X7ROOT File Manager
Current Path:
/home/u126090504/domains/oca.org.in/public_html/admin
home
/
u126090504
/
domains
/
oca.org.in
/
public_html
/
admin
/
๐
..
๐
achievers.php
(13.81 KB)
๐
admissions.php
(5.67 KB)
๐
banners.php
(7.18 KB)
๐
change_password.php
(3.54 KB)
๐
contacts.php
(3.83 KB)
๐
dashboard.php
(9.73 KB)
๐
downloads.php
(4.91 KB)
๐
export_franchise.php
(930 B)
๐
faculty.php
(13.27 KB)
๐
forgot_password.php
(6.52 KB)
๐
franchise.php
(7.28 KB)
๐
gallery.php
(3.08 KB)
๐
governing-body-manage.php
(9.12 KB)
๐
grievance-update.php
(1003 B)
๐
grievance-view.php
(5.32 KB)
๐
grievances.php
(5.79 KB)
๐
includes
๐
index.php
(82 B)
๐
login.php
(6.59 KB)
๐
logout.php
(102 B)
๐
manage_albums.php
(2.28 KB)
๐
manage_media.php
(3.02 KB)
๐
manage_photos.php
(5.66 KB)
๐
manage_videos.php
(3.62 KB)
๐
new_password.php
(3.9 KB)
๐
notice.php
(16.36 KB)
๐
notices.php
(8.24 KB)
๐
payments.php
(15.23 KB)
๐
phpmailer
๐
popup.php
(10.68 KB)
๐
reset_password.php
(2.27 KB)
๐
secure_session.php
(1000 B)
๐
settings.php
(5.21 KB)
๐
submit-grievance.php
(4.97 KB)
๐
testimonials.php
(10.25 KB)
๐
update_status.php
(1.29 KB)
๐
upi_settings.php
(1.52 KB)
Editing: faculty.php
<?php /* * Faculty Manager with Manual Display Position + Specialization * Run once in DB: * ALTER TABLE faculty ADD COLUMN specialization VARCHAR(255) AFTER qualification; * -- (if not already added) */ include 'secure_session.php'; // ๐ Always first (session security) include 'includes/auth.php'; // โ Your authentication check require_once '../config.php'; // โ DB connection include 'includes/header.php'; // โ Layout header $allowedTypes = ['jpg','jpeg','png','gif']; $maxSize = 2 * 1024 * 1024; // 2MB $success = $error = ""; // โ CSRF Token if (empty($_SESSION['csrf'])) { $_SESSION['csrf'] = bin2hex(random_bytes(32)); } // โ Helper: validate CSRF for POST function check_csrf() { if ($_SERVER['REQUEST_METHOD'] === 'POST') { if (empty($_POST['csrf']) || empty($_SESSION['csrf']) || !hash_equals($_SESSION['csrf'], $_POST['csrf'])) { return false; } } return true; } // โ Add Faculty if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['add_faculty'])) { if (!check_csrf()) { $error = "โ Invalid request (CSRF). Please reload the page."; } else { $name = trim($_POST['name']); $designation = trim($_POST['designation']); $qualification = trim($_POST['qualification']); $specialization = trim($_POST['specialization']); $experience = trim($_POST['experience']); $position = isset($_POST['position']) ? intval($_POST['position']) : 0; $photo = ''; if (!empty($_FILES['photo']['name'])) { $targetDir = __DIR__ . "/../uploads/faculty/"; if (!is_dir($targetDir)) mkdir($targetDir, 0755, true); $ext = strtolower(pathinfo($_FILES['photo']['name'], PATHINFO_EXTENSION)); if (!in_array($ext, $allowedTypes)) { $error = "โ Only JPG, PNG, GIF allowed."; } elseif ($_FILES['photo']['size'] > $maxSize) { $error = "โ File too large (max 2MB)."; } else { $safeName = time() . "_" . bin2hex(random_bytes(5)) . "." . $ext; $targetFile = $targetDir . $safeName; if (move_uploaded_file($_FILES['photo']['tmp_name'], $targetFile)) { $photo = $safeName; } else { $error = "โ Unable to upload file."; } } } if (!