ikan Uploader :
Directory : /home/ni05r7l36tus/.trash/sabksolutions.com/admin/
Upload File : |
| Current File : /home/ni05r7l36tus/.trash/sabksolutions.com/admin/function.php |
<?php
include "connection/config.php";
//login //
if (isset($_REQUEST['login'])) {
$username = mysqli_real_escape_string($mysqli, $_POST['username']);
$password = mysqli_real_escape_string($mysqli, $_POST['password']);
// Query the database
$sql = "SELECT * FROM login WHERE username='$username' AND password='$password'";
$result = $mysqli->query($sql);
if ($result->num_rows > 0) {
session_start();
$_SESSION['loggedin'] = true;
$_SESSION['username'] = $username;
header("Location: index.php");
} else {
header("Location: login.php");
}
}
////-----------add blog-----//////
if(isset($_REQUEST['add_blog']))
{
if(isset($_REQUEST['author']))
{
$author=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['author']));
}
if(isset($_REQUEST['type1']))
{
$type1=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['type1']));
}
if(isset($_REQUEST['type2']))
{
$type2=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['type2']));
}
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if (isset($_REQUEST['category'])) {
$category = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['category']));
}
if(isset($_REQUEST['pagetitle']))
{
$pagetitle=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['pagetitle']));
}
if (isset($_REQUEST['description'])) {
$description = strip_tags($_REQUEST['description']);
$description = htmlentities($description);
$description = mysqli_real_escape_string($mysqli, $description);
}
if(isset($_REQUEST['addate']))
{
$addate=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['addate']));
}
if(isset($_REQUEST['slug']))
{
$slug=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['slug']));
}
if(isset($_REQUEST['keyword']))
{
$keyword=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['keyword']));
}
if(isset($_REQUEST['seodescription']))
{
$seodescription = strip_tags($_REQUEST['seodescription']);
$seodescription = htmlentities($seodescription);
$seodescription = mysqli_real_escape_string($mysqli, $seodescription);
}
if (isset($_FILES['docFile']['name']) && $_FILES['docFile']['name'] != "") {
$file_dir = "upload/";
$file_name = $_FILES['docFile']['name'];
$file_tmp = $_FILES['docFile']['tmp_name'];
$file_extn = strtolower(pathinfo($file_name, PATHINFO_EXTENSION));
if ($file_extn == "docx") {
$new_file_name = rand(100,999) . time() . '.' . $file_extn;
$file_path = $file_dir . $new_file_name;
if (move_uploaded_file($file_tmp, $file_path)) {
$file = $new_file_name;
// Optional: Delete old file
if (!empty($_POST['hidden_file']) && file_exists("upload/" . $_POST['hidden_file'])) {
unlink("upload/" . $_POST['hidden_file']);
}
} else {
echo "ERROR: File upload failed.";
exit();
}
} else {
echo "ERROR: Only .docx files are allowed.";
exit();
}
} else {
$file = $_POST['hidden_file']; // Use existing file if no new upload
}
if( isset($_FILES['blogimage']['name']) && $_FILES['blogimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['blogimage']['name'];
$image_tmp=$_FILES['blogimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
$add_blog=$mysqli->query("INSERT INTO `blog` (`author`,`type1`,`type2`,`title`,`cat_id`,`pagetitle`,`description`,`image`,`date`,`slug`,`keyword`,`metadescription`,`file`) VALUES ('$author','$type1','$type2','$title','$category','$pagetitle','$description','$image_name','$addate','$slug','$keyword','$seodescription','$file')");
if ($add_blog) {
header("location:blog.php");
}else{
header("location:add_blog.php");
}
}
//------Update Blogs------///
if(isset($_REQUEST['update_blog']))
{
$id=$_REQUEST['id'];
if(isset($_REQUEST['author']))
{
$author=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['author']));
}
if(isset($_REQUEST['type1']))
{
$type1=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['type1']));
}
if(isset($_REQUEST['type2']))
{
$type2=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['type2']));
}
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if (isset($_REQUEST['category'])) {
$category = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['category']));
}
if(isset($_REQUEST['pagetitle']))
{
$pagetitle=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['pagetitle']));
}
if (isset($_FILES['docFile']['name']) && $_FILES['docFile']['name'] != "") {
$file_dir = "upload/";
$file_name = $_FILES['docFile']['name'];
$file_tmp = $_FILES['docFile']['tmp_name'];
$file_extn = strtolower(pathinfo($file_name, PATHINFO_EXTENSION));
if ($file_extn == "docx") {
$new_file_name = rand(100,999) . time() . '.' . $file_extn;
$file_path = $file_dir . $new_file_name;
if (move_uploaded_file($file_tmp, $file_path)) {
$file = $new_file_name;
// Optional: Delete old file
if (!empty($_POST['hidden_file']) && file_exists("upload/" . $_POST['hidden_file'])) {
unlink("upload/" . $_POST['hidden_file']);
}
} else {
echo "ERROR: File upload failed.";
exit();
}
} else {
echo "ERROR: Only .docx files are allowed.";
exit();
}
} else {
$file = $_POST['hidden_file']; // Use existing file if no new upload
}
if (isset($_REQUEST['description'])) {
$description = strip_tags($_REQUEST['description']);
$description = htmlentities($description);
$description = mysqli_real_escape_string($mysqli, $description);
}
if(isset($_REQUEST['addate']))
{
$addate=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['addate']));
}
if(isset($_REQUEST['slug']))
{
$slug=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['slug']));
}
if(isset($_REQUEST['keyword']))
{
$keyword=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['keyword']));
}
if(isset($_REQUEST['seodescription']))
{
$seodescription = strip_tags($_REQUEST['seodescription']);
$seodescription = htmlentities($seodescription);
$seodescription = mysqli_real_escape_string($mysqli, $seodescription);
}
if( isset($_FILES['image']['name']) && $_FILES['image']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['image']['name'];
$image_tmp=$_FILES['image']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
else
{
$image_name=$_POST['hidden_image'];
}
$update_blog=$mysqli->query("UPDATE `blog` SET `author`='$author',`type1`='$type1',`type2`='$type2',`title`='$title',`cat_id`='$category',`pagetitle`='$pagetitle',`description`='$description',`file`='$file',`image`='$image_name',`date`='$addate',`slug`='$slug',`keyword`='$keyword',`metadescription`='$seodescription' WHERE `id`='$id'");
if($update_blog)
{
header("location:blog.php");
}
else{
echo "Blog Has not Update";
}
}
///----delete image of blog-----///
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_blog')
{
$id=$_GET['id'];
$sql4=$mysqli->query("select * from `blog` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$img_name = $row['image'];
unlink("upload/$img_name");
$sql_slider =$mysqli->query("delete from `blog` where `id`='$id'");
if ($sql_slider==true) {
header("location:blog.php");
}
}
////-----------add homegallery-----//////
if(isset($_REQUEST['add_homegallery']))
{
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if( isset($_FILES['homegalleryimage']['name']) && $_FILES['homegalleryimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['homegalleryimage']['name'];
$image_tmp=$_FILES['homegalleryimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
$add_gallery=$mysqli->query("INSERT INTO `homepage_gallery` (`name`,`image`) VALUES ('$title','$image_name')");
if ($add_gallery) {
header("location:homegallery.php");
}else{
header("location:add_homegallery.php");
}
}
//------Update homegallery------///
if(isset($_REQUEST['update_homegallery']))
{
$id=$_REQUEST['id'];
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if( isset($_FILES['homegalleryimage']['name']) && $_FILES['homegalleryimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['homegalleryimage']['name'];
$image_tmp=$_FILES['homegalleryimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
else
{
$image_name=$_POST['hidden_image'];
}
$update_offer=$mysqli->query("UPDATE `homepage_gallery` SET `name`='$title', `image`='$image_name' WHERE `id`='$id'");
if($update_offer)
{
header("location:homegallery.php");
}
else{
echo "gallery Has not Update";
}
}
///----delete image of homegallery-----///
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_homegallery')
{
$id=$_GET['id'];
$sql4=$mysqli->query("select * from `homepage_gallery` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$img_name = $row['image'];
unlink("upload/$img_name");
$sql_slider =$mysqli->query("delete from `homepage_gallery` where `id`='$id'");
if ($sql_slider==true) {
header("location:homegallery.php");
}
}
////-----------add highlightimage-----//////
if(isset($_REQUEST['add_highlightimage']))
{
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if( isset($_FILES['highlightimageimage']['name']) && $_FILES['highlightimageimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['highlightimageimage']['name'];
$image_tmp=$_FILES['highlightimageimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
$add_gallery=$mysqli->query("INSERT INTO `highlight_images` (`name`,`image`) VALUES ('$title','$image_name')");
if ($add_gallery) {
header("location:highlightimage.php");
}else{
header("location:add_highlightimage.php");
}
}
//------Update homegallery------///
if(isset($_REQUEST['update_highlightimage']))
{
$id=$_REQUEST['id'];
