MINI MINI MANI MO
<?php
ob_start();
extract($_REQUEST);
require_once 'library/config.php';
require_once 'library/functions.php';
//checkUser();
$date=date('m-d-Y');
$action = isset($_GET['action']) ? $_GET['action'] : '';
switch ($action) {
case 'addPageContent' :
addPageContent();
break;
case 'modifyContent' :
modifyContent();
break;
case 'addInfra' :
addInfra();
break;
case 'modifyInfra' :
modifyInfra();
break;
case 'addCategory' :
addCategory();
break;
case 'modifyCategory' :
modifyCategory();
break;
case 'addMaterial' :
addMaterial();
break;
case 'modifyMaterial' :
modifyMaterial();
break;
case 'addPhoto' :
addPhoto();
break;
case 'addProductDetails' :
addProductDetails();
break;
case 'modifyProductDetails' :
modifyProductDetails();
break;
case 'updateSeo' :
updateSeo();
break;
case 'modifyProduct' :
modifyProduct();
break;
case 'deleteProduct' :
deleteProduct();
break;
case 'deleteImage' :
deleteImage();
break;
default :
// if action is not defined or unknown
// move to main product page
header('Location: index.php');
}
function addPageContent()
{
$category = $_POST['category'];
$string = $_POST['url'];
$url=str_replace( ' ', '', $string );
$more = $_POST['more'];
$mainImg = uploadImage('glimg', SRV_ROOT . '../../galleryimg/');
// $contactdetails = $_POST['contacts'];
//$date=date('Y-m-d');
//die;
$sql="insert into page_contents values('','$mainImg','$category','$more','$url')";
//
$result = mysql_query($sql) or die(mysql_error());
//header("Location: index.php?catId=$catId");
echo "<script type='text/javascript'>alert('Upload successfully.!');</script>";
$url="addcontent.php";
print("<script language='javascript'>location.href='".$url."'</script>");
}
function modifyContent()
{
$idd=$_POST['id'];
$imgpath=$_POST['imgpath'];
if($imgpath=='' or $imgpath=='/thumb')
{
$mainImg = uploadImage('glimg', SRV_ROOT . '../../galleryimg/');
}
else
{
$mainImg = $imgpath;
}
$string = $_POST['url'];
$url=str_replace( ' ', '', $string );
$category = $_POST['category'];
$more = $_POST['more'];
$sql="update page_contents set image='$mainImg',page='$category', contents='$more', url='$url' where id='$idd'";
//
$result = mysql_query($sql) or die(mysql_error());
//header("Location: index.php?catId=$catId");
echo "<script type='text/javascript'>alert('Update successfully.!');</script>";
$url="show-contents.php";
print("<script language='javascript'>location.href='".$url."'</script>");
}
function AddInfra()
{
$more = $_POST['more'];
$mainImg = uploadImage('glimg', SRV_ROOT . '../../galleryimg/');
$sql="insert into infrastructure values('','$mainImg','$more')";
//
$result = mysql_query($sql) or die(mysql_error());
//header("Location: index.php?catId=$catId");
echo "<script type='text/javascript'>alert('Upload successfully.!');</script>";
$url="addinfra.php";
print("<script language='javascript'>location.href='".$url."'</script>");
}
function modifyInfra()
{
$idd=$_POST['id'];
$imgpath=$_POST['imgpath'];
if($imgpath=='' or $imgpath=='/thumb')
{
$mainImg = uploadImage('glimg', SRV_ROOT . '../../galleryimg/');
}
else
{
$mainImg = $imgpath;
}
$more = $_POST['more'];
$sql="update infrastructure set image='$mainImg', details='$more' where id='$idd'";
//
$result = mysql_query($sql) or die(mysql_error());
//header("Location: index.php?catId=$catId");
echo "<script type='text/javascript'>alert('Update successfully.!');</script>";
$url="show-infrastructure.php";
print("<script language='javascript'>location.href='".$url."'</script>");
}
function addCategory()
{
$maincategory = $_POST['maincategory'];
$category = $_POST['category'];
$hometop = $_POST['hometop'];
$homeright = $_POST['homeright'];
$mainImg = uploadImage('glimg', SRV_ROOT . '../../galleryimg/');
//die;
$sql="insert into category values('','$maincategory','$mainImg', '$category','$hometop','$homeright')";
