[
MAINHACK
]
Mail Test
BC
Config Scan
HOME
Create...
New File
New Folder
Viewing / Editing File: manage-candidate.php
<?php include("../functions.php"); //error_reporting(0); if(!isset($_SESSION['dbmail_Xw211qAAsq4'])){ header("location:../auth-login"); } else { $s_code = $_SESSION['s_code_Xw2119904']; $uname = $_SESSION['name_Xw2119904']; $stmt = $con->prepare("SELECT * FROM schools WHERE user_name = ? AND school_code = ?"); $stmt->execute(array($uname, $s_code)); $userstatus = $stmt->fetchAll(); // Initialize $namee to prevent potential errors $namee = null; foreach ($userstatus as $sta) { $namee = $sta['user_name']; $userid = $sta['id']; $school_name = $sta['school_name']; } $stmt = $con->prepare("Select * from schools where school_code = ?"); $stmt->execute(array($s_code)); $row = $stmt->fetch(); $logo = $row['logo']; if(empty($logo)){ header("Location:complete-process"); } else { if (isset($_POST['add_position'])) { $position = mysqli_real_escape_string($new, $_POST['position_name']); mysqli_query($new, "INSERT INTO positions (position_name) VALUES ('$position')"); } // Add Candidate if (isset($_POST['add_candidate'])) { $name = mysqli_real_escape_string($new, $_POST['fullname']); $position_id = intval($_POST['position_id']); mysqli_query($new, "INSERT INTO candidates (fullname, position_id) VALUES ('$name', $position_id)"); } // Fetch Data $positions = mysqli_query($new, "SELECT * FROM positions WHERE schoolCode = '$s_code' ORDER BY position_id ASC"); // $candidates = mysqli_query($new, "SELECT c.candidate_id, c.fullname, p.position_name // FROM candidates c // JOIN positions p ON c.position_id = p.position_id // ORDER BY p.position_id"); if($_SERVER["REQUEST_METHOD"] == "POST"){ if(!csrf_token_is_valid() || !csrf_token_is_recent()) { $message = "<p class='btn btn-danger'>Sorry, Token Authentication invalid.</p>"; } else { $name = test_input($_POST['fullname']); $position_id = intval($_POST['position_id']); $academicyear = test_input($_POST['academicyear']); // File Upload if (!empty($_FILES['picture']['name'])) { $targetDir = "uploads/candidate/"; if (!is_dir($targetDir)) { mkdir($targetDir, 0777, true); } $fileName = time() . "_" . basename($_FILES['picture']['name']); $targetFilePath = $targetDir . $fileName; $fileType = strtolower(pathinfo($targetFilePath, PATHINFO_EXTENSION)); $allowedTypes = ['jpg','jpeg','png','gif']; if (in_array($fileType, $allowedTypes)) { if (move_uploaded_file($_FILES['picture']['tmp_name'], $targetFilePath)) { // Insert into DB mysqli_query($new, "INSERT INTO candidates (fullname, picture, position_id,schoolCode,academicyear) VALUES ('$name', '$fileName', '$position_id','$s_code','$academicyear')"); echo "<script> document.addEventListener('DOMContentLoaded', function() { Swal.fire({ title: 'Success!', text: 'Candidate added successfully.', icon: 'success', confirmButtonText: 'OK' }); }); </script>"; } else { echo "<div class='alert alert-danger'>Error uploading file.</div>"; } } else { echo "<div class='alert alert-warning'>Only JPG, JPEG, PNG, GIF allowed.</div>"; } } } } // if($_SERVER["REQUEST_METHOD"] == "POST"){ // if(!csrf_token_is_valid() || !csrf_token_is_recent()) { // $message = "<p class='btn btn-danger'>Sorry, Token Authentication invalid.