File "code.php"
Full path: /home/fsibplc/public_html/fsib/firstcash/admin/code.php
File
size: 18.7 B (18.7 KB bytes)
MIME-type: text/x-php
Charset: utf-8
Download Open Edit Advanced Editor Back
<?php
include('authentication.php');
include('function.php');
if(isset($_POST['merchant_add']))
{
$category = $_POST['category'];
$result = $_POST['district'];
$result_explode = explode('|', $result);
$district_en = $result_explode[0];
$district_bn = $result_explode[1];
$thana_en = $_POST['thana_en'];
$thana_bn = $_POST['thana_bn'];
$outlet_name_en = $_POST['outlet_name_en'];
$outlet_name_bn = $_POST['outlet_name_bn'];
$address_en = $_POST['address_en'];
$address_bn = $_POST['address_bn'];
$author = $_POST['author'];
$status = $_POST['status'] == true ? '1':'0';
$query= "INSERT into merchant_list (category, district_en, district_bn, thana_en, thana_bn, outlet_name_en, outlet_name_bn, address_en, address_bn, author, status)
VALUES ('$category', '$district_en', '$district_bn', '$thana_en', '$thana_bn', '$outlet_name_en', '$outlet_name_bn', '$address_en', '$address_bn','$author' ,'$status' )";
$query_run = mysqli_query($con, $query);
if($query_run)
{
$_SESSION['message'] = $author;//"Merchant Created Successfully";
header('Location: merchant-add.php');
exit(0);
}else{
$_SESSION['message'] ="Merchant Went Wrong";
header('Location: merchant-add.php');
exit(0);
}
}
if(isset($_POST['slider_detete_btn']))
{
//$slider_id= $_POST['slider_detete_btn'];
$string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['slider_detete_btn']);//remove all special characters
$final_string = preg_replace('/-+/', '-', $string);
$slider_id = $final_string;
$check_img_query = "SELECT * FROM slider WHERE id ='$slider_id' LIMIT 1";
$img_res = mysqli_query($con, $check_img_query);
$res_data = mysqli_fetch_array($img_res);
$image = $res_data['image'];
$query = "DELETE from slider WHERE id = '$slider_id' LIMIT 1";
$query_run = mysqli_query($con, $query);
if($query_run)
{
if(file_exists('../uploads/slider/'.$image))
{
unlink('../uploads/slider/'.$image);
}
$_SESSION['message'] = "Slider Deleted Successfully";
header('Location: slider-view.php');
exit(0);
}else{
$_SESSION['message'] = "Something Went Wrong";
header('Location: slider-view.php');
exit(0);
}
}
if(isset($_POST['slider_update']))
{
// $slider_id = $_POST['slider_id'];
$string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['slider_id']);//remove all special characters
$final_string = preg_replace('/-+/', '-', $string);
$slider_id = $final_string;
// $name = $_POST['name'];
$string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['name']);//remove all special characters
$final_string = preg_replace('/-+/', '-', $string);
$name = $final_string;
$name_bn = $_POST['name_bn'];
$author = $_POST['author'];
$old_filename = $_POST['old_image'];
$image = $_FILES['image']['name'];
$update_filename = "";
if($image != NULL)
{
//rename this image
$image_extension = pathinfo($image, PATHINFO_EXTENSION);
$filename= time().'.'.$image_extension;
$update_filename = $filename;
}
else
{
$update_filename = $old_filename;
}
$status = $_POST['status'] == true ? '1':'0';
$query = "UPDATE slider SET name='$name', name_bn='$name_bn', image = '$update_filename', author ='$author', status ='$status' WHERE id = '$slider_id'";
$query_run = mysqli_query($con, $query);
if($query_run)
{
if($image != NULL)
{
if(file_exists('../uploads/slider/'.$old_filename))
{
unlink('../uploads/slider/'.$old_filename);
}
move_uploaded_file($_FILES['image']['tmp_name'], '../uploads/slider/'.$update_filename);
}
$_SESSION['message'] = "Slider Updated Successfully";
header('Location: slider-edit.php?id='.$slider_id);
exit(0);
}else{
$_SESSION['message'] = "Something Went Wrong";
header('Location: slider-edit.php?id='.$slider_id);
exit(0);
}
}
if(isset($_POST['slider_add']))
{
$name = $_POST['name'];
$name_bn = $_POST['name_bn'];
$image = $_FILES['image']['name'];
//rename this image
$image_extension = pathinfo($image, PATHINFO_EXTENSION);
$filename= time().'.'.$image_extension;
$author = $_POST['author'];
