assign('list_img',$list_img);
//show list files
$query_file = $DB->query("SELECT * FROM NNCCMS_pages_files WHERE pages_id='$id'");
while($row_file = $DB->fetch_row($query_file)){
$list_file[] = $row_file;
}
$smarty->assign('list_file',$list_file);
$error[] = $prevError;
$smarty->assign('error',$error);
$smarty->assign('post',$data);
}else{
$tab1 = $CORE->input['tab1'];
$tab2 = $CORE->input['tab2'];
$tab3 = $CORE->input['tab3'];
$tab4 = $CORE->input['tab4'];
$id = $state['id'] = intval($CORE->input['id']);
if(!empty($tab1) and $tab1=='general'){//general upload
$menu_id = $CORE->input['menu_id'];
$type_page = $CORE->input['type_page'];
$title = $state['title'] = $CORE->input['title'];
$ftitle = $func->format_string($title);
$etitle = $CORE->input['etitle'];
$fetitle = $func->format_string($etitle);
if($id>0){
$row_check = $DB->fetch_row($DB->query("SELECT id FROM NNCCMS_pages WHERE ftitle='$ftitle' AND id<>'$id'"));
}else{
$row_check = $DB->fetch_row($DB->query("SELECT id FROM NNCCMS_pages WHERE ftitle='$ftitle' "));
}
if($row_check){
echo 'Tên bà i viết bị trùng, xin đặt tên khác!';
exit();
}
if(empty($menu_id)){
echo 'Xin chá»n Ãt nhất má»™t menu!';
exit();
}
$intro = $state['intro'] = $CORE->input['intro'];
$eintro = $state['eintro'] = $CORE->input['eintro'];
$body = $state['body'] = $CORE->input['body'];
$ebody = $CORE->input['ebody'];
$tags = $CORE->input['tags'];
$status = $state['status'] = intval($CORE->input['status']);
$noibat = $state['noibat'] = intval($CORE->input['noibat']);
$time = time();
$allow_comment = intval($CORE->input['allow_comment']);
$update_time = $CORE->input['update_time'];
if($title=='') exit('Xin nháºp tiêu Ä‘á»');
$image1="";
require ROOT_PATH."lib/class.upload.php";
$handle = new upload($_FILES['image1']);
if ($handle->uploaded) {
$width = $handle->image_src_x;
//$height = $handle->image_src_y;
$ext = $handle->file_src_name_ext;
$image_name = substr($func->format_string($title),0,50).'_'.time();
$handle->file_new_name_body = $image_name;
if($width>900){
$handle->image_resize = true;
$handle->image_x = 900;
}
$handle->process(ROOT_PATH.$this->path_image);
if ($handle->processed) {
$image1 = $image_name.'.'.$ext;
} else {
echo 'error : ' . $handle->error;
exit();
}
}
//create thumb
$handle2 = new upload($_FILES['image1']);
if ($handle2->uploaded) {
$image_name_thumb = 'thumb_'.$image_name;
$handle2->file_new_name_body = $image_name_thumb;
$handle2->image_resize = true;
$handle2->image_ratio_fill = 'C';
$handle2->image_x = $this->thumb_width;
$handle2->image_y = $this->thumb_height;
$handle2->image_background_color = '#FFFFFF';
$handle2->process(ROOT_PATH.$this->path_image);
if ($handle2->processed) {
$handle->clean();
$handle2->clean();
} else {
echo 'error : ' . $handle2->error;
exit();
}
}
/*if($_FILES['image1']){
$image_file1 = $_FILES['image1']['tmp_name'];
$image_type1 = $_FILES['image1']['type'];
$image_name1 = substr($func->format_string($title),0,50).'_'.time();
$thumb_name1 = "thumb_".$image_name1;
$thumb_size1 = 240;
$createthumb1 = $func->create_image($image_file1, $image_type1, $thumb_name1,$thumb_size1, ROOT_PATH.$this->path_image);
$imageExt1 = $func->getImageExt($createthumb1);
if($createthumb1 && move_uploaded_file($_FILES['image1']['tmp_name'], ROOT_PATH.$this->path_image.$image_name1.$imageExt1)){
$image1 = $image_name1.$imageExt1;
sleep(1);
}else{
$error['image'] = 1;
}
}*/
}
if($id==0){
$DB->query("INSERT INTO `NNCCMS_pages` (`type_page`,
`title` ,
`ftitle`,
`etitle` ,
`fetitle` ,
`path_img`,
`img` ,
`intro`,
`eintro`,
`body` ,
`ebody` ,
`tags`,
`hit` ,
`time` ,
`status` ,
`noibat` ,
`allow_comment`
)
VALUES (
'$type_page',
'$title','$ftitle', '$etitle','$fetitle','".date('m_y')."', '$image1', '$intro','$eintro', '$body', '$ebody','$tags', '0', '$time', '$status', '$noibat', '$allow_comment'
);
");
$insert_id = mysql_insert_id();
if(!empty($menu_id)){
