Psyduck - 可達鴨 之 鴨力山大 v0.1
| Current File : /home/irplbiz/public_html/universalleather/admin/add_forecast.php |
<?php
session_start();
include('includes/config.php');
$SQL2 = "SELECT * FROM `".$ptr."product` WHERE id='".$_REQUEST['id']."' OR id='".$_REQUEST['eid']."'";
$RS2 = mysql_query($SQL2);
$RES2 = mysql_fetch_array($RS2);
if($_SESSION['loggedin']==1)
{
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link href="css/style.css" rel="stylesheet" type="text/css" />
<title>Welcome to Our Website::Admin Panel</title>
</head>
<?php
$msg = "";
if($_POST['Submit']=='Add')
{
set_time_limit(0);
define ("MAX_SIZE","1000");
define ("WIDTH","208");
define ("HEIGHT","110");
function make_thumb($img_name,$filename,$new_w,$new_h){
$ext=getExtension($img_name);
if(!strcmp("jpg",$ext) || !strcmp("jpeg",$ext))
$src_img=imagecreatefromjpeg($img_name);
if(!strcmp("png",$ext))
$src_img=imagecreatefrompng($img_name);
if(!strcmp("gif",$ext))
$src_img=imagecreatefromgif($img_name);
$old_x=imageSX($src_img);
$old_y=imageSY($src_img);
$ratio1=$old_x/$new_w;
$ratio2=$old_y/$new_h;
if($ratio1>$ratio2) {
$thumb_w=$new_w;
$thumb_h=$old_y/$ratio1;
}else{
$thumb_h=$new_h;
$thumb_w=$old_x/$ratio2;
}
$dst_img=ImageCreateTrueColor($thumb_w,$thumb_h);
imagecopyresampled($dst_img,$src_img,0,0,0,0,$thumb_w,$thumb_h,$old_x,$old_y);
if(!strcmp("png",$ext))
imagepng($dst_img,$filename);
else
imagejpeg($dst_img,$filename);
if (!strcmp("gif",$ext))
imagegif($dst_img,$filename);
imagedestroy($dst_img);
imagedestroy($src_img);
}
function getExtension($str) {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$ext = substr($str,$i+1,$l);
return $ext;
}
$errors=0;
$image=$_FILES['image']['name'];
if ($image)
{
$filename = stripslashes($_FILES['image']['name']);
$extension = getExtension($filename);
$extension = strtolower($extension);
if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif")) {
echo 'Unknown extension! Please use .gif, .jpg or .png files only.';
$errors=1;
}else{
$size=getimagesize($_FILES['image']['tmp_name']);
$sizekb=filesize($_FILES['image']['tmp_name']);
if ($sizekb > MAX_SIZE*1024)
{
echo 'You have exceeded the 1MB size limit!';
$errors=1;
}
$timestamp = time().rand(1,1000);
$galleryImageBefore1 = $timestamp . "." . $extension ;
$galleryThumbBefore1 = $timestamp . "." . $extension ;
$consname="gallery/big/" . $galleryImageBefore1 ;
$consname2="gallery/thumb/" . $galleryThumbBefore1 ;
$copied = copy($_FILES['image']['tmp_name'], $consname);
$copied = copy($_FILES['image']['tmp_name'], $consname2);
if (!$copied) {
$errors=1;
}else{
$thumb_name=$consname2 ;
$thumb=make_thumb($consname,$thumb_name,WIDTH,HEIGHT);
}
}
}
$sql="INSERT INTO `".$ptr."product`(`id`,`title`,`details`,`monthly`,`image`,`date`,`sunsign`,`category`)
