|
Server IP : 162.214.80.37 / Your IP : 216.73.216.83 Web Server : Apache System : Linux sh013.webhostingservices.com 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64 User : imyrqtmy ( 2189) PHP Version : 8.2.18 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON Directory (0755) : /home2/imyrqtmy/public_html/masterfin/admin/ |
| [ Home ] | [ C0mmand ] | [ Upload File ] |
|---|
<?php
session_start();
include("includes/config.php");
if(isset($_POST['add_share'])){
$share_name = $_POST['share_name'];
$share_purchase = $_POST['share_purchase'];
$share_price = $_POST['share_price'];
$rate = $_POST['rate'];
$company_name = $_POST['company_name'];
$face_value = $_POST['face_value'];
$eps = $_POST['eps'];
$pe_ratio = $_POST['pe_ratio'];
$week_high = $_POST['week_high'];
$day_low = $_POST['day_low'];
$sector = $_POST['sector'];
$office_addess = $_POST['office_addess'];
$transfer_address = $_POST['transfer_address'];
$description = $_POST['description'];
// Handle image file (Optional)
$photo = $_FILES['photo']['name'] ?? ''; // Allow empty value
$allowed_image_extensions = array('gif', 'png', 'jpg', 'jpeg', 'webp', 'WEBP');
if (!empty($photo)) { // Validate only if an image is uploaded
$photo_extension = pathinfo($photo, PATHINFO_EXTENSION);
if (!in_array($photo_extension, $allowed_image_extensions)) {
$_SESSION['status'] = "Invalid image format. Please upload a valid image.";
header('Location: share.php');
exit;
}
}
// Handle PDFs (Mandatory)
$allowed_pdf_extensions = array('pdf');
$pdf_files = ['pdf1', 'pdf2', 'pdf3'];
$pdf_values = [];
foreach ($pdf_files as $pdf) {
if (!empty($_FILES[$pdf]['name'])) {
$pdf_extension = pathinfo($_FILES[$pdf]['name'], PATHINFO_EXTENSION);
if (!in_array($pdf_extension, $allowed_pdf_extensions)) {
$_SESSION['status'] = "Invalid PDF format. Please upload valid PDFs.";
header('Location: share.php');
exit;
}
$pdf_values[$pdf] = $_FILES[$pdf]['name'];
} else {
$pdf_values[$pdf] = ''; // Store blank if no PDF uploaded
}
}
// Insert data into database
$query = "INSERT INTO shares (share_name, share_purchase, share_price, rate, company_name, face_value, eps, pe_ratio, week_high, day_low, sector, office_addess, transfer_address, description, pdf1, pdf2, pdf3, photo)
VALUES ('$share_name', '$share_purchase', '$share_price', '$rate', '$company_name', '$face_value', '$eps', '$pe_ratio', '$week_high', '$day_low', '$sector', '$office_addess', '$transfer_address', '$description',
'{$pdf_values['pdf1']}', '{$pdf_values['pdf2']}', '{$pdf_values['pdf3']}', '$photo')";
$query_run = mysqli_query($conn, $query);
if($query_run){
// Move files only if they exist
if (!empty($photo)) {
move_uploaded_file($_FILES["photo"]["tmp_name"], "shares/" . $photo);
}
foreach ($pdf_files as $pdf) {
if (!empty($_FILES[$pdf]['name'])) {
move_uploaded_file($_FILES[$pdf]["tmp_name"], "pdfs/" . $_FILES[$pdf]['name']);
}
}
$_SESSION['status'] = "Uploaded Successfully";
echo "<script>window.location.href='view-share.php';</script>";
exit;
} else {
$_SESSION['status'] = "Upload Failed";
echo "<script>window.location.href='share.php';</script>";
exit;
}
}
// session_start();
// include("includes/config.php");
// if(isset($_POST['add_share'])){
// $share_name = $_POST['share_name'];
// $share_purchase = $_POST['share_purchase'];