foreach($menu_id as $val){
$DB->query("INSERT INTO `NNCCMS_menu_pages` (
`menu_id` ,
`pages_id`
)
VALUES (
'$val', '$insert_id'
);");
}
}
return $print->refresh("index.php?act=pages&&code=post&status=add_success&id=".$insert_id."#tab2");
}else{
if($tab1 == 'general'){
$query = $DB->query("SELECT img FROM `NNCCMS_pages` WHERE id='".$id."'");
$result = $DB->fetch_row($query);
if($image1!=''){
@unlink(ROOT_PATH.$this->path_image.$result['img']);
@unlink(ROOT_PATH.$this->path_image.'thumb_'.$result['img']);
$DB->query("UPDATE `NNCCMS_pages` SET `img`='".$image1."',`path_img`='".date('m_y')."' WHERE `id`='".$id."'");
}
$DB->query("UPDATE `NNCCMS_pages` SET
`type_page` = '$type_page',
`title` = '$title',
`ftitle` = '$ftitle',
`etitle` = '$etitle',
`fetitle` = '$fetitle',
`intro` = '$intro',
`eintro` = '$eintro',
`body` = '$body',
`ebody` = '$ebody',
`tags` = '$tags',
`status` = '$status',
`noibat` = '$noibat',
`allow_comment` = '$allow_comment' WHERE `id` ='$id' LIMIT 1 ;
");
if($update_time){
$DB->query("UPDATE `NNCCMS_pages` SET
`time` = '$time' WHERE `id` ='$id'");
}
if(!empty($menu_id)){
$DB->query("DELETE FROM NNCCMS_menu_pages WHERE pages_id = '$id'");
foreach($menu_id as $val){
$DB->query("INSERT INTO `NNCCMS_menu_pages` (
`menu_id` ,
`pages_id`
)
VALUES (
'$val', '$id'
);");
}
}
}
if($tab4=='options'){
$price = intval($CORE->input['price']);
$sprice = intval($CORE->input['sprice'])>0 ? intval($CORE->input['sprice']) : $price ;
$time_begin = $CORE->input['time_begin'];
$time_end = $CORE->input['time_end'];
$quantity = $CORE->input['quantity'];
$in_stock = $CORE->input['in_stock'];
//check op
$row_check_op = $DB->fetch_row($DB->query("SELECT id FROM NNCCMS_pages_options WHERE pages_id='$id' "));
if(!$row_check_op){//do insert
$DB->query("INSERT INTO `NNCCMS_pages_options` (`pages_id`, `price`, `sprice`, `quantity`, `in_stock`, `begin_time`, `time_end`) VALUES ('$id', '$price', '$sprice', '$quantity', '$in_stock', '$time_begin', '$time_end');");
}else{//do update
$DB->query("UPDATE `NNCCMS_pages_options` SET `price` = '$price', `sprice` = '$sprice', `quantity` = '$quantity', `in_stock` = '$in_stock', `begin_time` = '$time_begin', `time_end` = '$time_end' WHERE `id` = '".$row_check_op['id']."';");
}
//options size
$size = $CORE->input['size'];
if(!empty($size)){
foreach($size as $val){
$DB->query("INSERT INTO `NNCCMS_pages_options_size` ( `pages_id`, `title_size`) VALUES ( '$id', '$val');");
}
}
}
//tab option
if($tab2 == 'gallery'){
//options images
$images = $_FILES['image'];
$title_image = $CORE->input['title_image'];
$etitle_image = $CORE->input['etitle_image'];
$intro_image = $CORE->input['intro_image'];
$eintro_image = $CORE->input['eintro_image'];
if(!empty($images)){
foreach($images['name'] as $key=>$val){
$file = $images['tmp_name'][$key];
$type = $images['type'][$key];
$uniqid_img = uniqid();
$image_name1 = substr($func->format_string($title_image),0,50).'-'.$key.'-'.$uniqid_img;
$thumb_name1 = "thumb_".$image_name1;
$thumb_size1 = 240;
$createthumb1 = $func->create_image($file, $type, $thumb_name1,$thumb_size1, ROOT_PATH.$this->path_image_sub);
$imageExt1 = $func->getImageExt($createthumb1);
$arr_size = getimagesize($file);
$width = $arr_size[0];
$height = $arr_size[1];
if($width<800 and $height<600){
if($createthumb1 && move_uploaded_file($file, ROOT_PATH.$this->path_image_sub.$image_name1.$imageExt1)){
$image_name_tam = $image_name1.$imageExt1;
}
}else{
$thumb_name2 = $image_name1;
$thumb_size2 = 700;
$createthumb2 = $func->create_image($file, $type, $thumb_name2,$thumb_size2, ROOT_PATH.$this->path_image_sub);
$imageExt2 = $func->getImageExt($createthumb2);
$image_name_tam = $image_name1.$imageExt2;
}
if($key==0){
$title_image[$key] = current($title_image);
$etitle_image[$key] = current($etitle_image);
$intro_image[$key] = current($intro_image);
$eintro_image[$key] = current($eintro_image);
