X7ROOT File Manager
Current Path:
/home/u126090504/domains/sketkaranjia.com/public_html/admin
home
/
u126090504
/
domains
/
sketkaranjia.com
/
public_html
/
admin
/
📁
..
📄
achievers.php
(21.44 KB)
📄
achv_cat_manage.php
(7.99 KB)
📄
achv_edit.php
(9.58 KB)
📄
achv_list.php
(8.08 KB)
📄
achv_upload.php
(13.39 KB)
📄
admin-academic-calendar.php
(20.41 KB)
📄
admin-public-disclosure.php
(18.36 KB)
📄
admissions.php
(28.76 KB)
📄
admissions_error.log
(56 KB)
📁
assets
📄
banners.php
(9.78 KB)
📄
branding_settings.php
(5.93 KB)
📄
change_password.php
(3.01 KB)
📄
class_master.php
(4.32 KB)
📄
contacts.php
(3.83 KB)
📄
dashboard.php
(27.76 KB)
📄
downloads.php
(4.91 KB)
📄
edit_faculty.php
(6.85 KB)
📄
events.php
(920 B)
📄
export_franchise.php
(930 B)
📄
faculty.php
(8.36 KB)
📄
fees_list.php
(8.48 KB)
📄
fees_upload.php
(6.19 KB)
📄
forgot_password.php
(5.76 KB)
📄
franchise.php
(7.28 KB)
📄
gallery.php
(3.08 KB)
📄
grievance-update.php
(1003 B)
📄
grievance-view.php
(8.51 KB)
📄
grievances.php
(9.55 KB)
📄
homework_add.php
(5.98 KB)
📄
homework_edit.php
(9.39 KB)
📄
homework_list.php
(2.24 KB)
📁
img
📁
includes
📄
index.php
(82 B)
📄
login.php
(13.47 KB)
📄
logout.php
(102 B)
📄
manage_albums.php
(10.82 KB)
📄
manage_media.php
(11.77 KB)
📄
manage_photos.php
(6.35 KB)
📄
manage_videos.php
(18.38 KB)
📄
managing-committee.php
(13.64 KB)
📄
master_menu.php
(5.75 KB)
📄
master_menu_debug.php
(3.73 KB)
📄
new_password.php
(3.9 KB)
📄
non_academic_achievers.php
(21.2 KB)
📄
notice.php
(15.52 KB)
📄
notice_error.log
(38.45 KB)
📄
notices.php
(8.24 KB)
📄
payments.php
(14.96 KB)
📁
phpmailer
📄
popup.php
(14.07 KB)
📄
reset_password.php
(2.27 KB)
📄
section_master.php
(6.59 KB)
📄
sections_by_class.php
(346 B)
📄
secure_session.php
(1000 B)
📄
settings.php
(8.34 KB)
📄
student_photo_update.php
(1.8 KB)
📄
subject_master.php
(6.16 KB)
📄
submit-grievance.php
(4.97 KB)
📄
testimonials.php
(15.15 KB)
📄
update_status.php
(1.66 KB)
📄
upi_settings.php
(1.52 KB)
Editing: fees_upload.php
<?php // /admin/fees_upload.php — MySQLi version (scoped styles, no duplicate <head>/<body>) include 'secure_session.php'; include 'includes/auth.php'; require_once '../config.php'; include 'includes/header.php'; // CSRF token if (empty($_SESSION['csrf_token'])) { $_SESSION['csrf_token'] = bin2hex(random_bytes(32)); } $csrf = $_SESSION['csrf_token']; $errors = []; $success = ''; // Check DB handle $dbError = ''; if (!isset($conn) || !($conn instanceof mysqli)) { $dbError = 'MySQLi $conn not found. Check config.php connection.'; } $allowedMimes = ['application/pdf', 'image/jpeg', 'image/png']; $allowedExts = ['pdf','jpg','jpeg','png']; $maxSize = 15 * 1024 * 1024; // 15MB if ($_SERVER['REQUEST_METHOD'] === 'POST') { // CSRF if (!isset($_POST['csrf']) || !hash_equals($_SESSION['csrf_token'], $_POST['csrf'])) { $errors[] = 'Invalid form token. Please reload and submit again.'; } // Title $title = trim($_POST['title'] ?? ''); if ($title === '') $errors[] = 'Please enter a title.'; // File validations if (!isset($_FILES['file']) || $_FILES['file']['error'] !== UPLOAD_ERR_OK) { $errors[] = 'Please select a file to upload.'; } else { $file = $_FILES['file']; if ($file['size'] <= 0) $errors[] = 'Empty file.'; if ($file['size'] > $maxSize) $errors[] = 'File too large (max 15MB).'; // MIME via finfo (fallback by extension) $mime = ''; if (class_exists('finfo')) { $finfo = new finfo(FILEINFO_MIME_TYPE); $mime = $finfo->file($file['tmp_name']); } if (!$mime) { $extGuess = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION)); if ($extGuess === 'pdf') $mime = 'application/pdf'; elseif (in_array($extGuess, ['jpg','jpeg'])) $mime = 'image/jpeg'; elseif ($extGuess === 'png') $mime = 'image/png'; } if (!$mime || !in_array($mime, $allowedMimes, true)) { $errors[] = 'Only PDF, JPG or PNG allowed.'; } $ext = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION)); if (!in_array($ext, $allowedExts, true)) { $errors[] = 'Invalid file extension.'; } } // Proceed if (!