X7ROOT File Manager
Current Path:
/home/u126090504/domains/sketkaranjia.com/public_html/admin
home
/
u126090504
/
domains
/
sketkaranjia.com
/
public_html
/
admin
/
📁
..
📄
achievers.php
(21.44 KB)
📄
achv_cat_manage.php
(7.99 KB)
📄
achv_edit.php
(9.58 KB)
📄
achv_list.php
(8.08 KB)
📄
achv_upload.php
(13.39 KB)
📄
admin-academic-calendar.php
(20.41 KB)
📄
admin-public-disclosure.php
(18.36 KB)
📄
admissions.php
(28.76 KB)
📄
admissions_error.log
(56 KB)
📁
assets
📄
banners.php
(9.78 KB)
📄
branding_settings.php
(5.93 KB)
📄
change_password.php
(3.01 KB)
📄
class_master.php
(4.32 KB)
📄
contacts.php
(3.83 KB)
📄
dashboard.php
(27.76 KB)
📄
downloads.php
(4.91 KB)
📄
edit_faculty.php
(6.85 KB)
📄
events.php
(920 B)
📄
export_franchise.php
(930 B)
📄
faculty.php
(8.36 KB)
📄
fees_list.php
(8.48 KB)
📄
fees_upload.php
(6.19 KB)
📄
forgot_password.php
(5.76 KB)
📄
franchise.php
(7.28 KB)
📄
gallery.php
(3.08 KB)
📄
grievance-update.php
(1003 B)
📄
grievance-view.php
(8.51 KB)
📄
grievances.php
(9.55 KB)
📄
homework_add.php
(5.98 KB)
📄
homework_edit.php
(9.39 KB)
📄
homework_list.php
(2.24 KB)
📁
img
📁
includes
📄
index.php
(82 B)
📄
login.php
(13.47 KB)
📄
logout.php
(102 B)
📄
manage_albums.php
(10.82 KB)
📄
manage_media.php
(11.77 KB)
📄
manage_photos.php
(6.35 KB)
📄
manage_videos.php
(18.38 KB)
📄
managing-committee.php
(13.64 KB)
📄
master_menu.php
(5.75 KB)
📄
master_menu_debug.php
(3.73 KB)
📄
new_password.php
(3.9 KB)
📄
non_academic_achievers.php
(21.2 KB)
📄
notice.php
(15.52 KB)
📄
notice_error.log
(38.45 KB)
📄
notices.php
(8.24 KB)
📄
payments.php
(14.96 KB)
📁
phpmailer
📄
popup.php
(14.07 KB)
📄
reset_password.php
(2.27 KB)
📄
section_master.php
(6.59 KB)
📄
sections_by_class.php
(346 B)
📄
secure_session.php
(1000 B)
📄
settings.php
(8.34 KB)
📄
student_photo_update.php
(1.8 KB)
📄
subject_master.php
(6.16 KB)
📄
submit-grievance.php
(4.97 KB)
📄
testimonials.php
(15.15 KB)
📄
update_status.php
(1.66 KB)
📄
upi_settings.php
(1.52 KB)
Editing: edit_faculty.php
<?php /* admin/edit_faculty.php — redirect to admin/faculty.php after update */ include 'secure_session.php'; include 'includes/auth.php'; require_once '../config.php'; $allowedTypes = ['jpg','jpeg','png','gif']; $maxSize = 2 * 1024 * 1024; // 2MB if (empty($_SESSION['csrf'])) { $_SESSION['csrf'] = bin2hex(random_bytes(32)); } function csrf_ok() { return isset($_POST['csrf'], $_SESSION['csrf']) && hash_equals($_SESSION['csrf'], $_POST['csrf']); } $id = isset($_GET['id']) ? (int)$_GET['id'] : 0; if ($id <= 0) { header("Location: manage_faculty.php"); exit; } /* Fetch record first (before any HTML) */ $stmt = $conn->prepare("SELECT * FROM faculty WHERE id=?"); $stmt->bind_param("i", $id); $stmt->execute(); $res = $stmt->get_result(); $fac = $res->fetch_assoc(); $stmt->close(); if (!$fac) { header("Location: manage_faculty.php?notfound=1"); exit; } /* Handle update BEFORE HTML */ if ($_SERVER['REQUEST_METHOD']==='POST' && isset($_POST['update_faculty'])) { if (!csrf_ok()) { header("Location: edit_faculty.php?id={$id}&csrf=0"); exit; } $name = trim($_POST['name']); $designation = trim($_POST['designation']); $qualification = trim($_POST['qualification']); $specialization = trim($_POST['specialization']); $experience = (int)($_POST['experience'] ?? 0); $position = (int)($_POST['position'] ?? 0); $photoNew = ''; // optional new photo upload if (!empty($_FILES['photo']['name'])) { $targetDir = __DIR__ . "/../uploads/faculty/"; if (!is_dir($targetDir)) mkdir($targetDir, 0755, true); $ext = strtolower(pathinfo($_FILES['photo']['name'], PATHINFO_EXTENSION)); if (!in_array($ext, $allowedTypes)) { header("Location: edit_faculty.php?id={$id}&err=type"); exit; } elseif ($_FILES['photo']['size'] > $maxSize) { header("Location: edit_faculty.php?id={$id}&err=size"); exit; } else { $safe = time() . "_" . bin2hex(random_bytes(5)) . "." . $ext; if (move_uploaded_file($_FILES['photo']['tmp_name'], $targetDir.