X7ROOT File Manager
Current Path:
/home/u126090504/domains/sketkaranjia.com/public_html/admin
home
/
u126090504
/
domains
/
sketkaranjia.com
/
public_html
/
admin
/
📁
..
📄
achievers.php
(21.44 KB)
📄
achv_cat_manage.php
(7.99 KB)
📄
achv_edit.php
(9.58 KB)
📄
achv_list.php
(8.08 KB)
📄
achv_upload.php
(13.39 KB)
📄
admin-academic-calendar.php
(20.41 KB)
📄
admin-public-disclosure.php
(18.36 KB)
📄
admissions.php
(28.76 KB)
📄
admissions_error.log
(56 KB)
📁
assets
📄
banners.php
(9.78 KB)
📄
branding_settings.php
(5.93 KB)
📄
change_password.php
(3.01 KB)
📄
class_master.php
(4.32 KB)
📄
contacts.php
(3.83 KB)
📄
dashboard.php
(27.76 KB)
📄
downloads.php
(4.91 KB)
📄
edit_faculty.php
(6.85 KB)
📄
events.php
(920 B)
📄
export_franchise.php
(930 B)
📄
faculty.php
(8.36 KB)
📄
fees_list.php
(8.48 KB)
📄
fees_upload.php
(6.19 KB)
📄
forgot_password.php
(5.76 KB)
📄
franchise.php
(7.28 KB)
📄
gallery.php
(3.08 KB)
📄
grievance-update.php
(1003 B)
📄
grievance-view.php
(8.51 KB)
📄
grievances.php
(9.55 KB)
📄
homework_add.php
(5.98 KB)
📄
homework_edit.php
(9.39 KB)
📄
homework_list.php
(2.24 KB)
📁
img
📁
includes
📄
index.php
(82 B)
📄
login.php
(13.47 KB)
📄
logout.php
(102 B)
📄
manage_albums.php
(10.82 KB)
📄
manage_media.php
(11.77 KB)
📄
manage_photos.php
(6.35 KB)
📄
manage_videos.php
(18.38 KB)
📄
managing-committee.php
(13.64 KB)
📄
master_menu.php
(5.75 KB)
📄
master_menu_debug.php
(3.73 KB)
📄
new_password.php
(3.9 KB)
📄
non_academic_achievers.php
(21.2 KB)
📄
notice.php
(15.52 KB)
📄
notice_error.log
(38.45 KB)
📄
notices.php
(8.24 KB)
📄
payments.php
(14.96 KB)
📁
phpmailer
📄
popup.php
(14.07 KB)
📄
reset_password.php
(2.27 KB)
📄
section_master.php
(6.59 KB)
📄
sections_by_class.php
(346 B)
📄
secure_session.php
(1000 B)
📄
settings.php
(8.34 KB)
📄
student_photo_update.php
(1.8 KB)
📄
subject_master.php
(6.16 KB)
📄
submit-grievance.php
(4.97 KB)
📄
testimonials.php
(15.15 KB)
📄
update_status.php
(1.66 KB)
📄
upi_settings.php
(1.52 KB)
Editing: testimonials.php
<?php // ---------- BOOTSTRAP ---------- include 'secure_session.php'; // 🔐 session security include 'includes/auth.php'; // ✅ auth check require_once '../config.php'; // ✅ DB include 'includes/header.php'; // ✅ Layout header $allowedTypes = ['jpg','jpeg','png','gif']; $maxSize = 2 * 1024 * 1024; // 2MB $success = $error = ""; // CSRF if (empty($_SESSION['csrf'])) { $_SESSION['csrf'] = bin2hex(random_bytes(32)); } // ---------- ADD ---------- if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['add_testimonial'])) { if (!isset($_POST['csrf']) || !hash_equals($_SESSION['csrf'], $_POST['csrf'])) { die("❌ CSRF validation failed."); } $name = trim($_POST['name']); $role = trim($_POST['role']); $message = trim($_POST['message']); $rating = (int)$_POST['rating']; $photo = ''; if (!empty($_FILES['photo']['name'])) { $targetDir = __DIR__ . "/../uploads/testimonials/"; if (!is_dir($targetDir)) mkdir($targetDir, 0755, true); $ext = strtolower(pathinfo($_FILES['photo']['name'], PATHINFO_EXTENSION)); if (!in_array($ext, $allowedTypes)) { $error = "❌ Only JPG, PNG, GIF allowed."; } elseif ($_FILES['photo']['size'] > $maxSize) { $error = "❌ File too large (max 2MB)."; } else { $safeName = time() . "_" . bin2hex(random_bytes(5)) . "." . $ext; $targetFile = $targetDir . $safeName; if (move_uploaded_file($_FILES['photo']['tmp_name'], $targetFile)) { $photo = $safeName; } else { $error = "❌ Upload failed."; } } } if (!