OverLord Shell

Path : G:/PleskVhosts/jaincensus.com/macciaweb.ultraliant.com/businessforum/
File Upload :
Current File : G:/PleskVhosts/jaincensus.com/macciaweb.ultraliant.com/businessforum/productadd_save.php

<?php 
/*
@Purpose: add company into database
@Author: Rajahree
@CreatedOn: 6 April 2016
@ModifiedOn: 6 April 2016
*/
error_reporting(0);
session_start();
if(!isset($_SESSION['company_id']) || !isset($_SESSION['company_name'])){session_destroy();echo "login.php";exit;}
if(!in_array($_SESSION['loggedin_user'],array('admin','company'))){echo "404.php";exit;}
if($_SERVER['REQUEST_METHOD']!='POST' || empty($_POST)){echo "404.php";exit;}
require_once("../db/conn.php");

$selr=$connection->query("SELECT product_id FROM busdir_product WHERE product_name='".$_POST['product_name']."' AND company_id=".$_POST['company_id']);
if($selr->num_rows!=0)echo "Duplicate Product Name";
else{

	$target_dir = "../uploads/products/";

	//getting Photo info
	$fname=$_FILES['product_photo']['name'];
	if(!empty($fname)){
		$ftype=$_FILES['product_photo']['type'];
		if($_FILES['product_photo']['error']==1){echo "Photo upload error.";exit;}
		else{
			if($_FILES['product_photo']['size'] < 2*1024*1024){
				if($ftype=="image/jpeg" || $ftype=="image/pjpeg" || $ftype=="image/gif" || $ftype=="image/png"){
					@$ext=explode('.',basename($fname));
					@$ext=end($ext);
					$uploadprodimg[0]=$_SESSION['company_id']."-prod-".date('YmdHis').".".$ext;
				}
				else{echo "Photo type error. Only JPG, PNG and GIF allowed.";exit;}
			}
			else{echo "Photo size error. Max size is 2 MB.";exit;}
		}
	}else{echo "Please upload a Photo.";exit;}

	//getting catlog info
	$uploadcatlog[0]=NULL;
	$fname2=$_FILES['catlog']['name'];
	if(!empty($fname2)){
		$ftype2=$_FILES['catlog']['type'];
		if($_FILES['catlog']['error']==1){echo "Photo upload error.";exit;}
		else{
			if($_FILES['catlog']['size'] < 2*1024*1024){
				//if($ftype2=="image/jpeg" || $ftype2=="image/pjpeg" || $ftype2=="image/gif" || $ftype2=="image/png"){
					@$ext2=explode('.',basename($fname2));
					@$ext2=end($ext2);
					$uploadcatlog[0]=$_SESSION['company_id']."-catlog-".date('YmdHis').".".$ext2;
				/*}
				else{echo "Photo type error. Only JPG, PNG and GIF allowed.";exit;}*/
			}
			else{echo "Photo size error. Max size is 2 MB.";exit;}
		}
	}

	/*$uploadcatlog = uploadFile('catlog',"../uploads/product_catlog/",'jpg,jpeg,gif,png,pdf,txt,doc');
	if(!empty($uploadfile[1])){
		echo $uploadfile[1];exit;
	}

	$uploadprodimg = uploadFile('product_photo',"../uploads/product_photo/",'jpg,jpeg,gif,png');
	if(!empty($uploadprodimg[1])){
		echo $uploadprodimg[1];exit;
	}*/

	$discounted_price=$_POST['discounted_price'];
	if(empty($_POST['discounted_price']))$discounted_price=NULL;
	$description= htmlentities($_POST['description'],ENT_QUOTES);
	if(empty($_POST['description']))$description=NULL;

	$data = array(
		'product_name' => $_POST['product_name'],
		'company_id' => $_POST['company_id'],
		'catid' => $_POST['catid'],
		'subcatid' => $_POST['subcatid'],
		'catlog' => $uploadcatlog[0],
		'price' => $_POST['price'],
		'discounted_price' => $discounted_price,
		'description' => $description,
		'createdby' => $_SESSION['company_id'],
		'createdon' => date('Y-m-d H:i:s')
	);

	$insertresult = dbRowInsert('busdir_product', $data);
	$insertresultarr = explode("-",$insertresult);
	if($insertresultarr[0] == 'success'){
		$photo_data = array(
			'product_id' => $insertresultarr[1],
			'photo_path' => $uploadprodimg[0],
			'featured' => 'y'
		);

		$insert_photo_result = dbRowInsert('busdir_product_photo', $photo_data);
		$insert_photo_resultarr = explode("-",$insert_photo_result);
		if($insert_photo_resultarr[0] == 'success'){//all success, moving catlog and photo to folder
			//@move_uploaded_file($_FILES['product_photo']['tmp_name'], $target_dir.$uploadprodimg[0]);
			if(@move_uploaded_file($_FILES['product_photo']['tmp_name'], $target_dir.$uploadprodimg[0])){
				//Get width and height of original image & creating thumbnail
				$size=getimagesize($target_dir.$uploadprodimg[0]);
				$origWidth=$size[0];
				$origHeight=$size[1];
				if($origWidth>200 && $origHeight>200){
					//Change dimensions
					$aspectratio=$origWidth/$origHeight;
					if($aspectratio>1){
						$resizedWidth=200;
						$resizedHeight=round(($resizedWidth * $origHeight) / $origWidth);
					}
					else{
						$resizedHeight=200;
						$resizedWidth=round(($resizedHeight * $origWidth) / $origHeight);
					}
					//Load the source image
					if($ftype=="image/jpeg" || $ftype=="image/pjpeg") $imageSource=imagecreatefromjpeg($target_dir.$uploadprodimg[0]);
					if($ftype=="image/gif") $imageSource=imagecreatefromgif($target_dir.$uploadprodimg[0]);
					if($ftype=="image/png") $imageSource=imagecreatefrompng($target_dir.$uploadprodimg[0]);
					
					$imageOutput=imagecreatetruecolor($resizedWidth, $resizedHeight);
					$result=imagecopyresampled($imageOutput, $imageSource, 0, 0, 0, 0, $resizedWidth, $resizedHeight, $origWidth, $origHeight);
					//Write out the image file with the quality value
					$imagePath="../uploads/products/thumbs/".$uploadprodimg[0];
					if($ftype=="image/jpeg" || $ftype=="image/pjpeg")$result=imagejpeg($imageOutput, $imagePath, 70);
					elseif($ftype=="image/gif")$result=imagegif($imageOutput, $imagePath, 70);
					elseif($ftype=="image/png")$result=imagepng($imageOutput, $imagePath, 70);
				}
				else{
					@copy($target_dir.$uploadprodimg[0],$target_dir."thumbs/".$uploadprodimg[0]);
				}
			}
			@move_uploaded_file($_FILES['catlog']['tmp_name'], $target_dir.$uploadcatlog[0]);
		}
		else{//failed in product photo, deleting product entry
			dbRowDelete('busdir_product', 'product_id', $insertresultarr[1]);
		}
		//printing message
		echo $insert_photo_resultarr[0];
	}
}
$selr->free();
$connection->close();
?>

xRyukZ - Copyright 2k19