ok

Mini Shell

Direktori : /proc/self/root/home2/selectio/www/wedding-info-new/api/
Upload File :
Current File : //proc/self/root/home2/selectio/www/wedding-info-new/api/profile_add.php

<?php
include_once('config/config.php');
    session_start();
error_log('formstarts........');
$return_arr = array(); // Initialize the return array

if (isset($_POST['type']) && $_POST['type'] == 'upload') {
    $wa_limit = $_POST['wa_limit'];
    $occupation_limit = $_POST['occupation_limit'];
    $phy_limit = $_POST['phy_limit'];
    $intrest_limit = $_POST['intrest_limit'];
    $alter_mobile_no = $_POST['alter_mobile_no'];
    $occupation = $_POST['occupation'];
    $physical_status = $_POST['physical_status'];
    $intrests = $_POST['intrests'];
    $marital_status_limit = $_POST['marital_status_limit'];
    $annual_incm_limit = $_POST['annual_incm_limit'];
    $annual_income = $_POST['annual_income'];
    $marital_status = $_POST['marital_status'];
    if ($_POST['edit'] == 'edit') {
    $statement = $pdo->prepare("SELECT * FROM `tbl_alliances_register` WHERE `id` = ?");
    $statement->execute([$_SESSION['user']['id']]);
    $match = $statement->fetch(PDO::FETCH_ASSOC);
   
       
       
    $annual_incm_limit = ($annual_income == $match['annual_incm']) ? $annual_incm_limit : ($annual_incm_limit - 1);
    
    if($annual_income != $match['annual_incm']){
    $stmt = $pdo->prepare("INSERT INTO tbl_attempt_values (alliance_id, old_value, field_name) VALUES (?, ?, ?)");
    $stmt->execute([$_SESSION['user']['id'], $match['annual_incm'], 'annual_incm']);
    }    
    
    
    
    $marital_status_limit = ($marital_status == $match['martial_status']) ? $marital_status_limit : ($marital_status_limit - 1);
    
    
    $wa_limit = ($alter_mobile_no == $match['mobile_no_alt']) ? $wa_limit : ($wa_limit - 1);
    $occupation_limit = ($occupation == $match['occupation']) ? $occupation_limit : ($occupation_limit - 1);
    $phy_limit = ($physical_status == $match['phy_status']) ? $phy_limit : ($phy_limit - 1);
    $intrest_limit = ($intrests == $match['intrests']) ? $intrest_limit : ($intrest_limit - 1);
    }

    $id = $_SESSION['user']['id'];
    $profile_created_for = $_POST['profile_created_for'];
    $profile_name = $_POST['profile_name'];
    $gender = $_POST['gender'];
    $dob = $_POST['dob'];
    $age = $_POST['age'];
    $country = $_POST['country'];
    $mobile_no = $_POST['mobile_no'];
    $address = $_POST['address'];
    
    $city = $_POST['city'];
    $state = $_POST['state'];
    $pin_code = $_POST['pin_code'];
    $land_mark = $_POST['land_mark'];
    $email_id = $_POST['email_id'];
    
// marital_status_limit annual_incm_limit

    

    // Prepare and execute the SQL statement
    $statement = $pdo->prepare("UPDATE `tbl_alliances_register` SET 
        `profile_ctd_fr` = ?,
        `name` = ?,
        `gender` = ?,
        `dob` = ?,
        `age` = ?,
        `country` = ?,
        `mobile_no` = ?,
        `mobile_no_alt` = ?,
        `lgl_address` = ?,
        `city` = ?,
        `state` = ?,
        `pincode` = ?,
        `l_mark` = ?,
        `email` = ?,
        `occupation` = ?,
        `annual_incm` = ?,
        `phy_status` = ?,
        `martial_status` = ?,
        `personal_info_cmt` = ?,
        `intrests` = ?,
        
        `wa_limit` = ?,
        `occupation_limit` = ?,
        `phy_limit` = ?,
        `intrest_limit` = ?,
        `marital_status_limit` = ?,
        `annual_incm_limit` = ?

        WHERE `id` = ?");
    
    $result = $statement->execute([
        $profile_created_for,
        $profile_name,
        $gender,
        $dob,
        $age,
        $country,
        $mobile_no,
        $alter_mobile_no,
        $address,
        $city,
        $state,
        $pin_code,
        $land_mark,
        $email_id,
        $occupation,
        $annual_income,
        $physical_status,
        $marital_status,
        1,
        $intrests,
        $wa_limit,
        $occupation_limit,
        $phy_limit,
        $intrest_limit,
        $marital_status_limit,
        $annual_incm_limit,
        
