0byt3m1n1

Path: /var/www/listcrawler.app/public_html/admin/ [ Home ]
File: edit_list.php
<?php
session_start();
require_once 'config/config.php';
require_once BASE_PATH.'/includes/auth_validate.php';

// Sanitize if you want
$list_id = filter_input(INPUT_GET, 'list_id', FILTER_VALIDATE_INT);
$operation = filter_input(INPUT_GET, 'operation', FILTER_SANITIZE_STRING); 
($operation == 'edit') ? $edit = true : $edit = false;
$db = getDbInstance();

// Handle update request. As the form's action attribute is set to the same script, but 'POST' method, 
if ($_SERVER['REQUEST_METHOD'] === 'POST') 
{
    // Get list_id id form query string parameter.
    $list_id = filter_input(INPUT_GET, 'list_id', FILTER_SANITIZE_STRING);

    // Get input data
    $data_to_db = filter_input_array(INPUT_POST);
	//echo "<pre>";
	//print_r($data_to_db);die;
	$listdata_to_db = array(
		'list_title' => $data_to_db['list_title'],
		'list_desc' => $data_to_db['list_desc'],
		'age' => $data_to_db['age']
	);
	
    $db->where('id', $list_id);
    $stat = $db->update('lists', $listdata_to_db);
	
	// Update List Location
	$lists_locations_data = array(			
		'location_id' => trim($data_to_db['location_id'])
	);
	$db->where('list_id', $list_id);
	$db->update('lists_locations', $lists_locations_data);
		
	// Update pic 1
	if(isset($_FILES['pic1']['name']) && $_FILES['pic1']['name']!='') {
		$pic=$_FILES['pic1']['name'];
		
		$path = pathinfo($pic);
		$filename = $path['filename'];
		$ext = $path['extension'];
		
		$final_pic = rand(10,100) . "" .time() . "." . $ext;
		$path = "../pics/" . $final_pic;
		$thumb = "../pics/" . $final_pic;
		
		if (isset($_POST['pic_1_id']) && $_POST['pic_1_id']) {
			$db->where('id', $_POST['pic_1_id']);
			// Get data to pre-populate the form.
			$data_pic_1 = $db->getOne('photos');
			@unlink("../pics/" . $data_pic_1['photo_name']);
			$db->where('id', $_POST['pic_1_id']);
			$db->delete('photos');
		}
		
		
		move_uploaded_file($_FILES['pic1']['tmp_name'],$path);			
		resizeImage($path, $thumb, 500, 650);
		
		$pic1_data = array(
			'list_id' => $list_id,
			'photo_name' => $final_pic
		);
		
		$db->insert('photos', $pic1_data);
	}
	
	// Update pic 2
	if(isset($_FILES['pic2']['name']) && $_FILES['pic2']['name']!='') {
		$pic=$_FILES['pic2']['name'];
		
		$path = pathinfo($pic);
		$filename = $path['filename'];
		$ext = $path['extension'];
		
		$final_pic = rand(10,100) . "" .time() . "." . $ext;
		$path = "../pics/" . $final_pic;
		$thumb = "../pics/" . $final_pic;
		
		if (isset($_POST['pic_2_id']) && $_POST['pic_2_id']) {
			$db->where('id', $_POST['pic_1_id']);
			// Get data to pre-populate the form.
			$data_pic_2 = $db->getOne('photos');
			@unlink("../pics/" . $data_pic_2['photo_name']);
			$db->where('id', $_POST['pic_2_id']);
			$db->delete('photos');
		}
		
		
		move_uploaded_file($_FILES['pic2']['tmp_name'],$path);			
		resizeImage($path, $thumb, 500, 650);
		
		$pic2_data = array(
			'list_id' => $list_id,
			'photo_name' => $final_pic
		);
		
		$db->insert('photos', $pic2_data);
	}
	
	// Update pic 3
	if(isset($_FILES['pic3']['name']) && $_FILES['pic3']['name']!='') {
		$pic=$_FILES['pic3']['name'];
		
		$path = pathinfo($pic);
		$filename = $path['filename'];
		$ext = $path['extension'];
		
