OXIESEC PANEL
- Current Dir:
/
/
var
/
www
/
knaadu
/
cms
/
process
Server IP: 139.59.38.164
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
01/14/2024 12:04:40 PM
rwxr-xr-x
📄
chk.login.php
936 bytes
12/18/2021 04:01:00 AM
rwxr-xr-x
📄
get.section.article.php
41.34 KB
01/14/2024 11:25:58 AM
rw-r--r--
📄
get.section.author.php
12.17 KB
12/28/2021 03:21:00 AM
rwxr-xr-x
📄
get.section.category.php
9.29 KB
12/18/2021 04:01:00 AM
rwxr-xr-x
📄
get.section.general.php
32.43 KB
02/21/2023 05:59:26 AM
rwxr-xr-x
📄
get.section.issue.php
16.68 KB
12/28/2021 02:59:00 AM
rwxr-xr-x
📄
get.section.tag.php
8.79 KB
12/18/2021 04:29:00 AM
rwxr-xr-x
📄
get.section.user.php
14.23 KB
12/18/2021 04:13:00 AM
rwxr-xr-x
📄
get.section.volume.php
12 KB
12/18/2021 04:01:00 AM
rwxr-xr-x
📄
logout.php
93 bytes
12/18/2021 04:01:00 AM
rwxr-xr-x
📄
upload.php
2.3 KB
12/20/2021 11:28:00 PM
rwxr-xr-x
Editing: get.section.category.php
Close
<? // ACCS Journal: Category include '../inc/validate.logged.php'; include '../../inc/config.php'; $act = ''; if (!empty($_POST)) $act = isset($_POST["act"]) ? $_POST["act"] : ''; // Check if already exists on creation if ($act == 'chkExist') { $editId = isset($_POST['editId']) ? $_POST['editId'] : ''; $categoryName = isset($_POST['categoryName']) ? $_POST['categoryName'] : ''; if ($categoryName != '') { if ($editId == '') { $sql = "SELECT category_id FROM categories WHERE category_name='$categoryName'"; } else { $sql = "SELECT category_id FROM categories WHERE category_name='$categoryName' AND category_id<>$editId"; } $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows == 0) { echo 'OK'; } else { echo 'ERROR: Category already exists!'; } } } // Add if ($act == 'add') { $categoryName = isset($_POST['categoryName']) ? trim($_POST['categoryName']) : ''; if ($categoryName != '') { $sql = "SELECT category_id FROM categories WHERE category_name='$categoryName'"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows == 0) { $sql = "INSERT INTO categories(category_name) VALUES('$categoryName')"; mysqli_query($dbpro, $sql); echo "OK"; } } } // Update if ($act == 'edit') { $editId = isset($_POST['editId']) ? $_POST['editId'] : ''; $categoryName = isset($_POST['categoryName']) ? trim($_POST['categoryName']) : ''; if ($editId != '' && $categoryName != '') { $sql = "UPDATE categories SET category_name='$categoryName' WHERE category_id=$editId"; mysqli_query($dbpro, $sql); echo "OK"; } } // Delete if ($act == 'delete') { $delId = isset($_POST['delId']) ? $_POST['delId'] : ''; if ($delId != '') { $sql = "DELETE FROM categories WHERE category_id=$delId"; mysqli_query($dbpro, $sql); $sql = "UPDATE articles SET category_id=0 WHERE category_id=$delId"; mysqli_query($dbpro, $sql); echo "OK"; } } // Show Add if ($act == 'addForm') { ?> <div class="card mt-3"> <div class="card-header">Add New Category</div> <div class="card-body"> <div class="form-row"> <div class="form-group col"> <label for="volumeName">Category Name</label> <input type="text" class="form-control" id="categoryName" name="categoryName" maxlength="50" /> </div> </div> </div> <div class="card-footer"> <button type="submit" class="btn btn-primary" onclick="return chkAddCategory()">Add</button> <div id="panelStatus" class="float-right text-sm text-danger" style="margin-top:5px" align="right"></div> </div> </div> <? } // Show Edit if ($act == 'editForm') { $isValid = 0; $categoryId = isset($_POST['id']) ? $_POST['id'] : ''; $sql = "SELECT category_name FROM categories WHERE category_id=$categoryId"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { $row = mysqli_fetch_assoc($result); $categoryName = $row['category_name']; $isValid = 1; } ?> <div class="popup" style="width:500px"> <div class="widget"> <form id="frmEdit" name="frmEdit"> <div class="card"> <div class="card-header">Edit Category</div> </div> <div id="widgetEdit_B" style="padding:15px 25px"> <? if($isValid == 1) { ?> <div class="form-row"> <div class="form-group col"> <label for="volumeName">CategoryName</label> <input type="text" class="form-control" id="categoryName" name="categoryName" value="<?=$categoryName?>" /> </div> </div> <? } ?> </div> <div id="widgetEdit_F" style="border-top:1px solid #ebedf2;padding:20px 25px;"> <div class="col"> <button type="submit" class="btn btn-primary" onclick="return chkEditCategory()">Update</button> <button type="submit" class="btn btn-light ml-1" onclick="return clearForm('frmEdit')">Reset</button> <div id="panelStatus" class="float-right text-sm text-danger" style="margin-top:5px" align="right"></div> </div> </div> <input type="hidden" id="editId" name="editId" value="<?=$categoryId?