File: /home/pengthai/domains/pengthaicurry.com/public_html/admin/products/fn_save.php
<?php @session_start();
include("../include/chksession.php");
include ("../include/connect.php");
include ("../include/function.php");
include ("config.inc.php");
mysql_queryx("SET NAMES UTF8");
mysql_select_dbx($dbname, $cn);
//id
$id=$_POST['id'];
$cate_main=$_POST['cate_main'];
$cate_mainsub1=$_POST['cate_mainsub1'];
$cate_idsub1=$_POST['cate_idsub1'];
$cate_idsub2=$_POST['cate_idsub2'];
//product
$code=$_POST['code'];
$name_th=$_POST['name_th'];
$name_en=$_POST['name_en'];
$price=$_POST['price'];
$price2=$_POST['price2'];
$title_th=$_POST['title_th'];
$title_en=$_POST['title_en'];
$detail_th=$_POST['detail_th'];
$detail_en=$_POST['detail_en'];
$status_show=$_POST['status_show'];
$status=$_POST['status'];
$status2=$_POST['status2'];
$maincate=$_POST['main-cate'];
$subcate=$_POST['sub-cate'];
$subcate2=$_POST['sub-cate2'];
$vdo=$_POST["vdo"];
$vdo_en=$_POST["vdo_en"];
$date_today=$_POST["date_today"];
$data_url=$_POST["data_url"];
$cate_type=$_POST["cate_type"];
$prod_type=$_POST["prod_type"];
$maintype=$_POST["main-type"];
if(is_array($maintype))
$maintype=implode(",", $maintype);
if(is_array($maincate))
$maincate=implode(",", $maincate);
if(is_array($subcate))
$subcate=implode(",", $subcate);
if(is_array($subcate2))
$subcate2=implode(",", $subcate2);
$needcut = array("\r\n", "\n", "\r", "\'", '\"');
$detail = str_replace($needcut, "", $detail);
$price = str_replace( ",", "", $price);
$detail = str_replace("'","′",$detail);
$detail_th = str_replace("'","′",$detail_th);
$detail_en = str_replace("'","′",$detail_en);
$vdo = str_replace( " ", "", $vdo);
$name_th = str_replace("'","′",$name_th);//single coil
$name_th = str_replace('"','"',$name_th);//double coil
$name_en = str_replace("'","′",$name_en);//single coil
$name_en = str_replace('"','"',$name_en);//double coil
/*$name_th = htmlspecialchars($name_th, ENT_QUOTES , 'UTF-8');
$name_en = htmlspecialchars($name_en, ENT_QUOTES , 'UTF-8');
$prod_detail_th= addslashes($_POST['prod_detail_th']);*/
//$detail_th = str_replace($needcut, "", $detail_th);
//$detail_en = str_replace($needcut, "", $detail_en);
$detail_th = str_replace("'","′",$detail_th);//single coil
$detail_th = str_replace('"','"',$detail_th);//double coil
$detail_en = str_replace("'","′",$detail_en);//single coil
$detail_en = str_replace('"','"',$detail_en);//double coil
$capacity_th = str_replace("'","′",$_POST["capacity_th"]);
$capacity_th = str_replace('"','"',$capacity_th);
$capacity_en = str_replace("'","′",$_POST["capacity_en"]);
$capacity_en = str_replace('"','"',$capacity_en);
$color_th = str_replace("'","′",$_POST["color_th"]);
$color_th = str_replace('"','"',$color_th);
$color_en = str_replace("'","′",$_POST["color_en"]);
$color_en = str_replace('"','"',$color_en);
$size_th = str_replace("'","′",$_POST["size_th"]);
$size_th = str_replace('"','"',$size_th);
$size_en = str_replace("'","′",$_POST["size_en"]);
$size_en = str_replace('"','"',$size_en);
$weight_th = str_replace("'","′",$_POST["weight_th"]);
$weight_th = str_replace('"','"',$weight_th);
$weight_en = str_replace("'","′",$_POST["weight_en"]);
$weight_en = str_replace('"','"',$weight_en);
$logo_th = str_replace("'","′",$_POST["logo_th"]);
$logo_th = str_replace('"','"',$logo_th);
$logo_en = str_replace("'","′",$_POST["logo_en"]);
$logo_en = str_replace('"','"',$logo_en);
//cate
$cate_name=$_POST['cate_name'];
$cate_name_en=$_POST['cate_name_en'];
$main_cate=$_POST['main_cate'];
$showindex=$_POST['showindex'];
$cate_mainshowindex=$_POST['cate_mainshowindex'];//หน้าแรก
$cate_name_en = str_replace("'","′",$cate_name_en);//single coil
$cate_name_en = str_replace('"','"',$cate_name_en);//double coil
$cate_name = str_replace("'","′",$cate_name);//single coil
$cate_name = str_replace('"','"',$cate_name);//double coil
$cate_title=addslashes($_REQUEST["cate_title"]);
$cate_title_en=addslashes($_REQUEST["cate_title_en"]);
//exit();
if (empty($date_today)) {
$date_today = date("Y-m-d");
}
if(strncmp($vdo, "https:", 6) == 0 || strncmp($vdo, "http:", 5) == 0 || strncmp($vdo, "www.", 4) == 0 ){
$vdo_link = getYouTubeIdFromURL($vdo);
}else{
$vdo_link = $vdo;
}
if(strncmp($vdo_en, "https:", 6) == 0 || strncmp($vdo_en, "http:", 5) == 0 || strncmp($vdo_en, "www.", 4) == 0 ){
$vdo_link_en = getYouTubeIdFromURL($vdo_en);
}else{
$vdo_link_en = $vdo_en;
}
//PDF
$docsave = 0;
for( $x=1 ; $x < 4 ; $x++ )
{
//if($x==1){
$fileloadid = $x;
$newfile = sprintf("file_array%d", ($x));
/* }
else{
$fileloadid = $x+1;
$newfile = sprintf("file_array%d", ($x+1));
}*/
if( $_FILES[$newfile]['name'] != '' )
{
$fileidArrload[$x] = $fileloadid;
