Mini Shell

Direktori : /home2/aravindar/public_html/admin/ajax/
Upload File :
Current File : /home2/aravindar/public_html/admin/ajax/gallery_action.php

<?php
include("../config.php");
$conn = dbconnect();
error_reporting(0);
date_default_timezone_set('Asia/Kolkata');
session_start();
$admin_id = $_SESSION['admin_id'];
$today = date('Y-m-d H:i:s');
$type = $_POST['type'];
if ($type == 'add') {
    $year = mysqli_real_escape_string($conn, $_POST['year']);
    $category = mysqli_real_escape_string($conn, $_POST['category']);
    $new_file_name1 = $_FILES["images"]["name"];
    $img_status = 1;

    $url_query  = "SELECT * FROM tb1_url WHERE url_title='gallery'";
    $res_url = mysqli_query($conn, $url_query);
    $fetch_url = mysqli_fetch_object($res_url);
    $url_path = $fetch_url->url_path;

    $filepath = '../' . $url_path;

    $targetDir = $filepath;
    $allowTypes = array('jpg', 'png', 'jpeg', 'gif', 'PNG', 'JPEG', 'JPG');

    $statusMsg = $errorMsg = $insertValuesSQL = $errorUpload = $errorUploadType = '';
    $fileNames = array_filter($_FILES['images']['name']);
    if (!empty($fileNames)) {
        foreach ($_FILES['images']['name'] as $key => $val) {
            // File upload path 
            $fileName = basename($_FILES['images']['name'][$key]);
            $targetFilePath = $targetDir . $fileName;

            // Check whether file type is valid 
            $fileType = pathinfo($targetFilePath, PATHINFO_EXTENSION);
            if (in_array($fileType, $allowTypes)) {
                // Upload file to server 
                if (move_uploaded_file($_FILES["images"]["tmp_name"][$key], $targetFilePath)) {
                    // Image db insert sql 
                    $insertValuesSQL .= "('" . $year . "','" . $category . "','" . $fileName . "','" . $img_status . "','" . $admin_id . "', NOW(), NOW()),";
                } else {
                    $errorUpload .= $_FILES['images']['name'][$key] . ' | ';
                }
            } else {
                $errorUploadType .= $_FILES['images']['name'][$key] . ' | ';
            }
        }

        // Error message 
        $errorUpload = !empty($errorUpload) ? 'Upload Error: ' . trim($errorUpload, ' | ') : '';
        $errorUploadType = !empty($errorUploadType) ? 'File Type Error: ' . trim($errorUploadType, ' | ') : '';
        $errorMsg = !empty($errorUpload) ? '<br/>' . $errorUpload . '<br/>' . $errorUploadType : '<br/>' . $errorUploadType;

        if (!empty($insertValuesSQL)) {
            $insertValuesSQL = trim($insertValuesSQL, ',');
            // Insert image file name into database 
            $insert = $conn->query("INSERT INTO tb1_gallery (year,category,img,status,crm_id,updated_log,created_log) VALUES $insertValuesSQL");
        }
    }

    $code = 'done';
} else if ($type == 'update') {

    $gallery_id = $_POST['gallery_id'];
    $status = $_POST['status'];
    $category = mysqli_real_escape_string($conn, $_POST['category']);
    $year = mysqli_real_escape_string($conn, $_POST['year']);
    $new_file_name1 = $_FILES["files"]["name"];

    $url_query  = "SELECT * FROM tb1_url WHERE url_title='gallery'";
    $res_url = mysqli_query($conn, $url_query);
    $fetch_url = mysqli_fetch_object($res_url);
    $url_path = $fetch_url->url_path;

    $filepath = '../' . $url_path;

    if ($new_file_name1 != '') {
        $new_file_name1 = $_FILES["files"]["name"];
        $lname1 = "gallery";
        $emrand1 = $lname1 . rand(1000, 2000);
        $fileType1 = $_FILES["files"]["type"];
        $str1 = explode("/", $fileType1);
        $new_file_name1 = $emrand1 . '.' . $str1[1];
        $target_path1 = $filepath . '/' . basename($new_file_name1);
        move_uploaded_file($_FILES['files']['tmp_name'], $target_path1);

        $sql = "UPDATE tb1_gallery SET year='$year',category='$category',img='$new_file_name1',status='$status',crm_id='$admin_id',updated_log='$today' WHERE gallery_id='$gallery_id'";
        //echo $sql;
        $content_res = mysqli_query($conn, $sql);
        $code = 'done';
    } else {
        $sql = "UPDATE tb1_gallery SET year='$year',category='$category',status='$status',crm_id='$admin_id',updated_log='$today' WHERE gallery_id='$gallery_id'";
        $content_res = mysqli_query($conn, $sql);
        $code = 'done';
    }

    $code = 'done';
}
echo $data = json_encode($code);

Zerion Mini Shell 1.0