|
Server IP : 162.214.80.37 / Your IP : 216.73.216.83 Web Server : Apache System : Linux sh013.webhostingservices.com 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64 User : imyrqtmy ( 2189) PHP Version : 8.2.18 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON Directory (0755) : /home2/imyrqtmy/public_html/kiyabearings/admin/ |
| [ Home ] | [ C0mmand ] | [ Upload File ] |
|---|
<?php
session_start();
include("includes/config.php");
if (isset($_POST['add_trader'])) {
$trader_name = mysqli_real_escape_string($conn, $_POST['trader_name'] ?? '');
$description = mysqli_real_escape_string($conn, $_POST['description'] ?? '');
$photo = $_FILES['photo']['name'] ?? null; // Check if file exists
$allowed_image_extensions = array('gif', 'png', 'jpg', 'jpeg', 'webp', 'WEBP');
if ($photo) {
$photo_file_extension = pathinfo($photo, PATHINFO_EXTENSION);
if (!in_array($photo_file_extension, $allowed_image_extensions)) {
$_SESSION['status'] = "The image file is not allowed. Please upload an image.";
header('Location: trader.php');
exit;
}
move_uploaded_file($_FILES["photo"]["tmp_name"], "trader/" . $photo);
}
// Prepare SQL query
if ($photo) {
$query = "INSERT INTO traders (trader_name, description, photo) VALUES ('$trader_name', '$description', '$photo')";
} else {
$query = "INSERT INTO traders (trader_name, description) VALUES ('$trader_name', '$description')";
}
$query_run = mysqli_query($conn, $query);
if ($query_run) {
$_SESSION['status'] = "Uploaded Successfully";
echo "<script>window.location.href='view-trader.php';</script>";
exit;
} else {
$_SESSION['status'] = "Not Uploaded";
echo "<script>window.location.href='view-trader.php';</script>";
exit;
}
}
// update
if(isset($_POST['update_trader'])){
$id = $_POST['id'];
$trader_name = $_POST['trader_name'];
$description = $_POST['description'];
$old_photo = $_POST['image_old'];
$update_photo_filename = $_FILES["photo"]["name"] ? $_FILES["photo"]["name"] : $old_photo;
$query = "UPDATE traders SET trader_name='$trader_name', description='$description', photo='$update_photo_filename' WHERE id ='$id' ";
$query_run = mysqli_query($conn, $query);
if($query_run){
if($_FILES["photo"]["name"] !='' && $_FILES["photo"]["name"] != $old_photo){
move_uploaded_file($_FILES["photo"]["tmp_name"], "trader/".$_FILES["photo"]["name"]);
unlink("trader/". $old_photo);
}
$_SESSION['status'] = "Updated Successfully";
echo "<script>window.location.href='view-trader.php';</script>";
// header('Location: view-category.php');
} else {
$_SESSION['status'] = "Not Updated ";
echo "<script>window.location.href='view-trader.php';</script>";
// header('Location: view-category.php');
}
}
// delete
if(isset($_POST['delete_trader'])){
$id = $_POST['delete_id'];
$photo = $_POST['del_trader'];
$query = "DELETE FROM traders WHERE id = '$id'";
$query_run = mysqli_query($conn, $query);
if($query_run){
$_SESSION['status'] = "Deleted Successfully";
echo "<script>window.location.href='view-trader.php';</script>";
// header('Location: view-category.php');
} else {
$_SESSION['status'] = "Not Deleted Successfully";
echo "<script>window.location.href='view-trader.php';</script>";
// header('Location: view-category.php');
}
}