|
Server IP : 162.214.80.37 / Your IP : 216.73.216.68 Web Server : Apache System : Linux sh013.webhostingservices.com 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64 User : imyrqtmy ( 2189) PHP Version : 8.2.18 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON Directory (0755) : /home2/imyrqtmy/www/hghindustries/admin/ |
| [ Home ] | [ C0mmand ] | [ Upload File ] |
|---|
<?php
include("includes/config.php");
if(isset($_POST['add_product'])){
$product_name = $_POST['product_name'];
$dprice = $_POST['dprice'];
$price = $_POST['price'];
$category_id = $_POST['category_id'];
$s_description = $_POST['s_description'];
$description = $_POST['description'];
$size1 = $_POST['size1'];
$size2 = $_POST['size2'];
$size3 = $_POST['size3'];
$size4 = $_POST['size4'];
$size5 = $_POST['size5'];
$photo = $_FILES['photo']['name'];
$allowed_image_extensions = array('gif','png','jpg','jpeg','webp','WEBP');
$photo_filename = $_FILES['photo']['name'];
$photo_file_extension = pathinfo($photo_filename, PATHINFO_EXTENSION);
if(!in_array($photo_file_extension, $allowed_image_extensions)){
$_SESSION['status'] = "The image file is not allowed. Please upload an image.";
header('Location: product.php');
exit;
} else {
$query = "INSERT INTO `products` (`product_name`, `dprice`, `price`, `category_id`, `s_description`, `description`, `size1` , `size2` ,`size3` , `size4` , `size5`, `photo`) VALUES ('$product_name','$dprice', '$price', '$category_id', '$s_description', '$description' , '$size1' , '$size2' , '$size3' , '$size4' , '$size5', '$photo')";
$query_run = mysqli_query($conn, $query);
if($query_run){
move_uploaded_file($_FILES["photo"]["tmp_name"], "products/".$_FILES["photo"]["name"]);
$_SESSION['status'] = "Uploaded Successfully";
echo "<script>window.location.href='view-product.php';</script>";
exit;
} else {
$_SESSION['status'] = "Not Uploaded ";
echo "<script>window.location.href='view-product.php';</script>";
exit;
}
}
}
// update
if(isset($_POST['update_product'])){
$id = $_POST['id'];
$product_name = $_POST['product_name'];
$dprice = $_POST['dprice'];
$price = $_POST['price'];
$category_id = $_POST['category_id'];
$s_description = $_POST['s_description'];
$description = $_POST['description'];
$size1 = $_POST['size1'];
$size2 = $_POST['size2'];
$size3 = $_POST['size3'];
$size4 = $_POST['size4'];
$size5 = $_POST['size5'];
$old_photo = $_POST['image_old'];
$update_photo_filename = $_FILES["photo"]["name"] ? $_FILES["photo"]["name"] : $old_photo;
$allowed_image_extensions = array('gif','png','jpg','jpeg','webp','WEBP');
$photo_file_extension = pathinfo($update_photo_filename, PATHINFO_EXTENSION);
if(!in_array($photo_file_extension, $allowed_image_extensions)){
$_SESSION['status'] = "The image file is not allowed. Please upload an image.";
header("Location: edit-product.php?id=$id");
exit;
}
// Update the department information in the database
$query = "UPDATE products SET product_name='$product_name', dprice='$dprice', price='$price', category_id='$category_id', s_description='$s_description', description='$description' , size1='$size1' , size2='$size2' , size3='$size3' , size4='$size4', size5='$size5', photo='$update_photo_filename' WHERE id ='$id' ";
$query_run = mysqli_query($conn, $query);
if($query_run){
if($_FILES["photo"]["name"] !='' && $_FILES["photo"]["name"] != $old_photo){
move_uploaded_file($_FILES["photo"]["tmp_name"], "products/".$_FILES["photo"]["name"]);
unlink("products/". $old_photo);
}
$_SESSION['status'] = "Data Updated Successfully";
header('Location: view-product.php');
} else {
$_SESSION['status'] = "Data Not Updated Successfully";
header('Location: view-product.php');
}
}
// delete
if(isset($_POST['delete_product'])){
$id = $_POST['delete_id'];
$photo = $_POST['del_product'];
// $pdf = $_POST['del_pdf'];
$query = "DELETE FROM products WHERE id = '$id'";
$query_run = mysqli_query($conn, $query);
if($query_run){
if(unlink("products/".$photo)) {
$_SESSION['status'] = "Deleted Successfully";
header('Location: view-product.php');
} else {
$_SESSION['status'] = "Error deleting files";
header('Location: view-product.php');
}
} else {
$_SESSION['status'] = "Not Deleted Successfully";
header('Location: view-product.php');
}
}
?>