X7ROOT File Manager
Current Path:
/home/u126090504/domains/oceanicabeachresort.com/public_html/admin
home
/
u126090504
/
domains
/
oceanicabeachresort.com
/
public_html
/
admin
/
📁
..
📁
assets
📄
banners.php
(9.78 KB)
📄
booking-dashboard.php
(4.93 KB)
📄
booking_status_update.php
(6.14 KB)
📄
booking_view.php
(4.04 KB)
📄
branding_settings.php
(5.93 KB)
📄
change_password.php
(3.01 KB)
📄
contacts.php
(3.83 KB)
📄
dashboard.php
(5.64 KB)
📁
dompdf
📄
downloads.php
(4.91 KB)
📄
forgot_password.php
(5.76 KB)
📄
gallery.php
(3.08 KB)
📁
img
📁
includes
📄
index.php
(82 B)
📁
invoices
📄
login.php
(13.47 KB)
📄
logo.png
(19.29 KB)
📄
logout.php
(102 B)
📄
manage_albums.php
(10.82 KB)
📄
manage_media.php
(11.77 KB)
📄
manage_photos.php
(6.35 KB)
📄
manage_videos.php
(18.38 KB)
📄
new_password.php
(3.9 KB)
📄
notice.php
(15.52 KB)
📄
notice_error.log
(38.45 KB)
📄
notices.php
(8.24 KB)
📄
payments.php
(14.96 KB)
📄
pdf_bill_template.php
(30.69 KB)
📁
phpmailer
📄
popup.php
(14.07 KB)
📄
reset_password.php
(2.27 KB)
📄
secure_session.php
(1000 B)
📄
settings.php
(8.34 KB)
📄
test.php
(239 B)
📄
test_pdf.php
(1.58 KB)
📄
testimonials.php
(15.15 KB)
📁
tmp
📄
update_status.php
(1.66 KB)
📄
upi_settings.php
(1.52 KB)
Editing: manage_media.php
<?php // manage_media.php include 'secure_session.php'; // 🔐 Always first (session security) include 'includes/auth.php'; // ✅ Authentication require_once '../config.php'; // ✅ DB connection include 'includes/header.php'; // ✅ Layout header $success = $error = ""; /* ---------- Helper Functions ---------- */ function ensure_upload_dir($dir) { if (!is_dir($dir)) { mkdir($dir, 0777, true); } } function parse_ddmmyyyy($d) { $d = trim($d ?? ''); if ($d === '') return null; [$dd,$mm,$yy] = explode('-', $d) + [null,null,null]; if (!checkdate((int)$mm, (int)$dd, (int)$yy)) return null; return sprintf('%04d-%02d-%02d', $yy, $mm, $dd); } function safe_text($s){ return htmlspecialchars($s ?? '', ENT_QUOTES, 'UTF-8'); } /* ---------- CREATE ---------- */ if ($_SERVER['REQUEST_METHOD'] === 'POST' && ($_POST['action'] ?? '') === 'create') { $title = trim($_POST['title'] ?? ''); if ($title === '') $error = "Title is required."; if (!isset($_FILES['image']) || $_FILES['image']['error'] !== UPLOAD_ERR_OK) $error = $error ?: "Please select an image."; if (!$error) { $finfo = @getimagesize($_FILES['image']['tmp_name']); $allowed = ['image/jpeg'=>'jpg','image/png'=>'png','image/gif'=>'gif','image/webp'=>'webp']; if ($finfo && isset($allowed[$finfo['mime']])) { ensure_upload_dir("../uploads/media"); $ext = $allowed[$finfo['mime']]; $imageName = time() . "_" . preg_replace('/[^a-zA-Z0-9_\.-]/','-', basename($_FILES['image']['name'])); $imageName = preg_replace('/\.(jpe?g|png|gif|webp)$/i', '', $imageName) . "." . $ext; $target = "../uploads/media/" . $imageName; if (move_uploaded_file($_FILES['image']['tmp_name'], $target)) { $stmt = $conn->prepare("INSERT INTO media_corner (title, image) VALUES (?, ?)"); $stmt->bind_param("ss", $title, $imageName); $stmt->execute(); $success = "✅ Photo added successfully!"; } else $error = "Failed to upload image."; } else $error = "Invalid image type."; } } /* ---------- UPDATE ---------- */ if ($_SERVER['REQUEST_METHOD'] === 'POST' && ($_POST['action'] ?? '') === 'update') { $id = (int)($_POST['id'] ?? 0); $title = trim($_POST['title'] ?? ''); if ($id <= 0 || $title === '') $error = "Invalid data."; if (!$error) { $stmt = $conn->prepare("SELECT image FROM media_corner WHERE id=?"); $stmt->bind_param("i", $id); $stmt->execute(); $res = $stmt->get_result(); if ($res->num_rows) { $row = $res->fetch_assoc(); $newImage = $row['image']; if (isset($_FILES['image']) && $_FILES['image']['error'] === UPLOAD_ERR_OK) { $finfo = @getimagesize($_FILES['image']['tmp_name']); $allowed = ['image/jpeg'=>'jpg','image/png'=>'png','image/gif'=>'gif','image/webp'=>'webp']; if ($finfo && isset($allowed[$finfo['mime']])) { ensure_upload_dir("../uploads/media"); $ext = $allowed[$finfo['mime']]; $imageName = time() . "_" . preg_replace('/[^a-zA-Z0-9_\.