| Server IP : 172.67.187.206 / Your IP : 172.71.28.156 Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586 User : SYSTEM ( 0) PHP Version : 5.6.30 Disable Function : NONE MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /Inetpub/www/news/datacenter/admin/core/ |
Upload File : |
<?php
require_once "../config.php";
require_once ABSPATH."/core/checklogin.php";
require_once ABSPATH."/core/functions.php";
require_once ABSPATH."/core/PasswordHash.php";
require_once ABSPATH."/core/resize-class.php";
if(DEMO_MODE!=0)
{
header("Location:../account.php?page=dashboard&msg=demo_mode");
exit();
}
$slide_id = filter_input(INPUT_POST, 'slide_id', FILTER_SANITIZE_URL);
$title = filter_input(INPUT_POST, 'title', FILTER_SANITIZE_STRING);
$content = filter_input(INPUT_POST, 'content', FILTER_SANITIZE_STRING);
$url = filter_input(INPUT_POST, 'url', FILTER_SANITIZE_URL);
$position = filter_input(INPUT_POST, 'position', FILTER_SANITIZE_NUMBER_INT);
$active = filter_input(INPUT_POST, 'active', FILTER_SANITIZE_NUMBER_INT);
$query = "UPDATE ".DB_PREFIX."slider SET title = ?, content = ?, position = ?, url = ?, active = ? WHERE id = ? LIMIT 1";
$stmt = $conn->prepare($query);
$stmt->bindParam(1, $title, PDO::PARAM_STR);
$stmt->bindParam(2, $content, PDO::PARAM_STR);
$stmt->bindParam(3, $position, PDO::PARAM_INT);
$stmt->bindParam(4, $url, PDO::PARAM_STR);
$stmt->bindParam(5, $active, PDO::PARAM_INT);
$stmt->bindParam(6, $slide_id, PDO::PARAM_INT);
$stmt->execute();
// SLIDE IMAGE
if($_FILES['image']['name'])
{
$f = $_FILES['image']['name'];
$ext = strtolower(substr(strrchr($f, '.'), 1));
if (($ext!= "jpg") && ($ext != "jpeg") && ($ext != "gif") && ($ext != "png"))
{
}
else
{
$image_code = random_code();
$image = $image_code."-".$_FILES['image']['name'];
$image = RewriteFile($image);
move_uploaded_file($_FILES["image"]["tmp_name"], "../uploads/temp/".$image);
// create avatar image
$resizeObj = new resize("../uploads/temp/".$image);
$resizeObj -> resizeImage(900, 450, 'crop'); // (options: exact, portrait, landscape, auto, crop)
$resizeObj -> saveImage("../uploads/images/".$image);
@unlink ("../uploads/temp/".$image);
$sql = "UPDATE ".DB_PREFIX."slider SET image = ? WHERE id = ? LIMIT 1";
$conn->prepare($sql)->execute([$image, $slide_id]);
}
}
// form OK:
header("Location: ../account.php?page=pro-slider&msg=edit_ok");
exit;