HOME

<?php

function getExtn($filename){
$ext = explode(".",$filename);
return $ext[1];
}
$imgfile="";

include '../connection.php';
$slno = $_POST["slno"];
$descr = $_POST["descr"];
$descr = str_replace("'"," ",$_POST["descr"]);

//$descr = htmlentities($_POST['descr']);
$title = $_POST["title"];
$cdate = $_POST["cdate"];


if(is_array($_FILES)){

    if(is_uploaded_file($_FILES['userImage']['tmp_name'])) {

        $sourcePath = $_FILES['userImage']['tmp_name'];
        $fileext = getExtn($_FILES['userImage']['name']);
        $imgfile ="News".time().rand(10,100).".".$fileext;                        
        if(move_uploaded_file($sourcePath,"../img/".$imgfile)){
          
        @unlink("../img/".$img);

        ?>                         

        <?php

        }

    }

}
if(empty($slno)){
 
    $insert = "insert into news(title,img,descr,cdate)values('$title','$imgfile','$descr','$cdate')";
    $exc = $mysqli->query($insert);
    echo "News Add Succesfully";
    file_put_contents("filenames111111.txt", $insert);

}else{

	if(empty($imgfile)){
	$update = "update news set title='$title',descr='$descr',cdate='$cdate' where id='$slno'";
    $exc = $mysqli->query($update);
    echo "News Update Succesfully";

	}else{

	$update = "update news set title='$title',descr='$descr',img='$imgfile',cdate='$cdate' where id='$slno'";
    $exc = $mysqli->query($update);
    echo "News Update Succesfully";

	}
	
}

?>