| Server IP : 192.169.170.185 / Your IP : 216.73.216.97 Web Server : Apache System : Linux p3plmcpnl495852.prod.phx3.secureserver.net 4.18.0-553.52.1.lve.el8.x86_64 #1 SMP Wed May 21 15:31:29 UTC 2025 x86_64 User : akhilnew ( 1712764) PHP Version : 5.6.40 Disable Function : NONE MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /home/akhilnew/public_html/journalofpoliticalscience.com/admin/inc/ |
Upload File : |
<?php
require_once($table.'.functions.php');
if($option === 'delete'):
if($idcount > 0):
for($i = 0; $i < $idcount; $i++):
$id = $dataid[$i];
$stmt = $mysqli->prepare("SELECT picture, resume FROM $table WHERE $firstcol = ? LIMIT 1") or die(output($mysqli->error));
$stmt->bind_param('i', $id);
$stmt->execute();
$stmt->store_result();
$count_rows = $stmt->num_rows();
$stmt->bind_result($picture, $resume);
$stmt->fetch();
$stmt->close();
if($count_rows > 0):
$stmt = $mysqli->prepare("DELETE FROM $table WHERE $firstcol = ? LIMIT 1") or die(output($mysqli->error));
$stmt->bind_param('i', $id);
$e = $stmt->execute();
$stmt->close();
if($e):
if($picture && file_exists($uploadpath.$page.'/'.$picture)):
@unlink($uploadpath.$page.'/'.$picture);
endif;
if($resume && file_exists($uploadpath.$page.'/'.$resume)):
@unlink($uploadpath.$page.'/'.$resume);
endif;
$text = 'Content has been deleted.';
$stat = TRUE;
else:
die(output('Content has not been deleted.'));
endif;
else:
die(output('Content is not found.'));
endif;
endfor;
die(output(array('text' => $text, 'stat' => $stat)));
else:
die(output('Nothing selected.'));
endif;
elseif($option === 'add' && $dataid):
$category = strip_tags($fn->escape($_POST['category']));
$category = stripslashes(stripcslashes(htmlentities($category, ENT_QUOTES)));
$subcategory= strip_tags($fn->escape($_POST['subcategory']));
$subcategory= stripslashes(stripcslashes(htmlentities($subcategory, ENT_QUOTES)));
$name = strip_tags($fn->escape($_POST['name']));
$name = mb_convert_case($name, MB_CASE_TITLE, 'UTF-8');
$name = stripslashes(stripcslashes(htmlentities($name, ENT_QUOTES)));
$degree = strip_tags($fn->escape($_POST['degree']));
$degree = stripslashes(stripcslashes(htmlentities($degree, ENT_QUOTES)));
$post = strip_tags($fn->escape($_POST['post']));
$post = preg_replace_callback('/[a-zA-Z]+/', 'changecase', $post);
$post = stripslashes(stripcslashes(htmlentities($post, ENT_QUOTES)));
$content = strip_tags($fn->escape($_POST['content']));
$content = preg_replace_callback('/[a-zA-Z]+/', 'changecase', $content);
$content = stripslashes(stripcslashes(htmlentities($content, ENT_QUOTES)));
$email = strip_tags($fn->escape($_POST['email']));
$email = strtolower($email);
$emailshow = isset($_POST['emailshow']) ? $fn->escape($_POST['emailshow']) : 'N';
$phone = strip_tags($fn->escape($_POST['phone']));
$phone = preg_replace('/[^0-9+-,]/', '', $phone);
$phoneshow = isset($_POST['phoneshow']) ? $fn->escape($_POST['phoneshow']) : 'N';
$sendsms = isset($_POST['sendsms']) ? $fn->escape($_POST['sendsms']) : 'N';
$sendemail = isset($_POST['sendemail']) ? $fn->escape($_POST['sendemail']) : 'N';
$certificate= isset($_POST['certificate']) ? $fn->escape($_POST['certificate']) : 'N';
$status = isset($_POST['status']) ? $fn->escape($_POST['status']) : 'disabled';
$creation = date('Y-m-d H:i:s');
if( ! is_dir($uploadpath.'editors')):
@mkdir($uploadpath.'editors');
endif;
$stmt = $mysqli->prepare("SELECT * FROM editors WHERE (name = ? AND content = ? AND email = ?)") or die(output($mysqli->error));
$stmt->bind_param('sss', $name, $content, $email);
$stmt->execute();
$stmt->store_result();
$count_rows = $stmt->num_rows();
$stmt->close();
if(empty($category)):
die(output('Please select category or enter a new category.'));
elseif(empty($name)):
die(output('Please enter editor name.'));
elseif($count_rows > 0):
die(output('This editor is already in editorial board.'));
elseif(empty($content)):
die(output('Please enter content.'));
else:
if($sendemail === 'Y' && empty($email)):