$filenameArrload[$x] = $_FILES[$newfile]['name'];
$filecontentArrload[$x] = $_FILES[$newfile]['tmp_name'];
$docsave = 1;
}
}
//PDF
$docensave = 0;
for( $x=1 ; $x < 4 ; $x++ )
{
// if($x==1){
$fileloadid = $x;
$newfile_en = sprintf("file_arrayen%d", ($x));
/*}
else{
$fileloadid = $x+1;
$newfile = sprintf("file_array%d", ($x+1));
}*/
// $newfile_en = sprintf("file_arrayen%d", ($x+1));
if( $_FILES[$newfile_en]['name'] != '' )
{
$fileidArrload_en[$x] = $fileloadid;
$filenameArrload_en[$x] = $_FILES[$newfile_en]['name'];
$filecontentArrload_en[$x] = $_FILES[$newfile_en]['tmp_name'];
$docensave = 1;
}
}
//data_type='$prod_type',
switch ($_POST['action']) {
case "add":
echo"<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />";
$sql="INSERT INTO $table_main (data_id,data_code,data_name_th,data_name_en,data_title_th,data_title_en,data_detail_th,data_detail_en,
data_main_cate,data_sub_cate,data_sub2_cate,data_status,data_status2,data_show,data_sort,data_vdo,data_vdo_en,data_date,data_url,data_type,data_capacity_th,
data_capacity_en,data_color_th,data_color_en,data_size_th,data_size_en,data_weight_th,data_weight_en,data_logo_th,data_logo_en)
value ('$id','$code','$name_th','$name_en','$title_th','$title_en','$detail_th','$detail_en',',$maincate,',',$subcate,',',$subcate2,','$status','$status2','$status_show','0','$vdo_link','$vdo_link_en','$date_today','$data_url',',$maintype,','$capacity_th',
'$capacity_en','$color_th','$color_en','$size_th','$size_en','$weight_th','$weight_en','$logo_th','$logo_en')
ON DUPLICATE KEY UPDATE
data_code='$code',
data_name_th='$name_th',
data_name_en='$name_en',
data_title_th='$title_th',
data_title_en='$title_en',
data_detail_th='$detail_th',
data_detail_en='$detail_en',
data_main_cate=',$maincate,',
data_sub_cate=',$subcate,',
data_sub2_cate=',$subcate2,',
data_status='$status',
data_status2='$status2',
data_show='$status_show',
data_vdo='$vdo_link',
data_vdo_en='$vdo_link_en',
data_url='$data_url',
data_type=',$maintype,',
data_capacity_th='$capacity_th',
data_capacity_en='$capacity_en',
data_color_th='$color_th',
data_color_en='$color_en',
data_size_th='$size_th',
data_size_en='$size_en',
data_weight_th='$weight_th',
data_weight_en='$weight_en',
data_logo_th='$logo_th',
data_logo_en='$logo_en',
data_date='$date_today' ";
if(mysql_queryx($sql) == true)
{
if($id=="")
$lastID = mysql_insert_idx();
else
$lastID =$id;
if( $docsave == 1 )
{
for( $x=1 ; $x < 4 ; $x++ )
{
$id = $fileidArrload[$x];
$file_data = "";
if($filecontentArrload[$x] != '')
{
if($x==1)
$columnName ="data_pdf";
else
$columnName ="data_pdf".$x;
// echo $columnName;
$ext = pathinfo($filenameArrload[$x], PATHINFO_EXTENSION);
$ext=strtolower($ext);
$newFileName = md5($filecontentArrload[$x].date("d-m-Y H:i:s")).'.'.$ext;
// if($ext == "pdf") //ตรวจสอบนามสกุล
if($ext == "pdf" || $ext == "doc" || $ext == "docx" || $ext == "xls" || $ext == "xlsx" | $ext == "zip" || $ext == "rar") //ตรวจสอบนามสกุล
{
if( move_uploaded_file($filecontentArrload[$x], "../../album/$folder_main/pdf/$newFileName") == TRUE )
{
$sql = "update $table_main set $columnName ='$newFileName' where data_id ='$lastID' ";
if( mysql_queryx($sql) == false )
$err = 2;
}
}
}
}
}
if( $docensave == 1 )
{
for( $x=1 ; $x < 4 ; $x++ )
{
$id = $fileidArrload_en[$x];
$file_data = "";
if($filecontentArrload_en[$x] != '')
{
if($x==1)
$columnName ="data_pdf_en";
else
$columnName ="data_pdf_en".$x;
$ext = pathinfo($filenameArrload_en[$x], PATHINFO_EXTENSION);
$ext=strtolower($ext);
$newFileName = md5($filecontentArrload_en[$x].date("d-m-Y H:i:s")).'.'.$ext;
// if($ext == "pdf") //ตรวจสอบนามสกุล
if($ext == "pdf" || $ext == "doc" || $ext == "docx" || $ext == "xls" || $ext == "xlsx" | $ext == "zip" || $ext == "rar") //ตรวจสอบนามสกุล
{
if( move_uploaded_file($filecontentArrload_en[$x], "../../album/$folder_main/pdf/$newFileName") == TRUE )
{
$sql = "update $table_main set $columnName ='$newFileName' where data_id ='$lastID' ";
if( mysql_queryx($sql) == false )
$err = 2;
}
}
}
}
}
foreach ($_FILES["add_image"]["error"] as $key => $error) {
$newfile = 'add_image';
$filename = $_FILES[$newfile]['name'][$key] ;
$filecontent = $_FILES[$newfile]['tmp_name'][$key] ;
if( $filename != '' )// ถ้ามีภาพคือ ถ้าไม่ใช่ค่าว่าง
{
/*******************/
list($width_img, $height, $type, $attr) = getimagesize($filecontent);
/*******************/
$sql="INSERT INTO $table_img (imag_id,imag_mainID,imag_sort) VALUES ('', '$lastID','0')";
if( mysql_queryx($sql) == true )
{
$new_galid = mysql_insert_idx();
$ext = pathinfo($filename, PATHINFO_EXTENSION);
$ext = strtolower($ext );
$newFileName = md5($filecontent.date("d-m-Y H:i:s")).'.'.$ext;
