관리-도구

편집 파일: functions.php

<?php

require_once 'config.php';
require_once '../../includes/function_general.php';

// Game Adding, Deleting And Updating Action

if (isset($_POST['upload_game'])) {
    $game_name = mysqli_real_escape_string($con, $_POST['game_name']);
    $game_desc = mysqli_real_escape_string($con, $_POST['game_description']);
    $game_frame_url = mysqli_real_escape_string($con, $_POST['game_frame_url']);
    $game_status = mysqli_real_escape_string($con, $_POST['game_status']);
    $game_category = mysqli_real_escape_string($con, $_POST['game_category']);

if (isset($_FILES['game_image'])) {
        if ($_FILES['game_image']['error'] == 0) {
            $file_name = rand(111111111, 999999999) . $_FILES['game_image']['name'];
            if (move_uploaded_file($_FILES['game_image']['tmp_name'], "../../static/uploads/" . $file_name)); {
                $game_image_url = $site_url . 'static/uploads/' . $file_name;
            }
        } else {
            $game_image_url = mysqli_real_escape_string($con, $_POST['game_image_url']);
        }
    } else {

$game_image_url = mysqli_real_escape_string($con, $_POST['game_image_url']);
    }

$sql = "INSERT INTO `zon_games`(`game_name`, `game_description`, `game_image_url`, `game_url`, `game_published`, `game_category`) VALUES ('$game_name','$game_desc','$game_image_url','$game_frame_url', '$game_status', '$game_category')";

if (mysqli_query($con, $sql)) {
        @header("location: ../games.php");
    }
}

if (isset($_POST['update_game'])) {
    $game_id = mysqli_real_escape_string($con, $_POST['game_id']);
    $game_name = mysqli_real_escape_string($con, $_POST['game_name']);
    $game_desc = mysqli_real_escape_string($con, $_POST['game_description']);
    $game_frame_url = mysqli_real_escape_string($con, $_POST['game_frame_url']);
    $game_status = mysqli_real_escape_string($con, $_POST['game_status']);
    $game_category = mysqli_real_escape_string($con, $_POST['game_category']);

$game_image_url = mysqli_real_escape_string($con, $_POST['game_image_url']);
    }

$sql = "UPDATE `zon_games` SET `game_name`='$game_name', `game_description`='$game_desc', `game_image_url`='$game_image_url', `game_url`='$game_frame_url', `game_published`='$game_status', `game_category`='$game_category' WHERE id=$game_id";

if (mysqli_query($con, $sql)) {
        @header("location: ../games.php");
    }
}

if (isset($_POST['add_category'])) {

$category_name = mysqli_real_escape_string($con, $_POST['game_category']);
    $category_slug = mysqli_real_escape_string($con, $_POST['game_category_slug']);

if (mysqli_query($con, "insert into zon_category (`name`, `slug`) values ('$category_name' , '$category_slug') ")) {
        @header("location: ../categories.php");
    }
}

if (isset($_POST['update_category'])) {

$category_name = mysqli_real_escape_string($con, $_POST['game_category']);
    $category_slug = mysqli_real_escape_string($con, $_POST['game_category_slug']);
    $category_id = mysqli_real_escape_string($con, $_POST['category_id']);

if (mysqli_query($con, "update zon_category set `name`='$category_name', `slug`='$category_slug' where id=$category_id")) {
        @header("location: ../categories.php");
    }
}

if (isset($_GET) && !empty($_GET['token_id']) && !empty($_GET['action']) && !empty($_GET['content_type'])) {
    if ($_GET['content_type'] == 'game') {

$action = $_GET['action'];
        $token_id = $_GET['token_id'];

if ($action == 'delete') {
            if (mysqli_query($con, "DELETE FROM zon_games where id=$token_id")) {
                @header("location: ../games.php");
            }
        }
    }
}

if (isset($_GET) && !empty($_GET['token_id']) && !empty($_GET['action']) && !empty($_GET['content_type'])) {
    if ($_GET['content_type'] == 'category') {