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if( isset($_FILES['highlightimageimage']['name']) && $_FILES['highlightimageimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['highlightimageimage']['name'];
$image_tmp=$_FILES['highlightimageimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
else
{
$image_name=$_POST['hidden_image'];
}
$update_offer=$mysqli->query("UPDATE `highlight_images` SET `name`='$title', `image`='$image_name' WHERE `id`='$id'");
if($update_offer)
{
header("location:highlightimage.php");
}
else{
echo "gallery Has not Update";
}
}
///----delete image of homegallery-----///
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_highlightimage')
{
$id=$_GET['id'];
$sql4=$mysqli->query("select * from `highlight_images` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$img_name = $row['image'];
unlink("upload/$img_name");
$sql_slider =$mysqli->query("delete from `highlight_images` where `id`='$id'");
if ($sql_slider==true) {
header("location:highlightimage.php");
}
}
////-----------Add service-----//////
if (isset($_REQUEST['add_service'])) {
if (isset($_REQUEST['title'])) {
$title = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['title']));
}
if (isset($_REQUEST['pagetitle'])) {
$pagetitle = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['pagetitle']));
}
if (isset($_REQUEST['icon'])) {
$icon = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['icon']));
}
if (isset($_REQUEST['description'])) {
$description = strip_tags($_REQUEST['description']);
$description = htmlentities($description);
$description = mysqli_real_escape_string($mysqli, $description);
}
if (isset($_REQUEST['shortdescription'])) {
$shortdescription = strip_tags($_REQUEST['shortdescription']);
$shortdescription = htmlentities($shortdescription);
$shortdescription = mysqli_real_escape_string($mysqli, $shortdescription);
}
if(isset($_REQUEST['slug']))
{
$slug=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['slug']));
}
if(isset($_REQUEST['keyword']))
{
$keyword=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['keyword']));
}
if (isset($_REQUEST['seodescription'])) {
$seodescription = strip_tags($_REQUEST['seodescription']);
$seodescription = htmlentities($seodescription);
$seodescription = mysqli_real_escape_string($mysqli, $seodescription);
}
// Handling the primary image upload
if (isset($_FILES['serviceimage']['name']) && $_FILES['serviceimage']['name'] != "") {
$dir = "upload/";
$image = $_FILES['serviceimage']['name'];
$image_tmp = $_FILES['serviceimage']['tmp_name'];
$image_extn = pathinfo($image, PATHINFO_EXTENSION);
$image_name = rand(10, 100) . time() . '.' . $image_extn;
$moveResult = move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult !== true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
} else {
echo "No primary image uploaded.";
exit();
}
// Inserting the service details into the database
$add_service = $mysqli->query("INSERT INTO `service` (`title`, `icon`, `description`, `image`,`short_description`,`page_title`,`slug`,`keyword`,`metadescription`) VALUES ('$title', '$icon', '$description', '$image_name','$shortdescription','$pagetitle','$slug','$keyword','$seodescription')");
if ($add_service) {
// Redirecting after successful insert
header("location: service.php");
} else {
header("location: add_service.php");
}
}
//------add video links ------///
if(isset($_REQUEST['add_video']))
{
if (isset($_REQUEST['category'])) {
$category = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['category']));
}
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
$add_indoor=$mysqli->query("INSERT INTO `video` (`cat_id`,`link`) VALUES ('$category','$title')");
if($add_indoor){
header("location:video.php");
}
else{
header("location:add_video.php");
}
}
//------add outdoor equipments------///
if(isset($_REQUEST['add_outdoor']))
{
$id=$_REQUEST['cat_id'];
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
$add_indoor=$mysqli->query("INSERT INTO `video` (`cat_id`,`video`) VALUES ('$id','$title')");
if($add_indoor){
header("location:outdoor.php?cat_id=$id");
}
else{
header("location:add_service.php");
}
}
//------update indoor equipments------///
if(isset($_REQUEST['update_indoors']))
{
echo $id=$_REQUEST['id'];
echo $cat_id=$_REQUEST['cat_id'];
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
// echo "UPDATE `video` SET `video`='$title' WHERE `id`='$id'";
// die();
$add_indoor=$mysqli->query("UPDATE `video` SET `video`='$title' WHERE `id`='$id'");
if($add_indoor){
header("location:indoor.php?id=$id&cat_id=$cat_id&action=edit_indoor");
}
else{
header("location:index.php");
}
}
//------update outdoor equipments------///
if(isset($_REQUEST['update_video']))
{
$id=$_REQUEST['id'];
if(isset($_REQUEST['category']))
{
$category=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['category']));
}
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
$add_indoor=$mysqli->query("UPDATE `video` SET `link`='$title',`cat_id`='$category' WHERE `id`='$id'");
if($add_indoor){
header("location:video.php");
}
else{
header("location:index.php");
}
}
///----delete indoor-----///
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_indoor')
{
$id=$_GET['id'];
$cat_id=$_REQUEST['cat_id'];
$sql4=$mysqli->query("select * from `video` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$img_name = $row['image'];
unlink("upload/$img_name");
$sql_slider =$mysqli->query("delete from `video` where `id`='$id'");
if ($sql_slider==true) {
header("location:add_service.php?id=$cat_id&action=update_service");
}
}
///----delete outdoor-----///
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_outdoor')
{
$id=$_GET['id'];
$cat_id=$_REQUEST['cat_id'];
$sql4=$mysqli->query("select * from `video` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$img_name = $row['image'];
unlink("upload/$img_name");
$sql_slider =$mysqli->query("delete from `video` where `id`='$id'");
if ($sql_slider==true) {
header("location:add_service.php?id=$cat_id&action=update_service");
}
}
//------Update service------///
if(isset($_REQUEST['update_service']))
{
$id=$_REQUEST['id'];
if (isset($_REQUEST['title'])) {
$title = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['title']));
}
if (isset($_REQUEST['pagetitle'])) {
$pagetitle = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['pagetitle']));
}
if (isset($_REQUEST['icon'])) {
$icon = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['icon']));
}
if (isset($_REQUEST['description'])) {
$description = $_REQUEST['description'];
$description = mysqli_real_escape_string($mysqli, $description);
}
if (isset($_REQUEST['shortdescription'])) {
$shortdescription = strip_tags($_REQUEST['shortdescription']);
$shortdescription = htmlentities($shortdescription);
$shortdescription = mysqli_real_escape_string($mysqli, $shortdescription);
}
if(isset($_REQUEST['slug']))
{
$slug=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['slug']));
}
if(isset($_REQUEST['keyword']))
{
$keyword=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['keyword']));
}
if (isset($_REQUEST['seodescription'])) {
$seodescription = strip_tags($_REQUEST['seodescription']);
$seodescription = htmlentities($seodescription);
$seodescription = mysqli_real_escape_string($mysqli, $seodescription);
}
if( isset($_FILES['serviceimage']['name']) && $_FILES['serviceimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['serviceimage']['name'];
$image_tmp=$_FILES['serviceimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
else
{
$image_name=$_POST['hidden_image'];
}
$update_service=$mysqli->query("UPDATE `service` SET `title`='$title',`page_title`='$pagetitle',`short_description`='$shortdescription',`icon`='$icon',`description`='$description', `image`='$image_name',`slug`='$slug',`keyword`='$keyword',`metadescription`='$seodescription' WHERE `id`='$id'");
if ($update_service) {
header("location:service.php");
}else{
header("location:add_service.php");
}
}
///----delete image of service-----///
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_service')
{
$id=$_GET['id'];
$sql4=$mysqli->query("select * from `service` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$img_name = $row['image'];
unlink("upload/$img_name");
$sql_slider =$mysqli->query("delete from `service` where `id`='$id'");
if ($sql_slider==true) {
header("location:service.php");
}
}
///----delete multiple images -----///
if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'delete_image') {
$id = $_REQUEST['id'];
$result = $mysqli->query("SELECT image FROM gallery WHERE id = '$id'");
$row = mysqli_fetch_assoc($result);
$imagePath = "upload/" . $row['image'];
if (file_exists($imagePath)) {
unlink($imagePath);
$delete = $mysqli->query("DELETE FROM gallery WHERE id = '$id'");
if ($delete) {
echo "success";
}
else {
echo "error" ;
}
}
}
////-----------Add solution-----//////
if (isset($_REQUEST['add_solution'])) {
if (isset($_REQUEST['title'])) {
$title = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['title']));
}
if (isset($_REQUEST['pagetitle'])) {
$pagetitle = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['pagetitle']));
}
if (isset($_REQUEST['icon'])) {
$icon = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['icon']));
}
if (isset($_REQUEST['description'])) {
$description = strip_tags($_REQUEST['description']);
$description = htmlentities($description);
$description = mysqli_real_escape_string($mysqli, $description);
}
if (isset($_REQUEST['shortdescription'])) {
$shortdescription = strip_tags($_REQUEST['shortdescription']);
