File "code.php"
Full path: /home/fsibplc/public_html/localhost/admin/code.php
File
size: 66.73 B (66.73 KB bytes)
MIME-type: text/x-php
Charset: utf-8
Download Open Edit Advanced Editor Back
<?php
include('authentication.php');
include('function.php');
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
if(isset($_POST['slider_detete_btn']))
{
$slider_id= $_POST['slider_detete_btn'];
$find_sql = "SELECT * FROM slider WHERE id = ? LIMIT 1";
$stmt = $conn->prepare($find_sql);
$stmt->bind_param("s", $_POST['slider_detete_btn']); // Assuming modal_id is a string. Use "i" for integer.
$stmt->execute();
$result = $stmt->get_result();
// $check_img_query = "SELECT * FROM slider WHERE id ='$slider_id' LIMIT 1";
// $img_res = mysqli_query($con, $check_img_query);
$res_data = mysqli_fetch_array($result);
$image = $res_data['image'];
$find_sql = "DELETE from slider WHERE id = ? LIMIT 1";
$stmt2 = $conn->prepare($find_sql);
$stmt2->bind_param("s", $_POST['slider_detete_btn']); // Assuming modal_id is a string. Use "i" for integer.
$stmt2->execute();
// $query = "DELETE from slider WHERE id = '$slider_id' LIMIT 1";
// $query_run = mysqli_query($con, $query);
if($stmt && $stmt2)
{
if(file_exists('../uploads/slider/'.$image))
{
unlink('../uploads/slider/'.$image);
}
$_SESSION['message'] = "Slider Deleted Successfully";
header('Location: slider-view.php');
exit(0);
}else{
$_SESSION['message'] = "Something Went Wrong";
header('Location: slider-view.php');
exit(0);
}
}
if(isset($_POST['slider_update']))
{
$slider_id = $_POST['slider_id'];
// $name = $_POST['name'];
$name = mysqli_real_escape_string($conn, $_POST['name']);
// $name_bn = $_POST['name_bn'];
$name_bn = mysqli_real_escape_string($conn, $_POST['name_bn']);
$author = $_POST['author'];
$old_filename = $_POST['old_image'];
$image = $_FILES['image']['name'];
$update_filename = "";
if($image != NULL)
{
//rename this image
$image_extension = pathinfo($image, PATHINFO_EXTENSION);
$filename= time().'.'.$image_extension;
$update_filename = $filename;
}
else
{
$update_filename = $old_filename;
}
if(isset($_POST['status'])) {
$status = $_POST['status'] ? '1' : '0';
} else {
$status = '0'; // Default value
}
// $query = "UPDATE slider SET name='$name', name_bn='$name_bn', image = '$update_filename', author ='$author', status ='$status' WHERE id = '$slider_id'";
// $query_run = mysqli_query($con, $query);
$find_sql= "UPDATE slider SET name = ?, name_bn = ?, image = ?, author = ?, status = ? WHERE id = ?";
$stmt = $conn->prepare($find_sql);
$stmt->bind_param('sssssi', $name, $name_bn, $update_filename, $author, $status, $_POST['slider_id']);
$stmt->execute();
// $stmt->close();
if($stmt)
{
if($image != NULL)
{
if(file_exists('../uploads/slider/'.$old_filename))
{
unlink('../uploads/slider/'.$old_filename);
}
move_uploaded_file($_FILES['image']['tmp_name'], '../uploads/slider/'.$update_filename);
}
$_SESSION['message'] = "Updated Successfully";
header('Location: slider-edit.php?id='.$slider_id);
exit(0);
}else{
$_SESSION['message'] = "Something Went Wrong";
header('Location: slider-edit.php?id='.$slider_id);
exit(0);
}
}
if(isset($_POST['slider_add']))
{
$name = mysqli_real_escape_string($con, $_POST['name']);
$name_bn = mysqli_real_escape_string($con, $_POST['name_bn']);
$image = $_FILES['image']['name'];
//rename this image
$image_extension = pathinfo($image, PATHINFO_EXTENSION);
$filename= time().'.'.$image_extension;
$author = $_POST['author'];
if(isset($_POST['status'])) {
$status = $_POST['status'] ? '1' : '0';
} else {
$status = '0'; // Default value
}
$stmt = $conn->prepare("INSERT INTO slider (name, name_bn, image, author, status) VALUES (?, ?, ?, ?, ?)");
$stmt->bind_param('sssss', $name, $name_bn, $filename, $author, $status);
$stmt->execute();
$stmt->close();
// $query= "INSERT into slider (name, name_bn, image, author, status) VALUES ('$name', '$name_bn', '$filename','$author' ,'$status' )";
// $query_run = mysqli_query($con, $query);
if($stmt)
{
move_uploaded_file($_FILES['image']['tmp_name'], '../uploads/slider/'.$filename);
$_SESSION['message'] = "Slider Created Successfully";
header('Location: slider-add.php');
exit(0);
}else{
$_SESSION['message'] ="Something Went Wrong";
header('Location: slider-add.php');
exit(0);
}
}
//Gallery Add
if(isset($_POST['gallery_add']))
{
$category_id = $_POST['category_id'];
$field_1 = mysqli_real_escape_string($con, $_POST['field_1']);
$field_2 = mysqli_real_escape_string($con, $_POST['field_2']);
//$field_3 = mysqli_real_escape_string($con, $_POST['field_3']);
//$field_4 = mysqli_real_escape_string($con, $_POST['field_4']);
$image = $_FILES['image']['name'];
//rename this image
$image_extension = pathinfo($image, PATHINFO_EXTENSION);
$filename= time().'.'.$image_extension;
$author = $_POST['author'];
if(isset($_POST['status'])) {
$status = $_POST['status'] ? '1' : '0';
} else {
$status = '0'; // Default value
}
$stmt = $conn->prepare("INSERT into gallery (category_id, field_1, field_2, image, author, status) VALUES (?, ?,?, ?,?, ?)");
$stmt->bind_param('ssssss', $category_id, $field_1, $field_2, $filename, $author ,$status);
$stmt->execute();
$stmt->close();
// $query= "INSERT into gallery (category_id, field_1, field_2, field_3, field_4, image, author, status)
// VALUES ('$category_id', '$field_1', '$field_2','$field_3', '$field_4', '$filename','$author' ,'$status' )";
// $query_run = mysqli_query($con, $query);
if($stmt)
{
move_uploaded_file($_FILES['image']['tmp_name'], '../uploads/gallery/'.$filename);
$_SESSION['message'] = "Gallery Image Added Successfully";
header('Location: gallery-view.php?id='.$category_id);
exit(0);
}else{
$_SESSION['message'] ="Something Went Wrong";
header('Location: gallery-add.php');
exit(0);
}
}
//gallery update
if(isset($_POST['gallery_update']))
{
$gallery_id = $_POST['gallery_id'];
$category_id = $_POST['category_id'];
$field_1 = mysqli_real_escape_string($con, $_POST['field_1']);
$field_2 = mysqli_real_escape_string($con, $_POST['field_2']);
// $field_3 = mysqli_real_escape_string($con, $_POST['field_3']);
// $field_4 = mysqli_real_escape_string($con, $_POST['field_4']);
$author = $_POST['author'];
$old_filename = $_POST['old_image'];
$image = $_FILES['image']['name'];
$update_filename = "";
if($image != NULL)
{
//rename this image
$image_extension = pathinfo($image, PATHINFO_EXTENSION);
$filename= time().'.'.$image_extension;
$update_filename = $filename;
}else{
$update_filename = $old_filename;
}
if(isset($_POST['status'])) {