</p>"; // } else { // $programe_name = test_input($_POST['programe_name']); // if(!empty($programe_name)){ // $select = mysqli_query($new,"SELECT * FROM positions WHERE schoolCode = '$s_code' and position_name = '$programe_name'"); // if(mysqli_num_rows($select) > 0){ // echo "<script> // document.addEventListener('DOMContentLoaded', function() { // Swal.fire({ // title: 'Error!', // text: ' Position name already exist.', // icon: 'error', // confirmButtonText: 'OK' // }); // }); // </script>"; // } // else { // $date = date("Y-m-d"); // $priority = 0; // $stmt = $con->prepare("insert into positions (position_name,schoolCode) values(?,?) "); // $stmt->execute(array($programe_name,$s_code)); // echo "<script> // document.addEventListener('DOMContentLoaded', function() { // Swal.fire({ // title: 'Success!', // text: 'New programme is added successfully.', // icon: 'success', // confirmButtonText: 'OK' // }); // }); // </script>"; // } // } // } if(isset($_POST['update'])){ $program_name1 = test_input($_POST['updateprogram']); $hid = test_input($_POST['id']); $stmt_update_service = mysqli_query($new,"UPDATE positions SET position_name = '$program_name1' WHERE position_id = '$hid'"); echo "<script> document.addEventListener('DOMContentLoaded', function() { Swal.fire({ title: 'Success!', text: 'Records updated successfully.', icon: 'success', confirmButtonText: 'OK' }); }); </script>"; } if(isset($_POST['del'])){ $SID = test_input($_POST['SID']); $stmt = $con->prepare("DELETE FROM candidates WHERE candidate_id = ?"); $stmt->execute(array($SID)); echo "<script> document.addEventListener('DOMContentLoaded', function() { Swal.fire({ title: 'Success!', text: 'Records deleted successfully.', icon: 'success', confirmButtonText: 'OK' }); }); </script>"; } } } ?> <!doctype html> <html lang="en"> <head> <meta charset="utf-8" /> <title>Manage Candidate | All Manage Candidate</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta content="Premium Multipurpose Admin & Dashboard Template" name="description" /> <meta content="Themesbrand" name="author" /> <!-- App favicon --> <!-- DataTables --> <link href="assets/libs/datatables.net-bs4/css/dataTables.bootstrap4.min.css" rel="stylesheet" type="text/css" /> <link href="assets/libs/datatables.net-buttons-bs4/css/buttons.bootstrap4.min.css" rel="stylesheet" type="text/css" /> <!-- Responsive datatable examples --> <link href="assets/libs/datatables.net-responsive-bs4/css/responsive.bootstrap4.min.css" rel="stylesheet" type="text/css" /> <!-- preloader css --> <link rel="stylesheet" href="assets/css/preloader.min.css" type="text/css" /> <!-- Bootstrap Css --> <link href="assets/css/bootstrap.min.css" id="bootstrap-style" rel="stylesheet" type="text/css" /> <!-- Icons Css --> <link href="assets/css/icons.min.css" rel="stylesheet" type="text/css" /> <!-- App Css--> <link href="assets/css/app.min.css" id="app-style" rel="stylesheet" type="text/css" /> <link href="assets/libs/sweetalert2/sweetalert2.min.css" rel="stylesheet" type="text/css" /> </head> <body> <!-- <body data-layout="horizontal"> --> <!-- Begin page --> <div id="layout-wrapper"> <?php include("includes/header.php");?> <?php include("includes/sidebar.php");?> <div class="main-content"> <div class="page-content"> <div class="container-fluid"> <!-- start page title --> <div class="row"> <div class="col-12"> <div class="page-title-box d-sm-flex align-items-center justify-content-between"> <h4 class="mb-sm-0 font-size-18">Voting Candidate</h4> <div class="page-title-right"> <ol class="breadcrumb m-0"> <li class="breadcrumb-item"><a href="javascript: void(0);">Home</a></li> <li class="breadcrumb-item active">Voting Candidate</li> </ol> </div> </div> </div> </div> <!