1#@!#!123s

: / home3 / encodto1 / public_html / encoadminders /
Filename : add_testimonial.php
back
<?php
session_start();
include 'config.php';

// Check if the admin is logged in
if (!isset($_SESSION['admin_name'])) {
    echo '<script>window.location.href = "login.php";</script>';
    exit;
}

// Handle form submission
if (isset($_POST['submit'])) {
    $name = $_POST['name'];
    $designation = $_POST['designation'];
    $comment = $_POST['comment'];
    $image = $_FILES['image']['name'];
    $image_tmp = $_FILES['image']['tmp_name'];

    // Replace spaces in the image name with underscores
    $image = str_replace(' ', '_', $image);
    $image_folder = 'uploads/testimonials/' . $image;

    // Validate file type
    $allowed_extensions = ['jpg', 'jpeg', 'png', 'gif'];
    $file_extension = pathinfo($image, PATHINFO_EXTENSION);

    if (!in_array(strtolower($file_extension), $allowed_extensions)) {
        echo '<script>alert("Invalid file type. Only JPG, JPEG, PNG, and GIF are allowed.");</script>';
    } elseif (!is_uploaded_file($image_tmp)) {
        echo '<script>alert("Error: No file was uploaded.");</script>';
    } else {
        // Check if the folder exists, create it if not
        if (!is_dir('uploads/testimonials')) {
            mkdir('uploads/testimonials', 0777, true);
        }

        // Move uploaded file to the target folder
        if (move_uploaded_file($image_tmp, $image_folder)) {
            // Use prepared statements to prevent SQL injection
            $query = "INSERT INTO testimonials (name, designation, comment, image) VALUES (?, ?, ?, ?)";
            $stmt = $conn->prepare($query);

            if ($stmt) {
                // Bind the parameters and execute the query
                $stmt->bind_param('ssss', $name, $designation, $comment, $image);

                if ($stmt->execute()) {
                    echo '<script>alert("Testimonial added successfully!"); window.location.href = "testimonial.php";</script>';
                } else {
                    echo '<script>alert("Database execution error: ' . $stmt->error . '");</script>';
                }

                // Close the statement
                $stmt->close();
            } else {
                echo '<script>alert("Error preparing query: ' . $conn->error . '");</script>';
            }
        } else {
            echo '<script>alert("Error uploading image file.");</script>';
        }
    }
}
?>
<!DOCTYPE html>
<html lang="en">

<head>
    <title>Add Testimonial</title>
    <?php include('style.php') ?>
    <style>
        .testimonial-upload-container {
            max-width: 700px;
            margin: 50px auto;
            padding: 30px;
            background: #ffffff;
            border-radius: 15px;
            box-shadow: 0 10px 30px rgba(0, 0, 0, 0.1);
            font-family: 'Poppins', sans-serif;
        }

        .testimonial-upload-container h1 {
            text-align: center;
            font-size: 32px;
            color: #333;
            margin-bottom: 20px;
        }

        form {
            display: flex;
            flex-direction: column;
            gap: 20px;
        }

        label {
            font-size: 16px;
            color: #555;
            font-weight: 600;
        }

        input[type="text"], textarea, input[type="file"], button {
            padding: 12px 15px;
            font-size: 14px;
            border: 1px solid #ddd;
            border-radius: 8px;
            background-color: #f9f9f9;
            transition: all 0.3s ease;
        }

        textarea {
            min-height: 100px;
            resize: none;
        }

        input[type="text"]:focus, textarea:focus, input[type="file"]:focus {
            border-color: #007bff;
            background-color: #f1faff;
            outline: none;
        }

        button {
            background-color: #007bff;
            color: #fff;
            border: none;
            cursor: pointer;
            font-size: 16px;
            border-radius: 8px;
            padding: 15px;
            transition: background-color 0.3s ease, transform 0.3s ease;
        }

        button:hover {
            background-color: #0056b3;
            transform: scale(1.05);
        }

        button:active {
            transform: scale(0.98);
        }

        @media (max-width: 768px) {
            .testimonial-upload-container {
                padding: 20px;
            }

            button {
                padding: 12px;
                font-size: 14px;
            }
        }
    </style>
</head>

<body>
    <?php include('sidebar.php') ?>
    <div class="home-section">
        <div class="testimonial-upload-container">
            <h1>Add Testimonial</h1>
            <form action="" method="POST" enctype="multipart/form-data">
                <label for="name">Name</label>
                <input type="text" id="name" name="name" required>

                <label for="designation">Designation</label>
                <input type="text" id="designation" name="designation">

                <label for="comment">Comment</label>
                <textarea id="comment" name="comment" required></textarea>

                <label for="image">Image</label>
                <input type="file" id="image" name="image" required>

                <button type="submit" name="submit">Add Testimonial</button>
            </form>
        </div>
    </div>
    <?php include('footer.php') ?>
</body>

</html>