if( move_uploaded_file($filecontent, "../../album/$folder_main/$newFileName") == TRUE )
{
$img= "../../album/$folder_main/$newFileName";
$new_img= "../../album/$folder_main/small/$newFileName";
$new_largeimg = "../../album/$folder_main/large/$newFileName";
if($width_img>1000 )
{
$imgsmall = resize($img,$new_img,'350',$ext);
$imglarge = resize($img,$new_largeimg,'1000',$ext) ;
}
else{
if($width_img>=350){
$imgsmall = resize($img,$new_img,'350',$ext);
$imglarge = copy($img, $new_largeimg);
}
else{
$imgsmall = copy($img, $new_img);
$imglarge = copy($img, $new_largeimg);
}
}
/***********************************/
if ( $imglarge== true && $imgsmall == true)
{
$sql = "UPDATE $table_img SET imag_file ='$newFileName' WHERE imag_id ='$new_galid' ";
//if( mysql_queryx($sql) == true )
//$sql="delete from $table_img where imag_mainID ='0' ";
mysql_queryx($sql) ;
//ลบ buffer
$bufferfile = $img;
if( file_exists($bufferfile)==TRUE )
unlink($bufferfile);
$err = 0;
}
else
{
//ลบ buffer
$bufferfile = $img;
if( file_exists($bufferfile)==TRUE )
unlink($bufferfile);
}
}
}
else
$err = 3;
}
}// close $filename != "" ไม่เท่ากับค่า null
echo "<script language='javascript'>alert('บันทึกลงฐานข้อมูลสำเร็จ');</script> <meta http-equiv=\"refresh\" content=\"0;URL=index.php?id=$lastID\" />";
}
break;
case "del-image":
$file=$_POST['file'];
$sql="delete from $table_img where imag_id ='$id'";
if( mysql_queryx($sql) == true )
{
$bufferfile = "../../album/$folder_main/small/".$file;
if( file_exists($bufferfile)==TRUE )
unlink($bufferfile);
$bufferfile = "../../album/$folder_main/large/".$file;
if( file_exists($bufferfile)==TRUE )
unlink($bufferfile);
}
die(msg("1","ลบรูปภาพสำเร็จค่ะ"));
break;
case "del-pdf":
$column=$_POST['column'];
$file=$_POST['file'];
/* if ($lang=='en') {
$sql="update $table_main set data_pdf_en ='' where data_id ='$id' ";
} else {*/
$sql="update $table_main set $column ='' where data_id ='$id' ";
// }
if( mysql_queryx($sql) == true )
{
$bufferfile = "../../album/$folder_main/pdf/".$file;
if( file_exists($bufferfile)==TRUE )
unlink($bufferfile);
}
die(msg("1","ลบไฟล์ PDF สำเร็จ"));
break;
case "del-img-list":
$delall = $_POST["del"];
$delid = explode(",", $delall);
$x = 0;
while( $delid[$x] != "" )
{
$sqlfind = "SELECT * FROM $table_img WHERE imag_id ='$delid[$x]'";
$resfind = mysql_queryx($sqlfind);
while($resfind && $rfind=mysql_fetch_arrayx($resfind))
{
$delfile = "../../album/$folder_main/small/$rfind[imag_file]";
if( file_exists($delfile)==true && $rfind[imag_file] !="")
unlink($delfile);
$delfile = "../../album/$folder_main/large/$rfind[imag_file]";
if( file_exists($delfile)==true && $rfind[imag_file] !="")
unlink($delfile);
$sql="delete from $table_img where imag_id ='$delid[$x]'";
if( mysql_queryx($sql) == false )
die(msg("2","เกิดความผิดพลาดบางประการเกี่ยวกับการบันทึกลงฐานข้อมูล"));
}
$x++;
}
die(msg("1","ลบรายการรูปภาพสินค้าสำเร็จ"));
break;
/*////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////*/
case "add-cate":
echo"<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />";
$sql="INSERT INTO $table_cate (cate_id,cate_name,cate_name_en,cate_sort,cate_main,cate_show,cate_mainshowindex,cate_type,cate_title,cate_title_en) VALUE ('$id','$cate_name','$cate_name_en','0','$main_cate','$showindex','$cate_mainshowindex' ,'$cate_type','$cate_title','$cate_title_en')
ON DUPLICATE KEY UPDATE cate_name='$cate_name', cate_name_en='$cate_name_en', cate_main='$main_cate' ,cate_show='$showindex' ,cate_mainshowindex='$cate_mainshowindex' ,cate_type='$cate_type',cate_title='$cate_title' ,cate_title_en='$cate_title_en'";
if(mysql_queryx($sql) == true){
if($id=="")
$lastID = mysql_insert_idx();
else
$lastID =$id;
foreach ($_FILES["add_image"]["error"] as $key => $error) {
$newfile = 'add_image';
$filename = $_FILES[$newfile]['name'][$key] ;
$filecontent = $_FILES[$newfile]['tmp_name'][$key] ;
if($filename != '' )// ถ้ามีภาพคือ ถ้าไม่ใช่ค่าว่าง
{
$ext = pathinfo($filename, PATHINFO_EXTENSION);
$ext = strtolower($ext );
$newFileName = md5($filecontent.date("d-m-Y H:i:s")).'.'.$ext;
/*******************/
list($width_img, $height, $type, $attr) = getimagesize($filecontent);
/*******************/
if( move_uploaded_file($filecontent, "../../album/$newFileName") == TRUE )
{
/////////////////////
$sqlfind = "SELECT * FROM $table_cate WHERE cate_id ='$lastID' ";
$resfind = mysql_queryx($sqlfind);
$rfind=mysql_fetch_arrayx($resfind);
//echo $a = mysql_num_rowsx($resfind);
$cate_id= $rfind['cate_id'];
if( mysql_queryx($sqlfind) == true )
{
$delfile = "../../album/category/$rfind[cate_images]";
if( file_exists($delfile)==true && $rfind[cate_images] != '')
unlink($delfile);
}
///////////////////////