$shortdescription = htmlentities($shortdescription);
$shortdescription = mysqli_real_escape_string($mysqli, $shortdescription);
}
if(isset($_REQUEST['slug']))
{
$slug=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['slug']));
}
if(isset($_REQUEST['keyword']))
{
$keyword=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['keyword']));
}
if (isset($_REQUEST['seodescription'])) {
$seodescription = strip_tags($_REQUEST['seodescription']);
$seodescription = htmlentities($seodescription);
$seodescription = mysqli_real_escape_string($mysqli, $seodescription);
}
// Handling the primary image upload
if (isset($_FILES['solutionimage']['name']) && $_FILES['solutionimage']['name'] != "") {
$dir = "upload/";
$image = $_FILES['solutionimage']['name'];
$image_tmp = $_FILES['solutionimage']['tmp_name'];
$image_extn = pathinfo($image, PATHINFO_EXTENSION);
$image_name = rand(10, 100) . time() . '.' . $image_extn;
$moveResult = move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult !== true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
} else {
echo "No primary image uploaded.";
exit();
}
// Inserting the service details into the database
$add_service = $mysqli->query("INSERT INTO `solution` (`title`, `icon`, `description`, `image`,`short_description`,`page_title`,`slug`,`keyword`,`metadescription`) VALUES ('$title', '$icon', '$description', '$image_name','$shortdescription','$pagetitle','$slug','$keyword','$seodescription')");
if ($add_service) {
// Redirecting after successful insert
header("location: solution.php");
} else {
header("location: add_solution.php");
}
}
//------Update solution------///
if(isset($_REQUEST['update_solution']))
{
$id=$_REQUEST['id'];
if (isset($_REQUEST['title'])) {
$title = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['title']));
}
if (isset($_REQUEST['pagetitle'])) {
$pagetitle = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['pagetitle']));
}
if (isset($_REQUEST['icon'])) {
$icon = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['icon']));
}
if (isset($_REQUEST['description'])) {
$description = strip_tags($_REQUEST['description']);
$description = htmlentities($description);
$description = mysqli_real_escape_string($mysqli, $description);
}
if (isset($_REQUEST['shortdescription'])) {
$shortdescription = strip_tags($_REQUEST['shortdescription']);
$shortdescription = htmlentities($shortdescription);
$shortdescription = mysqli_real_escape_string($mysqli, $shortdescription);
}
if(isset($_REQUEST['slug']))
{
$slug=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['slug']));
}
if(isset($_REQUEST['keyword']))
{
$keyword=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['keyword']));
}
if (isset($_REQUEST['seodescription'])) {
$seodescription = strip_tags($_REQUEST['seodescription']);
$seodescription = htmlentities($seodescription);
$seodescription = mysqli_real_escape_string($mysqli, $seodescription);
}
if( isset($_FILES['solutionimage']['name']) && $_FILES['solutionimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['solutionimage']['name'];
$image_tmp=$_FILES['solutionimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
else
{
$image_name=$_POST['hidden_image'];
}
$update_service=$mysqli->query("UPDATE `solution` SET `title`='$title',`page_title`='$pagetitle',`short_description`='$shortdescription',`icon`='$icon',`description`='$description', `image`='$image_name',`slug`='$slug',`keyword`='$keyword',`metadescription`='$seodescription' WHERE `id`='$id'");
if ($update_service) {
header("location:solution.php");
}else{
header("location:add_solution.php");
}
}
///----delete image of solution-----///
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_solution')
{
$id=$_GET['id'];
$sql4=$mysqli->query("select * from `solution` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$img_name = $row['image'];
unlink("upload/$img_name");
$sql_slider =$mysqli->query("delete from `solution` where `id`='$id'");
if ($sql_slider==true) {
header("location:solution.php");
}
}
////-----------Add departmentstaffed-----//////
if (isset($_REQUEST['add_departmentstaffed'])) {
if (isset($_REQUEST['title'])) {
$title = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['title']));
}
if (isset($_REQUEST['pagetitle'])) {
$pagetitle = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['pagetitle']));
}
if (isset($_REQUEST['icon'])) {
$icon = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['icon']));
}
if (isset($_REQUEST['description'])) {
$description = strip_tags($_REQUEST['description']);
$description = htmlentities($description);
$description = mysqli_real_escape_string($mysqli, $description);
}
if (isset($_REQUEST['shortdescription'])) {
$shortdescription = strip_tags($_REQUEST['shortdescription']);
$shortdescription = htmlentities($shortdescription);
$shortdescription = mysqli_real_escape_string($mysqli, $shortdescription);
}
if(isset($_REQUEST['slug']))
{
$slug=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['slug']));
}
if(isset($_REQUEST['keyword']))
{
$keyword=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['keyword']));
}
if (isset($_REQUEST['seodescription'])) {
$seodescription = strip_tags($_REQUEST['seodescription']);
$seodescription = htmlentities($seodescription);
$seodescription = mysqli_real_escape_string($mysqli, $seodescription);
}
// Handling the primary image upload
if (isset($_FILES['departmentstaffedimage']['name']) && $_FILES['departmentstaffedimage']['name'] != "") {
$dir = "upload/";
$image = $_FILES['departmentstaffedimage']['name'];
$image_tmp = $_FILES['departmentstaffedimage']['tmp_name'];
$image_extn = pathinfo($image, PATHINFO_EXTENSION);
$image_name = rand(10, 100) . time() . '.' . $image_extn;
$moveResult = move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult !== true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
} else {
echo "No primary image uploaded.";
exit();
}
// Inserting the service details into the database
$add_departmentstaffed = $mysqli->query("INSERT INTO `departmentstaffed` (`title`, `icon`, `description`, `image`,`short_description`,`page_title`,`slug`,`keyword`,`metadescription`) VALUES ('$title', '$icon', '$description', '$image_name','$shortdescription','$pagetitle','$slug','$keyword','$seodescription')");
if ($add_departmentstaffed) {
// Redirecting after successful insert
header("location:departmentstaffed.php");
} else {
header("location:add_departmentstaffed.php");
}
}
//------Update departmentstaffed------///
if(isset($_REQUEST['update_departmentstaffed']))
{
$id=$_REQUEST['id'];
if (isset($_REQUEST['title'])) {
$title = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['title']));
}
if (isset($_REQUEST['pagetitle'])) {
$pagetitle = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['pagetitle']));
}
if (isset($_REQUEST['icon'])) {
$icon = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['icon']));
}
if (isset($_REQUEST['description'])) {
$description = strip_tags($_REQUEST['description']);
$description = htmlentities($description);
$description = mysqli_real_escape_string($mysqli, $description);
}
if (isset($_REQUEST['shortdescription'])) {
$shortdescription = strip_tags($_REQUEST['shortdescription']);
$shortdescription = htmlentities($shortdescription);
$shortdescription = mysqli_real_escape_string($mysqli, $shortdescription);
}
if(isset($_REQUEST['slug']))
{
$slug=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['slug']));
}
if(isset($_REQUEST['keyword']))
{
$keyword=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['keyword']));
}
if (isset($_REQUEST['seodescription'])) {
$seodescription = strip_tags($_REQUEST['seodescription']);
$seodescription = htmlentities($seodescription);
$seodescription = mysqli_real_escape_string($mysqli, $seodescription);
}
if( isset($_FILES['departmentstaffedimage']['name']) && $_FILES['departmentstaffedimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['departmentstaffedimage']['name'];
$image_tmp=$_FILES['departmentstaffedimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
else
{
$image_name=$_POST['hidden_image'];
}
$update_service=$mysqli->query("UPDATE `departmentstaffed` SET `title`='$title',`page_title`='$pagetitle',`short_description`='$shortdescription',`icon`='$icon',`description`='$description', `image`='$image_name',`slug`='$slug',`keyword`='$keyword',`metadescription`='$seodescription' WHERE `id`='$id'");
if ($update_service) {
header("location:departmentstaffed.php");
}else{
header("location:add_departmentstaffed.php");
}
}
///----delete image of departmentstaffed-----///
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_departmentstaffed')
{
$id=$_GET['id'];
$sql4=$mysqli->query("select * from `departmentstaffed` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$img_name = $row['image'];
unlink("upload/$img_name");
$sql_slider =$mysqli->query("delete from `departmentstaffed` where `id`='$id'");
if ($sql_slider==true) {
header("location:departmentstaffed.php");
}
}
////-----------Add industryexpertise-----//////
if (isset($_REQUEST['add_industryexpertise'])) {
if (isset($_REQUEST['title'])) {
$title = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['title']));
}
if (isset($_REQUEST['pagetitle'])) {
$pagetitle = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['pagetitle']));
}
if (isset($_REQUEST['icon'])) {
$icon = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['icon']));
}
if (isset($_REQUEST['description'])) {