$status = $_POST['status'] ? '1' : '0';
} else {
$status = '0'; // Default value
}
$stmt = $conn->prepare("UPDATE gallery SET category_id = ?, field_1 = ?, field_2 = ?, image = ?, author = ?, status = ? WHERE id = ?");
$stmt->bind_param('ssssssi', $category_id, $field_1, $field_2, $update_filename, $author, $status, $gallery_id );
$stmt->execute();
$stmt->close();
// $query = "UPDATE gallery SET category_id='$category_id', field_1='$field_1', field_2='$field_2', image = '$update_filename', author ='$author', status ='$status' WHERE id = '$gallery_id'";
// $query_run = mysqli_query($con, $query);
if($stmt)
{
if($image != NULL)
{
if(file_exists('../uploads/gallery/'.$old_filename))
{
unlink('../uploads/gallery/'.$old_filename);
}
move_uploaded_file($_FILES['image']['tmp_name'], '../uploads/gallery/'.$update_filename);
}
$_SESSION['message'] = "Gallery Updated Successfully";
header('Location: gallery-view.php?id='.$category_id);
exit(0);
}else{
$_SESSION['message'] = "Something Went Wrong";
header('Location: gallery-view.php?id='.$category_id);
exit(0);
}
}
if(isset($_POST['gallery_detete_btn']))
{
$gallery_id= $_POST['gallery_detete_btn'];
$category_id = $_POST['category_id'];
$stmt = $conn->prepare("SELECT * FROM gallery WHERE id = ? LIMIT 1");
$stmt->bind_param("s", $gallery_id);
$stmt->execute();
$result = $stmt->get_result();
// $check_img_query = "SELECT * FROM gallery WHERE id ='$gallery_id' LIMIT 1";
// $img_res = mysqli_query($con, $check_img_query);
$res_data = mysqli_fetch_array($result);
$image = $res_data['image'];
$stmt = $conn->prepare("DELETE from gallery WHERE id = ? LIMIT 1");
$stmt->bind_param("s", $gallery_id);
$stmt->execute();
// $query = "DELETE from gallery WHERE id = '$gallery_id' LIMIT 1";
// $query_run = mysqli_query($con, $query);
if($stmt)
{
if(file_exists('../uploads/gallery/'.$image))
{
unlink('../uploads/gallery/'.$image);
}
$_SESSION['message'] = "Image Deleted Successfully";
header('Location: gallery-view.php?id='.$category_id);
exit(0);
}else{
$_SESSION['message'] = "Something Went Wrong";
header('Location: gallery-view.php?id='.$category_id);
exit(0);
}
}
if(isset($_POST['service_update']))
{
$service_id = $_POST['service_id'];
$name = mysqli_real_escape_string($con, $_POST['name']);
$name_bn = mysqli_real_escape_string($con, $_POST['name_bn']);
// slug take from form
/*$string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['slug']);
$final_string = preg_replace('/-+/', '-', $string);
$name = $final_string;*/
// slug generated by function
//$name= $_POST['slug'];
$table = "services";
$slug = generateSlug($name, $table);
$description = mysqli_real_escape_string($con, $_POST['description']);
$description_bn = mysqli_real_escape_string($con, $_POST['description_bn']);
$meta_title = mysqli_real_escape_string($con, $_POST['meta_title']);
$meta_description = mysqli_real_escape_string($con, $_POST['meta_description']);
$meta_keyword = mysqli_real_escape_string($con, $_POST['meta_keyword']);
$old_filename = $_POST['old_image'];
$image = $_FILES['image']['name'];
$update_filename = "";
if($image != NULL)
{
//rename this image
$image_extension = pathinfo($image, PATHINFO_EXTENSION);
$filename= time().'.'.$image_extension;
$update_filename = $filename;
}
else
{
$update_filename = $old_filename;
}
$old_filename2 = $_POST['old_image2'];
$icon = $_FILES['icon']['name'];
$update_filename2 = "";
if($icon != NULL)
{
//rename this image
$image_extension = pathinfo($icon, PATHINFO_EXTENSION);
$filename= time().'2.'.$image_extension;
$update_filename2 = $filename;
}
else
{
$update_filename2 = $old_filename2;
}
if(isset($_POST['status'])) {
$status = $_POST['status'] ? '1' : '0';
} else {
$status = '0'; // Default value
}
/* $query = "UPDATE services SET name='$name', name_bn='$name_bn', slug ='$slug', description ='$description', description_bn ='$description_bn', image = '$update_filename',
icon = '$update_filename2', meta_title ='$meta_title', meta_description ='$meta_description', meta_keyword ='$meta_keyword', status ='$status' WHERE id = '$service_id'";
$query_run = mysqli_query($con, $query);
*/
$stmt = $conn->prepare("UPDATE services SET name=?, slug = ?, description =?, image = ?,
icon = ?, meta_title =?, meta_description =?, meta_keyword =?, status = ? WHERE id = ?");
$stmt->bind_param('sssssssssi', $name, $slug, $description, $update_filename, $update_filename2, $meta_title, $meta_description, $meta_keyword, $status, $service_id);
$stmt->execute();
if($stmt)
{
if($image != NULL)
{
if(file_exists('../uploads/service/'.$old_filename))
{
unlink('../uploads/service/'.$old_filename);
}
move_uploaded_file($_FILES['image']['tmp_name'], '../uploads/service/'.$update_filename);
}
if($icon != NULL)
{
if(file_exists('../uploads/service/'.$old_filename2))
{
unlink('../uploads/service/'.$old_filename2);
}
move_uploaded_file($_FILES['icon']['tmp_name'], '../uploads/service/'.$update_filename2);
}
$_SESSION['message'] = "Service Updated Successfully";
header('Location: service-edit.php?id='.$service_id);
exit(0);
}else{
$_SESSION['message'] = $query;//"Something Went Wrong";
header('Location: service-edit.php?id='.$service_id);
exit(0);
}
}
if(isset($_POST['add_service']))
{
$name = mysqli_real_escape_string($con, $_POST['name']);
$name_bn = mysqli_real_escape_string($con, $_POST['name_bn']);
// slug take from form
$string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['name']);//remove all special characters
$final_string = preg_replace('/-+/', '-', $string);
$slug = $final_string;
// slug generated by function
$table = "services";
$slug = generateSlug($name, $table);
$description = mysqli_real_escape_string($con, $_POST['description']);
$description_bn = mysqli_real_escape_string($con, $_POST['description_bn']);
$meta_title = mysqli_real_escape_string($con, $_POST['meta_title']);
$meta_description = mysqli_real_escape_string($con, $_POST['meta_description']);
$meta_keyword = mysqli_real_escape_string($con, $_POST['meta_keyword']);
$image = $_FILES['image']['name'];
//rename this image
$image_extension = pathinfo($image, PATHINFO_EXTENSION);
$filename= time().'.'.$image_extension;
$icon = $_FILES['icon']['name'];
//rename this image
$image_extension = pathinfo($icon, PATHINFO_EXTENSION);
$iconfilename= time().'2.'.$image_extension;
if(isset($_POST['status'])) {
$status = $_POST['status'] ? '1' : '0';
} else {
$status = '0'; // Default value
}
$stmt = $conn->prepare("INSERT INTO services (name, name_bn, slug, description, description_bn, image, icon, meta_title, meta_description, meta_keyword, status) VALUES (?, ?,?, ?,?, ?,?, ?,?, ?,?)");
