Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20 System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64 User : apache ( 48) PHP Version : 7.4.20 Disable Function : NONE Directory : /var/www/html/thietkewebvumi.com/admin_new/mod/ |
<?php
class pagesimg{
var $path_image = "upload/pagesimg/";
var $max_fsize = 1500000;
function pagesimg (){
global $CORE;
$arr_mid = array();
switch($CORE->input['code']){
default : $this->goList(); break;
case 'post': $this->goPost(); break;
case 'del': $this->goDel($arr_mid); break;
case 'showpagesimg' : $this->goShowpagesimg(); break;
case 'del_img_sub' : $this->del_img_sub(); break;
}
}
function del_img_sub(){
global $DB,$CORE,$func;
$img_id = $CORE->input['img_id'];
$id = intval(str_replace('pagesimg_','',$img_id));
$row_check = $DB->fetch_row($DB->query("SELECT * FROM NNCCMS_images WHERE id = '$id'"));
if(!empty($row_check['image'])){
@unlink(ROOT_PATH.$this->path_image.'thumb_'.$row_check['image']);
@unlink(ROOT_PATH.$this->path_image.$row_check['image']);
}
if(!empty($row_check['image_banner'])){
@unlink(ROOT_PATH.$this->path_image.'thumb_'.$row_check['image_banner']);
@unlink(ROOT_PATH.$this->path_image.$row_check['image_banner']);
}
$DB->query("DELETE FROM NNCCMS_images WHERE id='$id'");
echo $img_id;
exit();
}
function dequy_selected($id,$parentid,$aCats,$res,$sep){
foreach($aCats as $val){
if($val['parent_id']==$parentid){
if($id==$val['id'] and $parentid!=0){
$re = '<option value="'.$val['id'].'" selected>+'.$sep.''.$val['title'].'</option>';
}else{
$re = '<option value="'.$val['id'].'">+'.$sep.''.$val['title'].'</option>';
}
$res .= $this->dequy_selected($id,$val['id'],$aCats,$re,$sep.'+');
}
}
return $res;
}
function dequy_checked($arr_id,$parentid,$aCats,$res,$sep,$tep){
foreach($aCats as $val){
if($val['parent_id']==$parentid){
if(in_array($val['id'],$arr_id,true)){
$re = '<li>'.$sep.''.$val['title'].'<input type="checkbox" name="menu_id[]" value="'.$val['id'].'" checked />'.$tep.'</li>';
}else{
$re = '<li>'.$sep.''.$val['title'].'<input type="checkbox" name="menu_id[]" value="'.$val['id'].'" />'.$tep.'</li>';
}
$res .= $this->dequy_checked($arr_id,$val['id'],$aCats,$re,$sep.'<ul><li>',$tep.'</li></ul>');
}
}
return $res;
}
function goList(){
global $CORE, $DB, $smarty, $func, $print;
$smarty->assign('module_name','Quản lý bộ sản phẩm');
$smarty->assign('title','Quản lý sản phẩm');
$smarty->assign('status',$CORE->input['status']);
$smarty->assign('section','list');
$aCats = array();
$query_menu = $DB->query("SELECT * FROM NNCCMS_menu WHERE `type`='menu'");
while($rows_menu = $DB->fetch_row($query_menu))
{
$aCats[] = $rows_menu;
}
$menu = $this->dequy_selected(0,0,$aCats,'<option value="0">Tất cả</option>','','');
$smarty->assign('menu',$menu);
$where = "WHERE title<>''";
$fcat = intval($CORE->input['id_menu']);
$fstatus = $CORE->input['fstatus'];
$fkeyword = trim($CORE->input['fkeyword']);
if($fcat!=0){
$where .= " AND menu_id = '".$fcat."' ";
}