$description = strip_tags($_REQUEST['description']);
$description = htmlentities($description);
$description = mysqli_real_escape_string($mysqli, $description);
}
if (isset($_REQUEST['shortdescription'])) {
$shortdescription = strip_tags($_REQUEST['shortdescription']);
$shortdescription = htmlentities($shortdescription);
$shortdescription = mysqli_real_escape_string($mysqli, $shortdescription);
}
if(isset($_REQUEST['slug']))
{
$slug=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['slug']));
}
if(isset($_REQUEST['keyword']))
{
$keyword=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['keyword']));
}
if (isset($_REQUEST['seodescription'])) {
$seodescription = strip_tags($_REQUEST['seodescription']);
$seodescription = htmlentities($seodescription);
$seodescription = mysqli_real_escape_string($mysqli, $seodescription);
}
// Handling the primary image upload
if (isset($_FILES['industryexpertiseimage']['name']) && $_FILES['industryexpertiseimage']['name'] != "") {
$dir = "upload/";
$image = $_FILES['industryexpertiseimage']['name'];
$image_tmp = $_FILES['industryexpertiseimage']['tmp_name'];
$image_extn = pathinfo($image, PATHINFO_EXTENSION);
$image_name = rand(10, 100) . time() . '.' . $image_extn;
$moveResult = move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult !== true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
} else {
echo "No primary image uploaded.";
exit();
}
// Inserting the service details into the database
$add_industryexpertise = $mysqli->query("INSERT INTO `industryexpertise` (`title`, `icon`, `description`, `image`,`short_description`,`page_title`,`slug`,`keyword`,`metadescription`) VALUES ('$title', '$icon', '$description', '$image_name','$shortdescription','$pagetitle','$slug','$keyword','$seodescription')");
if ($add_industryexpertise) {
// Redirecting after successful insert
header("location: industryexpertise.php");
} else {
header("location: add_industryexpertise.php");
}
}
//------Update departmentstaffed------///
if(isset($_REQUEST['update_industryexpertise']))
{
$id=$_REQUEST['id'];
if (isset($_REQUEST['title'])) {
$title = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['title']));
}
if (isset($_REQUEST['pagetitle'])) {
$pagetitle = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['pagetitle']));
}
if (isset($_REQUEST['icon'])) {
$icon = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['icon']));
}
if (isset($_REQUEST['description'])) {
$description = strip_tags($_REQUEST['description']);
$description = htmlentities($description);
$description = mysqli_real_escape_string($mysqli, $description);
}
if (isset($_REQUEST['shortdescription'])) {
$shortdescription = strip_tags($_REQUEST['shortdescription']);
$shortdescription = htmlentities($shortdescription);
$shortdescription = mysqli_real_escape_string($mysqli, $shortdescription);
}
if(isset($_REQUEST['slug']))
{
$slug=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['slug']));
}
if(isset($_REQUEST['keyword']))
{
$keyword=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['keyword']));
}
if (isset($_REQUEST['seodescription'])) {
$seodescription = strip_tags($_REQUEST['seodescription']);
$seodescription = htmlentities($seodescription);
$seodescription = mysqli_real_escape_string($mysqli, $seodescription);
}
if( isset($_FILES['industryexpertiseimage']['name']) && $_FILES['industryexpertiseimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['industryexpertiseimage']['name'];
$image_tmp=$_FILES['industryexpertiseimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
else
{
$image_name=$_POST['hidden_image'];
}
$update_industryexpertise=$mysqli->query("UPDATE `industryexpertise` SET `title`='$title',`page_title`='$pagetitle',`short_description`='$shortdescription',`icon`='$icon',`description`='$description', `image`='$image_name',`slug`='$slug',`keyword`='$keyword',`metadescription`='$seodescription' WHERE `id`='$id'");
if ($update_industryexpertise) {
header("location:industryexpertise.php");
}else{
header("location:add_industryexpertise.php");
}
}
///----delete image of departmentstaffed-----///
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_industryexpertise')
{
$id=$_GET['id'];
$sql4=$mysqli->query("select * from `industryexpertise` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$img_name = $row['image'];
unlink("upload/$img_name");
$sql_slider =$mysqli->query("delete from `industryexpertise` where `id`='$id'");
if ($sql_slider==true) {
header("location:industryexpertise.php");
}
}
////-----------Add project-----//////
if (isset($_REQUEST['add_project'])) {
if (isset($_REQUEST['title'])) {
$title = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['title']));
}
if (isset($_REQUEST['pagetitle'])) {
$pagetitle = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['pagetitle']));
}
if (isset($_REQUEST['description'])) {
$description = strip_tags($_REQUEST['description']);
$description = htmlentities($description);
$description = mysqli_real_escape_string($mysqli, $description);
}
if (isset($_REQUEST['shortdescription'])) {
$shortdescription = strip_tags($_REQUEST['shortdescription']);
$shortdescription = htmlentities($shortdescription);
$shortdescription = mysqli_real_escape_string($mysqli, $shortdescription);
}
if(isset($_REQUEST['slug']))
{
$slug=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['slug']));
}
if(isset($_REQUEST['keyword']))
{
$keyword=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['keyword']));
}
if (isset($_REQUEST['seodescription'])) {
$seodescription = strip_tags($_REQUEST['seodescription']);
$seodescription = htmlentities($seodescription);
$seodescription = mysqli_real_escape_string($mysqli, $seodescription);
}
// Handling the primary image upload
if (isset($_FILES['projectimage']['name']) && $_FILES['projectimage']['name'] != "") {
$dir = "upload/";
$image = $_FILES['projectimage']['name'];
$image_tmp = $_FILES['projectimage']['tmp_name'];
$image_extn = pathinfo($image, PATHINFO_EXTENSION);
$image_name = rand(10, 100) . time() . '.' . $image_extn;
$moveResult = move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult !== true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
} else {
echo "No primary image uploaded.";
exit();
}
// Inserting the service details into the database
$add_service = $mysqli->query("INSERT INTO `project` (`title`, `description`, `image`,`short_description`,`page_title`,`slug`,`keyword`,`metadescription`) VALUES ('$title','$description', '$image_name','$shortdescription','$pagetitle','$slug','$keyword','$seodescription')");
if ($add_service) {
// Redirecting after successful insert
header("location: project.php");
} else {
header("location: add_project.php");
}
}
//------Update project------///
if(isset($_REQUEST['update_project']))
{
$id=$_REQUEST['id'];
if (isset($_REQUEST['title'])) {
$title = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['title']));
}
if (isset($_REQUEST['pagetitle'])) {
$pagetitle = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['pagetitle']));
}
if (isset($_REQUEST['description'])) {
$description = strip_tags($_REQUEST['description']);
$description = htmlentities($description);
$description = mysqli_real_escape_string($mysqli, $description);
}
if (isset($_REQUEST['shortdescription'])) {
$shortdescription = strip_tags($_REQUEST['shortdescription']);
$shortdescription = htmlentities($shortdescription);
$shortdescription = mysqli_real_escape_string($mysqli, $shortdescription);
}
if(isset($_REQUEST['slug']))
{
$slug=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['slug']));
}
if(isset($_REQUEST['keyword']))
{
$keyword=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['keyword']));
}
if (isset($_REQUEST['seodescription'])) {
$seodescription = strip_tags($_REQUEST['seodescription']);
$seodescription = htmlentities($seodescription);
$seodescription = mysqli_real_escape_string($mysqli, $seodescription);
}
if( isset($_FILES['projectimage']['name']) && $_FILES['projectimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['projectimage']['name'];
$image_tmp=$_FILES['projectimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
else
{
$image_name=$_POST['hidden_image'];
}
$update_service=$mysqli->query("UPDATE `project` SET `title`='$title',`page_title`='$pagetitle',`short_description`='$shortdescription',`description`='$description', `image`='$image_name',`slug`='$slug',`keyword`='$keyword',`metadescription`='$seodescription' WHERE `id`='$id'");
if ($update_service) {
header("location:project.php");
}else{
header("location:add_project.php");
}
}
///----delete image of project-----///
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_project')
{
$id=$_GET['id'];
$sql4=$mysqli->query("select * from `project` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$img_name = $row['image'];
unlink("upload/$img_name");
$sql_slider =$mysqli->query("delete from `project` where `id`='$id'");
if ($sql_slider==true) {
header("location:project.php");
}
}
////-----------add gallery-----//////
if(isset($_REQUEST['add_gallery']))
{
if (isset($_REQUEST['category'])) {
$category = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['category']));
}
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if( isset($_FILES['galleryimage']['name']) && $_FILES['galleryimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['galleryimage']['name'];
$image_tmp=$_FILES['galleryimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