-]/','-', basename($_FILES['image']['name'])); $imageName = preg_replace('/\.(jpe?g|png|gif|webp)$/i', '', $imageName) . "." . $ext; $target = "../uploads/media/" . $imageName; if (move_uploaded_file($_FILES['image']['tmp_name'], $target)) { $oldPath = "../uploads/media/" . $row['image']; if (file_exists($oldPath)) unlink($oldPath); $newImage = $imageName; } } } $up = $conn->prepare("UPDATE media_corner SET title=?, image=? WHERE id=?"); $up->bind_param("ssi", $title, $newImage, $id); $up->execute(); $success = "✅ Photo updated!"; } } } /* ---------- DELETE ---------- */ if (isset($_GET['delete'])) { $id = (int)$_GET['delete']; $stmt = $conn->prepare("SELECT image FROM media_corner WHERE id=?"); $stmt->bind_param("i", $id); $stmt->execute(); $res = $stmt->get_result(); if ($res->num_rows) { $row = $res->fetch_assoc(); $filePath = "../uploads/media/" . $row['image']; if (file_exists($filePath)) unlink($filePath); } $del = $conn->prepare("DELETE FROM media_corner WHERE id=?"); $del->bind_param("i", $id); $del->execute(); $success = "🗑️ Photo deleted!"; } /* ---------- FILTER ---------- */ $q = trim($_GET['q'] ?? ''); $from_raw = trim($_GET['from'] ?? ''); $to_raw = trim($_GET['to'] ?? ''); $from = parse_ddmmyyyy($from_raw); $to = parse_ddmmyyyy($to_raw); $conds = []; $params = []; $types = ''; if ($q !== '') { $conds[] = "title LIKE ?"; $params[] = "%$q%"; $types .= 's'; } if ($from) { $conds[] = "DATE(created_at) >= ?"; $params[] = $from; $types .= 's'; } if ($to) { $conds[] = "DATE(created_at) <= ?"; $params[] = $to; $types .= 's'; } $where = $conds ? ('WHERE '.implode(' AND ',$conds)) : ''; $sql = "SELECT id, title, image, created_at FROM media_corner $where ORDER BY id DESC"; $stmt = $conn->prepare($sql); if ($params) $stmt->bind_param($types, ...$params); $stmt->execute(); $list = $stmt->get_result(); ?> <!-- ===================== STYLE ===================== --> <style> .page-wrap { background: #f7f8fb; padding: 16px; border-radius: 20px; } .section-card { background:#fff; border-radius: 18px; box-shadow: 0 6px 16px rgba(0,0,0,0.06); } .section-header { font-weight:700; font-size:28px; display:flex; align-items:center; gap:10px; } .badge-total { background:#eef2ff; color:#3b82f6; border-radius:16px; padding:6px 12px; font-weight:600; } .card-media { border:none; border-radius:14px; overflow:hidden; box-shadow: 0 3px 10px rgba(0,0,0,.05); transition: all 0.2s ease; } .card-media:hover { transform: translateY(-3px); box-shadow: 0 6px 14px rgba(0,0,0,.1); } .card-media img { width:100%; aspect-ratio:1/1; object-fit:cover; } .card-body { padding:8px 10px; } .card-body .fw-semibold { font-size:13px; font-weight:600; } .card-body .text-muted { font-size:12px; color:#6c757d; } .btn-edit { background: #111; color: #fff; border: none; font-size:12px; padding: 4px 10px; border-radius:6px; transition:0.2s; } .btn-edit:hover { background:#333; color:#fff; } .btn-del { background: #dc3545; color:#fff; border:none; font-size:12px; padding:4px 10px; border-radius:6px; transition:0.2s; } .btn-del:hover { background:#bb2d3b; color:#fff; } .grid-media { display: grid; grid-template-columns: repeat(auto-fill, minmax(150px, 1fr)); gap: 12px; } @media (max-width: 768px) { .grid-media { grid-template-columns: repeat(auto-fill, minmax(120px, 1fr)); } } .label-req { color:#ef4444; } </style> <!-- ===================== PAGE CONTENT ===================== --> <div class="container my-3 page-wrap"> <div class="d-flex justify-content-between align-items-center mb-3"> <div class="section-header">🖼 Manage Media</div> <div class="badge-total">Total: <?php echo (int)$list->num_rows; ?></div> </div> <?php if ($success): ?><div class="alert alert-success"><?php echo safe_text($success); ?></div><?php endif; ?> <?php if ($error): ?><div class="alert alert-danger"><?php echo safe_text($error); ?></div><?php endif; ?> <!