$error) { $stmt = $conn->prepare("INSERT INTO testimonials (name, role, message, photo, rating) VALUES (?,?,?,?,?)"); $stmt->bind_param("ssssi", $name, $role, $message, $photo, $rating); $stmt->execute(); $success = "✅ Testimonial added successfully."; } } // ---------- DELETE ---------- if (isset($_GET['delete'])) { if (!isset($_GET['csrf']) || !hash_equals($_SESSION['csrf'], $_GET['csrf'])) { die("❌ CSRF validation failed."); } $id = (int)$_GET['delete']; $stmt = $conn->prepare("SELECT photo FROM testimonials WHERE id=?"); $stmt->bind_param("i", $id); $stmt->execute(); $stmt->bind_result($oldFile); $stmt->fetch(); $stmt->close(); if ($oldFile && file_exists(__DIR__."/../uploads/testimonials/".$oldFile)) { @unlink(__DIR__."/../uploads/testimonials/".$oldFile); } $stmt = $conn->prepare("DELETE FROM testimonials WHERE id=?"); $stmt->bind_param("i", $id); $stmt->execute(); $success = "⚠️ Testimonial deleted."; } // ---------- EDIT ---------- if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['edit_testimonial'])) { if (!isset($_POST['csrf']) || !hash_equals($_SESSION['csrf'], $_POST['csrf'])) { die("❌ CSRF validation failed."); } $id = (int)$_POST['id']; $name = trim($_POST['name']); $role = trim($_POST['role']); $message = trim($_POST['message']); $rating = (int)$_POST['rating']; $photo = ''; if (!empty($_FILES['photo']['name'])) { $targetDir = __DIR__ . "/../uploads/testimonials/"; if (!is_dir($targetDir)) mkdir($targetDir, 0755, true); $ext = strtolower(pathinfo($_FILES['photo']['name'], PATHINFO_EXTENSION)); if (!in_array($ext, $allowedTypes)) { $error = "❌ Only JPG, PNG, GIF allowed."; } elseif ($_FILES['photo']['size'] > $maxSize) { $error = "❌ File too large (max 2MB)."; } else { $safeName = time() . "_" . bin2hex(random_bytes(5)) . "." . $ext; $targetFile = $targetDir . $safeName; if (move_uploaded_file($_FILES['photo']['tmp_name'], $targetFile)) { $photo = $safeName; // delete old file $stmt = $conn->prepare("SELECT photo FROM testimonials WHERE id=?"); $stmt->bind_param("i", $id); $stmt->execute(); $stmt->bind_result($oldFile); $stmt->fetch(); $stmt->close(); if ($oldFile && file_exists(__DIR__."/../uploads/testimonials/".$oldFile)) { @unlink(__DIR__."/../uploads/testimonials/".$oldFile); } } else { $error = "❌ Upload failed."; } } } if (!$error) { if ($photo) { $stmt = $conn->prepare("UPDATE testimonials SET name=?, role=?, message=?, photo=?, rating=? WHERE id=?"); $stmt->bind_param("ssssii", $name, $role, $message, $photo, $rating, $id); } else { $stmt = $conn->prepare("UPDATE testimonials SET name=?, role=?, message=?, rating=? WHERE id=?"); $stmt->bind_param("sssii", $name, $role, $message, $rating, $id); } $stmt->execute(); $success = "✅ Testimonial updated successfully."; } } // ---------- FETCH ---------- $list = $conn->query("SELECT * FROM testimonials ORDER BY id DESC"); $total = $conn->query("SELECT COUNT(*) c FROM testimonials")->fetch_assoc()['c'] ?? 0; function h($v){ return htmlspecialchars((string)$v, ENT_QUOTES, 'UTF-8'); } ?> <!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <title>Manage Testimonials</title> <meta name="viewport" content="width=device-width, initial-scale=1"> <style> :root{ --bg:#f3f4f6; --card:#fff; --line:#e5e7eb; --muted:#6b7280; --shadow:0 10px 24px rgba(0,0,0,.12); --accent:#ef4444; --primary:#2563eb; --ink:#0f172a; } *{box-sizing:border-box} body{font-family:system-ui,Segoe UI,Roboto,Arial,sans-serif;background:var(--bg);margin:0;color:var(--ink)} .wrap{max-width:1200px;margin:24px auto;padding:0 16px} /* Topbar */ .topbar{display:flex;align-items:center;justify-content:space-between;margin-bottom:14px} .title{display:flex;align-items:center;gap:10px;font-weight:700;font-size:26px} .title:after{content:"";display:block;height:4px;background:var(--accent);border-radius:4px;width:260px;margin-left:12px} .pill{background:#f9fafb;border:1px solid var(--line);border-radius:999px;padding:6px 10px;font-size:13px} .actions{display:flex;gap:8px;align-items:center} /* Cards & controls */ .card{background:var(--card);border:1px