revealability

File "career_crud.php"
Full Path: /home/ovanhxso/public_html/panel/admin/app/career_crud.php
File size: 3.62 KB
MIME-type: text/x-php
Charset: utf-8
Open Edit Advanced Editor Back
<?php
session_start();
include '../../assets/constant/config.php';

try {
  $conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
  $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

  if (isset($_POST['submit'])) {

           // print_r($_POST);exit;
        $uploadDir = '../../assets/images/';
        if (!empty($_FILES['photo']['tmp_name'])) {
            $originalName = basename($_FILES['photo']['name']);
            $extension = pathinfo($originalName, PATHINFO_EXTENSION);
            $newName = rand(100, 999) . '.' . $extension;
            $newFilePath = $uploadDir . $newName;

            if (move_uploaded_file($_FILES['photo']['tmp_name'], $newFilePath)) {
                $img = $newName;

                // Compression Logic
                // compressImage($newFilePath, $newFilePath, 75); // 75 is the compression quality
            } else {
                echo 'There was an error uploading the file.';
                exit;
            }
        }
 
    $stmt = $conn->prepare("INSERT INTO `career`(`name1`,`description`,`photo`) VALUES (?,?,?)");
  
$stmt->execute([

            htmlspecialchars($_POST['name1'], ENT_QUOTES, 'UTF-8'),
          
             htmlspecialchars($_POST['description'], ENT_QUOTES, 'UTF-8'),
            $img,
            
        ]);

  //  $stmt->execute([$_POST['name1'],$_POST['designation'],$img, $_POST['description']]);

    $_SESSION['success'] = "career Added";
    ?>
        <script>
        // Redirect to ../about_seo.php
        window.location.href = "../manage_career.php";
    </script>
   <?php
  }

  if (isset($_POST['update'])) {

 if (!empty($_FILES['photo']['tmp_name'])) {
            $file_extension = pathinfo(htmlspecialchars($_FILES["photo"]["name"], ENT_QUOTES, 'UTF-8'), PATHINFO_EXTENSION);
            $new_filename = uniqid() . '.' . $file_extension;
            $filepath = "../../assets/images/" . $new_filename;

            if (move_uploaded_file($_FILES["photo"]["tmp_name"], $filepath)) {
                $img = $new_filename;

                // Compression Logic
                // compressImage($filepath, $filepath, 75); // 75 is the compression quality

                @unlink("../../assets/images/" . $_POST['old_photo_img']);
            }
        } else {
            $img = $_POST['old_photo_img'];
        }
    // Update the database record
    $stmt = $conn->prepare("UPDATE `career` SET `name1`=?,`description`=?,`photo`=? WHERE id=?");
    $stmt->execute([$_POST['name1'],  $_POST['description'], $img, $_POST['id']]);

    $_SESSION['success'] = "career Updated";
    ?>

    <script>
        // Redirect to manage_team.php after successful update
        window.location.href = "../manage_career.php";
    </script>

    <?php
}


  if (isset($_POST['del_id'])) {
    $stmt = $conn->prepare("UPDATE `career` SET delete_status='1' WHERE id=?");
    $stmt->bindParam(1, htmlspecialchars($_POST['del_id'], ENT_QUOTES, 'UTF-8'));
    $stmt->execute();

    $_SESSION['success'] = "Career Deleted";

    header("location:../manage_career.php");
  }
} catch (PDOException $e) {
  echo "Connection failed: " . $e->getMessage();
}




function compressImage($source, $destination, $quality)
{
  $info = getimagesize($source);
  if ($info['mime'] == 'image/jpeg') {
    $image = imagecreatefromjpeg($source);
    imagejpeg($image, $destination, $quality);
  } elseif ($info['mime'] == 'image/png') {
    $image = imagecreatefrompng($source);
    imagepng($image, $destination, round(9 - ($quality / 10))); // PNG quality ranges from 0 to 9
  }
}