File "index-20260118143451.php"
Full Path: /home/custbahd/tourismfraternity.com/admin/listings/edit/index-20260118143451.php
File size: 5.56 KB
MIME-type: text/x-php
Charset: utf-8
<?php
session_start();
include_once('../../db/saucerer.php');
if(isset($_POST['submit'])){
$id = mysqli_real_escape_string($mysqli, $_POST['id']);
$code = mysqli_real_escape_string($mysqli, $_POST['code']);
$title = mysqli_real_escape_string($mysqli, $_POST['title']);
$cat = mysqli_real_escape_string($mysqli, $_POST['cat']);
$sub = mysqli_real_escape_string($mysqli, $_POST['sub']);
$email = mysqli_real_escape_string($mysqli, $_POST['email']);
$phone = mysqli_real_escape_string($mysqli, $_POST['phone']);
$gender = mysqli_real_escape_string($mysqli, $_POST['gender']);
$address = mysqli_real_escape_string($mysqli, $_POST['address']);
$district = mysqli_real_escape_string($mysqli, $_POST['district']);
$country = mysqli_real_escape_string($mysqli, $_POST['country']);
$reg_no = mysqli_real_escape_string($mysqli, $_POST['reg_no']);
$hr_open = mysqli_real_escape_string($mysqli, $_POST['hr_open']);
$hr_close = mysqli_real_escape_string($mysqli, $_POST['hr_close']);
$services = mysqli_real_escape_string($mysqli, $_POST['services']);
$paragraph1 = mysqli_real_escape_string($mysqli, $_POST['paragraph1']);
$phone1 = mysqli_real_escape_string($mysqli, $_POST['phone1']);
$phone2 = mysqli_real_escape_string($mysqli, $_POST['phone2']);
$g_maps = mysqli_real_escape_string($mysqli, $_POST['g_maps']);
$facebook = mysqli_real_escape_string($mysqli, $_POST['facebook']);
$instagram = mysqli_real_escape_string($mysqli, $_POST['instagram']);
$twitter = mysqli_real_escape_string($mysqli, $_POST['twitter']);
$youtube = mysqli_real_escape_string($mysqli, $_POST['youtube']);
$website = mysqli_real_escape_string($mysqli, $_POST['website']);
$summ1 = mysqli_real_escape_string($mysqli, $_POST['summ1']);
$summ2 = mysqli_real_escape_string($mysqli, $_POST['summ2']);
$summ3 = mysqli_real_escape_string($mysqli, $_POST['summ3']);
$summ4 = mysqli_real_escape_string($mysqli, $_POST['summ4']);
$summ5 = mysqli_real_escape_string($mysqli, $_POST['summ5']);
$summ6 = mysqli_real_escape_string($mysqli, $_POST['summ6']);
if ($_FILES['image']['name']=='') {
$image = $_POST['image'];
} else {
$ext = substr($_FILES['image']['name'], strrpos($_FILES['image']['name'], '.')+1);
$image = $code.'.'.$ext;
if(is_file('../images/'. $image))
unlink('../images/'. $image);
move_uploaded_file($_FILES['image']['tmp_name'],'../images/'. $image);
}
if ($_FILES['image1']['name']=='') {
$image1 = $_POST['image1'];
} else {
$ext1 = substr($_FILES['image1']['name'], strrpos($_FILES['image1']['name'], '.')+1);
$image1 = $code.'_1.'.$ext1;
if(is_file('../images/'. $image1))
unlink('../images/'. $image1);
move_uploaded_file($_FILES['image1']['tmp_name'],'../images/'. $image1);
}
if ($_FILES['image2']['name']=='') {
$image2 = $_POST['image2'];
} else {
$ext2 = substr($_FILES['image2']['name'], strrpos($_FILES['image2']['name'], '.')+1);
$image2 = $code.'_2.'.$ext2;
if(is_file('../images/'. $image2))
unlink('../images/'. $image2);
move_uploaded_file($_FILES['image2']['tmp_name'],'../images/'. $image2);
}
if ($_FILES['image3']['name']=='') {
$image3 = $_POST['image3'];
} else {
$ext3 = substr($_FILES['image3']['name'], strrpos($_FILES['image3']['name'], '.')+1);
$image3 = $code.'_3.'.$ext3;
if(is_file('../images/'. $image3))
unlink('../images/'. $image3);
move_uploaded_file($_FILES['image3']['tmp_name'],'../images/'. $image3);
}
if ($_FILES['image4']['name']=='') {
$image4 = $_POST['image4'];
} else {
$ext4 = substr($_FILES['image4']['name'], strrpos($_FILES['image4']['name'], '.')+1);
$image4 = $code.'_4.'.$ext4;
if(is_file('../images/'. $image4))
unlink('../images/'. $image4);
move_uploaded_file($_FILES['image4']['tmp_name'],'../images/'. $image4);
}
if ($_FILES['image5']['name']=='') {
$image5 = $_POST['image5'];
} else {
$ext5 = substr($_FILES['image5']['name'], strrpos($_FILES['image5']['name'], '.')+1);
$image5 = $code.'_5.'.$ext5;
if(is_file('../images/'. $image5))
unlink('../images/'. $image5);
move_uploaded_file($_FILES['image5']['tmp_name'],'../images/'. $image5);
}
if ($_FILES['image6']['name']=='') {
$image6 = $_POST['image6'];
} else {
$ext6 = substr($_FILES['image6']['name'], strrpos($_FILES['image6']['name'], '.')+1);
$image6 = $code.'_6.'.$ext6;
if(is_file('../images/'. $image6))
unlink('../images/'. $image6);
move_uploaded_file($_FILES['image6']['tmp_name'],'../images/'. $image6);
}
$sql = "UPDATE listings SET title = '$title', cat = '$cat', sub = '$sub', email = '$email', phone = '$phone', gender = '$gender', address = '$address', district = '$district', country = '$country', reg_no = '$reg_no', hr_open = '$hr_open', hr_close = '$hr_close', services = '$services', paragraph1 = '$paragraph1', phone1 = '$phone1', phone2 = '$phone2', g_maps = '$g_maps', facebook = '$facebook', instagram = '$instagram', twitter = '$twitter', youtube = '$youtube', website = '$website', image = '$image', image1 = '$image1', image2 = '$image2', image3 = '$image3', image4 = '$image4', image5 = '$image5', image6 = '$image6', summ1 = '$summ1', summ2 = '$summ2', summ3 = '$summ3', summ4 = '$summ4', summ5 = '$summ5', summ6 = '$summ6' WHERE id = '$id'";
//use for MySQLi OOP
if(mysqli_query($mysqli, $sql)){
$_SESSION['success'] = ''.$title.' updated successfully';
}
else{
$_SESSION['error'] = 'Something went wrong while updating '.$title.'!';
}
}
header('location: ../#nav_'.$id.'');
?>