solid var(--line);border-radius:14px;box-shadow:var(--shadow);padding:16px;margin-bottom:12px} .grid-2{display:grid;grid-template-columns:1fr 1fr;gap:12px} .input, .select, .textarea{width:100%;border:1px solid var(--line);border-radius:10px;padding:10px 12px;background:#fff} .textarea{min-height:100px;resize:vertical} .btn{display:inline-block;background:#111827;color:#fff;text-decoration:none;padding:10px 14px;border-radius:10px;border:1px solid transparent;cursor:pointer} .btn.primary{background:var(--primary)} .btn.gray{background:#6b7280} .btn.outline{background:#fff;color:#111827;border-color:var(--line)} .btn.small{padding:7px 10px;border-radius:8px;font-size:14px} /* Table */ .table{width:100%;border-collapse:collapse} .table th,.table td{padding:12px;border-bottom:1px solid #eee;font-size:14px;text-align:left;vertical-align:top} .table th{background:#f9fafb} .cell-actions{ position:relative; white-space:nowrap } /* Photo */ .avatar{width:56px;height:56px;border-radius:12px;object-fit:cover;border:1px solid var(--line);background:#fff} /* Alerts */ .alert{border-radius:12px;padding:10px 12px;margin-bottom:10px} .success{background:#dcfce7;border:1px solid #bbf7d0} .danger{background:#fee2e2;border:1px solid #fecaca} /* --- Centered Modal --- */ summary{ cursor:pointer; list-style:none; } summary::-webkit-details-marker{ display:none } .summary-btn{ display:inline-block; padding:7px 10px; border-radius:8px; background:#fff; color:#111827; border:1px solid var(--line); } details{ display:inline-block; } /* Backdrop (click to close) */ .modal-backdrop{ display:none; } details[open] .modal-backdrop{ display:block; position:fixed; inset:0; background:rgba(0,0,0,.45); z-index:40; animation: fadeIn .18s ease-out; } /* Modal panel */ .edit-panel{ position:fixed; left:50%; top:50%; transform:translate(-50%,-46%) scale(.98); z-index:50; width:720px; max-width:min(92vw,760px); max-height:80vh; overflow:auto; background:#fff; border:1px solid var(--line); border-radius:14px; box-shadow:var(--shadow); padding:16px; opacity:0; pointer-events:none; transition: transform .2s ease, opacity .2s ease; } details[open] .edit-panel{ opacity:1; transform:translate(-50%,-50%) scale(1); pointer-events:auto; } .edit-title{font-weight:700; font-size:18px; margin:0 0 10px} .edit-grid{ display:grid; grid-template-columns:1fr 1fr; gap:12px } .edit-grid .full{ grid-column:1/-1 } @keyframes fadeIn { from{opacity:0} to{opacity:1} } @media (max-width:900px){ .grid-2{grid-template-columns:1fr} .edit-grid{grid-template-columns:1fr} } </style> </head> <body> <div class="wrap"> <div class="topbar"> <div class="title">Manage Testimonials</div> <div class="actions"> <span class="pill">Total: <?= (int)$total ?></span> </div> </div> <?php if ($success): ?><div class="alert success"><?= h($success) ?></div><?php endif; ?> <?php if ($error): ?><div class="alert danger"><?= h($error) ?></div><?php endif; ?> <!-- Add Form --> <div class="card"> <h3 style="margin:0 0 10px">➕ Add Testimonial</h3> <form method="POST" enctype="multipart/form-data" class="grid-2"> <input type="hidden" name="csrf" value="<?= $_SESSION['csrf'] ?>"> <div> <label>Name</label> <input class="input" type="text" name="name" required> </div> <div> <label>Role / Course</label> <input class="input" type="text" name="role"> </div> <div style="grid-column:1/-1"> <label>Message</label> <textarea class="textarea" name="message" required></textarea> </div> <div> <label>Rating</label> <select class="select" name="rating" required> <option value="5" selected>⭐⭐⭐⭐⭐ (5)</option> <option value="4">⭐⭐⭐⭐ (4)</option> <option value="3">⭐⭐⭐ (3)</option> <option value="2">⭐⭐ (2)</option> <option value="1">⭐ (1)</option> </select> </div> <div> <label>Photo (optional)</label> <input class="input" type="file" name="photo" accept=".jpg,.jpeg,.png,.gif"> </div> <div style="grid-column:1/-1;display:flex;gap:10px"> <button class="btn primary" type="submit" name="add_testimonial">Add</button> <span class="pill" style="align-self:center;color:var(--muted)">Tip: Use clear square images for best display.