OverLord Shell
<?php
/*
@Purpose: add company job into database
@Author: Rajahree
@CreatedOn: 4 May 2016
@ModifiedOn: 4 May 2016
*/
error_reporting(0);
session_start();
include("db/conn.php");
//include_once("header.inc.php");
//include("sidebar.php");
if(!isset($_SESSION['company_id']) || !isset($_SESSION['company_name'])){session_destroy();echo "login.php";exit;}
if(!in_array($_SESSION['loggedin_user'],array('admin','company'))){echo "404.php";exit;}
if($_SERVER['REQUEST_METHOD']!='POST' || empty($_POST)){echo "404.php";exit;}
$news = htmlentities(trim($_POST['news']),ENT_QUOTES);
$fname1=$_FILES['photo']['name'];
$target_logo_file = "";
if(!empty($fname1)){
$ftype1=$_FILES['photo']['type'];
if($_FILES['photo']['error']==1){echo "Logo upload error.";exit;}
else{
if($_FILES['photo']['size'] < 2*1024*1024){
if($ftype1=="image/jpeg" || $ftype1=="image/pjpeg" || $ftype1=="image/gif" || $ftype1=="image/png"){
@$ext1=explode('.',basename($fname1));
@$ext1=end($ext1);
$file_name = date('YmdHis').".".$ext1;
}
else{echo "Logo type error. Only JPG, PNG and GIF allowed.";exit;}
}
else{echo "Logo size error. Max size is 2 MB.";exit;}
}
}else{
$file_name = $_POST['old_image'];
}
$patterns = array();
$patterns[0] = '/([a-zA-Z0-9_\-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)/';
$patterns[1] = '/([0-9]+[\- ]?[0-9]{9}+)/';
$patterns[2] = '/([0-9]{2,}-[0-9]{0,}-[0-9]{0,})/';
$patterns[3] = "/(http|https|ftp|ftps)\:\/\/[a-zA-Z0-9\-\.]+\.[a-zA-Z]{2,3}(\/\S*)?/";
$replacements = array();
$replacements[0] = '';
$replacements[1] = '';
$replacements[2] = '';
$replacements[3] = '';
$string = preg_replace($patterns, $replacements, $news);
$data = array(
'news' => $string,
'photo' => $file_name,
'modifiedby'=>$_SESSION['company_id'],
'modifiedon' => date('Y-m-d H:i:s')
);
//print_r($data);exit;
$insertresult = dbRowUpdate('busdir_mst_news', $data,'news_id = '.$_POST['news_id'].'');
// dbRowUpdate('busdir_mst_jobprofile', $data);
$insertresultarr = explode("-",$insertresult);
if($insertresultarr[0]=='success'){
@move_uploaded_file($_FILES['photo']['tmp_name'], "uploads/news/".$file_name);
echo "success";
}
?>
xRyukZ - Copyright 2k19