//
$result = mysql_query($sql) or die(mysql_error());
//header("Location: index.php?catId=$catId");
echo "<script type='text/javascript'>alert('Upload successfully.!');</script>";
$url="add-category.php";
print("<script language='javascript'>location.href='".$url."'</script>");
}
function modifyCategory()
{
$idd=$_POST['id'];
//$mainImg = uploadImage('glimg', SRV_ROOT . '../../galleryimg/');
$maincategory = $_POST['maincategory'];
$category = $_POST['category'];
$hometop = $_POST['hometop'];
$homeright = $_POST['homeright'];
$img=rand(100000,9999999).$_FILES['glimg']['name'];
move_uploaded_file($_FILES['glimg']['tmp_name'],SRV_ROOT . '../../galleryimg/'.$img);
if($_FILES['glimg']['name']=='')
{
$sql="update category set main_category='$maincategory', category_name='$category', hometop='$hometop', homeright='$homeright' where id='$idd'";
}else{
$sql=mysql_query("select * from category where id='$idd'");
$row=mysql_fetch_array($sql);
unlink("../../galleryimg/$row[image]");
$sql="update category set image='$img', category_name='$category', hometop='$hometop', homeright='$homeright' where id='$idd'";
}
$result = mysql_query($sql) or die(mysql_error());
//header("Location: index.php?catId=$catId");
echo "<script type='text/javascript'>alert('Update successfully.!');</script>";
$url="show-category.php";
print("<script language='javascript'>location.href='".$url."'</script>");
}
function addMaterial()
{
$category = $_POST['category'];
$mainImg = uploadImage('glimg', SRV_ROOT . '../../galleryimg/');
//die;
$sql="insert into material values('','$mainImg', '$category')";
//
$result = mysql_query($sql) or die(mysql_error());
//header("Location: index.php?catId=$catId");
echo "<script type='text/javascript'>alert('Upload successfully.!');</script>";
$url="add-material.php";
print("<script language='javascript'>location.href='".$url."'</script>");
}
function modifyMaterial()
{
$idd=$_POST['id'];
//$mainImg = uploadImage('glimg', SRV_ROOT . '../../galleryimg/');
$category = $_POST['category'];
$img=rand(100000,9999999).$_FILES['glimg']['name'];
move_uploaded_file($_FILES['glimg']['tmp_name'],SRV_ROOT . '../../galleryimg/'.$img);
if($_FILES['glimg']['name']=='')
{
$sql="update material set material_name='$category' where id='$idd'";
}else{
$sql=mysql_query("select * from material where id='$idd'");
$row=mysql_fetch_array($sql);
unlink("../../galleryimg/$row[image]");
$sql="update material set image='$img', material_name='$category' where id='$idd'";
}
//
$result = mysql_query($sql) or die(mysql_error());
//header("Location: index.php?catId=$catId");
echo "<script type='text/javascript'>alert('Update successfully.!');</script>";
$url="show-materials.php";
print("<script language='javascript'>location.href='".$url."'</script>");
}
function addProductDetails()
{
$category = $_POST['category'];
$material = $_POST['material'];
$productname = $_POST['productname'];
$more = $_POST['more'];
$isnew = $_POST['isnew'];
$mainImg = uploadImage('glimg', SRV_ROOT . '../../galleryimg/');
$sql="insert into products values('','$category','$material','$mainImg','$productname','$more','$isnew')";
//
$result = mysql_query($sql) or die(mysql_error());
//header("Location: index.php?catId=$catId");
echo "<script type='text/javascript'>alert('Upload successfully.!');</script>";
$url="add-product.php";
print("<script language='javascript'>location.href='".$url."'</script>");
}
function modifyProductDetails()
{
$idd=$_POST['id'];
$category = $_POST['category'];
$material = $_POST['material'];
$productname = $_POST['productname'];
$more = $_POST['more'];
$isnew = $_POST['isnew'];
$img=rand(100000,9999999).$_FILES['glimg']['name'];
move_uploaded_file($_FILES['glimg']['tmp_name'],SRV_ROOT . '../../galleryimg/'.$img);