// exit();
$img= "../../album/$newFileName";
$new_img= "../../album/category/$newFileName";
if($width_img>600 )
{
$imglarge = resize($img,$new_img,'600',$ext) ;
}
else{
$imglarge = copy($img, $new_img);
}
if($imglarge== true)
{
$sql = "UPDATE $table_cate SET cate_images ='$newFileName' WHERE cate_id ='$lastID' ";
if(mysql_queryx($sql) == true )
//ลบ buffer
$bufferfile = $img;
if( file_exists($bufferfile)==TRUE )
unlink($bufferfile);
$err = 0;
}else{
//ลบ buffer
$bufferfile = $img;
if( file_exists($bufferfile)==TRUE )
unlink($bufferfile);
}
}
}
}// close $filename != "" ไม่เท่ากับค่า null
echo "<script language='javascript'>alert('บันทึกลงฐานข้อมูลสำเร็จ');</script> <meta http-equiv=\"refresh\" content=\"0;URL=category.php\" />";
}else{
echo "<script language='javascript'>alert('เกิดความผิดพลาดบางประการเกี่ยวกับการบันทึกลงฐานข้อมูล #$err'); javascript:history.back();</script>";
}
break;
/*////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////*/
case "add-cate-sub":
echo"<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />";
$sql="INSERT INTO $table_cate (cate_id,cate_name,cate_name_en,cate_sort,cate_main,cate_show,cate_type) VALUE ('$id','$cate_name','$cate_name_en','0','$main_cate','$showindex' ,'$cate_type')
ON DUPLICATE KEY UPDATE cate_name='$cate_name', cate_name_en='$cate_name_en', cate_main='$main_cate' ,cate_show='$showindex' ,cate_type='$cate_type' ";
//exit();
if(mysql_queryx($sql) == true)
{
if($id=="")
$lastID = mysql_insert_idx();
else
$lastID =$id;
foreach ($_FILES["add_image"]["error"] as $key => $error) {
$newfile = 'add_image';
$filename = $_FILES[$newfile]['name'][$key] ;
$filecontent = $_FILES[$newfile]['tmp_name'][$key] ;
//echo $filename; exit();
if($filename != '' )// ถ้ามีภาพคือ ถ้าไม่ใช่ค่าว่าง
{
$ext = pathinfo($filename, PATHINFO_EXTENSION);
$ext = strtolower($ext );
$newFileName = md5($filecontent.date("d-m-Y H:i:s")).'.'.$ext;
/*******************/
list($width_img, $height, $type, $attr) = getimagesize($filecontent);
/*******************/
if( move_uploaded_file($filecontent, "../../album/$newFileName") == TRUE )
{
/////////////////////
$sqlfind = "SELECT * FROM $table_cate WHERE cate_id ='$lastID' ";
$resfind = mysql_queryx($sqlfind);
$rfind=mysql_fetch_arrayx($resfind);
//echo $a = mysql_num_rowsx($resfind);
$cate_id= $rfind['cate_id'];
if( mysql_queryx($sqlfind) == true )
{
$delfile = "../../album/category/$rfind[cate_images]";
if( file_exists($delfile)==true && $rfind[cate_images] != '')
unlink($delfile);
/*
$delfile2 = "../../album/category/$rfind[cate_images]";
if( file_exists($delfile2)==true && $rfind[cate_images] != '')
unlink($delfile2);*/
}
///////////////////////
$img= "../../album/$newFileName";
$new_img= "../../album/category/$newFileName";
// $new_largeimg = "../../album/category/large/$newFileName";
//$imgsmall = resize($img,$new_img,'130',$ext);
//$imglarge = resize($img,$new_largeimg,'300',$ext) ;
if($width_img>600 )
{
$imglarge = resize($img,$new_img,'600',$ext) ;
}
else{
$imglarge = copy($img, $new_img);
}
if( $imglarge == true)
{
$sql = "UPDATE $table_cate SET cate_images ='$newFileName' WHERE cate_id ='$lastID' ";
if(mysql_queryx($sql) == true )
//ลบ buffer
$bufferfile = $img;
if( file_exists($bufferfile)==TRUE )
unlink($bufferfile);
$err = 0;
}else{
//ลบ buffer
$bufferfile = $img;
if( file_exists($bufferfile)==TRUE )
unlink($bufferfile);
}
}
}
}
echo "<script language='javascript'>alert('บันทึกลงฐานข้อมูลสำเร็จ');</script> <meta http-equiv=\"refresh\" content=\"0;URL=category_sub.php?id=$main_cate&idItem=$lastID\" />";
} // else if inseart cate
else
echo "<script language='javascript'>alert('เกิดความผิดพลาดบางประการเกี่ยวกับการบันทึกลงฐานข้อมูล #$err'); javascript:history.back();</script>";
break;
/**************************************/
/* case "add-cate-sub2":
echo"<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />";
$sql="INSERT INTO $table_cate (cate_id,cate_name,cate_sort,cate_main,cate_mainsub1) VALUE ('$cate_idsub2','$cate_name','0','$id','$cate_idsub1') ON DUPLICATE KEY UPDATE
cate_name='$cate_name', cate_main='$id', cate_mainsub1='$cate_idsub1' ";
if(mysql_queryx($sql) == true)
{
if($cate_idsub2=="")
$lastID = mysql_insert_idx();
else
$lastID =$cate_idsub2;
echo "<script language='javascript'>alert('บันทึกลงฐานข้อมูลสำเร็จ');</script> <meta http-equiv=\"refresh\" content=\"0;URL=category_sub_2.php?id=$id&cate_idsub1=$cate_idsub1&cate_idsub2=$lastID\" />";
} // else if inseart cate
else
echo "<script language='javascript'>alert('เกิดความผิดพลาดบางประการเกี่ยวกับการบันทึกลงฐานข้อมูล #$err'); javascript:history.back();</script>";
break;*/
case "add-cate-sub2":
echo"<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />";
