CasperSecurity
<?php
include("../includes/connection.php");
if (!isset($_SESSION['id'])):
header("location:index.php");
endif;
$page1='message';
$details=$_POST['details'];
$detailsdate=$_POST['date'];
$stage=$_REQUEST['stage'];
$allowed_extensions = array('gif', 'jpg','jpeg', 'png','bmp', 'GIF', 'JPG', 'PNG', 'JPEG','BMP');
if ($stage == 2) {
if ($_FILES['chphoto']['name'] != "") {
$filenamenew = $_FILES['chphoto']['name'];
$path_info = pathinfo($filenamenew);
$is_valid = in_array($path_info['extension'], $allowed_extensions);
if (empty($is_valid)) {
//die('File #'.$i.': Incorrent file extension.');
$msg = "Incorrent file extension, Please upload a valid image file";
setcookie("msg", $msg, time() + 3);
print "<script>";
print "self.location = 'mng_msgphoto.php';";
print "</script>";
exit;
} else {
$path2 = "../images/content/";
$s1 = rand();
$realname = removeSpchar($_FILES['chphoto']['name']);
$realname = $s1 . "_" . $realname;
$dest = $path2 . "/" . $realname;
copy($_FILES['chphoto']['tmp_name'], $dest);
$bannerimage = trim($realname);
}
}
$sql="INSERT INTO happe (details,photo,datee) VALUES ('$details','$realname','$detailsdate')";
$result3 = db_query($sql);
$msg = "Successful.";
setcookie("msg", $msg, time() + 3);
print "<script>";
print "self.location = 'happe.php'";
print "</script>";
exit;
}
/*Delete Template */
$delid = $connect->real_escape_string($_GET['delid']);
if ($delid != ""){
$upsql = "delete from happe where id={$delid}";
db_query($upsql);
$msg = "Record Deleted Successfully.";
setcookie("msg", $msg, time() + 3);
header("Location: happe.php");
}
if ($_GET['id'] != "") {
$sql = "select * from happe where id=" . $_GET['id'] ;
$row_service = mysqli_fetch_assoc(db_query($sql));
$eid = $row_service['id'];
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<?php include("css.php"); ?>
<script src="tinymce/tinymce.min.js" referrerpolicy="origin"></script>
<script>
tinymce.init({
selector: '#buyers,#sellers,#content',
height: 300,
plugins: 'print preview paste importcss searchreplace autolink autosave save directionality code visualblocks visualchars fullscreen image link media template codesample table charmap hr pagebreak nonbreaking anchor toc insertdatetime advlist lists wordcount imagetools textpattern noneditable help charmap emoticons',
menubar: 'file edit view insert format tools table help',
toolbar: 'undo redo | bold italic underline strikethrough | fontselect fontsizeselect formatselect | alignleft aligncenter alignright alignjustify | outdent indent | numlist bullist | forecolor backcolor removeformat | pagebreak | charmap emoticons | fullscreen preview save print | insertfile image media template link anchor codesample | ltr rtl',
toolbar_sticky: false,
image_advtab: true,
external_filemanager_path:"filemanager/",
filemanager_title:"Filemanager" ,
external_plugins: { "filemanager" : "../filemanager/plugin.min.js"},
content_css: [
'//fonts.googleapis.com/css?family=Lato:300,300i,400,400i',
'//www.tiny.cloud/css/codepen.min.css'
],
extended_valid_elements: 'span[class=]',
importcss_append: false,
});
function chnageLang(val){
self.location = 'happe.php';
}
</script>
</head>
<body class="sidebar-pinned">
<?php include("left.php") ?>
<main class="admin-main">
<!--site header begins-->
<?php include("admin_header.php");?>
<!--site header ends -->
<section class="admin-content ">
<div class="bg-dark">
<div class="container m-b-30">
<div class="row">
<div class="col-12 text-white p-t-40 p-b-90">
<h4 class="">Manage Latest Happenings</h4>
<p class="opacity-75 "></p>
</div>
</div>
</div>
</div>
<div class="container pull-up">
<div class="row" style="margin: 0 auto; width:100%; align-items: center;
justify-content: center;">
<!--message-->
<?php if ($_COOKIE['msg']) { ?>
<div class="clearfix"></div>
<div class="col-lg-8">
<div class="alert alert-success">
<a href="#" class="close" data-dismiss="alert" onClick="$('.alert').hide('slow');">×</a>
<?php print str_replace("+", " ", $_COOKIE['msg']); ?>
</div>
</div>
<?php } ?>
<!--message-->
<div class="col-lg-12">
<div class="card m-b-30">
<div class="card-header">
<h5 class="m-b-0">
</h5>
<p class="m-b-0 text-muted">
</p>
</div>
<form name="pwd" method="POST" action="mng_msgphoto.php" enctype="multipart/form-data" >
<input type="hidden" name="recaptchaResponse" id="recaptchaResponse">
<?php if ($eid == "") { ?>
<input type="hidden" name="stage" value="2">
<?php } else { ?>
<input type="hidden" name="stage" value="3">
<input type="hidden" name="rid" value="<?php print $eid; ?>">
<?php } ?>
<div class="card-body">
<div class="form-row m-b-20">
<label for="buyers">Photo</label>
<input type="file" class="form-control" id="chphoto" name="chphoto" placeholder="Banner">
</div>
<div class="form-row m-b-20">
<label for="buyers">Date</label>
<input type="text" class="form-control" id="date" name="date" >
</div>
<div class="form-row m-b-20">
<label for="buyers">Details</label>
<textarea class="form-control" id="content" name="details" ></textarea>
</div>
<div class="form-group">
<div class="buttoncls">
<button type="submit" class="btn btn-primary">Submit</button>
</div>
</div>
</div>
</form>
<div class="col-lg-12">
<div class="card m-b-30">
<div class="card-header">
<h5 class="m-b-0">
Details
</h5>
</div>
<div class="card-body">
<div class="table-responsive">
<table class="table table-hover">
<thead>
<tr>
<th>#</th>
<th>Photo</th>
<th>Details</th>
<th>Date</th>
<th class="text-center" style="width:240px;">Action</th>
</tr>
</thead>
<tbody>
<?php
$sqlfetch = "SELECT * FROM happe";
$sqlfetch = db_query($sqlfetch);
$i = 1;
while ($row = mysqli_fetch_array($sqlfetch))
{
?>
<tr>
<td><?php echo $i; ?></td>
<td><img src="../images/content/<?php echo $row[2]; ?>" style="width:100px"></td>
<td><?php echo $row[1]; ?></td>
<td><?php echo $row[3]; ?></td>
<td class="text-center">
<a href="happe.php?id=<?php print $row['id']; ?>"><i class="mdi mdi-square-edit-outline"></i></a> |
<a href="happe.php?delid=<?php print $row['id']; ?>" onclick ="return confirm('Are you sure to delete ?')"><i class="mdi mdi-delete-forever"></i></a></td>
</td>
</tr>
<?php
$i++;
} ?>
</tbody>
</table>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
</main>
<?php include("js.php"); ?>
<!--Additional Page includes-->
<script src="assets/vendor/apexchart/apexcharts.min.js"></script>
<!--chart data for current dashboard-->
<script src="assets/js/dashboard-01.js" type="text/javascript"></script>
<script>
grecaptcha.ready(function () {
grecaptcha.execute('<?php print $sitekey; ?>',{action:'login'}).then(function(token){
var recaptchaResponse = document.getElementById('recaptchaResponse');
recaptchaResponse.value = token;
});
});
</script>
</body>
</html>