1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
|
<?php
require_once('check_login.php');
require_once("function_cropimg.php");
require_once("mime_type_lib.php");
$message = "";
foreach ($arraylangcode as $langcode => $langname) {
if (empty($_POST["name_" . $langcode])) {
$message .= "Please enter name [" . $langname . "].\\n\\n";
}
}
if(empty($_POST["user_login"])){
$message .= "Please select user login.\\n\\n";
}else{
if($_POST["user_login"] == "REQUEST_LOGIN"){
}else{
}
}
if (empty($_POST["start_date"])) {
$message .= "Please enter start date.\\n\\n";
}
if (empty($_POST["end_date"])) {
$message .= "Please enter end date.\\n\\n";
}
if (!empty($_POST["start_date"]) && !empty($_POST["end_date"])) {
if (!validateDate($_POST["start_date"], 'Y-m-d')) {
$message .= "Start date format is wrong.\\n\\n";
}
if (!validateDate($_POST["end_date"], 'Y-m-d')) {
$message .= "End date format is wrong.\\n\\n";
}
if (validateDate($_POST["start_date"], 'Y-m-d') && validateDate($_POST["end_date"], 'Y-m-d')) {
if ($_POST["start_date"] > $_POST["end_date"]) {
$message .= "Start date should be earlier than end date.\\n\\n";
}
}
}
if (!empty($message)) {
echo "<script>alert('" . $message . "'); history.back();</script>";
exit;
}
// Upload slide img
$background_img = "";
$filelimit = 2 * 1048576; //Filelimit in 2MB
if ($_FILES["background_img"]['name'] <> '') {
if ($_FILES["background_img"]['size'] < $filelimit) {
//check if image type is valid or not
$mime = get_file_mime_type($_FILES["background_img"]['name']);
if (($mime == "image/gif") || ($mime == "image/jpeg") || ($mime == "image/png")) {
//check file resolution
if(!check_image_resolution($_FILES["background_img"]['tmp_name'])){
echo '<script language="javascript">
alert("The resolution of this image is too large. Please resize it before uploading to server.");
history.back();
</script>';
exit;
}
$filename = $_FILES["background_img"]['name'];
preg_match("/\.([^\.]+)$/", $filename, $file_ext);
$newfilename = random_string() . "." . $file_ext[1]; // default length 8
move_uploaded_file($_FILES["background_img"]['tmp_name'], "../images/" . $newfilename) or die ("Could not copy the file");
/*$img_path = "../images/slideshow/" . $newfilename;
if ($slidetype == 1) {
createthumb($img_path, $img_path, 2620, 800);
} else {
createthumb($img_path, $img_path, 400, 170);
}*/
$background_img = $newfilename;
} else {
echo '<script language="javascript">
alert("Files must be JPEG, GIF, or PNG and under 2MB in size");
history.back();
</script>';
exit;
}
} else {
echo '<script language="javascript">
alert("Files must be JPEG, GIF, or PNG and under 2MB in size");
history.back();
</script>';
exit;
}
} else {
$background_img = "";
}
$sql = "insert into campaign (start_date, end_date, user_login, background_img, createdate, createby, lastupdate, lastupby) values (?,?,?,?,?,?,?,?)";
$parameters = array($_POST["start_date"], $_POST["end_date"], $_POST["user_login"], $background_img, $nowdate, $_SESSION['cmsloginid'], $nowdate, $_SESSION['cmsloginid']);
bind_pdo($sql, $parameters);
$id = $dbh->lastInsertId();
$sql = "update campaign set ";
$parameters = array();
foreach ($arraylangcode as $langcode => $langname) {
$sql .= "name_" . $langcode . "=?, desc1_" . $langcode . "=?,desc2_" . $langcode . "=?,desc3_" . $langcode . "=?,desc4_" . $langcode . "=?,desc5_" . $langcode . "=?,";
$parameters[] = $_POST["name_" . $langcode];
$parameters[] = $_POST["desc1_" . $langcode];
$parameters[] = $_POST["desc2_" . $langcode];
$parameters[] = $_POST["desc3_" . $langcode];
$parameters[] = $_POST["desc4_" . $langcode];
$parameters[] = $_POST["desc5_" . $langcode];
}
$sql = substr_replace($sql, " ", -1);
$sql .= "where id = ?";
$parameters[] = $id;
bind_pdo($sql, $parameters);
//header("Location: campaign_index.php?msg=1");
header("Location: survey_form_modifyform.php?campaign_id=" . $id);
|