$status = $_POST['status'] == true ? '1':'0';
$query= "INSERT into slider (name, name_bn, image, author, status)
VALUES ('$name', '$name_bn', '$filename','$author' ,'$status' )";
$query_run = mysqli_query($con, $query);
if($query_run)
{
move_uploaded_file($_FILES['image']['tmp_name'], '../uploads/slider/'.$filename);
$_SESSION['message'] = "Slider Created Successfully";
header('Location: slider-add.php');
exit(0);
}else{
$_SESSION['message'] ="Something Went Wrong";
header('Location: slider-add.php');
exit(0);
}
}
if(isset($_POST['service_update']))
{
$service_id = $_POST['service_id'];
$name = $_POST['name'];
$name_bn = $_POST['name_bn'];
$string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['slug']);//remove all special characters
$final_string = preg_replace('/-+/', '-', $string);
$slug = $final_string;
// slug generated by function
$slug = generateSlug($name);
$description = $_POST['description'];
$description_bn = $_POST['description_bn'];
$meta_title = $_POST['meta_title'];
$meta_description = $_POST['meta_description'];
$meta_keyword = $_POST['meta_keyword'];
$old_filename = $_POST['old_image'];
$image = $_FILES['image']['name'];
$update_filename = "";
if($image != NULL)
{
//rename this image
$image_extension = pathinfo($image, PATHINFO_EXTENSION);
$filename= time().'.'.$image_extension;
$update_filename = $filename;
}
else
{
$update_filename = $old_filename;
}
$status = $_POST['status'] == true ? '1':'0';
$query = "UPDATE services SET name='$name', name_bn='$name_bn', slug ='$slug', description ='$description', description_bn ='$description_bn', image = '$update_filename',
meta_title ='$meta_title', meta_description ='$meta_description', meta_keyword ='$meta_keyword', status ='$status' WHERE id = '$service_id'";
$query_run = mysqli_query($con, $query);
if($query_run)
{
if($image != NULL)
{
if(file_exists('../uploads/service/'.$old_filename))
{
unlink('../uploads/service/'.$old_filename);
}
move_uploaded_file($_FILES['image']['tmp_name'], '../uploads/service/'.$update_filename);
}
$_SESSION['message'] = "Service Updated Successfully";
header('Location: service-edit.php?id='.$service_id);
exit(0);
}else{
$_SESSION['message'] = $query;//"Something Went Wrong";
header('Location: service-edit.php?id='.$service_id);
exit(0);
}
}
if(isset($_POST['add_service']))
{
$name = $_POST['name'];
$name_bn = $_POST['name_bn'];
$string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['slug']);//remove all special characters
$final_string = preg_replace('/-+/', '-', $string);
$slug = $final_string;
$description = $_POST['description'];
$description_bn = $_POST['description_bn'];
$meta_title = $_POST['meta_title'];
$meta_description = $_POST['meta_description'];
$meta_keyword = $_POST['meta_keyword'];
$image = $_FILES['image']['name'];
//rename this image
$image_extension = pathinfo($image, PATHINFO_EXTENSION);
$filename= time().'.'.$image_extension;
$status = $_POST['status'] == true ? '1':'0';
$query= "INSERT into services (name, name_bn, slug, description, description_bn, image, meta_title, meta_description, meta_keyword, status)
VALUES ('$name', '$name_bn', '$slug', '$description', '$description_bn', '$filename', '$meta_title', '$meta_description', '$meta_keyword','$status' )";
$query_run = mysqli_query($con, $query);
if($query_run)
{
move_uploaded_file($_FILES['image']['tmp_name'], '../uploads/service/'.$filename);
$_SESSION['message'] = "Service Created Successfully";
header('Location: service-view.php');
exit(0);
}else{
$_SESSION['message'] ="Something Went Wrong";
header('Location: service-view.php');
exit(0);
}
}
if(isset($_POST['post_detete_btn']))
{
// $post_id= $_POST['post_detete_btn'];
$string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['post_detete_btn']);//remove all special characters
$final_string = preg_replace('/-+/', '-', $string);
$post_id = $final_string;
$check_img_query = "SELECT * FROM posts WHERE id ='$post_id' LIMIT 1";
$img_res = mysqli_query($con, $check_img_query);
$res_data = mysqli_fetch_array($img_res);
$image = $res_data['image'];
