File Manager

X7ROOT File Manager

Current Path: /home/u126090504/domains/oceanicabeachresort.com/public_html/admin

home / u126090504 / domains / oceanicabeachresort.com / public_html / admin /

📁 ..
📁 assets
📄 banners.php(9.78 KB)
📄 booking-dashboard.php(4.93 KB)
📄 booking_status_update.php(6.14 KB)
📄 booking_view.php(4.04 KB)
📄 branding_settings.php(5.93 KB)
📄 change_password.php(3.01 KB)
📄 contacts.php(3.83 KB)
📄 dashboard.php(5.64 KB)
📁 dompdf
📄 downloads.php(4.91 KB)
📄 forgot_password.php(5.76 KB)
📄 gallery.php(3.08 KB)
📁 img
📁 includes
📄 index.php(82 B)
📁 invoices
📄 login.php(13.47 KB)
📄 logo.png(19.29 KB)
📄 logout.php(102 B)
📄 manage_albums.php(10.82 KB)
📄 manage_media.php(11.77 KB)
📄 manage_photos.php(6.35 KB)
📄 manage_videos.php(18.38 KB)
📄 new_password.php(3.9 KB)
📄 notice.php(15.52 KB)
📄 notice_error.log(38.45 KB)
📄 notices.php(8.24 KB)
📄 payments.php(14.96 KB)
📄 pdf_bill_template.php(30.69 KB)
📁 phpmailer
📄 popup.php(14.07 KB)
📄 reset_password.php(2.27 KB)
📄 secure_session.php(1000 B)
📄 settings.php(8.34 KB)
📄 test.php(239 B)
📄 test_pdf.php(1.58 KB)
📄 testimonials.php(15.15 KB)
📁 tmp
📄 update_status.php(1.66 KB)
📄 upi_settings.php(1.52 KB)

Editing: settings.php

<?php
// admin/settings.php

session_start();
require_once __DIR__ . '/../config.php';

// ---------- Auth guard ----------
if (empty($_SESSION['admin_id'])) {
    header('Location: login.php');
    exit;
}

// ---------- Helpers ----------
function h(?string $s): string { return htmlspecialchars((string)$s, ENT_QUOTES, 'UTF-8'); }
function load_settings(mysqli $conn): array {
    $settings = [];
    if ($res = $conn->query("SELECT `field`, `value` FROM `settings`")) {
        while ($row = $res->fetch_assoc()) $settings[$row['field']] = $row['value'];
        $res->free();
    }
    return $settings;
}

// ---------- CSRF ----------
if (empty($_SESSION['csrf_token'])) {
    $_SESSION['csrf_token'] = bin2hex(random_bytes(16));
}
$csrf_token = $_SESSION['csrf_token'];

// ---------- Allowed fields ----------
$allowed_fields = ['institute_name','upi_id','min_admission_amount','min_installment_amount'];
$messages = [];
$errors   = [];

// ---------- Handle POST ----------
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    if (empty($_POST['csrf_token']) || !hash_equals($_SESSION['csrf_token'], (string)$_POST['csrf_token'])) {
        $errors[] = 'Invalid request. Please try again.';
    }

$save_map = [
        'institute_name'         => trim((string)($_POST['institute_name'] ?? '')),
        'upi_id'                 => trim((string)($_POST['upi_id'] ?? '')),
        'min_admission_amount'   => trim((string)($_POST['min_admission_amount'] ?? '')),
        'min_installment_amount' => trim((string)($_POST['min_installment_amount'] ?? '')),
    ];

if (!$errors) {
        $stmt = $conn->prepare("
            INSERT INTO `settings` (`field`, `value`)
            VALUES (?, ?)
            ON DUPLICATE KEY UPDATE `value` = VALUES(`value`)
        ");
        if (!$stmt) {
            $errors[] = 'DB error: failed to prepare statement.';
        } else {
            foreach ($save_map as $field => $value) {
                if (!in_array($field, $allowed_fields, true)) continue;
                $stmt->bind_param('ss', $field, $value);
                if (!$stmt->execute()) { $errors[] = 'DB error while saving.'; break; }
            }
            $stmt->close();
        }

if (!$errors) {
            $messages[] = '✅ Settings updated successfully!';
            $_SESSION['csrf_token'] = bin2hex(random_bytes(16));
            $csrf_token = $_SESSION['csrf_token'];
        }
    }
}

// reload fresh
$current = load_settings($conn);
function getv(array $a, string $k, string $def=''): string {
    return isset($a[$k]) ? (string)$a[$k] : $def;
}

// ---------- Includes ----------
$adminHeader = __DIR__ . '/includes/header.php';
$rootHeader  = __DIR__ . '/../header.php';
$adminFooter = __DIR__ . '/includes/footer.php';
$rootFooter  = __DIR__ . '/../footer.php';

if (file_exists($adminHeader)) include $adminHeader;
elseif (file_exists($rootHeader)) include $rootHeader;
?>