$add_gallery=$mysqli->query("INSERT INTO `gallery` (`name`,`image`,`cat_id`) VALUES ('$title','$image_name','$category')");
if ($add_gallery) {
header("location:gallery.php");
}else{
header("location:add_gallery.php");
}
}
//------Update gallery------///
if(isset($_REQUEST['update_gallery']))
{
$id=$_REQUEST['id'];
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if( isset($_FILES['galleryimage']['name']) && $_FILES['galleryimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['galleryimage']['name'];
$image_tmp=$_FILES['galleryimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
else
{
$image_name=$_POST['hidden_image'];
}
$update_offer=$mysqli->query("UPDATE `gallery` SET `title`='$title', `image`='$image_name' WHERE `id`='$id'");
if($update_offer)
{
header("location:gallery.php");
}
else{
echo "gallery Has not Update";
}
}
///----delete image of gallery-----///
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_gallery')
{
$id=$_GET['id'];
$sql4=$mysqli->query("select * from `gallery` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$img_name = $row['image'];
unlink("upload/$img_name");
$sql_slider =$mysqli->query("delete from `gallery` where `id`='$id'");
if ($sql_slider==true) {
header("location:gallery.php");
}
}
////-----------add slider-----//////
if(isset($_REQUEST['add_slider']))
{
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if( isset($_FILES['sliderimage']['name']) && $_FILES['sliderimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['sliderimage']['name'];
$image_tmp=$_FILES['sliderimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
$add_gallery=$mysqli->query("INSERT INTO `slider` (`title`,`image`) VALUES ('$title','$image_name')");
if ($add_gallery) {
header("location:slider.php");
}else{
header("location:add_slider.php");
}
}
//------Update slider------///
if(isset($_REQUEST['update_slider']))
{
$id=$_REQUEST['id'];
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if( isset($_FILES['sliderimage']['name']) && $_FILES['sliderimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['sliderimage']['name'];
$image_tmp=$_FILES['sliderimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
else
{
$image_name=$_POST['hidden_image'];
}
$update_offer=$mysqli->query("UPDATE `slider` SET `title`='$title', `image`='$image_name' WHERE `id`='$id'");
if($update_offer)
{
header("location:slider.php");
}
else{
echo "slider Has not Update";
}
}
///----delete image of slider-----///
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_slider')
{
$id=$_GET['id'];
$sql4=$mysqli->query("select * from `slider` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$img_name = $row['image'];
unlink("upload/$img_name");
$sql_slider =$mysqli->query("delete from `slider` where `id`='$id'");
if ($sql_slider==true) {
header("location:slider.php");
}
}
////-----------add testimonial-----//////
if(isset($_REQUEST['add_testimonial']))
{
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if(isset($_REQUEST['position']))
{
$position=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['position']));
}
if(isset($_REQUEST['description']))
{
$description = strip_tags($_REQUEST['description']);
$description = htmlentities($description);
$description = mysqli_real_escape_string($mysqli, $description);
}
if( isset($_FILES['testimonialimage']['name']) && $_FILES['testimonialimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['testimonialimage']['name'];
$image_tmp=$_FILES['testimonialimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
$add_gallery=$mysqli->query("INSERT INTO `testimonial` (`name`,`role`,`image`,`testimonial`) VALUES ('$title','$position','$image_name','$description')");
if ($add_gallery) {
header("location:testimonial.php");
}else{
header("location:add_testimonial.php");
}
}
//------Update testimonial------///
if(isset($_REQUEST['update_testimonial']))
{
$id=$_REQUEST['id'];
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if(isset($_REQUEST['position']))
{
$position=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['position']));
}
if(isset($_REQUEST['description']))
{
$description = strip_tags($_REQUEST['description']);
$description = htmlentities($description);
$description = mysqli_real_escape_string($mysqli, $description);
}
if( isset($_FILES['testimonialimage']['name']) && $_FILES['testimonialimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['testimonialimage']['name'];
$image_tmp=$_FILES['testimonialimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
else
{
$image_name=$_POST['hidden_image'];
}
$update_offer=$mysqli->query("UPDATE `testimonial` SET `name`='$title', `role`='$position',`image`='$image_name',`testimonial`='$description' WHERE `id`='$id'");
if($update_offer)
{
header("location:testimonial.php");
}
else{
echo "testimonial Has not Update";
}
}
///----delete image of testimonial-----///
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_testimonial')
{
$id=$_GET['id'];
$sql4=$mysqli->query("select * from `testimonial` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$img_name = $row['image'];
unlink("upload/$img_name");
$sql_slider =$mysqli->query("delete from `testimonial` where `id`='$id'");
if ($sql_slider==true) {
header("location:testimonial.php");
}
}
////-----------add ourstory-----//////
if(isset($_REQUEST['add_ourstory']))
{
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if(isset($_REQUEST['description']))
{
$description = $_REQUEST['description'];
$description = mysqli_real_escape_string($mysqli, $description);
}
if( isset($_FILES['ourstoryimage']['name']) && $_FILES['ourstoryimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['ourstoryimage']['name'];
$image_tmp=$_FILES['ourstoryimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
$add_gallery=$mysqli->query("INSERT INTO `ourstory` (`title`,`image`,`description`) VALUES ('$title','$image_name','$description')");
if ($add_gallery) {
header("location:ourstory.php");
}else{
header("location:add_ourstory.php");
}
}
//------Update ourstory------///
if(isset($_REQUEST['update_ourstory']))
{
$id=$_REQUEST['id'];
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if(isset($_REQUEST['description']))
{
$description = $_REQUEST['description'];
$description = mysqli_real_escape_string($mysqli, $description);
}
if( isset($_FILES['ourstoryimage']['name']) && $_FILES['ourstoryimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['ourstoryimage']['name'];
$image_tmp=$_FILES['ourstoryimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
else
{
$image_name=$_POST['hidden_image'];
}
$update_offer=$mysqli->query("UPDATE `ourstory` SET `title`='$title',`image`='$image_name',`description`='$description' WHERE `id`='$id'");
if($update_offer)
{
header("location:ourstory.php");
}
else{
echo "ourstory Has not Update";
}
}
///----delete image of ourstory-----///
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_ourstory')
{
$id=$_GET['id'];
$sql4=$mysqli->query("select * from `ourstory` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$img_name = $row['image'];
unlink("upload/$img_name");
$sql_slider =$mysqli->query("delete from `ourstory` where `id`='$id'");
if ($sql_slider==true) {
header("location:ourstory.php");
}
}
////-----------add faq-----//////
if(isset($_REQUEST['add_faq']))
{
if(isset($_REQUEST['question']))
{
$question=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['question']));
}
if(isset($_REQUEST['answer']))
{
$answer = strip_tags($_REQUEST['answer']);
$answer = htmlentities($answer);
$answer = mysqli_real_escape_string($mysqli, $answer);
}
$add_gallery=$mysqli->query("INSERT INTO `faq` (`question`,`answer`) VALUES ('$question','$answer')");
if ($add_gallery) {
header("location:faq.php");
}else{
header("location:add_faq.php");
}
}
//------Update testimonial------///
if(isset($_REQUEST['update_faq']))
{
$id=$_REQUEST['id'];
if(isset($_REQUEST['question']))
{
$question=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['question']));
}
if(isset($_REQUEST['answer']))
{
$answer = strip_tags($_REQUEST['answer']);
$answer = htmlentities($answer);
$answer = mysqli_real_escape_string($mysqli, $answer);
}
$update_offer=$mysqli->query("UPDATE `faq` SET `question`='$question', `answer`='$answer' WHERE `id`='$id'");
if($update_offer)
{
header("location:faq.php");
}
else{
echo "faq Has not Update";
}
}
///----delete image of testimonial-----///
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_faq')
{
$id=$_GET['id'];
$sql4=$mysqli->query("select * from `faq` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$img_name = $row['image'];
unlink("upload/$img_name");
$sql_slider =$mysqli->query("delete from `faq` where `id`='$id'");
if ($sql_slider==true) {
header("location:faq.php");
}
}
///----add blog category -----///
if(isset($_REQUEST['add_blog_category']))
{
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
$blog_category=$mysqli->query("INSERT INTO `blog_category` (`blog_category`) VALUES ('$title')");
if($blog_category) {
header("location:blog_category.php");
}else{
header("location:blog_category.php");
}
}
///----update blog category -----///
if(isset($_REQUEST['update_blog_category']))
{
$id=$_REQUEST['id'];
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
$update_category=$mysqli->query("UPDATE `blog_category` SET `blog_category`='$title' WHERE `id`='$id'");
if($update_category)
{
header("location:blog_category.php");
}
else{
echo "testimonial Has not Update";
}
}