$errors && !$dbError) { try { $safeName = 'fee_' . date('Ymd_His') . '_' . bin2hex(random_bytes(4)) . '.' . $ext; $destDir = dirname(__DIR__) . '/uploads/fees/'; if (!is_dir($destDir) && !@mkdir($destDir, 0775, true)) { throw new RuntimeException('Failed to create upload directory: ' . $destDir); } if (!is_writable($destDir)) { throw new RuntimeException('Upload directory not writable: ' . $destDir); } $destPath = $destDir . $safeName; if (!move_uploaded_file($file['tmp_name'], $destPath)) { throw new RuntimeException('Failed to move uploaded file (permissions/open_basedir).'); } $relPath = 'uploads/fees/' . $safeName; $fileType = ($mime === 'application/pdf') ? 'pdf' : 'image'; // Insert $stmt = $conn->prepare("INSERT INTO fee_documents (title, file_path, file_type, is_active, display_order) VALUES (?, ?, ?, 1, 0)"); if (!$stmt) { throw new RuntimeException('MySQLi prepare failed: '.$conn->error); } $stmt->bind_param("sss", $title, $relPath, $fileType); if (!$stmt->execute()) { throw new RuntimeException('MySQLi execute failed: '.$stmt->error); } $stmt->close(); $success = 'Uploaded successfully!'; // rotate CSRF $_SESSION['csrf_token'] = bin2hex(random_bytes(32)); $csrf = $_SESSION['csrf_token']; } catch (Throwable $e) { $errors[] = 'Upload failed: ' . $e->getMessage(); } } } ?> <style> /* ===== Scoped styles so sidebar/layout aren't touched ===== */ .fees-wrap { padding: 16px; } .fees-nav { display:flex; gap:10px; margin-bottom:16px; } .fees-nav a{ padding:8px 12px; text-decoration:none; border-radius:12px; background:#fff; border:1px solid #eee; color:#222; } .fees-card{ max-width: 820px; background:#fff; border-radius:16px; box-shadow:0 10px 30px rgba(0,0,0,.08); padding:24px; } .fees-card h3{ margin:0 0 16px; } .fees-row{ display:grid; gap:14px; } .fees-label{ font-weight:600; } .fees-input, .fees-file{ width:100%; padding:12px 14px; border:1px solid #e3e3e8; border-radius:12px; background:#fff; } .fees-btn{ display:inline-block; padding:10px 18px; border-radius:12px; border:0; cursor:pointer; font-weight:700; } .fees-btn-primary{ background:#ea0000; color:#fff; } .fees-alert{ padding:12px 14px; border-radius:12px; margin-bottom:12px; } .fees-alert-error{ background:#ffe8e8; color:#8a1f1f; } .fees-alert-ok{ background:#e8fff1; color:#177a3f; } .fees-debug{ max-width:820px; background:#fff6d5; color:#7a5a00; border:1px solid #ffe7a3; padding:10px 12px; border-radius:12px; font-size:13px; margin-bottom:12px; } </style> <div class="fees-wrap"> <?php if ($dbError): ?> <div class="fees-debug"><strong>DB:</strong> <?php echo htmlspecialchars($dbError); ?></div> <?php endif; ?> <div class="fees-nav"> <a href="fees_upload.php">Upload</a> <a href="fees_list.php">Manage</a> </div> <div class="fees-card"> <h3>Upload Fee Structure (PDF / JPG / PNG)</h3> <?php if (!empty($errors)): ?> <div class="fees-alert fees-alert-error"><?php echo implode('<br>', array_map('htmlspecialchars', $errors)); ?></div> <?php elseif (!empty($success)): ?> <div class="fees-alert fees-alert-ok"><?php echo htmlspecialchars($success); ?></div> <?php endif; ?> <form method="post" enctype="multipart/form-data" class="fees-row" novalidate> <input type="hidden" name="csrf" value="<?php echo htmlspecialchars($csrf); ?>"> <div> <label class="fees-label">Title</label> <input class="fees-input" type="text" name="title" placeholder="e.g., Fee Structure 2025-26" required> </div> <div> <label class="fees-label">File</label> <input class="fees-file" type="file" name="file" accept=".pdf,.jpg,.jpeg,.png" required> </div> <div> <button class="fees-btn fees-btn-primary" type="submit">Upload</button> </div> </form> </div> </div> <?php include 'includes/footer.php'; ?>
Upload File
Create Folder