|
Server IP : 162.214.80.37 / Your IP : 216.73.216.83 Web Server : Apache System : Linux sh013.webhostingservices.com 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64 User : imyrqtmy ( 2189) PHP Version : 8.2.18 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON Directory (0755) : /home2/imyrqtmy/public_html/ezitransport/admin/ |
| [ Home ] | [ C0mmand ] | [ Upload File ] |
|---|
<?php
include("includes/config.php");
if(isset($_POST['add_course'])){
$course = $_POST['course'];
$description = $_POST['description'];
$photo = $_FILES['photo']['name'];
$pdf = $_FILES['pdf']['name'];
$allowed_image_extensions = array('gif','png','jpg','jpeg','webp','WEBP');
$allowed_pdf_extensions = array('pdf');
$photo_filename = $_FILES['photo']['name'];
$photo_file_extension = pathinfo($photo_filename, PATHINFO_EXTENSION);
$pdf_filename = $_FILES['pdf']['name'];
$pdf_file_extension = pathinfo($pdf_filename, PATHINFO_EXTENSION);
if(!in_array($photo_file_extension, $allowed_image_extensions)){
$_SESSION['status'] = "The image file is not allowed. Please upload an image.";
header('Location: course.php');
exit;
} elseif (!in_array($pdf_file_extension, $allowed_pdf_extensions)) {
$_SESSION['status'] = "The PDF file is not allowed. Please upload a PDF file.";
header('Location: course.php');
exit;
} else {
// Inserting data into the database
$query = "INSERT INTO `courses` (`course`,`description`,`photo`,`pdf`) VALUES ('$course','$description', '$photo' ,'$pdf')";
$query_run = mysqli_query($conn, $query);
// $query = "INSERT INTO department (heading, photo, pdf) VALUES ('$heading','$photo', '$pdf')";
// $query_run = mysqli_query($conn, $query);
// If the query is successful, move uploaded files to the desired location
if($query_run){
move_uploaded_file($_FILES["photo"]["tmp_name"], "course/".$_FILES["photo"]["name"]);
move_uploaded_file($_FILES["pdf"]["tmp_name"], "pdf/".$_FILES["pdf"]["name"]); // Move PDF to a directory
$_SESSION['status'] = "Data Uploaded Successfully";
header('Location: view-course.php');
exit;
} else {
$_SESSION['status'] = "Data Not Uploaded Successfully";
header('Location: course.php');
exit;
}
}
}
// $link = $_POST['link'];
// $photo = $_FILES['photo']['name'];
// $course = mysqli_real_escape_string($conn, $course);
// $description = mysqli_real_escape_string($conn, $description);
// $link = mysqli_real_escape_string($conn, $link);
// $query = "INSERT INTO `courses` (`course`,`description` ,`link`, `photo`) VALUES ('$course','$description','$link', '$photo')";
// $query_run = mysqli_query($conn, $query);
// if($query_run){
// move_uploaded_file($_FILES["photo"]["tmp_name"], "course/".$_FILES["photo"]["name"]);
// $_SESSION['status'] = "Data Uploaded Successfully";
// header('Location: view-course.php');
// exit;
// } else {
// $_SESSION['status'] = "Data Not Uploaded Successfully";
// header('Location: course.php');
// exit;
// }
// }
// update
if(isset($_POST['update_course'])){
$id = $_POST['id'];
$course = $_POST['course'];
$description = $_POST['description'];
$old_photo = $_POST['image_old'];
$update_photo_filename = $_FILES["photo"]["name"] ? $_FILES["photo"]["name"] : $old_photo;
$old_pdf = $_POST['pdf_old'];
$update_pdf_filename = $_FILES["pdf"]["name"] ? $_FILES["pdf"]["name"] : $old_pdf;
$allowed_image_extensions = array('gif','png','jpg','jpeg','webp','WEBP');
$allowed_pdf_extensions = array('pdf');
$photo_file_extension = pathinfo($update_photo_filename, PATHINFO_EXTENSION);
$pdf_file_extension = pathinfo($update_pdf_filename, PATHINFO_EXTENSION);
// Check if the uploaded file extensions are allowed
if(!in_array($photo_file_extension, $allowed_image_extensions)){
$_SESSION['status'] = "The image file is not allowed. Please upload an image.";
header("Location: edit-course.php?id=$id"); // Redirect to the edit page with the department_id
