ok
Direktori : /proc/self/root/proc/thread-self/root/home/ngwcolle/public_html/admin/ |
Current File : //proc/self/root/proc/thread-self/root/home/ngwcolle/public_html/admin/add-principal.php |
<?php session_start(); //DB conncetion if (empty($_SESSION['token'])) { echo $_SESSION['token'] = bin2hex(random_bytes(32)); $_SESSION["token-expire"] = time() + 3600; // 1 hour = 3600 secs } error_reporting(E_ERROR | E_WARNING | E_PARSE); include_once 'includes/config.php'; //validating Session if (strlen($_SESSION['aid'] == 0)) { header('location:logout.php'); } else { function imageResize($imageResourceId, $width, $height) { $targetWidth = 550; $targetHeight = 315; $targetLayer = imagecreatetruecolor($targetWidth, $targetHeight); imagecopyresampled($targetLayer, $imageResourceId, 0, 0, 0, 0, $targetWidth, $targetHeight, $width, $height); return $targetLayer; } if (isset($_POST['submit'])) { if (hash_equals($_SESSION["token"], $_POST["token"])) { $pname = strtoupper($_POST['pname']); $doj = $_POST['doj']; $qual = strtoupper($_POST['psa']); $mobile = $_POST['pcont']; $add = $_POST['paddress']; $check = mysqli_query($con, "select * from tbl_principal where status='1'"); $checkrows = mysqli_num_rows($check); if ($checkrows > 0) { echo '<script>alert("Principal is still active in the College. Exit first!!!!.")</script>'; } else { // image resize script if (is_array($_FILES)) { $file = $_FILES['cdate']['tmp_name']; $sourceProperties = getimagesize($file); $fileNewName = time() . $_FILES['cdate']['name']; $folderPath = "../upload/teacher/"; $ext = pathinfo($_FILES['cdate']['name'], PATHINFO_EXTENSION); $imageType = $sourceProperties[2]; switch ($imageType) { case IMAGETYPE_PNG: $imageResourceId = imagecreatefrompng($file); $targetLayer = imageResize($imageResourceId, $sourceProperties[0], $sourceProperties[1]); // imagepng($targetLayer,$folderPath. $fileNewName. "_thump.". $ext); imagepng($targetLayer, $folderPath . $fileNewName); break; case IMAGETYPE_GIF: $imageResourceId = imagecreatefromgif($file); $targetLayer = imageResize($imageResourceId, $sourceProperties[0], $sourceProperties[1]); // imagegif($targetLayer,$folderPath. $fileNewName. "_thump.". $ext); imagepng($targetLayer, $folderPath . $fileNewName); break; case IMAGETYPE_JPEG: $imageResourceId = imagecreatefromjpeg($file); $targetLayer = imageResize($imageResourceId, $sourceProperties[0], $sourceProperties[1]); // imagejpeg($targetLayer,$folderPath. $fileNewName. "_thump.". $ext); imagepng($targetLayer, $folderPath . $fileNewName); break; default: echo "Invalid Image type."; exit; break; } // move_uploaded_file($file, $folderPath.$fileNewName. ".". $ext); // unlink($folderPath.$fileNewName. ".". $ext); // echo "Image Resize Successfully."; } // image resize if (move_uploaded_file($file, $folderPath . $fileNewName . "." . $ext)) { unlink($folderPath . $fileNewName . "." . $ext); // $query = mysqli_query($con, "insert into tbl_principal(pname,joiningdate,qualification,mobno,address,photopath) values('$pname','$doj','$qual','$mobile','$add','$fileNewName')"); $stmt = $mysqli->prepare("insert into tbl_principal(pname,joiningdate,qualification,mobno,address,photopath) values(?,?,?,?,?,?)"); $stmt->bind_param("ssssss", $pname,$doj,$qual,$mobile,$add,$fileNewName); $stmt->execute(); if ($stmt) { // if ($query) { echo '<script>alert("Princiapl Joined Successfully.")</script>'; unset($_SESSION['token']); unset($_SESSION['token-expire']); echo "<script>window.location.href ='manage-principal.php'</script>"; } else { echo '<script>alert("Something Went Wrong. Please try again.")</script>'; } } else { echo "Failed to upload file."; } } } else { echo '<script>alert("Malicious Data found & submitted. Please try again.")</script>'; } } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <meta name="description" content=""> <meta name="author" content=""> <title> Principal Incumbancy</title> <!-- Custom fonts for this template--> <link href="vendor/fontawesome-free/css/all.min.css" rel="stylesheet" type="text/css"> <link href="https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i" rel="stylesheet"> <!