if($fstatus!=''){
$where .= " AND status = '".$fstatus."' ";
}
if($fkeyword!=''){
$where .= " AND title LIKE '%".$fkeyword."%'";
$nsearch = 1;
}
$smarty->assign('nsearch',$nsearch);
if($CORE->input['nosearch']){ unset($_SESSION['fcat'],$_SESSION['fstatus'],$_SESSION['fkeyword']);}
$pageNum = ($_GET['pageNum']>0) ? intval($_GET['pageNum']) : 1;
$pagesimgize = 20;
$from = (($pageNum * $pagesimgize) - $pagesimgize);
$t = $DB->fetch_row($DB->query("SELECT count(id) as total FROM NNCCMS_pagesimg ".$where));
$total = $t['total'];
$totalPage = ceil($total / $pagesimgize);
$query = $DB->query("SELECT * FROM NNCCMS_pagesimg ".$where." LIMIT $from, $pagesimgize");
while($row = $DB->fetch_row($query)){
$row['time'] = date('d-m-Y',$row['time']);
$arr[] = $row;
}
$smarty->assign('list',$arr);
$nav = $print->Pagination($totalPage,$pageNum,'pagesimg',$CORE->admin_url.'&act=pagesimg&id_menu='.$fcat.'&fstatus='.$fstatus.'&fkeyword='.$fkeyword);
$smarty->assign('nav',$nav);
$arr_mid = $CORE->input['mid_for_del'];
if(!empty($arr_mid)){
$type = $CORE->input['type'];
switch($type){
case 'del':
$this->goDel($arr_mid);
break;
default:
$this->goAction($arr_mid,$type);
break;
}
}
}
function goPost(){
global $CORE, $DB, $func, $smarty, $print;
$id = intval($CORE->input['id']);
if($id>0){
$smarty->assign('module_name','Quản lý bá»™ sÆ°u táºp');
$smarty->assign('title','Quản lý bá»™ sÆ°u táºp');
}else{
$smarty->assign('module_name','Quản lý sản phẩm');
$smarty->assign('title','Quản lý sản phẩm');
}
$smarty->assign('status',$CORE->input['status']);
$smarty->assign('section','post');
$aCats = array();
$query_menu = $DB->query("SELECT * FROM NNCCMS_menu WHERE `type`='menu'");
while($rows_menu = $DB->fetch_row($query_menu))
{
$aCats[] = $rows_menu;
}
$menu = $this->dequy_selected(0,0,$aCats,'<option value="0">Tất cả</option>','','');
$smarty->assign('menu',$menu);
if($_SESSION['error']) unset($CORE->input['bsubmit']);
if(!$CORE->input['bsubmit']){
$id = intval($CORE->input['id']);
if ($_SESSION['error']) $prevError = $_SESSION['error']; unset($_SESSION['error']);
if ($_SESSION['state']) $prevState = $_SESSION['state']; unset($_SESSION['state']);
if($prevState!=NULL){
$data = $prevState;
}else{
if($id==0){
$data['status'] = 1;
}else{
$query = $DB->query("SELECT * FROM NNCCMS_pagesimg WHERE id='".$id."'");
$data = $DB->fetch_row($query);
}
}
$temp = $DB->query("SELECT * FROM NNCCMS_menu WHERE `type`='menu'");
while($data1 = $DB->fetch_row($temp)){
$list_menu[] = $data1;
}
if($id>0){
$q_menu_page = $DB->query("SELECT menu_id FROM NNCCMS_menu_pagesimg WHERE pagesimg_id='$id'");
while($r_menu_page = $DB->fetch_row($q_menu_page)){
$arr_id[] = $r_menu_page['menu_id'];
}
}else{
$arr_id = array();
}
$data['op_menu'] = $this->dequy_checked($arr_id,0,$list_menu,'------------Root-----------','','');
$data['body'] = $func->editor_jquery('body',$data['body'],20,'tinymce');
$data['ebody'] = $func->editor_admin('ebody',$data['ebody'],20);
