Mini Shell
<?php
include("../config.php");
$conn = dbconnect();
error_reporting(0);
date_default_timezone_set('Asia/Kolkata');
session_start();
$admin_id = $_SESSION['admin_id'];
$today = date( 'Y-m-d H:i:s');
$type = $_POST['type'];
if($type== 'add'){
$course_name = mysqli_real_escape_string($conn,$_POST['course_name']);
$course_id = $_POST['course_id'];
$status = $_POST['status'];
$course_code = mysqli_real_escape_string($conn,$_POST['course_code']);
$course_fee = mysqli_real_escape_string($conn,$_POST['course_fee']);
$duration = mysqli_real_escape_string($conn,$_POST['duration']);
$certificate = mysqli_real_escape_string($conn,$_POST['certificate']);
$language = mysqli_real_escape_string($conn,$_POST['language']);
$practical = mysqli_real_escape_string($conn,$_POST['practical']);
$validity = mysqli_real_escape_string($conn,$_POST['validity']);
$subject_content = mysqli_real_escape_string($conn,$_POST['subject_content']);
$aims = mysqli_real_escape_string($conn,$_POST['aims']);
$objective = mysqli_real_escape_string($conn,$_POST['objective']);
$target_audience = mysqli_real_escape_string($conn,$_POST['target_audience']);
$delegate = mysqli_real_escape_string($conn,$_POST['delegate']);
$new_file_name1 = $_FILES["files"]["name"];
$new_file_name2 = $_FILES["cbf"]["name"];
$url_query = "SELECT * FROM tb1_url WHERE url_title='course'";
$res_url = mysqli_query($conn,$url_query);
$fetch_url = mysqli_fetch_object($res_url);
$url_path=$fetch_url->url_path;
$filepath = '../../'.$url_path;
if($new_file_name2 != '')
{
$new_file_name2 = $_FILES["cbf"]["name"];
$target_path2 = $filepath .'/' . basename($new_file_name2);
move_uploaded_file($_FILES['cbf']['tmp_name'], $target_path2);
}
if($new_file_name1 != '')
{
$new_file_name1 = $_FILES["files"]["name"];
$lname1 = "subcourse";
$emrand1 = $lname1.rand(1000,2000);
$fileType1 = $_FILES["files"]["type"];
$str1=explode("/",$fileType1);
$new_file_name1 = $emrand1.'.'.$str1[1];
$target_path1 = $filepath .'/' . basename($new_file_name1);
move_uploaded_file($_FILES['files']['tmp_name'], $target_path1);
$sql = "INSERT INTO tb1_subcourse(course_id,subcourse_name,course_img,course_code,course_fee,duration,certificate,language,practical,validity,subject_content,aims,objective,target_audience,delegate,course_form,status,crm_id,created_log,updated_log) VALUES ('$course_id','$course_name','$new_file_name1','$course_code','$course_fee','$duration','$certificate','$language','$practical','$validity','$subject_content','$aims','$objective','$target_audience','$delegate','$new_file_name2','$status','$admin_id','$today','$today')";
//echo $sql;
$content_res = mysqli_query($conn, $sql);
$course_sub_id = $conn->insert_id;
$code = 'done';
}
else
{
$sql = "INSERT INTO tb1_subcourse(course_id,subcourse_name,course_img,course_code,course_fee,duration,certificate,language,practical,validity,subject_content,aims,objective,target_audience,delegate,status,crm_id,created_log,updated_log) VALUES ('$course_id','$course_name','','$course_code','$course_fee','$duration','$certificate','$practical','$validity','$subject_content','$aims','$objective','$target_audience','$delegate','$status','$admin_id','$today','$today')";
$content_res = mysqli_query($conn, $sql);
$course_sub_id = $conn->insert_id;
$code = 'done';
}
$course_date = $_POST['course_date'];
$total_seats = $_POST['total_seats'];
$avail_seats = $_POST['avail_seats'];
foreach($_POST['course_date'] as $key=>$val){
$coursedate = $_POST['course_date'][$key];
$totalseats = $_POST['total_seats'][$key];
$availseats = $_POST['avail_seats'][$key];
$insertValuesSQL .= "('".$course_sub_id."','".$coursedate."','".$totalseats."','".$availseats."','1','$admin_id','0', NOW(), NOW()),";
}
$insertValuesSQL = trim($insertValuesSQL, ',');
// Insert image file name into database
$insert = $conn->query("INSERT INTO tb1_coursedate (course_subid,course_date,total_seats,available_seats,status,crm_id,delete_flag,updated_log,created_log) VALUES $insertValuesSQL");
}
else if($type== 'update')
{
$subcourse_id = $_POST['subcourse_id'];
$course_name = mysqli_real_escape_string($conn,$_POST['course_name']);
$course_id = $_POST['course_id'];
$status = $_POST['status'];
$course_code = mysqli_real_escape_string($conn,$_POST['course_code']);
$course_fee = mysqli_real_escape_string($conn,$_POST['course_fee']);
$duration = mysqli_real_escape_string($conn,$_POST['duration']);