values('','".$_POST['iname']."','".addslashes($_POST['desc'])."','".addslashes($_POST['monthly'])."','$galleryThumbBefore1','".$_POST['dob']."','".$_POST['sunsign']."','".$_POST['category']."')";
$ins = mysql_query($sql) or die("Cannot Add...".mysql_error());
$msg = "Added Successfully";
}
if($_POST['Submit']=='Edit')
{
set_time_limit(0);
define ("MAX_SIZE","1000");
define ("WIDTH","150");
define ("HEIGHT","150");
function make_thumb($img_name,$filename,$new_w,$new_h){
$ext=getExtension($img_name);
if(!strcmp("jpg",$ext) || !strcmp("jpeg",$ext))
$src_img=imagecreatefromjpeg($img_name);
if(!strcmp("png",$ext))
$src_img=imagecreatefrompng($img_name);
if(!strcmp("gif",$ext))
$src_img=imagecreatefromgif($img_name);
$old_x=imageSX($src_img);
$old_y=imageSY($src_img);
$ratio1=$old_x/$new_w;
$ratio2=$old_y/$new_h;
if($ratio1>$ratio2) {
$thumb_w=$new_w;
$thumb_h=$old_y/$ratio1;
}else{
$thumb_h=$new_h;
$thumb_w=$old_x/$ratio2;
}
$dst_img=ImageCreateTrueColor($thumb_w,$thumb_h);
imagecopyresampled($dst_img,$src_img,0,0,0,0,$thumb_w,$thumb_h,$old_x,$old_y);
if(!strcmp("png",$ext))
imagepng($dst_img,$filename);
else
imagejpeg($dst_img,$filename);
if (!strcmp("gif",$ext))
imagegif($dst_img,$filename);
imagedestroy($dst_img);
imagedestroy($src_img);
}
function getExtension($str) {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$ext = substr($str,$i+1,$l);
return $ext;
}
$errors=0;
$image=$_FILES['image']['name'];
if ($image)
{
$filename = stripslashes($_FILES['image']['name']);
$extension = getExtension($filename);
$extension = strtolower($extension);
if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif")) {
echo 'Unknown extension! Please use .gif, .jpg or .png files only.';
$errors=1;
}else{
$size=getimagesize($_FILES['image']['tmp_name']);
$sizekb=filesize($_FILES['image']['tmp_name']);
if ($sizekb > MAX_SIZE*1024)
{
echo 'You have exceeded the 1MB size limit!';
$errors=1;
}
$timestamp = time().rand(1,1000);
$galleryImageBefore1 = $timestamp . "." . $extension ;
$galleryThumbBefore1 = $timestamp . "." . $extension ;
$consname="gallery/big/" . $galleryImageBefore1 ;
$consname2="gallery/thumb/" . $galleryThumbBefore1 ;
$copied = copy($_FILES['image']['tmp_name'], $consname);
$copied = copy($_FILES['image']['tmp_name'], $consname2);
if (!$copied) {
echo 'Copy unsuccessfull!';
$errors=1;
}else{
$thumb_name=$consname2 ;
$thumb=make_thumb($consname,$thumb_name,WIDTH,HEIGHT);
}
}
$image = $galleryThumbBefore1;
}
else
{
$image = $RES2['image'];
}
$sql = "UPDATE `".$ptr."product` SET
`title` = '".$_POST['iname']."',
`details` = '".addslashes($_POST['desc'])."',
`monthly` = '".addslashes($_POST['monthly'])."',
`image` = '".$image."',
`date` = '".$_POST['dob']."',
`category` = '".$_POST['category']."',
`sunsign` = '".$_REQUEST['sunsign']."'
