<?php session_start(); include_once('../../db/saucerer.php'); if(isset($_POST['submit'])){ $id = mysqli_real_escape_string($mysqli, $_POST['id']); $code = mysqli_real_escape_string($mysqli, $_POST['code']); $title = mysqli_real_escape_string($mysqli, $_POST['title']); $cat = mysqli_real_escape_string($mysqli, $_POST['cat']); $email = mysqli_real_escape_string($mysqli, $_POST['email']); $phone = mysqli_real_escape_string($mysqli, $_POST['phone']); $venue = mysqli_real_escape_string($mysqli, $_POST['venue']); $location = mysqli_real_escape_string($mysqli, $_POST['location']); $district = mysqli_real_escape_string($mysqli, $_POST['district']); $country = mysqli_real_escape_string($mysqli, $_POST['country']); $start_date = mysqli_real_escape_string($mysqli, $_POST['start_date']); $end_date = mysqli_real_escape_string($mysqli, $_POST['end_date']); $start_time = mysqli_real_escape_string($mysqli, $_POST['start_time']); $end_time = mysqli_real_escape_string($mysqli, $_POST['end_time']); $description = mysqli_real_escape_string($mysqli, $_POST['description']); $g_maps = mysqli_real_escape_string($mysqli, $_POST['g_maps']); $facebook = mysqli_real_escape_string($mysqli, $_POST['facebook']); $instagram = mysqli_real_escape_string($mysqli, $_POST['instagram']); $twitter = mysqli_real_escape_string($mysqli, $_POST['twitter']); $youtube = mysqli_real_escape_string($mysqli, $_POST['youtube']); $website = mysqli_real_escape_string($mysqli, $_POST['website']); if ($_FILES['image']['name']=='') { $image = $_POST['image']; } else { $ext1 = substr($_FILES['image']['name'], strrpos($_FILES['image']['name'], '.')+1); $image = $code.'.'.$ext1; if(is_file('../images/'. $image)) unlink('../images/'. $image); move_uploaded_file($_FILES['image']['tmp_name'],'../images/'. $image); } $sql = "UPDATE events SET title = '$title', cat = '$cat', email = '$email', phone = '$phone', venue = '$venue', location = '$location', district = '$district', country = '$country', start_date = '$start_date', end_date = '$end_date', start_time = '$start_time', end_time = '$end_time', description = '$description', g_maps = '$g_maps', facebook = '$facebook', instagram = '$instagram', twitter = '$twitter', youtube = '$youtube', website = '$website', image = '$image' WHERE id = '$id'"; //use for MySQLi OOP if(mysqli_query($mysqli, $sql)){ $_SESSION['success'] = ''.$title.' updated successfully'; } else{ $_SESSION['error'] = 'Something went wrong while updating '.$title.'!'; } } header('location: ../#nav_'.$id.''); ?>