File "updatenoticecontroller.php"

Full Path: /home/u593703731/domains/anandinternationalschool.com/public_html/controller/updatenoticecontroller.php
File size: 1.14 KB
MIME-type: text/x-php
Charset: utf-8

 
Open Edit   Advanced Editor   Back 
<?php
include "../admin/includes/conn.php"; 

$id       = (int) $_POST['id']; // safer
$heading  = mysqli_real_escape_string($conn, $_POST['heading']);
$content  = mysqli_real_escape_string($conn, $_POST['content']);
$show_on  = mysqli_real_escape_string($conn, $_POST['show_on']);
$oldFile  = $_POST['old_file'];

$uploadDir = __DIR__ . "/../assets/notices/"; 

if (!is_dir($uploadDir)) {
    mkdir($uploadDir, 0777, true);
}

$fileName = $oldFile; 

if (!empty($_FILES['file']['name'])) {

    // delete old file
    if (!empty($oldFile) && file_exists($uploadDir . $oldFile)) {
        unlink($uploadDir . $oldFile);
    }

    $fileName = time() . "_" . basename($_FILES['file']['name']);
    $tmpName  = $_FILES['file']['tmp_name'];

    move_uploaded_file($tmpName, $uploadDir . $fileName);
}

$query = "UPDATE notices SET 
            heading='$heading',
            content='$content',
            files='$fileName',
            show_on='$show_on'
          WHERE id='$id'";

if (mysqli_query($conn, $query)) {
    header("Location: ../admin/index.php?page=notice");
    exit;
} else {
    echo mysqli_error($conn);
}