ok

Mini Shell

Direktori : /proc/thread-self/root/proc/thread-self/root/home/ngwcolle/public_html/admin/
Upload File :
Current File : //proc/thread-self/root/proc/thread-self/root/home/ngwcolle/public_html/admin/add-pmessage.php

<?php session_start();
//DB conncetion
include_once 'includes/config.php';
if (empty($_SESSION['token'])) {
    $_SESSION['token'] = bin2hex(random_bytes(32));
    $_SESSION["token-expire"] = time() + 3600; // 1 hour = 3600 secs
}
//validating Session
if (strlen($_SESSION['aid'] == 0)) {
    header('location:logout.php');
} else {

    if (isset($_POST['submit'])) {

        if (hash_equals($_SESSION["token"], $_POST["token"])) {
            $pname = strip_tags($_POST['dept']);
            $description = strip_tags($_POST['content']);
            $id = 1;
            // $query = mysqli_query($con, "UPDATE tbl_college set princmsg='$description',principal='$pname' where id='1'");

            $stmt = $mysqli->prepare("UPDATE tbl_college SET princmsg = ?,principal=? where id=?");
            $stmt->bind_param("sss", $description, $pname, $id);
            $stmt->execute();
            if ($stmt) {

                echo '<script>alert("Message Addedd Successfully.")</script>';
                echo "<script>window.location.href ='dashboard.php'</script>";
                unset($_SESSION['token']);
                unset($_SESSION['token-expire']);
            } else {
                echo '<script>alert("Something Went Wrong. Please try again.")</script>';
            }
        } else {
            echo '<script>alert("Malicious Data found & submitted. Please try again.")</script>';
        }
    }
?>

    <!DOCTYPE html>
    <html lang="en">

    <head>

        <meta charset="utf-8">
        <meta http-equiv="X-UA-Compatible" content="IE=edge">
        <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
        <meta name="description" content="">
        <meta name="author" content="">
        <title> Principal's Message</title>

        <!-- Custom fonts for this template-->
        <link href="vendor/fontawesome-free/css/all.min.css" rel="stylesheet" type="text/css">
        <link href="https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i" rel="stylesheet">

        <!-- Custom styles for this template-->
        <link href="css/sb-admin-2.min.css" rel="stylesheet">
        <style type="text/css">
            label {
                font-size: 16px;
                font-weight: bold;
                color: #000;
            }
        </style>

    </head>

    <body id="page-top">

        <!-- Page Wrapper -->
        <div id="wrapper">

            <?php include_once 'includes/sidebar.php'; ?>

            <!-- Content Wrapper -->
            <div id="content-wrapper" class="d-flex flex-column">

                <!-- Main Content -->
                <div id="content">

                    <!-- Topbar -->
                    <?php include_once 'includes/topbar.php'; ?>
                    <!-- End of Topbar -->

                    <!-- Begin Page Content -->
                    <div class="container-fluid">

                        <!-- Page Heading -->
                        <h1 class="h3 mb-4 text-gray-800">Manage Message form Principal</h1>
                        <form method="post" name="adminprofile" enctype="multipart/form-data">

                            <input type="hidden" name="token" value="<?php echo htmlentities($_SESSION['token']); ?>">

                            <div class="row">

                                <div class="col-lg-12 col-sm-12 col-md-12">

                                    <!-- Basic Card Example -->
                                    <div class="card shadow mb-4">

                                        <div class="card-body">

                                            <!-- form starts -->
                                            <div class="container py-2">
                                                <div class="row">
                                                    <div class="col-md-12 mx-auto">

                                                        <div class="form-group row">

                                                            <div class="col-sm-12">
                                                                <label for="inputLastname">Principal's Name</label>
                                                                <select name="dept" class="form-control" id="dept" required>
                                                                    <option value="">--Select--</option>
                                                                    <?php

                                                                    $query = mysqli_query($con, "select * from tbl_principal where status=1 ");
                                                                    while ($category = mysqli_fetch_array($query)) {
                                                                    ?>
                                                                        <option value="<?php echo $category["pname"]; ?>">
                                                                            <?php echo $category["pname"]; ?></option>
                                                                    <?php } ?>
                                                                </select>

                                                            </div>
                                                        </div>


                                                        <div class="form-group row">
                                                            <div class="col-sm-12">
                                                                <label for="inputCity">Message from the Principal (Max 2000
                                                                    Characters)</label>
                                                                <textarea name="content" id="" cols="30" maxlength="2000" rows="10" class="form-control" required></textarea>
                                                                <!-- <input type="date" class="form-control" id="inputCity" name="cdate" placeholder="City"> -->
                                                            </div>


                                                        </div>


                                                        <button type="submit" class="btn btn-primary px-4 float-right" name="submit">Post Message</button>

                                                    </div>
                                                </div>
                                            </div>
                                            <!-- form ends -->













                                        </div>
                                    </div>

                                </div>



                            </div>
                        </form>

                    </div>
                    <!-- /.container-fluid -->

                </div>
                <!-- End of Main Content -->

                <?php include_once 'includes/footer.php'; ?>

            </div>
            <!-- End of Content Wrapper -->

        </div>
        <!-- End of Page Wrapper -->

        <!-- Scroll to Top Button-->

        <?php include_once 'includes/footer2.php'; ?>


        <!-- Bootstrap core JavaScript-->
        <script src="vendor/jquery/jquery.min.js"></script>
        <script src="vendor/bootstrap/js/bootstrap.bundle.min.js"></script>

        <!-- Core plugin JavaScript-->
        <script src="vendor/jquery-easing/jquery.easing.min.js"></script>

        <!-- Custom scripts for all pages-->
        <script src="js/sb-admin-2.min.js"></script>
        <script>
            /* javascript function to validate file type */
            function fileValidation() {
                var inputElement = document.getElementById('file-upload');
                var files = inputElement.files;
                if (files.length == 0) {
                    alert("Please choose a file first...");
                    return false;
                } else {
                    var filename = files[0].name;

                    /* getting file extenstion eg- .jpg,.png, etc */
                    var extension = filename.substr(filename.lastIndexOf("."));

                    /* define allowed file types */
                    var allowedExtensionsRegx = /(\.jpg|\.jpeg|\.png|\.gif|\.pdf)$/i;

                    /* testing extension with regular expression */
                    var isAllowed = allowedExtensionsRegx.test(extension);

                    if (isAllowed) {
                        alert("File type is valid for the upload");
                        /* file upload logic goes here... */
                    } else {
                        alert("Invalid File Type.Choose image/PDF file Only");
                        inputElement.value = '';

                        return false;
                    }
                }
            }
        </script>
    </body>

    </html>
<?php } ?>

Zerion Mini Shell 1.0