Tiny File Manager | blog-process-20260623200116.php

Back Back Up Normal Editor

<?php include "db_connect.php"; // include_once "ImageResizeService.php"; $create_time = date("Y-m-d H:i:s"); // echo '<pre>';print_r($_POST);exit; if(isset($_POST['submit']) && $_POST['submit']=='Submit') { $blogTitle = !empty($_POST['blogTitle'])?$_POST['blogTitle']:''; $titleSlug = !empty($_POST['titleSlug'])?$_POST['titleSlug']:''; $blogDate = !empty($_POST['blogDate'])?$_POST['blogDate']:''; $blogAuthor = !empty($_POST['blogAuthor'])?$_POST['blogAuthor']:''; $mainDescription = !empty($_POST['mainDescription'])?$_POST['mainDescription']:''; $scHema = !empty($_POST['scHema'])?$_POST['scHema']:''; $titleTag = !empty($_POST['titleTag'])?$_POST['titleTag']:''; $metaKeyword = !empty($_POST['metaKeyword'])?$_POST['metaKeyword']:''; $metaDescription = !empty($_POST['metaDescription'])?$_POST['metaDescription']:''; $blogTitle=check_input($con,$blogTitle); $titleSlug=check_input($con,$titleSlug); $blogDate=check_input($con,$blogDate); $blogDate = date('Y-m-d',strtotime($blogDate)); $blogAuthor=check_input($con,$blogAuthor); $mainDescription=check_input($con,$mainDescription); $scHema=check_input($con,$scHema); $titleTag=check_textinput($con,$titleTag); $metaKeyword=check_textinput($con,$metaKeyword); $metaDescription=check_textinput($con,$metaDescription); $insert_stmt = $con->prepare('INSERT INTO `ahq_blog` SET `title` = ?, `title_slug` = ?, `blog_date` = ?, `author` = ?, `create_date_time` = ?, `image` = "0", `image_alt` = "test", `image_title` = "test", `description` = "desc", `schema_content` = "schema content", `title_tag`="title tag", `meta_keyword`="meta keyword", `meta_description` = "meta description",`status` = "1" '); $insert_stmt->bind_param("sssss",$blogTitle,$titleSlug,$blogDate,$blogAuthor,$create_time); $insert_stmt->execute(); $lastInsertId=mysqli_insert_id($con); $query_desc = mysqli_query($con, "UPDATE `ahq_blog` SET `description`='".$mainDescription."',`schema_content`='".$scHema."',`title_tag`='".$titleTag."',`meta_keyword`='".$metaKeyword."',`meta_description`='".$metaDescription."' WHERE `blog_id`='".$lastInsertId."'") or die(mysqli_error($con)); $imgName = !empty($_POST['imgName'])?$_POST['imgName']:''; $imgAlt = !empty($_POST['imgAlt'])?$_POST['imgAlt']:''; $imgTitle = !empty($_POST['imgTitle'])?$_POST['imgTitle']:''; $imgName=check_input($con,$imgName); $imgAlt=check_input($con,$imgAlt); $imgTitle=check_input($con,$imgTitle); $NameFile=$_FILES['image']['name']; if(isset($NameFile) && !empty($NameFile)) { $extension = strtolower(pathinfo($NameFile, PATHINFO_EXTENSION)); if($extension != "jpg" && $extension != "jpeg" && $extension !="png" && $extension !="gif") { echo '<script type="text/javascript">'; echo 'alert("Only jpg, jpeg, png and gif files are allowed");'; echo 'window.location.href = "add-blog.php";'; echo '</script>'; exit(); } $blogImg = "BlogImg"; $fileName = "Blog_".time().".".$extension; //$imgName.".".