OverLord Shell

Path : G:/PleskVhosts/jaincensus.com/macciaweb.ultraliant.com/businessforum/

Current File : G:/PleskVhosts/jaincensus.com/macciaweb.ultraliant.com/businessforum/categoryadd_save.php

<?php session_start();
if(!isset($_SESSION['company_id']) || !isset($_SESSION['company_name'])){session_destroy();echo "login.php";exit;}
if(!in_array(6,$_SESSION['role'])){echo "404.php";exit;}
if($_SERVER['REQUEST_METHOD']!='POST' || empty($_POST)){echo "404.php";exit;}
require_once("../db/conn.php");

$catname=htmlentities($_POST['catname'],ENT_QUOTES);

$target_dir = "../uploads/category/";

//getting Photo info
$fname=$_FILES['catimg']['name'];
if(!empty($fname)){
	$ftype=$_FILES['catimg']['type'];
	if($_FILES['catimg']['error']==1){echo "Photo upload error.";exit;}
	else{
		if($_FILES['catimg']['size'] < 2*1024*1024){
			if($ftype=="image/jpeg" || $ftype=="image/pjpeg" || $ftype=="image/gif" || $ftype=="image/png"){
				@$ext=explode('.',basename($fname));
				@$ext=end($ext);
				$filename=explode('.',basename($fname));
				array_pop($filename);
				$filename=implode('.',$filename);
				$catimg=substr(clean($filename),0,20)."-".date('YmdHis').".".$ext;
			}
			else{echo "Photo type error. Only JPG, PNG and GIF allowed.";exit;}
		}
		else{echo "Photo size error. Max size is 2 MB.";exit;}
	}
}else{echo "Please upload a Photo.";exit;}

$selr=$connection->query("SELECT categoryname FROM busdir_mst_category WHERE categoryname='".$catname."'");
if($selr->num_rows!=0)echo "Duplicate Category Name";
else{
	$addq="INSERT INTO busdir_mst_category(categoryname,category_image,createdby,createdon) VALUES('$catname','$catimg','".$_SESSION['company_id']."',NOW())";
	$addr=$connection->query($addq);
	if($addr){
		@move_uploaded_file($_FILES['catimg']['tmp_name'], $target_dir.$catimg);
		echo "success";
	}
	else echo "An unknown error occured. Please try again.";
}
$selr->free();
$connection->close();
?>