'jpg', IMAGETYPE_PNG=>'png', IMAGETYPE_GIF=>'gif'); /* sanitize post, get, request */ $_REQUEST['bank_id'] = ((empty($_REQUEST['bank_id']))?"":$_REQUEST['bank_id']); $_GET['act'] = ((empty($_GET['act']))?"":$_GET['act']); $_GET['add'] = ((empty($_GET['add']))?"":$_GET['add']); $_POST['do'] = ((empty($_POST['do']))?"":$_POST['do']); $_COOKIE['bank'] = ((empty($_COOKIE['bank']))?"":$_COOKIE['bank']); /* end sanitize */ $curstatus = $db->fetch_one("SELECT * FROM bank WHERE bank_id='".$db->clean($_REQUEST['bank_id'])."'"); $curstatus['bankname'] = empty($curstatus['bankname'])?'':$curstatus['bankname']; $curstatus['rek_no'] = empty($curstatus['rek_no'])?'':$curstatus['rek_no']; $curstatus['rek_name'] = empty($curstatus['rek_name'])?'':$curstatus['rek_name']; $curstatus['status'] = empty($curstatus['status'])?'':$curstatus['status']; $curstatus['logo'] = empty($curstatus['logo'])?'':$curstatus['logo']; if (!empty($_REQUEST['bank_id'])){ $bank->setId($_REQUEST['bank_id']); $curstatus = $bank->getHeaderBank(); if ($_GET['act'] == 'delete'){ $bank->deleteBank(); redirecting("adminbank.php"); } } if (!empty($_POST)){ $do = $_POST['do']; if ($do == "addbank"){ $bankname = (empty($_POST['bank']))?"":$_POST['bank']; $status = (empty($_POST['status']))?"":$_POST['status']; $logoimage = ''; if ($_FILES['files']['size'] > 0){ $filesname = $_FILES['files']['name']; $fileloc = $_FILES['files']['tmp_name']; $info = getimagesize($fileloc); if ($info){ if (!empty($supportedfile[$info[2]]) ){ $extension = substr($filesname,strrpos($filesname,'.')+1); $k = 1; while (file_exists("../logo/".$filesname)){ if (strrpos($filesname,"_")){ $filesname = substr($filesname,0,strrpos($filesname,"_")).'.'.$extension; } $filesname = substr($filesname,0,strrpos($filesname,"."))."_".$k.'.'.$extension; $k++; } $path = "../logo/".$filesname; copy($_FILES['files']['tmp_name'], $path); $logoimage = "logo/".$filesname; } else{ redirecting('adminbank.php?error=notsupportedimagefile'); } } } $bank->saveBank($bankname, $status, $logoimage); redirecting('adminbank.php'); } else if ($do == "editbank"){ $bank->setId($_REQUEST['bank_id']); $bankname = (empty($_POST['bank']))?"":$_POST['bank']; $status = (empty($_POST['status']))?"":$_POST['status']; //$bank->updateBank($bankname,$rek_no,$rek_name,$status,''); if (empty($_FILES['files']['size'])){ $filenametosave = $curstatus['logo']; if (!empty($curstatus['logo'])) { if (file_exists("../".$curstatus['logo'])){ $thefiles = getFilenameAndExtension("../".$curstatus['logo']); $filename = $thefiles[0]; $extension = $thefiles[1]; $realfilename = $filename.'.'.$extension; $k = 1; while (file_exists("../logo/".$realfilename)){ $realfilename = $filename.'_'.$k.'.'.$extension; $k++; } rename("../".$curstatus['logo'],"../logo/".$realfilename); $filenametosave = "logo/".$realfilename; } } $bank->updateBank($bankname, $status, $filenametosave); redirecting('adminbank.php'); } else if ($_FILES['files']['size'] > 0){ if (!empty($curstatus['logo'])){ if (file_exists('../'.$curstatus['logo'])){ unlink('../'.$curstatus['logo']); } } $filesname = $_FILES['files']['name']; $fileloc = $_FILES['files']['tmp_name']; $info = getimagesize($fileloc); if ($info){ if (!empty($supportedfile[$info[2]]) ){ $extension = substr($filesname,strrpos($filesname,'.')+1); $k = 1; while (file_exists("../logo/".$filesname)){ if (strrpos($filesname,"_")){ $filesname = substr($filesname,0,strrpos($filesname,"_")).'.'.$extension; } $filesname = substr($filesname,0,strrpos($filesname,"."))."_".$k.'.'.$extension; $k++; } $path = "../logo/".$filesname; copy($_FILES['files']['tmp_name'], $path); $bank->updateBank($bankname, $status,"logo/".$filesname); redirecting('adminbank.php'); } else{ redirecting('adminbank.php?error=notsupportedimagefile'); } } } redirecting('adminbank.php?error=noimage'); } } require_once 'incl/global_template.php'; $theme = gettemplate('adminbankdetail'); eval("\$theme = \"$theme\";"); echo $theme; ?>