$query = "DELETE from posts WHERE id = '$post_id' LIMIT 1";
$query_run = mysqli_query($con, $query);
if($query_run)
{
if(file_exists('../uploads/posts/'.$image))
{
unlink('../uploads/posts/'.$image);
}
$_SESSION['message'] = "Post Deleted Successfully";
header('Location: post-view.php');
exit(0);
}else{
$_SESSION['message'] = "Something Went Wrong";
header('Location: post-view.php');
exit(0);
}
}
if(isset($_POST['post_update']))
{
$post_id = $_POST['post_id'];
$category_id = $_POST['category_id'];
$name = $_POST['name'];
$name_bn = $_POST['name_bn'];
$string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['slug']);//remove all special characters
$final_string = preg_replace('/-+/', '-', $string);
$slug = $final_string;
// slug generated by function
$slug = generateSlug($name);
$description = $_POST['description'];
$description_bn = $_POST['description_bn'];
$meta_title = $_POST['meta_title'];
$meta_description = $_POST['meta_description'];
$meta_keyword = $_POST['meta_keyword'];
$date= $_POST['date'];
$author = $_POST['author'];
$old_filename = $_POST['old_image'];
$image = $_FILES['image']['name'];
$update_filename = "";
if($image != NULL)
{
//rename this image
$image_extension = pathinfo($image, PATHINFO_EXTENSION);
$filename= time().'.'.$image_extension;
$update_filename = $filename;
}
else
{
$update_filename = $old_filename;
}
$status = $_POST['status'] == true ? '1':'0';
$query = "UPDATE posts SET category_id ='$category_id' , name='$name', name_bn='$name_bn', slug ='$slug', description ='$description', description_bn ='$description_bn', image = '$update_filename',
meta_title ='$meta_title', meta_description ='$meta_description', meta_keyword ='$meta_keyword', date ='$date' , author ='$author', status ='$status' WHERE id = '$post_id'";
$query_run = mysqli_query($con, $query);
if($query_run)
{
if($image != NULL)
{
if(file_exists('../uploads/posts/'.$old_filename))
{
unlink('../uploads/posts/'.$old_filename);
}
move_uploaded_file($_FILES['image']['tmp_name'], '../uploads/posts/'.$update_filename);
}
$_SESSION['message'] = "Post Updated Successfully";
header('Location: post-edit.php?id='.$post_id);
exit(0);
}else{
$_SESSION['message'] = $query;//"Something Went Wrong";
header('Location: post-edit.php?id='.$post_id);
exit(0);
}
}
if(isset($_POST['post_add']))
{
$category_id = $_POST['category_id'];
$name = $_POST['name'];
$name_bn = $_POST['name_bn'];
// slug from form
$string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['slug']);//remove all special characters
$final_string = preg_replace('/-+/', '-', $string);
$slug = $final_string;
// slug generated by function
$slug = generateSlug($name);
$description = $_POST['description'];
$description_bn = $_POST['description_bn'];
$meta_title = $_POST['meta_title'];
$meta_description = $_POST['meta_description'];
$meta_keyword = $_POST['meta_keyword'];
$image = $_FILES['image']['name'];
//rename this image
$image_extension = pathinfo($image, PATHINFO_EXTENSION);
$filename= time().'.'.$image_extension;
$date= $_POST['date'];
$author = $_POST['author'];
$status = $_POST['status'] == true ? '1':'0';
$query= "INSERT into posts (category_id, name, name_bn, slug, description, description_bn, image, meta_title, meta_description, meta_keyword, date, author, status)
VALUES ('$category_id', '$name', '$name_bn', '$slug', '$description', '$description_bn', '$filename', '$meta_title', '$meta_description', '$meta_keyword','$date','$author' ,'$status' )";
$query_run = mysqli_query($con, $query);
if($query_run)
{
move_uploaded_file($_FILES['image']['tmp_name'], '../uploads/posts/'.$filename);
$_SESSION['message'] = "Post Created Successfully";
header('Location: post-add.php');
exit(0);
}else{
$_SESSION['message'] ="Something Went Wrong";
die();
header('Location: post-add.php');
exit(0);
}
}
if(isset($_POST['category_update']))
{
$category_id = $_POST['category_id'];
$name = $_POST['name'];
$string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['slug']);//remove all special characters
$final_string = preg_replace('/-+/', '-', $string);
$slug = $final_string;
