/
/
home
/
u523034047
/
domains
/
gmcrudrapur.com
/
public_html
/
admin
Server: in-mum-web1112.main-hosting.eu (62.72.28.111)
You: 216.73.216.4
PHP 8.3.16
Dir:
/home/u523034047/domains/gmcrudrapur.com/public_html/admin
Edit:
/home/u523034047/domains/gmcrudrapur.com/public_html/admin/itemgallery.php
<?php include('conn.php'); session_start(); if (!isset($_SESSION['username'])) { header('location:index.php'); exit; } if (isset($_POST['sub'])) { $allowed_ext = ['jpg','jpeg','png','gif']; $target_dir = "itemimages/"; foreach ($_FILES['t2']['tmp_name'] as $i => $tmp) { if ($_FILES['t2']['error'][$i] !== 0) { echo "Upload error<br>"; continue; } $file_name = $_FILES['t2']['name'][$i]; $ext = strtolower(pathinfo($file_name, PATHINFO_EXTENSION)); // ✅ Extension check if (!in_array($ext, $allowed_ext)) { echo "Only JPG, JPEG, PNG, GIF allowed<br>"; continue; } // ✅ Real image check if (!getimagesize($tmp)) { echo "Not a valid image<br>"; continue; } $safe_name = time().'_'.preg_replace("/[^A-Za-z0-9_\-\.]/", "_", $file_name); $target_file = $target_dir.$safe_name; if (move_uploaded_file($tmp, $target_file)) { $cat1 = $_POST['cat1']; mysqli_query($connection, "INSERT INTO itemimg(image, categoriesid) VALUES ('$safe_name','$cat1')" ); echo "Uploaded: $safe_name<br>"; } else { echo "Upload failed<br>"; } } } ?> <!DOCTYPE html> <html> <head> <meta charset="utf-8" /> <title>Upload Category Images</title> <link href="assets/css/bootstrap.css" rel="stylesheet" /> <link href="assets/css/font-awesome.css" rel="stylesheet" /> <link href="assets/css/custom.css" rel="stylesheet" /> </head> <body> <div id="wrapper"> <div class="navbar navbar-inverse navbar-fixed-top"> <?php include ('header.php');?> </div> <!-- /. NAV TOP --> <nav class="navbar-default navbar-side" role="navigation"> <?php include ('menu.php');?> </nav> <div id="page-wrapper"> <div class="container-fluid"> <h2 class="text-primary">Upload Category Images</h2> <hr /> <!-- Upload Form --> <form method="post" enctype="multipart/form-data" class="form-horizontal"> <!-- Category Dropdown --> <div class="form-group"> <label class="col-sm-2 control-label">Select Category:</label> <div class="col-sm-6"> <select name="cat1" id="categorySelect" class="form-control" onchange="getImages(this.value)" required> <option value="">-- Select Category --</option> <?php $sql = "SELECT * FROM visaapproval"; $query = mysqli_query($connection, $sql); while ($row = mysqli_fetch_array($query)) { echo '<option value="' . $row['id'] . '">' . $row['name'] . '</option>'; } ?> </select> </div> </div> <!-- File Upload --> <div class="form-group"> <label class="col-sm-2 control-label">Upload Images:</label> <div class="col-sm-6"> <input type="file" name="t2[]" multiple accept="image/*" required> </div> </div> <!-- Buttons --> <div class="form-group"> <div class="col-sm-offset-2 col-sm-6"> <input type="submit" name="sub" value="Save" class="btn btn-info" /> <input type="reset" value="Reset" class="btn btn-danger" /> </div> </div> </form> <hr /> <!-- Image Table --> <h4>Category Images</h4> <div id="imageTable"> <!-- AJAX results will be loaded here --> </div> </div> </div> <?php include('footer.php'); ?> </div> <!-- Scripts --> <script src="assets/js/jquery-1.10.2.js"></script> <script src="assets/js/bootstrap.min.js"></script> <script> function getImages(catId) { if (catId === "") { document.getElementById("imageTable").innerHTML = ""; return; } const xhttp = new XMLHttpRequest(); xhttp.onload = function () { document.getElementById("imageTable").innerHTML = this.responseText; }; xhttp.open("GET", "get_images_by_category.php?cat_id=" + catId, true); xhttp.send(); } </script> </body> </html>
Ukuran: 4.5 KB