/
home
/
efamember
/
domains
/
efa-member.com
/
public_html
/
backoffice
/
ajax
/
setting_blog
/
up file
home
<?php include('../../../config/main_function.php'); $secure = "cAh3DrJACzw4RbU"; $connection = connectDB($secure); $blog_id = mysqli_real_escape_string($connection, $_POST['blog_id']); $create_user_id = mysqli_real_escape_string($connection, $_POST['create_user_id']); $blog_message = mysqli_real_escape_string($connection, $_POST['blog_text']); $blog_header = mysqli_real_escape_string($connection, $_POST['blog_header']); $blog_member_level = mysqli_real_escape_string($connection, $_POST['access_level']); $visitors = mysqli_real_escape_string($connection, $_POST['visitors']); $general = mysqli_real_escape_string($connection, $_POST['general']); $extraordinary = mysqli_real_escape_string($connection, $_POST['extraordinary']); $ordinary = mysqli_real_escape_string($connection, $_POST['ordinary']); $employer = mysqli_real_escape_string($connection, $_POST['employer']); $company = mysqli_real_escape_string($connection, $_POST['company']); $agency = mysqli_real_escape_string($connection, $_POST['agency']); $worker = mysqli_real_escape_string($connection, $_POST['worker']); $update = "UPDATE tbl_setting_blog SET create_user_id ='$create_user_id' ,blog_message = '$blog_message' ,blog_header = '$blog_header' ,visitors_access = '$visitors' ,general_access = '$general' ,extraordinary_access = '$extraordinary' ,ordinary_access = '$ordinary' ,employer_access = '$employer' ,company_access = '$company' ,agency_access = '$agency' ,worker_access = '$worker' WHERE blog_id = '$blog_id'"; $rs_update = mysqli_query($connection, $update) or die($connection->error); if ($rs_update) { if ($_FILES['blog_image']["name"] != "") { $file = explode(".", $_FILES['blog_image']['name']); $file_num = count($file) - 1; $file_surname = $file[$file_num]; $filename_images = date("dmYhis") . rand(11, 99) . "." . $file_surname; $target_file = "../../../files/blog_files/" . $filename_images; if (move_uploaded_file($_FILES["blog_image"]["tmp_name"], $target_file)) { $update = "UPDATE tbl_setting_blog SET blog_image = '$filename_images' WHERE blog_id = '$blog_id';"; $rs_update = mysqli_query($connection, $update) or die($connection->error); if ($rs_update) { $result = 1; } else { $result = 0; } } else { $result = 0; } } $result = 1; } else { $result = 0; } $arr['result'] = $result; echo json_encode($arr); mysqli_close($connection);