$stmt->bind_param('sssssssssss', $name, $name_bn, $slug, $description, $description_bn, $filename, $iconfilename, $meta_title, $meta_description, $meta_keyword,$status );
$stmt->execute();
$stmt->close();
/* $query= "INSERT into services (name, name_bn, slug, description, description_bn, image, icon, meta_title, meta_description, meta_keyword, status)
VALUES ('$name', '$name_bn', '$slug', '$description', '$description_bn', '$filename', '$iconfilename', '$meta_title', '$meta_description', '$meta_keyword','$status' )";
$query_run = mysqli_query($con, $query);
*/
if($stmt)
{
move_uploaded_file($_FILES['image']['tmp_name'], '../uploads/service/'.$filename);
move_uploaded_file($_FILES['icon']['tmp_name'], '../uploads/service/'.$iconfilename);
$_SESSION['message'] = "Service Created Successfully";
header('Location: service-view.php');
exit(0);
}else{
$_SESSION['message'] ="Something Went Wrong";
header('Location: service-view.php');
exit(0);
}
}
//page add
if(isset($_POST['add_page']))
{
$category_id = mysqli_real_escape_string($con, $_POST['category_id']);
$sql = "SELECT name from categories WHERE id = '$category_id' AND status ='0'";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// Show each data returned by mysql
while($row = $result->fetch_assoc()) {
$cat_name = $row["name"];
}}
$name = mysqli_real_escape_string($con, $_POST['name']);
// $name_bn = mysqli_real_escape_string($con, $_POST['name_bn']);
// slug take from form
//$string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['slug']);//remove all special characters
//$final_string = preg_replace('/-+/', '-', $string);
//$slug = $final_string;
// slug generated by function
$table = "pages";
$slug = generateSlug($name, $table);
$description = mysqli_real_escape_string($con, $_POST['description']);
$description = stripslashes($description);
$description = str_replace('\r\n', '</br>', $description);
// $description_bn = mysqli_real_escape_string($con, $_POST['description_bn']);
$meta_title = mysqli_real_escape_string($con, $_POST['meta_title']);
$meta_description = mysqli_real_escape_string($con, $_POST['meta_description']);
$meta_keyword = mysqli_real_escape_string($con, $_POST['meta_keyword']);
$image = $_FILES['image']['name'];
//rename this image
$image_extension = pathinfo($image, PATHINFO_EXTENSION);
$filename= time().'.'.$image_extension;
$icon = $_FILES['icon']['name'];
//rename this image
$image_extension1 = pathinfo($icon, PATHINFO_EXTENSION);
$iconfilename= time().'2.'.$image_extension1;
if(isset($_POST['status'])) {
$status = $_POST['status'] ? '1' : '0';
} else {
$status = '0'; // Default value
}
$stmt = $conn->prepare("INSERT INTO pages (category_id, category, name, slug, description, image, icon, meta_title, meta_description, meta_keyword, status) VALUES (?, ?,?, ?,?, ?,?, ?,?,?,?)");
$stmt->bind_param('sssssssssss', $category_id, $cat_name, $name, $slug, $description, $filename, $iconfilename, $meta_title, $meta_description, $meta_keyword,$status );
$stmt->execute();
$stmt->close();
/* $query= "INSERT into pages (name, name_bn, slug, description, description_bn, image, icon, meta_title, meta_description, meta_keyword, status)
VALUES ('$name', '$name_bn', '$slug', '$description', '$description_bn', '$filename', '$iconfilename', '$meta_title', '$meta_description', '$meta_keyword','$status' )";
$query_run = mysqli_query($con, $query);
*/
if($stmt)
{
move_uploaded_file($_FILES['image']['tmp_name'], '../uploads/page/'.$filename);
move_uploaded_file($_FILES['icon']['tmp_name'], '../uploads/page/'.$iconfilename);
$_SESSION['message'] = "Page Created Successfully";
header('Location: page-view.php');
exit(0);
}else{
$_SESSION['message'] ="Something Went Wrong";
header('Location: page-view.php');
exit(0);
}
}
//page update
if(isset($_POST['page_update']))
{
$page_id = $_POST['page_id'];
$category_id = $_POST['category_id'];
$sql = "SELECT name from categories WHERE id = '$category_id' AND status ='0'"; //category name fetch
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// Show each data returned by mysql
while($row = $result->fetch_assoc()) {
$cat_name = $row["name"];
}}
$name = mysqli_real_escape_string($con, $_POST['name']);
$name_bn = mysqli_real_escape_string($con, $_POST['name_bn']);
// slug take from form
/*$string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['slug']);//remove all special characters
$final_string = preg_replace('/-+/', '-', $string);
$slug = $final_string;*/
// slug generated by function
//$table = "pages";
//$slug = generateSlug($name, $table);
$description = mysqli_real_escape_string($con, $_POST['description']);
$description = stripslashes($description);
$description = str_replace('rn', ' ', $description);
$description_bn = mysqli_real_escape_string($con, $_POST['description_bn']);
$meta_title = mysqli_real_escape_string($con, $_POST['meta_title']);
$meta_description = mysqli_real_escape_string($con, $_POST['meta_description']);
$meta_keyword = mysqli_real_escape_string($con, $_POST['meta_keyword']);
$old_filename = $_POST['old_image'];
$image = $_FILES['image']['name'];
$update_filename = "";
if($image != NULL)
{
//rename this image
$image_extension = pathinfo($image, PATHINFO_EXTENSION);
$filename= time().'.'.$image_extension;
$update_filename = $filename;
}
else
{
$update_filename = $old_filename;
}
$old_filename2 = $_POST['old_image2'];
$icon = $_FILES['icon']['name'];
$update_filename2 = "";
if($icon != NULL)
{
//rename this image
$image_extension = pathinfo($icon, PATHINFO_EXTENSION);
$filename= time().'2.'.$image_extension;
$update_filename2 = $filename;
}
else
{
$update_filename2 = $old_filename2;
}
if(isset($_POST['status'])) {
$status = $_POST['status'] ? '1' : '0';
} else {
$status = '0'; // Default value
}
$stmt = $conn->prepare("UPDATE pages SET category_id = ?, category = ?, name= ?, name_bn= ?, description =? , description_bn =?,
image = ?, icon = ?, meta_title =?, meta_description =?, meta_keyword =?, status =? WHERE id = ?");
$stmt->bind_param('ssssssssssssi', $category_id, $cat_name, $name, $name_bn, $description, $description_bn, $update_filename, $update_filename2, $meta_title, $meta_description, $meta_keyword,$status, $page_id);
$stmt->execute();
$stmt->close();
if($stmt)
{
if($image != NULL)
{
if(file_exists('../uploads/page/'.$old_filename))
{
unlink('../uploads/page/'.$old_filename);
}
move_uploaded_file($_FILES['image']['tmp_name'], '../uploads/page/'.$update_filename);
