| Server IP : 192.169.170.185 / Your IP : 216.73.216.97 Web Server : Apache System : Linux p3plmcpnl495852.prod.phx3.secureserver.net 4.18.0-553.52.1.lve.el8.x86_64 #1 SMP Wed May 21 15:31:29 UTC 2025 x86_64 User : akhilnew ( 1712764) PHP Version : 5.6.40 Disable Function : NONE MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /home/akhilnew/public_html/medicinepaper.net/admin/inc/ |
Upload File : |
<?php
if($option === 'delete' OR $option === 'enabled' OR $option === 'disabled'):
if(count($dataid) == 0):
die(output('Nothing selected.'));
endif;
if($option === 'delete'):
foreach($dataid as $id):
$stmt = $mysqli->prepare("DELETE FROM $table WHERE $firstcol = ? LIMIT 1") or die(output($mysqli->error));
$stmt->bind_param('i', $id);
$stmt->execute();
$stmt->close();
endforeach;
die(output(array('text' => 'Content has been deleted.', 'stat' => TRUE)));
elseif($option === 'enabled' OR $option === 'disabled'):
foreach($dataid as $id):
$stmt = $mysqli->prepare("UPDATE $table SET status = ? WHERE $firstcol = ? LIMIT 1") or die(output($mysqli->error));
$stmt->bind_param('si', $option, $id);
$stmt->execute();
endforeach;
die(output(array('text' => 'Selected element has been marked as '.$option.'.', 'stat' => TRUE)));
else:
die(output('No valid action found.'));
endif;
elseif($option === 'add' OR ($option === 'edit' && $dataid)):
$category = $fn->escape($_POST['category']);
$text = $fn->escape($_POST['text']);
$link = $fn->escape($_POST['link']);
$rel = $fn->escape($_POST['rel']);
$target = $fn->escape($_POST['target']);
$catsortnumber = $fn->escape($_POST['catsortnumber']);
$creation = date('Y-m-d H:i:s');
if(empty($category)):
die(output('Please enter category.'));
elseif(empty($text)):
die(output('Please enter text.'));
elseif(empty($link)):
die(output('Please enter link.'));
else:
if($option === 'add'):
$stmt = $mysqli->prepare("SELECT COUNT(*) as count_rows, catsortnumber, MAX(sortnumber) AS esortnumber FROM $table WHERE category = ?") or die(output($mysqli->error));
$stmt->bind_param('s', $category);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($count_rows, $ecatsortnumber, $esortnumber);
$stmt->fetch();
$stmt->close();
if($count_rows > 0):
$catsortnumber = $ecatsortnumber;
$sortnumber = $esortnumber + 1;
else:
if(empty($catsortnumber) && strlen($catsortnumber) == 0):
die(output('Please enter category sort number.'));
endif;
$sortnumber = 1;
endif;
$stmt = $mysqli->prepare("INSERT INTO $table(category, text, link, rel, target, catsortnumber, sortnumber, creation) VALUES(?, ?, ?, ?, ?, ?, ?, ?)") or die(output($mysqli->error));
$stmt->bind_param('ssssssss', $category, $text, $link, $rel, $target, $catsortnumber, $sortnumber, $creation);
$e = $stmt->execute();
$stmt->close();
$mysqli->close();
if($e):
die(output(array('text' => 'Content has been added.', 'stat' => TRUE)));
else:
die(output('Content has not been added.'));
endif;
elseif($option === 'edit'):
$sortnumber = $fn->escape($_POST['sortnumber']);
if(empty($catsortnumber) && strlen($catsortnumber) == 0):
die(output('Please enter category sort number.'));
elseif(empty($sortnumber) && strlen($sortnumber) == 0):
die(output('Please enter sort number.'));
else:
$stmt = $mysqli->prepare("UPDATE $table SET category = ?, text = ?, link = ?, rel = ?, target = ?, catsortnumber = ?, sortnumber = ? WHERE $firstcol = ? LIMIT 1") or die(output($mysqli->error));
$stmt->bind_param('sssssssi', $category, $text, $link, $rel, $target, $catsortnumber, $sortnumber, $dataid);
$e = $stmt->execute();
$stmt->close();
$mysqli->close();
if($e):
die(output(array('text' => 'Your changes have been saved.', 'stat' => TRUE)));
else:
die(output('Your changes have not been saved.'));
endif;
endif;
else:
die(output('No valid action found.'));
endif;
endif;
else:
die(output('No valid action found.'));
endif;
?>