ok
Mini Shell
<?php
include "dbconn.php";
include "checklogin.php";
include "function.php";
$datetime=date('Y-m-d H:i:s');
$operation=trim($_POST['operation']);
switch($operation){
case 'Updatepass':
$newpwd=trim($_POST['newpwd']);
$confpwd=trim($_POST['confpwd']);
if(empty($newpwd))
echo "Enter New Password";
elseif(empty($confpwd))
echo 'Confirm Password Enter';
elseif($newpwd!=$confpwd)
echo "New Password and Confirm Password are not same!";
else{
$querycp=mysqli_query($connection,"update admin_login set Admin_Pass='$newpwd' where A_Id='$uappid'");
if($querycp)
echo '1';
else
echo mysqli_error();
}
break;
case 'Addeventcat':
$aw_name=mysqli_real_escape_string($connection,trim($_POST['aw_name']));
if(empty($aw_name))
echo 'Enter Category Name';
else
{
$query=mysqli_query($connection,"select * from award_category where aw_name='$aw_name'");
$num=mysqli_num_rows($query);
if($num<=0)
{
$rst=mysqli_query($connection,"INSERT INTO award_category(aw_name) VALUES('$aw_name')");
if($rst)
echo '1';
else
echo mysqli_error($connection);
}
else
echo "Category already Exist";
}
break;
case 'Updateeventcat':
$editid=trim($_POST['editid']);
$aw_name=mysqli_real_escape_string($connection,trim($_POST['aw_name']));
if(empty($aw_name))
echo 'Enter Category Name';
else
{
$query=mysqli_query($connection,"select * from award_category where aw_name='$aw_name' and aw_id!='$editid'");
$num=mysqli_num_rows($query);
if($num<=0)
{
$rst=mysqli_query($connection,"UPDATE award_category set aw_name = '$aw_name' where aw_id = '$editid'");
if($rst)
echo '1';
else
echo mysqli_error($connection);
}
else
echo "Category already Exist";
}
break;
case 'Deleteeventcat1':
$editid=trim($_POST['editid']);
$rst=mysqli_query($connection,"Delete from award_category where aw_id='$editid'");
if($rst)
echo '1';
else
echo mysqli_error($connection);
break;
case 'Addgalcat':
$aw_name=mysqli_real_escape_string($connection,trim($_POST['aw_name']));
if(empty($aw_name))
echo 'Enter Category Name';
else
{
$query=mysqli_query($connection,"select * from gallery_cat where aw_name='$aw_name'");
$num=mysqli_num_rows($query);
if($num<=0)
{
$rst=mysqli_query($connection,"INSERT INTO gallery_cat(aw_name) VALUES('$aw_name')");
if($rst)
echo '1';
else
echo mysqli_error($connection);
}
else
echo "Category already Exist";
}
break;
case 'Updategalcat':
$editid=trim($_POST['editid']);
$aw_name=mysqli_real_escape_string($connection,trim($_POST['aw_name']));
if(empty($aw_name))
echo 'Enter Category Name';
else
{
$query=mysqli_query($connection,"select * from gallery_cat where aw_name='$aw_name' and aw_id!='$editid'");
$num=mysqli_num_rows($query);
if($num<=0)
{
$rst=mysqli_query($connection,"UPDATE gallery_cat set aw_name = '$aw_name' where aw_id = '$editid'");
if($rst)
echo '1';
else
echo mysqli_error($connection);
}
else
echo "Category already Exist";
}
break;
case 'Deletegalcat':
$editid=trim($_POST['editid']);
$rst=mysqli_query($connection,"Delete from gallery_cat where aw_id='$editid'");
if($rst)
echo '1';
else
echo mysqli_error($connection);
break;
case 'Addbanner':
$B_Name=trim($_POST['B_Name']);
$B_Position=trim($_POST['B_Position']);
$B_Address=mysqli_real_escape_string($connection,trim($_POST['B_Address']));
$B_Images=$_FILES['B_Images']['name'];
