| Current File : /home/viralhoga/public_html/adminpanel/include/admin-main.php |
<?php
include("config.php");
class admin{
//function query to select table data
function select_objData($table,$o){
$this->table_name=$table;
global $con;
$select_query=mysqli_query($con,"SELECT * FROM ".$this->table_name." $o ") or die("Can't select data from ".$this->table_name." table due to ".mysqli_error());
return $select_query;
}
//function query to select table data
function select_myobjData($table){
$this->table_name=$table;
global $con;
$select_query=mysqli_query($con,"SELECT * FROM ".$this->table_name) or die("Can't select data from ".$this->table_name." table due to ".mysqli_error());
return $select_query;
}
//function query to select table data
function select_MenuForData($table){
$this->table_name=$table;
global $con;
$select_query=mysqli_query($con,"SELECT * FROM ".$this->table_name." where menu_id in(select menu_id from categories)") or die("Can't select data from ".$this->table_name." table due to ".mysqli_error());
return $select_query;
}
//function query to insert guest user table
function insert_guest_user($table,$utype){
$this->table_name=$table;
global $con;
$name= $_POST['c_name'];
$email = $_POST['c_email'];
$mobile= $_POST['c_mobile'];
$c_designation= $_POST['c_designation'];
$created = date('Y-m-d');
$password = md5($_POST['c_password']);
$pass = $_POST['c_password'];
$address = $_POST['address'];
$reg_id = date('ihs').rand(0,99);
$tmpNameIs=$_FILES['pro_pic']['tmp_name'];
if(is_uploaded_file($tmpNameIs)){
$imgNameIs= sha1(date('dmy').rand()).".jpg";
//move uploaded file
move_uploaded_file($tmpNameIs,"../image/".$imgNameIs);
}else{
$imgNameIs='';
}
$tmpNameIs_1=$_FILES['aadhar']['tmp_name'];
if(is_uploaded_file($tmpNameIs_1)){
$imgNameIs_1= sha1(date('smgy').rand()).".jpg";
//move uploaded file
move_uploaded_file($tmpNameIs_1,"../image/".$imgNameIs_1);
}else{
$imgNameIs_1='';
}
$query ="insert into regis(name,email,mobile,password,pass,reg_date,pro_pic,address,reg_id,utype,aadhar)";
$query .=" value('{$name}','{$email}','{$mobile}','{$password}','{$pass}',now(),'{$imgNameIs}','{$address}','{$reg_id}','{$utype}','{$imgNameIs_1}')";
$insert_query=mysqli_query($con,$query);
if(!$insert_query)
{
die('QUERY FAILD' . mysqli_error($con));
}
if($insert_query)
return "ok";
else
return "fail";
}
//function query to insert data into table
function insert_moving_txt($table){
$this->table_name=$table;
global $con;
$mtxt = addslashes($_REQUEST['mtxt']);
$insert_query=mysqli_query($con,"UPDATE ".$this->table_name." set mtxt='$mtxt' WHERE id='1'") or die("Can't insert data into ".$this->table_name." table due to ".mysqli_error());
if($insert_query)
return "ok";
else
return "fail";
}
//function query to insert data into table
function insert_pin_code($table){
$this->table_name=$table;
global $con;
$menu = @mysqli_real_escape_string($con,$_REQUEST['menu']);
$insert_query=mysqli_query($con,"insert into pin_code set pin='$menu'") or die("Can't insert data into ".$this->table_name." table due to ".mysqli_error());
if($insert_query)
return "ok";
else
return "fail";
}
//function query to insert data into table
function update_pin_code_objData($table,$id){
$this->table_name=$table;
global $con;
$menu = @mysqli_real_escape_string($con,$_REQUEST['menu']);
$update_query=mysqli_query($con,"update pin_code set pin='$menu' where menu_id='$id'") or die("Can't insert data into ".$this->table_name." table due to ".mysqli_error());
if($update_query)
return 1;
else
return "fail";
}
//function query to insert data into table
function insert_menu($table){
$this->table_name=$table;
global $con;
$menu = @mysqli_real_escape_string($con,$_REQUEST['menu']);
$mimage= md5(rand().date('ihs')).$_FILES['m_image']['name'];
$mimage_tmp=$_FILES['m_image']['tmp_name'];
$insert_query=mysqli_query($con,"insert into menu set menu='$menu',type='$_POST[type]',menu_image='$mimage'") or die("Can't insert data into ".$this->table_name." table due to ".mysqli_error());
move_uploaded_file($_FILES['m_image']['tmp_name'],"img/".$mimage);
if($insert_query)
return "ok";
else
return "fail";
}
