1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
<?php
include 'config.php';
// Check if the user is logged in
if ((!isSet($_SESSION['loginname'])) || ($loggin <> '1'))
{
header("Location: login.php");
exit;
}
require("configure.php");
$bannerid = htmlspecialchars($_POST["bannerid"],ENT_QUOTES);
if( (!empty($_POST["menuid"])) && (empty($_POST["footpageid"])) ){
$menuid = htmlspecialchars($_POST["menuid"],ENT_QUOTES);
$type = 'mainmenu';
$typeimage = 'm_'.$menuid;
} else if( (empty($_POST["menuid"])) && (!empty($_POST["footpageid"])) ){
$footpageid = htmlspecialchars($_POST["footpageid"],ENT_QUOTES);
$type = 'footpage';
$typeimage = 'f_'.$footpageid;
}
$bannertarget = htmlspecialchars($_POST["bannertarget"],ENT_QUOTES);
$bannerlinken = htmlspecialchars($_POST["bannerlinken"],ENT_QUOTES);
$bannerlinktc = htmlspecialchars($_POST["bannerlinktc"],ENT_QUOTES);
$bannerlinksc = htmlspecialchars($_POST["bannerlinksc"],ENT_QUOTES);
$nowdate = date("Y-m-d H:i:s");
//print_r($_POST);
// Upload File
if ($_FILES['bannerimageen']['name'] <> '')
{
if (($_FILES["bannerimageen"]["type"] == "image/bmp") || ($_FILES["bannerimageen"]["type"] == "image/BMP") || ($_FILES["bannerimageen"]["type"] == "image/gif") || ($_FILES["bannerimageen"]["type"] == "image/GIF") || ($_FILES["bannerimageen"]["type"] == "image/jpg") || ($_FILES["bannerimageen"]["type"] == "image/JPG") || ($_FILES["bannerimageen"]["type"] == "image/jpeg") || ($_FILES["bannerimageen"]["type"] == "image/JPEG") || ($_FILES["bannerimageen"]["type"] == "image/pjpeg") || ($_FILES["bannerimageen"]["type"] == "image/PJEG") || ($_FILES["bannerimageen"]["type"] == "image/png") || ($_FILES["bannerimageen"]["type"] == "image/x-png") || ($_FILES["bannerimageen"]["type"] == "image/PNG") || ($_FILES["bannerimageen"]["type"] == "image/X-PNG"))
{
copy ($_FILES['bannerimageen']['tmp_name'], "../banner/".$typeimage."_id_".$bannerid."_en_".$_FILES['bannerimageen']['name'])
or die ("Could not copy the file: Banner");
$bannerimageen = $typeimage."_id_".$bannerid."_en_".$_FILES['bannerimageen']['name'];
}
else
{
// upload error
?>
<script language="javascript">
alert("Files must be BMP, JPEG, GIF, or PNG");
history.back();
</script>
<?php
exit;
}
}
else
{
$bannerimageen = "";
}
if ($_FILES['bannerimagetc']['name'] <> '')
{
if (($_FILES["bannerimagetc"]["type"] == "image/bmp") || ($_FILES["bannerimagetc"]["type"] == "image/BMP") || ($_FILES["bannerimagetc"]["type"] == "image/gif") || ($_FILES["bannerimagetc"]["type"] == "image/GIF") || ($_FILES["bannerimagetc"]["type"] == "image/jpg") || ($_FILES["bannerimagetc"]["type"] == "image/JPG") || ($_FILES["bannerimagetc"]["type"] == "image/jpeg") || ($_FILES["bannerimagetc"]["type"] == "image/JPEG") || ($_FILES["bannerimagetc"]["type"] == "image/pjpeg") || ($_FILES["bannerimagetc"]["type"] == "image/PJEG") || ($_FILES["bannerimagetc"]["type"] == "image/png") || ($_FILES["bannerimagetc"]["type"] == "image/x-png") || ($_FILES["bannerimagetc"]["type"] == "image/PNG") || ($_FILES["bannerimagetc"]["type"] == "image/X-PNG"))
{
copy ($_FILES['bannerimagetc']['tmp_name'], "../banner/".$typeimage."_id_".$bannerid."_tc_".$_FILES['bannerimagetc']['name'])
or die ("Could not copy the file: Banner");
$bannerimagetc = $typeimage."_id_".$bannerid."_tc_".$_FILES['bannerimagetc']['name'];
}
else
{
// upload error
?>
<script language="javascript">
alert("Files must be BMP, JPEG, GIF, or PNG");
history.back();
</script>
<?php
exit;
}
}
else
{
$bannerimagetc = "";
}
if ($_FILES['bannerimagesc']['name'] <> '')
{
if (($_FILES["bannerimagesc"]["type"] == "image/bmp") || ($_FILES["bannerimagesc"]["type"] == "image/BMP") || ($_FILES["bannerimagesc"]["type"] == "image/gif") || ($_FILES["bannerimagesc"]["type"] == "image/GIF") || ($_FILES["bannerimagesc"]["type"] == "image/jpg") || ($_FILES["bannerimagesc"]["type"] == "image/JPG") || ($_FILES["bannerimagesc"]["type"] == "image/jpeg") || ($_FILES["bannerimagesc"]["type"] == "image/JPEG") || ($_FILES["bannerimagesc"]["type"] == "image/pjpeg") || ($_FILES["bannerimagesc"]["type"] == "image/PJEG") || ($_FILES["bannerimagesc"]["type"] == "image/png") || ($_FILES["bannerimagesc"]["type"] == "image/x-png") || ($_FILES["bannerimagesc"]["type"] == "image/PNG") || ($_FILES["bannerimagesc"]["type"] == "image/X-PNG"))
{
copy ($_FILES['bannerimagesc']['tmp_name'], "../banner/".$typeimage."_id_".$bannerid."_sc_".$_FILES['bannerimagesc']['name'])
or die ("Could not copy the file: Banner");
$bannerimagesc = $typeimage."_id_".$bannerid."_sc_".$_FILES['bannerimagesc']['name'];
}
else
{
// upload error
?>
<script language="javascript">
alert("Files must be BMP, JPEG, GIF, or PNG");
history.back();
</script>
<?php
exit;
}
}
else
{
$bannerimagesc = "";
}
// Modify
$sql = "update banner set bannerlinken='$bannerlinken', bannerlinktc='$bannerlinktc', bannerlinksc='$bannerlinksc', bannertarget='$bannertarget', modifyday='$nowdate', cmsloginid='".$_SESSION['cmsloginid']."' ";
if ($bannerimageen <> '')
$sql .= ", bannerimageen='$bannerimageen' ";
if ($bannerimagetc <> '')
$sql .= ", bannerimagetc='$bannerimagetc' ";
if ($bannerimagesc <> '')
$sql .= ", bannerimagesc='$bannerimagesc' ";
$sql .= " where bannerid=". $bannerid ." ";
mysql_query($sql);
if( mysql_errno() > 0 ){
echo 'Modify Banner Error:<br />'. mysql_error() .'<br />SQL: '. $sql;
exit;
}
mysql_close($dbh);
header("Location: banner_index.php?menuid=".$menuid."&footpageid=".$footpageid."&msg=Modify Successful");
?>
|