OverLord Shell
<?php
/*
@Purpose: add company into database
@Author: Rajahree
@CreatedOn: 6 April 2016
@ModifiedOn: 6 April 2016
*/
error_reporting(0);
session_start();
if(!isset($_SESSION['company_id']) || !isset($_SESSION['company_name'])){session_destroy();echo "login.php";exit;}
if(!in_array(6,$_SESSION['role'])){echo "404.php";exit;}
if($_SERVER['REQUEST_METHOD']!='POST' || empty($_POST)){echo "404.php";exit;}
require_once("db/conn.php");
$company_name=htmlentities($_POST['company_name'],ENT_QUOTES);
$company_website=htmlentities($_POST['company_website'],ENT_QUOTES);
$company_ceoname=htmlentities($_POST['company_ceoname'],ENT_QUOTES);
$company_address=htmlentities($_POST['company_address'],ENT_QUOTES);
$company_state=$_POST['company_state'];
$company_district=$_POST['company_district'];
$company_pinno=$_POST['company_pinno'];
$company_phone=$_POST['company_phone'];
$company_fax=$_POST['company_fax'];
$company_email=$_POST['company_email'];
$company_mobile=$_POST['company_mobile'];
$contact_person_name=$_POST['contact_person_name'];
$contact_person_phone=$_POST['contact_person_phone'];
$contact_person_email=$_POST['contact_person_email'];
$password=md5($_POST['password']);
$target_dir = "../uploads/company/";
//code to upload logo
$fname1=$_FILES['company_logo_path']['name'];
$target_logo_file = "";
if(!empty($fname1)){
$ftype1=$_FILES['company_logo_path']['type'];
if($_FILES['company_logo_path']['error']==1){echo "Logo upload error.";exit;}
else{
if($_FILES['company_logo_path']['size'] < 2*1024*1024){
if($ftype1=="image/jpeg" || $ftype1=="image/pjpeg" || $ftype1=="image/gif" || $ftype1=="image/png"){
@$ext1=explode('.',basename($fname1));
@$ext1=end($ext1);
$target_logo_file = "logo-".date('YmdHis').$ext;
}
else{echo "Logo type error. Only JPG, PNG and GIF allowed.";exit;}
}
else{echo "Logo size error. Max size is 2 MB.";exit;}
}
}
//code to upload banner
$fname2=$_FILES['company_banner_path']['name'];
$target_banner_file = "";
if(!empty($fname2)){
$ftype2=$_FILES['company_banner_path']['type'];
if($_FILES['company_banner_path']['error']==1){echo "Banner upload error.";exit;}
else{
if($_FILES['company_banner_path']['size'] < 2*1024*1024){
if($ftype2=="image/jpeg" || $ftype2=="image/pjpeg" || $ftype2=="image/gif" || $ftype2=="image/png"){
@$ext2=explode('.',basename($fname2));
@$ext2=end($ext2);
$target_banner_file = "banner-".date('YmdHis').$ext;
}
else{echo "Banner type error. Only JPG, PNG and GIF allowed.";exit;}
}
else{echo "Banner size error. Max size is 2 MB.";exit;}
}
}
$selr=$connection->query("SELECT company_email FROM busdir_mst_company WHERE company_email='".$company_email."'");
if($selr->num_rows!=0)echo "Duplicate Email address";
else{
$addq="INSERT INTO busdir_mst_company(company_name,company_address,company_country,company_state,company_district,company_pinno,contact_person_name,contact_person_phone,contact_person_email,company_phone,company_mobile,company_fax,company_ceoname,company_email,username,password,company_website,company_logo_path,company_banner_path,approved,createdby,createdon) VALUES('$company_name','$company_address','India','$company_state','$company_district','$company_pinno','$contact_person_name','$contact_person_phone','$contact_person_email','$company_phone','$company_mobile','$company_fax','$company_ceoname','$company_email','$company_email','$password','$company_website','$target_logo_file','$target_banner_file','1','".$_SESSION['company_id']."',NOW())";
$addr=$connection->query($addq);
if($addr){
if(!empty($fname1))@move_uploaded_file($_FILES['company_logo_path']['tmp_name'], $target_dir.$target_logo_file);
if(!empty($fname2))@move_uploaded_file($_FILES['company_banner_path']['tmp_name'], $target_dir.$target_banner_file);
echo "success";
}
else echo "An unknown error occured. Please try again.";
}
$selr->free();
$connection->close();
?>
xRyukZ - Copyright 2k19