$certificate = mysqli_real_escape_string($conn,$_POST['certificate']);
$language = mysqli_real_escape_string($conn,$_POST['language']);
$practical = mysqli_real_escape_string($conn,$_POST['practical']);
$validity = mysqli_real_escape_string($conn,$_POST['validity']);
$subject_content = mysqli_real_escape_string($conn,$_POST['subject_content']);
$aims = mysqli_real_escape_string($conn,$_POST['aims']);
$objective = mysqli_real_escape_string($conn,$_POST['objective']);
$target_audience = mysqli_real_escape_string($conn,$_POST['target_audience']);
$delegate = mysqli_real_escape_string($conn,$_POST['delegate']);
$new_file_name1 = $_FILES["files"]["name"];
$new_file_name2 = $_FILES["cbf"]["name"];
$url_query = "SELECT * FROM tb1_url WHERE url_title='course'";
$res_url = mysqli_query($conn,$url_query);
$fetch_url = mysqli_fetch_object($res_url);
$url_path=$fetch_url->url_path;
$filepath = '../../'.$url_path;
if($new_file_name2 != '')
{
$new_file_name2 = $_FILES["cbf"]["name"];
$target_path2 = $filepath .'/' . basename($new_file_name2);
move_uploaded_file($_FILES['cbf']['tmp_name'], $target_path2);
}
else
{
$new_file_name2 = '';
}
if($new_file_name1 != '')
{
$new_file_name1 = $_FILES["files"]["name"];
$lname1 = "course";
$emrand1 = $lname1.rand(1000,2000);
$fileType1 = $_FILES["files"]["type"];
$str1=explode("/",$fileType1);
$new_file_name1 = $emrand1.'.'.$str1[1];
$target_path1 = $filepath .'/' . basename($new_file_name1);
move_uploaded_file($_FILES['files']['tmp_name'], $target_path1);
$sql = "UPDATE tb1_subcourse SET subcourse_name='$course_name',course_id='$course_id',course_img='$new_file_name1',course_code='$course_code',course_fee='$course_fee',duration='$duration',certificate='$certificate',language='$language',practical='$practical',validity='$validity',subject_content='$subject_content',aims='$aims',objective='$objective',target_audience='$target_audience',delegate='$delegate',course_form='$new_file_name2',status='$status',crm_id='$admin_id',updated_log='$today' WHERE subcourse_id='$subcourse_id'";
$content_res = mysqli_query($conn, $sql);
$code = 'done';
}
else
{
$sql = "UPDATE tb1_subcourse SET subcourse_name='$course_name',course_id='$course_id',course_code='$course_code',course_fee='$course_fee',duration='$duration',certificate='$certificate',language='$language',practical='$practical',validity='$validity',subject_content='$subject_content',aims='$aims',objective='$objective',target_audience='$target_audience',delegate='$delegate',course_form='$new_file_name2',status='$status',crm_id='$admin_id',updated_log='$today' WHERE subcourse_id='$subcourse_id'";
$content_res = mysqli_query($conn, $sql);
$code = 'done';
}
$course_date1 = array_filter($_POST['course_date']);
$total_seats1 = array_filter($_POST['total_seats']);
$avail_seats1 = array_filter($_POST['avail_seats']);
if(!empty($course_date1) && !empty($total_seats1) && !empty($avail_seats1))
{
$course_date = $_POST['course_date'];
$total_seats = $_POST['total_seats'];
$avail_seats = $_POST['avail_seats'];
foreach($_POST['course_date'] as $key=>$val){
$coursedate = $_POST['course_date'][$key];
$totalseats = $_POST['total_seats'][$key];
$availseats = $_POST['avail_seats'][$key];
$insertValuesSQL .= "('".$subcourse_id."','".$coursedate."','".$totalseats."','".$availseats."','1','$admin_id','0', NOW(), NOW()),";
}
$insertValuesSQL = trim($insertValuesSQL, ',');
// Insert image file name into database
$insert = $conn->query("INSERT INTO tb1_coursedate (course_subid,course_date,total_seats,available_seats,status,crm_id,delete_flag,updated_log,created_log) VALUES $insertValuesSQL");
}
}
else if($type == 'coursedate_update')
{
$coursedate_id = $_POST['coursedate_id'];
$course_date1 = $_POST['course_date1'];
$total_seats1 = $_POST['total_seats1'];
$avail_seats1 = $_POST['avail_seats1'];
$sql = "UPDATE tb1_coursedate SET course_date='$course_date1',total_seats='$total_seats1',available_seats='$avail_seats1',crm_id='$admin_id',updated_log='$today' WHERE coursedate_id='$coursedate_id'";
$content_res = mysqli_query($conn, $sql);
$code = 'done';
}
else if($type == 'coursedate_delete')
{
$coursedate_id = $_POST['coursedate_id'];
$sql = "UPDATE tb1_coursedate SET status ='0',delete_flag='1',crm_id='$admin_id',updated_log='$today' WHERE coursedate_id='$coursedate_id'";
$content_res = mysqli_query($conn, $sql);
$code = 'done';
}
echo $data = json_encode($code);
?>
Zerion Mini Shell 1.0