}
if($icon != NULL)
{
if(file_exists('../uploads/page/'.$old_filename2))
{
unlink('../uploads/page/'.$old_filename2);
}
move_uploaded_file($_FILES['icon']['tmp_name'], '../uploads/page/'.$update_filename2);
}
$_SESSION['message'] = "page Updated Successfully";
header('Location: page-edit.php?id='.$page_id);
exit(0);
}else{
$_SESSION['message'] = $query;//"Something Went Wrong";
header('Location: page-edit.php?id='.$page_id);
exit(0);
}
}
if(isset($_POST['post_detete_btn']))
{
// $post_id= $_POST['post_detete_btn'];
/*$check_img_query = "SELECT * FROM posts WHERE id ='$post_id' LIMIT 1";
$img_res = mysqli_query($con, $check_img_query);
$res_data = mysqli_fetch_array($img_res);*/
$stmt = $conn->prepare("SELECT * FROM posts WHERE id = ? LIMIT 1");
$stmt->bind_param("s", $_POST['post_detete_btn']);
$stmt->execute();
$result = $stmt->get_result();
$res_data = mysqli_fetch_array($result);
$image = $res_data['image'];
$stmt2 = $conn->prepare("DELETE from posts WHERE id = ? LIMIT 1");
$stmt2->bind_param("i", $_POST['post_detete_btn']);
$stmt2->execute();
//$query = "DELETE from posts WHERE id = '$post_id' LIMIT 1";
//$query_run = mysqli_query($con, $query);
if($stmt && $stmt2)
{
if(file_exists('../'.$image))
{
unlink('../'.$image);
}
$_SESSION['message'] = "Post Deleted Successfully";
header('Location: post-view.php');
exit(0);
}else{
$_SESSION['message'] = "Something Went Wrong";
header('Location: post-view.php');
exit(0);
}
}
if(isset($_POST['post_update']))
{
$post_id = $_POST['post_id'];
$category_id = $_POST['category_id'];
$name = mysqli_real_escape_string($con, $_POST['name']);
// $name_bn = mysqli_real_escape_string($con, $_POST['name_bn']);
$sql = "SELECT name from categories WHERE id = '$category_id' AND status ='0'";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// Show each data returned by mysql
while($row = $result->fetch_assoc()) {
$cat_name = $row["name"];
}}
// slug take from form
/*$string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['slug']);//remove all special characters
$final_string = preg_replace('/-+/', '-', $string);
$slug = $final_string;*/
// slug generated by function
$table = "posts";
$slug = generateSlug($name, $table);
$description = mysqli_real_escape_string($con, $_POST['description']);
$description = stripslashes($description);
// $description = str_replace('rn', ' ', $description);
// $description_bn = mysqli_real_escape_string($con, $_POST['description_bn']);
$meta_title = mysqli_real_escape_string($con, $_POST['meta_title']);
$meta_description = mysqli_real_escape_string($con, $_POST['meta_description']);
$meta_keyword = mysqli_real_escape_string($con, $_POST['meta_keyword']);
$date= $_POST['date'];
$author = $_POST['author'];
//$status = $_POST['status'] == true ? '1':'0';
if(isset($_POST['status'])) {
$status = $_POST['status'] ? '1' : '0';
} else {
$status = '0'; // Default value
}
$old_filename = $_POST['old_image'];
$image = $_FILES['image']['name'];
$frmdomain_path = "";
if($image != NULL)
{
//rename this image
//image upload code purpose
$temp = explode(".", $_FILES["image"]["name"]);
$extension = end($temp);
if(!(
$_FILES['image']['type']=='image/jpeg' || $_FILES['image']['type']=='image/png' || $_FILES['image']['type']=='image/gif' || $_FILES['image']['type']=='image/bmp'
)) // if file does not equal these types, kill it
{
echo $_FILES['image']['type'] . " is not an acceptable format.";
die();
}
if ($_FILES["image"]["size"] > 1000000)
{
echo "File too big. Max 1 mb Accepted!";
die();
}
if ($_FILES["image"]["error"] > 0)
{ echo "Return Code: " . $_FILES["image"]["error"] . "<br>";
}
else
{
//for image file
$newname = $slug;
$new_file_name = $newname.".".$extension;
$path = "../uploads/";
$year_folder = $path . date("Y");
$month_folder = $year_folder . '/' . date("m");
!file_exists($year_folder) && mkdir($year_folder , 0777);
!file_exists($month_folder) && mkdir($month_folder, 0777);
$path = $month_folder . '/' . $new_file_name;
$frmdomain_path = ltrim($path, '..');
}
}
else
{
$frmdomain_path = $old_filename;
} //if image not null end
// $path = "../uploads/posts/".$new_file_name;
// $frmdomain_path = "/uploads/posts/".$new_file_name;
/* $query= "INSERT into posts (category_id, name, slug, description, image, meta_title, meta_description, meta_keyword, date, author, status)
VALUES ('$category_id', '$name', '$slug', '$description', '$frmdomain_path', '$meta_title', '$meta_description', '$meta_keyword','$date','$author' ,'$status' )";
$query_run = mysqli_query($con, $query);
*/
/* $query = "UPDATE posts SET category_id ='$category_id' , name='$name', slug ='$slug', description ='$description', image = '$frmdomain_path',
meta_title ='$meta_title', meta_description ='$meta_description', meta_keyword ='$meta_keyword', date ='$date' , author ='$author', status ='$status' WHERE id = '$post_id'";
$query_run = mysqli_query($con, $query);
*/
$stmt = $conn->prepare("UPDATE posts SET category_id =?, category = ?, name=?, slug =?, description =?, image = ?,
meta_title =?, meta_description =?, meta_keyword =?, date =? , author =?, status =? WHERE id = ?");
$stmt->bind_param('ssssssssssssi', $category_id, $cat_name, $name, $slug, $description, $frmdomain_path, $meta_title, $meta_description, $meta_keyword, $date, $author ,$status, $post_id);
$stmt->execute();
$stmt->close();
if($stmt)
{
if($image != NULL)
{
if(file_exists('..'.$old_filename))
{
unlink('..'.$old_filename);
}
// move_uploaded_file($_FILES['image']['tmp_name'], '../uploads/'.$frmdomain_path);
move_uploaded_file($_FILES["image"]["tmp_name"],$path);
echo json_encode(array(
"success" => true,
"imagepath" => $path,
"filetype" => $_FILES["image"]["type"],
"new_file_name" => $newname,
"fileName" => $_FILES["image"]["name"],
"fileTmp" => $_FILES["image"]["tmp_name"],
));
}
$_SESSION['message'] = "Post Updated Successfully";
header('Location: post-edit.php?id='.$post_id);
exit(0);
}else{
$_SESSION['message'] = "Something Went Wrong";
header('Location: post-edit.php?id='.$post_id);
exit(0);
} //query run end
}//isset button end
if(isset($_POST['post_add']))
{
// ob_start(); // Start output buffering
$category_id = mysqli_real_escape_string($con, $_POST['category_id']);
$sql = "SELECT name from categories WHERE id = '$category_id' AND status ='0'";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// Show each data returned by mysql
while($row = $result->fetch_assoc()) {
$cat_name = $row["name"];
}}
