D7net
Home
Console
Upload
information
Create File
Create Folder
About
Tools
:
/
home3
/
encodto1
/
universalhomedecor.in
/
admin
/
Filename :
crud.php
back
Copy
<?php require_once('config.php'); // ADD ================================================================= if (isset($_POST['addproduct'])) { foreach ($_POST as $key => $value) { $_POST[$key] = mysqli_real_escape_string($conn, $value); } // Handle main image upload $imgpath = image_upload($_FILES['image']); // Handle additional images upload $img2path = isset($_FILES['img2']) && $_FILES['img2']['error'] == 0 ? image_upload($_FILES['img2']) : ''; $img3path = isset($_FILES['img3']) && $_FILES['img3']['error'] == 0 ? image_upload($_FILES['img3']) : ''; $img4path = isset($_FILES['img4']) && $_FILES['img4']['error'] == 0 ? image_upload($_FILES['img4']) : ''; $query = "INSERT INTO `products`(`name`, `description`, `category`, `price`, `short_desc`, `image`, `img2`, `img3`, `img4`) VALUES ('{$_POST['name']}', '{$_POST['description']}', '{$_POST['category']}', '{$_POST['price']}', '{$_POST['short_desc']}', '$imgpath', '$img2path', '$img3path', '$img4path')"; if (mysqli_query($conn, $query)) { header("Location: products.php?success=added"); } else { header("Location: index.php?alert=add_failed"); } } if (isset($_POST['addquery'])) { foreach ($_POST as $key => $value) { $_POST[$key] = mysqli_real_escape_string($conn, $value); } $query = "INSERT INTO `query`(`name`, `email`, `number`, `message`) VALUES ('{$_POST['name']}', '{$_POST['email']}', '{$_POST['number']}', '{$_POST['message']}')"; if (mysqli_query($conn, $query)) { header("Location: ../contactus.php"); } else { header("Location: index.php?alert=add_failed"); } } if (isset($_POST['getquote'])) { foreach ($_POST as $key => $value) { $_POST[$key] = mysqli_real_escape_string($conn, $value); } $query = "INSERT INTO `getquote`(`name`, `email`, `number`, `product`, `message`) VALUES ('{$_POST['name']}', '{$_POST['email']}', '{$_POST['phone']}', '{$_POST['product']}', '{$_POST['message']}')"; if (mysqli_query($conn, $query)) { header("Location: ../getquote.php"); } else { header("Location: getquote.php?alert=add_failed"); } } if (isset($_POST['add_category'])) { foreach ($_POST as $key => $value) { $_POST[$key] = mysqli_real_escape_string($conn, $value); } $imgpath = image_upload($_FILES['image']); $query = "INSERT INTO `product_category`(`category_name`,`image`) VALUES ('{$_POST['category_name']}', '$imgpath')"; if (mysqli_query($conn, $query)) { header("Location: category.php?success=added"); } else { header("Location: category.php?alert=add_failed"); } } if (isset($_POST['add_gallery'])) { foreach ($_POST as $key => $value) { $_POST[$key] = mysqli_real_escape_string($conn, $value); } $imgpath = image_upload($_FILES['image']); $query = "INSERT INTO `gallery`(`name`, `category`, `image`) VALUES ('{$_POST['name']}', '{$_POST['category']}', '$imgpath')"; if (mysqli_query($conn, $query)) { header("Location: gallery.php?success=added"); } else { header("Location: index.php?alert=add_failed"); } } if (isset($_POST['testimonials'])) { foreach ($_POST as $key => $value) { $_POST[$key] = mysqli_real_escape_string($conn, $value); } $imgpath = image_upload($_FILES['image']); $query = "INSERT INTO `testimonials`(`name`, `designation`, `review`, `image`) VALUES ('{$_POST['name']}', '{$_POST['designation']}', '{$_POST['review']}', '$imgpath')"; if (mysqli_query($conn, $query)) { header("Location: index.php?success=added"); } else { header("Location: index.php?alert=add_failed"); } } // DELETE================================================================= if (isset($_POST['delete'])) { $id = intval($_POST['id']); $query = "SELECT `image` FROM `products` WHERE `id`=$id"; $result = mysqli_query($conn, $query); $row = mysqli_fetch_assoc($result); $filename = $row['image']; $delete_query = "DELETE FROM `products` WHERE `id`=$id"; if (mysqli_query($conn, $delete_query)) { $file_path = "uploads/" . $filename; if (file_exists($file_path)) { unlink($file_path); } header("Location: products.php"); } else { header("Location: index.php?alert=delete_failed"); } } if (isset($_POST['delete_category'])) { $id = intval($_POST['id']); $query = "SELECT `image` FROM `product_category` WHERE `id`=$id"; $result = mysqli_query($conn, $query); $row = mysqli_fetch_assoc($result); $filename = $row['image']; $delete_query = "DELETE FROM `product_category` WHERE `id`=$id"; if (mysqli_query($conn, $delete_query)) { $file_path = "uploads/" . $filename; if (file_exists($file_path)) { unlink($file_path); } header("Location: category.php"); } else { header("Location: category.php?alert=delete_failed"); } } if (isset($_POST['delete_gallery'])) { $id = intval($_POST['id']); $query = "SELECT `image` FROM `gallery` WHERE `id`=$id"; $result = mysqli_query($conn, $query); $row = mysqli_fetch_assoc($result); $filename = $row['image']; $delete_query = "DELETE FROM `gallery` WHERE `id`=$id"; if (mysqli_query($conn, $delete_query)) { $file_path = "uploads/" . $filename; if (file_exists($file_path)) { unlink($file_path); } header("Location: gallery.php"); } else { header("Location: index.php?alert=delete_failed"); } } if (isset($_POST['delete_testimonial'])) { $id = intval($_POST['id']); $query = "SELECT `image` FROM `testimonials` WHERE `id`=$id"; $result = mysqli_query($conn, $query); $row = mysqli_fetch_assoc($result); $filename = $row['image']; $delete_query = "DELETE FROM `testimonials` WHERE `id`=$id"; if (mysqli_query($conn, $delete_query)) { $file_path = "uploads/" . $filename; if (file_exists($file_path)) { unlink($file_path); } header("Location: testimonial.php"); } else { header("Location: index.php?alert=delete_failed"); } } // ========================== Edit ======================================= if (isset($_POST['edit'])) { foreach ($_POST as $key => $value) { $_POST[$key] = mysqli_real_escape_string($conn, $value); } $id = intval($_POST['id']); $imgpath = image_upload($_FILES['image']); $query = "UPDATE `products` SET `name`='{$_POST['name']}', `description`='{$_POST['description']}', `category`='{$_POST['category']}', `price`='{$_POST['price']}', `dimension`='{$_POST['dimension']}', `image`='$imgpath' WHERE `id`=$id"; if (mysqli_query($conn, $query)) { header("Location: index.php"); } else { header("Location: index.php?alert=update_failed"); } } if (isset($_POST['edit_category'])) { foreach ($_POST as $key => $value) { $_POST[$key] = mysqli_real_escape_string($conn, $value); } $id = intval($_POST['id']); $imgpath = image_upload($_FILES['image']); $query = "UPDATE `product_category` SET `category_name`='{$_POST['category_name']}', `image`='$imgpath' WHERE `id`=$id"; if (mysqli_query($conn, $query)) { header("Location: category.php"); } else { header("Location: category.php?alert=update_failed"); } } if (isset($_POST['edit_gallery'])) { foreach ($_POST as $key => $value) { $_POST[$key] = mysqli_real_escape_string($conn, $value); } $id = intval($_POST['id']); $imgpath = image_upload($_FILES['image']); $query = "UPDATE `products` SET `name`='{$_POST['name']}', `category`='{$_POST['category']}', `image`='$imgpath' WHERE `id`=$id"; if (mysqli_query($conn, $query)) { header("Location: gallery.php"); } else { header("Location: index.php?alert=update_failed"); } } if (isset($_POST['edit_testimonial'])) { foreach ($_POST as $key => $value) { $_POST[$key] = mysqli_real_escape_string($conn, $value); } $id = intval($_POST['id']); $imgpath = image_upload($_FILES['image']); $query = "UPDATE `testimonials` SET `name`='{$_POST['name']}', `designation`='{$_POST['designation']}', `review`='{$_POST['review']}', `image`='$imgpath' WHERE `id`=$id"; if (mysqli_query($conn, $query)) { header("Location: testimonial.php"); } else { header("Location: index.php?alert=update_failed"); } } ?>