// $share_price = $_POST['share_price'];
// $rate = $_POST['rate'];
// $company_name = $_POST['company_name'];
// $face_value = $_POST['face_value'];
// $eps = $_POST['eps'];
// $pe_ratio = $_POST['pe_ratio'];
// $week_high = $_POST['week_high'];
// $day_low = $_POST['day_low'];
// $sector = $_POST['sector'];
// $office_addess = $_POST['office_addess'];
// $transfer_address = $_POST['transfer_address'];
// $description = $_POST['description'];
// $photo = $_FILES['photo']['name'];
// $allowed_image_extensions = array('gif','png','jpg','jpeg','webp','WEBP');
// $photo_extension = pathinfo($photo, PATHINFO_EXTENSION);
// $pdf1 = $_FILES['pdf1']['name'];
// $pdf2 = $_FILES['pdf2']['name'];
// $pdf3 = $_FILES['pdf3']['name'];
// $allowed_pdf_extensions = array('pdf');
// $pdf1_extension = pathinfo($pdf1, PATHINFO_EXTENSION);
// $pdf2_extension = pathinfo($pdf2, PATHINFO_EXTENSION);
// $pdf3_extension = pathinfo($pdf3, PATHINFO_EXTENSION);
// if(!in_array($photo_extension, $allowed_image_extensions)){
// $_SESSION['status'] = "Invalid image format. Please upload a valid image.";
// header('Location: share.php');
// exit;
// }
// if(!in_array($pdf1_extension, $allowed_pdf_extensions) || !in_array($pdf2_extension, $allowed_pdf_extensions) || !in_array($pdf3_extension, $allowed_pdf_extensions)){
// $_SESSION['status'] = "Invalid PDF format. Please upload valid PDFs.";
// header('Location: share.php');
// exit;
// }
// $query = "INSERT INTO shares (share_name, share_purchase, share_price, rate, company_name, face_value, eps, pe_ratio, week_high, day_low, sector, office_addess, transfer_address, description, pdf1, pdf2, pdf3, photo)
// VALUES ('$share_name', '$share_purchase', '$share_price', '$rate', '$company_name', '$face_value', '$eps', '$pe_ratio', '$week_high', '$day_low', '$sector', '$office_addess', '$transfer_address', '$description', '$pdf1', '$pdf2', '$pdf3', '$photo')";
// $query_run = mysqli_query($conn, $query);
// if($query_run){
// move_uploaded_file($_FILES["photo"]["tmp_name"], "shares/" . $photo);
// move_uploaded_file($_FILES["pdf1"]["tmp_name"], "pdfs/" . $pdf1);
// move_uploaded_file($_FILES["pdf2"]["tmp_name"], "pdfs/" . $pdf2);
// move_uploaded_file($_FILES["pdf3"]["tmp_name"], "pdfs/" . $pdf3);
// $_SESSION['status'] = "Uploaded Successfully";
// echo "<script>window.location.href='view-share.php';</script>";
// exit;
// } else {
// $_SESSION['status'] = "Upload Failed";
// echo "<script>window.location.href='share.php';</script>";
// exit;
// }
// }
if (isset($_POST['update_share'])) {
$id = $_POST['id'];
$share_name = $_POST['share_name'];
$share_purchase = $_POST['share_purchase'];
$share_price = $_POST['share_price'];
$rate = $_POST['rate'];
$company_name = $_POST['company_name'];
$face_value = $_POST['face_value'];
$eps = $_POST['eps'];
$pe_ratio = $_POST['pe_ratio'];
$week_high = $_POST['week_high'];
$day_low = $_POST['day_low'];
$sector = $_POST['sector'];
$office_address = $_POST['office_addess'];
$transfer_address = $_POST['transfer_address'];
$description = $_POST['description'];
// Handle Image Upload
$old_photo = $_POST['image_old'];
$update_photo_filename = $_FILES["photo"]["name"] ? $_FILES["photo"]["name"] : $old_photo;
// Handle PDF Uploads
$pdf1_old = $_POST['pdf1_old'];
$pdf2_old = $_POST['pdf2_old'];
$pdf3_old = $_POST['pdf3_old'];