        
        $id // Assuming $id contains the ID of the record you want to update
    ]);
        $_SESSION['user']['personal_info_cmt'] = 1;
    if ($result) {
        $return_arr['message'] = 'Profile Updated successfully.';
        $return_arr['status'] = 200;
    } else {
        $return_arr['message'] = 'Something went wrong.';
        $return_arr['status'] = 400;
    }

    echo json_encode($return_arr);
}

if (isset($_POST['type']) && $_POST['type'] == 'horoscope') {
    try {
        // relg_limit
        // caste_limit
        // birth_t_limit
        // dosham_limit
        
        // 
        // mother_tongue_limit
        // zodiac_stars_limit
        // birth_pl_limit
        $relg_limit = $_POST['relg_limit'];
        $caste_limit = $_POST['caste_limit'];
        $birth_t_limit = $_POST['birth_t_limit'];
        $dosham_limit = $_POST['dosham_limit'];
        
        $mother_tongue_limit = $_POST['mother_tongue_limit'];
        $zodiac_stars_limit = $_POST['zodiac_stars_limit'];
        $birth_pl_limit = $_POST['birth_pl_limit'];

        $id = $_SESSION['user']['id'];
        // Assuming you have an active PDO connection
        $mother_tongue = $_POST['mother_tongue'];
        $birth_place = $_POST['birth_place'];
        $zodiac_signs_star = $_POST['zodiac_signs_star'];
        $religion = $_POST['religion'];
        $caste = $_POST['caste'];
        $birth_hour = $_POST['birth_hour'];
        $birth_min = $_POST['birth_min'];
        $birth_sn = $_POST['birth_sn'];
        $dhosam = $_POST['dhosam'];
        
if ($_POST['edit'] == 'edit') {
    $statement = $pdo->prepare("SELECT * FROM `tbl_alliances_register` WHERE `id` = ?");
    $statement->execute([$_SESSION['user']['id']]);
    $match = $statement->fetch(PDO::FETCH_ASSOC);
        error_log("match".$zodiac_signs_star .'='.$match['h_zodic']);
        error_log("limit star star".$zodiac_stars_limit);
        
    $relg_limit = ($religion == $match['religion']) ? $relg_limit : ($relg_limit - 1);
    $caste_limit = ($caste == $match['caste']) ? $caste_limit : ($caste_limit - 1 )   
    
    
    
    
    ;
    
    
    
    
    
    
    $birth_t_limit = ($birth_sn == $match['h_session']) && ($birth_min == $match['h_min']) &&  ($birth_hour == $match['h_hour']) ? $birth_t_limit : ($birth_t_limit - 1);
    $dosham_limit = ($dhosam == $match['h_dosham']) ? $dosham_limit : ($dosham_limit - 1);
    $mother_tongue_limit = ($mother_tongue == $match['mother_tonque']) ? $mother_tongue_limit : ($mother_tongue_limit - 1);
    $zodiac_stars_limit = ($zodiac_signs_star == $match['h_zodic']) ? $zodiac_stars_limit : ($zodiac_stars_limit - 1);
        error_log("limit star".$mother_tongue_limit);
    $birth_pl_limit = ($birth_place == $match['h_place_birth']) ? $birth_pl_limit : ($birth_pl_limit - 1);
        }
        error_log("limit star final".$zodiac_stars_limit);
    
        $horoscope_name = $_POST['horoscope_name'];
        $horoscope_gender = $_POST['horoscope_gender'];
        $horoscope_dob = $_POST['horoscope_dob'];
        // Prepare and execute the SQL statement
        
        
        $query = "UPDATE `tbl_alliances_register` SET
            `religion` = '$religion',
            `mother_tonque` = '$mother_tongue',
            `caste` = '$caste',
            `name` = '$horoscope_name',
            `h_gender` = '$horoscope_gender',
            `h_dob` = '$horoscope_dob',
            `h_place_birth` = '$birth_place',
            `h_hour` = '$birth_hour',
            `h_min` = '$birth_min',
            `h_session` = '$birth_sn',
            `h_zodic` = '$zodiac_signs_star',
            `h_dosham` = '$dhosam',
            `horroscope_info_cmt` = 1,
            `relg_limit` = '$relg_limit',
            `caste_limit` = '$caste_limit',
            `birth_t_limit` = '$birth_t_limit',
            `dosham_limit` = '$dosham_limit',
            `mother_tongue_limit` = '$mother_tongue_limit',
            `zodiac_stars_limit` = '$zodiac_stars_limit',
            `birth_pl_limit` = '$birth_pl_limit'
            WHERE `id` = '$id'";

        $statement = $pdo->prepare($query);
        $result = $statement->execute();
        
