Tryag File Manager
Home
||
Turbo Force
||
B-F Config_Cpanel
Current Path :
/
home
/
thebestprx
/
public_html
/
admin
/
news
/
Or
Select Your Path :
Upload File :
New :
File
Dir
/home/thebestprx/public_html/admin/news/fn_news.php
<? @session_start(); include("../include/chksession.php"); include("../include/connect.php"); include("../include/function.php"); mysql_query("SET NAMES UTF8"); mysql_select_db($dbname, $cn); //id $id=$_POST['id']; //news $name_th=$_POST['name_th']; $name_en=$_POST['name_en']; $title_th=$_POST['title_th']; $title_en=$_POST['title_en']; $detail_th=$_POST['detail_th']; $detail_en=$_POST['detail_en']; $status=$_POST['status']; $maincate=$_POST['main-cate']; $subcate=$_POST['sub-cate']; $pin=$_POST['pin']; $vdo=$_POST['vdo']; $date_start=$_POST['date_start']; $date_end=$_POST['date_end']; $date_start = date("Y-m-d", strtotime($date_start)); $date_end = date("Y-m-d", strtotime($date_end)); if(is_array($maincate)) $maincate=implode(",", $maincate); if(is_array($subcate)) $subcate=implode(",", $subcate); if($subcate!="" && $maincate=="") { echo"<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />"; echo "<script language='javascript'>alert('กรุณเลือกหมวดหมู่หลักด้วยค่ะ'); javascript:history.back();</script>"; exit(); } $needcut = array("\r\n", "\n", "\r", "\'", '\"'); $detail_th = str_replace($needcut, "", $detail_th); $detail_en = str_replace($needcut, "", $detail_en); //cate $cate_name=$_POST['cate_name']; $main_cate=$_POST['main_cate']; if(strncmp($vdo, "https:", 6) == 0 || strncmp($vdo, "http:", 5) == 0 || strncmp($vdo, "www.", 4) == 0 ){ $vdo_link = getYouTubeIdFromURL($vdo); }else{ $vdo_link = $vdo; } ////update file pdf $docsave = 0; for( $x=0 ; $x < 1 ; $x++ ) { $fileloadid = $x+1; $newfile = sprintf("file_array%d", ($x+1)); if( $_FILES[$newfile]['name'] != '' ) { $fileidArrload[$x] = $fileloadid; $filenameArrload[$x] = $_FILES[$newfile]['name']; $filecontentArrload[$x] = $_FILES[$newfile]['tmp_name']; $docsave = 1; } } $date_today = date("Y-m-d"); switch ($_POST['action']) { case "add": echo"<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />"; $sql="INSERT INTO tb_news (news_id,news_name_th,news_title_th,news_detail_th,news_main_cate,news_sub_cate,news_status,news_sort,news_date,news_pin,news_vdo) VALUE ('$id','$name_th','$title_th','$detail_th',',$maincate,',',$subcate,','$status','0','$date_today','$pin','$vdo_link') ON DUPLICATE KEY UPDATE news_name_th='$name_th', news_title_th='$title_th', news_detail_th='$detail_th', news_main_cate=',$maincate,', news_sub_cate=',$subcate,', news_status='$status', news_pin='$pin', news_vdo='$vdo_link', news_date='$date_today' "; if(mysql_query($sql) == true) { if($id=="") $lastID = mysql_insert_id(); else $lastID =$id; if( $docsave == 1 ) { for( $x=0 ; $x < 1 ; $x++ ) { $id = $fileidArrload[$x]; $file_data = ""; if($filecontentArrload[$x] != '') { $ext = pathinfo($filenameArrload[$x], PATHINFO_EXTENSION); $ext=strtolower($ext); $newFileName = md5($filecontentArrload[$x].date("d-m-Y H:i:s")).'.'.