D7net
Home
Console
Upload
information
Create File
Create Folder
About
Tools
:
/
home3
/
encodto1
/
tapaslight.encodersunlimited.com
/
tadminl
/
Filename :
crud.php
back
Copy
<?php require_once('config.php'); // ADD ================================================================= if (isset($_POST['addproject'])) { // Sanitize POST data foreach ($_POST as $key => $value) { $_POST[$key] = mysqli_real_escape_string($conn, $value); } // Collect image paths $image_paths = []; for ($i = 1; $i <= 8; $i++) { if (isset($_FILES["img$i"]) && $_FILES["img$i"]["error"] == UPLOAD_ERR_OK) { $image_path = image_upload($_FILES["img$i"], $i); if ($image_path) { $image_paths[] = $image_path; } else { // Handle image upload error header("Location: index.php?alert=img_upload_error&code=$i"); exit(); } } else { // Handle case where no file is uploaded $image_paths[] = ''; // or null if you prefer } } // Prepare SQL query $query = "INSERT INTO `projects` (`name`, `description`, `category`, `img1`, `img2`, `img3`, `img4`, `img5`, `img6`, `img7`, `img8`) VALUES ('{$_POST['name']}', '{$_POST['description']}', '{$_POST['category']}', '{$image_paths[0]}', '{$image_paths[1]}', '{$image_paths[2]}', '{$image_paths[3]}', '{$image_paths[4]}', '{$image_paths[5]}', '{$image_paths[6]}', '{$image_paths[7]}')"; if (mysqli_query($conn, $query)) { header("Location: projects.php?success=added"); } else { header("Location: index.php?alert=add_failed"); } } if (isset($_POST['addbanner'])) { foreach ($_POST as $key => $value) { $_POST[$key] = mysqli_real_escape_string($conn, $value); } $imgpath = image_upload($_FILES['image']); $query = "INSERT INTO `banners`(`name`,`title`,`subtitle`, `image`) VALUES ('{$_POST['name']}','{$_POST['title']}','{$_POST['subtitle']}', '$imgpath')"; if (mysqli_query($conn, $query)) { header("Location: banners.php?success=added"); } else { header("Location: index.php?alert=add_failed"); } } if (isset($_POST['addgallery'])) { foreach ($_POST as $key => $value) { $_POST[$key] = mysqli_real_escape_string($conn, $value); } $imgpath = image_upload($_FILES['image']); $query = "INSERT INTO `gallery`(`name`, `category`, `image`) VALUES ('{$_POST['name']}', '{$_POST['category']}', '$imgpath')"; if (mysqli_query($conn, $query)) { header("Location: gallery.php?success=added"); } else { header("Location: gallery.php?alert=add_failed"); } } if (isset($_POST['addservice'])) { // Corrected from 'addserice' to 'addservice' foreach ($_POST as $key => $value) { $_POST[$key] = mysqli_real_escape_string($conn, $value); } $imgpath = image_upload($_FILES['image']); // Corrected the query with the correct variable order $query = "INSERT INTO `services`(`name`, `image`) VALUES ('{$_POST['name']}', '$imgpath')"; if (mysqli_query($conn, $query)) { header("Location: services.php?success=added"); } else { header("Location: services.php?alert=add_failed"); } } if (isset($_POST['addtestimonial'])) { foreach ($_POST as $key => $value) { $_POST[$key] = mysqli_real_escape_string($conn, $value); } $imgpath = image_upload($_FILES['image']); $query = "INSERT INTO `testimonial`(`name`, `comment`, `designation`, `image`) VALUES ('{$_POST['name']}', '{$_POST['comment']}','{$_POST['designation']}', '$imgpath')"; if (mysqli_query($conn, $query)) { header("Location: testimonial.php?success=added"); } else { header("Location: testimonial.php?alert=add_failed"); } } if (isset($_POST['addquery'])) { // Sanitize input data $name = mysqli_real_escape_string($conn, $_POST['name']); $email = mysqli_real_escape_string($conn, $_POST['email']); $phone = mysqli_real_escape_string($conn, $_POST['phone']); $service = mysqli_real_escape_string($conn, $_POST['service']); $message = mysqli_real_escape_string($conn, $_POST['message']); // Prepare and execute the query $query = "INSERT INTO `quaries`(`name`, `email`, `phone`, `service`, `message`) VALUES ('$name', '$email', '$phone', '$service', '$message')"; if (mysqli_query($conn, $query)) { // Redirect on success header("Location: ../contact.php?status=success"); exit(); } else { // Redirect on error header("Location: ../contact.php?status=error"); exit(); } } // DELETE================================================================= if (isset($_POST['delete'])) { $id = intval($_POST['id']); $query = "SELECT `image` FROM `products` WHERE `id`=$id"; $result = mysqli_query($conn, $query); $row = mysqli_fetch_assoc($result); $filename = $row['image']; $delete_query = "DELETE FROM `products` WHERE `id`=$id"; if (mysqli_query($conn, $delete_query)) { $file_path = "uploads/" . $filename; if (file_exists($file_path)) { unlink($file_path); } header("Location: products.php"); } else { header("Location: index.php?alert=delete_failed"); } } if (isset($_POST['delete_testimonial'])) { $id = intval($_POST['id']); $query = "SELECT `image` FROM `testimonial` WHERE `id`=$id"; $result = mysqli_query($conn, $query); $row = mysqli_fetch_assoc($result); $filename = $row['image']; $delete_query = "DELETE FROM `testimonial` WHERE `id`=$id"; if (mysqli_query($conn, $delete_query)) { $file_path = "uploads/" . $filename; if (file_exists($file_path)) { unlink($file_path); } header("Location: testimonial.php"); } else { header("Location: testimonial.php?alert=delete_failed"); } } // ========================== Edit ======================================= ?>