<?php
if ($SucInc == "yes") {
$lng = mysql::getLng();
if ($_SERVER[REQUEST_METHOD] == 'POST' && isset($_POST[submit_add])) {
$curId = mysql_result(mysql_query("SELECT MAX(`id`) FROM " . TABLE_GALLERY . ""), 0) + 1;
$imag = '';
if (isset($_FILES[imag]) && $_FILES[imag][size] > 0) {
$ext = pathinfo($_FILES[imag][name], PATHINFO_EXTENSION);
$tmp = $_FILES[imag][tmp_name];
$imag = time() . '.' . $ext;
move_uploaded_file($tmp, '../files/media/big_' . $imag);
//big image
jResize('../files/media/big_' . $imag, '../files/media/small_' . $imag, 323, 146);
//small image
mysql_query("INSERT INTO " . TABLE_GALLERY . " (`imag`,`ordering`,`parent`,`title`)VALUES('{$imag}',{$curId},'" . clear($_POST[parent], 1) . "','" . clear($_POST[title]) . "')");
}
print "<script>alert('Thank! Successfully Added');location.href='?options=gallery'</script>";
}
if (isset($_GET[del])) {
$oldImg = mysql_result(mysql_query("SELECT `imag` FROM " . TABLE_GALLERY . " WHERE `id`='{$_GET[del]}'"), 0);
@unlink('../files/media/big_' . $oldImg);
@unlink('../files/media/small_' . $oldImg);
mysql_query("DELETE FROM " . TABLE_GALLERY . " WHERE `id`='{$_GET[del]}'");
print "<script>alert('Thank! Successfully Deleted');location.href='?options=gallery'</script>";
}
$_q = $db->fetchWhile("SELECT `id`,`pagename` FROM `" . TABLE_PAGES . "` WHERE `type`='project' AND sub_id='40' AND `lang_id`='{$lang}' ORDER BY `ordering`");
$_GET[parent] = abs((int) isset($_GET[parent]) ? $_GET[parent] : $_q[0]->id);
$qSlider = mysql_query("SELECT `id`,`imag` FROM `" . TABLE_GALLERY . "` WHERE `parent`={$_GET[parent]} ORDER BY `ordering`");
?>
<form action='' align='center' method='post' class='jAddSlider' enctype='multipart/form-data'>
$_POST[link] = mysql_real_escape_string(strip_tags($_POST[link]));
for ($z = 0; $z < count($lng); $z++) {
$_POST[title_ . $lng[$z]] = mysql_real_escape_string(strip_tags($_POST[title_ . $lng[$z]]));
mysql_query("INSERT INTO " . TABLE_SIM . " (`id`,`title`,`img`,`lang`,`link`,`ordering`)VALUES(\r\n\t\t\t\t\t\t\t'{$curId}',\r\n\t\t\t\t\t\t\t'{$_POST[title_ . $lng[$z]]}', \r\n\t\t\t\t\t\t\t'{$imag}',\r\n\t\t\t\t\t\t\t'{$lng[$z]}',\r\n\t\t\t\t\t\t\t'{$_POST[link]}',\r\n\t\t\t\t\t\t\t'{$curId}'\r\n\t\t\t)");
}
print "<script>alert('Thank! Successfully Added');location.href='?options=sim'</script>";
}
if ($_SERVER[REQUEST_METHOD] == 'POST' && isset($_POST[submit_edit])) {
$imag = mysql_result(mysql_query("SELECT `img` FROM " . TABLE_SIM . " WHERE `id`='{$_POST[curid]}'"), 0);
if (isset($_FILES[imag]) && $_FILES[imag][size] > 0) {
@unlink('../files/image/' . $imag);
$ext = pathinfo($_FILES[imag][name], PATHINFO_EXTENSION);
$tmp = $_FILES[imag][tmp_name];
$imag = time() . '.' . $ext;
$path = "{$_SERVER[DOCUMENT_ROOT]}/files/image/{$imag}";
jResize($tmp, $path, 224, 105);
//move_uploaded_file($tmp,$path);
}
$_POST[link] = mysql_real_escape_string(strip_tags($_POST[link]));
for ($z = 0; $z < count($lng); $z++) {