$error) { $stmt = $conn->prepare("INSERT INTO faculty (name, designation, qualification, specialization, experience, photo, position) VALUES (?,?,?,?,?,?,?)"); $stmt->bind_param("ssssssi", $name, $designation, $qualification, $specialization, $experience, $photo, $position); $stmt->execute(); $stmt->close(); $success = "โ Faculty added successfully."; } } } // โ Update Faculty if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['edit_faculty'])) { if (!check_csrf()) { $error = "โ Invalid request (CSRF). Please reload the page."; } else { $id = intval($_POST['id']); $name = trim($_POST['name']); $designation = trim($_POST['designation']); $qualification = trim($_POST['qualification']); $specialization = trim($_POST['specialization']); $experience = trim($_POST['experience']); $position = isset($_POST['position']) ? intval($_POST['position']) : 0; $photo = ''; if (!empty($_FILES['photo']['name'])) { $targetDir = __DIR__ . "/../uploads/faculty/"; if (!is_dir($targetDir)) mkdir($targetDir, 0755, true); $ext = strtolower(pathinfo($_FILES['photo']['name'], PATHINFO_EXTENSION)); if (!in_array($ext, $allowedTypes)) { $error = "โ Only JPG, PNG, GIF allowed."; } elseif ($_FILES['photo']['size'] > $maxSize) { $error = "โ File too large (max 2MB)."; } else { $safeName = time() . "_" . bin2hex(random_bytes(5)) . "." . $ext; $targetFile = $targetDir . $safeName; if (move_uploaded_file($_FILES['photo']['tmp_name'], $targetFile)) { $photo = $safeName; // เคชเฅเคฐเคพเคจเฅ เคซเฅเคเฅ delete $stmt = $conn->prepare("SELECT photo FROM faculty WHERE id=?"); $stmt->bind_param("i", $id); $stmt->execute(); $stmt->bind_result($oldFile); $stmt->fetch(); $stmt->close(); if ($oldFile && file_exists(__DIR__."/../uploads/faculty/".$oldFile)) { @unlink(__DIR__."/../uploads/faculty/".$oldFile); } } else { $error = "โ Unable to upload file."; } } } if (!$error) { if ($photo) { $stmt = $conn->prepare("UPDATE faculty SET name=?, designation=?, qualification=?, specialization=?, experience=?, photo=?, position=? WHERE id=?"); $stmt->bind_param("ssssssii", $name, $designation, $qualification, $specialization, $experience, $photo, $position, $id); } else { $stmt = $conn->prepare("UPDATE faculty SET name=?, designation=?, qualification=?, specialization=?, experience=?, position=? WHERE id=?"); $stmt->bind_param("sssssii", $name, $designation, $qualification, $specialization, $experience, $position, $id); } $stmt->execute(); $stmt->close(); $success = "โ Faculty updated successfully."; } } } // โ Delete Faculty if (isset($_GET['delete'])) { $id = intval($_GET['delete']); // fetch old file $stmt = $conn->prepare("SELECT photo FROM faculty WHERE id=?"); $stmt->bind_param("i", $id); $stmt->execute(); $stmt->bind_result($oldFile); $stmt->fetch(); $stmt->close(); if ($oldFile && file_exists(__DIR__."/../uploads/faculty/".$oldFile)) { @unlink(__DIR__."/../uploads/faculty/".$oldFile); } $stmt = $conn->prepare("DELETE FROM faculty WHERE id=?"); $stmt->bind_param("i", $id); $stmt->execute(); $stmt->close(); $success = "โ ๏ธ Faculty deleted."; } ?> <div class="container mt-4"> <h3 class="mb-4">๐ฉโ๐ซ Manage Faculty</h3> <?php if ($success): ?><div class="alert alert-success"><?php echo $success; ?></div><?php endif; ?> <?php if ($error): ?><div class="alert alert-danger"><?php echo $error; ?></div><?php endif; ?> <!-- Add Faculty Form --> <div class="card mb-4"> <div class="card-header">โ Add Faculty</div> <div class="card-body"> <form method="POST" enctype="multipart/form-data"> <input type="hidden" name="csrf" value="<?php echo htmlspecialchars($_SESSION['csrf']); ?>"> <div class="form-group"><label>Name</label><input type="text" name="name" class="form-control" required></div> <div class="form-group"><label>Designation</label><input type="text" name="designation" class="form-control" required></div> <div class="form-group"><label>Qualification</label><input type="text" name="qualification" class="form-control" required></div> <div class="form-group"><label>Specialization</label><input type="text" name="specialization" class="form-control" placeholder="e.g., Pharmacology, Pharmaceutics" required></div> <div class="form-group"><label>Experience (Years)</label><input type="number" name="experience" class="form-control" min="0" step="1" required></div> <div class="form-group"><label>Display Position (0 = show first)</label><input type="number" name="position" class="form-control" min="0" value="0"></div> <div class="form-group"><label>Photo</label><input type="file" name="photo" class="form-control"></div> <button type="submit" name="add_faculty" class="btn btn-primary">Add Faculty</button> </form> </div> </div> <!