OverLord Shell

Path : G:/PleskVhosts/jaincensus.com/macciaweb.ultraliant.com/businessforum/
Current File : G:/PleskVhosts/jaincensus.com/macciaweb.ultraliant.com/businessforum/categoryedit_save.php
<?php session_start();
if(!isset($_SESSION['company_id']) || !isset($_SESSION['company_name'])){session_destroy();echo "login.php";exit;}
if(!in_array(6,$_SESSION['role'])){echo "404.php";exit;}
if($_SERVER['REQUEST_METHOD']!='POST' || empty($_POST)){echo "404.php";exit;}
require_once("../db/conn.php");

$uid=$_POST['uid'];
$catname=htmlentities($_POST['catname'],ENT_QUOTES);

$oldcatimg=$_POST['oldcatimg'];

$target_dir = "../uploads/category/";

//getting Photo info
$fname=$_FILES['catimg']['name'];
if(!empty($fname)){
	$ftype=$_FILES['catimg']['type'];
	if($_FILES['catimg']['error']==1){echo "Photo upload error.";exit;}
	else{
		if($_FILES['catimg']['size'] < 2*1024*1024){
			if($ftype=="image/jpeg" || $ftype=="image/pjpeg" || $ftype=="image/gif" || $ftype=="image/png"){
				@$ext=explode('.',basename($fname));
				@$ext=end($ext);
				$filename=explode('.',basename($fname));
				array_pop($filename);
				$filename=implode('.',$filename);
				$catimg=substr(clean($filename),0,20)."-".date('YmdHis').".".$ext;
			}
			else{echo "Photo type error. Only JPG, PNG and GIF allowed.";exit;}
		}
		else{echo "Photo size error. Max size is 2 MB.";exit;}
	}
}else{$catimg=$oldcatimg;}

$selr=$connection->query("SELECT catid FROM busdir_mst_category WHERE catid!=".$uid." AND categoryname='".$catname."'");
if($selr->num_rows!=0)echo "Duplicate Category Name";
else{
	$updateq="UPDATE busdir_mst_category SET categoryname='$catname',category_image='$catimg',modifiedby='".$_SESSION['company_id']."' WHERE catid=".$uid;
	$updater=$connection->query($updateq);
	if($updater){
		if(!empty($fname)){
			@unlink($target_dir.$oldcatimg);
			@move_uploaded_file($_FILES['catimg']['tmp_name'], $target_dir.$catimg);
		}
		echo "success";
	}
	else echo "An unknown error occured. Please try again.";
}
$selr->free();
$connection->close();
?>