$B_Type=image_validation($_FILES['B_Images']['type']);
$B_Imagest=$_FILES['B_Images']['tmp_name'];
if(empty($B_Name))
echo 'Enter Banner Name';
elseif(empty($B_Address))
echo 'Enter Link';
elseif(empty($B_Position))
echo 'Enter Position';
elseif(empty($B_Images))
echo 'Browse Banner Image';
elseif(empty($B_Type))
echo "Please Upload only Image jpg/jpeg/png/gif";
else
{
$query=mysqli_query($connection,"select * from banner_images where B_Name = '$B_Name'");
$num=mysqli_num_rows($query);
if($num<=0)
{
$p_filename=file_upload_productimg($B_Images,'',$B_Imagest,'../banner/');
$rst=mysqli_query($connection,"INSERT INTO banner_images(B_Name,B_Address,B_Images,B_Position) VALUES('$B_Name','$B_Address','$p_filename','$B_Position')");
if($rst)
echo '1';
else
echo mysqli_error($connection);
}
else
echo "Banner Name already Exist";
}
break;
case 'Updatebanner':
$editid=trim($_POST['editid']);
$B_Name=trim($_POST['B_Name']);
$B_Position=trim($_POST['B_Position']);
$B_Address=mysqli_real_escape_string($connection,trim($_POST['B_Address']));
$B_Images=$_FILES['B_Images']['name'];
$B_Imagest=$_FILES['B_Images']['tmp_name'];
$B_Type=image_validation($_FILES['B_Images']['type']);
$p_filenamet=trim($_POST['p_filename']);
if(empty($B_Name))
echo 'Enter Banner Name';
elseif(empty($B_Address))
echo 'Enter Link';
elseif(empty($B_Position))
echo 'Enter Position';
elseif(empty($B_Images) and empty($p_filenamet))
echo 'Browse Banner Image';
elseif(!empty($B_Images) and empty($B_Type))
echo "Please Upload only Image jpg/jpeg/png/gif";
else
{
$query=mysqli_query($connection,"select * from banner_images where B_Name = '$B_Name' and B_Id!='$editid'");
$num=mysqli_num_rows($query);
if($num<=0)
{
$p_filename=file_upload_productimg($B_Images,$p_filenamet,$B_Imagest,'../banner/');
$rst=mysqli_query($connection,"update banner_images set B_Name = '$B_Name',B_Address='$B_Address',B_Position='$B_Position',B_Images='$p_filename' where B_Id = '$editid'");
if($rst)
echo '1';
else
echo mysqli_error($connection);
}
else
echo "Banner Name already Exist";
}
break;
case 'Deletebanner':
$editid=trim($_POST['editid']);
$rst=mysqli_query($connection,"Delete from banner_images where B_Id='$editid'");
if($rst)
echo '1';
else
echo mysqli_error($connection);
break;
case 'Addevent':
$gal_name=mysqli_real_escape_string($connection,trim($_POST['gal_name']));
$gal_cat=mysqli_real_escape_string($connection,trim($_POST['gal_cat']));
$gal_details=mysqli_real_escape_string($connection,trim($_POST['gal_details']));
$gal_date=trim($_POST['gal_date']);
$B_Images=$_FILES['gal_image']['name'];
$B_Type=image_validation($_FILES['gal_image']['type']);
$B_Imagest=$_FILES['gal_image']['tmp_name'];
if(empty($gal_name))
echo 'Enter Name';
elseif(empty($gal_cat))
echo 'Select Category';
elseif(empty($gal_date))
echo 'Enter Date';
elseif(empty($B_Images))
echo 'upload Image';
elseif(empty($B_Type))
echo "Please Upload only Image jpg/jpeg/png/gif";
else
{
$query=mysqli_query($connection,"select * from event_list where gal_name = '$gal_name'");
$num=mysqli_num_rows($query);
if($num<=0)
{
$p_filename=file_upload_productimg($B_Images,'',$B_Imagest,'../banner/');
$rst=mysqli_query($connection,"INSERT INTO event_list(gal_name,gal_cat,gal_image,gal_date,gal_details) VALUES('$gal_name','$gal_cat','$p_filename','$gal_date','$gal_details')");
