Location: PHPKode > projects > Simple PHP Shopping cart - asaancart > asaancart v-0.9/admin/manage_banners.php
<?php
session_start();
/*
asaancart - easy shopping cart solution
---------------------------------------

Copyright 2009 Nasir Ahmad Khan
Email: hide@address.com

This file is part of asaancart - open source easy shopping cart solution.

asaancart is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

asaancart is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with asaancart.  If not, see <http://www.gnu.org/licenses/>.

*/

include("../config/config.php");
include("includes/chk_login_status_inc.php");

$smarty->assign('title','Manage Store Banner');

$banner_name = $_POST['banner_name'];
$banner_link = $_POST['banner_link'];
$banner_image = $_POST['banner_image'];
$banner_id = $_POST['banner_id'];
$banner_image_new = $_POST['banner_image_new'];
$external_url = $_POST['external_url'];
$height = $_POST['height'];
$width = $_POST['width'];
$show_banner = $_POST['show_banner'];


$uploaddir = $_SERVER['DOCUMENT_ROOT'].'/'.APP_ROOT_DIR.'/banner_images/';

if($_GET['action']=="edit")
{	
	$sql = "SELECT * FROM store_banners WHERE banner_id=".$_GET['banner_id'];
	$results = mysql_query($sql);
	while($row = mysql_fetch_assoc($results) )
	{
		$selected_banner[] = $row;
	}
	$smarty->assign('selected_banner', $selected_banner);
	$smarty->assign('action', "edit");
}	

if($_GET['action']=="deleteBanner")
{	
	$sql = "SELECT * FROM store_banners WHERE banner_id=".$_GET['banner_id'];
	$results = mysql_query($sql);
	while($row = mysql_fetch_assoc($results) )
	{
		$banner_image_to_del = $row['banner_image'];
	}
	
	$sql = "DELETE FROM store_banners WHERE banner_id=".$_GET['banner_id'];
	$results = mysql_query($sql);
	
	$smarty->assign('msg_banner', "Done: Deleted Successfully");
	
	unlink("../banner_images/$banner_image_to_del");
	
		//all banners
	$sql = "SELECT * FROM store_banners ORDER BY banner_name";
	$results = mysql_query($sql);
	while($row = mysql_fetch_assoc($results) )
	{
		$all_banners[] = $row;
	}
	$smarty->assign('all_banners', $all_banners);

	$smarty->display('list_all_banners.tpl');

}


if($_POST['btn_submit']=="Create")
{	
		if($banner_name!=""){	
			//upload banner
			
			if(basename($_FILES['banner_image']['name'])!=''){
				$uploadfile = $uploaddir ."$banner_name"."_".basename($_FILES['banner_image']['name']);
				$image_filename = "$banner_name"."_".basename($_FILES['banner_image']['name']);
				if (move_uploaded_file($_FILES['banner_image']['tmp_name'], $uploadfile)) {
				//echo "File is valid, and was successfully uploaded.\n";
				} else {
					$smarty->assign('msg','Possible file upload attack!');
				}
				$uploadfile = "";
			} //end if 
			
			
			
		//inser into product table 
		$sql = "INSERT INTO store_banners (banner_name, banner_link, banner_image, height, width, external_url, show_banner) VALUES ('".$banner_name."', '".$banner_link."','".$image_filename."', '$height', '$width', '$external_url', '$show_banner')";
		$results = mysql_query($sql);
		$smarty->assign('msg','Done: Added Successfully');
		}
		else{
			$smarty->assign('msg',"<span style='color:red'>Sorry: Please enter banner name</span>");
		}

}


if($_POST['btn_submit']=="Save")
{	

		if($banner_name!=""){	
			//upload banner
			//if($banner_image!=""){
			
				if(basename($_FILES['banner_image_new']['name'])!=''){
				
				$sql = "SELECT * FROM store_banners WHERE banner_id=".$banner_id;
				$results = mysql_query($sql);
				while($row = mysql_fetch_assoc($results) )
				{
					$banner_image_to_del = $row['banner_image'];
				}
						
				unlink("../banner_images/$banner_image_to_del");
	
	
					$uploadfile = $uploaddir ."$banner_name"."_".basename($_FILES['banner_image_new']['name']);
					$image_filename = "$banner_name"."_".basename($_FILES['banner_image_new']['name']);
					if (move_uploaded_file($_FILES['banner_image_new']['tmp_name'], $uploadfile)) {
					//echo "File is valid, and was successfully uploaded.\n";
					} else {
						$smarty->assign('msg','Possible file upload attack!');
					}
					$uploadfile = "";
				} //end if 
			//}
			
			
		//inser into product table 
		if(basename($_FILES['banner_image_new']['name'])!=''){
		$sql = "UPDATE store_banners SET banner_name='$banner_name', banner_link='$banner_link', banner_image='$image_filename', height='$height', external_url='$external_url', width='$width', show_banner='$show_banner' WHERE banner_id=".$banner_id;
		}else{
		$sql = "UPDATE store_banners SET banner_name='$banner_name', banner_link='$banner_link', height='$height', external_url='$external_url', width='$width', show_banner='$show_banner' WHERE banner_id=".$banner_id;
		}
		
		$results = mysql_query($sql);
		$smarty->assign('msg','Done: Updated Successfully');
		}
		else{
			$smarty->assign('msg',"<span style='color:red'>Sorry: Please enter banner name</span>");
		}

}


//show brand 
$sql = "SELECT * FROM products ORDER BY product_name";
$results = mysql_query($sql);
while($row = mysql_fetch_assoc($results) )
{
	$all_products[] = $row;
}
$smarty->assign('all_products', $all_products);

//all banners
$sql = "SELECT * FROM store_banners ORDER BY banner_name";
$results = mysql_query($sql);
while($row = mysql_fetch_assoc($results) )
{
	$all_banners[] = $row;
}
$smarty->assign('all_banners', $all_banners);

if($_GET['action']!="deleteBanner"){

$smarty->display('manage_banners.tpl');
}
?>
Return current item: Simple PHP Shopping cart - asaancart