impetrator

File "index.php"
Full Path: /home/custbahd/tourismfraternity.com/admin/blogs/add/index.php
File size: 3.13 KB
MIME-type: text/x-php
Charset: utf-8
Open Edit Advanced Editor Back
<?php
	session_start();
	include_once('../../db/saucerer.php');

	if(isset($_POST['submit'])){
		$code = mysqli_real_escape_string($mysqli, $_POST['code']);
		$title = mysqli_real_escape_string($mysqli, $_POST['title']);
		$sector = mysqli_real_escape_string($mysqli, $_POST['sector']);
		$cat = mysqli_real_escape_string($mysqli, $_POST['cat']);
		$topic = mysqli_real_escape_string($mysqli, $_POST['topic']);
		$author = mysqli_real_escape_string($mysqli, $_POST['author']);
		$blog_type = mysqli_real_escape_string($mysqli, $_POST['blog_type']);
		$paragraph1 = mysqli_real_escape_string($mysqli, $_POST['paragraph1']);
		$paragraph2 = mysqli_real_escape_string($mysqli, $_POST['paragraph2']);
		$paragraph3 = mysqli_real_escape_string($mysqli, $_POST['paragraph3']);
		$paragraph4 = mysqli_real_escape_string($mysqli, $_POST['paragraph4']);
		$paragraph5 = mysqli_real_escape_string($mysqli, $_POST['paragraph5']);
		$paragraph6 = mysqli_real_escape_string($mysqli, $_POST['paragraph6']);
		$web_link = mysqli_real_escape_string($mysqli, $_POST['web_link']);
		$summ1 = mysqli_real_escape_string($mysqli, $_POST['summ1']);
		$summ2 = mysqli_real_escape_string($mysqli, $_POST['summ2']);
		$summ3 = mysqli_real_escape_string($mysqli, $_POST['summ3']);

		if ($_FILES['image1']['name']=='') {
			$image1 = "";
		} else {
		$ext1 = substr($_FILES['image1']['name'], strrpos($_FILES['image1']['name'], '.')+1);
			$image1 = $code.'_1.'.$ext1;
			if(is_file('../images/'. $image1))
				unlink('../images/'. $image1);
				move_uploaded_file($_FILES['image1']['tmp_name'],'../images/'. $image1);
		}

        if ($_FILES['image2']['name']=='') {
            $image2 = "";
        } else {
        $ext2 = substr($_FILES['image2']['name'], strrpos($_FILES['image2']['name'], '.')+1);
            $image2 = $code.'_2.'.$ext2;
            if(is_file('../images/'. $image2))
                unlink('../images/'. $image2);
                move_uploaded_file($_FILES['image2']['tmp_name'],'../images/'. $image2);
        }

        if ($_FILES['image3']['name']=='') {
            $image3 = "";
        } else {
        $ext3 = substr($_FILES['image3']['name'], strrpos($_FILES['image3']['name'], '.')+1);
            $image3 = $code.'_3.'.$ext3;
            if(is_file('../images/'. $image3))
                unlink('../images/'. $image3);
                move_uploaded_file($_FILES['image3']['tmp_name'],'../images/'. $image3);
        }


		$sql = "INSERT INTO blogs (code, title, sector, cat, topic, author, blog_type, paragraph1, paragraph2, paragraph3, paragraph4, paragraph5, paragraph6, web_link, image1, image2, image3, summ1, summ2, summ3) 

				VALUES ('$code', '$title', '$sector', '$cat', '$topic', '$author', '$blog_type', '$paragraph1', '$paragraph2', '$paragraph3', '$paragraph4', '$paragraph5', '$paragraph6', '$web_link', '$image1', '$image2', '$image3', '$summ1', '$summ2', '$summ3')";

		//use for MySQLi OOP
		if(mysqli_query($mysqli, $sql)){
			$_SESSION['success'] = 'Blog added successfully';
		}
		
		
		else{
			$_SESSION['error'] = 'Something went wrong while adding the blog!';
		}

	}

	header('location: ../');
?>