///----delete blog category-----///
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_blog_category')
{
$id=$_GET['id'];
$sql4=$mysqli->query("select * from `blog_category` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$img_name = $row['image'];
unlink("upload/$img_name");
$sql_slider =$mysqli->query("delete from `blog_category` where `id`='$id'");
if ($sql_slider==true) {
header("location:blog_category.php");
}
}
////-----------add team-----//////
if(isset($_REQUEST['add_team']))
{
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if(isset($_REQUEST['position']))
{
$position=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['position']));
}
if(isset($_REQUEST['about']))
{
$about=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['about']));
}
if(isset($_REQUEST['facebook']))
{
$facebook=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['facebook']));
}
if(isset($_REQUEST['twitter']))
{
$twitter=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['twitter']));
}
if(isset($_REQUEST['instagram']))
{
$instagram=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['instagram']));
}
if(isset($_REQUEST['linkedin']))
{
$linkedin=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['linkedin']));
}
if( isset($_FILES['homegalleryimage']['name']) && $_FILES['homegalleryimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['homegalleryimage']['name'];
$image_tmp=$_FILES['homegalleryimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
$add_team=$mysqli->query("INSERT INTO `team` (`name`,`designation`,`about`,`facebook`,`twitter`,`instagram`,`linkedin`,`image`) VALUES ('$title','$position','$about','$facebook','$twitter','$instagram','$linkedin','$image_name')");
if ($add_team) {
header("location:team.php");
}else{
header("location:add_team.php");
}
}
//------Update team------///
if(isset($_REQUEST['update_team']))
{
$id=$_REQUEST['id'];
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if(isset($_REQUEST['position']))
{
$position=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['position']));
}
if(isset($_REQUEST['about']))
{
$about=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['about']));
}
if(isset($_REQUEST['facebook']))
{
$facebook=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['facebook']));
}
if(isset($_REQUEST['twitter']))
{
$twitter=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['twitter']));
}
if(isset($_REQUEST['instagram']))
{
$instagram=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['instagram']));
}
if(isset($_REQUEST['linkedin']))
{
$linkedin=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['linkedin']));
}
if( isset($_FILES['homegalleryimage']['name']) && $_FILES['homegalleryimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['homegalleryimage']['name'];
$image_tmp=$_FILES['homegalleryimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
else
{
$image_name=$_POST['hidden_image'];
}
$update_team=$mysqli->query("UPDATE `team` SET `name`='$title',`designation`='$position',`about`='$about',`facebook`='$facebook',`twitter`='$twitter',`instagram`='$instagram',`linkedin`='$linkedin',`image`='$image_name' WHERE `id`='$id'");
if($update_team)
{
header("location:team.php");
}
else{
echo "Team Has not Update";
}
}
///----delete image of team-----///
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_team')
{
$id=$_GET['id'];
$sql4=$mysqli->query("select * from `team` where `id`='$id'");
$sql_slider =$mysqli->query("delete from `team` where `id`='$id'");
if ($sql_slider==true) {
header("location:team.php");
}
}
////-----------add client-----//////
if(isset($_REQUEST['add_client']))
{
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if( isset($_FILES['clientimage']['name']) && $_FILES['clientimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['clientimage']['name'];
$image_tmp=$_FILES['clientimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
$add_blog=$mysqli->query("INSERT INTO `client` (`company_name`,`image`) VALUES ('$title','$image_name')");
if ($add_blog) {
header("location:client.php");
}else{
header("location:add_client.php");
}
}
//------Update client------///
if(isset($_REQUEST['update_client']))
{
$id=$_REQUEST['id'];
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if( isset($_FILES['clientimage']['name']) && $_FILES['clientimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['clientimage']['name'];
$image_tmp=$_FILES['clientimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
else
{
$image_name=$_POST['hidden_image'];
}
$update_blog=$mysqli->query("UPDATE `client` SET `company_name`='$title',`image`='$image_name' WHERE `id`='$id'");
if($update_blog)
{
header("location:client.php");
}
else{
echo "client Has not Update";
}
}
///----delete client-----///
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_client')
{
$id=$_GET['id'];
$sql4=$mysqli->query("select * from `client` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$img_name = $row['image'];
unlink("upload/$img_name");
$sql_slider =$mysqli->query("delete from `client` where `id`='$id'");
if ($sql_slider==true) {
header("location:client.php");
}
}
////-----------add place-----//////
if(isset($_REQUEST['add_place']))
{
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if( isset($_FILES['placeimage']['name']) && $_FILES['placeimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['placeimage']['name'];
$image_tmp=$_FILES['placeimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
$add_blog=$mysqli->query("INSERT INTO `place` (`name`,`image`) VALUES ('$title','$image_name')");
if ($add_blog) {
header("location:place.php");
}else{
header("location:add_place.php");
}
}
//------Update client------///
if(isset($_REQUEST['update_place']))
{
$id=$_REQUEST['id'];
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if( isset($_FILES['placeimage']['name']) && $_FILES['placeimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['placeimage']['name'];
$image_tmp=$_FILES['placeimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
else
{
$image_name=$_POST['hidden_image'];
}
$update_blog=$mysqli->query("UPDATE `place` SET `name`='$title',`image`='$image_name' WHERE `id`='$id'");
if($update_blog)
{
header("location:place.php");
}
else{
echo "client Has not Update";
}
}
///----delete client-----///
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_place')
{
$id=$_GET['id'];
$sql4=$mysqli->query("select * from `place` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$img_name = $row['image'];
unlink("upload/$img_name");
$sql_slider =$mysqli->query("delete from `place` where `id`='$id'");
if ($sql_slider==true) {
header("location:place.php");
}
}
// ////-----------add contact using ajax-----//////
// if(isset($_REQUEST['action']) && $_REQUEST['action'] == 'submit')
// {
// if(isset($_REQUEST['name']))
// {
// $name=mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['name']));
// }
// if(isset($_REQUEST['email']))
// {
// $email=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['email']));
// }
// if(isset($_REQUEST['phone']))
// {
// $number=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['phone']));
// }
// if(isset($_REQUEST['subject']))
// {
// $subject=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['subject']));
// }
// if(isset($_REQUEST['message']))
// {
// $message=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['message']));
// }
// $add_blog=$mysqli->query("INSERT INTO `contact` (`name`,`email`,`subject`,`phone`,`message`) VALUES ('$name','$email','$subject','$number','$message')");
// if ($add_blog) {
// echo "<script>alert('Message sent successfully!'); window.location.href='contact.php';</script>";
// } else {
// echo "<script>alert('Failed to send message. Please try again later.'); window.history.back();</script>";
// }
// }
// ///----delete contact-----///
// if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_contact')
// {
// $id=$_GET['id'];
// $sql4=$mysqli->query("select * from `contact` where `id`='$id'");
// $row = mysqli_fetch_array($sql4);
// $sql_slider =$mysqli->query("delete from `contact` where `id`='$id'");
// if ($sql_slider) {
// header("location:contact.php");
// }
// }
// ------------add contact--------//
// Load PHPMailer classes
// use PHPMailer\PHPMailer\PHPMailer;
// use PHPMailer\PHPMailer\Exception;
// require __DIR__ . '/PHPMailer/src/Exception.php';
// require __DIR__ . '/PHPMailer/src/PHPMailer.php';
// require __DIR__ . '/PHPMailer/src/SMTP.php';
// // Collect POST data safely
// $name = trim($_POST['name'] ?? '');
// $email = trim($_POST['email'] ?? '');
// $phone = trim($_POST['phone'] ?? '');
// $message = trim($_POST['message'] ?? '');
// // Basic validation
// if (!$name || !$email || !$phone || !$message) {
// http_response_code(400);
// echo json_encode(['message' => 'Please fill all the fields.']);
// exit;
// }
// if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
// http_response_code(400);
// echo json_encode(['message' => 'Invalid email address.']);
// exit;
// }
// $mail = new PHPMailer(true);
// try {
// // Server settings
// $mail->isSMTP();
// $mail->Host = 'smtp.gmail.com'; // Gmail SMTP server
// $mail->SMTPAuth = true;
// $mail->Username = 'satrusallyasarmistha@gmail.com'; // YOUR Gmail here
// $mail->Password = 'hdrg gzsw ljfx ryyo'; // Gmail App Password here
// $mail->SMTPSecure = 'tls';
// $mail->Port = 587;
// // Recipients
// $mail->setFrom('satrusallyasarmistha@gmail.com', 'Your Website'); // Same as your Gmail