$sql="INSERT INTO $table_cate (cate_id,cate_name,cate_name_en,cate_sort,cate_main,cate_show,cate_mainsub1) VALUE ('$id','$cate_name' ,'$cate_name_en','0','$main_cate' ,'$status' ,'$cate_mainsub1' ) ON DUPLICATE KEY UPDATE
cate_name='$cate_name', cate_name_en='$cate_name_en',cate_main='$main_cate' ,cate_show='$status' ,cate_mainsub1='$cate_mainsub1' ";
//exit();
if(mysql_queryx($sql) == true)
{
if($cate_idsub1=="")
$lastID = mysql_insert_idx();
else
$lastID =$cate_idsub1;
foreach ($_FILES["add_image"]["error"] as $key => $error) {
$newfile = 'add_image';
$filename = $_FILES[$newfile]['name'][$key] ;
$filecontent = $_FILES[$newfile]['tmp_name'][$key] ;
//echo $filename; exit();
if($filename != '' )// ถ้ามีภาพคือ ถ้าไม่ใช่ค่าว่าง
{
$ext = pathinfo($filename, PATHINFO_EXTENSION);
$ext = strtolower($ext );
$newFileName = md5($filecontent.date("d-m-Y H:i:s")).'.'.$ext;
if( move_uploaded_file($filecontent, "../../album/$newFileName") == TRUE )
{
/////////////////////
$sqlfind = "SELECT * FROM $table_cate WHERE cate_id ='$lastID' ";
$resfind = mysql_queryx($sqlfind);
$rfind=mysql_fetch_arrayx($resfind);
//echo $a = mysql_num_rowsx($resfind);
$cate_id= $rfind['cate_id'];
if( mysql_queryx($sqlfind) == true )
{
$delfile = "../../album/category/$rfind[cate_images]";
if( file_exists($delfile)==true && $rfind[cate_images] != '')
unlink($delfile);
/*$delfile2 = "../../album/category/$rfind[cate_images]";
if( file_exists($delfile2)==true && $rfind[cate_images] != '')
unlink($delfile2);*/
}
///////////////////////
$img= "../../album/$newFileName";
$new_img= "../../album/category/$newFileName";
/// $new_largeimg = "../../album/category/$newFileName";
if($width_img>600 )
{
$imglarge = resize($img,$new_img,'600',$ext) ;
}
else{
$imglarge = copy($img, $new_img);
}
if($imglarge== true )
{
$sql = "UPDATE $table_cate SET cate_images ='$newFileName' WHERE cate_id ='$lastID' ";
if(mysql_queryx($sql) == true )
//ลบ buffer
$bufferfile = $img;
if( file_exists($bufferfile)==TRUE )
unlink($bufferfile);
$err = 0;
}else{
//ลบ buffer
$bufferfile = $img;
if( file_exists($bufferfile)==TRUE )
unlink($bufferfile);
}
}
}
}
echo "<script language='javascript'>alert('บันทึกลงฐานข้อมูลเรียบร้อยแล้วค่ะ');</script> <meta http-equiv=\"refresh\" content=\"0;URL=category_sub-2.php?id=$cate_mainsub1\" />";
} // else if inseart cate //&idItem=$lastID
else
echo "<script language='javascript'>alert('เกิดความผิดพลาดบางประการเกี่ยวกับการบันทึกลงฐานข้อมูล #$err'); javascript:history.back();</script>";
break;
/**************************************/
case "edit-cate":
$sort=$_POST['no'];
$name=$_POST['name'];
$sql="UPDATE $table_cate
SET cate_sort='$sort'
WHERE cate_id=$id ";
if( mysql_queryx($sql) == true )
die(msg("1","บันทึกลงฐานข้อมูลสำเร็จ"));
break;
case "del-cate":
$delall = $_POST["del"];
$delid = explode(",", $delall);
$x = 0;
while( $delid[$x] != "" )
{
// if($delid[$x]=='1'||$delid[$x]=='2'||$delid[$x]=='3'||$delid[$x]=='4')
// {
// die(msg("1","หมวดหมู่นี้ไม่สามารถลบได้"));
// }
$sql ="SELECT * FROM $table_cate WHERE cate_id ='$delid[$x]' OR cate_main ='$delid[$x]' ";
$resfind = mysql_queryx($sql);
$rfind=mysql_fetch_arrayx($resfind);
$cate_images= $rfind['cate_cate_images'];
if( mysql_queryx($sql) == true )
{
$delfile = "../../album/category/$rfind[cate_images]";
if( file_exists($delfile)==true && $rfind[cate_images] != '' )
unlink($delfile);
/*$delfile2 = "../../album/category/small/$rfind[cate_images]";
if( file_exists($delfile2)==true && $rfind[cate_images] != '' )
unlink($delfile2 );*/
$err = 0;
}
$sql="DELETE FROM $table_cate WHERE cate_id ='$delid[$x]' OR cate_main ='$delid[$x]' ";
if( mysql_queryx($sql) == false )
die(msg("2","เกิดความผิดพลาดบางประการเกี่ยวกับการบันทึกลงฐานข้อมูล"));
$x++;
}
die(msg("1","ลบหมวดหมู่สำเร็จค่ะ"));
break;
case "del-cate-image":
$sql="SELECT * FROM $table_cate WHERE cate_id ='$id' ";
$result = mysql_queryx($sql);
while($result && $r=mysql_fetch_arrayx($result))
{
$cate_images=$r['cate_images'];
$bufferfile = "../../album/category/".$cate_images;
if( file_exists($bufferfile)==TRUE )
unlink($bufferfile);
/*$bufferfile = "../../album/category/large/".$cate_images;
if( file_exists($bufferfile)==TRUE )
unlink($bufferfile);*/
}
$sql = "UPDATE $table_cate SET cate_images = '' WHERE cate_id ='$id'";
if( mysql_queryx($sql) == true)
die(msg("1","ลบรูปภาพสำเร็จค่ะ"));
break;
/********************************************/
case "del-catesub1":
$delall = $_POST["del"];
$delid = explode(",", $delall);
$x = 0;
while( $delid[$x] != "" )
{
/******************************************/
$sql="SELECT * FROM $table_cate WHERE cate_id ='$delid[$x]' ";
$result = mysql_queryx($sql);