exit;
} elseif (!in_array($pdf_file_extension, $allowed_pdf_extensions)) {
$_SESSION['status'] = "The PDF file is not allowed. Please upload a PDF file.";
header("Location: edit-course.php?id=$id"); // Redirect to the edit page with the department_id
exit;
}
// Update the department information in the database
$query = "UPDATE courses SET course='$course', description='$description', photo='$update_photo_filename' , pdf='$update_pdf_filename' WHERE id ='$id' ";
// $query_run = mysqli_query($conn, $query);
// $query = "UPDATE department SET heading='$heading', photo='$update_photo_filename', pdf='$update_pdf_filename' WHERE id ='$id' ";
$query_run = mysqli_query($conn, $query);
if($query_run){
// If new photo is uploaded, move it to the desired directory and delete the old one
if($_FILES["photo"]["name"] !='' && $_FILES["photo"]["name"] != $old_photo){
move_uploaded_file($_FILES["photo"]["tmp_name"], "course/".$_FILES["photo"]["name"]);
unlink("course/". $old_photo);
}
// If new PDF is uploaded, move it to the desired directory and delete the old one
if($_FILES["pdf"]["name"] !='' && $_FILES["pdf"]["name"] != $old_pdf){
move_uploaded_file($_FILES["pdf"]["tmp_name"], "pdf/".$_FILES["pdf"]["name"]);
unlink("pdf/". $old_pdf);
}
$_SESSION['status'] = "Image and PDF Updated Successfully";
header('Location: view-course.php');
} else {
$_SESSION['status'] = "Image and PDF Not Updated Successfully";
header('Location: view-course.php');
}
}
// $link = $_POST['link'];
// $old_photo = $_POST['image_old'];
// $course = mysqli_real_escape_string($conn, $course);
// $description = mysqli_real_escape_string($conn, $description);
// $link = mysqli_real_escape_string($conn, $link);
// $old_photo = mysqli_real_escape_string($conn, $old_photo);
// $update_photo_filename = $_FILES["photo"]["name"] ? $_FILES["photo"]["name"] : $old_photo;
// $allowed_image_extensions = array('gif','png','jpg','jpeg','webp','WEBP');
// $photo_file_extension = pathinfo($update_photo_filename, PATHINFO_EXTENSION);
// if(!in_array($photo_file_extension, $allowed_image_extensions)){
// $_SESSION['status'] = "The image file is not allowed. Please upload an image.";
// header("Location: edit-course.php?id=$id");
// exit;
// }
// $query = "UPDATE courses SET course='$course', description='$description', link='$link', photo='$update_photo_filename' WHERE id ='$id' ";
// $query_run = mysqli_query($conn, $query);
// if($query_run){
// if($_FILES["photo"]["name"] !='' && $_FILES["photo"]["name"] != $old_photo){
// move_uploaded_file($_FILES["photo"]["tmp_name"], "course/".$_FILES["photo"]["name"]);
// unlink("course/". $old_photo);
// }
// $_SESSION['status'] = "Data Updated Successfully";
// header('Location: view-course.php');
// } else {
// $_SESSION['status'] = "Data Not Updated Successfully";
// header('Location: view-course.php');
// }
// }
// delete
if(isset($_POST['delete_course'])){
$id = $_POST['delete_id'];
$photo = $_POST['del_course'];
$pdf = $_POST['del_pdf'];
$query = "DELETE FROM courses WHERE id = '$id'";
$query_run = mysqli_query($conn, $query);
if($query_run){
if(unlink("course/".$photo) && unlink("pdf/".$pdf)) {
$_SESSION['status'] = "Deleted Successfully";
header('Location: view-course.php');
} else {
$_SESSION['status'] = "Error deleting files";
header('Location: view-course.php');
}
} else {
$_SESSION['status'] = "Not Deleted";
header('Location: view-course.php');
}
}
// if($query_run){
// if(unlink("course/".$photo)) {
// $_SESSION['status'] = "Deleted Successfully";
// header('Location: view-course.php');
// } else {
// $_SESSION['status'] = "Error deleting files";
// header('Location: view-course.php');
// }
// } else {
// $_SESSION['status'] = "Not Deleted Successfully";
// header('Location: view-course.php');
// }
// }
?>