>" /> <input type="hidden" id="act" name="act" value="edit" /> </form> </div> </div> <? } // Show Delete if ($act == 'delForm') { $isValid = 0; $categoryId = isset($_POST['id']) ? $_POST['id'] : ''; $sql = "SELECT category_name FROM categories WHERE category_id=$categoryId"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { $row = mysqli_fetch_assoc($result); $categoryName = $row['category_name']; $isValid = 1; } ?> <div class="popup" style="width:480px"> <div class="widget"> <form id="frmDel" name="frmDel"> <div class="card"> <div class="card-header">Delete Category</div> </div> <div id="widgetDel_B" style="padding:15px 25px"> <? if($isValid == 1) { ?> You are about to delete Category: <b><?=$categoryName?></b> <? } ?> </div> <div id="widgetDel_F" style="border-top:1px solid #ebedf2;padding:20px 25px;"> <div class="col"> <button type="submit" class="btn btn-primary" onclick="return chkDelCategory()">Confirm</button> <div id="panelStatus" class="float-right text-sm text-danger" style="margin-top:5px" align="right"></div> </div> </div> <input type="hidden" id="delId" name="delId" value="<?=$categoryId?>" /> <input type="hidden" id="act" name="act" value="delete" /> </form> </div> </div> <? } // Search Form if ($act == 'search') { ?> <ol class="breadcrumb mt-4 mb-3"> <li class="breadcrumb-item"><a href="dashboard.php">Dashboard</a></li> <li class="breadcrumb-item active">Categories</li> </ol> <form id="frmSearch" name="frmSearch"> <button type="button" class="btn btn-secondary mb-2 float-right" onclick="addCategory()"><i class="fas fa-plus"></i> Add New Category</button> <br clear="all" /> <div class="card"> <div class="card-header">Search Categories</div> <div class="card-body"> <div class="form-inline"> <div class="form-group mr-2"> <label for="srcVolumeName" class="col-form-label-sm">Category Name</label> <input type="txt" class="form-control ml-0 ml-sm-2" id="srcCategoryName" name="srcCategoryName" /> </div> <div class="col text-right"> <button type="submit" class="btn btn-primary mt-2 mt-sm-0" onclick="return searchCategory()">Show</button> </div> </div> </div> </div> <div id="panelSearch"></div> <input type="hidden" id="act" name="act" value="searchResults" /> </form> <? } // Search Result if ($act == 'searchResults') { $pageNum = isset($_POST["pageNum"]) ? $_POST["pageNum"] : 1; $srcCategoryName = isset($_POST["srcCategoryName"]) ? $_POST["srcCategoryName"] : ''; $numRecords = 50; $startOrder = (($pageNum - 1) * $numRecords); $sql = "SELECT SQL_CALC_FOUND_ROWS * FROM categories WHERE category_id>0"; if ($srcCategoryName != '') $sql .= " AND category_name LIKE '%" . $srcCategoryName . "%'"; $sql .= " ORDER BY category_name LIMIT " . $startOrder . "," . ($numRecords+1); $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); $sql = "SELECT FOUND_ROWS()"; $resultCount = mysqli_query($dbpro, $sql); $rowCount = mysqli_fetch_array($resultCount); $totalCount = $rowCount[0]; if ($numRows == 0) { echo '<div class="m-2">No results found!</div>'; } else { ?> <table class="table table-sm mt-3"> <thead class="thead-light"> <tr> <th width="20"></th> <th>Category</th> <th width="30"></th> <th width="30"></th> </tr> </thead> <? $j = 0; for ($i=0;$i<$numRows;$i++) { if ($i < $numRecords) { $row = mysqli_fetch_array($result); $categoryId = $row['category_id']; $categoryName = $row['category_name']; $j += 1; ?> <tr> <th><?=$startOrder+$i+1?>.</th> <td><?=$categoryName?></td> <td align="center" title="Edit Category"><i data-id="<?=$categoryId?>" class="editRow cursorHand far fa-edit fa-lg"></i></td> <td align="center" title="Delete Category"><i data-id="<?=$categoryId?>" class="delRow cursorHand far fa-trash-alt fa-lg"></i></td> </tr> <? } } ?> </table> <div id="listingPageNum" class="float-left text-success" data-pagenum="<?=$pageNum?>">Showing <?=$startOrder+1?> to <?=$startOrder+$j?> of <?=$totalCount?> entries</div> <div class="float-right" align="right"> <? if ($pageNum > 1) { ?><button class="btn btn-warning" onclick="return searchCategory(<?=$pageNum-1?>)"><</button><? } ?> <? if ($numRows > $numRecords) { ?><button class="btn btn-warning" style="margin-left:5px" onclick="return searchCategory(<?=$pageNum+1?>)">></button><? } ?> </div> <div class="cleaner"></div> <br> <br> <? } ?> <script type="text/javascript"> $(function () { $('.editRow').magnificPopup({ type: 'ajax', closeBtnInside: true, ajax: { settings: { method: 'POST', url: 'process/get.section.category.php' } }, callbacks: { elementParse: function(item){ postData = { act: 'editForm', id: $(item.el[0]).data('id') } this.st.ajax.settings.data = postData; } } }); $('.delRow').magnificPopup({ type: 'ajax', closeBtnInside: true, ajax: { settings: { method: 'POST', url: 'process/get.section.category.php' } }, callbacks: { elementParse: function(item){ postData = { act: 'delForm', id: $(item.el[0]).data('id') } this.st.ajax.settings.data = postData; } } }); }); </script> <? }