$result && $r=mysql_fetch_arrayx($result);
$cate_images=$r['cate_images'];
if(!empty($cate_images))
{
$bufferfile = "../../album/category/".$cate_images;
if( file_exists($bufferfile)==TRUE )
unlink($bufferfile);
/* $bufferfile = "../../album/category/large/".$cate_images;
if( file_exists($bufferfile)==TRUE )
unlink($bufferfile);*/
}
$sql="DELETE FROM $table_cate WHERE cate_id ='$delid[$x]'";
if( mysql_queryx($sql) == false )
die(msg("2","เกิดความผิดพลาดบางประการเกี่ยวกับการบันทึกลงฐานข้อมูล"));
$x++;
}
die(msg("1","ลบหมวดหมู่สำเร็จค่ะ"));
break;
/******************************************/
case "del-catesub1-image":
$sql="SELECT * FROM $table_cate WHERE cate_id ='$id' ";
$result = mysql_queryx($sql);
while($result && $r=mysql_fetch_arrayx($result))
{
$cate_images=$r['cate_images'];
$bufferfile = "../../album/category/".$cate_images;
if( file_exists($bufferfile)==TRUE )
unlink($bufferfile);
/*$bufferfile = "../../album/category/large/".$cate_images;
if( file_exists($bufferfile)==TRUE )
unlink($bufferfile);*/
}
$sql = "UPDATE $table_cate SET cate_images = '' WHERE cate_id ='$id'";
if( mysql_queryx($sql) == true)
die(msg("1","ลบรูปภาพสำเร็จค่ะ"));
break;
case "del-list":
$delall = $_POST["del"];
$delid = explode(",", $delall);
$x = 0;
while( $delid[$x] != "" )
{
$sqlfind = "SELECT * FROM $table_img WHERE imag_mainID ='$delid[$x]'";
$resfind = mysql_queryx($sqlfind);
while($resfind && $rfind=mysql_fetch_arrayx($resfind))
{
$delfile = "../../album/$folder_main/small/$rfind[imag_file]";
if( file_exists($delfile)==true && $rfind[imag_file] !="")
unlink($delfile);
$delfile = "../../album/$folder_main/large/$rfind[imag_file]";
if( file_exists($delfile)==true && $rfind[imag_file] !="")
unlink($delfile);
$sql="delete from $table_img where imag_mainID ='$delid[$x]'";
if( mysql_queryx($sql) == false )
die(msg("2","เกิดความผิดพลาดบางประการเกี่ยวกับการบันทึกลงฐานข้อมูล"));
}
$sqlfind = "SELECT * FROM $table_main WHERE data_id ='$delid[$x]' ";
$resfind = mysql_queryx($sqlfind);
while($resfind && $rfind=mysql_fetch_arrayx($resfind))
{
$delfile = "../../album/$folder_main/pdf/$rfind[data_pdf]";
if( file_exists($delfile)==true && $rfind[data_pdf] !="")
unlink($delfile);
$delfile = "../../album/$folder_main/pdf/$rfind[data_pdf2]";
if( file_exists($delfile)==true && $rfind[data_pdf2] !="")
unlink($delfile);
$delfile = "../../album/$folder_main/pdf/$rfind[data_pdf3]";
if( file_exists($delfile)==true && $rfind[data_pdf3] !="")
unlink($delfile);
$delfile = "../../album/$folder_main/pdf/$rfind[data_pdf_en]";
if( file_exists($delfile)==true && $rfind[data_pdf_en] !="")
unlink($delfile);
$delfile = "../../album/$folder_main/pdf/$rfind[data_pdf_en2]";
if( file_exists($delfile)==true && $rfind[data_pdf_en2] !="")
unlink($delfile);
$delfile = "../../album/$folder_main/pdf/$rfind[data_pdf_en3]";
if( file_exists($delfile)==true && $rfind[data_pdf_en3] !="")
unlink($delfile);
}
$sql="delete from $table_accessories where data_mainID ='$delid[$x]' OR data_IdItem ='$delid[$x]' ";
if( mysql_queryx($sql) == false )
die(msg("2","เกิดความผิดพลาดบางประการเกี่ยวกับการบันทึกลงฐานข้อมูล"));
$sql="delete from $table_main where data_id ='$delid[$x]'";
//exit();
if( mysql_queryx($sql) == false )
die(msg("2","เกิดความผิดพลาดบางประการเกี่ยวกับการบันทึกลงฐานข้อมูล"));
$x++;
}
die(msg("1","ลบรายการสินค้าสำเร็จค่ะ"));
break;
/******************************************/
case "save-show":
$show = $_POST[value];
$column = $_POST[column];
$sql = "UPDATE $table_cate SET $column ='$show' WHERE cate_id ='$id'";
if( mysql_queryx($sql) == true)
die(msg("1","บันทึกลงฐานข้อมูลสำเร็จ"));
break;
/******************************************/
case "save-list":
$save=$_POST["save"];
$save = urldecode($save);
$rec = explode("||", $save);
$i = 0;
while( $rec[$i] )
{
$each = $rec[$i];
$arr = explode(";;", $each);
$sql = "UPDATE $table_main SET ";
$sql .= " data_sort='$arr[1]',";
$sql .= " data_show='$arr[3]',";
$sql .= " data_status='$arr[2]'"; //สุดท้าย
$sql .= " where data_id ='$arr[0]' ";
if( mysql_queryx($sql) == false )
die(msg("2","เกิดความผิดพลาดบางประการเกี่ยวกับการบันทึกลงฐานข้อมูล"));
$i++;
}
die(msg("1","บันทึกลงฐานข้อมูลสำเร็จ"));
break;
case "move":
$data=$_POST["data"];
$err = 0;
$i = 0;
$rec_arr = explode("||",$data);
$count =0;
while($rec_arr[$count]){
$arr = explode(",",$rec_arr[$count]);
$sql = "update $table_img set";
$sql .= " imag_sort='$arr[1]' WHERE imag_id = '$arr[0]' ";
if( mysql_queryx($sql) == false )
$err = 1;
$count ++;
}
break;
case "add-descript":
$id=$_POST['id'];
$id_img=$_POST["id"];
$imag_name=$_POST["name"];
$imag_name_en=$_POST["name_en"];
$sql="UPDATE $table_img
SET imag_name='$imag_name'