// function query to insert data into table
function insert_cat($table){
$this->table_name=$table;
global $con;
$cat = @mysqli_real_escape_string($con,$_POST['category']);
$mimage= md5(rand().date('his')).$_FILES['m_image']['name'];
$mimage_tmp=$_FILES['m_image']['tmp_name'];
$insert_query=mysqli_query($con,"insert into ".$this->table_name." set menu_id='$_POST[menu_id]',category_name='$cat',sub_menu_image='$mimage'") or die("Can't insert data into ".$this->table_name." table due to ".mysqli_error());
move_uploaded_file($_FILES['m_image']['tmp_name'],"img/".$mimage);
if($insert_query)
return "ok";
else
return "fail";
}
// function query to insert data into table
function insert_subcat($table){
$this->table_name=$table;
global $con;
$mimage= md5(rand().date('shi')).$_FILES['m_image']['name'];
$mimage_tmp=$_FILES['m_image']['tmp_name'];
$subcat_name = @mysqli_real_escape_string($con,$_POST['sub_category']);
$insert_query=mysqli_query($con,"insert into ".$this->table_name." set cat_id='$_POST[cat_id]',menu_id='$_POST[menu_id]',subcat_name='$subcat_name',home_view='no',sub_menu_image='$mimage'") or die($con);
move_uploaded_file($_FILES['m_image']['tmp_name'],"img/".$mimage);
if($insert_query)
return "ok";
else
return "fail";
}
//function query to insert data into table
function insert_coupon($table){
$this->table_name=$table;
global $con;
$coupon_name = @mysqli_real_escape_string($con,$_REQUEST['coupon_name']);
$insert_query=mysqli_query($con,"insert into ".$this->table_name." set coupon_per='$_REQUEST[coupon_per]',coupon_name='$coupon_name'") or die("Can't insert data into ".$this->table_name." table due to ".mysqli_error());
if($insert_query)
return "ok";
else
return "fail";
}
//function query to select table data by id
function select_objData_byId($table,$id){
$this->table_name=$table;
global $con;
if($this->table_name=='menu' || $this->table_name=='pin_code')
$select_query=mysqli_query($con,"SELECT * FROM ".$this->table_name." WHERE menu_id='$id'") or die("Can't select data from ".$this->table_name." table due to ".mysqli_error());
if($this->table_name=='categories')
$select_query=mysqli_query($con,"SELECT * FROM ".$this->table_name." WHERE cat_id='$id'") or die("Can't select data from ".$this->table_name." table due to ".mysqli_error());
return mysqli_fetch_array($select_query);
}
//function query to update table
function update_objData($table,$id){
$this->table_name=$table;
global $con;
if($this->table_name=="menu"){
$sel_query=mysqli_query($con,"select * from menu where menu_id='$id'") or die(mysqli_error());
@extract($result=mysqli_fetch_array($sel_query));
if($_FILES['menu_image']['name']==''){
$menu_name = @mysqli_real_escape_string($con,$_POST['menu']);
$menu_image=$result['menu_image'];
$update_query = mysqli_query($con,"UPDATE ".$this->table_name." SET menu = '".$menu_name."',menu_image='".$menu_image."' WHERE menu_id = '".$id."'") or die("Can't update menu name of ".$this->table_name." table due to ".mysqli_error());
}
else{
$menu_name = @mysqli_real_escape_string($con,$_POST['menu']);
$menu_image=md5(rand().date('ihs')).$_FILES['menu_image']['name'];
$update_query = mysqli_query($con,"UPDATE ".$this->table_name." SET menu = '".$menu_name."',menu_image='".$menu_image."' WHERE menu_id = '".$id."'") or die("Can't update menu name of ".$this->table_name." table due to ".mysqli_error());
move_uploaded_file($_FILES['menu_image']['tmp_name'],"img/".$menu_image);
}
}
if($this->table_name=="categories"){
if(is_uploaded_file($_FILES['menu_image']['tmp_name'])){
$menu_Name=md5(rand().date('ihs')).$_FILES['menu_image']['name'];
$menu_image = ",sub_menu_image='$menu_Name'";
move_uploaded_file($_FILES['menu_image']['tmp_name'],"img/".$menu_Name);
}
else{
$menu_image='';
}
@extract($result=mysqli_fetch_array($sub_sel_query));
$cat_name = @mysqli_real_escape_string($con,$_POST['catname']);
$update_query = mysqli_query($con,"UPDATE ".$this->table_name." SET category_name = '".$cat_name."' $menu_image WHERE cat_id= '".$id."'") or die("Can't update menu name of ".$this->table_name." table due to ".mysqli_error());
}
if($update_query)
return "ok";
else
return "fail";
}
