Tiny File Manager | gallery-process.php

Back Back Up Normal Editor

<?php include "db_connect.php"; // include_once "ImageResizeService.php"; $create_time = date("Y-m-d H:i:s"); // echo '<pre>';print_r($_POST);exit; if (isset($_POST['submit']) && $_POST['submit'] == 'Submit') { $imageName = !empty($_POST['imageName']) ? $_POST['imageName'] : ''; $imageName = check_input($con, $imageName); $insert_stmt = $con->prepare('INSERT INTO `gallery_image` SET `image` = ?, `create_date_time` = ?, `status` = "1" '); $insert_stmt->bind_param("ss", $imageName, $create_time); $insert_stmt->execute(); $lastInsertId = mysqli_insert_id($con); $imgName = !empty($_POST['imgName']) ? $_POST['imgName'] : ''; $imgAlt = !empty($_POST['imgAlt']) ? $_POST['imgAlt'] : ''; $imgTitle = !empty($_POST['imgTitle']) ? $_POST['imgTitle'] : ''; $imgName = check_input($con, $imgName); $imgAlt = check_input($con, $imgAlt); $imgTitle = check_input($con, $imgTitle); $NameFile = $_FILES['image']['name']; if (isset($NameFile) && !empty($NameFile)) { $extension = strtolower(pathinfo($NameFile, PATHINFO_EXTENSION)); if ($extension != "jpg" && $extension != "jpeg" && $extension != "png" && $extension != "gif") { echo '<script type="text/javascript">'; echo 'alert("Only jpg, jpeg, png and gif files are allowed");'; echo 'window.location.href = "add-images.php";'; echo '</script>'; exit(); } $galleryImg = "Gallery"; //$fileName = $imgName . "." . $extension; $fileName = $NameFile; $fpath = ".." . DIRECTORY_SEPARATOR . $galleryImg . DIRECTORY_SEPARATOR . $fileName; if (!file_exists(".." . DIRECTORY_SEPARATOR . $galleryImg) && !is_dir(".." . DIRECTORY_SEPARATOR . $blogImg)) { mkdir(".." . DIRECTORY_SEPARATOR . $galleryImg); } if (move_uploaded_file($_FILES["image"]["tmp_name"], $fpath)) { $img_stmt = $con->prepare('UPDATE `gallery_image` SET `image` = ? WHERE `id` = ? '); $img_stmt->bind_param('ss', $fileName, $lastInsertId); $img_stmt->execute(); $img_stmt->store_result(); } /* $resizeObj = new ImageResizeService($fpath); $resizeObj->resizeImage(730, 380, 'auto'); $resizeObj->saveImage($fpath, 100); */ } if ($insert_stmt) { $_SESSION['msg'] = 'data_uploaded'; header("location: view-gallery.php"); } else { header("location: view-gallery.php"); exit; } } if (isset($_POST['submit']) && $_POST['submit'] == 'Save Changes') { $id = check_input($con, base64_decode($_REQUEST['id'])); $id1 = check_input($con, $_REQUEST['id']); $fetch_pslug = mysqli_query($con, "SELECT `image` FROM `gallery_image` WHERE `id`='" . $id . "' ") or die(mysqli_error($con)); $row_pslug = mysqli_fetch_array($fetch_pslug); $imageName = !empty($_POST['imageName']) ? $_POST['imageName'] : ''; $imageName = check_input($con, $imageName); $update_stmt = $con->prepare('UPDATE `gallery_image` SET `image` = ? WHERE `id` = ? '); $update_stmt->bind_param("ss", $imgName, $id); $update_stmt->execute(); $update_stmt->store_result(); $NameFile = $_FILES['image']['name']; if (isset($NameFile) && !empty($NameFile)) { $extension = strtolower(pathinfo($NameFile, PATHINFO_EXTENSION)); if ($extension != "jpg" && $extension != "jpeg" && $extension != "png" && $extension != "gif") { echo '<script type="text/javascript">'; echo 'alert("Only jpg, jpeg, png and gif files are allowed");'; echo 'window.location.href = "view-gallery.php";'; echo '</script>'; exit(); } } $galleryImg = "Gallery"; if (isset($_POST['existImage']) && $_POST['existImage'] == '') { if (isset($_POST['removedImage']) && $_POST['removedImage'] != '') { $rimg = "../" . $galleryImg . "/" . $_POST['removedImage']; if (file_exists($rimg)) { unlink($rimg); $nimg = ""; $uimg_stmt = $con->prepare('UPDATE `gallery_image` SET `image` = ? WHERE `id` = ? '); $uimg_stmt->bind_param("ss", $nimg, $id); $uimg_stmt->execute(); $uimg_stmt->store_result(); } } } if (isset($NameFile) && !empty($NameFile)) { if (!file_exists(".." . DIRECTORY_SEPARATOR . $galleryImg) && !is_dir(".." . DIRECTORY_SEPARATOR . $blogImg)) { mkdir(".." . DIRECTORY_SEPARATOR . $galleryImg); } //$fileName = $imgName . "." . $extension; $fileName = $NameFile; $fpath = ".." . DIRECTORY_SEPARATOR . $galleryImg . DIRECTORY_SEPARATOR . $fileName; if (move_uploaded_file($_FILES["image"]["tmp_name"], $fpath)) { $nimg_stmt = $con->prepare('UPDATE `gallery_image` SET `image` = ? WHERE `id` = ? '); $nimg_stmt->bind_param('ss', $fileName, $id); $nimg_stmt->execute(); $nimg_stmt->store_result(); /* $resizeObj = new ImageResizeService($fpath); $resizeObj->resizeImage(730, 380, 'auto'); $resizeObj->saveImage($fpath, 100); */ } } $ext = pathinfo($row_pslug['image'], PATHINFO_EXTENSION); $presentImg = basename($row_pslug['image'], "." . $ext); $oldImg = ".." . DIRECTORY_SEPARATOR . $galleryImg . DIRECTORY_SEPARATOR . $presentImg . "." . $ext; $newImg = ".." . DIRECTORY_SEPARATOR . $galleryImg . DIRECTORY_SEPARATOR . $imgName . "." . $ext; if (($presentImg != $imgName) && ($NameFile == '') && (file_exists($oldImg))) { if (!(rename($oldImg, $newImg))) { echo '<script type="text/javascript">'; echo 'alert("An error occurred during Rename Image.");'; echo 'window.location.href = "view-gallery.php";'; echo '</script>'; exit(); } $rName = $imgName . "." . $ext; $rnimg_stmt = $con->prepare('UPDATE `gallery_image` SET `image` = ? WHERE `id` = ? '); $rnimg_stmt->bind_param('ss', $rName, $id); $rnimg_stmt->execute(); $rnimg_stmt->store_result(); } if ($update_stmt) { $_SESSION['msg'] = 'data_updated'; header("location: view-gallery.php"); } else { header("location: view-gallery.php"); exit; } } if ($_SERVER["REQUEST_METHOD"] == "GET" && isset($_GET['action']) && $_GET['action'] == 'status') { $id = check_input($con, base64_decode($_REQUEST['id'])); $sts_stmt = $con->prepare('SELECT `status` FROM `gallery_image` WHERE `id` = ?'); $sts_stmt->bind_param('s', $id); $sts_result = $sts_stmt->execute(); $sts_stmt->store_result(); $sts_stmt->bind_result($cstatus); $sts_stmt->fetch(); if ($cstatus == '1') { $status = 0; $stmt = $con->prepare('UPDATE `gallery_image` SET `status` = ? WHERE `id` = ? '); $stmt->bind_param('ss', $status, $id); $result = $stmt->execute(); $stmt->store_result(); } if ($cstatus == '0') { $status = 1; $stmt = $con->prepare('UPDATE `gallery_image` SET `status` = ? WHERE `id` = ? '); $stmt->bind_param('ss', $status, $id); $result = $stmt->execute(); $stmt->store_result(); } if ($stmt) { $_SESSION['msg'] = 'status_changed'; header('location: view-gallery.php'); exit; } else { header("location: view-gallery.php"); exit; } } if ($_SERVER["REQUEST_METHOD"] == "GET" && isset($_GET['action']) && $_GET['action'] == 'delete') { $id = check_input($con, base64_decode($_REQUEST['id'])); $delete_stmt = $con->prepare('DELETE FROM `gallery_image` WHERE `id` = ? '); $delete_stmt->bind_param('s', $id); $delete_stmt->execute(); if ($delete_stmt) { $_SESSION['msg'] = 'delete_data'; header('location: view-gallery.php'); exit; } else { header("location: view-gallery.php"); exit; } } ?>