		$final_pic = rand(10,100) . "" .time() . "." . $ext;
		$path = "../pics/" . $final_pic;
		$thumb = "../pics/" . $final_pic;
		
		if (isset($_POST['pic_3_id']) && $_POST['pic_3_id']) {
			$db->where('id', $_POST['pic_1_id']);
			// Get data to pre-populate the form.
			$data_pic_3 = $db->getOne('photos');
			@unlink("../pics/" . $data_pic_3['photo_name']);
			$db->where('id', $_POST['pic_3_id']);
			$db->delete('photos');
		}
		
		
		move_uploaded_file($_FILES['pic3']['tmp_name'],$path);			
		resizeImage($path, $thumb, 500, 650);
		
		$pic3_data = array(
			'list_id' => $list_id,
			'photo_name' => $final_pic
		);
		
		$db->insert('photos', $pic3_data);
	}


    if ($stat)
    {
        $_SESSION['success'] = 'Ad updated successfully!';
        // Redirect to the edit page
        header('Location: edit_list.php?list_id=' . $list_id . '&operation=edit');
        // Important! Don't execute the rest put the exit/die.
        exit();
    }
}

$getLocations = $db->rawQuery("SELECT `id`, `location_name` FROM `locations` ORDER BY `location_name` ASC ");
// If edit variable is set, we are performing the update operation.
if ($edit)
{
    $db->where('id', $list_id);
    // Get data to pre-populate the form.
    $list = $db->getOne('lists');
	
	// Get Location
	$db->where('list_id', $list_id);
    // Get data to pre-populate the form.
    $lists_locations = $db->getOne('lists_locations');
	
	
	// Get pics
	 $db->where('list_id', $list_id);
    // Get data to pre-populate the form.
    $photos = $db->get('photos');
	$pic_ids = array();
	$list_ids = array();
	$pics = array();
	
	$i = 0;
	foreach ($photos as $photo):
		$pic_ids[$i] = $photo['id'];
		$list_ids[$i] = $photo['list_id'];
		$pics[$i] = $photo['photo_name'];		
		
		?>
	 <!-- Delete Confirmation Modal for pics -->
            <div class="modal fade" name="delete-photo" id="confirm-delete-<?php echo $pic_ids[$i]; ?>" role="dialog">
                <div class="modal-dialog">
                    <form action="delete_photo.php" method="POST">
                        <!-- Modal content -->
                        <div class="modal-content">
                            <div class="modal-header">
                                <button type="button" class="close" data-dismiss="modal">&times;</button>
                                <h4 class="modal-title">Confirm</h4>
                            </div>
                            <div class="modal-body">
                                <input type="hidden" name="del_id" id="del_id" value="<?php echo $pic_ids[$i]; ?>">
                                <input type="hidden" name="list_id" id="list_id" value="<?php echo $list_ids[$i]; ?>">
                                <p>Are you sure you want to delete this pic?</p>
                            </div>
                            <div class="modal-footer">
                                <button type="submit" class="btn btn-default pull-left">Yes</button>
                                <button type="button" class="btn btn-default" data-dismiss="modal">No</button>
                            </div>
                        </div>
                    </form>
                </div>
            </div>
            <!-- //Delete Confirmation Modal -->
	
	<?php
		$i++;
	endforeach;
	//print_r( $pics);die;
	
	
}
?>
<?php include BASE_PATH.'/includes/header.php'; ?>
<div id="page-wrapper">
    <div class="row">
        <div class="col-lg-6">
            <h2 class="page-header">Update Ad</h2>
        </div>
		<div class="col-lg-6">
            <div class="page-action-links text-right">
                <a href="lists.php" class="btn btn-success"><i class="glyphicon glyphicon-chevron-left"></i> Free Ad Listing</a>
            </div>
        </div>
    </div>
    <!-- Flash messages -->
    <?php include BASE_PATH.'/includes/flash_messages.php'; ?>
    <form class="form" action="" method="post" id="list_form" enctype="multipart/form-data">
        <?php include BASE_PATH.'/forms/list_form.php'; ?>
    </form>
</div>
<link href="/css/lightbox.css" rel="stylesheet" />
<script src="/js/lightbox.js"></script>
<script type="text/javascript">
$(document).ready(function(){
   $('#list_form').validate({
       rules: {
            list_title: {
                required: true,
                minlength: 6
            },
            list_desc: {
                required: true,
                minlength: 6
            },
			age: {
                required: true,
                minlength: 2,
			    number: true,
				min: 18,
				max: 99
            },
			location_id: {
                required: true
            }			
        }
    });
});
</script>
<?php include BASE_PATH.'/includes/footer.php'; ?>