OverLord Shell
<?php session_start();
if(!isset($_SESSION['company_id']) || !isset($_SESSION['company_name'])){session_destroy();echo "login.php";exit;}
if(!in_array(6,$_SESSION['role'])){echo "404.php";exit;}
if($_SERVER['REQUEST_METHOD']!='POST' || empty($_POST)){echo "404.php";exit;}
require_once("../db/conn.php");
$uid=$_POST['uid'];
$catname=htmlentities($_POST['catname'],ENT_QUOTES);
$oldcatimg=$_POST['oldcatimg'];
$target_dir = "../uploads/category/";
//getting Photo info
$fname=$_FILES['catimg']['name'];
if(!empty($fname)){
$ftype=$_FILES['catimg']['type'];
if($_FILES['catimg']['error']==1){echo "Photo upload error.";exit;}
else{
if($_FILES['catimg']['size'] < 2*1024*1024){
if($ftype=="image/jpeg" || $ftype=="image/pjpeg" || $ftype=="image/gif" || $ftype=="image/png"){
@$ext=explode('.',basename($fname));
@$ext=end($ext);
$filename=explode('.',basename($fname));
array_pop($filename);
$filename=implode('.',$filename);
$catimg=substr(clean($filename),0,20)."-".date('YmdHis').".".$ext;
}
else{echo "Photo type error. Only JPG, PNG and GIF allowed.";exit;}
}
else{echo "Photo size error. Max size is 2 MB.";exit;}
}
}else{$catimg=$oldcatimg;}
$selr=$connection->query("SELECT catid FROM busdir_mst_category WHERE catid!=".$uid." AND categoryname='".$catname."'");
if($selr->num_rows!=0)echo "Duplicate Category Name";
else{
$updateq="UPDATE busdir_mst_category SET categoryname='$catname',category_image='$catimg',modifiedby='".$_SESSION['company_id']."' WHERE catid=".$uid;
$updater=$connection->query($updateq);
if($updater){
if(!empty($fname)){
@unlink($target_dir.$oldcatimg);
@move_uploaded_file($_FILES['catimg']['tmp_name'], $target_dir.$catimg);
}
echo "success";
}
else echo "An unknown error occured. Please try again.";
}
$selr->free();
$connection->close();
?>
xRyukZ - Copyright 2k19