// $mail->addAddress('satrusallyasarmistha@gmail.com'); // Recipient: your target email
// $mail->addReplyTo($email, $name);
// // Content
// $mail->isHTML(true);
// $mail->Subject = "New Contact Form Submission from $name";
// // Email body with submitted data
// $mail->Body = "
// <h2>New Contact Form Submission</h2>
// <p><strong>Name:</strong> " . htmlspecialchars($name) . "</p>
// <p><strong>Email:</strong> " . htmlspecialchars($email) . "</p>
// <p><strong>Phone:</strong> " . htmlspecialchars($phone) . "</p>
// <p><strong>Message:</strong><br>" . nl2br(htmlspecialchars($message)) . "</p>
// ";
// $mail->send();
// echo json_encode(['message' => 'Thank you! Your message has been sent successfully.']);
// } catch (Exception $e) {
// http_response_code(500);
// echo json_encode(['message' => "Message could not be sent. Mailer Error: {$mail->ErrorInfo}"]);
// }
// if ( isset($_POST['add_contact'])) {
// // Sanitize and validate inputs
// $name = isset($_POST['name']) ? mysqli_real_escape_string($mysqli, htmlentities(trim($_POST['name']))) : '';
// $email = isset($_POST['email']) ? mysqli_real_escape_string($mysqli, htmlentities(trim($_POST['email']))) : '';
// $phone = isset($_POST['phone']) ? mysqli_real_escape_string($mysqli, htmlentities(trim($_POST['phone']))) : '';
// $message = isset($_POST['message']) ? mysqli_real_escape_string($mysqli, htmlentities(trim($_POST['message']))) : '';
// $errors = [];
// if ($name === '') {
// $errors[] = 'Name is required.';
// }
// if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
// $errors[] = 'Invalid email format.';
// }
// if (!preg_match('/^[0-9]{7,15}$/', $phone)) {
// $errors[] = 'Phone must be numeric and 7-15 digits long.';
// }
// if ($message === '') {
// $errors[] = 'Message cannot be empty.';
// }
// if (empty($errors)) {
// $query = "INSERT INTO contact (name, email, phone, message) VALUES ('$name', '$email', '$phone', '$message')";
// $result = $mysqli->query($query);
// if ($result) {
// echo "<script>alert('Message sent successfully!'); window.location.href='/consulting/sabksolutions/contact.php';</script>";
// } else {
// echo "<script>alert('Failed to send message. Please try again later.'); window.history.back();</script>";
// }
// } else {
// foreach ($errors as $error) {
// echo "<p style='color: red;'>$error</p>";
// }
// }
// }
// /----delete contact-----///
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_contact')
{
$id=$_GET['id'];
$sql4=$mysqli->query("select * from `contact` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$sql_slider =$mysqli->query("delete from `contact` where `id`='$id'");
if ($sql_slider) {
header("location:contact.php");
}
}
// ------------add enquiryform--------//
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['add_enquiryform'])) {
// Sanitize and validate inputs
$name = isset($_POST['name']) ? mysqli_real_escape_string($mysqli, htmlentities(trim($_POST['name']))) : '';
$email = isset($_POST['email']) ? mysqli_real_escape_string($mysqli, htmlentities(trim($_POST['email']))) : '';
$message = isset($_POST['message']) ? mysqli_real_escape_string($mysqli, htmlentities(trim($_POST['message']))) : '';
$errors = [];
if ($name === '') {
$errors[] = 'Name is required.';
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$errors[] = 'Invalid email format.';
}
if ($message === '') {
$errors[] = 'Message cannot be empty.';
}
if (empty($errors)) {
$query = "INSERT INTO enquiryform (name, email, message) VALUES ('$name', '$email', '$message')";
$result = $mysqli->query($query);
if ($result) {
echo "<script>alert('Message sent successfully!'); window.location.href='/consulting/sabksolutions/contact.php';</script>";
} else {
echo "<script>alert('Failed to send message. Please try again later.'); window.history.back();</script>";
}
} else {
foreach ($errors as $error) {
echo "<p style='color: red;'>$error</p>";
}
}
}
// /----delete contact-----///
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_enquiryform')
{
$id=$_GET['id'];
$sql4=$mysqli->query("select * from `enquiryform` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$sql_slider =$mysqli->query("delete from `enquiryform` where `id`='$id'");
if ($sql_slider) {
header("location:enquiryform.php");
}
}
////-----------add About-----//////
if(isset($_REQUEST['add_about']))
{
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if(isset($_REQUEST['experience']))
{
$experience=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['experience']));
}
if (isset($_REQUEST['description'])) {
$description = strip_tags($_REQUEST['description']);
$description = htmlentities($description);
$description = mysqli_real_escape_string($mysqli, $description);
}
if (isset($_REQUEST['shortdescription'])) {
$shortdescription = strip_tags($_REQUEST['shortdescription']);
$shortdescription = htmlentities($description);
$shortdescription = mysqli_real_escape_string($mysqli, $shortdescription);
}
if (isset($_REQUEST['mission'])) {
$mission = strip_tags($_REQUEST['mission']);
$mission = htmlentities($mission);
$mission = mysqli_real_escape_string($mysqli, $mission);
}
if (isset($_REQUEST['vision'])) {
$vision = strip_tags($_REQUEST['vision']);
$vision = htmlentities($vision);
$vision = mysqli_real_escape_string($mysqli, $vision);
}
if(isset($_REQUEST['slug']))
{
$slug=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['slug']));
}
if(isset($_REQUEST['keyword']))
{
$keyword=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['keyword']));
}
if(isset($_REQUEST['seodescription']))
{
$seodescription = strip_tags($_REQUEST['seodescription']);
$seodescription = htmlentities($seodescription);
$seodescription = mysqli_real_escape_string($mysqli, $seodescription);
}
if( isset($_FILES['aboutimage']['name']) && $_FILES['aboutimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['aboutimage']['name'];
$image_tmp=$_FILES['aboutimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
$add_blog=$mysqli->query("INSERT INTO `about` (`title`,`shortdescription`,`description`,`mission`,`vision`,`experience`,`slug`,`keyword`,`metadescription`,`image`) VALUES ('$title','$description','$shortdescription','$mission','$vision','$experience','$slug','$keyword','$seodescription','$image_name')");
if ($add_blog) {
header("location:about.php");
}else{
header("location:add_about.php");
}
}
//------Update about------///
if(isset($_REQUEST['update_about']))
{
$id=$_REQUEST['id'];
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if(isset($_REQUEST['experience']))
{
$experience=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['experience']));
}
if (isset($_REQUEST['description'])) {
$description = $_REQUEST['description']; // ✅ KEEP HTML tags
$description = mysqli_real_escape_string($mysqli, $description); // ✅ Prevent SQL injection
}
if (isset($_REQUEST['shortdescription'])) {
$shortdescription = strip_tags($_REQUEST['shortdescription']);
$shortdescription = htmlentities($shortdescription);
$shortdescription = mysqli_real_escape_string($mysqli, $shortdescription);
}
if (isset($_REQUEST['mission'])) {
$mission = $_REQUEST['mission'];
$mission = mysqli_real_escape_string($mysqli, $mission);
}
if (isset($_REQUEST['vision'])) {
$vision = $_REQUEST['vision'];
$vision = mysqli_real_escape_string($mysqli, $vision);
}
if(isset($_REQUEST['slug']))
{
$slug=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['slug']));
}
if(isset($_REQUEST['keyword']))
{
$keyword=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['keyword']));
}
if(isset($_REQUEST['seodescription']))
{
$seodescription = strip_tags($_REQUEST['seodescription']);
$seodescription = htmlentities($seodescription);
$seodescription = mysqli_real_escape_string($mysqli, $seodescription);
}
if( isset($_FILES['image']['name']) && $_FILES['image']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['image']['name'];
$image_tmp=$_FILES['image']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
else
{
$image_name=$_POST['hidden_image'];
}
$update_blog=$mysqli->query("UPDATE `about` SET `title`='$title',`image`='$image_name',`experience`='$experience',`description`='$description',`shortdescription`='$shortdescription',`mission`='$mission',`vision`='$vision',`slug`='$slug',`keyword`='$keyword',`metadescription`='$seodescription' WHERE `id`='$id'");
if($update_blog)
{
header("location:about.php");
}
else{
echo "about Has not Update";
}
}
///----delete image of about-----///
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_about')
{
$id=$_GET['id'];
$sql4=$mysqli->query("select * from `about` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$img_name = $row['image'];
unlink("upload/$img_name");
$sql_slider =$mysqli->query("delete from `about` where `id`='$id'");
if ($sql_slider==true) {
header("location:about.php");
}
}
//------Update setting------///
if(isset($_REQUEST['update_setting']))
{
$id=$_REQUEST['id'];
if(isset($_REQUEST['companyname']))
{
$companyname=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['companyname']));
}
if(isset($_REQUEST['email1']))
{
$email1=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['email1']));
}
if(isset($_REQUEST['email2']))
{
$email2=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['email2']));
}
if(isset($_REQUEST['number1']))
{
$number1=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['number1']));
}
if(isset($_REQUEST['number2']))
{
$number2=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['number2']));