-- Filters --> <div class="section-card p-3 mb-4"> <form class="row g-2" method="get"> <div class="col-lg-6"> <input type="text" class="form-control" name="q" placeholder="Search name or description" value="<?php echo safe_text($q); ?>"> </div> <div class="col-md-3"> <input type="text" class="form-control" name="from" placeholder="From (dd-mm-yyyy)" value="<?php echo safe_text($from_raw); ?>"> </div> <div class="col-md-3 d-flex gap-2"> <input type="text" class="form-control" name="to" placeholder="To (dd-mm-yyyy)" value="<?php echo safe_text($to_raw); ?>"> <button class="btn btn-primary" type="submit">Search</button> <a href="manage_media.php" class="btn btn-outline-secondary">Reset</a> </div> </form> </div> <!-- Add New Photo --> <div class="section-card p-3 mb-4"> <div class="fs-5 fw-bold mb-2">➕ Add New Photo</div> <form method="POST" enctype="multipart/form-data"> <input type="hidden" name="action" value="create"> <div class="row g-3"> <div class="col-md-6"> <label class="form-label">Photo Title <span class="label-req">*</span></label> <input type="text" name="title" class="form-control" placeholder="e.g., Annual Day 2025" required> </div> <div class="col-md-6"> <label class="form-label">Select Photo <span class="label-req">*</span></label> <input type="file" name="image" class="form-control" accept="image/*" required> </div> </div> <div class="mt-3 d-flex gap-2"> <button type="submit" class="btn btn-primary">Upload Photo</button> <a href="dashboard.php" class="btn btn-outline-secondary">⬅ Dashboard</a> </div> </form> </div> <!-- Media Grid --> <div class="grid-media"> <?php while ($row = $list->fetch_assoc()): $id = (int)$row['id']; $title = safe_text($row['title']); $image = safe_text($row['image']); $date = date('d M Y', strtotime($row['created_at'] ?? 'now')); $path = "../uploads/media/" . $image; ?> <div class="card card-media"> <img src="<?php echo $path; ?>" alt="<?php echo $title; ?>"> <div class="card-body text-center"> <div class="fw-semibold text-truncate" title="<?php echo $title; ?>"><?php echo $title; ?></div> <div class="text-muted"><?php echo $date; ?></div> <div class="d-flex justify-content-center gap-2 mt-2"> <button class="btn-edit" data-bs-toggle="modal" data-bs-target="#editModal" data-id="<?php echo $id; ?>" data-title="<?php echo $title; ?>" data-image="<?php echo $image; ?>">Edit</button> <a href="manage_media.php?delete=<?php echo $id; ?>" onclick="return confirm('Delete this photo?')" class="btn-del">Delete</a> </div> </div> </div> <?php endwhile; ?> </div> </div> <!-- Edit Modal --> <div class="modal fade" id="editModal" tabindex="-1" aria-hidden="true"> <div class="modal-dialog modal-dialog-centered"> <form class="modal-content" method="POST" enctype="multipart/form-data"> <input type="hidden" name="action" value="update"> <input type="hidden" name="id" id="edit-id"> <div class="modal-header"> <h5 class="modal-title">Edit Photo</h5> <button type="button" class="btn-close" data-bs-dismiss="modal"></button> </div> <div class="modal-body"> <label class="form-label">Title</label> <input type="text" name="title" id="edit-title" class="form-control mb-2" required> <label class="form-label">Replace Image (optional)</label> <input type="file" name="image" class="form-control mb-2" accept="image/*"> <div class="text-center"><img id="edit-preview" src="" style="max-width:140px;border-radius:8px;"></div> </div> <div class="modal-footer"> <button type="button" class="btn btn-outline-secondary" data-bs-dismiss="modal">Cancel</button> <button type="submit" class="btn btn-primary">Save</button> </div> </form> </div> </div> <script> var editModal = document.getElementById('editModal'); editModal.addEventListener('show.bs.modal', function (event) { var btn = event.relatedTarget; document.getElementById('edit-id').value = btn.getAttribute('data-id'); document.getElementById('edit-title').value = btn.getAttribute('data-title'); document.getElementById('edit-preview').src = "../uploads/media/" + btn.getAttribute('data-image'); }); </script> <?php include 'includes/footer.php'; ?>
Upload File
Create Folder
