1#@!#!123s

: / home3 / encodto1 / mtf.encodersunlimited.com / mtadminf /
Filename : crud.php
back
<?php

require_once('config.php');

// ADD =================================================================









if (isset($_POST['addproject'])) {
    foreach ($_POST as $key => $value) {
        $_POST[$key] = mysqli_real_escape_string($conn, $value);
    }

    $imgpath = image_upload($_FILES['image']);

    $query = "INSERT INTO `projects`(`name`,`year`,`director`,`yt_link`, `status`,`created_at`, `image`) 
              VALUES ('{$_POST['name']}','{$_POST['year']}','{$_POST['director']}', '{$_POST['yt_link']}','{$_POST['status']}','{$_POST['created_at']}','$imgpath')";

    if (mysqli_query($conn, $query)) {
        header("Location: projects.php?success=added");
    } else {
        header("Location: index.php?alert=add_failed");
    }
}

if (isset($_POST['addgallery'])) {
    foreach ($_POST as $key => $value) {
        $_POST[$key] = mysqli_real_escape_string($conn, $value);
    }

    $imgpath = image_upload($_FILES['image']);

    $query = "INSERT INTO `gallery`(`name`, `category`, `image`) 
              VALUES ('{$_POST['name']}', '{$_POST['category']}', '$imgpath')";

    if (mysqli_query($conn, $query)) {
        header("Location: gallery.php?success=added");
    } else {
        header("Location: gallery.php?alert=add_failed");
    }
}

if (isset($_POST['addservice'])) {  // Corrected from 'addserice' to 'addservice'
    foreach ($_POST as $key => $value) {
        $_POST[$key] = mysqli_real_escape_string($conn, $value);
    }

    $imgpath = image_upload($_FILES['image']);


    // Corrected the query with the correct variable order
    $query = "INSERT INTO `services`(`name`,  `image`) 
              VALUES ('{$_POST['name']}', '$imgpath')";

    if (mysqli_query($conn, $query)) {
        header("Location: services.php?success=added");
    } else {
        header("Location: services.php?alert=add_failed");
    }
}


if (isset($_POST['addtestimonial'])) {
    foreach ($_POST as $key => $value) {
        $_POST[$key] = mysqli_real_escape_string($conn, $value);
    }

    $imgpath = image_upload($_FILES['image']);

    $query = "INSERT INTO `testimonial`(`name`, `comment`, `designation`, `image`) 
              VALUES ('{$_POST['name']}', '{$_POST['comment']}','{$_POST['designation']}', '$imgpath')";

    if (mysqli_query($conn, $query)) {
        header("Location: testimonial.php?success=added");
    } else {
        header("Location: testimonial.php?alert=add_failed");
    }
}

if (isset($_POST['addquery'])) {
    // Sanitize input data
    $name = mysqli_real_escape_string($conn, $_POST['name']);
    $email = mysqli_real_escape_string($conn, $_POST['email']);
    $message = mysqli_real_escape_string($conn, $_POST['message']);

    // Prepare and execute the query
    $query = "INSERT INTO `query`(`name`, `email`, `message`) 
              VALUES ('$name', '$email', '$message')";

    if (mysqli_query($conn, $query)) {
        // Redirect on success
        header("Location: ../contact.php?status=success");
        exit();
    } else {
        // Redirect on error
        header("Location: ../contact.php?status=error");
        exit();
    }
}

if (isset($_POST['addblog'])) {
    foreach ($_POST as $key => $value) {
        $_POST[$key] = mysqli_real_escape_string($conn, $value);
    }

    $imgpath = image_upload($_FILES['image']);

    $query = "INSERT INTO `blog` (`title`, `description`,`description1`, `image`) 
              VALUES ('{$_POST['title']}', '{$_POST['description']}', '{$_POST['description1']}', '$imgpath')";

    if (mysqli_query($conn, $query)) {
        header("Location: blogs.php?success=added");
    } else {
        header("Location: blogs.php?alert=add_failed");
    }
}


// DELETE=================================================================

if (isset($_POST['delete'])) {
    $id = intval($_POST['id']);
    $query = "SELECT `image` FROM `gallery` WHERE `id`=$id";
    $result = mysqli_query($conn, $query);
    $row = mysqli_fetch_assoc($result);
    $filename = $row['image'];

    $delete_query = "DELETE FROM `gallery` WHERE `id`=$id";

    if (mysqli_query($conn, $delete_query)) {
        $file_path = "uploads/" . $filename;
        if (file_exists($file_path)) {
            unlink($file_path);
        }
        header("Location: gallery.php");
    } else {
        header("Location: index.php?alert=delete_failed");
    }
}



if (isset($_POST['delete_testimonial'])) {
    $id = intval($_POST['id']);
    $query = "SELECT `image` FROM `testimonial` WHERE `id`=$id";
    $result = mysqli_query($conn, $query);
    $row = mysqli_fetch_assoc($result);
    $filename = $row['image'];

    $delete_query = "DELETE FROM `testimonial` WHERE `id`=$id";

    if (mysqli_query($conn, $delete_query)) {
        $file_path = "uploads/" . $filename;
        if (file_exists($file_path)) {
            unlink($file_path);
        }
        header("Location: testimonial.php");
    } else {
        header("Location: testimonial.php?alert=delete_failed");
    }
}

// ========================== Edit =======================================


?>