WHERE `id` = '".$_REQUEST['eid']."'";
$ins = mysql_query($sql) or die("Cannot Edit...".mysql_error());
$msg = "Edited Successfully";
echo "<script>window.location.href='add_forecast.php';</script>";
}
?>
<body>
<script language="JavaScript" src="calendar_db.js"></script>
<link rel="stylesheet" href="calendar.css" />
<div class="main">
<div class="inner-panel">
<table width="978" border="0" cellspacing="0" cellpadding="0" align="center" >
<?php include('includes/header.php'); ?>
<tr>
<td width="200"> </td>
<td align="right" width="10"> </td>
<td align="right" width="768"> </td>
</tr>
<tr>
<td width="200" valign="top"><?php include('includes/sidebar.php'); ?></td>
<td width="10" style="background-color:none;"> </td>
<td width="768" bgcolor="#FFFFFF" valign="top" align="right">
<table width="97%" border="0" align="left" cellpadding="0" cellspacing="0" bgcolor="#fff" style="padding:0px; margin:2px 10px;">
<tr>
<td align="center" style="color: green; font-weight: bold;">
<?php echo $msg; ?> </td>
</tr>
<?php if(isset($_REQUEST['eid']) && $_REQUEST['eid']!='') { ?>
<tr>
<td colspan="4" style="background:#0dbad9; font-size:18px; color:#FFFFFF; padding:10px 0 10px 10px; margin-bottom:7px;"><span class="style3"> Edit Forecast</span></td></tr>
<tr><td><form action="" method="post" name="frm" enctype="multipart/form-data">
<table width="100%">
<tr>
<td><table width="100%">
<tr>
<td style="border:1px dotted #ccc;">Product Name</td>
<td style="border:1px dotted #ccc;"><input type="text" name="iname" id="iname" value="<?php echo $RES2['title'];?>" /></td>
</tr>
<tr>
<td style="border:1px dotted #ccc;">Description</td>
<td style="border:1px dotted #ccc;"><textarea name="desc" id="desc"><?php echo $RES2['details'];?></textarea></td>
</tr>
<!--<tr>
<td style="border:1px dotted #ccc;">Monthly Prediction</td>
<td style="border:1px dotted #ccc;"><textarea name="monthly" id="monthly"><?php echo $RES2['monthly'];?></textarea></td>
</tr>-->
<!-- <tr>
<td style="border:1px dotted #ccc;">Date</td>
<td style="border:1px dotted #ccc;"><input name="dob" id="dob" class="tcal" type="text" value="<?php echo $RES2['date']; ?>" style="width:200px" /><script language="JavaScript">
new tcal ({
// form name
'formname': 'frm',
// input name
'controlname': 'dob'
});
</script> </td>
</tr>-->
<!--<tr>
<td style="border:1px dotted #ccc;"> Month</td>
<td style="border:1px dotted #ccc;"><input type="text" name="month" id="month" value="<?php echo $RES2['month'];?>" /></td>
</tr>-->
<tr>
<td style="border:1px dotted #ccc;">Category</td>
<td style="border:1px dotted #ccc;"><select name="category" id="category">
<option value="0">-select category-</option>
<?php
$catSQL = "SELECT * FROM `ln_tbl_category` ORDER by cat_id DESC";
$result = mysql_query($catSQL);
while($resultSet = mysql_fetch_array($result)) {
?>
<option value="<?php echo $resultSet['cat_id']; ?>" <?php if($resultSet['cat_id']==$RES2['category']) { ?> selected="selected" <?php } else {} ?>><?php echo $resultSet['name']; ?></option>
<?php } ?>
</select> </td>
</tr>
<tr>
<td style="border:1px dotted #ccc;">Image</td>
<td style="border:1px dotted #ccc;"><input type="file" name="image" value="<?php echo $RES2['image'];?>"/><img src="gallery/thumb/<?php echo $RES2['image'];?>" style="width: 50px;" /></td>
</tr>
<!-- <tr>
<td style="border:1px dotted #ccc;">Sunsign :</td>
<td style="border:1px dotted #ccc;"> <input type="text" name="sunsign" value="<?php echo $RES2['sunsign'];?>" /></td>
</tr>-->
<tr>
<td style="border:1px dotted #ccc;"> </td>
<td style="border:1px dotted #ccc;"><input name="Submit" type="submit" class="submit1" value="Edit" style="width:185px;"/></td>
</tr>
</table></td>
</tr>
</table>
</form>
<?php } else { ?>
<tr>
<td colspan="4" style="background:#0dbad9; font-size:18px; color:#FFFFFF; padding:10px 0 10px 10px; margin-bottom:7px;"><span class="style3"> Add Products</span></td></tr>