$data['policy'] = $func->editor_admin('policy',$data['policy'],10);
$data['noibat'] = $func->makebox($data['noibat'],'noibat');
$data['khuyenmai'] = $func->makebox($data['khuyenmai'],'khuyenmai');
$data['status'] = $func->yes_no($data['status'],'status');
$data['allow_comment'] = $func->makebox($data['allow_comment'],'allow_comment');
$error[] = $prevError;
$smarty->assign('error',$error);
$smarty->assign('post',$data);
$query_img = $DB->query("SELECT * FROM NNCCMS_images WHERE id_pagesimg='$id'");
while($row_img = $DB->fetch_row($query_img)){
$list_img[] = $row_img;
}
$smarty->assign('list_img',$list_img);
}else{
$id = $state['id'] = intval($CORE->input['id']);
$title_image = $CORE->input['title_image'];
$menu_id = $CORE->input['menu_id'];
$title = $state['title'] = $CORE->input['title'];
$ftitle = $func->format_string($title);
$etitle = $CORE->input['etitle'];
$fetitle = $func->format_string($etitle);
if($id>0){
$row_check = $DB->fetch_row($DB->query("SELECT id FROM NNCCMS_pagesimg WHERE (ftitle='$ftitle' or fetitle='$fetitle') AND id<>'$id'"));
}else{
$row_check = $DB->fetch_row($DB->query("SELECT id FROM NNCCMS_pagesimg WHERE ftitle='$ftitle' or fetitle='$fetitle'"));
}
if($row_check){
echo 'Tên bà i viết bị trùng, xin đặt tên khác!';
exit();
}
$intro = $state['intro'] = $CORE->input['intro'];
$eintro = $state['eintro'] = $CORE->input['eintro'];
$body = $state['body'] = $CORE->input['body'];
$ebody = $state['ebody'] = $CORE->input['ebody'];
$tags = $CORE->input['tags'];
$status = $state['status'] = intval($CORE->input['status']);
$noibat = $state['noibat'] = intval($CORE->input['noibat']);
$time = time();
$allow_comment = intval($CORE->input['allow_comment']);
if($title=='') exit('Xin nháºp tiêu Ä‘á»');
$image1="";
if($_FILES['image1']){
$image_file1 = $_FILES['image1']['tmp_name'];
$image_type1 = $_FILES['image1']['type'];
$image_name1 = substr($func->format_string($title),0,50).'_'.time();
$thumb_name1 = "thumb_".$image_name1;
$thumb_size1 = 240;
$createthumb1 = $func->create_image($image_file1, $image_type1, $thumb_name1,$thumb_size1, ROOT_PATH.$this->path_image);
$imageExt1 = $func->getImageExt($createthumb1);
if($createthumb1 && move_uploaded_file($_FILES['image1']['tmp_name'], ROOT_PATH.$this->path_image.$image_name1.$imageExt1)){
$image1 = $image_name1.$imageExt1;
sleep(1);
}else{
$error['image'] = 1;
}
}
if($id>0){
$images = $_FILES['image'];
$title_image = $CORE->input['title_image'];
$etitle_image = $CORE->input['etitle_image'];
$intro_image = $CORE->input['intro_image'];
$eintro_image = $CORE->input['eintro_image'];
$image_banner = $_FILES['image_banner'];
if(!empty($images)){
foreach($images['name'] as $key=>$val){
$file = $images['tmp_name'][$key];
$type = $images['type'][$key];
$file_banner = $image_banner['tmp_name'][$key];
$type_banner = $image_banner['type'][$key];
$uniqid_img = uniqid();
$image_name1 = substr($func->format_string($title),0,50).'-'.$key.'-'.$uniqid_img;
$thumb_name1 = "thumb_".$image_name1;
$thumb_size1 = 240;