$ext; if($ext == "pdf") //ตรวจสอบนามสกุล { if( move_uploaded_file($filecontentArrload[$x], "../../album/news/pdf/$newFileName") == TRUE ) { $sql = "UPDATE tb_news SET news_pdf ='$newFileName' WHERE news_id ='$lastID' "; if( mysql_query($sql) == false ) $err = 2; } } } } } foreach ($_FILES["add_image"]["error"] as $key => $error) { $newfile = 'add_image'; $filename = $_FILES[$newfile]['name'][$key] ; $filecontent = $_FILES[$newfile]['tmp_name'][$key] ; if( $filename != '' )// ถ้ามีภาพคือ ถ้าไม่ใช่ค่าว่าง { $sql="INSERT INTO tb_news_images (imag_id,imag_newsID,imag_sort) VALUES ('', '$lastID','99')"; if( mysql_query($sql) == true ) { $new_galid = mysql_insert_id(); $ext = pathinfo($filename, PATHINFO_EXTENSION); $ext = strtolower($ext ); $newFileName = md5($filecontent.date("d-m-Y H:i:s")).'.'.$ext; if( move_uploaded_file($filecontent, "../../album/news/$newFileName") == TRUE ) { $img= "../../album/news/$newFileName"; $new_img= "../../album/news/small/$newFileName"; $new_largeimg = "../../album/news/large/$newFileName"; $imgsmall = resize($img,$new_img,'300',$ext); $imglarge = resize($img,$new_largeimg,'600',$ext) ; if ( $imglarge== true && $imgsmall == true) { $sql = "UPDATE tb_news_images SET imag_file ='$newFileName' WHERE imag_id ='$new_galid' "; //if( mysql_query($sql) == true ) //$sql="delete from tb_news_images where imag_newsID ='0' "; mysql_query($sql) ; //ลบ buffer $bufferfile = $img; if( file_exists($bufferfile)==TRUE ) unlink($bufferfile); $err = 0; } else { //ลบ buffer $bufferfile = $img; if( file_exists($bufferfile)==TRUE ) unlink($bufferfile); } } } else $err = 3; } }// close $filename != "" ไม่เท่ากับค่า null echo "<script language='javascript'>alert('บันทึกลงฐานข้อมูลเรียบร้อยแล้วค่ะ');</script> <meta http-equiv=\"refresh\" content=\"0;URL=index.php?id=$lastID\" />"; } break; case "del-image": $file=$_POST['file']; $sql="delete from tb_news_images where imag_id ='$id'"; if( mysql_query($sql) == true ) { $bufferfile = "../../album/news/small/".$file; if( file_exists($bufferfile)==TRUE ) unlink($bufferfile); $bufferfile = "../../album/news/large/".$file; if( file_exists($bufferfile)==TRUE ) unlink($bufferfile); } die(msg("1","ลบรูปภาพสำเร็จค่ะ")); break; case "del-pdf": $file=$_POST['file']; $sql="UPDATE tb_news SET news_pdf ='' WHERE news_id ='$id' "; if( mysql_query($sql) == true ) { $bufferfile = "../../album/news/pdf/".$file; if( file_exists($bufferfile)==TRUE ) unlink($bufferfile); } die(msg("1","ลบไฟล์ PDF สำเร็จค่ะ")); break; case "add-cate": echo"<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />"; $sql="INSERT INTO tb_news_cate (cate_id,cate_name,cate_sort,cate_main) VALUE ('$id','$cate_name','0','$main_cate') ON DUPLICATE KEY UPDATE cate_name='$cate_name', cate_main='$main_cate' "; if(mysql_query($sql) == true) echo "<script language='javascript'>alert('บันทึกลงฐานข้อมูลเรียบร้อยแล้วค่ะ');</script> <meta http-equiv=\"refresh\" content=\"0;URL=category.php\" />"; else echo "<script language='javascript'>alert('เกิดความผิดพลาดบางประการเกี่ยวกับการบันทึกลงฐานข้อมูล #$err'); javascript:history.back();</script>"; break; case "add-cate-sub": echo"<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />"; $sql="INSERT