-- end page title --> <div class="row"> <div class="col-12"> <div class="row"> <div class="col-12"> <div class="card"> <div class="card-header"> <button type="button" class="btn btn-primary waves-effect waves-light" data-bs-toggle="modal" data-bs-target=".bs-example-modal-lg">Add Candidate</button> </div> <div class="card-body"> <table style="color: red;" id="datatable-buttons" class="table table-bordered dt-responsive nowrap w-100" > <thead> <tr> <th>#</th> <th>Candidate</th> <th>Picture</th> <th>Position</th> <th>Academic year</th> <th>Action</th> </tr> </thead> <tbody> <?php $cnt = 1; $select = mysqli_query($new,"SELECT * FROM positions,candidates WHERE positions.position_id = candidates.position_id AND candidates.schoolCode = '$s_code' ORDER BY candidate_id DESC"); while ($getdata = mysqli_fetch_array($select)) { ?> <tr> <td><?php echo $cnt++;?></td> <td><?php echo $getdata['fullname'];?></td> <td><img src="uploads/candidate/<?= $getdata['picture'] ?>" width="60" class="rounded"></td> <td><?php echo $getdata['position_name'];?></td> <td><?php echo $getdata['academicyear'];?></td> <?php $edit_data = "edit_".$getdata["candidate_id"];?> <?php $delete_data = "delete_".$getdata["candidate_id"];?> <td> <?php if($namee != "Admin"){?> <?php $permission_name = 'programme'; if (has_permission($userid, $permission_name,'can_edit', $new)) { // echo ' <button type="button" style="width:35px;height: 33px" class="btn btn-primary" data-bs-toggle="modal" data-bs-target="#'.$edit_data.'"><i class="fa fa-edit"></i></button>'; } else { echo '<button type="button" style="width:35px;height: 33px" class="btn btn-primary"><i class="fa fa-edit"></i></button>'; } ?> <?php } else {?> <!-- <button type="button" style="width:35px;height: 33px" class="btn btn-primary" data-bs-toggle="modal" data-bs-target="#<?php echo $edit_data; ?>"><i class="fa fa-edit"></i></button> --> <?php }?> <?php if($namee != "Admin"){?> <?php $permission_name = 'programme'; if (has_permission($userid, $permission_name,'can_delete', $new)) { echo '<button type="button" style="width:35px;height: 33px" class="btn btn-danger" data-bs-toggle="modal" data-bs-target="#'.$delete_data.'"><i class="fa fa-trash"></i></button>'; } else { echo '<button type="button" style="width:35px;height: 33px" class="btn btn-danger"><i class="fa fa-trash"></i></button>'; } ?> <?php } else {?> <button type="button" style="width:35px;height: 33px" class="btn btn-danger" data-bs-toggle="modal" data-bs-target="#<?php echo $delete_data; ?>"><i class="fa fa-trash"></i></button> <?php }?> </td> <div class="modal fade bd-example-modal-lg12" id="<?php echo $edit_data; ?>" tabindex="-1" role="dialog" aria-labelledby="myLargeModalLabel" aria-hidden="true"> <div class="modal-dialog modal-lg"> <div class="modal-content"> <div class="modal-header"> <h5 class="modal-title" id="myLargeModalLabel">Update records</h5> <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button> </div> <div class="modal-body"> <!-- Centering the form and limiting its width --> <div class="container"> <div class="row justify-content-center"> <div class="col-md-8 col-lg-6"> <form method="POST"> <div class="mb-3"> <label for="exampleInputEmail1" class="form-label">Position name</label> <input type="text" class="form-control" name="updateprogram" value="<?php echo $getdata['position_name'];?>"> </div> <input type="hidden" name="id" value="<?php echo $getdata['position_id'];?>"> <button type="submit" name="update" class="btn btn-primary">Submit</button> </form> </div> </div> </div> </div> </div> </div> </div> <div class="modal fade bd-example-modal-lg13" id="<?php echo $delete_data; ?>" tabindex="-1" role="dialog" aria-labelledby="myLargeModalLabel" aria-hidden="true"> <div class="modal-dialog modal-sm"> <div class="modal-content"> <div class="modal-header"> <h5 class="modal-title" id="myLargeModalLabel">Delete Position</h5> <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button> </div> <div class="modal-body"> <form method="POST"> Are you sure you want to delete this? </div> <input type="hidden" name="SID" value="<?php echo $getdata['candidate_id']; ?