$safe)) { $photoNew = $safe; // delete old if (!empty($fac['photo'])) { $old = $targetDir . $fac['photo']; if (is_file($old)) @unlink($old); } } else { header("Location: edit_faculty.php?id={$id}&err=upload"); exit; } } } // update query if ($photoNew) { $stmt = $conn->prepare("UPDATE faculty SET name=?, designation=?, qualification=?, specialization=?, experience=?, position=?, photo=? WHERE id=?"); $stmt->bind_param("ssssissi", $name,$designation,$qualification,$specialization,$experience,$position,$photoNew,$id); } else { $stmt = $conn->prepare("UPDATE faculty SET name=?, designation=?, qualification=?, specialization=?, experience=?, position=? WHERE id=?"); $stmt->bind_param("ssssiii", $name,$designation,$qualification,$specialization,$experience,$position,$id); } $stmt->execute(); $stmt->close(); // ✅ Redirect to admin/faculty.php after successful update header("Location: faculty.php?updated=1"); exit; } /* After this point, we can safely render HTML */ include 'includes/header.php'; ?> <style> .card { border-radius:12px; box-shadow:0 2px 10px rgba(0,0,0,.08); } input,select { border-radius:8px !important; } .preview-box{border:1px dashed #e3e3e3; padding:10px; border-radius:10px; text-align:center;} </style> <div class="container mt-4"> <div class="d-flex justify-content-between align-items-center mb-3"> <h4 class="mb-0">✏️ Edit Faculty</h4> <a href="manage_faculty.php" class="btn btn-secondary">← Back</a> </div> <?php if (isset($_GET['csrf']) && $_GET['csrf']=='0') echo "<div class='alert alert-danger'>Invalid request (CSRF). Please try again.</div>"; if (isset($_GET['err'])) { $m = [ 'type' => 'Only JPG, PNG, GIF allowed.', 'size' => 'File too large (max 2MB).', 'upload' => 'Unable to upload file. Try again.' ][$_GET['err']] ?? 'Unknown error.'; echo "<div class='alert alert-danger'>❌ $m</div>"; } ?> <div class="card"> <div class="card-body"> <form method="POST" enctype="multipart/form-data"> <input type="hidden" name="csrf" value="<?php echo htmlspecialchars($_SESSION['csrf']); ?>"> <div class="row g-3"> <div class="col-md-6"> <label class="form-label">Name</label> <input name="name" class="form-control" value="<?php echo htmlspecialchars($fac['name']); ?>" required> </div> <div class="col-md-6"> <label class="form-label">Designation</label> <input name="designation" class="form-control" value="<?php echo htmlspecialchars($fac['designation']); ?>" required> </div> <div class="col-md-6"> <label class="form-label">Qualification</label> <input name="qualification" class="form-control" value="<?php echo htmlspecialchars($fac['qualification']); ?>" required> </div> <div class="col-md-6"> <label class="form-label">Specialization</label> <input name="specialization" class="form-control" value="<?php echo htmlspecialchars($fac['specialization']); ?>" required> </div> <div class="col-md-3"> <label class="form-label">Experience (Years)</label> <input type="number" min="0" name="experience" class="form-control" value="<?php echo (int)$fac['experience']; ?>" required> </div> <div class="col-md-3"> <label class="form-label">Display Position</label> <input type="number" min="0" name="position" class="form-control" value="<?php echo (int)$fac['position']; ?>"> </div> <div class="col-md-6"> <label class="form-label">Change Photo</label> <input type="file" name="photo" class="form-control"> </div> <div class="col-12"> <div class="preview-box"> Current Photo:<br> <?php if(!empty($fac['photo'])): ?> <img src="<?php echo "../uploads/faculty/".htmlspecialchars($fac['photo']); ?>" alt="photo" width="100" class="rounded mt-2"> <?php else: ?> <span class="text-muted">No photo</span> <?php endif; ?> </div> </div> </div> <button name="update_faculty" class="btn btn-success mt-3">Update</button> <a href="manage_faculty.php" class="btn btn-outline-secondary mt-3">Cancel</a> </form> </div> </div> </div> <?php include 'includes/footer.php'; ?>
Upload File
Create Folder