/******************************************************************************************************/
function insert_product($table){
$this->table_name=$table;
global $con;
/*-----------------------Multiple image uploading code start here----------------*/
$name=array();
if(@count($_FILES['product_image']['tmp_name'])) {
$i=0;
foreach ($_FILES['product_image']['tmp_name'] as $index=>$tmp_name){
$tmpName = date('s').$_FILES[ 'product_image' ][ 'name' ][ $index ];
$tmpDest = $_FILES[ 'product_image' ][ 'tmp_name' ][ $index ];
$i++;
$ext = explode(".",$tmpName);
$size = sizeof($ext);
$r = md5($ext[0]);
$filename = $r.".".$ext[$size-1];
if( !empty( $tmpDest ) && is_uploaded_file( $tmpDest ) ) {
$path = "img/";
$imgup=move_uploaded_file($tmpDest, $path.$filename);
}
if(@$imgup)
{
array_push($name,$filename);
}
}
$img_upsd=json_encode($name);
}
$desc_tl=mysqli_real_escape_string($con,$_POST['description']);
$menu_id = @mysqli_real_escape_string($con,$_REQUEST['menu_id']);
$cat_id = @mysqli_real_escape_string($con,$_REQUEST['cat_id']);
$subcat_id = @mysqli_real_escape_string($con,$_REQUEST['subcat_id']);
$videoUrl = @mysqli_real_escape_string($con,$_REQUEST['videoUrl']);
if(empty($_POST['D_shipping']))$D_shipping=0;else $D_shipping=$_POST['D_shipping'];
if(empty($_POST['oldprice']))$oldprice=0;else $oldprice=$_POST['oldprice'];
if(empty($_POST['price']))$price=0;else $price=$_POST['price'];
if(empty($_POST['oldprc']))$oldprc=0;else $oldprc=$_POST['oldprc'];
$result=mysqli_query($con,"INSERT INTO ".$this->table_name."(menu_id,cat_id,subcat_id,name,price,brand,description,img,oldprice,Pro_code,pro_type,pro_size,available_Color,stock,D_shipping,reg_id,oldprc,videoType,videoUrl)value('$menu_id','$cat_id','$subcat_id','$_POST[name]','$price','$_POST[brand]','$desc_tl','$img_upsd','$oldprice','$_POST[Pro_code]','$_POST[pro_type]','$_POST[pro_size]','$_POST[available_Color]','$_POST[stock]','$D_shipping','admin','$oldprc','$_POST[videoType]','$videoUrl')") or die(mysqli_error());
if($result)
return $msg="pass";
else
return $msg="fail";
}
function insert_ADV($table){
$this->table_name=$table;
global $con;
$menu_id = @mysqli_real_escape_string($con,$_REQUEST['menu_id']);
$cat_id = @mysqli_real_escape_string($con,$_REQUEST['cat_id']);
$subcat_id = @mysqli_real_escape_string($con,$_REQUEST['subcat_id']);
$adv_link = @mysqli_real_escape_string($con,$_REQUEST['linkName']);
$img_upsd=rand().$_FILES['photo']['name'];
if(empty($menu_id))$menu_id=0;
if(empty($cat_id))$cat_id=0;
if(empty($subcat_id))$subcat_id=0;
$insert_query=mysqli_query($con,"insert into ".$this->table_name." set menu_id='$menu_id',cat_id='$cat_id',subcat_id='$subcat_id',img='$img_upsd',Adv='$adv_link',pos_ad='$_POST[pos_ad]'") or die("Can't insert data into ".$this->table_name." table due to ".mysqli_error($con));
if($table=='adv_tbl0')
move_uploaded_file($_FILES['photo']['tmp_name'],"../image/banner_top/".$img_upsd);
if($table=='adv_tbl1')
move_uploaded_file($_FILES['photo']['tmp_name'],"../image/banner_top/".$img_upsd);
if($table=='adv_tbl2')
move_uploaded_file($_FILES['photo']['tmp_name'],"../image/banner_top/".$img_upsd);
if($table=='adv_tbl3')
move_uploaded_file($_FILES['photo']['tmp_name'],"../image/banner_top/".$img_upsd);
if($table=='adv_tbl4')
move_uploaded_file($_FILES['photo']['tmp_name'],"../image/banner_top/".$img_upsd);
if($table=='adv_tbl5')
move_uploaded_file($_FILES['photo']['tmp_name'],"../image/banner_top/".$img_upsd);
if($table=='adv_tbl6')
move_uploaded_file($_FILES['photo']['tmp_name'],"../image/banner_top/".$img_upsd);
if($table=='adv_tbl7')
move_uploaded_file($_FILES['photo']['tmp_name'],"../image/banner_top/".$img_upsd);
if($insert_query)
return "ok";
else
return "fail";
}
//code to select product detail
function select_seller_product($table,$sid,$o){
$this->table_name=$table;
global $con;
$qry = mysqli_query($con,"SELECT * FROM ".$this->table_name." where reg_id='$sid' $o ") or die("select query fail".mysqli_error());
return $qry;
}
//code to select product order
function select_order_product($table,$o){
$this->table_name=$table;
global $con;