die(output('Please enter email ID to send email.'));
endif;
if($certificate === 'Y' && empty($email)):
die(output('Please enter email ID to send certificate.'));
endif;
if($email && $fn->valid_email($email) === FALSE):
die(output('Please enter a valid email ID.'));
endif;
if($email && method_exists('functions', 'insert_email')):
$fn->insert_email($email);
endif;
if($sendsms === 'Y' && empty($phone)):
die(output('Please enter phone number to send SMS.'));
endif;
if($sendsms === 'Y'):
if($phone):
foreach(explode(',', $phone) as $phone_number):
if(strlen(trim($phone_number)) !== 10 OR !ctype_digit($phone_number)):
die(output('Please enter a valid phone number.'));
endif;
endforeach;
endif;
endif;
$stmt = $mysqli->prepare("SELECT catsortnumber, MAX(sortnumber) FROM editors WHERE category = ? LIMIT 1") or die(output($mysqli->error));
$stmt->bind_param('s', $category);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($ecatsortnumber, $esortnumber);
$stmt->fetch();
$stmt->close();
if($ecatsortnumber):
$catsortnumber = $ecatsortnumber;
$sortnumber = $esortnumber + 1;
else:
$stmt = $mysqli->prepare("SELECT MAX(catsortnumber) FROM editors ORDER BY catsortnumber DESC LIMIT 1") or die(output($mysqli->error));
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($ecatsortnumber);
$stmt->fetch();
$stmt->close();
$catsortnumber = $ecatsortnumber ? $ecatsortnumber + 1 : 1;
$sortnumber = 1;
endif;
$stmt = $mysqli->prepare("SELECT picture, resume FROM $table WHERE $firstcol = ? LIMIT 1") or die(output($mysqli->error));
$stmt->bind_param('i', $dataid);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($epicture, $eresume);
$stmt->fetch();
$stmt->close();
$pictmp = $uploadpath.$page.'/'.$epicture;
if($epicture && file_exists($pictmp)):
$picext = strtolower(pathinfo($pictmp, PATHINFO_EXTENSION));
$newpic = 'IMG_'.date('Ymd_his').'.'.$picext;
if( ! method_exists('functions', 'resize_image')):
die(output('Image resize function doesn\'t exist.'));
endif;
if(in_array($picext, array('jpg', 'jpeg', 'png', 'gif'))):
if( ! $fn->resize_image($picext, $pictmp, $uploadpath.'editors/', $newpic, 128)):
die(output('Image resize function doesn\'t work.'));
endif;
else:
$newpic = '';
endif;
else:
$newpic = '';
endif;
if($email && method_exists('functions', 'insert_email')):
$fn->insert_email($email);
endif;
$pictureshow = 'Y';
$stmt = $mysqli->prepare("INSERT INTO editors(category, subcategory, name, degree, post, content, email, emailshow, phone, phoneshow, picture, pictureshow, catsortnumber, sortnumber, status, creation) VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)") or die(output($mysqli->error));
$stmt->bind_param('ssssssssssssiiss', $category, $subcategory, $name, $degree, $post, $content, $email, $emailshow, $phone, $phoneshow, $newpic, $pictureshow, $catsortnumber, $sortnumber, $status, $creation);
$e = $stmt->execute();
$lastid = $stmt->insert_id;
$stmt->close();
if($e):
if($sendsms === 'Y' && method_exists('functions', 'send_sms')):
$fn->send_sms($phone, 'We have updated our editorial board with your information in '.$websitename);
endif;
if($sendemail === 'Y' && method_exists('sendmail', 'send') && function_exists('SendEmail')):
$isSendCertificate = $certificate === 'Y' ? TRUE : FALSE;
$filename = SendEmail($lastid, $category, $name, $post, $content, $email, date('d-m-Y'), $isSendCertificate);
if(file_exists($filename)):@unlink($filename);endif;
endif;
$stmt = $mysqli->prepare("DELETE FROM $table WHERE $firstcol = ? LIMIT 1") or die(output($mysqli->error));
$stmt->bind_param('i', $dataid);
$stmt->execute();
$stmt->close();
$mysqli->close();
foreach(array($epicture, $eresume) as $file):
if($file && file_exists($uploadpath.$page.'/'.$file)):
@unlink($uploadpath.$page.'/'.$file);
endif;
endforeach;
die(output(array('surl' => $pageurl)));
else:
die(output('Content has not been added.'));
endif;
endif;
elseif($option === 'downloademails'):
$fn->download_emails($dataid);
else:
die(output('No valid action found.'));
endif;
?>