OverLord Shell

Path : G:/PleskVhosts/jaincensus.com/macciaweb.ultraliant.com/businessforum/
File Upload :
Current File : G:/PleskVhosts/jaincensus.com/macciaweb.ultraliant.com/businessforum/companyedit_save.php

<?php 
/*
@Purpose: Edit Comapny details
@Author: Rajahree
@CreatedOn: 7 April 2016
@ModifiedOn: 7 April 2016
*/
error_reporting(0);
session_start();
include_once("db/conn.php");

$loggedin = (!empty($_SESSION['loggedin'])) ? $_SESSION['loggedin'] : null;
$companyid = (!empty($_SESSION['company_id'])) ? $_SESSION['company_id'] : null;
$companyname = (!empty($_SESSION['company_name'])) ? $_SESSION['company_name'] : null;

isAuthorized($companyid ,$companyname,$loggedin);

$company_id=$_POST['company_id'];
$company_name=htmlentities($_POST['company_name'],ENT_QUOTES);
$company_website=htmlentities($_POST['company_website'],ENT_QUOTES);
$company_ceoname=htmlentities($_POST['company_ceoname'],ENT_QUOTES);
$company_address=htmlentities($_POST['company_address'],ENT_QUOTES);
$company_state=$_POST['company_state'];
$company_district=$_POST['company_district'];
$company_pinno=$_POST['company_pinno'];
$company_phone=$_POST['company_phone'];
$company_fax=$_POST['company_fax'];
$company_email=$_POST['company_email'];
$company_enquiry_email=$_POST['company_enquiry_email'];
$company_mobile=$_POST['company_mobile'];
$contact_person_name=$_POST['contact_person_name'];
$contact_person_phone=$_POST['contact_person_phone'];
$contact_person_email=$_POST['contact_person_email'];


$target_dir = "uploads/";
//code to upload logo
/*if(!empty($_FILES["company_logo_path"]["name"]))
{
	 $target_logo_file = $target_dir ."company_logo/".time()."_".clean($company_name)."_".basename($_FILES["company_logo_path"]["name"]);
	if (move_uploaded_file($_FILES["company_logo_path"]["tmp_name"], $target_logo_file)) {
    } else {
        echo "Sorry, there was an error uploading company logo.";exit;
    }
}
else
{
 	$target_logo_file = $_POST["old_company_logo_path"];
}*/


if(!empty($_FILES["company_logo_path"]["name"]))
{
	  $target_logo_file = $target_dir ."company_logo/".time()."_".clean($company_name)."_".basename($_FILES["company_logo_path"]["name"]);
	
	
		if($_FILES["company_logo_path"]['size'] < 2*1024*1024){
			//@unlink($_POST["old_company_logo_path"]);
			@move_uploaded_file($_FILES["company_logo_path"]["tmp_name"], $target_logo_file);
			
		$updateq0="UPDATE busdir_mst_company 
	SET  company_logo_path = '$target_logo_file'	
		 WHERE company_id=".$company_id;;
			$updater0=$connection->query($updateq0);
		}
		else
		{
			echo "Image size error. Max size is 2 MB.";
			exit;
		}
}
else
{
 	$target_logo_file = $_POST["old_company_logo_path"];
}



//code to upload banner
if(!empty($_FILES["company_banner_path"]["name"]))
{
	
	$target_banner_file = $target_dir ."company_banner/".time()."_".clean($company_name)."_".basename($_FILES["company_banner_path"]["name"]);

	/*if (move_uploaded_file($_FILES["company_banner_path"]["tmp_name"], $target_banner_file)) {
    } else {
        echo "Sorry, there was an error uploading company banner.";exit;
    }*/
	
	if($_FILES["company_banner_path"]['size'] < 2*1024*1024){
			//@unlink($_POST["old_company_banner_path"]);
			@move_uploaded_file($_FILES["company_banner_path"]["tmp_name"], $target_banner_file);
			
		 $updateq0="UPDATE busdir_mst_company 
	SET  company_banner_path = '$target_banner_file'	
		 WHERE company_id=".$company_id;;
			$updater0=$connection->query($updateq0);
		}
		else
		{
			echo "Image size error. Max size is 2 MB.";
			exit;
		}
}
else
{
 	$target_banner_file = $_POST["old_company_banner_path"];
}

$selr=$connection->query("SELECT company_email FROM busdir_mst_company WHERE company_id!=".$company_id." AND company_email='".$company_email."'");
if($selr->num_rows!=0)echo "Duplicate company email";
else{
$updateq="UPDATE busdir_mst_company 
	SET 
	company_name='$company_name',
	company_address='$company_address',
	company_state='$company_state',
	company_district='$company_district',
	company_pinno='$company_pinno',
	contact_person_name='$contact_person_name',
	contact_person_phone='$contact_person_phone',
	contact_person_email='$contact_person_email',
	company_phone='$company_phone',
	company_mobile='$company_mobile',
	company_fax='$company_fax',
	company_enquiry_email='$company_enquiry_email',
	company_ceoname='$company_ceoname',
	company_website='$company_website',
	company_logo_path = '$target_logo_file',
	company_banner_path = '$target_banner_file',
	modifiedby='".$_SESSION['company_id']."' 
	WHERE company_id=".$company_id;
	$updater=$connection->query($updateq);
	if($updater)echo "success";
	else echo "An unknown error occured. Please try again.";
}
$selr->free();
$connection->close();
?>

xRyukZ - Copyright 2k19