, imag_name_en='$imag_name_en'
WHERE imag_id=$id_img ";
//exit();
if( mysql_queryx($sql) == true )
die(msg("1","บันทึกลงฐานข้อมูลสำเร็จ"));
break;
case "del-banner":
$delfile = "../../album/banner/".$config->CONFIX['CONFIX_NAME_CONTACT'];
if(file_exists($delfile)==true)
unlink($delfile);
$sql = "UPDATE tb_config SET conf_value ='' WHERE conf_name ='CONFIX_NAME_CONTACT' ";
if(mysql_queryx($sql) == false ){
die(msg("2","เกิดความผิดพลาดบางประการเกี่ยวกับการบันทึกลงฐานข้อมูล"));
}else{
die(msg("1","ลบรายการสำเร็จค่ะ"));
}
break;
case "del-banner-en":
$delfile = "../../album/banner/".$config->CONFIX['CONFIX_NAME_CONTACT_EN'];
if(file_exists($delfile)==true)
unlink($delfile);
$sql = "UPDATE tb_config SET conf_value ='' WHERE conf_name ='CONFIX_NAME_CONTACT_EN' ";
if(mysql_queryx($sql) == false ){
die(msg("2","เกิดความผิดพลาดบางประการเกี่ยวกับการบันทึกลงฐานข้อมูล"));
}else{
die(msg("1","ลบรายการสำเร็จค่ะ"));
}
break;
case "add-intro":
echo"<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />";
$intro_th=$_POST['intro_th'];
$intro_th = str_replace("'","′",$intro_th);//single coil
$arr = array(
"CONFIX_DETAIL_1" => $intro_th,
);
$err =1;
foreach ($arr as $key => $value ) {
$sql = "UPDATE tb_config SET conf_value = '$value' WHERE conf_name='$key' " ;
if(mysql_queryx($sql) == false)
$err = 2;
}
foreach ($_FILES["add_image"]["error"] as $key => $error) {
$newfile = 'add_image';
$filename = $_FILES[$newfile]['name'][$key] ;
$filecontent = $_FILES[$newfile]['tmp_name'][$key] ;
if($filename != '' ){
$ext = pathinfo($filename, PATHINFO_EXTENSION);
$ext = strtolower($ext );
$newFileName = md5($filecontent.date("d-m-Y H:i:s")).'.'.$ext;
if(move_uploaded_file($filecontent, "../../album/banner/$newFileName") == TRUE){
$img= "../../album/banner/$newFileName";
if($img== true ){
$sql = "UPDATE tb_config SET conf_value ='$newFileName' WHERE conf_name ='CONFIX_NAME_CONTACT' ";
if(mysql_queryx($sql) == true)
$err = 0;
}
}
}
}
foreach ($_FILES["add_image2"]["error"] as $key => $error) {
$newfile = 'add_image2';
$filename = $_FILES[$newfile]['name'][$key] ;
$filecontent = $_FILES[$newfile]['tmp_name'][$key] ;
if($filename != '' ){
$ext = pathinfo($filename, PATHINFO_EXTENSION);
$ext = strtolower($ext );
$newFileName = md5($filecontent.date("d-m-Y H:i:s")).'.'.$ext;
if(move_uploaded_file($filecontent, "../../album/banner/$newFileName") == TRUE){
$img= "../../album/banner/$newFileName";
if($img== true ){
$sql = "UPDATE tb_config SET conf_value ='$newFileName' WHERE conf_name ='CONFIX_NAME_CONTACT_EN' ";
if(mysql_queryx($sql) == true)
$err = 0;
}
}
}
}
die(msg($err,"บันทึกสำเร็จ",'notAjax'));
break;
case "addTitle":
echo"<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />";
$sql="INSERT INTO $table_main_title
(
data_id,
data_name_th,
data_name_en,
data_title_th,
data_title_en,
data_detail_th,
data_detail_en,
data_status,
data_show,
data_date,
lastedit_adm,
lasttime_adm
)
value (
'$id','
$name_th',
'$name_en',
'$title_th',
'$title_en',
'$detail_th',
'$detail_en',
'$status',
'$status_show',
'$date_today','
$ID_admin_edit',
'$date_admin_edit'
) ON DUPLICATE KEY UPDATE
data_name_th='$name_th',
data_name_en='$name_en',
data_title_th='$title_th',
data_title_en='$title_en',
data_detail_th='$detail_th',
data_detail_en='$detail_en',
data_status='$status',
data_date='$date_today' ,
lastedit_adm='$ID_admin_edit',
lasttime_adm='$date_admin_edit' ";
if(mysql_queryx($sql) == true)
{
if($id=="")
$lastID = mysql_insert_idx();
else
$lastID =$id;
/**************PIC*******************/
foreach ($_FILES["add_image"]["error"] as $key => $error) {
$newfile = 'add_image';
$filename = $_FILES[$newfile]['name'][$key] ;
$filecontent = $_FILES[$newfile]['tmp_name'][$key] ;
if( $filename != '' )// ถ้ามีภาพคือ ถ้าไม่ใช่ค่าว่าง
{
/*******************/
list($width_img, $height, $type, $attr) = getimagesize($filecontent);
/*******************/
$sql="INSERT INTO $table_img_title (imag_id,imag_mainID,imag_sort) VALUES ('', '$lastID','0')";
if( mysql_queryx($sql) == true )
{
$new_galid = mysql_insert_idx();
$ext = pathinfo($filename, PATHINFO_EXTENSION);
$file_name = pathinfo($filename);
$file_name_notype =$file_name[filename]; // ชื่ออย่างเดียว ไม่มี .ไฟล์
$datetoday = date("d-m-Y H:i:s");
$cut_specialsign= array("-",' ',':', "\n", "(", ")");
$special_sign = str_replace($cut_specialsign, '', $datetoday);
$ext = strtolower($ext);
//$newFileName = $special_sign.'-'.$file_name_notype.'.'.$ext;
$newFileName = md5($filecontent.date("d-m-Y H:i:s")).'.'.$ext;
if( move_uploaded_file($filecontent, "../../album/$folder_main/$newFileName") == TRUE )
{
$img= "../../album/$folder_main/$newFileName";
$new_img= "../../album/$folder_main/small/$newFileName";