if($rst)
echo '1';
else
echo mysqli_error($connection);
}
else
echo "Name already Exist";
}
break;
case 'Updateevent':
$editid=trim($_POST['editid']);
$gal_name=mysqli_real_escape_string($connection,trim($_POST['gal_name']));
$gal_cat=mysqli_real_escape_string($connection,trim($_POST['gal_cat']));
$gal_details=mysqli_real_escape_string($connection,trim($_POST['gal_details']));
$gal_date=trim($_POST['gal_date']);
$B_Images=$_FILES['gal_image']['name'];
$B_Type=image_validation($_FILES['gal_image']['type']);
$B_Imagest=$_FILES['gal_image']['tmp_name'];
$p_filenamet=trim($_POST['p_filename']);
if(empty($gal_name))
echo 'Enter Name';
elseif(empty($gal_cat))
echo 'Enter Category';
elseif(empty($gal_date))
echo 'Enter Date';
elseif(empty($B_Images) and empty($p_filenamet))
echo 'upload Image';
elseif(!empty($B_Images) and empty($B_Type))
echo "Please Upload only Image jpg/jpeg/png/gif";
else
{
$query=mysqli_query($connection,"select * from event_list where gal_name = '$gal_name' and gal_id!='$editid'");
$num=mysqli_num_rows($query);
if($num<=0)
{
$p_filename=file_upload_productimg($B_Images,$p_filenamet,$B_Imagest,'../banner/');
$rst=mysqli_query($connection,"update event_list set gal_name = '$gal_name',gal_cat='$gal_cat',gal_date='$gal_date',gal_image='$p_filename',gal_details='$gal_details' where gal_id = '$editid'");
if($rst)
echo '1';
else
echo mysqli_error($connection);
}
else
echo "Name already Exist";
}
break;
case 'Deleteevent':
$editid=trim($_POST['editid']);
$rst=mysqli_query($connection,"Delete from event_list where gal_id='$editid'");
if($rst)
echo '1';
else
echo mysqli_error($connection);
break;
case 'Addjury':
$B_Name=mysqli_real_escape_string($connection,trim($_POST['B_Name']));
$B_Address=mysqli_real_escape_string($connection,trim($_POST['B_Address']));
$B_Position=trim($_POST['B_Position']);
$B_Images=$_FILES['B_Images']['name'];
$B_Type=image_validation($_FILES['B_Images']['type']);
$B_Imagest=$_FILES['B_Images']['tmp_name'];
if(empty($B_Name))
echo 'Enter Name';
elseif(empty($B_Address))
echo 'Enter Details';
elseif(empty($B_Images))
echo 'upload Image';
else
{
$query=mysqli_query($connection,"select * from jury_images where B_Name = '$B_Name'");
$num=mysqli_num_rows($query);
if($num<=0)
{
$p_filename=file_upload_productimg($B_Images,'',$B_Imagest,'../jury_member_image/');
$rst=mysqli_query($connection,"INSERT INTO jury_images(B_Name,B_Address,B_Images,B_Position) VALUES('$B_Name','$B_Address','$p_filename','$B_Position')");
if($rst)
echo '1';
else
echo mysqli_error($connection);
}
else
echo "Name already Exist";
}
break;
case 'Updatejury':
$editid=trim($_POST['editid']);
$B_Name=mysqli_real_escape_string($connection,trim($_POST['B_Name']));
$B_Address=mysqli_real_escape_string($connection,trim($_POST['B_Address']));
$B_Position=trim($_POST['B_Position']);
$B_Images=$_FILES['B_Images']['name'];
$B_Type=image_validation($_FILES['B_Images']['type']);
$B_Imagest=$_FILES['B_Images']['tmp_name'];
$p_filenamet=trim($_POST['p_filename']);
if(empty($B_Name))
echo 'Enter Name';
elseif(empty($B_Address))
echo 'Enter Details';
elseif(empty($B_Images) and empty($p_filenamet))
echo 'upload Image jpg/jpeg/png/gif';