$_POST[title_ . $lng[$z]] = mysql_real_escape_string(strip_tags($_POST[title_ . $lng[$z]]));
mysql_query("UPDATE " . TABLE_SIM . " SET \r\n\t\t\t\t\t\t\t`title`='{$_POST[title_ . $lng[$z]]}',\r\n\t\t\t\t\t\t\t`img`='{$imag}',\r\n\t\t\t\t\t\t\t`link`='{$_POST[link]}'\r\n\t\t\t\t\t\tWHERE `id`='{$_GET[edit]}' AND `lang`='{$lng[$z]}'\r\n\t\t\t\t\t");
}
print "<script>alert('Thank! Successfully Edited');location.href='?options=sim'</script>";
}
if (isset($_GET[edit])) {
$jEditing = true;
$qEdit = mysql_query("SELECT * FROM " . TABLE_SIM . " WHERE `id`='{$_GET[edit]}'");
while ($rows = mysql_fetch_object($qEdit)) {
$rEdit[$rows->lang] = $rows;
}
//$_POST[title_.$lng[$z]]=mysql_real_escape_string($_POST[title_.$lng[$z]]);
//$_POST[link_.$lng[$z]]=mysql_real_escape_string(strip_tags($_POST[link_.$lng[$z]]));
//$_POST[text_.$lng[$z]]=mysql_real_escape_string(strip_tags($_POST[text_.$lng[$z]]));
mysql_query("INSERT INTO " . TABLE_SLIDER . " (`id`,`title`,`link`,`img`,`text`,`lang`,`ordering`)VALUES(\r\n\t\t\t\t\t\t\t'{$curId}',\r\n\t\t\t\t\t\t\t'{$_POST[title]}', \r\n\t\t\t\t\t\t\t'{$_POST[link]}',\r\n\t\t\t\t\t\t\t'{$imag}',\r\n\t\t\t\t\t\t\t'{$_POST[prnt]}',\r\n\t\t\t\t\t\t\t'{$lang}',\r\n\t\t\t\t\t\t\t'{$curId}'\r\n\t\t\t)");
print "<script>alert('Thank! Successfully Added');location.href='?options=slider&title={$_GET[title]}&prnt={$_GET[prnt]}'</script>";
}
if ($_SERVER[REQUEST_METHOD] == 'POST' && isset($_POST[submit_edit])) {
$_GET[edit] = abs((int) $_GET[edit]);
$imag = mysql_result(mysql_query("SELECT `img` FROM " . TABLE_SLIDER . " WHERE `id`='{$_GET[edit]}'"), 0);
if (isset($_FILES[imag]) && $_FILES[imag][size] > 0) {
@unlink('../files/image/' . $imag);
$ext = pathinfo($_FILES[imag][name], PATHINFO_EXTENSION);
$tmp = $_FILES[imag][tmp_name];
$imag = time() . '.' . $ext;
$path = "{$_SERVER[DOCUMENT_ROOT]}/files/image/{$imag}";
jResize($tmp, $path, 500, 240);
//move_uploaded_file($tmp,$path);
}
$_POST[title] = abs((int) $_POST[title]);
$_POST[prnt] = abs((int) $_POST[prnt]);
//$_POST[title_.$lng[$z]]=mysql_real_escape_string($_POST[title_.$lng[$z]]);
//$_POST[link_.$lng[$z]]=mysql_real_escape_string(strip_tags($_POST[link_.$lng[$z]]));
//$_POST[text_.$lng[$z]]=mysql_real_escape_string(strip_tags($_POST[text_.$lng[$z]]));
mysql_query("UPDATE " . TABLE_SLIDER . " SET \r\n\t\t\t\t\t\t\t`title`='{$_POST[title]}',\r\n\t\t\t\t\t\t\t`link`='{$_POST[link]}',\r\n\t\t\t\t\t\t\t`img`='{$imag}',\r\n\t\t\t\t\t\t\t`text`='{$_POST[prnt]}'\r\n\t\t\t\t\t\tWHERE `id`='{$_GET[edit]}' AND `lang`='{$lang}'\r\n\t\t\t\t\t");
print "<script>alert('Thank! Successfully Edited');location.href='?options=slider&title={$_GET[title]}&prnt={$_GET[prnt]}'</script>";
}
if (isset($_GET[edit])) {
$jEditing = true;
$qEdit = mysql_query("SELECT * FROM " . TABLE_SLIDER . " WHERE `id`='{$_GET[edit]}'");
while ($rows = mysql_fetch_object($qEdit)) {
$rEdit[$rows->lang] = $rows;