$qry = mysqli_query($con,"SELECT * FROM ".$this->table_name." $o ") or die("select query fail".mysqli_error());
return $qry;
}
//code to select product detail
function select_seller_details($table,$sid){
$this->table_name=$table;
global $con;
$qry = mysqli_query($con,"SELECT * FROM ".$this->table_name." where reg_id='$sid' ") or die("select query fail".mysqli_error());
return mysqli_fetch_array($qry);
}
//code to select seller product
function select_myproduct($table){
$this->table_name=$table;
global $con;
$qry = mysqli_query($con,"SELECT * FROM ".$this->table_name) or die("select query fail".mysqli_error());
return $qry;
}
//code to select seller product
function select_product($table,$o){
$this->table_name=$table;
global $con;
$qry = mysqli_query($con,"SELECT * FROM ".$this->table_name." $o ") or die("select query fail".mysqli_error());
return $qry;
}
//code to insert product detail
function select_order($car){
$this->table_name=$car;
$qry = mysqli_query($con,"SELECT * FROM ".$this->table_name."") or die("select query fail".mysqli_error());
return $qry;
}
//code to insert product detail
function select_register($car){
$this->table_name=$car;
$qry = mysqli_query($con,"SELECT * FROM ".$this->table_name." order by uid") or die("select query fail".mysqli_error());
return $qry;
}
function insert_register($table){
$this->table_name=$table;
global $con;
$result=mysqli_query($con,"INSERT INTO ".$this->table_name."(name,email,password,img)
value('$_POST[name]','$_POST[email]','$_POST[password]','woman.jpg')") or die(mysqli_error());
if($result)
$result=mysqli_query($con,"SELECT * FROM ".$this->table_name." WHERE email='$_POST[email]' AND password='$_POST[password]' ") or die(mysqli_error());
$result2 = mysqli_fetch_array($result);
session_start();
$_SESSION['user']=$result2['id'];
echo "<script>alert('Username Register Successfully')</script>";
header('location:index.php');
}
//code to insert product detail
function insert_register22($table){
$this->table_name=$table;
global $con;
$result=mysqli_query($con,"INSERT INTO ".$this->table_name."(name,email,password,img)
value('$_POST[name]','$_POST[email]','$_POST[password]','woman.jpg')") or die(mysqli_error());
if($result)
$result=mysqli_query($con,"SELECT * FROM ".$this->table_name." WHERE email='$_POST[email]' AND password='$_POST[password]' ") or die(mysqli_error());
$result2 = mysqli_fetch_array($result);
session_start();
$_SESSION['user']=$result2['id'];
echo "<script>alert('Username Register Successfully')</script>";
header('location:shipping.php');
}
//code to insert product detail
//check user for login
function insert_register1($table){
$this->table_name=$table;
global $con;
$result=mysqli_query($con,"SELECT * FROM ".$this->table_name." WHERE email='$_POST[email]' AND password='$_POST[password]' ") or die(mysqli_error());
$result2 = mysqli_fetch_array($result);
if(mysqli_num_rows($result)>0){
session_start();
$_SESSION['user']=$result2['id'];
header('location:index.php');
}
else{
echo "<script>alert('Username or password is not correct')</script>";
}
}
//check user for login
function insert_register2($table){
$this->table_name=$table;
global $con;
$result=mysqli_query($con,"SELECT * FROM ".$this->table_name." WHERE email='$_POST[email]' AND password='$_POST[password]' ") or die(mysqli_error());
$result2 = mysqli_fetch_array($result);
if(mysqli_num_rows($result)>0){
session_start();
$_SESSION['user']=$result2['id'];
header('location:shipping.php');
}
else{
echo "<script>alert('Username or password is not correct')</script>";
}
}
function insert_shipping($table){
$this->table_name=$table;
global $con;
$result=mysqli_query($con,"INSERT INTO ".$this->table_name."(user_id,f_name,l_name,address,city,zip,country,f_name1,l_name1,address1,city1,zip1,country1)
value('$_POST[user_id]','$_POST[f_name]','$_POST[l_name]','$_POST[address]','$_POST[city]','$_POST[zip]','$_POST[country]','$_POST[f_name1]','$_POST[l_name1]','$_POST[address1]','$_POST[city1]','$_POST[zip1]','$_POST[country1]')") or die(mysqli_error());
if($result)
echo "<script>alert('Data Saved Successfully')</script>";
header('location:payment.php');
}
}//closing of class
?>