$createthumb1 = $func->create_image($file, $type, $thumb_name1,$thumb_size1, ROOT_PATH.$this->path_image);
$imageExt1 = $func->getImageExt($createthumb1);
$image_name1_banner = 'banner_'.substr($func->format_string($title),0,50).'-'.$key.'-'.$uniqid_img;
$thumb_name1_banner = "thumb_".$image_name1_banner;
$thumb_size1_banner = 340;
$createthumb1_banner = $func->create_image($file_banner, $type_banner, $thumb_name1_banner,$thumb_size1_banner, ROOT_PATH.$this->path_image);
$imageExt1_banner = $func->getImageExt($createthumb1_banner);
if($createthumb1 && move_uploaded_file($file, ROOT_PATH.$this->path_image.$image_name1.$imageExt1)){
$image_name_tam = $image_name1.$imageExt1;
}
if($createthumb1_banner && move_uploaded_file($file_banner, ROOT_PATH.$this->path_image.$image_name1_banner.$imageExt1_banner)){
$image_name_tam_banner = $image_name1_banner.$imageExt1_banner;
}
if($key==0){
$title_image[$key] = current($title_image);
$etitle_image[$key] = current($etitle_image);
$intro_image[$key] = current($intro_image);
$eintro_image[$key] = current($eintro_image);
}
$DB->query("INSERT INTO `NNCCMS_images` ( `id_pagesimg`, `title`, `etitle`, `intro`, `eintro`, `path_img`, `image`, `image_banner`) VALUES ( '$id', '".$title_image[$key]."','".$etitle_image[$key]."','".$intro_image[$key]."', '".$eintro_image[$key]."','".date('m-y')."', '$image_name_tam', '$image_name_tam_banner');");
}
}
}
if($id==0){
$DB->query("INSERT INTO `NNCCMS_pagesimg` (
`title` ,
`ftitle`,
`etitle` ,
`fetitle` ,
`path_img`,
`img` ,
`intro`,
`body` ,
`ebody` ,
`tags`,
`hit` ,
`time` ,
`status` ,
`noibat` ,
`allow_comment`
)
VALUES (
'$title','$ftitle', '$etitle','$fetitle','".date('m-y')."', '$image1', '$intro', '$body', '$ebody','$tags', '0', '$time', '$status', '$noibat', '$allow_comment'
);
");
$insert_id = mysql_insert_id();
if(!empty($menu_id)){
foreach($menu_id as $val){
$DB->query("INSERT INTO `NNCCMS_menu_pagesimg` (
`menu_id` ,
`pagesimg_id`
)
VALUES (
'$val', '$insert_id'
);");
}
}
return $print->refresh("index.php?act=pagesimg&status=add_success");
}else{
$query = $DB->query("SELECT img FROM `NNCCMS_pagesimg` WHERE id='".$id."'");
$result = $DB->fetch_row($query);
if($image1!=''){
if($result['img'] !='') @unlink(ROOT_PATH.$this->path_image.$result['img']);
if($result['img'] !='') @unlink(ROOT_PATH.$this->path_image.'thumb_'.$result['img']);
$DB->query("UPDATE `NNCCMS_pagesimg` SET `img`='".$image1."',`path_img`='".date('m-y')."' WHERE `id`='".$id."'");
}
$DB->query("UPDATE `NNCCMS_pagesimg` SET `title` = '$title',
`ftitle` = '$ftitle',
`etitle` = '$etitle',
`fetitle` = '$fetitle',
`intro` = '$intro',
`body` = '$body',
`ebody` = '$ebody',
`tags` = '$tags',
`status` = '$status',
`noibat` = '$noibat',
`allow_comment` = '$allow_comment' WHERE `id` ='$id' LIMIT 1 ;
");
if(!empty($menu_id)){
$DB->query("DELETE FROM NNCCMS_menu_pagesimg WHERE pagesimg_id = '$id'");
foreach($menu_id as $val){
$DB->query("INSERT INTO `NNCCMS_menu_pagesimg` (