$name = mysqli_real_escape_string($con, $_POST['name']);
// $name_bn = mysqli_real_escape_string($con, $_POST['name_bn']);
// slug take from form
/* $string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['slug']);//remove all special characters
$final_string = preg_replace('/-+/', '-', $string);
$slug = $final_string;*/
// slug generated by function
$table = "posts";
$slug = generateSlug($name, $table);
$description = mysqli_real_escape_string($con, $_POST['description']);
$description = stripslashes($description);
$description = str_replace('rn', ' ', $description);
//$description_bn = mysqli_real_escape_string($con, $_POST['description_bn']);
$meta_title = mysqli_real_escape_string($con, $_POST['meta_title']);
$meta_description = mysqli_real_escape_string($con, $_POST['meta_description']);
$meta_keyword = mysqli_real_escape_string($con, $_POST['meta_keyword']);
$date= $_POST['date'];
$author = $_POST['author'];
if(isset($_POST['status'])) {
$status = $_POST['status'] ? '1' : '0';
} else {
$status = '0'; // Default value
}
/* $image = $_FILES['image']['name'];
//rename this image
$image_extension = pathinfo($image, PATHINFO_EXTENSION);
$filename= time().'.'.$image_extension;*/
//image upload code purpose
$temp = explode(".", $_FILES["image"]["name"]);
$extension = end($temp);
if(!(
$_FILES['image']['type']=='image/jpeg' ||
$_FILES['image']['type']=='image/png' ||
$_FILES['image']['type']=='image/gif' ||
$_FILES['image']['type']=='image/bmp'
)) // if file does not equal these types, kill it
{
echo $_FILES['image']['type'] . " is not an acceptable format.";
die();
}
if ($_FILES["image"]["size"] > 1000000)
{
echo "File too big. Max 1 mb Accepted!";
die();
}
if ($_FILES["image"]["error"] > 0)
{
echo "Return Code: " . $_FILES["image"]["error"] . "<br>";
}
else
{
//for image file
$newname = $slug;
$new_file_name = $newname.".".$extension;
$path = "../uploads/";
// $path = "uploads/";
$year_folder = $path . date("Y");
$month_folder = $year_folder . '/' . date("m");
!file_exists($year_folder) && mkdir($year_folder , 0777);
!file_exists($month_folder) && mkdir($month_folder, 0777);
$path = $month_folder . '/' . $new_file_name;
// $frmdomain_path = ltrim($path, '../');
if (str_starts_with($path, '../')) {
$frmdomain_path = mb_substr($path, 3); // Remove the first three characters '../'
} else {
$frmdomain_path = $path;
}
$stmt = $con->prepare("INSERT into posts (category_id, category, name, slug, description, image,
meta_title, meta_description, meta_keyword, date, author, status) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?,?)");
$stmt->bind_param('ssssssssssss', $category_id, $cat_name, $name, $slug, $description, $frmdomain_path, $meta_title, $meta_description, $meta_keyword,$date,$author ,$status);
$stmt->execute();
$stmt->close();
// $path = "../uploads/posts/".$new_file_name;
// $frmdomain_path = "/uploads/posts/".$new_file_name;
/* $query= "INSERT into posts (category_id, name, slug, description, image, meta_title, meta_description, meta_keyword, date, author, status)
VALUES ('$category_id', '$name', '$slug', '$description', '$frmdomain_path', '$meta_title', '$meta_description', '$meta_keyword','$date','$author' ,'$status' )";
$query_run = mysqli_query($con, $query);
*/
if($stmt)
{
move_uploaded_file($_FILES["image"]["tmp_name"],$path);
json_encode(array(
"success" => true,
"imagepath" => $path,
"filetype" => $_FILES["image"]["type"],
"new_file_name" => $newname,
"fileName" => $_FILES["image"]["name"],
"fileTmp" => $_FILES["image"]["tmp_name"],
));
//move_uploaded_file($_FILES['image']['tmp_name'], '../uploads/posts/'.$filename);
$_SESSION['message'] ="Post Created Successfully";
header('Location:post-add.php');
// ob_end_flush(); // Flush output buffer and send headers
exit;;
}else{
$_SESSION['message'] ="Something Went Wrong";
header('Location:post-add.php');
exit;;
}//if query run end
} //if file error end
} //if isset end
if(isset($_POST['category_update']))
{
$category_id = $_POST['category_id'];
$name = mysqli_real_escape_string($con, $_POST['name']);
// slug take from form
$string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['slug']);//remove all special characters
$final_string = preg_replace('/-+/', '-', $string);
$slug = $final_string;
// slug generated by function
$table = "categories";
$slug = generateSlug($name, $table);
$description = mysqli_real_escape_string($con, $_POST['description']);
$category_type = mysqli_real_escape_string($con, $_POST['category_type']);
$meta_title = mysqli_real_escape_string($con, $_POST['meta_title']);
$meta_description = mysqli_real_escape_string($con, $_POST['meta_description']);
$meta_keyword = mysqli_real_escape_string($con, $_POST['meta_keyword']);
$navbar_status = $_POST['navbar_status'] == true ? '1':'0';
if(isset($_POST['status'])) {
$status = $_POST['status'] ? '1' : '0';
} else {
$status = '0'; // Default value
}
$stmt = $conn->prepare("UPDATE categories SET name = ?, slug = ?, description = ?,
category_type = ?, meta_title = ?, meta_description = ?,
meta_keyword = ?, navbar_status = ?, status = ? WHERE id = ?");
$stmt->bind_param('sssssssssi', $name, $slug, $description, $category_type, $meta_title, $meta_description,
$meta_keyword, $navbar_status, $status, $category_id);
$stmt->execute();
$stmt->close();
/* $query= "UPDATE categories SET name = '$name', slug = '$slug', description = '$description', category_type = '$category_type', meta_title = '$meta_title', meta_description = '$meta_description', meta_keyword = '$meta_keyword',
navbar_status = '$navbar_status', status = '$status' WHERE id = $category_id";
$query_run= mysqli_query($con, $query);
*/
if($stmt)
{
$_SESSION['message'] ="Category Updated Successfully";
header('Location: category-edit.php?id='.$category_id);
exit(0);
}else{
$_SESSION['message'] ="Something Went Wrong";
header('Location: category-edit.php?id='.$category_id);
exit(0);
}
}
if(isset($_POST['category_add']))
{
$name = mysqli_real_escape_string($con, $_POST['name']);
// $string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['slug']);
//$final_string = preg_replace('/-+/', '-', $string);
//$slug = $final_string;
// slug generated by function
$table = "categories";
$slug = generateSlug($name, $table);
$description = mysqli_real_escape_string($con, $_POST['description']);
$category_type = mysqli_real_escape_string($con, $_POST['category_type']);
$meta_title = mysqli_real_escape_string($con, $_POST['meta_title']);
$meta_description = mysqli_real_escape_string($con, $_POST['meta_description']);
