File "index.php"

Full Path: /home/custbahd/tourismfraternity.com/admin/events/add/index.php
File size: 2.51 KB
MIME-type: text/x-php
Charset: utf-8

 
Open Edit   Advanced Editor   Back 
<?php
	session_start();
	include_once('../../db/saucerer.php');

	if(isset($_POST['submit'])){
		$code = mysqli_real_escape_string($mysqli, $_POST['code']);
		$title = mysqli_real_escape_string($mysqli, $_POST['title']);
		$cat = mysqli_real_escape_string($mysqli, $_POST['cat']);
		$email = mysqli_real_escape_string($mysqli, $_POST['email']);
		$phone = mysqli_real_escape_string($mysqli, $_POST['phone']);
		$venue = mysqli_real_escape_string($mysqli, $_POST['venue']);
		$location = mysqli_real_escape_string($mysqli, $_POST['location']);
		$district = mysqli_real_escape_string($mysqli, $_POST['district']);
		$country = mysqli_real_escape_string($mysqli, $_POST['country']);
		$start_date = mysqli_real_escape_string($mysqli, $_POST['start_date']);
		$end_date = mysqli_real_escape_string($mysqli, $_POST['end_date']);
		$start_time = mysqli_real_escape_string($mysqli, $_POST['start_time']);
		$end_time = mysqli_real_escape_string($mysqli, $_POST['end_time']);
		$description = mysqli_real_escape_string($mysqli, $_POST['description']);
		$g_maps = mysqli_real_escape_string($mysqli, $_POST['g_maps']);
		$facebook = mysqli_real_escape_string($mysqli, $_POST['facebook']);
		$instagram = mysqli_real_escape_string($mysqli, $_POST['instagram']);
		$twitter = mysqli_real_escape_string($mysqli, $_POST['twitter']);
		$youtube = mysqli_real_escape_string($mysqli, $_POST['youtube']);
		$website = mysqli_real_escape_string($mysqli, $_POST['website']);

		if ($_FILES['image']['name']=='') {
			$image = "";
		} else {
		$ext1 = substr($_FILES['image']['name'], strrpos($_FILES['image']['name'], '.')+1);
			$image = $code.'.'.$ext1;
			if(is_file('../images/'. $image))
				unlink('../images/'. $image);
				move_uploaded_file($_FILES['image']['tmp_name'],'../images/'. $image);
		}


		$sql = "INSERT INTO events (code, title, cat, email, phone, venue, location, district, country, start_date, end_date, start_time, end_time, description, g_maps, facebook, instagram, twitter, youtube, website, image) 

				VALUES ('$code', '$title', '$cat', '$email', '$phone', '$venue', '$location', '$district', '$country', '$start_date', '$end_date', '$start_time', '$end_time', '$description', '$g_maps', '$facebook', '$instagram', '$twitter', '$youtube', '$website', '$image')";

		//use for MySQLi OOP
		if(mysqli_query($mysqli, $sql)){
			$_SESSION['success'] = ''.$title.' added successfully';
		}
		
		
		else{
			$_SESSION['error'] = 'Something went wrong while adding '.$title.'!';
		}

	}

	header('location: ../');
?>