// slug generated by function
$slug = generateSlug($name);
$description = $_POST['description'];
$meta_title = $_POST['meta_title'];
$meta_description = $_POST['meta_description'];
$meta_keyword = $_POST['meta_keyword'];
$navbar_status = $_POST['navbar_status'] == true ? '1':'0';
$status = $_POST['status'] == true ? '1':'0';
$query= "UPDATE categories SET name = '$name', slug = '$slug', description = '$description', meta_title = '$meta_title', meta_description = '$meta_description', meta_keyword = '$meta_keyword',
navbar_status = '$navbar_status', status = '$status' WHERE id = $category_id";
$query_run= mysqli_query($con, $query);
if($query_run)
{
$_SESSION['message'] ="Category Updated Successfully";
header('Location: category-edit.php?id='.$category_id);
exit(0);
}else{
$_SESSION['message'] ="Something Went Wrong";
header('Location: category-edit.php?id='.$category_id);
exit(0);
}
}
if(isset($_POST['category_add']))
{
$name = $_POST['name'];
$string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['slug']);//remove all special characters
$final_string = preg_replace('/-+/', '-', $string);
$slug = $final_string;
// slug generated by function
$slug = generateSlug($name);
$description = $_POST['description'];
$meta_title = $_POST['meta_title'];
$meta_description = $_POST['meta_description'];
$meta_keyword = $_POST['meta_keyword'];
$navbar_status = $_POST['navbar_status'] == true ? '1':'0';
$status = $_POST['status'] == true ? '1':'0';
$query="INSERT INTO categories (name, slug, description, meta_title, meta_description, meta_keyword, navbar_status, status) VALUES
('$name', '$slug', '$description', '$meta_title', '$meta_description', '$meta_keyword', '$navbar_status', '$status')";
$query_run= mysqli_query($con, $query);
if($query_run)
{
$_SESSION['message'] ="Category Added Successfully";
header('Location: category-add.php');
exit(0);
}else{
$_SESSION['message'] ="Something Went Wrong";
header('Location: category-add.php');
exit(0);
}
}
if(isset($_POST['update_user']))
{
// $user_id = $_POST['user_id'];
$string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['user_id']);//remove all special characters
$final_string = preg_replace('/-+/', '-', $string);
$user_id = $final_string;
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$email = $_POST['email'];
//$password = $_POST['password'];
$hash = password_hash($_POST['password'], PASSWORD_DEFAULT);
$role_as = $_POST['role_as'];
$status = $_POST['status'] == true ? '1':'0';
$query = "UPDATE users SET fname='$fname', lname='$lname', email='$email', password='$hash', role_as='$role_as', status='$status'
WHERE id = '$user_id'";
$query_run = mysqli_query($con, $query);
if($query_run)
{
$_SESSION['message'] = "Updated Successfully";
header('Location: view-register.php');
exit(0);
}
}
if(isset($_POST['add_user']))
{
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$email = $_POST['email'];
// $password = $_POST['password'];
$hash = password_hash($_POST['password'], PASSWORD_DEFAULT);
$role_as = $_POST['role_as'];
$status = $_POST['status'] == true ? '1':'0';
$query="INSERT INTO users (fname, lname, email, password, role_as, status) VALUES ('$fname', '$lname', '$email', '$hash', '$role_as', '$status')";
$query_run= mysqli_query($con, $query);
if($query_run)
{
$_SESSION['message'] ="Admin Added Successfully";
header('Location: view-register.php');
exit(0);
}else{
$_SESSION['message'] ="Something Went Wrong";
header('Location: view-register.php');
exit(0);
}
}
if(isset($_POST['user_delete']))
{
// $user_id = $_POST['user_delete'];
$string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['user_delete']);//remove all special characters
$final_string = preg_replace('/-+/', '-', $string);
$user_id = $final_string;
$query = "DELETE from users WHERE id = '$user_id'";
$query_run = mysqli_query($con, $query);
if($query_run)
{
$_SESSION['message'] ="User Delted Successfully";
header('Location: view-register.php');
exit(0);
}else{
$_SESSION['message'] ="Something Went Wrong";
header('Location: view-register.php');
exit(0);
}
}
?>