<?php if ($SucInc == "yes") { $lng = mysql::getLng(); if ($_SERVER[REQUEST_METHOD] == 'POST' && isset($_POST[submit_add])) { $curId = mysql_result(mysql_query("SELECT MAX(`id`) FROM " . TABLE_GALLERY . ""), 0) + 1; $imag = ''; if (isset($_FILES[imag]) && $_FILES[imag][size] > 0) { $ext = pathinfo($_FILES[imag][name], PATHINFO_EXTENSION); $tmp = $_FILES[imag][tmp_name]; $imag = time() . '.' . $ext; move_uploaded_file($tmp, '../files/media/big_' . $imag); //big image jResize('../files/media/big_' . $imag, '../files/media/small_' . $imag, 323, 146); //small image mysql_query("INSERT INTO " . TABLE_GALLERY . " (`imag`,`ordering`,`parent`,`title`)VALUES('{$imag}',{$curId},'" . clear($_POST[parent], 1) . "','" . clear($_POST[title]) . "')"); } print "<script>alert('Thank! Successfully Added');location.href='?options=gallery'</script>"; } if (isset($_GET[del])) { $oldImg = mysql_result(mysql_query("SELECT `imag` FROM " . TABLE_GALLERY . " WHERE `id`='{$_GET[del]}'"), 0); @unlink('../files/media/big_' . $oldImg); @unlink('../files/media/small_' . $oldImg); mysql_query("DELETE FROM " . TABLE_GALLERY . " WHERE `id`='{$_GET[del]}'"); print "<script>alert('Thank! Successfully Deleted');location.href='?options=gallery'</script>"; } $_q = $db->fetchWhile("SELECT `id`,`pagename` FROM `" . TABLE_PAGES . "` WHERE `type`='project' AND sub_id='40' AND `lang_id`='{$lang}' ORDER BY `ordering`"); $_GET[parent] = abs((int) isset($_GET[parent]) ? $_GET[parent] : $_q[0]->id); $qSlider = mysql_query("SELECT `id`,`imag` FROM `" . TABLE_GALLERY . "` WHERE `parent`={$_GET[parent]} ORDER BY `ordering`"); ?> <form action='' align='center' method='post' class='jAddSlider' enctype='multipart/form-data'>
$_POST[link] = mysql_real_escape_string(strip_tags($_POST[link])); for ($z = 0; $z < count($lng); $z++) { $_POST[title_ . $lng[$z]] = mysql_real_escape_string(strip_tags($_POST[title_ . $lng[$z]])); mysql_query("INSERT INTO " . TABLE_SIM . " (`id`,`title`,`img`,`lang`,`link`,`ordering`)VALUES(\r\n\t\t\t\t\t\t\t'{$curId}',\r\n\t\t\t\t\t\t\t'{$_POST[title_ . $lng[$z]]}', \r\n\t\t\t\t\t\t\t'{$imag}',\r\n\t\t\t\t\t\t\t'{$lng[$z]}',\r\n\t\t\t\t\t\t\t'{$_POST[link]}',\r\n\t\t\t\t\t\t\t'{$curId}'\r\n\t\t\t)"); } print "<script>alert('Thank! Successfully Added');location.href='?options=sim'</script>"; } if ($_SERVER[REQUEST_METHOD] == 'POST' && isset($_POST[submit_edit])) { $imag = mysql_result(mysql_query("SELECT `img` FROM " . TABLE_SIM . " WHERE `id`='{$_POST[curid]}'"), 0); if (isset($_FILES[imag]) && $_FILES[imag][size] > 0) { @unlink('../files/image/' . $imag); $ext = pathinfo($_FILES[imag][name], PATHINFO_EXTENSION); $tmp = $_FILES[imag][tmp_name]; $imag = time() . '.' . $ext; $path = "{$_SERVER[DOCUMENT_ROOT]}/files/image/{$imag}"; jResize($tmp, $path, 224, 105); //move_uploaded_file($tmp,$path); } $_POST[link] = mysql_real_escape_string(strip_tags($_POST[link])); for ($z = 0; $z < count($lng); $z++) { $_POST[title_ . $lng[$z]] = mysql_real_escape_string(strip_tags($_POST[title_ . $lng[$z]])); mysql_query("UPDATE " . TABLE_SIM . " SET \r\n\t\t\t\t\t\t\t`title`='{$_POST[title_ . $lng[$z]]}',\r\n\t\t\t\t\t\t\t`img`='{$imag}',\r\n\t\t\t\t\t\t\t`link`='{$_POST[link]}'\r\n\t\t\t\t\t\tWHERE `id`='{$_GET[edit]}' AND `lang`='{$lng[$z]}'\r\n\t\t\t\t\t"); } print "<script>alert('Thank! Successfully Edited');location.href='?options=sim'</script>"; } if (isset($_GET[edit])) { $jEditing = true; $qEdit = mysql_query("SELECT * FROM " . TABLE_SIM . " WHERE `id`='{$_GET[edit]}'"); while ($rows = mysql_fetch_object($qEdit)) { $rEdit[$rows->lang] = $rows; }
//$_POST[title_.$lng[$z]]=mysql_real_escape_string($_POST[title_.$lng[$z]]); //$_POST[link_.$lng[$z]]=mysql_real_escape_string(strip_tags($_POST[link_.$lng[$z]])); //$_POST[text_.$lng[$z]]=mysql_real_escape_string(strip_tags($_POST[text_.$lng[$z]])); mysql_query("INSERT INTO " . TABLE_SLIDER . " (`id`,`title`,`link`,`img`,`text`,`lang`,`ordering`)VALUES(\r\n\t\t\t\t\t\t\t'{$curId}',\r\n\t\t\t\t\t\t\t'{$_POST[title]}', \r\n\t\t\t\t\t\t\t'{$_POST[link]}',\r\n\t\t\t\t\t\t\t'{$imag}',\r\n\t\t\t\t\t\t\t'{$_POST[prnt]}',\r\n\t\t\t\t\t\t\t'{$lang}',\r\n\t\t\t\t\t\t\t'{$curId}'\r\n\t\t\t)"); print "<script>alert('Thank! Successfully Added');location.href='?options=slider&title={$_GET[title]}&prnt={$_GET[prnt]}'</script>"; } if ($_SERVER[REQUEST_METHOD] == 'POST' && isset($_POST[submit_edit])) { $_GET[edit] = abs((int) $_GET[edit]); $imag = mysql_result(mysql_query("SELECT `img` FROM " . TABLE_SLIDER . " WHERE `id`='{$_GET[edit]}'"), 0); if (isset($_FILES[imag]) && $_FILES[imag][size] > 0) { @unlink('../files/image/' . $imag); $ext = pathinfo($_FILES[imag][name], PATHINFO_EXTENSION); $tmp = $_FILES[imag][tmp_name]; $imag = time() . '.' . $ext; $path = "{$_SERVER[DOCUMENT_ROOT]}/files/image/{$imag}"; jResize($tmp, $path, 500, 240); //move_uploaded_file($tmp,$path); } $_POST[title] = abs((int) $_POST[title]); $_POST[prnt] = abs((int) $_POST[prnt]); //$_POST[title_.$lng[$z]]=mysql_real_escape_string($_POST[title_.$lng[$z]]); //$_POST[link_.$lng[$z]]=mysql_real_escape_string(strip_tags($_POST[link_.$lng[$z]])); //$_POST[text_.$lng[$z]]=mysql_real_escape_string(strip_tags($_POST[text_.$lng[$z]])); mysql_query("UPDATE " . TABLE_SLIDER . " SET \r\n\t\t\t\t\t\t\t`title`='{$_POST[title]}',\r\n\t\t\t\t\t\t\t`link`='{$_POST[link]}',\r\n\t\t\t\t\t\t\t`img`='{$imag}',\r\n\t\t\t\t\t\t\t`text`='{$_POST[prnt]}'\r\n\t\t\t\t\t\tWHERE `id`='{$_GET[edit]}' AND `lang`='{$lang}'\r\n\t\t\t\t\t"); print "<script>alert('Thank! Successfully Edited');location.href='?options=slider&title={$_GET[title]}&prnt={$_GET[prnt]}'</script>"; } if (isset($_GET[edit])) { $jEditing = true; $qEdit = mysql_query("SELECT * FROM " . TABLE_SLIDER . " WHERE `id`='{$_GET[edit]}'"); while ($rows = mysql_fetch_object($qEdit)) { $rEdit[$rows->lang] = $rows;