clavariaceae

File "mandatorycontroller.php"

Full Path: /home/u593703731/domains/anandinternationalschool.com/public_html/controller/mandatorycontroller.php
File size: 2.27 KB
MIME-type: text/x-php
Charset: utf-8

Open Edit Advanced Editor Back

<?php
session_start();
include "../admin/includes/conn.php";

if ($_SERVER['REQUEST_METHOD'] === 'POST') {

    $section_name = intval($_POST['section_name']);
    $doc_name     = trim($_POST['doc_name']);
    $sub_section  = trim($_POST['sub_sections']);
    $media_file   = trim($_POST['media_file']); // ✅ kept

  
    if (!isset($_FILES['doc_file']) || $_FILES['doc_file']['error'] !== 0) {
        $_SESSION['error'] = "Please select a valid file.";
        header("Location: ../admin/index.php?page=mandatory");
        exit;
    }

    $file_name = $_FILES['doc_file']['name'];
    $file_tmp  = $_FILES['doc_file']['tmp_name'];
    $file_size = $_FILES['doc_file']['size'];

    $file_ext = strtolower(pathinfo($file_name, PATHINFO_EXTENSION));
    $allowed  = ['pdf', 'doc', 'docx', 'jpg', 'jpeg', 'png','txt'];

    if (!in_array($file_ext, $allowed)) {
        $_SESSION['error'] = "Invalid file type. Allowed: " . implode(", ", $allowed);
        header("Location: ../admin/index.php?page=mandatory");
        exit;
    }

    if ($file_size > 5 * 1024 * 1024) {
        $_SESSION['error'] = "File size must be under 5MB.";
        header("Location: ../admin/index.php?page=mandatory");
        exit;
    }


    $upload_dir = "assets/mandatory/";
    if (!is_dir($upload_dir)) {
        mkdir($upload_dir, 0777, true);
    }


    $new_file_name = time() . '_' . uniqid() . '.' . $file_ext;
    $destination   = $upload_dir . $new_file_name;

    if (!move_uploaded_file($file_tmp, $destination)) {
        $_SESSION['error'] = "File upload failed.";
        header("Location: ../admin/index.php?page=mandatory");
        exit;
    }

 
    $stmt = $conn->prepare(
        "INSERT INTO mandatorys 
        (sections, docs_name, files, sub_sections, media) 
        VALUES (?, ?, ?, ?, ?)"
    );

    $stmt->bind_param(
        "issss",
        $section_name,
        $doc_name,
        $new_file_name,
        $sub_section,
        $media_file
    );

    if ($stmt->execute()) {
        $_SESSION['success'] = "Mandatory document uploaded successfully!";
    } else {
        $_SESSION['error'] = "Database error: " . $stmt->error;
    }

    $stmt->close();
    header("Location: ../admin/index.php?page=mandatory");
    exit;
}
?>