Yanz mini Shell

[ HomeShell 1 ] [ HomeShell 2 ] [ Upload ] [ Command Shell ] [ Scripting ] [ About ]

[ Directory ] =>

/

home

firstmatrixcoin

public_html

ocean-arc.firstmatrix.co.in

plugins

sparkline

Action

[*] New File
[*] New Folder

Sensitive File

[*] /etc/passwd
[*] /etc/shadow
[*] /etc/resolv.conf

[ Delete ] [ Edit ] [ Rename ] [ Back ]

<?php
header('Content-Type: application/json');
include '../../config/config.php';

error_log("Material creation request received");

$errors = [];

// Sanitize input
define('FILTER_SANITIZE', FILTER_SANITIZE_STRING);
function sanitizeInput($data) {
    return filter_var(trim($data), FILTER_SANITIZE);
}

// Validate required fields
$name = isset($_POST['material_name']) ? sanitizeInput($_POST['material_name']) : '';
if (empty($name)) {
    $errors[] = "Field 'material_name' is required";
}

// Optional fields
$status = isset($_POST['status']) ? sanitizeInput($_POST['status']) : 'Active';
$tag = isset($_POST['tag']) ? sanitizeInput($_POST['tag']) : null;

// Handle image upload
$imagePath = null;
if (isset($_FILES['image']) && $_FILES['image']['error'] === UPLOAD_ERR_OK) {
    $uploadDir = '../../uploads/materials/';
    if (!is_dir($uploadDir)) {
        mkdir($uploadDir, 0777, true); // Ensure directory exists
    }

$fileTmpPath = $_FILES['image']['tmp_name'];
    $fileName = basename($_FILES['image']['name']);
    $fileExtension = strtolower(pathinfo($fileName, PATHINFO_EXTENSION));
    $allowedExtensions = ['jpg', 'jpeg', 'png', 'gif'];

if (in_array($fileExtension, $allowedExtensions)) {
        $newFileName = uniqid('material_', true) . '.' . $fileExtension;
        $destination = $uploadDir . $newFileName;
        if (move_uploaded_file($fileTmpPath, $destination)) {
            $imagePath = 'uploads/materials/' . $newFileName; // Save relative path
        } else {
            $errors[] = 'Failed to move uploaded image';
        }
    } else {
        $errors[] = 'Invalid image file type';
    }
}

if (!empty($errors)) {
    echo json_encode(['status' => 'error', 'message' => $errors]);
    exit;
}

try {
    $stmt = $pdo->prepare("INSERT INTO tbl_matrial_type (name, status, tag, image) VALUES (:name, :status, :tag, :image)");
    $stmt->bindParam(':name', $name);
    $stmt->bindParam(':status', $status);
    $stmt->bindParam(':tag', $tag);
    $stmt->bindParam(':image', $imagePath);

if ($stmt->execute()) {
        echo json_encode(['status' => 'success', 'message' => 'Material created successfully']);
    } else {
        echo json_encode(['status' => 'error', 'message' => 'Failed to insert material']);
    }
} catch (PDOException $e) {
    error_log("DB Error: " . $e->getMessage());
    echo json_encode(['status' => 'error', 'message' => 'Database error: ' . $e->getMessage()]);
}
?>

Free Space : 11166642176 Byte