$meta_keyword = mysqli_real_escape_string($con, $_POST['meta_keyword']);
if(isset($_POST['navbar_status'])) {
// $navbar_status = $_POST['navbar_status'];
$navbar_status = $_POST['navbar_status'] == true ? '1':'0';
} else {
$navbar_status = '0';
// echo "Warning: 'navbar_status' is not set in the POST array.";
}
// $navbar_status = $_POST['navbar_status'] == true ? '1':'0';
// $status = $_POST['status'] == true ? '1':'0';
if(isset($_POST['status'])) {
$status = $_POST['status'] ? '1' : '0';
} else {
$status = '0'; // Default value
}
$stmt = $conn->prepare("INSERT INTO categories (name, slug, description, category_type, meta_title, meta_description, meta_keyword, navbar_status, status) VALUES
(?, ?, ?, ?, ?, ?, ?, ?, ?)");
$stmt->bind_param('sssssssss', $name, $slug, $description, $category_type, $meta_title, $meta_description,
$meta_keyword, $navbar_status, $status);
$stmt->execute();
$stmt->close();
/*
$query="INSERT INTO categories (name, slug, description, category_type, meta_title, meta_description, meta_keyword, navbar_status, status) VALUES
('$name', '$slug', '$description', '$category_type', '$meta_title', '$meta_description', '$meta_keyword', '$navbar_status', '$status')";
$query_run= mysqli_query($con, $query);
*/
if($stmt)
{
$_SESSION['message'] ="Category Added Successfully";
header('Location: category-view.php');
exit(0);
}else{
$_SESSION['message'] ="Something Went Wrong";
header('Location: category-add.php');
exit(0);
}
}
//Location Start
if(isset($_POST['location_add']))
{
$zone_name = mysqli_real_escape_string($con, $_POST['zone_name']);
$br_name = mysqli_real_escape_string($con, $_POST['br_name']);
$type = mysqli_real_escape_string($con, $_POST['type']);
$br_address = mysqli_real_escape_string($con, $_POST['br_address']);
$inaguration = mysqli_real_escape_string($con, $_POST['inaguration']);
$lattitude = mysqli_real_escape_string($con, $_POST['lattitude']);
$longitude = mysqli_real_escape_string($con, $_POST['longitude']);
$email = mysqli_real_escape_string($con, $_POST['email']);
$br_manager = mysqli_real_escape_string($con, $_POST['br_manager']);
$man_opration = mysqli_real_escape_string($con, $_POST['man_opration']);
$br_code = mysqli_real_escape_string($con, $_POST['br_code']);
$routing_no = mysqli_real_escape_string($con, $_POST['routing_no']);
$phone_no = mysqli_real_escape_string($con, $_POST['phone_no']);
$fax = mysqli_real_escape_string($con, $_POST['fax']);
$mother_br = mysqli_real_escape_string($con, $_POST['mother_br']);
// $navbar_status = $_POST['navbar_status'] == true ? '1':'0';
// $status = $_POST['status'] == true ? '1':'0';
$stmt = $conn->prepare("INSERT INTO location (zone_name, br_name, br_address, inaguration, lattitude,
longitude, email, br_manager, man_opration, br_code, routing_no, type, phone_no, fax, mother_br)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
$stmt->bind_param('sssssssssssssss', $zone_name, $br_name, $br_address, $inaguration, $lattitude, $longitude, $email, $br_manager, $man_opration, $br_code, $routing_no, $type, $phone_no, $fax, $mother_br);
$stmt->execute();
$stmt->close();
/*
$query="INSERT INTO location (zone_name, br_name, br_address, inaguration, lattitude, longitude, email, br_manager, man_opration, br_code, routing_no, type, phone_no, fax, mother_br) VALUES
('$zone_name', '$br_name', '$br_address', '$inaguration', '$lattitude', '$longitude', '$email', '$br_manager', '$man_opration', '$br_code', '$routing_no', '$type', '$phone_no', '$fax', '$mother_br')";
$query_run= mysqli_query($con, $query);
*/
if($stmt)
{
$_SESSION['message'] = $zone_name;//"Location Added Successfully";
header('Location: location-view.php');
exit(0);
}else{
$_SESSION['message'] ="Something Went Wrong";
header('Location: location-add.php');
exit(0);
}
}
if(isset($_POST['location_update']))
{
// // slug take from form
// $string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['slug']);//remove all special characters
// $final_string = preg_replace('/-+/', '-', $string);
// $slug = $final_string;
// // slug generated by function
// $slug = generateSlug($name);
$id = $_POST['location_id'];
$zone_name = mysqli_real_escape_string($con, $_POST['zone_name']);
$br_name = mysqli_real_escape_string($con, $_POST['br_name']);
$type = mysqli_real_escape_string($con, $_POST['loc_type']);
$br_address = mysqli_real_escape_string($con, $_POST['br_address']);
$inaguration = mysqli_real_escape_string($con, $_POST['inaguration']);
$lattitude = mysqli_real_escape_string($con, $_POST['lattitude']);
$longitude = mysqli_real_escape_string($con, $_POST['longitude']);
$email = mysqli_real_escape_string($con, $_POST['email']);
$br_manager = mysqli_real_escape_string($con, $_POST['br_manager']);
$man_opration = mysqli_real_escape_string($con, $_POST['man_opration']);
$br_code = mysqli_real_escape_string($con, $_POST['br_code']);
$routing_no = mysqli_real_escape_string($con, $_POST['routing_no']);
$phone_no = mysqli_real_escape_string($con, $_POST['phone_no']);
$fax = mysqli_real_escape_string($con, $_POST['fax']);
$mother_br = mysqli_real_escape_string($con, $_POST['mother_br']);
$stmt = $conn->prepare("UPDATE location SET zone_name = ?, br_name = ?, type = ?, br_address = ?,
inaguration = ?, lattitude = ?, longitude = ?, email = ?, br_manager = ?, man_opration = ?,
br_code = ?, routing_no = ?, phone_no = ?, fax = ?, mother_br = ? WHERE id = ?");
$stmt->bind_param('sssssssssssssssi', $zone_name, $br_name, $type, $br_address, $inaguration, $lattitude,
$longitude, $email, $br_manager, $man_opration, $br_code, $routing_no, $phone_no, $fax, $mother_br,$id);
$stmt->execute();
$stmt->close();
if($stmt)
{
$_SESSION['message'] ="Location Updated Successfully";
header('Location: location-view.php');
// header('Location: location-edit.php?id='.$id.'?type='.$type.');
exit(0);
}else{
$_SESSION['message'] ="Something Went Wrong";
header('Location: location-view.php');
// header('Location: location-edit.php?id='.$id);
exit(0);
}
}
//Location End
if(isset($_POST['update_user']))
{
$user_id = mysqli_real_escape_string($con, $_POST['user_id']);
$fname = mysqli_real_escape_string($con, $_POST['fname']);
$lname = mysqli_real_escape_string($con, $_POST['lname']);
$email = mysqli_real_escape_string($con, $_POST['email']);
//$password = $_POST['password'];
$hash = password_hash($_POST['password'], PASSWORD_DEFAULT);
$role_as = $_POST['role_as'];
if(isset($_POST['status'])) {
$status = $_POST['status'] ? '1' : '0';
} else {
$status = '0'; // Default value