}
$DB->query("INSERT INTO `NNCCMS_images` ( `id_pagesimg`, `title`, `etitle`, `intro`, `eintro`, `path_img`, `image`, `image_banner`) VALUES ( '$id', '".$title_image[$key]."','".$etitle_image[$key]."','".$intro_image[$key]."', '".$eintro_image[$key]."','".date('m-y')."', '$image_name_tam', '');");
}
}
}
if($tab3 == 'files'){
//docx, doc, xls, xlsx, pdf
$type_file = array('application/vnd.openxmlformats-officedocument.wordprocessingml.document','application/msword','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
'application/pdf');
$title_file = $CORE->input['title_file'];
$etitle_file = $CORE->input['etitle_file'];
$intro_file = $CORE->input['intro_file'];
$eintro_file = $CORE->input['eintro_file'];
$files = $_FILES['file'];
if(!empty($files)){
foreach($files['name'] as $key=>$val){
$uniqid_file = uniqid();
$ext = $func->get_file_extension($files['name'][$key]);
$file_name = substr($func->format_string($files['name'][$key]),0,30).'-'.$key.'-'.$uniqid_file.'.'.$ext;
$file = $files['tmp_name'][$key];
$type = $files['type'][$key];
if(!in_array($type,$type_file)){
$print->page_error('File phải có dạng .docx, .doc, .xls, .xlsx, .pdf','index.php?act=pages&code=post&id='.$id);
exit();
}
$file_name_tam = '';
if(move_uploaded_file($file, ROOT_PATH.$this->path_files.$file_name)){
$file_name_tam = $file_name;
}
if($key==0){
$title_file[$key] = current($title_file);
$etitle_file[$key] = current($etitle_file);
$intro_file[$key] = current($intro_file);
$eintro_file[$key] = current($eintro_file);
}
if($title_file[$key]==''){
$print->page_error('Bạn chÆ°a nháºp tiêu Ä‘á» file','index.php?act=pages&code=post&id='.$id);
exit();
}
if($file_name_tam!=''){
$DB->query("INSERT INTO `NNCCMS_pages_files` ( `pages_id`, `title_file`, `etitle_file`, `intro_file`, `eintro_file`, `file`, `time`) VALUES ( '$id', '".$title_file[$key]."','".$etitle_file[$key]."','".$intro_file[$key]."', '".$eintro_file[$key]."','".$file_name_tam."', '".time()."');");
}else{
$print->page_error('File không tìm thấy','index.php?act=pages&code=post&id='.$id);
exit();
}
}
}
}
return $print->refresh("index.php?act=pages&code=post&status=edit_success&id=".$id);
}
}
}
function goAction($arr_mid,$type){
global $DB, $print;
foreach($arr_mid as $val){
switch($type){
case 'active':
$DB->query("UPDATE NNCCMS_pages SET status='1' WHERE id='".$val."'");
break;
case 'deactive':
$DB->query("UPDATE NNCCMS_pages SET status='0' WHERE id='".$val."'");
break;
case 'hot':
$DB->query("UPDATE NNCCMS_pages SET noibat='1' WHERE id='".$val."'");
break;
case 'dehot':
$DB->query("UPDATE NNCCMS_pages SET noibat='0' WHERE id='".$val."'");
break;
}
}
$print->refresh('index.php?act=pages&status=edit_success');
}
function goDel($arr_id){
global $CORE, $DB, $print;
if($CORE->admin_user['ug_id']!=4) exit('Chỉ có admin má»›i có quyá»n xóa bà i!...');
if(empty($arr_id)){
$id = intval($CORE->input['id']);
$query = $DB->query("SELECT path_img,img FROM NNCCMS_pages WHERE id='".$id."'");
$result = $DB->fetch_row($query);
if($result['img'] !=''){
unlink(ROOT_PATH.$this->path_image.'thumb_'.$result['img']);
unlink(ROOT_PATH.$this->path_image.$result['img']);
}
$DB->query("DELETE FROM NNCCMS_menu_pages WHERE pages_id='$id'");
$DB->query("DELETE FROM NNCCMS_pages WHERE id='".$id."'");
$print->refresh("index.php?act=pages&status=del_success&cat=".$result['cid']);
exit();
}else{
foreach($arr_id as $val){
$query = $DB->query("SELECT img FROM NNCCMS_pages WHERE id='".$val."'");
$result = $DB->fetch_row($query);
if($result['img'] !=''){
unlink(ROOT_PATH.$this->path_image.'thumb_'.$result['img']);
unlink(ROOT_PATH.$this->path_image.$result['img']);
}
$DB->query("DELETE FROM NNCCMS_menu_pages WHERE pages_id='$val'");
$DB->query("DELETE FROM NNCCMS_pages WHERE id='".$val."'");
}
}
$print->refresh("index.php?act=pages&status=del_success");
}
}
$run = new pages();
?>