-- Custom styles for this template--> <link href="css/sb-admin-2.min.css" rel="stylesheet"> <style type="text/css"> label { font-size: 16px; font-weight: bold; color: #000; } </style> </head> <body id="page-top"> <!-- Page Wrapper --> <div id="wrapper"> <?php include_once 'includes/sidebar.php';?> <!-- Content Wrapper --> <div id="content-wrapper" class="d-flex flex-column"> <!-- Main Content --> <div id="content"> <!-- Topbar --> <?php include_once 'includes/topbar.php';?> <!-- End of Topbar --> <!-- Begin Page Content --> <div class="container-fluid"> <!-- Page Heading --> <h1 class="h3 mb-4 text-gray-800">New Principal Joining</h1> <form method="post" name="adminprofile" enctype="multipart/form-data"> <input type="hidden" name="token" value="<?php echo htmlentities($_SESSION['token']); ?>"> <div class="row"> <div class="col-lg-12 col-sm-12 col-md-12"> <!-- Basic Card Example --> <div class="card shadow mb-4"> <div class="card-body"> <!-- form starts --> <div class="container py-2"> <div class="row"> <div class="col-md-12 mx-auto"> <div class="form-group row"> <div class="col-sm-6"> <label for="inputFirstname">Name of the Principal</label> <input type="text" class="form-control" id="inputFirstname" name="pname" required placeholder="Name of the Principal"> </div> <div class="col-sm-6"> <label for="inputLastname">Date of joining</label> <input type="date" class="form-control" name="doj" id="inputAddressLine1" required> </div> </div> <div class="form-group row"> <div class="col-sm-6"> <label for="inputAddressLine1">Highest Qualification</label> <input type="text" class="form-control" required name="psa" id="inputAddressLine1" placeholder="Qualification"> </div> <div class="col-sm-6"> <label for="inputAddressLine2">Contact No.</label> <input type="number" class="form-control" required name="pcont" id="inputAddressLine1" placeholder="Contact Details"> </div> </div> <div class="form-group row"> <div class="col-sm-6"> <label for="inputAddressLine2">Upload Photograph</label> <input type="file" class="form-control" id="file-upload" required name="cdate" onchange="return fileValidation()" placeholder="Years of Experience"> </div> <div class="col-sm-6"> <label for="inputCity">Address</label> <textarea name="paddress" id="" cols="30" rows="4" required class="form-control"></textarea> </div> </div> <button type="submit" class="btn btn-primary px-4 float-right" name="submit">Save</button> </div> </div> </div> <!-- form ends --> </div> </div> </div> </div> </form> </div> <!-- /.container-fluid --> </div> <!-- End of Main Content --> <?php include_once 'includes/footer.php';?> </div> <!-- End of Content Wrapper --> </div> <!-- End of Page Wrapper --> <!-- Scroll to Top Button--> <?php include_once 'includes/footer2.php';?> <!-- Bootstrap core JavaScript--> <script src="vendor/jquery/jquery.min.js"></script> <script src="vendor/bootstrap/js/bootstrap.bundle.min.js"></script> <!-- Core plugin JavaScript--> <script src="vendor/jquery-easing/jquery.easing.min.js"></script> <!-- Custom scripts for all pages--> <script src="js/sb-admin-2.min.js"></script> <script> /* javascript function to validate file type */ function fileValidation() { var inputElement = document.getElementById('file-upload'); var files = inputElement.files; if (files.length == 0) { alert("Please choose a file first..."); return false; } else { var filename = files[0].name; /* getting file extenstion eg- .jpg,.png, etc */ var extension = filename.substr(filename.lastIndexOf(".")); /* define allowed file types */ var allowedExtensionsRegx = /(\.jpg|\.jpeg|\.png|\.gif)$/i; /* testing extension with regular expression */ var isAllowed = allowedExtensionsRegx.test(extension); if (isAllowed) { alert("File type is valid for the upload"); /* file upload logic goes here... */ } else { alert("Invalid File Type.Choose image/Photo file Only"); inputElement.value = ''; return false; } } } </script> </body> </html> <?php }?>