>"> <div class="modal-footer"> <button type="submit" name="del" class="btn btn-success">Delete</button> </form> </div> </div> </div> </div> <?php }?> </tr> </tbody> </table> </div> </div> <!-- end cardaa --> </div> <!-- end col --> </div> <!-- end row --> </div> <!-- container-fluid --> </div> <!-- End Page-content --> <?php include("includes/footer.php");?> </div> <!-- end main content--> </div> <!-- END layout-wrapper --> <div class="modal fade bs-example-modal-lg" tabindex="-1" role="dialog" aria-labelledby="myLargeModalLabel" aria-hidden="true"> <div class="modal-dialog modal-lg"> <div class="modal-content"> <div class="modal-header"> <h5 class="modal-title" id="myLargeModalLabel">Add new position</h5> <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button> </div> <div class="modal-body"> <!-- Centering the form and limiting its width --> <div class="container"> <div class="row justify-content-center"> <div class="col-md-8 col-lg-6"> <!-- Adjust the column size as needed --> <form method="POST" enctype="multipart/form-data" class="needs-validation mt-4 pt-2" novalidate> <?php echo csrf_token_tag(); ?> <div class="card-body"> <div class="mb-3"> <label class="form-label">Candidate name</label> <input type="text" name="fullname" class="form-control" required> </div> <div class="mb-3"> <label class="form-label">Select Academic year</label> <select name="academicyear" class="form-select" required> <option value="">-- Choose Academic year --</option> <option value="2024/2025">2024/2025</option> <option value="2025/2026">2025/2026</option> <option value="2026/2027">2026/2027</option> <option value="2027/2028">2027/2028</option> </select> </div> <div class="mb-3"> <label class="form-label">Candidate picture</label> <input type="file" name="picture" class="form-control" required> </div> <div class="mb-3"> <label class="form-label">Select Position</label> <select name="position_id" class="form-select" required> <option value="">-- Choose Position --</option> <?php while ($row = mysqli_fetch_assoc($positions)) { ?> <option value="<?= $row['position_id'] ?>"><?= $row['position_name'] ?></option> <?php } ?> </select> </div> </div> <button type="submit" name="submit" class="btn btn-primary">Submit</button> </form> </div> </div> </div> </div> </div> </div> </div> <!-- Right Sidebar --> <div class="right-bar"> <div data-simplebar class="h-100"> <div class="rightbar-title d-flex align-items-center p-3"> <h5 class="m-0 me-2">Theme Customizer</h5> <a href="javascript:void(0);" class="right-bar-toggle ms-auto"> <i class="mdi mdi-close noti-icon"></i> </a> </div> <!-- Settings --> <hr class="m-0" /> <div class="p-4"> <h6 class="mb-3">Layout</h6> <div class="form-check form-check-inline"> <input class="form-check-input" type="radio" name="layout" id="layout-vertical" value="vertical"> <label class="form-check-label" for="layout-vertical">Vertical</label> </div> <div class="form-check form-check-inline"> <input class="form-check-input" type="radio" name="layout" id="layout-horizontal" value="horizontal"> <label class="form-check-label" for="layout-horizontal">Horizontal</label> </div> <h6 class="mt-4 mb-3 pt-2">Layout Mode</h6> <div class="form-check form-check-inline"> <input class="form-check-input" type="radio" name="layout-mode" id="layout-mode-light" value="light"> <label class="form-check-label" for="layout-mode-light">Light</label> </div> <div