$action = $_GET['action'];
        $token_id = $_GET['token_id'];

if ($action == 'delete') {
            if (mysqli_query($con, "delete from zon_category where id=$token_id")) {
                @header("location: ../categories.php");
            }
        } else {
            // return false;
            echo "Failed";
            // @header("location: ../games.php");

}
    }
}

if (isset($_GET) && !empty($_GET['token_id']) && !empty($_GET['action']) && !empty($_GET['content_type']) && !empty($_GET['url'])) {
    if ($_GET['content_type'] == 'game') {

$url = $_GET['url'];
        $action = $_GET['action'];
        $token_id = $_GET['token_id'];

if ($action == 'delete') {
            if (mysqli_query($con, "delete from zon_games where id=$token_id")) {
                @header("location: $url");
            }
        } else {
            // return false;
            echo "Failed";
            // @header("location: ../games.php");

}
    }
}

if (isset($_POST) && isset($_POST['ads_up_add'])) {

$ad_name = Secure_DATA($_POST['ad_name']);
    $id = Secure_DATA($_POST['ad_id']);
    $ad_code = $_POST['ad_code'];
    $ad_off = $_POST['ad_contr'];

$sql = "UPDATE zon_ads set `code`='$ad_code', `ad_name`='$ad_name', `status`= 0 where id=$id";

if (!empty($ad_off)) {
        $sql = "UPDATE zon_ads set `code`='$ad_code', `ad_name`='$ad_name', `status`=1 where id=$id";
    }

if (mysqli_query($con, $sql)) {
        @header("location: ../advertisement");
    }
}

if (isset($_POST) && isset($_POST['add_page'])) {
    $page_title =  mysqli_escape_string($con,  $_POST['page_title']);
    $page_desc = mysqli_escape_string($con, $_POST['page_desc']);
    $page_content = mysqli_escape_string($con, $_POST['page_content']);

$query = "INSERT INTO `zon_pages` (`title`, `desc`, `content`) VALUES ('$page_title', '$page_desc', '$page_content') ";

if (mysqli_query($con, $query)) {
        @header("location: ../pages");
    }
}

if (isset($_GET) && !empty($_GET['token_id']) && !empty($_GET['action']) && !empty($_GET['content_type']) && !empty($_GET['url'])) {
    if ($_GET['content_type'] == 'page') {

$url = $_GET['url'];
        $action = $_GET['action'];
        $token_id = $_GET['token_id'];

if ($action == 'delete') {
            if (mysqli_query($con, "delete from zon_pages where id=$token_id")) {
                @header("location: $url");
            }
        } else {
            // return false;
            echo "Failed";
            // @header("location: ../games.php");

}
    }
}

if (isset($_POST) && isset($_POST['update_page'])) {
    $page_title =  mysqli_escape_string($con,  $_POST['page_title']);
    $page_desc = mysqli_escape_string($con, $_POST['page_desc']);
    $page_content = mysqli_escape_string($con, $_POST['page_content']);
    $id = mysqli_escape_string($con, $_POST['id']);

$query = "UPDATE `zon_pages` SET `title`='$page_title', `desc`='$page_desc', `content`='$page_content' where id=$id";

if (mysqli_query($con, $query)) {
        @header("location: ../pages");
    }
}

if (isset($_GET) && !empty($_GET['token_id']) && !empty($_GET['action']) && !empty($_GET['content_type']) && !empty($_GET['url'])) {
    if ($_GET['content_type'] == 'comment') {

$url = $_GET['url'];
        $action = $_GET['action'];
        $token_id = $_GET['token_id'];

if ($action == 'delete') {
            if (mysqli_query($con, "delete from zon_comments where id=$token_id")) {
                @header("location: $url");
            }
        } else {
            // return false;
            echo "Failed";
            // @header("location: ../games.php");

}
    }
}