PK

<center>
<?php
if($_GET[action] == "delimg"){
	$query = "select * from downloads where down_id = '$_GET[down_id]'";
	$query = mysql_query($query) or die(mysql_error());
	if($rr=mysql_fetch_array($query)){
		//echo $rr[img];
		@unlink("../site_data/images/$rr[img]");
		$query="update downloads set img='' where down_id = '$rr[down_id]'";
		mysql_query($query) or die(mysql_error());
		echo "<script>window.location.href='main.php?paction=$_GET[paction]&down_id=$rr[down_id]'</script>";
	}
}

if($_POST[submt_btn] == 1){
	/////////////////////////////////// add record starts //////////////////////
	if($_POST[doAction] == "add"){
		$query="insert into downloads set
			titl='".mysql_escape_string($_POST[titl])."',
			descp='".mysql_escape_string($_POST[descp])."'
		";
		mysql_query($query) or die(mysql_error());
		$down_id=mysql_insert_id();
		$msg="Record Added Successfully";
	}
	/////////////////////////////////// add record ends //////////////////////

	/////////////////////////////////// update record starts //////////////////////
	//print_r($_POST);
	if($_POST[doAction] == "edit") {
		$query="update downloads set
			titl='".mysql_escape_string($_POST[titl])."',
			descp='".mysql_escape_string($_POST[descp])."'
			where down_id = '$_GET[down_id]'
		";
		mysql_query($query) or die(mysql_error());
		$down_id=$_GET[down_id];
		$msg="Record Updated Successfully";
	}
	/////////////////////////////////// update record ends //////////////////////

	$uploads_dir = '../site_data/downloads/';
	if($_FILES["img"]["error"] == UPLOAD_ERR_OK) {
		$tmp_name = $_FILES["img"]["tmp_name"];
		$ext=substr($_FILES["img"]["name"],-3);
		$fname = $down_id."_downloads.".$ext;

		move_uploaded_file($tmp_name, "$uploads_dir/$fname");

		$query="update downloads set file_name='$fname' where down_id = '$down_id'";
		mysql_query($query) or die(mysql_error());
	}
}

//////////////////////  fetch data for edit starts ////////////////////////
if($_GET[down_id]){
	$query = "select * from downloads where down_id = '$_GET[down_id]'";
	$query = mysql_query($query) or die(mysql_error());
	if($editrow=mysql_fetch_array($query)){}
}
//////////////////////  fetch data for edit ends ////////////////////////
?>
</center>

<!-- BEGIN PAGE LEVEL STYLES -->
<link rel="stylesheet" type="text/css" href="assets/global/plugins/bootstrap-wysihtml5/bootstrap-wysihtml5.css"/>
<link rel="stylesheet" type="text/css" href="assets/global/plugins/bootstrap-markdown/css/bootstrap-markdown.min.css">
<link rel="stylesheet" type="text/css" href="assets/global/plugins/bootstrap-summernote/summernote.css">
<!-- END PAGE LEVEL STYLES -->


<div class="page-content-wrapper">
	<div class="page-content">
		<!-- BEGIN PAGE HEADER-->
		<h3 class="page-title"><?php echo($_GET[down_id]?"Edit":"Add")?> Downloads<small></small></h3>
		 
		<!-- END PAGE HEADER-->
		<!-- BEGIN PAGE CONTENT-->
		<div class="row">
			<div class="col-md-12">
				<!-- BEGIN EXTRAS PORTLET-->
				<?php if($msg){?><div class="alert alert-success display-show"><button class="close" data-close="alert"></button><?=$msg?></div><?php }?>

				<div class="portlet box blue-hoki">
					<div class="portlet-title">
						<div class="caption"><i class="fa fa-gift"></i></div>
					</div>
					<div class="portlet-body form">
						<form class="form-horizontal form-bordered" enctype="multipart/form-data" method="post" >
							<input type="hidden" name="doAction" value="<?php echo ($_GET[down_id]!=""?"edit":"add")?>">
							<input type="hidden" name="parent_id" value="<?php echo ($_GET[down_id]!=""?$editrow[parent_id]:"10")?>" />
							<div class="form-body">

								<div class="form-group">
									<label class="control-label col-md-2">Title</label>
									<div class="col-md-10">
										<input type="text" class="form-control" required name="titl" id="titl" value='<?php echo $editrow[titl];?>' />
									</div>
								</div>
								
								<div class="form-group">
									<label class="control-label col-md-2">Details</label>
									<div class="col-md-10">
										<textarea class="form-control" name="descp" id="descp"><?php echo $editrow[descp];?></textarea>
									</div>
								</div>

								<div class="form-group">
									<label class="control-label col-md-2">Upload File</label>
									<div class="col-md-10">
										<input type="file" style="height:auto;" class="form-control" name="img" id="img" accept=".pdf,.doc,.docx,.xls,.xlsx" />
										<?php /*if($editrow[img]){?><img src="../site_data/images/<?php echo $editrow[img];?>" width="150" style="border:1px solid #ccc; padding:1px;" /> <a href="main.php?paction=<?php echo $_GET[paction]?>&down_id=<?php echo $editrow[down_id]?>&action=delimg">Delete Image</a> <?php } */?>
									</div>
								</div>

								<div class="form-actions">
									<div class="row">
										<div class="col-md-offset-2 col-md-10">
											<button type="submit" name="submt_btn" value="1" class="btn green"><i class="fa fa-check"></i> <?php echo ($_GET[down_id]!=""?"Update":"Submit")?></button>
											<button type="button" class="btn default">Cancel</button>
										</div>
									</div>
								</div>

							</div>
						</form>
					</div>
				</div>
			</div>
		</div>

		<!-- END PAGE CONTENT-->
	</div>
</div>
<!-- END CONTENT -->

PK 99