</span> </div> </form> </div> <!-- List --> <div class="card" style="overflow:auto"> <table class="table"> <thead> <tr> <th style="width:60px">ID</th> <th style="width:72px">Photo</th> <th>Name</th> <th>Role</th> <th>Message</th> <th style="width:120px">Rating</th> <th style="width:260px" class="cell-actions">Actions</th> </tr> </thead> <tbody> <?php if ($list && $list->num_rows): ?> <?php while ($r = $list->fetch_assoc()): ?> <?php $id = (int)$r['id']; $stars = str_repeat('⭐', max(1,(int)$r['rating'])); $imgTag = $r['photo'] ? "<img class='avatar' src=\"../uploads/testimonials/".h($r['photo'])."\" alt=''>" : "<div class='avatar' style=\"display:flex;align-items:center;justify-content:center;color:#9ca3af;font-size:12px\">—</div>"; ?> <tr> <td><?= $id ?></td> <td><?= $imgTag ?></td> <td><?= h($r['name']) ?></td> <td><?= h($r['role']) ?></td> <td><?= nl2br(h($r['message'])) ?></td> <td><?= $stars ?></td> <td class="cell-actions"> <a class="btn outline small" href="?delete=<?= $id ?>&csrf=<?= $_SESSION['csrf'] ?>" onclick="return confirm('Delete this testimonial?')">Delete</a> <details> <summary class="summary-btn">Edit</summary> <!-- Backdrop (click to close) --> <div class="modal-backdrop" onclick="this.parentElement.open=false"></div> <!-- Centered Modal --> <div class="edit-panel" role="dialog" aria-modal="true" aria-label="Edit testimonial"> <h4 class="edit-title">Edit Testimonial</h4> <form method="POST" enctype="multipart/form-data" class="edit-grid"> <input type="hidden" name="csrf" value="<?= $_SESSION['csrf'] ?>"> <input type="hidden" name="id" value="<?= $id ?>"> <div> <label>Name</label> <input class="input" type="text" name="name" value="<?= h($r['name']) ?>" required> </div> <div> <label>Role / Course</label> <input class="input" type="text" name="role" value="<?= h($r['role']) ?>"> </div> <div class="full"> <label>Message</label> <textarea class="textarea" name="message" required><?= h($r['message']) ?></textarea> </div> <div> <label>Rating</label> <select class="select" name="rating" required> <?php for($i=5;$i>=1;$i--): ?> <option value="<?= $i ?>" <?= ((int)$r['rating']===$i?'selected':'') ?>> <?= str_repeat('⭐',$i) ?> (<?= $i ?>) </option> <?php endfor; ?> </select> </div> <div> <label>Change Photo</label> <input class="input" type="file" name="photo" accept=".jpg,.jpeg,.png,.gif"> </div> <div class="full" style="display:flex;gap:10px;justify-content:flex-end"> <button class="btn primary" type="submit" name="edit_testimonial">Save</button> <button class="btn gray" type="button" onclick="this.closest('details').open=false">Close</button> </div> </form> </div> </details> </td> </tr> <?php endwhile; ?> <?php else: ?> <tr><td colspan="7">No Testimonials Found</td></tr> <?php endif; ?> </tbody> </table> </div> </div> <!-- Small helper: lock page scroll when any details is open, close with ESC --> <script> document.addEventListener('toggle', function(e){ if(e.target.tagName === 'DETAILS'){ document.body.style.overflow = e.target.open ? 'hidden' : ''; } }, true); document.addEventListener('keydown', function(e){ if(e.key === 'Escape'){ const openD = document.querySelector('details[open]'); if(openD){ openD.open = false; document.body.style.overflow=''; } } }); </script> <?php include 'includes/footer.php'; ?>
Upload File
Create Folder