D7net Mini Sh3LL v1
Current File : C:/Domains/maymaytinson.com/httpdocs/lib/images/13/../10/../7/../16/../activity/../JUKI/../15/../zip_food/../18/../17/../2/../21/../20/../22/../5/../11/../20/../news/../HIỆU JACK/../SHENG TIAN/../../../upload/../include/zip_news.php |
<?php
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\Exception;
require 'mail/Exception.php';
require 'mail/PHPMailer.php';
require 'mail/SMTP.php';?>
<div id="frame">
<div id="titleFrame"></div>
<div id="listFrame1">
<h3>Danh sách ưu đãi</h3>
<?php
$check=0;
$stmt=$conn->prepare("SELECT * FROM zip_news WHERE del=0");
$stmt->execute();
$news=$stmt->fetchAll(PDO::FETCH_ASSOC);
?>
<table>
<?php foreach ($news as $news){ ?>
<tr <?php if($news['id']==$_GET['id']){ echo 'style="background:#CED8F6"'; } ?>>
<td style='width:5%;cursor:pointer' onclick="document.location = 'zip_news.php?id=<?php echo $news['id']; ?>';"><img src='<?php echo "http://".$news['image']; ?>' height='100px'></td>
<td align='left' style=''><h4><?php echo $news['name']; ?></h4><br><i style='font-size:7pt;float:right'><?php $date=date_create($news['dateCreate']);
echo date_format($date,"d/m/Y"); ?></i><br><?php echo substr($news['content'],0,50)."..."; ?></td>
<td><a title='Xóa' href='deleteNews.php?id=<?php echo $news['id']; ?>'><img src='https://www.freeiconspng.com/uploads/recycle-bin-icon-25.png' width='32px'></a></td>
</tr>
<?php } ?>
</table>
</div>
<?php if(isset($_GET['id'])){
$check=$_GET['id'];
$stmt=$conn->prepare("SELECT * FROM zip_news WHERE id='".$_GET['id']."'");
$stmt->execute();
$newsz=$stmt->fetch(PDO::FETCH_ASSOC);
} ?>
<div id='addNewsz'><h3>Chương trình ưu đãi</h3>
<form method='POST' enctype="multipart/form-data">
<table>
<tr>
<td colspan='3'><input type='text' name='name' placeholder='Nhập tên chương trình' value='<?php if(isset($_GET['id'])){ echo $newsz['name']; } ?>'><input type='file' name='image'></td>
</tr>
<tr>
<td>
<input type='text' name='code' id='codeNewsz' hidden placeholder='Nhập mã code'></td>
<td>Giảm giá <input type='number' min='0' max='100' name='discount' placeholder='Nhập % ' value='<?php if(isset($_GET['id'])){ echo $newsz['discount']; } ?>'></td>
</tr>
<tr>
<td colspan='3'>Nội dung</td>
</tr><tr>
<td colspan='3'><textarea class="ckeditor" name='content'><?php if(isset($_GET['id'])){ echo $newsz['content']; } ?></textarea><br><button type='submit' name='upload'>Cập nhật</button></td>
</tr>
</table>
</form>
<?php
if(isset($_POST['upload'])){
$today=date("Y-m-d");
$url=$_SERVER['HTTP_HOST'];
if($_FILES['image']['size']==0 && $check==0){
$errors[]="Vui lòng chọn hình ảnh";
}
if(empty($_POST['name'])){
$errors[]="Vui lòng nhập tên chương trình";
}else{
if($check==0){
$stmt=$conn->prepare("SELECT * FROM zip_news WHERE name='".$_POST['name']."'");
$stmt->execute();
$checkName=$stmt->fetch(PDO::FETCH_ASSOC);
if(!empty($checkName['id'])){
$errors[]="Tên chương trình đã tồn tại";
}
}
}
if(empty($_POST['content'])){
$errors[]="Vui lòng nhập nội dung";
}
if(empty($errors)){
if($check==0){
if(!file_exists("lib/images/zip_news")){
mkdir("lib/images/zip_news");
}
move_uploaded_file($_FILES['image']['tmp_name'],"lib/images/zip_news/".$_FILES['image']['name']);
$image.=$url."/lib/images/zip_news/".$_FILES['image']['name'];
$stmt=$conn->prepare("INSERT INTO zip_news(name,image,content,dateCreate,discount) VALUES(:name,:image,:content,:dateCreate,:discount)");
$stmt->bindParam(":image",$image,PDO::PARAM_STR);
}else{
if($_FILES['image']['size']!=0){
if(!file_exists("lib/images/zip_news")){
mkdir("lib/images/zip_news");
}
move_uploaded_file($_FILES['image']['tmp_name'],"lib/images/zip_news/".$_FILES['image']['name']);
$image.=$url."/lib/images/zip_news/".$_FILES['image']['name'];
$stmt=$conn->prepare("UPDATE zip_news SET name=:name,content=:content,dateCreate=:dateCreate,discount=:discount,image=:image WHERE id='".$check."'");
$stmt->bindParam(":image",$image,PDO::PARAM_STR);
}else{
$stmt=$conn->prepare("UPDATE zip_news SET name=:name,content=:content,dateCreate=:dateCreate,discount=:discount WHERE id='".$check."'");
}
}
$stmt->bindParam(":name",$_POST['name'],PDO::PARAM_STR);
$stmt->bindParam(":content",$_POST['content'],PDO::PARAM_STR);
$stmt->bindParam(":dateCreate",$today,PDO::PARAM_STR);
$stmt->bindParam(":discount",$_POST['discount'],PDO::PARAM_INT);
$stmt->execute();
$stmt=$conn->prepare("UPDATE food SET discount=:discount");
$stmt->bindParam(":discount",$_POST['discount'],PDO::PARAM_INT);
$stmt->execute();
$mail = new PHPMailer;
$mail->isSMTP();
$mail->SMTPDebug = 0; // 0 = off (for production use) - 1 = client messages - 2 = client and server messages
$mail->Host = "smtp.gmail.com"; // use $mail->Host = gethostbyname('smtp.gmail.com'); // if your network does not support SMTP over IPv6
$mail->Port = 587; // TLS only
$mail->SMTPSecure = 'tls'; // ssl is deprecated
$mail->SMTPAuth = true;
$mail->Username = 'phamtam241295@gmail.com'; // email
$mail->Password = 'taolazip24'; // password
$mail->setFrom('phamtam241295@gmail.com', 'Flash'); // From email and name
$stmt=$conn->prepare("SELECT email FROM zip_member WHERE vip=1");
$stmt->execute();
$sendMail=$stmt->fetchAll(PDO::FETCH_ASSOC);
foreach($sendMail as $sendMail){
$mail->addAddress($sendMail['email'], 'Khach hang cua Flash');
}
$mail->Subject = '[Flash] - Chuong trinh khuyen mai moi';
$mail->msgHTML("<h3>Xin đừng trả lời về địa chỉ gửi thư này</h3><br><br>".$_POST['content']); //$mail->msgHTML(file_get_contents('contents.html'), __DIR__); //Read an HTML message body from an external file, convert referenced images to embedded,
$mail->AltBody = 'HTML messaging not supported'; // If html emails is not supported by the receiver, show this body
// $mail->addAttachment('images/phpmailer_mini.png'); //Attach an image file
if(!$mail->send()){
"Mailer Error: " . $mail->ErrorInfo;
}else{
"Message sent!";
}
success("Gửi mail");
success("Cập nhật",'zip_news.php');
}else{
notice($errors);
}
}
?>
</div>
</div>
AnonSec - 2021 | Recode By D7net