<tr><td><form action="" method="post" name="frm" enctype="multipart/form-data">
<table width="100%">
<tr>
<td><table width="100%">
<tr>
<td style="border:1px dotted #ccc;">Product Name</td>
<td style="border:1px dotted #ccc;"><input type="text" name="iname" id="iname" value="" /></td>
</tr>
<tr>
<td style="border:1px dotted #ccc;"> Category : * </td>
<td>
<select name="category" style="width:207px">
<option value="0">-select category-</option>
<?php
$catSQL = "SELECT * FROM `ln_tbl_category` ORDER by cat_id DESC";
$result = mysql_query($catSQL);
while($resultSet = mysql_fetch_array($result)) {
?>
<option value="<?php echo $resultSet['cat_id']; ?>"><?php echo $resultSet['name']; ?></option>
<?php
$catChildSQL = "SELECT * FROM `".$ptr."categories` WHERE `status` = 1 AND `parent` = ".$resultSet['cat_id']."";
$resultChild = mysql_query($catChildSQL);
if(mysql_num_rows($resultChild)) {
while($resultSetChild = mysql_fetch_array($resultChild)) {
?>
<option value="<?php echo $resultSetChild['cat_id']; ?>"> <?php echo $resultSetChild['name']; ?></option>
<?php
$catChildSQL2 = "SELECT * FROM `".$ptr."categories` WHERE `status` = 1 AND `parent` = ".$resultSetChild['cat_id']."";
$resultChild2 = mysql_query($catChildSQL2);
if(mysql_num_rows($resultChild2)) {
while($resultSetChild2 = mysql_fetch_array($resultChild2)) {
?>
<option value="<?php echo $resultSetChild2['cat_id']; ?>"> <?php echo $resultSetChild2['name']; ?></option>
<?php
}
}
}
}
}
?>
</select> </td>
</tr>
<tr>
<td style="border:1px dotted #ccc;"> Description</td>
<td style="border:1px dotted #ccc;"><textarea name="desc" id="desc"></textarea></td>
</tr>
<!-- <tr>
<td style="border:1px dotted #ccc;">Monthly Prediction</td>
<td style="border:1px dotted #ccc;"><textarea name="monthly" id="monthly"></textarea></td>
</tr>-->
<tr>
<td style="border:1px dotted #ccc;">Image</td>
<td style="border:1px dotted #ccc;"><input type="file" name="image" value=""/></td>
</tr>
<!-- <tr>
<td style="border:1px dotted #ccc;">Sunsign :</td>
<td style="border:1px dotted #ccc;"> <input type="text" name="sunsign" value="" /></td>
</tr>-->
<tr>
<td style="border:1px dotted #ccc;"> </td>
<td style="border:1px dotted #ccc;"><input name="Submit" type="submit" class="submit1" value="Add" style="width:185px;"/></td>
</tr>
</table></td>
</tr>
</table>
</form>
<?php } ?>
<table width="100%">
<tr>
<td><table width="100%">
<tr>
<td colspan="6" style="background:#0dbad9; font-size:18px; color:#FFFFFF; padding:5px 0 5px 10px; margin-bottom:7px;"><span class="style3">View Products</span></td></tr>
<td colspan="6"> </td>
</tr>
<tr align="center">
<td width="25%" style="border:1px dotted #ccc;"><b>Title</b></td>
<!--<td width="25%" style="border:1px dotted #ccc;"><b>Month</b></td>-->
<td width="15%" style="border:1px dotted #ccc;"><b>Image</b></td>
<td width="15%" style="border:1px dotted #ccc;"><b>Action</b></td>
</tr>
<?php $SQL = "SELECT * FROM `".$ptr."product`";
$RS = mysql_query($SQL);
while($RES = mysql_fetch_array($RS)) {
?>
<tr align="center">
<td style="border:1px dotted #ccc;"><?php echo $RES['title'];?></td>
<!--<td style="border:1px dotted #ccc;"><?php echo $RES['month'];?></td>-->
<td style="border:1px dotted #ccc;"><img src="gallery/thumb/<?php echo $RES['image'];?>" style="width: 60px;" /></td>
<td style="border:1px dotted #ccc;"><div align="center"> <a href="delete_forecast.php?id=<?php echo $RES["id"];?>"><img src="images/del.png" onClick="return confirm('Do you want to delete this Photo?');" ></a> <a href="add_forecast.php?eid=<?php echo $RES["id"];?>"><img src="images/edit.png"></a></div></td>
</tr>
<?php } ?>
</table></td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
</div>
</div>
</body>
</html>
<?php
}
else
{
header("location:index.php");
}
?>