~NAXC~

File Name:

<?php

ob_start();

session_start();

// Because this file has the capability to put things on your server, you should protect it in some way.

// An example of this would be to implement a login system similar to that in the tutorial 'PHP Login System'

// found here: http://progtuts.info/92/login-system/

// The code required for this page using that example would be:

// include("logincheck.php");

// This piece is placed in a separate php block for emphasis only...

<?php

// In PHP versions earlier than 4.1.0, $HTTP_POST_FILES should be used instead

// of $_FILES.

// At this point you should check the size and type of the file supplied by the application.  Obviously because we are dealing with images here, the supplied file should

// be an image type.  I am restricting it to .jpeg but you will probably want to check more.

include('config/connection_config.php');

$id=$_GET['id'];

$location = $_POST['location'];

$country = $_POST['country'];

$state = $_POST['state'];

$city = $_POST['city'];

$local_area = $_POST['local_area'];

$tour_name = $_POST['tour_name'];

$tour_duration = $_POST['tour_duration'];

$tour_price = $_POST['tour_price'];

$distance = $_POST['distance'];

$getting = $_POST['getting'];

$discription = $_POST['discription'];

$link = $_POST['link'];

$checkbox=$_POST['month'];

$m="";

foreach($checkbox as $chk)

{

$m .= $chk.",";

}

$month=explode(",",$m);

$date=$_POST['fix_date'];

$fixdate22="";

foreach($date as $fixdate)

{

$fixdate22 .= $fixdate.",";

}

//$fix_date=explode(",",$fixdate22);

//if($_FILES['banner_image']['type'] == "image/jpeg" && $_FILES['banner_image']['size'] < 3000000)

// The file supplied is valid...Set up some variables for the location and name of the file.

$target_folder = 'upload/Banner/'; // This is the folder to which the images will be saved

$upload_image = $target_folder.basename($_FILES['banner_image']['name']); // The new file location

// Now use the move_uploaded_file function to move the file from its temporary location to its new location as defined above.

if(move_uploaded_file($_FILES['banner_image']['tmp_name'], $upload_image))

{

//include("mysql.php"); // Include the mysql file so that we can strip SQL from the variables (And we need the SQL connection later...)

$temp = explode(".",$_FILES["banner_image"]["name"]);

$newfilename = rand(1,89768) . '.' .end($temp);

// The following 2 variables depend on what was requested in the form - if it was only the image itself, they are unnecessary.

$newname = mysqli_real_escape_string($con,strip_tags($newfilename)); // Get the supplied image name and sanitize it

// The following 2 variables specify the planned names for the 2 images (actual and thumbnail).  In this example, I specify .jpg as the extension, but if you are

// allowing multiple file extensions you may need to extend this to deal with the possibilities.

$thumbnail = $target_folder."thumbnail_".$newname.""; // Set the thumbnail name

$actual = $target_folder.$newname.""; // Set the actual image name

// Get new sizes

list($width, $height) = getimagesize($upload_image);

$newwidth = 300; // This can be a set value or a percentage of original size ($width)

$newheight = 176; // This can be a set value or a percentage of original size ($height)

// Load the images

$thumb = imagecreatetruecolor($newwidth, $newheight);

$source = imagecreatefromjpeg($upload_image);

// Resize the $thumb image.

imagecopyresized($thumb, $source, 0, 0, 0, 0, $newwidth, $newheight, $width, $height);

// Save the new file to the location specified by $thumbnail

imagejpeg($thumb, $thumbnail, 100);

// Rename the original

//note, this only needs to be done if a new filename is supplied in the form (As it is in this example).

// note 2, if you don't mind starting the mysql connection earlier than the file move in order to sanitize $_POST['image_name'], $upload_image can use

// $newname from the beginning instead of $_FILES['banner_image']['name'] in line 12.

rename($upload_image, $actual);

// Now we will try and insert the details into the database with the new actual and thumbnail files, and with the new caption...

// We carry out the mysql query as part of an IF statement to evaluate if it worked properly.

}

if($newfilename!=''){

echo $sql = "update departure_tb SET location='".$location."',country='".$country."',state='".$state."',city='".$city."',local_area='".$local_area."',tour_name='".$tour_name."',tour_duration='".$tour_duration."',tour_price='".$tour_price."',discription='".$discription."',distance='".$distance."',getting='".$getting."',JAN='".$month[0]."',FEB='".$month[1]."',MAR='".$month[2]."',APR='".$month[3]."',MAY='".$month[4]."',JUN='".$month[5]."',JUL='".$month[6]."',AUG='".$month[7]."',SEP='".$month[8]."',OCT='".$month[9]."',NOV='".$month[10]."',DECM='".$month[11]."', banner_image='".$actual."', thumb_banner_image='".$thumbnail."', fix_date='".$fixdate22."', link='".$link."' where id='".$_GET['id']."' ";

}else

{

echo $sql = "update departure_tb SET location='".$location."',country='".$country."',state='".$state."',city='".$city."',local_area='".$local_area."',tour_name='".$tour_name."',tour_duration='".$tour_duration."',tour_price='".$tour_price."',discription='".$discription."',distance='".$distance."',getting='".$getting."',JAN='".$month[0]."',FEB='".$month[1]."',MAR='".$month[2]."',APR='".$month[3]."',MAY='".$month[4]."',JUN='".$month[5]."',JUL='".$month[6]."',AUG='".$month[7]."',SEP='".$month[8]."',OCT='".$month[9]."',NOV='".$month[10]."',DECM='".$month[11]."', fix_date='".$fixdate22."', link='".$link."' where id='".$_GET['id']."' ";

}

mysqli_query($con,$sql);

header("Location:view_departure.php?m=1");

Bypass Options

Select edit method

Obfuscate PHP:

No Obfuscate

Obfuscate