WebShell: t.me/oghbnz
<?php require("header.php"); ?>
<?php require("sub_header.php");
$a=$_GET['id'];
$query=$conn->query("SELECT * FROM home_banner WHERE id='$a' ");
$title=$query->fetch(PDO::FETCH_ASSOC);
?>
<div class="main">
<div class="container">
<div class="row">
<div class="span8">
<div class="widget stacked ">
<div class="widget-header" >
 <a href="home_banner.php" class="btn btn-success"><< Back</a>
<h3 style="padding-left : 260px ">Add/Update Home Banner</h3>
</div> <!-- /widget-header -->
<div class="widget-content">
<div class="tabbable">
<div class="tab-content">
<div class="tab-pane active" id="profile">
<form name="form" id="form" action="" method="POST" class="form-horizontal" enctype='multipart/form-data'>
<div class="login-fields">
<?php if($_GET['msg']=='error'){?>
<h3 style="color: green" style="padding-left: 182px;">Unable to update please try again</h3>
<?php } ?>
<div class="control-group">
<label class="control-label col-md-4" for="heading">Title :</label>
<div class="controls">
<input type="text" id="heading" name="heading" value="<?php echo $title['title']; ?>" class="span5" />
</div>
</div>
<!-- <div class="control-group">
<label class="control-label col-md-4" for="link">Link :</label>
<div class="controls">
<input type="text" id="link" name="link" value="<?php echo $title['link']; ?>" class="span5" />
</div>
</div> -->
<div class="control-group">
<label class="control-label" for="pic">Background Banner :</label>
<?php if($title['image']){
$f=$title['image'];
echo "<img height='500' width='350' src='../images/home_banner/".$f."'>";
} ?>
<div class="controls">
<input type="FILE" id="pic" name="pic" class="login username-field" />
</div>
<div style="padding-left: 182px;" > <b>Note :</b><p><i>Please uplode ( 1600 X 800 ) Pixel images to maintain design</i> </p></div>
</div>
<div class="control-group">
<label class="control-label col-md-4" for="video">Select Video :</label>
<?php if($title['video_name']){
$f=$title['video_name'];?>
<video width="320" height="240" controls>
<source src="../images/home_banner/<?php echo $f; ?>" type="video/mp4">
<source src="movie.ogg" type="video/ogg">
Your browser does not support the video tag.
</video>
<?php } ?>
<div class="controls">
<input type="file" id="video" name="video" class="span5" />
</div>
<div style="padding-left: 182px;" > <b>Note :</b><p><i>Only MP4 Videos are Supported</i> </p></div>
</div>
<div class=class="controls" style="padding-left: 182px;" >
<button class="btn btn-primary" name='update'>Update</button>
</div>
</form>
</div> <!-- /login-fields -->
</div>
</div>
</div>
</div>
</div> <!-- /widget-content -->
</div> <!-- /widget -->
</div> <!-- /span8 -->
</div> <!-- /row -->
</div> <!-- /container -->
</div> <!-- /main -->
<?php
extract($_POST);
if(isset($_GET['id'])){
$a=$_GET['id'];
$query=$conn->query("SELECT * FROM home_banner WHERE id='$a'");
$title=$query->fetch(PDO::FETCH_ASSOC);
if (isset($_POST['update'])){
if(isset($_FILES['pic']) && $_FILES['pic']['size']>0){
$tmp = $_FILES['pic']['tmp_name'];
if(is_uploaded_file($tmp)){
$oname=$_FILES['pic']['name'];
echo "$oname";
$name=getRand().'-'.$oname; //use this if you want to randamise the name write a function to it.
$desc="../images/home_banner/".$name;
move_uploaded_file($tmp,$desc);
}
}else{
$name=$title['image'];
}
if(isset($_FILES['video']) && $_FILES['video']['size']>0){
$oname=$_FILES['video']['name'];
$pos = strrpos($oname, ".");
$extension=substr($oname,$pos+1);
$extension=strtolower($extension);
if($extension == "mp4") {
$tmp = $_FILES['video']['tmp_name'];
if(is_uploaded_file($tmp)){
$video_name=$oname; //use this if you want to randamise the name write a function to it.
$filename = $video_name;
$title = substr($filename, 0, strrpos($filename, "."));
$desc="../images/home_banner/".$video_name;
move_uploaded_file($tmp,$desc);
}
}
}else{
$video_name= $title['video_name'];
}
$sql1 = $conn->prepare("UPDATE home_banner SET image=:name, video_name=:video_name, title=:heading WHERE id='$a' ");
$sql1->bindValue(':name',$name, PDO::PARAM_STR);
$sql1->bindValue(':video_name',$video_name, PDO::PARAM_STR);
$sql1->bindValue(':heading',$heading, PDO::PARAM_STR);
// $sql1->bindValue(':link',$link, PDO::PARAM_STR);
if($sql1->execute()){
echo "<script>document.location.href='home_banner.php?msg=update'</script>";
echo "<script>document.location.href=home_banner.php'</script>";
}
echo "<script>document.location.href='home_banner_settings.php?msg=error'</script>";
}
}elseif (isset($_POST['update'])){
if(isset($_FILES['pic']) && $_FILES['pic']['size']>0){
$tmp = $_FILES['pic']['tmp_name'];
if(is_uploaded_file($tmp)){
$oname=$_FILES['pic']['name'];
$name=getRand().'-'.$oname; //use this if you want to randamise the name write a function to it.
$desc="../images/home_banner/".$name;
move_uploaded_file($tmp,$desc);
}
}else{
echo "File is Empty";
}
if(isset($_FILES['video']) && $_FILES['video']['size']>0){
$oname=$_FILES['video']['name'];
$pos = strrpos($oname, ".");
$extension=substr($oname,$pos+1);
$extension=strtolower($extension);
if($extension == "mp4") {
$tmp = $_FILES['video']['tmp_name'];
if(is_uploaded_file($tmp)){
$video_name=$oname; //use this if you want to randamise the name write a function to it.
$filename = $video_name;
$title = substr($filename, 0, strrpos($filename, "."));
$desc="../images/home_banner/".$video_name;
move_uploaded_file($tmp,$desc);
}
}
}else{
echo "Please Select a Video";
}
echo $name."<br>";
echo $video_name."<br>";
echo $heading."<br>";
$sql1 = $conn->prepare("INSERT INTO home_banner (image, video_name, title) VALUES (:name, :video_name, :heading) ");
$sql1->bindValue(':name',$name, PDO::PARAM_STR);
$sql1->bindValue(':video_name',$video_name, PDO::PARAM_STR);
$sql1->bindValue(':heading',$heading, PDO::PARAM_STR);
// $sql1->bindValue(':link',$link, PDO::PARAM_STR);
if($sql1->execute()){
echo "<script>document.location.href='home_banner.php?msg=update'</script>";
echo "<script>document.location.href=home_banner.php'</script>";
}
echo "<script>document.location.href='home_banner_settings.php?msg=error'</script>";
}
function getRand(){
$str=str_shuffle("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890$%@^");
return sha1(str_shuffle(crypt($str)));
}
?>
<?php include_once("foter.php"); ?>