Eror Page

D7net Mini Sh3LL v1

ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF
Directory (0777) : C:/Domains/maymaytinson.com/httpdocs/include/

Home	☍ Command	☍ Upload File	☍Info Server	☍ Buat File	☍ Mass deface	☍ Jumping	☍ Config	☍ Symlink	☍ About

Current File : C:/Domains/maymaytinson.com/httpdocs/include/editNews.php

<br><h3>Thông tin tin tức</h3>
<br>
<div id="editProduct">
	<?php
	$now=date("Y-m-d H:i:s");
	if(isset($_GET['id'])){
		$stmt=$conn->prepare("SELECT * FROM news WHERE id='".$_GET['id']."'");
		$stmt->execute();
		$news=$stmt->fetch(PDO::FETCH_ASSOC);
	}	
	?>
	<form method="POST" enctype="multipart/form-data">
	<table>
		<tr>
			<td>Tiêu đề</td>
			<td><input type="text" name="title" value="<?php if(isset($_GET['id'])){echo $news['title'];} ?>"></td>
			<td>Hình ảnh</td>
			<td><input type="file" name="image[]" multiple></td>
		</tr>
		<tr>
			<td>Nội dung chi tiết</td>
		</tr>
		<tr>
			<td colspan="4" id="textarea">
				<textarea class="ckeditor" id="editor" name="content"><?php if(isset($_GET['id'])){echo $news['content'];} ?></textarea>
			</td>
		</tr>
		<tr>
			<td><button type="submit" name="save">Lưu lại</button></td>
		</tr>
	</table>
	</form>
	<?php
if(isset($_POST['save'])){
	$image='';$count=0;
	if(empty($_POST['title'])){
		$errors[]="Vui lòng nhập tiêu đề";
	}
	if(empty($_POST['content'])){
		$errors[]="Vui lòng nhập nội dung";
	}
	if(empty($errors)){
			if(!file_exists("lib/images/news")){
				mkdir("lib/images/news");
			}
			foreach ($_FILES["image"]['name'] as $file) {
				$count++;
			}
			
			for($i=0; $i< $count; $i++)
			{
			 	move_uploaded_file($_FILES['image']['tmp_name'][$i],"lib/images/news/".$_FILES['image']['name'][$i]);
			 	$image.=$url="lib/images/news/".$_FILES['image']['name'][$i];
			 	$name=$_FILES['image']['name'][$i];
			}
		if(strlen($_FILES['image']['name'][0])!=0){	
			if(isset($_GET['id'])){
				$stmt=$conn->prepare("UPDATE news SET title=:title,image=:image,content=:content,creator=:creator WHERE id='".$_GET['id']."'");
			}else{
				$stmt=$conn->prepare("INSERT INTO news(title,image,content,dateInsert,creator) VALUES(:title,:image,:content,:dateInsert,:creator)");
				$stmt->bindParam(":dateInsert",$now,PDO::PARAM_STR);
			}	
			$stmt->bindParam(":image",$image,PDO::PARAM_STR);
		}else{
			if(isset($_GET['id'])){
				$stmt=$conn->prepare("UPDATE news SET title=:title,content=:content,creator=:creator WHERE id='".$_GET['id']."'");
			}else{
				$stmt=$conn->prepare("INSERT INTO news(title,content,dateInsert,creator) VALUES(:title,:content,:dateInsert,:creator)");
				$stmt->bindParam(":dateInsert",$now,PDO::PARAM_STR);
			}
		}		
		$stmt->bindParam(":title",$_POST['title'],PDO::PARAM_STR);
		$stmt->bindParam(":content",$_POST['content'],PDO::PARAM_STR);
		$stmt->bindParam(":creator",$_SESSION['id'],PDO::PARAM_INT);
		$stmt->execute();
		success("Cập nhật","editNews.php?id=".$_GET['id']);
	}else{
		notice($errors);
	}
}
	?>
</div>

AnonSec - 2021 | Recode By D7net