/var/www/hkosl.com/kelvin/webadmin/banner_modify.php

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130

<?php
include 'config.php';

// Check if the user is logged in

if ((!isSet($_SESSION['loginname'])) || ($loggin <> '1'))
{
header("Location: login.php");
exit;
}
?>
<?php require("configure.php");
require("function_resizethumb.php"); 

$bannerid         check_input($_POST["bannerid"]);
//$bannerimgalten    = check_input($_POST["bannerimgalten"]);
//$bannerimgalttc    = check_input($_POST["bannerimgalttc"]);
$bannerlinken    check_input($_POST["bannerlinken"]);
$bannerlinktc    check_input($_POST["bannerlinktc"]);
$nowdate         date("Y-m-d H:i:s");
//print_r($_POST);
    $belongpage    check_input($_POST["belongpage"]);
    $belongcatid    check_input($_POST["belongcatid"]);
//Delete execiting Image file
$result            mysql_query("SELECT * FROM banner WHERE bannerid="$bannerid ." ");
$row            mysql_fetch_array($result,MYSQL_ASSOC);
if($_FILES['bannerimgen']['name'] <> '' or $_POST['delimageen'] > ){
    unlink("../images/banner/".$row['bannerimgen']);
    $sql "update banner set bannerimgen='' ";
    $sql .= " where bannerid="$bannerid ." ";
    mysql_query($sql);
}
if($_FILES['bannerimgtc']['name'] <> '' or $_POST['delimagetc'] > ){
    unlink("../images/banner/".$row['bannerimgtc']);
    $sql "update banner set bannerimgtc='' ";
    $sql .= " where bannerid="$bannerid ." ";
    mysql_query($sql);
}

    // Upload File
    $filelimit 1048576//Filelimit in 2MB
    if ($_FILES['bannerimgtc']['name'] <> '')
    {
        if ($_FILES['bannerimgtc']['size'] < $filelimit ){

            if (($_FILES["bannerimgtc"]["type"] == "image/gif") || ($_FILES["bannerimgtc"]["type"] == "image/GIF") || ($_FILES["bannerimgtc"]["type"] == "image/jpg") || ($_FILES["bannerimgtc"]["type"] == "image/JPG") || ($_FILES["bannerimgtc"]["type"] == "image/jpeg") || ($_FILES["bannerimgtc"]["type"] == "image/JPEG") || ($_FILES["bannerimgtc"]["type"] == "image/pjpeg") || ($_FILES["bannerimgtc"]["type"] == "image/PJEG") || ($_FILES["bannerimgtc"]["type"] == "image/png") || ($_FILES["bannerimgtc"]["type"] == "image/x-png") || ($_FILES["bannerimgtc"]["type"] == "image/PNG") || ($_FILES["bannerimgtc"]["type"] == "image/X-PNG"))
            {
                move_uploaded_file  ($_FILES['bannerimgtc']['tmp_name'], "../images/banner/id_tc_".$bannerid.$_FILES['bannerimgtc']['name'])
                or die ("Could not copy the file");

                $bannerimgtcimg "../images/banner/id_tc_".$bannerid.$_FILES['bannerimgtc']['name'];
                //createthumb($bannerimgtcimg, $bannerimgtcimg, 980, 310);

                $bannerimgtc "id_tc_".$bannerid.$_FILES['bannerimgtc']['name'];
            }

        }
        else
        {
            // upload error
            ?>
            <script language="javascript">
                alert("Files must be JPEG, GIF, or PNG and under 2MB in size");
                history.back();
            </script>
            <?php
            exit;
        }

    }
    else
    {
        $bannerimgtc "";
    }

    if ($_FILES['bannerimgen']['name'] <> '')
    {
        if ($_FILES['bannerimgen']['size'] < $filelimit ){

            if (($_FILES["bannerimgen"]["type"] == "image/gif") || ($_FILES["bannerimgen"]["type"] == "image/GIF") || ($_FILES["bannerimgen"]["type"] == "image/jpg") || ($_FILES["bannerimgen"]["type"] == "image/JPG") || ($_FILES["bannerimgen"]["type"] == "image/jpeg") || ($_FILES["bannerimgen"]["type"] == "image/JPEG") || ($_FILES["bannerimgen"]["type"] == "image/pjpeg") || ($_FILES["bannerimgen"]["type"] == "image/PJEG") || ($_FILES["bannerimgen"]["type"] == "image/png") || ($_FILES["bannerimgen"]["type"] == "image/x-png") || ($_FILES["bannerimgen"]["type"] == "image/PNG") || ($_FILES["bannerimgen"]["type"] == "image/X-PNG"))
            {
                move_uploaded_file  ($_FILES['bannerimgen']['tmp_name'], "../images/banner/id_en_".$bannerid.$_FILES['bannerimgen']['name'])
                or die ("Could not copy the file");

                $bannerimgenimg "../images/banner/id_en_".$bannerid.$_FILES['bannerimgen']['name'];
                //createthumb($bannerimgenimg, $bannerimgenimg, 980, 310);

                $bannerimgen "id_en_".$bannerid.$_FILES['bannerimgen']['name'];
            }

        }
        else
        {
            // upload error
            ?>
            <script language="javascript">
                alert("Files must be JPEG, GIF, or PNG and under 2MB in size");
                history.back();
            </script>
            <?php
            exit;
        }

    }
    else
    {
        $bannerimgen "";
    }



// Modify 
$sql "update banner set belongpage='$belongpage',belongcatid='$belongcatid',bannerlinken='$bannerlinken', bannerlinktc='$bannerlinktc', lastupdate='$nowdate', lastupby='".$_SESSION['cmsloginid']."' ";
if ($bannerimgen <> '' or $_POST['delimageen'] > )
    $sql .= ", bannerimgen='$bannerimgen' ";
if ($bannerimgtc <> '' or $_POST['delimagetc'] > )
    $sql .= ", bannerimgtc='$bannerimgtc' ";
$sql .= " where bannerid="$bannerid ." ";

mysql_query($sql);

if( mysql_errno() > ){
    echo 'Modify Banner Error:<br />'mysql_error() .'<br />SQL: '$sql;
    exit;
}

mysql_close($dbh);
    $menuid=$belongpage;
header("Location: banner_index.php?menuid=$menuid&msg=Modify Successful");
?>