/
/
home
/
u523034047
/
domains
/
gmcrudrapur.com
/
public_html
/
admin
Server: in-mum-web1112.main-hosting.eu (62.72.28.111)
You: 216.73.216.4
PHP 8.3.16
Dir:
/home/u523034047/domains/gmcrudrapur.com/public_html/admin
Edit:
/home/u523034047/domains/gmcrudrapur.com/public_html/admin/add_tender.php
<?php include('conn.php'); session_start(); error_reporting(E_ALL); if (!isset($_SESSION['username'])) { header('location:index.php'); exit(); } if (isset($_POST['sub'])) { $a = strip_tags($_POST['t1']); $c = strip_tags($_POST['htmlcode']); $msg = ''; $allowedExts = ['jpg', 'jpeg', 'png', 'pdf', 'doc']; $fileName = $_FILES['file']['name']; $tmpName = $_FILES['file']['tmp_name']; $fileSize = $_FILES['file']['size']; $fileExt = strtolower(pathinfo($fileName, PATHINFO_EXTENSION)); $mimeType = mime_content_type($tmpName); $validMimeTypes = [ 'image/jpeg', 'image/png', 'application/pdf', 'application/msword', 'application/vnd.openxmlformats-officedocument.wordprocessingml.document' ]; if (in_array($fileExt, $allowedExts) && in_array($mimeType, $validMimeTypes) && $fileSize < 500000) { $newFileName = uniqid("tender_") . "." . $fileExt; $uploadPath = "tender/" . $newFileName; if (move_uploaded_file($tmpName, $uploadPath)) { $stmt = $connection->prepare("INSERT INTO tender (Title, Description, file_attachment, status) VALUES (?, ?, ?, 'Active')"); $stmt->bind_param("sss", $a, $c, $newFileName); if ($stmt->execute()) { $msg = "✅ File uploaded successfully."; } else { echo "❌ DB Error: " . $stmt->error; } $stmt->close(); } else { echo "❌ Failed to move uploaded file."; } } else { echo "❌ Invalid file format or size. Only jpg, png, pdf, doc under 500KB are allowed."; } } if (isset($_POST['del'])) { $id = intval($_POST['id']); $stmt = $connection->prepare("DELETE FROM tender WHERE id = ?"); $stmt->bind_param("i", $id); $stmt->execute(); $stmt->close(); header('location:add_tender.php'); } ?> <!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <title>Admin</title> <!-- BOOTSTRAP STYLES--> <link href="assets/css/bootstrap.css" rel="stylesheet" /> <!-- FONTAWESOME STYLES--> <link href="assets/css/font-awesome.css" rel="stylesheet" /> <!-- CUSTOM STYLES--> <link href="assets/css/custom.css" rel="stylesheet" /> <!-- GOOGLE FONTS--> <link href='http://fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css' /> <link rel="stylesheet" href="richtexteditor/rte_theme_default.css" /> <script type="text/javascript" src="richtexteditor/rte.js"></script> <script type="text/javascript" src='richtexteditor/plugins/all_plugins.js'></script> </head> <body> <div id="wrapper"> <div class="navbar navbar-inverse navbar-fixed-top"> <?php include ('header.php');?> </div> <!-- /. NAV TOP --> <nav class="navbar-default navbar-side" role="navigation"> <?php include ('menu.php');?> </nav> <!-- /. NAV SIDE --> <div id="page-wrapper" > <div id="page-inner"> <div class="row"> <div class="col-md-12"> <h2>Tender Details </h2> </div> </div> <!-- /. ROW --> <hr /> <!-- /. ROW --> <div class="panel panel-primary" data-collapsed="0"> <div class="panel-heading"> <div class="panel-title" > <i class="entypo-plus-circled"></i> Post Jobs </div> </div> <form method="post" action="" enctype="multipart/form-data"> <div class="panel-body"> <br> <br><br> <div class="form-group"> <label for="field-1" class="col-sm-3 control-label"> Title</label> <div class="col-sm-5"> <input type="text" class="form-control" name="t1" data-validate="required" data-message-required="Value Required" value="" autofocus> </div> </div></br> <div class="form-group"> <label for="field-1" class="col-sm-3 control-label">Description</label> <input name="htmlcode" id="inp_htmlcode" type="hidden" /> <div id="div_editor1" class="richtexteditor" style="width: 960px;margin:0 auto;"> </div> <script> var editor1 = new RichTextEditor(document.getElementById("div_editor1")); editor1.attachEvent("change", function () { document.getElementById("inp_htmlcode").value = editor1.getHTMLCode(); }); </script> </div></br><div class="form-group"> <label for="field-1" class="col-sm-3 control-label">Attachment</label> <div class="col-sm-5"> <input type="file" name="file" value="" id="file"> </div> </div></br> <?php if($msg !='') { ?> <div style="width=100%" class="row cvmsgok"><?php echo $msg; ?></div> <?php } elseif($msgno !='') { ?> <div style="width=100%" class="row cvmsgno"><?php echo $msgno; ?></div> <?php } ?></br> </br> <div class="form-group" align="center"> <div class="col-sm-8"> <input type="submit" class="btn btn-info" name="sub" value="Save"> <input type="Reset" class="btn btn-danger" name="sub1" value="Reset"> </div> </div></br> </form> </div> </div> <div class="panel panel-primary" data-collapsed="0"> <div class="panel-heading"> <div class="panel-title" > <i class="entypo-plus-circled"></i> Status </div> </div> <div class="panel-body"> <div style="overflow-x:auto;"> <div class="col-lg-12 col-md-12"> <div class="table-responsive"> <table class="table"> <thead> <tr> <th>#</th> <th>Title</th> <th>Discripition</th> <th>File</th> <th>Action</th> </tr> </thead> <?php $sql="select * from tender order by id desc"; $query=mysqli_query($connection,$sql); $count=1; while($fetch = mysqli_fetch_array($query)){ ?> <tbody> <tr class="info"> <td><?php echo $count++;?></td> <td><?php echo $fetch[1];?></td> <td><?php echo $fetch[2];?></td> <td><a href="tender/<?php echo $fetch["file_attachment"];?>" class="btn btn-success">View</a></td> <td> <form method='POST'> <input type=hidden name=id value="<?php echo $fetch[0];?>" > <input type=submit value=Delete class="btn btn-danger" name=del > </form></td> </tr> </tbody> <?php } ?> </table> </div> </div> </div> </div> </div> </div> </div> <!-- /. PAGE INNER --> </div> <!-- /. PAGE WRAPPER --> </div> <div class="footer"> <?php include ('footer.php');?> </div> <!-- /. WRAPPER --> <!-- SCRIPTS -AT THE BOTOM TO REDUCE THE LOAD TIME--> <!-- JQUERY SCRIPTS --> <script src="assets/js/jquery-1.10.2.js"></script> <!-- BOOTSTRAP SCRIPTS --> <script src="assets/js/bootstrap.min.js"></script> <!-- CUSTOM SCRIPTS --> <script src="assets/js/custom.js"></script> </body> </html>
Ukuran: 9.2 KB