`menu_id` ,
`pagesimg_id`
)
VALUES (
'$val', '$id'
);");
}
}
return $print->refresh("index.php?act=pagesimg&code=post&status=edit_success&id=".$id);
}
}
}
function goAction($arr_mid,$type){
global $DB, $print;
foreach($arr_mid as $val){
switch($type){
case 'active':
$DB->query("UPDATE NNCCMS_pagesimg SET status='1' WHERE id='".$val."'");
break;
case 'deactive':
$DB->query("UPDATE NNCCMS_pagesimg SET status='0' WHERE id='".$val."'");
break;
case 'hot':
$DB->query("UPDATE NNCCMS_pagesimg SET noibat='1' WHERE id='".$val."'");
break;
case 'dehot':
$DB->query("UPDATE NNCCMS_pagesimg SET noibat='0' WHERE id='".$val."'");
break;
}
}
$print->refresh('index.php?act=pagesimg&status=edit_success');
}
function goDel($arr_id){
global $CORE, $DB, $print, $func;
if($CORE->admin_user['ug_id']!=4) exit('Chỉ có admin má»›i có quyá»n xóa bà i!...');
if(empty($arr_id)){
$id = intval($CORE->input['id']);
$query = $DB->query("SELECT path_img,img FROM NNCCMS_pagesimg WHERE id='".$id."'");
$result = $DB->fetch_row($query);
$q_check = $DB->query("SELECT * FROM NNCCMS_images WHERE id_pagesimg = '$id'");
while($r_check = $DB->fetch_row($q_check)){
if(!empty($row_check['image'])){
@unlink(ROOT_PATH.$this->path_image.'thumb_'.$row_check['image']);
@unlink(ROOT_PATH.$this->path_image.$row_check['image']);
}
if(!empty($row_check['image_banner'])){
@unlink(ROOT_PATH.$this->path_image.'thumb_'.$row_check['image_banner']);
@unlink(ROOT_PATH.$this->path_image.$row_check['image_banner']);
}
}
$DB->query("DELETE FROM NNCCMS_images WHERE id_pagesimg = '$id'");
if($result['img'] !=''){
unlink(ROOT_PATH.$this->path_image.'thumb_'.$result['img']);
unlink(ROOT_PATH.$this->path_image.$result['img']);
}
$DB->query("DELETE FROM NNCCMS_menu_pagesimg WHERE pagesimg_id='$id'");
$DB->query("DELETE FROM NNCCMS_pagesimg WHERE id='".$id."'");
$print->refresh("index.php?act=pagesimg&status=del_success&cat=".$result['cid']);
exit();
}else{
foreach($arr_id as $val){
$q_check = $DB->query("SELECT * FROM NNCCMS_images WHERE id_pagesimg = '$val'");
while($r_check = $DB->fetch_row($q_check)){
if(!empty($row_check['image'])){
@unlink(ROOT_PATH.$this->path_image.'thumb_'.$row_check['image']);
@unlink(ROOT_PATH.$this->path_image.$row_check['image']);
}
if(!empty($row_check['image_banner'])){
@unlink(ROOT_PATH.$this->path_image.'thumb_'.$row_check['image_banner']);
@unlink(ROOT_PATH.$this->path_image.$row_check['image_banner']);
}
}
$DB->query("DELETE FROM NNCCMS_images WHERE id_pagesimg = '$val'");
$query = $DB->query("SELECT img FROM NNCCMS_pagesimg WHERE id='".$val."'");
$result = $DB->fetch_row($query);
if($result['img'] !=''){
unlink(ROOT_PATH.$this->path_image.'thumb_'.$result['img']);
unlink(ROOT_PATH.$this->path_image.$result['img']);
}
$DB->query("DELETE FROM NNCCMS_menu_pagesimg WHERE pagesimg_id='$val'");
$DB->query("DELETE FROM NNCCMS_pagesimg WHERE id='".$val."'");
}
}
$print->refresh("index.php?act=pagesimg&status=del_success");
}
}
$run = new pagesimg();
?>