else
{
$query=mysqli_query($connection,"select * from jury_images where B_Name = '$B_Name' and B_Id!='$editid'");
$num=mysqli_num_rows($query);
if($num<=0)
{
$p_filename=file_upload_productimg($B_Images,$p_filenamet,$B_Imagest,'../jury_member_image/');
$rst=mysqli_query($connection,"update jury_images set B_Name = '$B_Name',B_Address='$B_Address',B_Position='$B_Position',B_Images='$p_filename' where B_Id = '$editid'");
if($rst)
echo '1';
else
echo mysqli_error($connection);
}
else
echo "Name already Exist";
}
break;
case 'Deletejury':
$editid=trim($_POST['editid']);
$rst=mysqli_query($connection,"Delete from jury_images where B_Id='$editid'");
if($rst)
echo '1';
else
echo mysqli_error($connection);
break;
case 'Addteam':
$B_Name=mysqli_real_escape_string($connection,trim($_POST['B_Name']));
$B_Address=mysqli_real_escape_string($connection,trim($_POST['B_Address']));
$B_Position=trim($_POST['B_Position']);
$B_Designation=mysqli_real_escape_string($connection,trim($_POST['B_Designation']));
$B_Images=$_FILES['B_Images']['name'];
$B_Type=image_validation($_FILES['B_Images']['type']);
$B_Imagest=$_FILES['B_Images']['tmp_name'];
if(empty($B_Name))
echo 'Enter Name';
elseif(empty($B_Address))
echo 'Enter Details';
elseif(empty($B_Images))
echo 'upload Image';
else
{
$query=mysqli_query($connection,"select * from team_member where B_Name = '$B_Name'");
$num=mysqli_num_rows($query);
if($num<=0)
{
$p_filename=file_upload_productimg($B_Images,'',$B_Imagest,'../team_member_image/');
$rst=mysqli_query($connection,"INSERT INTO team_member(B_Name,B_Address,B_Images,B_Position,B_Designation) VALUES('$B_Name','$B_Address','$p_filename','$B_Position','$B_Designation')");
if($rst)
echo '1';
else
echo mysqli_error($connection);
}
else
echo "Name already Exist";
}
break;
case 'Updateteam':
$editid=trim($_POST['editid']);
$B_Name=mysqli_real_escape_string($connection,trim($_POST['B_Name']));
$B_Address=mysqli_real_escape_string($connection,trim($_POST['B_Address']));
$B_Position=trim($_POST['B_Position']);
$B_Designation=mysqli_real_escape_string($connection,trim($_POST['B_Designation']));
$B_Images=$_FILES['B_Images']['name'];
$B_Type=image_validation($_FILES['B_Images']['type']);
$B_Imagest=$_FILES['B_Images']['tmp_name'];
$p_filenamet=trim($_POST['p_filename']);
if(empty($B_Name))
echo 'Enter Name';
elseif(empty($B_Address))
echo 'Enter Details';
elseif(empty($B_Images) and empty($p_filenamet))
echo 'upload Image jpg/jpeg/png/gif';
else
{
$query=mysqli_query($connection,"select * from team_member where B_Name = '$B_Name' and B_Id!='$editid'");
$num=mysqli_num_rows($query);
if($num<=0)
{
$p_filename=file_upload_productimg($B_Images,$p_filenamet,$B_Imagest,'../team_member_image/');
$rst=mysqli_query($connection,"update team_member set B_Name = '$B_Name',B_Address='$B_Address',B_Position='$B_Position',B_Images='$p_filename',B_Designation='$B_Designation' where B_Id = '$editid'");
if($rst)
echo '1';
else
echo mysqli_error($connection);
}
else
echo "Name already Exist";
}
break;
case 'Deleteteam':
$editid=trim($_POST['editid']);
$rst=mysqli_query($connection,"Delete from team_member where B_Id='$editid'");
if($rst)
echo '1';
else
echo mysqli_error($connection);
break;
case 'Addpartner':