if($_FILES['glimg']['name']=='')
{
$sql="update products set category_id='$category',material='$material',product_name='$productname', details='$more', is_new='$isnew' where id='$idd'";
//
}else{
$sql=mysql_query("select * from products where id='$idd'");
$row=mysql_fetch_array($sql);
unlink("../../galleryimg/$row[image]");
$sql="update products set category='$category',material='$material',image='$img', product_name='$productname', details='$more', is_new='$isnew' where id='$idd'";
}
$result = mysql_query($sql) or die(mysql_error());
//header("Location: index.php?catId=$catId");
echo "<script type='text/javascript'>alert('Update successfully.!');</script>";
$url="show-products.php";
print("<script language='javascript'>location.href='".$url."'</script>");
}
function addPhoto()
{
$more = $_POST['more'];
$typeid = $_POST['typeid'];
$type = $_POST['type'];
//$date=date('m-d-Y');
$mainImg = uploadImage('glimg', SRV_ROOT . '../../galleryimg/');
//$gallery1 = uploadImage('glleryfleImage1', SRV_ROOT . '../galleryimg/');
//echo $bigImage;
//die;
$sql="insert into photogallery values('','$typeid','$type','$mainImg','$more')";
//
$result = mysql_query($sql) or die(mysql_error());
//header("Location: index.php?catId=$catId");
echo "<script type='text/javascript'>alert('Upload successfully.!');</script>";
$url="add-image.php";
print("<script language='javascript'>location.href='".$url."'</script>");
}
function updateSeo()
{
$typeid = $_POST['typeid'];
$type = $_POST['type'];
$metatitle = $_POST['metatitle'];
$metakeyword = $_POST['metakeyword'];
$metadesc = $_POST['metadesc'];
$author = $_POST['author'];
$robots = $_POST['robots'];
$googlebot = $_POST['googlebot'];
$googleverify = $_POST['googleverify'];
$coverage1 = $_POST['coverage1'];
$coverage2 = $_POST['coverage2'];
$coverage3 = $_POST['coverage3'];
//$sql="insert into employer values('','$cmpname','$name', '$mobile','$email','$location','$address','$mainImg','$website')";
//
$result = mysql_query("update seo_settings set typeid='$typeid', type='$type', meta_title='$metatitle', meta_keyword='$metakeyword', meta_description='$metadesc', author='$author', robots='$robots', googlebot='$googlebot', googleverify='$googleverify', coverage1='$coverage1', coverage2='$coverage2', coverage3='$coverage3' where typeid='$typeid' and type='$type';");
if (mysql_affected_rows()==0) {
$result = mysql_query("insert into seo_settings (id, typeid, type, meta_title, meta_keyword, meta_description, author, robots, googlebot, googleverify, coverage1, coverage2, coverage3) values ('','$typeid','$type','$metatitle','$metakeyword','$metadesc','$author','$robots','$googlebot','$googleverify','$coverage1','$coverage2','$coverage3');");
}
//$result = mysql_query($sql) or die(mysql_error());
//header("Location: index.php?catId=$catId");
echo "<script type='text/javascript'>alert('Upload successfully.!');</script>";
$url="dashboard.php";
print("<script language='javascript'>location.href='".$url."'</script>");
}
function uploadImage($inputName, $uploadDir)
{
$image = $_FILES[$inputName];
$imagePath = '/thumb';
// if a file is given
if (trim($image['tmp_name']) != '') {
// get the image extension
$ext = substr(strrchr($image['name'], "."), 1);
// generate a random new file name to avoid name conflict
$imagePath = md5(rand() * time()) . ".$ext";
// check the image width. if it exceed the maximum
// width we must resize it
$size = getimagesize($image['tmp_name']);
if ($size[0] > MAX_CATEGORY_IMAGE_WIDTH) {
$imagePath = createThumbnail2($image['tmp_name'], $uploadDir . $imagePath, MAX_CATEGORY_IMAGE_WIDTH);
} else {
// move the image to category image directory
// if fail set $imagePath to empty string
if (!move_uploaded_file($image['tmp_name'], $uploadDir . $imagePath)) {
$imagePath = '';
