conjoinedly

File "upload_banner.php"
Full Path: /home/u165092617/domains/tadzz.com/public_html/admin/backend/upload_banner.php
File size: 2.94 KB
MIME-type: text/x-php
Charset: utf-8
Open Edit Advanced Editor Back
<?php
session_start();
include("./../../config/config.php");
require_once("./validated_admin.php");

// Initialize message for feedback
$msg = '';

// File upload handling for 6 banners
if (isset($_REQUEST[SESS_MASTER . 'type'])) {
    $type = $_REQUEST[SESS_MASTER . 'type'];

    for ($k = 1; $k <= 6; $k++) { // Loop for 6 banners (1 to 6)
        $banner = $k; // Assign banner ID from 1 to 6
        $fileKey = SESS_MASTER . 'upload_banner' . $k; // Unique file input for each banner

        if (!empty($_FILES[$fileKey]['name'])) {
            $fileSize = $_FILES[$fileKey]['size'];
            $fileType = $_FILES[$fileKey]['type'];

            // Validate file size (2.5MB limit)
            if ($fileSize > 2500000) {
                $msg = "File for banner $k exceeds 2.5MB. Please reduce and retry.";
                continue;
            }

            // Validate file type (JPEG or PNG only)
            if (!in_array($fileType, ['image/jpeg', 'image/png'])) {
                $msg = "Only JPG or PNG files are allowed for banner $k.";
                continue;
            }

            // Generate unique filename to avoid overwrites
            $baseName = basename($_FILES[$fileKey]['name']);
            $fileName = uniqid() . '_' . $baseName;
            $prefix = ($type == 'slider') ? "banner_" : "banner_dis";
            $uploadPath = "../../images/banners/{$prefix}{$k}_" . $fileName; // Path for 6 banners
            $dbPath = "images/banners/{$prefix}{$k}_" . $fileName;

            // Move uploaded file to server
            if (move_uploaded_file($_FILES[$fileKey]['tmp_name'], $uploadPath)) {
                $msg = "File for banner $k successfully uploaded.";

                // Database operation for the specific banner
                $sliderType = ($type == 'slider') ? 'banner' : 'discount_banner';
                $sqlc = "SELECT * FROM banner_master WHERE banner = ? AND slider_type = ?";
                $myq = $conn->prepare($sqlc);
                $myq->execute([$banner, $sliderType]);
                $rows_fou = $myq->rowCount();

                if ($rows_fou > 0) {
                    $olgaquery = "UPDATE banner_master SET banner_path = ? WHERE banner = ? AND slider_type = ?";
                    $stmt = $conn->prepare($olgaquery);
                    $stmt->execute([$dbPath, $banner, $sliderType]);
                } else {
                    $olgaquery = "INSERT INTO banner_master (slider_type, banner, banner_path, activestatus) VALUES (?, ?, ?, '0')";
                    $stmt = $conn->prepare($olgaquery);
                    $stmt->execute([$sliderType, $banner, $dbPath]);
                }
            } else {
                $msg = "Failed to upload file for banner $k. Contact Site admin.";
            }
        }
    }
}

// Redirect with message to banner slider page
header("location:../banner-slider.php?msg=" . urlencode($msg ?: 'Upload process completed.'));
exit;
?>