$B_Name=mysqli_real_escape_string($connection,trim($_POST['B_Name']));
$B_Url=mysqli_real_escape_string($connection,trim($_POST['B_Url']));
$B_Position=trim($_POST['B_Position']);
$B_Images=$_FILES['B_Images']['name'];
$B_Type=image_validation($_FILES['B_Images']['type']);
$B_Imagest=$_FILES['B_Images']['tmp_name'];
if(empty($B_Name))
echo 'Enter Name';
elseif(empty($B_Images))
echo 'upload Image';
else
{
$query=mysqli_query($connection,"select * from partner_images where B_Name = '$B_Name'");
$num=mysqli_num_rows($query);
if($num<=0)
{
$p_filename=file_upload_productimg($B_Images,'',$B_Imagest,'../client-image/');
$rst=mysqli_query($connection,"INSERT INTO partner_images(B_Name,B_Url,B_Images,B_Position) VALUES('$B_Name','$B_Url','$p_filename','$B_Position')");
if($rst)
echo '1';
else
echo mysqli_error($connection);
}
else
echo "Name already Exist";
}
break;
case 'Updatepartner':
$editid=trim($_POST['editid']);
$B_Name=mysqli_real_escape_string($connection,trim($_POST['B_Name']));
$B_Url=mysqli_real_escape_string($connection,trim($_POST['B_Url']));
$B_Position=trim($_POST['B_Position']);
$B_Images=$_FILES['B_Images']['name'];
$B_Type=image_validation($_FILES['B_Images']['type']);
$B_Imagest=$_FILES['B_Images']['tmp_name'];
$p_filenamet=trim($_POST['p_filename']);
if(empty($B_Name))
echo 'Enter Name';
elseif(empty($B_Images) and empty($p_filenamet))
echo 'upload Image jpg/jpeg/png/gif';
else
{
$query=mysqli_query($connection,"select * from partner_images where B_Name = '$B_Name' and B_Id!='$editid'");
$num=mysqli_num_rows($query);
if($num<=0)
{
$p_filename=file_upload_productimg($B_Images,$p_filenamet,$B_Imagest,'../client-image/');
$rst=mysqli_query($connection,"update partner_images set B_Name = '$B_Name',B_Url='$B_Url',B_Position='$B_Position',B_Images='$p_filename' where B_Id = '$editid'");
if($rst)
echo '1';
else
echo mysqli_error($connection);
}
else
echo "Name already Exist";
}
break;
case 'Deletepartner':
$editid=trim($_POST['editid']);
$rst=mysqli_query($connection,"Delete from partner_images where B_Id='$editid'");
if($rst)
echo '1';
else
echo mysqli_error($connection);
break;
case 'Addvideo':
$O_Name=mysqli_real_escape_string($connection,trim($_POST['O_Name']));
$O_Type=mysqli_real_escape_string($connection,trim($_POST['O_Type']));
$O_P=mysqli_real_escape_string($connection,trim($_POST['O_P']));
$O_Url=mysqli_real_escape_string($connection,trim($_POST['O_Url']));
if(empty($O_Name))
echo 'Enter Title';
elseif(empty($O_Type))
echo 'Enter Video Type';
elseif(empty($O_P))
echo 'Enter Video Position';
elseif(empty($O_Url))
echo 'Enter Video Url';
else
{
$query=mysqli_query($connection,"select * from online_session where O_Name='$O_Name'");
$num=mysqli_num_rows($query);
if($num<=0)
{
$rst=mysqli_query($connection,"INSERT INTO online_session(O_Name,O_P,O_Type,O_Url) VALUES('$O_Name','$O_P','$O_Type','$O_Url')");
if($rst)
echo '1';
else
echo mysqli_error($connection);
}
else
echo "Title Already Exist";
}
break;
case 'Updatevideo':
$editid=trim($_POST['editid']);
$O_Name=mysqli_real_escape_string($connection,trim($_POST['O_Name']));
$O_Type=mysqli_real_escape_string($connection,trim($_POST['O_Type']));
$O_P=mysqli_real_escape_string($connection,trim($_POST['O_P']));
$O_Url=mysqli_real_escape_string($connection,trim($_POST['O_Url']));
