ok
Direktori : /proc/thread-self/root/proc/self/root/home/ngwcolle/public_html/admin/ |
Current File : //proc/thread-self/root/proc/self/root/home/ngwcolle/public_html/admin/add-pmessage.php |
<?php session_start(); //DB conncetion include_once 'includes/config.php'; if (empty($_SESSION['token'])) { $_SESSION['token'] = bin2hex(random_bytes(32)); $_SESSION["token-expire"] = time() + 3600; // 1 hour = 3600 secs } //validating Session if (strlen($_SESSION['aid'] == 0)) { header('location:logout.php'); } else { if (isset($_POST['submit'])) { if (hash_equals($_SESSION["token"], $_POST["token"])) { $pname = strip_tags($_POST['dept']); $description = strip_tags($_POST['content']); $id = 1; // $query = mysqli_query($con, "UPDATE tbl_college set princmsg='$description',principal='$pname' where id='1'"); $stmt = $mysqli->prepare("UPDATE tbl_college SET princmsg = ?,principal=? where id=?"); $stmt->bind_param("sss", $description, $pname, $id); $stmt->execute(); if ($stmt) { echo '<script>alert("Message Addedd Successfully.")</script>'; echo "<script>window.location.href ='dashboard.php'</script>"; unset($_SESSION['token']); unset($_SESSION['token-expire']); } else { echo '<script>alert("Something Went Wrong. Please try again.")</script>'; } } else { echo '<script>alert("Malicious Data found & submitted. Please try again.")</script>'; } } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <meta name="description" content=""> <meta name="author" content=""> <title> Principal's Message</title> <!-- Custom fonts for this template--> <link href="vendor/fontawesome-free/css/all.min.css" rel="stylesheet" type="text/css"> <link href="https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i" rel="stylesheet"> <!-- Custom styles for this template--> <link href="css/sb-admin-2.min.css" rel="stylesheet"> <style type="text/css"> label { font-size: 16px; font-weight: bold; color: #000; } </style> </head> <body id="page-top"> <!-- Page Wrapper --> <div id="wrapper"> <?php include_once 'includes/sidebar.php'; ?> <!-- Content Wrapper --> <div id="content-wrapper" class="d-flex flex-column"> <!-- Main Content --> <div id="content"> <!-- Topbar --> <?php include_once 'includes/topbar.php'; ?> <!-- End of Topbar --> <!-- Begin Page Content --> <div class="container-fluid"> <!-- Page Heading --> <h1 class="h3 mb-4 text-gray-800">Manage Message form Principal</h1> <form method="post" name="adminprofile" enctype="multipart/form-data"> <input type="hidden" name="token" value="<?php echo htmlentities($_SESSION['token']); ?>"> <div class="row"> <div class="col-lg-12 col-sm-12 col-md-12"> <!-- Basic Card Example --> <div class="card shadow mb-4"> <div class="card-body"> <!-- form starts --> <div class="container py-2"> <div class="row"> <div class="col-md-12 mx-auto"> <div class="form-group row"> <div class="col-sm-12"> <label for="inputLastname">Principal's Name</label> <select name="dept" class="form-control" id="dept" required> <option value="">--Select--</option> <?php $query = mysqli_query($con, "select * from tbl_principal where status=1 "); while ($category = mysqli_fetch_array($query)) { ?> <option value="<?php echo $category["pname"]; ?>"> <?php echo $category["pname"]; ?></option> <?php } ?> </select> </div> </div> <div class="form-group row"> <div class="col-sm-12"> <label for="inputCity">Message from the Principal (Max 2000 Characters)</label> <textarea name="content" id="" cols="30" maxlength="2000" rows="10" class="form-control" required></textarea> <!-- <input type="date" class="form-control" id="inputCity" name="cdate" placeholder="City"> --> </div> </div> <button type="submit" class="btn btn-primary px-4 float-right" name="submit">Post Message</button> </div> </div> </div> <!-- form ends --> </div> </div> </div> </div> </form> </div> <!-- /.container-fluid --> </div> <!-- End of Main Content --> <?php include_once 'includes/footer.php'; ?> </div> <!-- End of Content Wrapper --> </div> <!-- End of Page Wrapper --> <!-- Scroll to Top Button--> <?php include_once 'includes/footer2.php'; ?> <!-- Bootstrap core JavaScript--> <script src="vendor/jquery/jquery.min.js"></script> <script src="vendor/bootstrap/js/bootstrap.bundle.min.js"></script> <!-- Core plugin JavaScript--> <script src="vendor/jquery-easing/jquery.easing.min.js"></script> <!-- Custom scripts for all pages--> <script src="js/sb-admin-2.min.js"></script> <script> /* javascript function to validate file type */ function fileValidation() { var inputElement = document.getElementById('file-upload'); var files = inputElement.files; if (files.length == 0) { alert("Please choose a file first..."); return false; } else { var filename = files[0].name; /* getting file extenstion eg- .jpg,.png, etc */ var extension = filename.substr(filename.lastIndexOf(".")); /* define allowed file types */ var allowedExtensionsRegx = /(\.jpg|\.jpeg|\.png|\.gif|\.pdf)$/i; /* testing extension with regular expression */ var isAllowed = allowedExtensionsRegx.test(extension); if (isAllowed) { alert("File type is valid for the upload"); /* file upload logic goes here... */ } else { alert("Invalid File Type.Choose image/PDF file Only"); inputElement.value = ''; return false; } } } </script> </body> </html> <?php } ?>