INTO tb_news_cate (cate_id,cate_name,cate_sort,cate_main) VALUE ('$id','$cate_name','0','$main_cate') ON DUPLICATE KEY UPDATE cate_name='$cate_name', cate_main='$main_cate' "; if(mysql_query($sql) == true) echo "<script language='javascript'>alert('บันทึกลงฐานข้อมูลเรียบร้อยแล้วค่ะ');</script> <meta http-equiv=\"refresh\" content=\"0;URL=category_sub.php?id=$main_cate\" />"; else echo "<script language='javascript'>alert('เกิดความผิดพลาดบางประการเกี่ยวกับการบันทึกลงฐานข้อมูล #$err'); javascript:history.back();</script>"; break; case "edit-cate": $sort=$_POST['no']; $name=$_POST['name']; $sql="UPDATE tb_news_cate SET cate_sort='$sort' WHERE cate_id=$id "; if( mysql_query($sql) == true ) die(msg("1","บันทึกลงฐานข้อมูลเรียบร้อยแล้วค่ะ")); break; case "del-cate": $delall = $_POST["del"]; $delid = explode(",", $delall); $x = 0; while( $delid[$x] != "" ) { if($delid[$x]=='1'||$delid[$x]=='2') { die(msg("1","หมวดหมู่นี้ไม่สามารถลบได้ค่ะ")); } $sql="DELETE FROM tb_news_cate WHERE cate_id ='$delid[$x]'"; if( mysql_query($sql) == false ) die(msg("2","เกิดความผิดพลาดบางประการเกี่ยวกับการบันทึกลงฐานข้อมูล")); $x++; } die(msg("1","ลบหมวดหมู่สำเร็จค่ะ")); break; case "del-list": $delall = $_POST["del"]; $delid = explode(",", $delall); $x = 0; while( $delid[$x] != "" ) { $sqlfind = "SELECT * FROM tb_news_images WHERE imag_newsID ='$delid[$x]'"; $resfind = mysql_query($sqlfind); while($resfind && $rfind=mysql_fetch_array($resfind)) { $delfile = "../../album/news/small/$rfind[imag_file]"; if( file_exists($delfile)==true && $rfind[imag_file] !="") unlink($delfile); $delfile = "../../album/news/large/$rfind[imag_file]"; if( file_exists($delfile)==true && $rfind[imag_file] !="") unlink($delfile); $sql="DELETE FROM tb_news_images WHERE imag_newsID ='$delid[$x]'"; if( mysql_query($sql) == false ) die(msg("2","เกิดความผิดพลาดบางประการเกี่ยวกับการบันทึกลงฐานข้อมูล")); } $sql="DELETE FROM tb_news WHERE news_id ='$delid[$x]'"; if( mysql_query($sql) == false ) die(msg("2","เกิดความผิดพลาดบางประการเกี่ยวกับการบันทึกลงฐานข้อมูล")); $x++; } die(msg("1","ลบรายการสำเร็จค่ะ")); break; case "save-list": $save=$_POST["save"]; $save = urldecode($save); $rec = explode("||", $save); $i = 0; while( $rec[$i] ) { $each = $rec[$i]; $arr = explode(";;", $each); $sql = "UPDATE tb_news SET "; $sql .= " news_sort='$arr[1]',"; $sql .= " news_status='$arr[2]'"; //สุดท้าย $sql .= " where news_id ='$arr[0]' "; if( mysql_query($sql) == false ) die(msg("2","เกิดความผิดพลาดบางประการเกี่ยวกับการบันทึกลงฐานข้อมูล")); $i++; } die(msg("1","บันทึกลงฐานข้อมูลเรียบร้อยแล้วค่ะ")); break; case "move": $data=$_POST["data"]; $err = 0; $i = 0; $rec_arr = explode("||",$data); $count =0; while($rec_arr[$count]){ $arr = explode(",",$rec_arr[$count]); $sql = "update tb_news_images set"; $sql .= " imag_sort='$arr[1]' WHERE imag_id = '$arr[0]' "; if( mysql_query($sql) == false ) $err = 1; $count ++; } break; } mysql_close($cn); function getYouTubeIdFromURL($url) { $url_string = parse_url($url, PHP_URL_QUERY); parse_str($url_string, $args); return isset($args['v']) ? $args['v'] : false; } ?>