<?php require_once 'header.php'; $controller = new ControllerStore(); $controllerCategory = new ControllerCategory(); $categories = $controllerCategory->getCategories(); $extras = new Extras(); $store_id = $extras->decryptQuery1(KEY_SALT, $_SERVER['QUERY_STRING']); if ($store_id != null) { $store = $controller->getStoreByStoreId($store_id); if (isset($_POST['submit'])) { $itm = $store; $itm->store_name = htmlspecialchars(trim(strip_tags($_POST['store_name'])), ENT_QUOTES); $itm->store_address = htmlspecialchars(trim(strip_tags($_POST['store_address'])), ENT_QUOTES); $store_desc = preg_replace('~[\\r\\n]+~', '', $_POST['store_desc']); $itm->store_desc = htmlspecialchars(trim(strip_tags($store_desc))); $itm->lat = trim(strip_tags($_POST['lat'])); $itm->lon = htmlspecialchars(trim(strip_tags($_POST['lon'])), ENT_QUOTES); $itm->created_at = time(); $itm->website = $extras->removeHttp(htmlspecialchars(trim(strip_tags($_POST['website'])), ENT_QUOTES)); $itm->phone_no = htmlspecialchars(trim(strip_tags($_POST['phone_no'])), ENT_QUOTES); $itm->email = trim(strip_tags($_POST['email'])); $itm->sms_no = trim(strip_tags($_POST['sms_no'])); $itm->category_id = trim(strip_tags($_POST['category_id'])); $itm->updated_at = time(); $itm->featured = trim(strip_tags($_POST['featured'])); $controller->updateStore($itm); echo "<script type='text/javascript'>location.href='stores.php';</script>"; } } else { echo "<script type='text/javascript'>location.href='403.php';</script>";
<?php require_once 'header.php'; $controller = new ControllerPhoto(); $controllerStore = new ControllerStore(); $extras = new Extras(); $store_id = $extras->decryptQuery1(KEY_SALT, $_SERVER['QUERY_STRING']); $photo_store_delete = $extras->decryptQuery2(KEY_SALT, $_SERVER['QUERY_STRING']); if ($store_id != null) { $photos_store = $controller->getPhotosByStoreId($store_id); $selected_store = $controllerStore->getStoreByStoreId($store_id); } if ($photo_store_delete != null) { $store_id = $photo_store_delete[0]; $photo_id = $photo_store_delete[1]; $controller->deletePhoto($photo_id, 1); $viewUrl = $extras->encryptQuery1(KEY_SALT, 'store_id', $store_id, 'photo_store_view.php'); echo "<script type='text/javascript'>location.href='{$viewUrl}';</script>"; } if ($store_id == null && $photo_store_delete == null) { echo "<script type='text/javascript'>location.href='403.php';</script>"; } ?> <!DOCTYPE html> <html lang="en"><head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1">