AnonSec Shell
Server IP : 149.202.105.228  /  Your IP : 216.73.216.18
Web Server : Apache
System : Linux webm129.cluster030.gra.hosting.ovh.net 5.15.167-ovh-vps-grsec-zfs-classid #1 SMP Tue Sep 17 08:14:20 UTC 2024 x86_64
User : atfycaf ( 116275)
PHP Version : 7.4.33
Disable Function : _dyuweyrj4,_dyuweyrj4r,dl
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/atfycaf/www/admin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     

Current File : /home/atfycaf/www/admin/galleryCatEdit.php
<?php
$thisCheckID	= 35;
include "globalVars.php";

include "header.php";
?>

				<h2>Update a Photo Gallery Category</h2>
<?php

if (isset($_POST["updateGalleryCat"])) {

	$catID		= cleanPost($_POST["catID"], $conn);
	$catTitle	= cleanPost($_POST["catTitle"], $conn);

	mysqli_query($conn, "UPDATE photoGalleryCats SET catTitle = '". addslashes($catTitle) ."' WHERE id = '$catID'") or die (mysqli_error($conn));

	if (isset($_POST["forComp"])) {
		$compSelected	= $_POST["compID"];
		list($compType, $compID)	= explode("|", $compSelected);
		mysqli_query($conn, "UPDATE photoGalleryCats SET tournLeague = '$compType', compID = '$compID' WHERE id = '$catID'") or die (mysqli_error($conn));
	} else {
		mysqli_query($conn, "UPDATE photoGalleryCats SET tournLeague = '0', compID = '0' WHERE id = '$catID'") or die (mysqli_error($conn));
	}

	$trackDate		= date("Y-m-d H:i:s");
	mysqli_query($conn, "INSERT INTO userActions (dateCreated, adminID, pageTracking, databaseUpdated, updateDetails) VALUES ('$trackDate', '$adminID', 'admin/galleryCatEdit.html', 'photoGalleryCats', 'The User ". addslashes($adminName) ." &lt;$adminEmail&gt; updated the ". addslashes($catTitle) ." photo gallery ID: $catID')");

	echo "<p><strong>Success!</strong> The Gallery Category $catTitle has been updated.</p>";

} elseif (isset($_POST["getGalleryCat"])) {
	$catID		= $_POST["catID"];

	$galleryCatQuery = mysqli_query($conn, "SELECT * FROM photoGalleryCats WHERE id = '$catID'");
	while ($gCQ = mysqli_fetch_array($galleryCatQuery)) {
		$catTitle		= $gCQ["catTitle"];
		$tournLeague	= $gCQ["tournLeague"];
		$compID			= $gCQ["compID"];
	}
	?>
    <form action="galleryCatEdit.html" method="post">
		<input type="hidden" name="catID" value="<?php echo $catID ?>">
		<div class="descStTab">
			<div class="pFormRow">
				<div class="pFormTitle">Category Title:</div>
				<div class="pFormInput">
					<input type="text" name="catTitle" size="50" value="<?php echo $catTitle ?>" required />
					<div class="pFormLabel">
						<label class="labelName">Category Title:</label>
					</div>
				</div>
			</div>
			<div class="pFormRow">
				<div class="pFormTitle">For a Competition?:</div>
				<div class="pFormFilterInput">
					<input type="checkbox" name="forComp" id="forComp" value="1"<?php if ($tournLeague != 0) {?> checked<?php } ?>>
					<div class="pFormLabel">
						<label class="labelName">For a Tournament?:</label>
					</div>
				</div>
			</div>
			<div class="pFormRow" id="compSelect"<?php if ($tournLeague == 0) {?> style="display:none;"<?php } ?>>
				<div class="pFormTitle">Which Competition?:</div>
				<div class="pFormSelect">
					<select name="compID" id="compID">
						<option value=""<?php if ($tournLeague == 0) {?> selected<?php } ?> disabled>Select</option>
						<optgroup label="Knockout Tournaments">
						<?php
						$knockoutSQLquery = mysqli_query($conn, "SELECT id, tournType, tournTitle, tournStartDate, tournLocation FROM knockoutConfig ORDER BY tournStartDate DESC");
						while ($kSQ = mysqli_fetch_array($knockoutSQLquery)) {
							$tournID		= $kSQ["id"];
							$tournType		= $kSQ["tournType"];
							$tournTitle		= $kSQ["tournTitle"];
							$tournStartDate	= $kSQ["tournStartDate"];
							$tStartMonth	=  date("F", strtotime($tournStartDate));
							$tStartYear		=  date("Y", strtotime($tournStartDate));
							$startDisplay	= date("jS F, Y", strtotime($tournStartDate));
							$tournLocation	= $kSQ["tournLocation"];
							if (trim($tournTitle) == "") {
								$tournTitle	= "$tournLocation $tStartMonth $tStartYear";
							}

							$tournamentIDQuery = mysqli_query($conn, "SELECT groupTitle FROM knockoutGroups WHERE id = '$tournType'");
							while ($tIQ = mysqli_fetch_array($tournamentIDQuery)) {
								$tournamentGroup	= $tIQ["groupTitle"];
							}
							?>
							<option value="1|<?php echo $tournID ?>" data-grp="<?php echo $tournamentGroup ?>"<?php if ( ($tournLeague == 1) && ($compID == $tournID) ) {?> selected<?php } ?>><?php echo "$tournTitle" ?></option>
							<?php
						}
						?>
						</optgroup>
					</select>
					<div class="pFormLabel">
						<label class="labelName">Which Competition?:</label>
					</div>
				</div>
			</div>
		</div>
		<input type="submit" class="submitButton" name="updateGalleryCat" value="Update this Category" />
	</form>
    <?php
} else {
	?>
	<div class="descTab" id="htmlSelectorTab">
	<?php
	$galleryCatsQuery = mysqli_query($conn, "SELECT * FROM photoGalleryCats ORDER BY catTitle ASC") or die (mysqli_error($conn));
	while ($gCQ = mysqli_fetch_array($galleryCatsQuery)) {
		$catID		= $gCQ["id"];
		$catTitle	= $gCQ["catTitle"];
		?>
		<div class="pFormRow">
			<div class="pFormEditTitle"><?php echo $catTitle ?></div>
			<div class="pFormEditButtons">
				<form action="galleryCatEdit.html" method="post"><input type="hidden" name="catID" value="<?php echo $catID ?>" />
					<input type="submit" class="submitButton" name="getGalleryCat" value="Edit This Category">
				</form><br />
			<?php
			if (in_array(36, $adminPriv)) {
				?>
				<form action="galleryCatDel.html" method="post"><input type="hidden" name="catID" value="<?php echo $catID ?>" />
					<input type="submit" class="deleteButton" name="getGalleryCat" value="Delete This Category">
				</form>
				<?php
			}
			?>
			</div>
		</div>
		<?php
	}
	?>
	</div>
	<?php
}
?>

<?php
include "footer.php";
?>

Anon7 - 2022
AnonSec Team