<style>
  :root{
    --brand:#e30613;     
    --ink:#0a0a0a;       
    --panel:#f6f7f9;     
    --ring:rgba(227,6,19,.18);
  }
  body{ background: var(--panel); }

.page-wrap{ max-width:1100px; margin:40px auto; }
  .page-card{
    background:#fff; border:1px solid #eee; border-radius:1rem;
    box-shadow:0 10px 34px rgba(0,0,0,.06);
  }

.page-head{
    padding:1rem 1.25rem .75rem 1.25rem;
    border-bottom:3px solid var(--brand);
  }
  .page-head h3{ margin:0; color:var(--ink); font-weight:600; }

.page-body{ padding:1.25rem; }
  .hint{ color:#6b7280; font-size:.9rem; }

.card-lite{
    background:#fff; border:1px solid #e5e7eb; border-radius:.85rem;
  }
  .card-lite .card-header{
    background:#fff; border-bottom:1px solid #eef0f3; font-weight:600;
  }

.form-control:focus{
    border-color: var(--brand);
    box-shadow: 0 0 0 .2rem var(--ring);
  }

.btn-brand{
    background: var(--brand); color:#fff; border:none; font-weight:600;
    border-radius:.55rem; transition: all .2s ease;
  }
  .btn-brand:hover{ background:#b9040f; box-shadow:0 6px 18px rgba(227,6,19,.35); }

.alert{ border-radius:.75rem; font-weight:500; }

/* QR preview box */
  .qr-box{
    display:flex; align-items:center; justify-content:center;
    background:#fafafa; border:1px dashed rgba(0,0,0,.15);
    border-radius:.75rem; width:180px; height:180px;
    overflow:hidden;
  }
  .qr-box img{ width:100%; height:auto; display:block; }
</style>

<div class="page-wrap">
  <div class="page-card">
    <div class="page-head">
      <h3>🏫 Institute Settings</h3>
    </div>

<?php if ($errors): ?>
        <div class="alert alert-danger mb-3">
          <?php foreach ($errors as $e) echo '<div>'.h($e).'</div>'; ?>
        </div>
      <?php endif; ?>

<div class="mb-3">
          <label class="form-label fw-semibold">Institute Name</label>
          <input type="text" class="form-control" name="institute_name"
                 value="<?php echo h(getv($current,'institute_name')); ?>"
                 placeholder="e.g. Oxford Public School">
        </div>

<div class="row g-4 align-items-center mb-4">
          <div class="col-md-7">
            <label class="form-label fw-semibold">UPI ID</label>
            <input type="text" class="form-control" id="upi_id" name="upi_id"
                   value="<?php echo h(getv($current,'upi_id')); ?>"
                   placeholder="e.g. 7381426778@ybl" inputmode="text" autocomplete="off">
            <div class="form-text">This UPI ID will be used to generate the QR & UPI payment link.</div>
          </div>
          <div class="col-md-5 text-center">
            <div class="qr-box" id="qr-preview">
              <div class="text-muted small">QR Preview</div>
            </div>
          </div>
        </div>

<div class="card-lite mb-4">
          <div class="card-header"><strong>Payment Rules</strong></div>
          <div class="card-body">
            <div class="row g-3">
              <div class="col-md-6">
                <label class="form-label">Minimum Admission Fee (₹)</label>
                <input type="number" min="0" step="1" class="form-control" name="min_admission_amount"
                       value="<?php echo h(getv($current,'min_admission_amount','1000')); ?>">
              </div>
              <div class="col-md-6">
                <label class="form-label">Minimum Tution Fee (₹)</label>
                <input type="number" min="1" step="1" class="form-control" name="min_installment_amount"
                       value="<?php echo h(getv($current,'min_installment_amount','1')); ?>">
              </div>
            </div>
            <div class="mt-2 hint">Set sensible lower limits to avoid tiny transactions.</div>
          </div>
        </div>

<div class="d-flex gap-2">
          <button type="submit" class="btn btn-brand">
            <i class="bi bi-check2-circle me-1"></i> Save Changes
          </button>
          <a href="index.php" class="btn btn-outline-dark">
            <i class="bi bi-arrow-left-short me-1"></i> Back
          </a>
        </div>
      </form>
    </div>
  </div>
</div>

<script>
document.addEventListener("DOMContentLoaded", function(){
  const upiInput = document.getElementById('upi_id');
  const qrBox = document.getElementById('qr-preview');

upiInput.addEventListener('input', updateQR);
  updateQR(); // on load
});
</script>

<?php
if (file_exists($adminFooter)) include $adminFooter;
elseif (file_exists($rootFooter)) include $rootFooter;
?>

X7ROOT File Manager

Editing: settings.php

Upload File

Create Folder