}
$stmt = $conn->prepare("UPDATE users SET fname=?, lname=?, email=?, password=?,
role_as=?, status=? WHERE id = ?");
$stmt->bind_param('ssssssi', $fname, $lname, $email, $hash, $role_as, $status, $user_id);
$stmt->execute();
$stmt->close();
/* $query = "UPDATE users SET fname='$fname', lname='$lname', email='$email', password='$hash',
role_as='$role_as', status='$status' WHERE id = '$user_id'";
$query_run = mysqli_query($con, $query);
*/
if($stmt)
{
$_SESSION['message'] = "Updated Successfully";
header('Location: view-register.php');
exit(0);
}
}
if(isset($_POST['add_user']))
{
$fname = mysqli_real_escape_string($con, $_POST['fname']);
$lname = mysqli_real_escape_string($con, $_POST['lname']);
$email = mysqli_real_escape_string($con, $_POST['email']);
// $password = $_POST['password'];
$hash = password_hash($_POST['password'], PASSWORD_DEFAULT);
$role_as = $_POST['role_as'];
if(isset($_POST['status'])) {
$status = $_POST['status'] ? '1' : '0';
} else {
$status = '0'; // Default value
}
$stmt = $conn->prepare("INSERT INTO users (fname, lname, email, password, role_as, status) VALUES (?, ?, ?, ?, ?, ?)");
$stmt->bind_param('ssssss', $fname, $lname, $email, $hash, $role_as, $status);
$stmt->execute();
$stmt->close();
// $query="INSERT INTO users (fname, lname, email, password, role_as, status) VALUES ('$fname', '$lname', '$email', '$hash', '$role_as', '$status')";
// $query_run= mysqli_query($con, $query);
if($stmt)
{
$_SESSION['message'] ="Admin Added Successfully";
header('Location: view-register.php');
exit(0);
}else{
$_SESSION['message'] ="Something Went Wrong";
header('Location: view-register.php');
exit(0);
}
}
if(isset($_POST['user_delete']))
{
$user_id = $_POST['user_delete'];
$stmt = $conn->prepare("DELETE from users WHERE id = ?");
$stmt->bind_param("s", $user_id);
$stmt->execute();
if($stmt)
{
$_SESSION['message'] ="User Delted Successfully";
header('Location: view-register.php');
exit(0);
}else{
$_SESSION['message'] ="Something Went Wrong";
header('Location: view-register.php');
exit(0);
}
}
//add site info
if(isset($_POST['add_siteinfo']))
{
$fieldname = mysqli_real_escape_string($con, $_POST['fieldname']);
$value = mysqli_real_escape_string($con, $_POST['value']);
if(isset($_POST['status'])) {
$status = $_POST['status'] ? '1' : '0';
} else {
$status = '0'; // Default value
}
$stmt = $conn->prepare("INSERT INTO site_details (field_name, value, status) VALUES (?, ?, ?)");
$stmt->bind_param('sss', $fieldname, $value, $status);
$stmt->execute();
$stmt->close();
///$query="INSERT INTO site_details (field_name, value, status) VALUES ('$fieldname', '$value', '$status')";
// $query_run= mysqli_query($con, $query);
if($stmt)
{
$_SESSION['message'] ="Info Field Added Successfully";
header('Location: site_view.php');
exit(0);
}else{
$_SESSION['message'] ="Something Went Wrong";
header('Location: site_view.php');
exit(0);
}
}
//site info delete
if(isset($_POST['siteinfo_delete']))
{
$siteinfo_id = $_POST['siteinfo_delete'];
$stmt = $conn->prepare("DELETE from site_details WHERE id = ?");
$stmt->bind_param("s", $siteinfo_id);
$stmt->execute();
if($stmt)
{
$_SESSION['message'] ="Info Deleted Successfully";
header('Location: site_view.php');
exit(0);
}else{
$_SESSION['message'] ="Something Went Wrong";
header('Location: site_view.php');
exit(0);
}
}
//update site info
if(isset($_POST['update_info']))
{
$info_id = $_POST['info_id'];
$fieldname = mysqli_real_escape_string($con, $_POST['fieldname']);
$value = mysqli_real_escape_string($con, $_POST['value']);
if(isset($_POST['status'])) {
$status = $_POST['status'] ? '1' : '0';
} else {
$status = '0'; // Default value
}
$old_filename = $_POST['old_image'];
$image = $_FILES['image']['name'];
//$update_filename = "";
if($fieldname == "Logo"){
if($image != NULL)
{
//rename this image
$image_extension = pathinfo($image, PATHINFO_EXTENSION);
$filename= time().'.'.$image_extension;
$value = $filename;
}
else
{
$value = $old_filename;
}
}
/*$query = "UPDATE site_details SET id='$info_id', field_name='$fieldname',
value='$value', status='$status' WHERE id = '$info_id'";
$query_run = mysqli_query($con, $query);*/
$stmt = $conn->prepare("UPDATE site_details SET id=?, field_name=?,
value=?, status=? WHERE id = ?");
$stmt->bind_param('ssssi', $info_id, $fieldname, $value, $status, $info_id);
$stmt->execute();
$stmt->close();
/* if($image != NULL)
{
}else{
$query = "UPDATE site_details SET id='$info_id', field_name='$fieldname', value='$value', status='$status' WHERE id = '$info_id'";
}
*/
if($stmt)
{
if($image != NULL)
{
if(file_exists('../uploads/'.$old_filename))
{
unlink('../uploads/'.$old_filename);
$value1 = '../uploads/'.$old_filename;
}
move_uploaded_file($_FILES['image']['tmp_name'], '../uploads/'.$value);
}
$_SESSION['message'] = "Updated Successfully";
header('Location: site_view.php');
exit(0);
}else{
$_SESSION['message'] = "Something Went Wrong";
header('Location: site_view.php');
exit(0);
}
}
//Bulk Content Upload start
/*
if (isset($_POST['bulk_content_upload']))
{
$author= $_SESSION['auth_user']['user_name'];
$status = 0;
$fileMimes = array(
'text/x-comma-separated-values',
'text/comma-separated-values',
'application/octet-stream',
'application/vnd.ms-excel',
'application/x-csv',
'text/x-csv',
'text/csv',
'application/csv',
'application/excel',
'application/vnd.msexcel',
'text/plain'
);
// Validate selected file is a CSV file or not
if (!empty($_FILES['file']['name']) && in_array($_FILES['file']['type'], $fileMimes))
{
// Open uploaded CSV file with read-only mode
$csvFile = fopen($_FILES['file']['tmp_name'], 'r');
// Skip the first line
fgetcsv($csvFile);
// Parse data from CSV file line by line
while (($getData = fgetcsv($csvFile, 10000, ",")) !== FALSE)
{
// Get row data
// $branch_code = $getData[0];
$title = $getData[1];
$slug = generateSlug($title);
$content = mysqli_real_escape_string($con, $getData[2]);
$image = $getData[3];
$category = $getData[4];
// $cat_query = mysqli_query($connection_db, "SELECT id FROM `categories` WHERE name = '$category'");
$category_id= 36;
//$div_name = mysqli_real_escape_string($connection_db, $getData[4]);
$date = $getData[5];
// $div_code = $getData[6];
$query_insert = "INSERT INTO posts (category_id, name, slug, description, image, meta_title, status, date, author)
VALUES ('" . $category_id . "', '" . $title . "', '" . $slug . "', '" . $content . "', '" . $image . "',
'" . $title . "','" . $status . "','" . $date . "',
'" . $author . "')";