class="form-check form-check-inline"> <input class="form-check-input" type="radio" name="layout-mode" id="layout-mode-dark" value="dark"> <label class="form-check-label" for="layout-mode-dark">Dark</label> </div> <h6 class="mt-4 mb-3 pt-2">Layout Width</h6> <div class="form-check form-check-inline"> <input class="form-check-input" type="radio" name="layout-width" id="layout-width-fuild" value="fuild" onchange="document.body.setAttribute('data-layout-size', 'fluid')"> <label class="form-check-label" for="layout-width-fuild">Fluid</label> </div> <div class="form-check form-check-inline"> <input class="form-check-input" type="radio" name="layout-width" id="layout-width-boxed" value="boxed" onchange="document.body.setAttribute('data-layout-size', 'boxed')"> <label class="form-check-label" for="layout-width-boxed">Boxed</label> </div> <h6 class="mt-4 mb-3 pt-2">Layout Position</h6> <div class="form-check form-check-inline"> <input class="form-check-input" type="radio" name="layout-position" id="layout-position-fixed" value="fixed" onchange="document.body.setAttribute('data-layout-scrollable', 'false')"> <label class="form-check-label" for="layout-position-fixed">Fixed</label> </div> <div class="form-check form-check-inline"> <input class="form-check-input" type="radio" name="layout-position" id="layout-position-scrollable" value="scrollable" onchange="document.body.setAttribute('data-layout-scrollable', 'true')"> <label class="form-check-label" for="layout-position-scrollable">Scrollable</label> </div> <h6 class="mt-4 mb-3 pt-2">Topbar Color</h6> <div class="form-check form-check-inline"> <input class="form-check-input" type="radio" name="topbar-color" id="topbar-color-light" value="light" onchange="document.body.setAttribute('data-topbar', 'light')"> <label class="form-check-label" for="topbar-color-light">Light</label> </div> <div class="form-check form-check-inline"> <input class="form-check-input" type="radio" name="topbar-color" id="topbar-color-dark" value="dark" onchange="document.body.setAttribute('data-topbar', 'dark')"> <label class="form-check-label" for="topbar-color-dark">Dark</label> </div> <h6 class="mt-4 mb-3 pt-2 sidebar-setting">Sidebar Size</h6> <div class="form-check sidebar-setting"> <input class="form-check-input" type="radio" name="sidebar-size" id="sidebar-size-default" value="default" onchange="document.body.setAttribute('data-sidebar-size', 'lg')"> <label class="form-check-label" for="sidebar-size-default">Default</label> </div> <div class="form-check sidebar-setting"> <input class="form-check-input" type="radio" name="sidebar-size" id="sidebar-size-compact" value="compact" onchange="document.body.setAttribute('data-sidebar-size', 'md')"> <label class="form-check-label" for="sidebar-size-compact">Compact</label> </div> <div class="form-check sidebar-setting"> <input class="form-check-input" type="radio" name="sidebar-size" id="sidebar-size-small" value="small" onchange="document.body.setAttribute('data-sidebar-size', 'sm')"> <label class="form-check-label" for="sidebar-size-small">Small (Icon View)</label> </div> <h6 class="mt-4 mb-3 pt-2 sidebar-setting">Sidebar Color</h6> <div class="form-check sidebar-setting"> <input class="form-check-input" type="radio" name="sidebar-color" id="sidebar-color-light" value="light" onchange="document.body.setAttribute('data-sidebar', 'light')"> <label class="form-check-label" for="sidebar-color-light">Light</label> </div> <div class="form-check sidebar-setting"> <input class="form-check-input" type="radio" name="sidebar-color" id="sidebar-color-dark" value="dark" onchange="document.body.setAttribute('data-sidebar', 