$extension; $fpath=".." . DIRECTORY_SEPARATOR . $blogImg . DIRECTORY_SEPARATOR . $fileName; if(!file_exists(".." . DIRECTORY_SEPARATOR . $blogImg) && !is_dir(".." . DIRECTORY_SEPARATOR . $blogImg)) { mkdir(".." . DIRECTORY_SEPARATOR . $blogImg); } if(move_uploaded_file($_FILES["image"]["tmp_name"], $fpath)) { $img_stmt = $con->prepare('UPDATE `ahq_blog` SET `image` = ?, `image_alt` = ?,`image_title` = ? WHERE `blog_id` = ? '); $img_stmt->bind_param('ssss', $fileName,$imgAlt,$imgTitle,$lastInsertId); $img_stmt->execute(); $img_stmt->store_result(); } /* $resizeObj = new ImageResizeService($fpath); $resizeObj->resizeImage(730, 380, 'auto'); $resizeObj->saveImage($fpath, 100); */ } if($insert_stmt) { $_SESSION['msg'] = 'data_uploaded'; header("location: view-blog.php"); } else { header("location: view-blog.php");exit; } } if(isset($_POST['submit']) && $_POST['submit']=='Save Changes') { $id =check_input($con,base64_decode($_REQUEST['id'])); $id1=check_input($con,$_REQUEST['id']); $titleSlug = !empty($_POST['titleSlug'])?$_POST['titleSlug']:''; $titleSlug=check_input($con,$titleSlug); $fetch_pslug=mysqli_query($con,"SELECT `title_slug`,`image` FROM `ahq_blog` WHERE `blog_id`='".$id."' ") or die(mysqli_error($con)); $row_pslug=mysqli_fetch_array($fetch_pslug); $presentslug=$row_pslug['title_slug']; if($presentslug!=$titleSlug) { $fetch_pslug=mysqli_query($con,"SELECT `title_slug` FROM `ahq_blog` WHERE `title_slug`='".$titleSlug."' ") or die(mysqli_error($con)); if(mysqli_num_rows($fetch_pslug)==1) { echo '<script type="text/javascript">'; echo 'alert("Blog Slug already exist. Please Enter another Blog.!!");'; echo 'window.location.href = "view-blog.php";'; echo '</script>'; exit; } } $blogTitle = !empty($_POST['blogTitle'])?$_POST['blogTitle']:''; $blogDate = !empty($_POST['blogDate'])?$_POST['blogDate']:''; $blogAuthor = !empty($_POST['blogAuthor'])?$_POST['blogAuthor']:''; $mainDescription = !empty($_POST['mainDescription'])?$_POST['mainDescription']:''; $scHema = !empty($_POST['scHema'])?$_POST['scHema']:''; $titleTag = !empty($_POST['titleTag'])?$_POST['titleTag']:''; $metaKeyword = !empty($_POST['metaKeyword'])?$_POST['metaKeyword']:''; $metaDescription = !empty($_POST['metaDescription'])?$_POST['metaDescription']:''; $blogTitle=check_input($con,$blogTitle); $blogDate=check_input($con,$blogDate); $blogDate = date('Y-m-d',strtotime($blogDate)); $blogAuthor=check_input($con,$blogAuthor); $mainDescription=check_input($con,$mainDescription); $scHema=check_input($con,$scHema); $titleTag=check_textinput($con,$titleTag); $metaKeyword=check_textinput($con,$metaKeyword); $metaDescription=check_textinput($con,$metaDescription); $imgName = !empty($_POST['imgName'])?$_POST['imgName']:''; $imgAlt = !empty($_POST['imgAlt'])?$_POST['imgAlt']:''; $imgTitle = !empty($_POST['imgTitle'])?$_POST['imgTitle']:''; $imgName=check_input($con,$imgName); $imgAlt=check_input($con,$imgAlt); $imgTitle=check_input($con,$imgTitle); $update_stmt = $con->prepare('UPDATE `ahq_blog` SET `title` = ?, `title_slug` = ?, `image_alt` = ?, `image_title` = ?, `blog_date` = ?, `author` = ? WHERE `blog_id` = ? '); $update_stmt->bind_param("sssssss",$blogTitle,$titleSlug,$imgAlt,$imgTitle,$blogDate,$blogAuthor,$id); $update_stmt->execute(); $update_stmt->store_result(); $query_desc = mysqli_query($con, "UPDATE `ahq_blog` SET `description`='".$mainDescription."',`schema_content`='".$scHema."',`title_tag`='".$titleTag."',`meta_keyword`='".$metaKeyword."',`meta_description`='".$metaDescription."' WHERE `blog_id`='".$id."' ") or die(mysqli_error($con)); $NameFile=$_FILES['image']['name']; if(isset($NameFile) && !empty($NameFile)) { $extension = strtolower(pathinfo($NameFile, PATHINFO_EXTENSION)); if($extension != "jpg" && $extension != "jpeg" && $extension !="png" && $extension !="gif") { echo '<script type="text/javascript">'; echo 'alert("Only jpg, jpeg, png and gif files are allowed");'; echo 'window.location.href = "view-blog.php";'; echo '</script>'; exit(); } } $blogImg = "BlogImg"; if (isset($_POST['existImage']) && $_POST['existImage'] == '') { if(isset($_POST['removedImage']) && $_POST['removedImage'] != '') { $rimg="../".