}
if(isset($_REQUEST['facebook']))
{
$facebook=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['facebook']));
}
if(isset($_REQUEST['youtube']))
{
$youtube=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['youtube']));
}
if(isset($_REQUEST['instagram']))
{
$instagram=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['instagram']));
}
if(isset($_REQUEST['linkedin']))
{
$linkedin=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['linkedin']));
}
if( isset($_FILES['settingimage']['name']) && $_FILES['settingimage']['name'] != "" )
{
$dir="upload/";
$image=$_FILES['settingimage']['name'];
$image_tmp=$_FILES['settingimage']['tmp_name'];
$image_extn = substr($image, strrpos($image, '.')+1);
$image_name=rand(10,100).time().'.'.$image_extn;
$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
if ($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
}
else
{
$image_name=$_POST['hidden_image'];
}
$update_team=$mysqli->query("UPDATE `setting` SET `company_name`='$companyname',`owner_email1`='$email1',`owner_email2`='$email2',`owner_number1`='$number1',`owner_number2`='$number2',`facebook`='$facebook',`youtube`='$youtube',`instagram`='$instagram',`linkedin`='$linkedin',`company_logo`='$image_name' WHERE `id`='$id'");
if($update_team)
{
header("location:setting.php");
}
else{
echo "setting Has not Update";
}
}
//--------add Booking---------//
if(isset($_REQUEST['add_booking']))
{
if(isset($_REQUEST['id']))
{
$id=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['id']));
}
if(isset($_REQUEST['category']))
{
$category=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['category']));
}
if(isset($_REQUEST['service']))
{
$service=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['service']));
}
if(isset($_REQUEST['name']))
{
$name=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['name']));
}
if(isset($_REQUEST['email']))
{
$email=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['email']));
}
if(isset($_REQUEST['phone']))
{
$phone=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['phone']));
}
if(isset($_REQUEST['subject']))
{
$subject=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['subject']));
}
if(isset($_REQUEST['message']))
{
$message=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['message']));
}
$insert=$mysqli->query("INSERT INTO `bookingform` (`service_id`,`category_name`,`service_name`,`name`,`email`,`phone`,`subject`,`message`) VALUES ('$id','$category','$service','$name','$email','$phone','$subject','$message')");
if ($insert) {
echo "<script>
alert('Form submitted successfully');
window.location.href = 'http://localhost/EventManagement/event/service_details.php?id=$id';
</script>";
}
}
///----add newsletter-----///
if(isset($_REQUEST['add_newsletter']))
{
if(isset($_REQUEST['email']))
{
$email=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['email']));
}
$insert=$mysqli->query("INSERT INTO `newsletter` (`email`) VALUES ('$email')");
if ($insert) {
echo "<script>
alert('Form submitted successfully');
window.location.href = 'http://localhost/consulting/sabksolutions/index.php';
</script>";
}
}
///----delete newsletter-----///
if(isset($_REQUEST['action'])=='delete_newsletter')
{
$id=$_GET['id'];
$sql4=$mysqli->query("select * from `newsletter` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$sql_gallery =$mysqli->query("delete from `newsletter` where `id`='$id'");
if ($sql_gallery==true) {
header("location:newsletter.php");
}
}
///----delete contact-----///
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_contact')
{
$id=$_GET['id'];
$sql4=$mysqli->query("select * from `contact` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$sql_gallery =$mysqli->query("delete from `contact` where `id`='$id'");
if ($sql_gallery==true) {
header("location:contact.php");
}
}
////-----------Add job details-----//////
if (isset($_REQUEST['add_jobdetails'])) {
if (isset($_REQUEST['name'])) {
$title = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['name']));
}
if (isset($_REQUEST['locationandsalary'])) {
$locationandsalary = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['locationandsalary']));
}
if (isset($_REQUEST['description'])) {
$description = strip_tags($_REQUEST['description']);
$description = htmlentities($description);
$description = mysqli_real_escape_string($mysqli, $description);
}
if (isset($_REQUEST['responsibility'])) {
$responsibility = strip_tags($_REQUEST['responsibility']);
$responsibility = htmlentities($responsibility);
$responsibility = mysqli_real_escape_string($mysqli, $responsibility);
}
if (isset($_REQUEST['requirments'])) {
$requirments = strip_tags($_REQUEST['requirments']);
$requirments = htmlentities($requirments);
$requirments = mysqli_real_escape_string($mysqli, $requirments);
}
if (isset($_REQUEST['location'])) {
$location = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['location']));
}
if (isset($_REQUEST['salary'])) {
$salary = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['salary']));
}
if(isset($_REQUEST['slug']))
{
$slug=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['slug']));
}
if(isset($_REQUEST['keyword']))
{
$keyword=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['keyword']));
}
if (isset($_REQUEST['seodescription'])) {
$seodescription = strip_tags($_REQUEST['seodescription']);
$seodescription = htmlentities($seodescription);
$seodescription = mysqli_real_escape_string($mysqli, $seodescription);
}
// Handling the primary image upload
// Inserting the service details into the database
$add_jobdetails = $mysqli->query("INSERT INTO `job_details` (`name`, `description`,`locationandsalary`,`responsibility`, `requirments`,`location`,`salary`,`slug`,`keyword`,`metadescription`) VALUES ('$name', '$description','$locationandsalary','$responsibility', '$requirments', '$location', '$salary','$slug','$keyword','$seodescription')");
if ($add_jobdetails) {
// Redirecting after successful insert
header("location: jobdetails.php");
} else {
header("location: add_jobdetails.php");
}
}
if (isset($_REQUEST['update_jobdetails'])) {
$id = (int)$_REQUEST['id']; // Ensure it's a number
$name = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['name'] ?? ''));
$locationandsalary = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['locationandsalary'] ?? ''));
$description = mysqli_real_escape_string($mysqli, htmlentities(strip_tags($_REQUEST['description'] ?? '')));
$responsibility = mysqli_real_escape_string($mysqli, htmlentities(strip_tags($_REQUEST['responsibility'] ?? '')));
$requirments = mysqli_real_escape_string($mysqli, htmlentities(strip_tags($_REQUEST['requirments'] ?? '')));
$location = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['location'] ?? ''));
$salary = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['salary'] ?? ''));
$slug = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['slug'] ?? ''));
$keyword = mysqli_real_escape_string($mysqli, htmlentities($_REQUEST['keyword'] ?? ''));
$seodescription = mysqli_real_escape_string($mysqli, htmlentities(strip_tags($_REQUEST['seodescription'] ?? '')));
$update_jobdetails = $mysqli->query("UPDATE `job_details` SET
`name` = '$name',
`description` = '$description',
`locationandsalary` = '$locationandsalary',
`responsibility` = '$responsibility',
`requirments` = '$requirments',
`location` = '$location',
`salary` = '$salary',
`slug` = '$slug',
`keyword` = '$keyword',
`metadescription` = '$seodescription'
WHERE `id` = $id");
if ($update_jobdetails) {
header("Location: jobdetails.php");
} else {
header("Location: edit_jobdetails.php?id=$id");
}
}
if (isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['id'])) {
$id = (int)$_GET['id'];
$delete_jobdetails = $mysqli->query("DELETE FROM `job_details` WHERE `id` = $id");
if ($delete_jobdetails) {
header("Location: jobdetails.php?msg=deleted");
} else {
header("Location: jobdetails.php?msg=delete_failed");
}
}
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['add_jobenquiryform'])) {
$name = mysqli_real_escape_string($mysqli, trim($_POST['name']));
$email = mysqli_real_escape_string($mysqli, trim($_POST['email']));
$phone = isset($_POST['phone']) ? mysqli_real_escape_string($mysqli, trim($_POST['phone'])) : '';
$message = mysqli_real_escape_string($mysqli, trim($_POST['message']));
$errors = [];
if (empty($name)) $errors[] = "Name is required.";
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) $errors[] = "Invalid email.";
if (empty($message)) $errors[] = "Message is required.";
// Handle CV upload
$cv_path = '';
if (isset($_FILES['cv']) && $_FILES['cv']['error'] === 0) {
$target_dir = "uploads/";
$cv_name = time() . '_' . basename($_FILES["cv"]["name"]);
$cv_path = $target_dir . $cv_name;
if (!is_dir($target_dir)) {
mkdir($target_dir, 0777, true);
}
if (!move_uploaded_file($_FILES["cv"]["tmp_name"], $cv_path)) {
$errors[] = "Failed to upload CV.";
}
}
if (empty($errors)) {
$query = "INSERT INTO jobenquiryform (name, email, phone, message, cv_path)
VALUES ('$name', '$email', '$phone', '$message', '$cv_path')";
$result = $mysqli->query($query);
if ($result) {
echo "<script>alert('Message sent successfully!'); window.location.href = '/consulting/sabksolutions/jobdetails.php';
;</script>";
} else {
echo "<script>alert('Failed to send message. Please try again.'); window.history.back();</script>";
}
} else {
foreach ($errors as $error) {
echo "<p style='color:red;'>$error</p>";
}
}
}
?>
........