Tiny File Manager

Back Back Up Advanced Editor

<?php

//include('authentication.php');

//include('dbcon.php');

ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);

if(isset($_POST['post_detete_btn']))

{

$post_id= $_POST['post_detete_btn'];

$check_img_query = "SELECT * FROM posts WHERE id ='$post_id' LIMIT 1";

$img_res = mysqli_query($con, $check_img_query);

$res_data = mysqli_fetch_array($img_res);

$image = $res_data['image'];

$query = "DELETE from posts WHERE id = '$post_id' LIMIT 1";

$query_run = mysqli_query($con, $query);

if($query_run)

{

$_SESSION['message'] = "Post Deleted Successfully";

header('Location: post-view.php');

exit(0);

}else{

$_SESSION['message'] = "Something Went Wrong";

header('Location: post-view.php');

exit(0);

}

if(isset($_POST['post_update']))

{

$post_id = $_POST['post_id'];
    $category_id = $_POST['category_id'];
    $name = mysqli_real_escape_string($con, $_POST['name']);
//    $name_bn = mysqli_real_escape_string($con, $_POST['name_bn']);

$description =  mysqli_real_escape_string($con, $_POST['description']); 
 // $description_bn =  mysqli_real_escape_string($con, $_POST['description_bn']); 
    $meta_title =  mysqli_real_escape_string($con, $_POST['meta_title']);
    $meta_description =  mysqli_real_escape_string($con, $_POST['meta_description']);  
    $meta_keyword =  mysqli_real_escape_string($con, $_POST['meta_keyword']);

$date= $_POST['date'];
    $author = $_POST['author'];
    $status = $_POST['status'] == true ? '1':'0';

$query = "UPDATE posts SET category_id ='$category_id' , name='$name', slug ='$slug', description ='$description', image = '$frmdomain_path', 
        meta_title ='$meta_title', meta_description ='$meta_description', meta_keyword ='$meta_keyword', date ='$date' , author ='$author', status ='$status' WHERE id = '$post_id'";
        $query_run = mysqli_query($con, $query);

if($query_run)

{

$_SESSION['message'] =  "Post Updated Successfully";
            header('Location: post-edit.php?id='.$post_id);
            exit(0);

}else{

$_SESSION['message'] = "Something Went Wrong";
            header('Location: post-edit.php?id='.$post_id);
            exit(0);

} //query run end

}//isset button end

if(isset($_POST['post_add']))

{

$category_id = $_POST['category_id'];

$name = mysqli_real_escape_string($con, $_POST['name']);
 //   $name_bn = mysqli_real_escape_string($con, $_POST['name_bn']);

// slug take from form
   /* $string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['slug']);//remove all special characters
    $final_string = preg_replace('/-+/', '-', $string);
    $slug = $final_string;*/
// slug generated by function
    $slug = generateSlug($name);

$description =  mysqli_real_escape_string($con, $_POST['description']); 
    //$description_bn =  mysqli_real_escape_string($con, $_POST['description_bn']); 
    $meta_title =  mysqli_real_escape_string($con, $_POST['meta_title']);
    $meta_description =  mysqli_real_escape_string($con, $_POST['meta_description']);  
    $meta_keyword =  mysqli_real_escape_string($con, $_POST['meta_keyword']);

$date= $_POST['date'];
    $author = $_POST['author'];
    $status = $_POST['status'] == true ? '1':'0';

$query= "INSERT into posts (category_id, name, slug, description, image, meta_title, meta_description, meta_keyword, date, author, status) 
            VALUES ('$category_id', '$name', '$slug', '$description', '$frmdomain_path', '$meta_title', '$meta_description', '$meta_keyword','$date','$author' ,'$status' )";
            $query_run = mysqli_query($con, $query);

if($query_run)
            {

$_SESSION['message'] = "Post Created Successfully";
                header('Location: post-add.php');
                exit(0);
            }else{
                $_SESSION['message'] ="Something Went Wrong";
                header('Location: post-add.php');
                exit(0);
            }//if query run end

}   //if isset end