}
}
}
return $imagePath;
}
/*
Upload an image and return the uploaded image name
*/
function uploadProductImage($inputName, $uploadDir)
{
$image = $_FILES[$inputName];
$imagePath = '';
$thumbnailPath = '';
//$bigimagePath = '';
// if a file is given
if (trim($image['tmp_name']) != '') {
$ext = substr(strrchr($image['name'], "."), 1); //$extensions[$image['type']];
// generate a random new file name to avoid name conflict
$imagePath = md5(rand() * time()) . ".$ext";
list($width, $height, $type, $attr) = getimagesize($image['tmp_name']);
// make sure the image width does not exceed the
// maximum allowed width
if (LIMIT_PRODUCT_WIDTH && $width > MAX_PRODUCT_IMAGE_WIDTH) {
$result = createThumbnail($image['tmp_name'], $uploadDir . $imagePath, MAX_PRODUCT_IMAGE_WIDTH);
$imagePath = $result;
} else {
$result = move_uploaded_file($image['tmp_name'], $uploadDir . $imagePath);
}
//if (LIMIT_PRODUCT_WIDTH && $width > 1300) {
// $result2 = createThumbnail($image['tmp_name'], $uploadDir . $bigimagePath, 1300);
// $bigimagePath = $result2;
//} else {
// $result2 = move_uploaded_file($image['tmp_name'], $uploadDir . $bigimagePath);
//$bigimagePath = $result2;
//}
if ($result) {
// create thumbnail
$thumbnailPath = md5(rand() * time()) . ".$ext";
$result = createThumbnail($uploadDir . $imagePath, $uploadDir . $thumbnailPath, THUMBNAIL_WIDTH);
//$result2 = createThumbnail($uploadDir . $bigimagePath, $uploadDir . $thumbnailPath, THUMBNAIL_WIDTH);
// create thumbnail failed, delete the image
if (!$result) {
unlink($uploadDir . $imagePath);
//unlink($uploadDir . $bigimagePath);
$imagePath = $thumbnailPath = '';
//$bigimagePath = $thumbnailPath = '';
} else {
$thumbnailPath = $result;
}
} else {
// the product cannot be upload / resized
$imagePath = $thumbnailPath = '';
}
}
return array('image' => $imagePath, 'thumbnail' => $thumbnailPath);
}
//define a maxim size for the uploaded images in Kb
//define ("","100");
//This function reads the extension of the file. It is used to determine if the file is an image by checking the extension.
function getExtension($str) {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$ext = substr($str,$i+1,$l);
return $ext;
}
//This variable is used as a flag. The value is initialized with 0 (meaning no error found)
//and it will be changed to 1 if an errro occures.
//If the error occures the file will not be uploaded.
$errors=0;
$name ="";
//checks if the form has been submitted
function uploadnewimage($inputName)
{
$maxsize = 1000;
if(trim($inputName)!="")
{
//reads the name of the file the user submitted for uploading
$image=$_FILES['fleImage']['name'];
//if it is not empty
if ($image)
{
//get the original name of the file from the clients machine
$filename = stripslashes($_FILES['fleImage']['name']);
//get the extension of the file in a lower case format
$extension = getExtension($filename);
$extension = strtolower($extension);
//if it is not a known extension, we will suppose it is an error and will not upload the file,
//otherwise we will do more tests
if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif"))
{
//print error message
echo '<h1>Unknown extension!</h1>';
//$errors=1;
}
else
{
//get the size of the image in bytes
//$_FILES['image']['tmp_name'] is the temporary filename of the file
//in which the uploaded file was stored on the server
$size=filesize($_FILES['fleImage']['tmp_name']);
//compare the size with the maxim size we defined and print error if bigger
if ($size > $maxsize*1024)
{
echo '<h1>You have exceeded the size limit!</h1>';
//$errors=1;
}
//we will give an unique name, for example the time in unix time format
$image_name= md5(rand() * time()).'.'.$extension;
//the new name will be containing the full path where will be stored (images folder)