-- Faculty List --> <div class="table-responsive"> <table class="table table-bordered text-center"> <thead class="thead-dark"> <tr> <th>ID</th> <th>Position</th> <th>Name</th> <th>Designation</th> <th>Qualification</th> <th>Specialization</th> <th>Experience</th> <th>Photo</th> <th>Actions</th> </tr> </thead> <tbody> <?php // Order by position first, then latest added $res = $conn->query("SELECT * FROM faculty ORDER BY position ASC, id DESC"); if ($res && $res->num_rows > 0) { while ($row = $res->fetch_assoc()) { $id = (int)$row['id']; $file = $row['photo'] ? "<img src='../uploads/faculty/".htmlspecialchars($row['photo'])."' width='60' alt='photo'>" : "โ"; echo "<tr> <td>{$id}</td> <td>".(int)$row['position']."</td> <td>".htmlspecialchars($row['name'])."</td> <td>".htmlspecialchars($row['designation'])."</td> <td>".htmlspecialchars($row['qualification'])."</td> <td>".htmlspecialchars($row['specialization'] ?? '')."</td> <td>".htmlspecialchars($row['experience'])." Yrs</td> <td>$file</td> <td> <!-- Edit Button (Modal Trigger) --> <button class='btn btn-warning btn-sm' data-toggle='modal' data-target='#editModal{$id}'>Edit</button> <a href='?delete=$id' onclick='return confirm(\"Delete this faculty?\")' class='btn btn-danger btn-sm'>Delete</a> </td> </tr>"; // โ Modal for Editing echo " <div class='modal fade' id='editModal{$id}' tabindex='-1'> <div class='modal-dialog'> <div class='modal-content'> <div class='modal-header'> <h5 class='modal-title'>Edit Faculty</h5> <button type='button' class='close' data-dismiss='modal' aria-label='Close'><span aria-hidden='true'>×</span></button> </div> <div class='modal-body'> <form method='POST' enctype='multipart/form-data'> <input type='hidden' name='csrf' value='".htmlspecialchars($_SESSION['csrf'])."'> <input type='hidden' name='id' value='{$id}'> <div class='form-group'><label>Name</label><input type='text' name='name' class='form-control' value='".htmlspecialchars($row['name'])."' required></div> <div class='form-group'><label>Designation</label><input type='text' name='designation' class='form-control' value='".htmlspecialchars($row['designation'])."' required></div> <div class='form-group'><label>Qualification</label><input type='text' name='qualification' class='form-control' value='".htmlspecialchars($row['qualification'])."' required></div> <div class='form-group'><label>Specialization</label><input type='text' name='specialization' class='form-control' value='".htmlspecialchars($row['specialization'] ?? '')."' required></div> <div class='form-group'><label>Experience (Years)</label><input type='number' name='experience' class='form-control' min='0' step='1' value='".htmlspecialchars($row['experience'])."' required></div> <div class='form-group'><label>Display Position (0 = show first)</label><input type='number' name='position' class='form-control' min='0' value='".(int)$row['position']."'></div> <div class='form-group'><label>Change Photo</label><input type='file' name='photo' class='form-control'></div> <button type='submit' name='edit_faculty' class='btn btn-success'>Update</button> </form> </div> </div> </div> </div>"; } $res->free(); } else { echo "<tr><td colspan='9'>No Faculty Found</td></tr>"; } ?> </tbody> </table> </div> </div> <?php include 'includes/footer.php'; ?>
Upload File
Create Folder