'dark')"> <label class="form-check-label" for="sidebar-color-dark">Dark</label> </div> <div class="form-check sidebar-setting"> <input class="form-check-input" type="radio" name="sidebar-color" id="sidebar-color-brand" value="brand" onchange="document.body.setAttribute('data-sidebar', 'brand')"> <label class="form-check-label" for="sidebar-color-brand">Brand</label> </div> <h6 class="mt-4 mb-3 pt-2">Direction</h6> <div class="form-check form-check-inline"> <input class="form-check-input" type="radio" name="layout-direction" id="layout-direction-ltr" value="ltr"> <label class="form-check-label" for="layout-direction-ltr">LTR</label> </div> </div> </div> <!-- end slimscroll-menu--> </div> <!-- /Right-bar --> <!-- Right bar overlay--> <div class="rightbar-overlay"></div> <!-- JAVASCRIPT --> <script src="assets/libs/jquery/jquery.min.js"></script> <script src="assets/libs/bootstrap/js/bootstrap.bundle.min.js"></script> <script src="assets/libs/metismenu/metisMenu.min.js"></script> <script src="assets/libs/simplebar/simplebar.min.js"></script> <script src="assets/libs/node-waves/waves.min.js"></script> <script src="assets/libs/feather-icons/feather.min.js"></script> <!-- pace js --> <script src="assets/libs/pace-js/pace.min.js"></script> <!-- Required datatable js --> <script src="assets/libs/datatables.net/js/jquery.dataTables.min.js"></script> <script src="assets/libs/datatables.net-bs4/js/dataTables.bootstrap4.min.js"></script> <!-- Buttons examples --> <script src="assets/libs/datatables.net-buttons/js/dataTables.buttons.min.js"></script> <script src="assets/libs/datatables.net-buttons-bs4/js/buttons.bootstrap4.min.js"></script> <script src="assets/libs/jszip/jszip.min.js"></script> <script src="assets/libs/pdfmake/build/pdfmake.min.js"></script> <script src="assets/libs/pdfmake/build/vfs_fonts.js"></script> <script src="assets/libs/datatables.net-buttons/js/buttons.html5.min.js"></script> <script src="assets/libs/datatables.net-buttons/js/buttons.print.min.js"></script> <script src="assets/libs/datatables.net-buttons/js/buttons.colVis.min.js"></script> <!-- Responsive examples --> <script src="assets/libs/datatables.net-responsive/js/dataTables.responsive.min.js"></script> <script src="assets/libs/datatables.net-responsive-bs4/js/responsive.bootstrap4.min.js"></script> <script src="assets/libs/sweetalert2/sweetalert2.min.js"></script> <!-- Datatable init js --> <script src="assets/js/pages/datatables.init.js"></script> <script src="assets/js/app.js"></script> <script src="assets/js/pages/validation.init.js"></script> <script src="assets/js/pages/modal.init.js"></script> <script> var myModal = document.getElementById('myModal') var myInput = document.getElementById('myInput') myModal.addEventListener('shown.bs.modal', function () { myInput.focus() }) </script> </body> </html>
Save Changes
Cancel / Back
Close ×
Server Info
Hostname: server1.winmanyltd.com
Server IP: 203.161.60.52
PHP Version: 8.3.27
Server Software: Apache
System: Linux server1.winmanyltd.com 4.18.0-553.22.1.el8_10.x86_64 #1 SMP Tue Sep 24 05:16:59 EDT 2024 x86_64
HDD Total: 117.98 GB
HDD Free: 59.72 GB
Domains on IP: N/A (Requires external lookup)
System Features
Safe Mode:
Off
disable_functions:
None
allow_url_fopen:
On
allow_url_include:
Off
magic_quotes_gpc:
Off
register_globals:
Off
open_basedir:
None
cURL:
Enabled
ZipArchive:
Enabled
MySQLi:
Enabled
PDO:
Enabled
wget:
Yes
curl (cmd):
Yes
perl:
Yes
python:
Yes (py3)
gcc:
Yes
pkexec:
Yes
git:
Yes
User Info
Username: eliosofonline
User ID (UID): 1002
Group ID (GID): 1003
Script Owner UID: 1002
Current Dir Owner: 1002