$newname=SRV_ROOT . 'images/product/'.$image_name;
$name=$image_name;
//$name = $image_name;
//we verify if the image has been uploaded, and print error instead
$copied = copy($_FILES['fleImage']['tmp_name'], $newname);
if (!$copied)
{
echo '<h1>Copy unsuccessfull!</h1>';
//$errors=1;
}
else
{
echo '<h1>Copy SUCCESSFULLY!</h1>';
}
}
}
}
return $name;
}
//If no errors registred, print the success message
//if(isset($_POST['btnAddProduct']) && !$errors)
// {
// echo "<h1>File Uploaded Successfully! Try again!</h1>";
// }
/*
Modify a product
*/
function modifyProduct()
{
$productId = (int)$_GET['productId'];
$catId = $_POST['cboCategory'];
$name = $_POST['txtName'];
$description = $_POST['mtxDescription'];
$price = str_replace(',', '', $_POST['txtPrice']);
$qty = $_POST['txtQty'];
$images = uploadProductImage('fleImage', SRV_ROOT . 'images/product/');
$images2 = uploadnewimage('fleImage');
$mainImage = $images['image'];
$thumbnail = $images['thumbnail'];
$bigImage = $images2;
// if uploading a new image
// remove old image
if ($mainImage != '') {
_deleteImage($productId);
$mainImage = "'$mainImage'";
$thumbnail = "'$thumbnail'";
} else {
// if we're not updating the image
// make sure the old path remain the same
// in the database
$mainImage = 'pd_image';
$thumbnail = 'pd_thumbnail';
$bigImage = 'pd_bigImage';
}
$sql = "UPDATE tbl_product
SET cat_id = $catId, pd_name = '$name', pd_description = '$description', pd_price = $price,
pd_qty = $qty, pd_image = $mainImage, pd_thumbnail = $thumbnail, pd_bigImage = $bigImage
WHERE pd_id = $productId";
$result = dbQuery($sql);
header('Location: index.php');
}
/*
Remove a product
*/
function deleteProduct()
{
if (isset($_GET['productId']) && (int)$_GET['productId'] > 0) {
$productId = (int)$_GET['productId'];
} else {
header('Location: index.php');
}
// remove any references to this product from
// tbl_order_item and tbl_cart
$sql = "DELETE FROM tbl_order_item
WHERE pd_id = $productId";
dbQuery($sql);
$sql = "DELETE FROM tbl_cart
WHERE pd_id = $productId";
dbQuery($sql);
// get the image name and thumbnail
$sql = "SELECT pd_image, pd_thumbnail, pd_bigImage
FROM tbl_product
WHERE pd_id = $productId";
$result = dbQuery($sql);
$row = dbFetchAssoc($result);
// remove the product image and thumbnail
if ($row['pd_image']) {
unlink(SRV_ROOT . 'images/product/' . $row['pd_image']);
unlink(SRV_ROOT . 'images/product/' . $row['pd_thumbnail']);
unlink(SRV_ROOT . 'images/product/' . $row['pd_bigImage']);
}
// remove the product from database;
$sql = "DELETE FROM tbl_product
WHERE pd_id = $productId";
dbQuery($sql);
header('Location: index.php?catId=' . $_GET['catId']);
}
/*
Remove a product image
*/
function deleteImage()
{
if (isset($_GET['productId']) && (int)$_GET['productId'] > 0) {
$productId = (int)$_GET['productId'];
} else {
header('Location: index.php');
}
$deleted = _deleteImage($productId);
// update the image and thumbnail name in the database
$sql = "UPDATE tbl_product
SET pd_image = '', pd_thumbnail = '', pd_bigImage = ''
WHERE pd_id = $productId";
dbQuery($sql);
header("Location: index.php?view=modify&productId=$productId");
}
function _deleteImage($productId)
{
// we will return the status
// whether the image deleted successfully
$deleted = false;
$sql = "SELECT pd_image, pd_thumbnail, pd_bigImage
FROM tbl_product
WHERE pd_id = $productId";
$result = dbQuery($sql) or die('Cannot delete product image. ' . mysql_error());
if (dbNumRows($result)) {
$row = dbFetchAssoc($result);
extract($row);
if ($pd_image && $pd_thumbnail) {
// remove the image file
$deleted = @unlink(SRV_ROOT . "images/product/$pd_image");
$deleted = @unlink(SRV_ROOT . "images/product/$pd_thumbnail");
$deleted = @unlink(SRV_ROOT . "images/product/$pd_bigImage");
}
}
return $deleted;
}
?>
OHA YOOOO