$res = mysqli_query($con, $query_insert);
}
// Close opened CSV file
fclose($csvFile);
$_SESSION['success'] = "Completed";
header("Location: bulk_content_Upload.php");
}
else
{
echo "Please select valid file";
}
}
//Bulk Content Upload end
?>
*/
//merchant add
if(isset($_POST['merchant_add']))
{
$merchant_name = mysqli_real_escape_string($con, $_POST['merchant_name']);
$merchant_category = mysqli_real_escape_string($con, $_POST['merchant_category']);
$discount_text = mysqli_real_escape_string($con, $_POST['discount_text']);
$merchant_link = mysqli_real_escape_string($con, $_POST['merchant_link']);
$date= $_POST['date'];
$author = $_POST['author'];
// slug generated by function
$table = "merchant_card";
$name = $merchant_name; //fr different form
$slug = generateSlug($name, $table);
if(isset($_POST['status'])) {
$status = $_POST['status'] ? '1' : '0';
} else {
$status = '0'; // Default value
}
//image upload code purpose
$temp = explode(".", $_FILES["image"]["name"]);
$extension = end($temp);
if(!(
$_FILES['image']['type']=='image/jpeg' || $_FILES['image']['type']=='image/png' || $_FILES['image']['type']=='image/gif' || $_FILES['image']['type']=='image/bmp'
)) // if file does not equal these types, kill it
{
$_SESSION['message'] = $_FILES['image']['type'] . " is not an acceptable format.";
header('Location:merchant-add.php');
exit;
}
if ($_FILES["image"]["size"] > 500000)
{
$_SESSION['message'] ="File too big. Max 500 kb Accepted!";
header('Location:merchant-add.php');
exit;
// echo "File too big. Max 500 kb Accepted!"; die();
}
if ($_FILES["image"]["error"] > 0)
{ echo "Return Code: " . $_FILES["image"]["error"] . "<br>";
}
else
{
//for image file
$newname = $slug;
$new_file_name = $newname.".".$extension;
$path = "../uploads/merchant_card";
$path = $path . '/' . $new_file_name;
// $path = "uploads/";
// $year_folder = $path . date("Y");
// $month_folder = $year_folder . '/' . date("m");
// !file_exists($year_folder) && mkdir($year_folder , 0777);
// !file_exists($month_folder) && mkdir($month_folder, 0777);
// $path = $month_folder . '/' . $new_file_name;
// $frmdomain_path = ltrim($path, '../');
if (str_starts_with($path, '../')) {
$frmdomain_path = mb_substr($path, 3); // Remove the first three characters '../'
} else {
$frmdomain_path = $path;
}
$stmt = $conn->prepare("INSERT INTO merchant_card (merchant_name, slug, merchant_category, discount_text, merchant_link, expiry_date, image, status, author) VALUES (?,?, ?,?, ?,?, ?,?, ?)");
$stmt->bind_param('sssssssss', $merchant_name, $slug, $merchant_category, $discount_text, $merchant_link, $date, $frmdomain_path, $status, $author );
$stmt->execute();
$stmt->close();
if($stmt)
{
move_uploaded_file($_FILES["image"]["tmp_name"],$path);
json_encode(array(
"success" => true,
"imagepath" => $path,
"filetype" => $_FILES["image"]["type"],
"new_file_name" => $newname,
"fileName" => $_FILES["image"]["name"],
"fileTmp" => $_FILES["image"]["tmp_name"],
));
$_SESSION['message'] ="Merchant Added Successfully";
header('Location:merchant-view.php');
// ob_end_flush(); // Flush output buffer and send headers
exit;
}else{
$_SESSION['message'] ="Something Went Wrong";
header('Location:merchant-add.php');
exit;
}//if stmt
} //if file error end
} //if isset end
//merchant update
if(isset($_POST['merchant_update']))
{
$merchant_id = $_POST['merchant_id'];
$merchant_name = mysqli_real_escape_string($con, $_POST['merchant_name']);
$merchant_category = mysqli_real_escape_string($con, $_POST['merchant_category']);
$discount_text = mysqli_real_escape_string($con, $_POST['discount_text']);
$merchant_link = mysqli_real_escape_string($con, $_POST['merchant_link']);
$date= $_POST['date'];
$author = $_POST['author'];
// slug take from form
/*$string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['slug']);
$final_string = preg_replace('/-+/', '-', $string);
$name = $final_string;*/
// slug generated by function
//$name= $_POST['slug'];
/*$table = "merchant_card";
$name = $merchant_name; //fr different form
$slug = generateSlug($name, $table); */
$string = preg_replace('/[^A-Za-z0-9\-]/','-',$_POST['merchant_name']);
$final_string = preg_replace('/-+/', '-', $string);
$slug = $final_string;
if(isset($_POST['status'])) {
$status = $_POST['status'] ? '1' : '0';
} else {
$status = '0'; // Default value
}
$old_filename = $_POST['old_image'];
$image = $_FILES['image']['name'];
$frmdomain_path = "";
if($image != NULL)
{
//rename this image
//image upload code purpose
$temp = explode(".", $_FILES["image"]["name"]);
$extension = end($temp);
if(!(
$_FILES['image']['type']=='image/jpeg' || $_FILES['image']['type']=='image/png' || $_FILES['image']['type']=='image/gif' || $_FILES['image']['type']=='image/bmp'
)) // if file does not equal these types, kill it
{
$_SESSION['message'] = $_FILES['image']['type'] . " is not an acceptable format.";
header('Location:merchant-edit.php');
exit;
}
if ($_FILES["image"]["size"] > 500000)
{
$_SESSION['message'] ="File too big. Max 500 kb Accepted!";
header('Location:merchant-add.php');
exit;
}
if ($_FILES["image"]["error"] > 0)
{ echo "Return Code: " . $_FILES["image"]["error"] . "<br>";
}
else
{
//for image file
$newname = $slug;
$new_file_name = $newname.".".$extension;
$path = "../uploads/merchant_card";
$path = $path . '/' . $new_file_name;
if (str_starts_with($path, '../')) {
$frmdomain_path = mb_substr($path, 3); // Remove the first three characters '../'
} else {
$frmdomain_path = $path;
}
}
}
else
{
$frmdomain_path = $old_filename;
} //if image not null end
$stmt = $conn->prepare("UPDATE merchant_card SET merchant_name=?, slug = ?, merchant_category =?, discount_text = ?, merchant_link = ?, expiry_date =?, image = ?, status = ?,
author =? WHERE id = ?");
$stmt->bind_param('sssssssssi', $merchant_name, $slug, $merchant_category, $discount_text, $merchant_link, $date, $frmdomain_path, $status, $author, $merchant_id);
$stmt->execute();
if($stmt)
{
if($image != NULL)
{
if(file_exists('..'.$old_filename))
{
unlink('..'.$old_filename);
}
move_uploaded_file($_FILES["image"]["tmp_name"],$path);
json_encode(array(
"success" => true,
"imagepath" => $path,
"filetype" => $_FILES["image"]["type"],
"new_file_name" => $newname,
"fileName" => $_FILES["image"]["name"],
"fileTmp" => $_FILES["image"]["tmp_name"],
));
}
$_SESSION['message'] = "Merchant Updated Successfully";
header('Location: merchant-view.php');
exit(0);
}else{
$_SESSION['message'] = "Something Went Wrong";
header('Location: merchant-view.php');
exit(0);
}
} //if isset
?>