$new_largeimg = "../../album/$folder_main/large/$newFileName";
if($width_img>1000 )
{
$imgsmall = resize($img,$new_img,'300',$ext);
$imglarge = resize($img,$new_largeimg,'1000',$ext) ;
}
else{
if($width_img>=300){
$imgsmall = resize($img,$new_img,'300',$ext);
$imglarge = copy($img, $new_largeimg);
}
else{
$imgsmall = copy($img, $new_img);
$imglarge = copy($img, $new_largeimg);
}
}
if ( $imglarge== true && $imgsmall == true)
{
$sql = "UPDATE $table_img_title SET imag_file ='$newFileName' WHERE imag_id ='$new_galid' ";
//if( mysql_queryx($sql) == true )
//$sql="delete from $table_img_title where imag_mainID ='0' ";
mysql_queryx($sql) ;
//ลบ buffer
$bufferfile = $img;
if( file_exists($bufferfile)==TRUE )
unlink($bufferfile);
$err = 0;
}
else
{
//ลบ buffer
$bufferfile = $img;
if( file_exists($bufferfile)==TRUE )
unlink($bufferfile);
}
}
}
else
$err = 3;
}
}// close $filename != "" ไม่เท่ากับค่า null
/*************END PIC********************/
echo "<script language='javascript'>alert('บันทึกลงฐานข้อมูลสำเร็จ');</script> <meta http-equiv=\"refresh\" content=\"0;URL=text.php?id=$lastID\" />";
}
else
echo "<script language='javascript'>alert('เกิดความผิดพลาดบางประการเกี่ยวกับการบันทึกลงฐานข้อมูล');</script> <meta http-equiv=\"refresh\" content=\"0;URL=text.php\" />";
break;
case "add-acces":
$main =$_POST['main'];
$Idacc =$_POST['Idacc'];
/*$sqlacc="SELECT * FROM $table_accessories
WHERE data_mainID='$main' AND data_IdItem='$id'
ORDER BY data_id DESC ";
$resultacc =mysql_queryx($sqlacc);
$Numacc=mysql_num_rowsx($resultacc); //มี accessories อยู่แล้ว*/
$sql="INSERT INTO $table_accessories
(data_id,data_mainID,data_IdItem)
VALUE
('$Idacc','$main','$id')
ON DUPLICATE KEY UPDATE
data_mainID='$main', data_IdItem='$id' ";
if( mysql_queryx($sql) == true )
{
$sql="INSERT INTO $table_accessories
(data_id,data_mainID,data_IdItem)
VALUE
('$Idacc','$id','$main')
ON DUPLICATE KEY UPDATE
data_mainID='$id', data_IdItem='$main' ";
if( mysql_queryx($sql) == true )
{
die(msg("1","บันทึกลงฐานข้อมูลสำเร็จ"));
}
}
else
die(msg("2","พบข้อผิดพลาด"));
break;
case "del-acces":
$main =$_POST['main'];
$Idacc =$_POST['Idacc'];
/******************************************/
$sql="DELETE FROM $table_accessories WHERE data_id ='$Idacc' ";
if( mysql_queryx($sql) == true ){
$sql="DELETE FROM $table_accessories WHERE data_IdItem ='$main' AND data_mainID ='$id' ";
if( mysql_queryx($sql) == true )
die(msg("1","บันทึกลงฐานข้อมูลสำเร็จ"));
}
else
die(msg("1","พบข้อผิดพลาด"));
break;
/*////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////*/
case "add-type":
echo"<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />";
$sql="INSERT INTO tb_products_type (cate_id,cate_name,cate_name_en,cate_sort,cate_main,cate_show,cate_mainshowindex,cate_type,cate_title,cate_title_en)
VALUE ('$id','$cate_name','$cate_name_en','0','$main_cate','$showindex','$cate_mainshowindex' ,'$cate_type','$cate_title','$cate_title_en')
ON DUPLICATE KEY UPDATE
cate_name='$cate_name',
cate_name_en='$cate_name_en',
cate_main='$main_cate',
cate_show='$showindex',
cate_mainshowindex='$cate_mainshowindex',
cate_type='$cate_type',
cate_title='$cate_title',
cate_title_en='$cate_title_en'
";
if(mysql_queryx($sql) == true){
if($id==""){
$lastID = mysql_insert_idx();
}else{
$lastID =$id;
}
echo "<script language='javascript'>alert('บันทึกลงฐานข้อมูลสำเร็จ');</script> <meta http-equiv=\"refresh\" content=\"0;URL=type.php\" />";
}else{
echo "<script language='javascript'>alert('เกิดความผิดพลาดบางประการเกี่ยวกับการบันทึกลงฐานข้อมูล #$err'); javascript:history.back();</script>";
}
break;
case "edit-type":
$sort=$_POST['no'];
$name=$_POST['name'];
$sql="UPDATE tb_products_type
SET cate_sort='$sort'
WHERE cate_id=$id ";
if( mysql_queryx($sql) == true )
die(msg("1","บันทึกลงฐานข้อมูลสำเร็จ"));
break;
case "del-type":
$delall = $_POST["del"];
$delid = explode(",", $delall);
$x = 0;
while( $delid[$x] != "" ){
/*$sql ="SELECT * FROM tb_products_type WHERE cate_id ='$delid[$x]' OR cate_main ='$delid[$x]' ";
$resfind = mysql_queryx($sql);
$rfind=mysql_fetch_arrayx($resfind);
$cate_images= $rfind['cate_cate_images'];
if( mysql_queryx($sql) == true ){
$delfile = "../../album/category/$rfind[cate_images]";
if( file_exists($delfile)==true && $rfind[cate_images] != '' )
unlink($delfile);
$err = 0;
}*/
$sql="DELETE FROM tb_products_type WHERE cate_id ='$delid[$x]' OR cate_main ='$delid[$x]' ";
if( mysql_queryx($sql) == false )
die(msg("2","เกิดความผิดพลาดบางประการเกี่ยวกับการบันทึกลงฐานข้อมูล"));
$x++;
}
die(msg("1","ลบหมวดหมู่สำเร็จค่ะ"));
break;
/*////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////*/
}
mysql_closex($cn);
?>