$blogImg."/".$_POST['removedImage']; if (file_exists($rimg)) { unlink($rimg); $nimg=""; $uimg_stmt = $con->prepare('UPDATE `ahq_blog` SET `image` = ? WHERE `blog_id` = ? '); $uimg_stmt->bind_param("ss",$nimg,$id); $uimg_stmt->execute(); $uimg_stmt->store_result(); } } } if(isset($NameFile) && !empty($NameFile)) { if(!file_exists(".." . DIRECTORY_SEPARATOR . $blogImg) && !is_dir(".." . DIRECTORY_SEPARATOR . $blogImg)) { mkdir(".." . DIRECTORY_SEPARATOR . $blogImg); } // $fileName = $imgName.".".$extension; $fileName = "Blog_".time().".".$extension; $fpath=".." . DIRECTORY_SEPARATOR . $blogImg . DIRECTORY_SEPARATOR . $fileName; if(move_uploaded_file($_FILES["image"]["tmp_name"], $fpath)) { $nimg_stmt = $con->prepare('UPDATE `ahq_blog` SET `image` = ? WHERE `blog_id` = ? '); $nimg_stmt->bind_param('ss', $fileName, $id); $nimg_stmt->execute(); $nimg_stmt->store_result(); /* $resizeObj = new ImageResizeService($fpath); $resizeObj->resizeImage(730, 380, 'auto'); $resizeObj->saveImage($fpath, 100); */ } } $ext = pathinfo($row_pslug['image'], PATHINFO_EXTENSION); $presentImg = basename($row_pslug['image'], ".".$ext); $oldImg = ".." . DIRECTORY_SEPARATOR . $blogImg . DIRECTORY_SEPARATOR . $presentImg . "." . $ext; $newImg = ".." . DIRECTORY_SEPARATOR . $blogImg . DIRECTORY_SEPARATOR . $imgName . "." . $ext; if(($presentImg!=$imgName) && ($NameFile=='') && (file_exists($oldImg))) { if(!(rename($oldImg,$newImg))){ echo '<script type="text/javascript">'; echo 'alert("An error occurred during Rename Image.");'; echo 'window.location.href = "view-blog.php";'; echo '</script>'; exit(); } $rName=$imgName.".".$ext; $rnimg_stmt = $con->prepare('UPDATE `ahq_blog` SET `image` = ? WHERE `blog_id` = ? '); $rnimg_stmt->bind_param('ss', $rName, $id); $rnimg_stmt->execute(); $rnimg_stmt->store_result(); } if($update_stmt) { $_SESSION['msg'] = 'data_updated'; header("location: view-blog.php"); } else { header("location: view-blog.php");exit; } } if($_SERVER["REQUEST_METHOD"]== "GET" && isset($_GET['action']) && $_GET['action']=='status'){ $id=check_input($con,base64_decode($_REQUEST['id'])); $sts_stmt = $con->prepare('SELECT `status` FROM `ahq_blog` WHERE `blog_id` = ?'); $sts_stmt->bind_param('s', $id); $sts_result = $sts_stmt->execute(); $sts_stmt->store_result(); $sts_stmt->bind_result($cstatus); $sts_stmt->fetch(); if($cstatus=='1'){ $status=0; $stmt = $con->prepare('UPDATE `ahq_blog` SET `status` = ? WHERE `blog_id` = ? '); $stmt->bind_param('ss', $status, $id); $result = $stmt->execute(); $stmt->store_result(); } if($cstatus=='0'){ $status=1; $stmt = $con->prepare('UPDATE `ahq_blog` SET `status` = ? WHERE `blog_id` = ? '); $stmt->bind_param('ss', $status, $id); $result = $stmt->execute(); $stmt->store_result(); } if($stmt) { $_SESSION['msg'] = 'status_changed'; header('location: view-blog.php');exit; } else { header("location: view-blog.php");exit; } } if($_SERVER["REQUEST_METHOD"]== "GET" && isset($_GET['action']) && $_GET['action']=='delete'){ $id=check_input($con,base64_decode($_REQUEST['id'])); $delete_stmt = $con->prepare('DELETE FROM `ahq_blog` WHERE `blog_id` = ? '); $delete_stmt->bind_param('s', $id); $delete_stmt->execute(); if($delete_stmt) { $_SESSION['msg'] = 'delete_data'; header('location: view-blog.php');exit; } else { header("location: view-blog.php");exit; } } ?>