$pdf1_filename = $_FILES["pdf1"]["name"] ? $_FILES["pdf1"]["name"] : $pdf1_old;
$pdf2_filename = $_FILES["pdf2"]["name"] ? $_FILES["pdf2"]["name"] : $pdf2_old;
$pdf3_filename = $_FILES["pdf3"]["name"] ? $_FILES["pdf3"]["name"] : $pdf3_old;
// Update Query
$query = "UPDATE shares SET
share_name='$share_name',
share_purchase='$share_purchase',
share_price='$share_price',
rate='$rate',
company_name='$company_name',
face_value='$face_value',
eps='$eps',
pe_ratio='$pe_ratio',
week_high='$week_high',
day_low='$day_low',
sector='$sector',
office_addess='$office_address',
transfer_address='$transfer_address',
description='$description',
photo='$update_photo_filename',
pdf1='$pdf1_filename',
pdf2='$pdf2_filename',
pdf3='$pdf3_filename'
WHERE id='$id'";
$query_run = mysqli_query($conn, $query);
if ($query_run) {
// Upload new image and remove old one
if ($_FILES["photo"]["name"] && $_FILES["photo"]["name"] != $old_photo) {
move_uploaded_file($_FILES["photo"]["tmp_name"], "shares/" . $_FILES["photo"]["name"]);
if (file_exists("shares/" . $old_photo)) {
unlink("shares/" . $old_photo);
}
}
// Upload new PDFs and remove old ones
$pdf_folder = "pdfs/";
if ($_FILES["pdf1"]["name"] && $_FILES["pdf1"]["name"] != $pdf1_old) {
move_uploaded_file($_FILES["pdf1"]["tmp_name"], $pdf_folder . $_FILES["pdf1"]["name"]);
if (file_exists($pdf_folder . $pdf1_old)) {
unlink($pdf_folder . $pdf1_old);
}
}
if ($_FILES["pdf2"]["name"] && $_FILES["pdf2"]["name"] != $pdf2_old) {
move_uploaded_file($_FILES["pdf2"]["tmp_name"], $pdf_folder . $_FILES["pdf2"]["name"]);
if (file_exists($pdf_folder . $pdf2_old)) {
unlink($pdf_folder . $pdf2_old);
}
}
if ($_FILES["pdf3"]["name"] && $_FILES["pdf3"]["name"] != $pdf3_old) {
move_uploaded_file($_FILES["pdf3"]["tmp_name"], $pdf_folder . $_FILES["pdf3"]["name"]);
if (file_exists($pdf_folder . $pdf3_old)) {
unlink($pdf_folder . $pdf3_old);
}
}
$_SESSION['status'] = "Updated Successfully";
echo "<script>window.location.href='view-share.php';</script>";
} else {
$_SESSION['status'] = "Not Updated";
echo "<script>window.location.href='view-share.php';</script>";
}
}
// DELETE
if (isset($_POST['delete_share'])) {
$id = $_POST['delete_id'];
$photo = $_POST['del_share'];
$pdf1 = $_POST['del_pdf1'];
$pdf2 = $_POST['del_pdf2'];
$pdf3 = $_POST['del_pdf3'];
// DELETE QUERY
$query = "DELETE FROM shares WHERE id = '$id'";
$query_run = mysqli_query($conn, $query);
if ($query_run) {
// Define folders
$image_folder = "ushare/";
$pdf_folder = "pdfs/";
// Delete Image
if ($photo && file_exists($image_folder . $photo)) {
unlink($image_folder . $photo);
}
// Delete PDFs
if ($pdf1 && file_exists($pdf_folder . $pdf1)) {
unlink($pdf_folder . $pdf1);
}
if ($pdf2 && file_exists($pdf_folder . $pdf2)) {
unlink($pdf_folder . $pdf2);
}
if ($pdf3 && file_exists($pdf_folder . $pdf3)) {
unlink($pdf_folder . $pdf3);
}
$_SESSION['status'] = "Deleted Successfully";
echo "<script>
alert('Deleted Successfully');
window.location.href = 'view-share.php';
</script>";
} else {
$_SESSION['status'] = "Error deleting record";
echo "<script>
alert('Error deleting record');
window.location.href = 'view-share.php';
</script>";
}
} else {
$_SESSION['status'] = "Invalid request";
echo "<script>
alert('Invalid request');
window.location.href = 'view-share.php';
</script>";
}
?>