| Server IP : 104.21.80.248 / Your IP : 172.71.28.156 Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586 User : SYSTEM ( 0) PHP Version : 5.6.30 Disable Function : NONE MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /Inetpub/www/news/elearning/admin/ |
Upload File : |
<?php
require '../configs/app_top.php';
if (!is_admin_logged_in()) {
redirect(generate_admin_link("login"));
exit;
}
if (isset($_POST['mode']) && $_POST['mode'] == 'add_new') {
$redirectTo = "subjects";
$name = safe_input($_POST['sb_name']);
$category = safe_input($_POST['category']);
$duration = safe_input($_POST['sb_duration']);
$index = safe_input($_POST['sb_index']);
$count = safe_input($_POST['sb_count']);
$teacher = safe_input($_POST['sb_teacher']);
$startdate = safe_input($_POST['start_date']);
$enddate = safe_input($_POST['end_date']);
$is_active = (safe_input($_POST['is_active']) == "yes" ) ? "yes" : "no";
$idam=$_SESSION["admin_id"];
if ($name == '' || $category == '') {
$_SESSION["errorMsg"] = "Please provide the required fields";
$_SESSION["errorType"] = "danger";
} else {
try {
$sql = "INSERT INTO " . TBL_SUBJECTS . " ( `sb_name`, `sb_category_id`, `sb_duration`, `sb_index`,`sb_count`, `sb_teacher`,`start_date`,`end_date`, `active`, `idam` ) VALUES (:name, :cid, :duration,:index,:count,:teacher,:startdate,:enddate, :active, :idam)";
$stmt = $DB->prepare($sql);
$stmt->bindValue(":name", $name);
$stmt->bindValue(":cid", $category);
$stmt->bindValue(":duration", $duration);
$stmt->bindValue(":index", $index);
$stmt->bindValue(":count", $count);
$stmt->bindValue(":teacher", $teacher);
$stmt->bindValue(":startdate", $startdate);
$stmt->bindValue(":enddate", $enddate);
$stmt->bindValue(":active", $is_active);
$stmt->bindValue(":idam", $idam);
$stmt->execute();
$retval = $stmt->rowCount();
} catch (Exception $ex) {
if ($ex->getCode() == 23000) {
$_SESSION["errorMsg"] = $ct_name . " already exist";
$_SESSION["errorType"] = "danger";
redirect(generate_admin_link($redirectTo, "mode=add"));
exit;
}
echo $ex->getMessage();die;
}
if ($retval > 0) {
$_SESSION["errorMsg"] = "เพิ่มข้อมูลเรียบร้อยแล้ว.";
$_SESSION["errorType"] = "success";
redirect(generate_admin_link("manage_subjects"));
exit;
} else {
$_SESSION["errorMsg"] = "Failed to add subject. Try Again";
$_SESSION["errorType"] = "danger";
}
}
redirect(generate_admin_link($redirectTo, "mode=add"));
exit;
} else if (isset($_POST['mode']) && $_POST['mode'] == 'update') {
$redirectTo = "subjects";
$name = safe_input($_POST['sb_name']);
$category = safe_input($_POST['category']);
$duration = safe_input($_POST['sb_duration']);
$index = safe_input($_POST['sb_index']);
$count = safe_input($_POST['sb_count']);
$teacher = safe_input($_POST['sb_teacher']);
$startdate = safe_input($_POST['start_date']);
$enddate = safe_input($_POST['end_date']);
$is_active = (safe_input($_POST['is_active']) == "yes" ) ? "yes" : "no";
$id = safe_input($_POST['id']);
$idam =$_SESSION["admin_id"];
if ($name == '' || $category == '' || intval($id) == 0 ) {
$_SESSION["errorMsg"] = "Please provide the required fields";
$_SESSION["errorType"] = "danger";
} else {
try {
$sql = "UPDATE " . TBL_SUBJECTS . " SET `sb_name` = :name, `sb_category_id` = :cid, `sb_duration` = :duration,`sb_index` = :index,`sb_count` = :count, `sb_teacher` = :teacher,`start_date` = :startdate,`end_date` = :enddate, `active` = :active , `idam` = :idam "
. "WHERE `sb_id` = :id ";
$stmt = $DB->prepare($sql);
$stmt->bindValue(":name", $name);
$stmt->bindValue(":active", $is_active);
$stmt->bindValue(":cid", $category);
$stmt->bindValue(":duration", $duration);
$stmt->bindValue(":index", $index);
$stmt->bindValue(":count", $count);
$stmt->bindValue(":teacher", $teacher);
$stmt->bindValue(":startdate", $startdate);
$stmt->bindValue(":enddate", $enddate);
$stmt->bindValue(":id", $id);
$stmt->bindValue(":idam", $idam);
$stmt->execute();
$retval = $stmt->rowCount();
} catch (Exception $ex) {
if ($ex->getCode() == 23000) {
$_SESSION["errorMsg"] = $ct_name . " already exist";
$_SESSION["errorType"] = "danger";
redirect(generate_admin_link("manage_subjects", "pagenum=" . $_POST["pagenum"]));
exit;
}
}
if ($retval > 0) {
$_SESSION["errorMsg"] = "แก้ไขข้อมูลเรียบร้อยแล้ว.";
$_SESSION["errorType"] = "success";
redirect(generate_admin_link("manage_subjects", "pagenum=" . $_POST["pagenum"]));
exit;
} else if ($retval == 0) {
$_SESSION["errorMsg"] = "No changes has been made to subject.";
$_SESSION["errorType"] = "info";
redirect(generate_admin_link("manage_subjects", "pagenum=" . $_POST["pagenum"]));
exit;
} else {
$_SESSION["errorMsg"] = "Failed to update subject. Try Again";
$_SESSION["errorType"] = "danger";
}
}
redirect(generate_admin_link($redirectTo, "mode=edit&id=" . $id."&pagenum=" . $_POST["pagenum"]));
exit;
} else if (isset($_GET['mode']) && $_GET['mode'] == 'delete') {
$redirectTo = "manage_subjects";
$id = safe_input($_GET['id']);
try {
$sql = "DELETE FROM " . TBL_SUBJECTS . " WHERE sb_id = :id";
$stmt = $DB->prepare($sql);
$stmt->bindValue(":id", $id);
$stmt->execute();
$retval = $stmt->rowCount();
if ($retval > 0) {
$_SESSION["errorMsg"] = "ลบข้อมูลเรียบร้อย.";
$_SESSION["errorType"] = "success";
} else {
$_SESSION["errorMsg"] = "Cannot delete subject. Try Again";
$_SESSION["errorType"] = "danger";
}
} catch (Exception $ex) {
$_SESSION["errorMsg"] = $ex->getMessage();
$_SESSION["errorType"] = "danger";
}
redirect(generate_admin_link($redirectTo));
exit;
}
redirect(generate_admin_link("home"));
?>