if(empty($O_Name))
echo 'Enter Title';
elseif(empty($O_Type))
echo 'Enter Video Type';
elseif(empty($O_P))
echo 'Enter Video Position';
elseif(empty($O_Url))
echo 'Enter Video Url';
else
{
$query=mysqli_query($connection,"select * from online_session where O_Name='$O_Name' and O_Id!='$editid'");
$num=mysqli_num_rows($query);
if($num<=0)
{
$rst=mysqli_query($connection,"UPDATE online_session set O_Name = '$O_Name',O_Type = '$O_Type',O_P = '$O_P',O_Url = '$O_Url' where O_Id = '$editid'");
if($rst)
echo '1';
else
echo mysqli_error($connection);
}
else
echo "Title Already Exist";
}
break;
case 'Deletevideo':
$editid=trim($_POST['editid']);
$rst=mysqli_query($connection,"Delete from online_session where O_Id='$editid'");
if($rst)
echo '1';
else
echo mysqli_error($connection);
break;
case 'Addlist':
$alcat_id=$_POST['alcat_id'];
$al_name=mysqli_real_escape_string($connection,trim($_POST['al_name']));
if(empty($alcat_id))
echo 'Category Not Exist';
elseif(empty($al_name))
echo 'Enter List Name';
else
{
$rst=mysqli_query($connection,"INSERT INTO award_list(al_name,alcat_id) VALUES('$al_name','$alcat_id')");
if($rst)
echo '1';
else
echo mysqli_error($connection);
}
break;
case 'Updatelist':
$editid=trim($_POST['editid']);
$al_name=mysqli_real_escape_string($connection,trim($_POST['al_name']));
if(empty($al_name))
echo 'Enter Category List Name';
else
{
$rst=mysqli_query($connection,"UPDATE award_list set al_name = '$al_name' where al_id = '$editid'");
if($rst)
echo '1';
else
echo mysqli_error($connection);
}
break;
case 'Deletelist':
$editid=trim($_POST['editid']);
$rst=mysqli_query($connection,"Delete from award_list where al_id='$editid'");
if($rst)
echo '1';
else
echo mysqli_error($connection);
break;
case 'Addphotogallery':
$EP_Eid=trim($_POST['EP_Eid']);
$B_Images=$_FILES['EP_Image']['name'];
$B_Type=image_validation($_FILES['EP_Image']['type']);
$B_Imagest=$_FILES['EP_Image']['tmp_name'];
if(empty($EP_Eid))
echo 'Category Not Selected';
elseif(empty($B_Images))
echo 'upload Image';
else
{
$p_filename=file_upload_productimg($B_Images,'',$B_Imagest,'../gallery-images/');
$rst=mysqli_query($connection,"INSERT INTO gal_images(EP_Eid,EP_Image) VALUES('$EP_Eid','$p_filename')");
if($rst)
echo '1';
else
echo mysqli_error($connection);
}
break;
case 'Updatephotogallery':
$editid=trim($_POST['editid']);
$EP_Eid=trim($_POST['EP_Eid']);
$B_Images=$_FILES['EP_Image']['name'];
$B_Type=image_validation($_FILES['EP_Image']['type']);
$B_Imagest=$_FILES['EP_Image']['tmp_name'];
$p_filenamet=trim($_POST['p_filename']);
if(empty($EP_Eid))
echo 'Category Not Selected';
elseif(empty($B_Images) and empty($p_filenamet))
echo 'upload Image jpg/jpeg/png/gif';
else
{
$p_filename=file_upload_productimg($B_Images,$p_filenamet,$B_Imagest,'../gallery-images/');
$rst=mysqli_query($connection,"update gal_images set EP_Eid = '$EP_Eid',EP_Image='$p_filename' where EP_Id = '$editid'");
if($rst)
echo '1';
else
echo mysqli_error($connection);
}
break;
case 'Deletephotogallery':
$editid=trim($_POST['editid']);
$rst=mysqli_query($connection,"Delete from gal_images where EP_Id='$editid'");
if($rst)
echo '1';
else
echo mysqli_error($connection);
break;
}
mysqli_close($connection);
?>
Zerion Mini Shell 1.0