        $_SESSION['user']['horroscope_info_cmt'] = 1;
        

        if ($result) {
            $return_arr['message'] = 'Horoscope Details Updated successfully.';
            $return_arr['status'] = 200;
        } else {
            $return_arr['message'] = 'Something went wrong.';
            $return_arr['status'] = 400;
        }
    } catch (Exception $e) {
        $return_arr['message'] = $e->getMessage();
        $return_arr['status'] = 500;
        error_log($e->getMessage());
    }

    echo json_encode($return_arr);
}

if (isset($_POST['type']) && $_POST['type'] == 'verification') {
    try {
        // Validation and sanitization of input fields here
          function generateUniqueFileName($originalName) {
            $extension = pathinfo($originalName, PATHINFO_EXTENSION);
            $image = rand(10, 1000000000) . "-" . date('Y-m-d_his') . "-images." . $extension;
            return $image;
        }
        $fileFields = ['proof_zero', 'proof_first', 'proof_two', 'proof_three'];
        $fileNames = [];

        foreach ($fileFields as $fieldName) {
            if (isset($_FILES[$fieldName]) && $_FILES[$fieldName]["name"] != "") {
                $fileName = './uploads/proof/' . generateUniqueFileName($_FILES[$fieldName]['name']);
                $targetPath = "." . $fileName;
                if (move_uploaded_file($_FILES[$fieldName]['tmp_name'], $targetPath)) {
                    $fileNames[$fieldName] = $fileName;
                } else {
                    throw new Exception('Failed to move uploaded file.');
                }
            } else {
                $fileNames[$fieldName] = $_POST['oldfileInput_' . $fieldName];
            }
        }

        $ids = $_SESSION['user']['id'];
        $dhosam = $_POST['dhosam'];
        $verified_aadhar_no = $_POST['verified_aadhar_no'];
        $verified_aadhar_mobile_no = $_POST['verified_aadhar_mobile_no'];
        $birth_certificatenumber = $_POST['birth_certificatenumber'];
        $communication_certificate = $_POST['communication_certificate'];
        $agreement = $_POST['agreement'];
        $verified_aadhar_name = $_POST['verified_aadhar_name'];
         
        // Your validation and sanitization code goes here
        
        // Prepare the SQL query (removed extra comma, added placeholder for verification_info_cmt)
        $statement = $pdo->prepare("UPDATE `tbl_alliances_register` SET
            `v_photos` = ?,
            `v_birthcert` = ?,
            `v_aadhar_name` = ?,
            `name` = ?,
            `v_aadhar` = ?,
            `v_aadhar_no` = ?,
            `v_aadhar_mobile` = ?,
            `mobile_no` = ?,
            `v_birth_cert_no` = ?,
            `h_communication` = ?,
            `h_communication_no` = ?,
            `verification_info_cmt` = ?
            WHERE `id` = ?");

        // Execute the query with appropriate parameters
        $result = $statement->execute([
            $fileNames['proof_first'],
            $fileNames['proof_two'],
            $verified_aadhar_name,
            $verified_aadhar_name,
            $fileNames['proof_zero'],
            $verified_aadhar_no,
            $verified_aadhar_mobile_no,
            $verified_aadhar_mobile_no,
            $birth_certificatenumber,
            $fileNames['proof_three'],
            $communication_certificate,
            1, // Assuming verification_info_cmt is boolean and should be set to 1 on successful update
            $ids
        ]);

        if ($result) {
            // Update session variable only if the update operation is successful
            $_SESSION['user']['verification_info_cmt'] = 1;
            $return_arr['message'] = 'Details Updated successfully.';
            $return_arr['status'] = 200;
        } else {
            $return_arr['message'] = 'Something went wrong.';
            $return_arr['status'] = 400;
        }
    } catch (Exception $e) {
        $return_arr['message'] = 'Internal Server Error: ' . $e->getMessage();
        $return_arr['status'] = 500;
        error_log($e->getMessage());
    }

    echo json_encode($return_arr);
}

if (isset($_POST['type']) && $_POST['type'] == 'astrology_reg') {
    try {
         function generateUniqueFileName($originalName) {
            $extension = pathinfo($originalName, PATHINFO_EXTENSION);
            $image = rand(10, 1000000000) . "-" . date('Y-m-d h:i:s a', time()) . "-images." . $extension;
            return $image;
        }
                $fieldName = "profileImage";
        if (isset($_FILES[$fieldName]) && $_FILES[$fieldName]["name"] != "") {
            $fileName0 = './uploads/proof/' . generateUniqueFileName($_FILES[$fieldName]['name']);
            $targetPath0 = "." . $fileName0; // Folder path where images will be saved
            move_uploaded_file($_FILES[$fieldName]['tmp_name'], $targetPath0);
        } else {
            $fileName0 = $_POST['oldfileInput_zero'];
        }
        
        $profile_created_for=$_POST['profile_created_for'];
        $profile_name=$_POST['profile_name'];
        $gender=$_POST['gender'];
        $dob=$_POST['dob'];
        $age=$_POST['age'];
        $mobile_no=$_POST['mobile_no'];
        $alter_mobile_no=$_POST['alter_mobile_no'];
        $address=$_POST['address'];
        $city=$_POST['city'];
        $state=$_POST['state'];
        $pin_code=$_POST['pin_code'];
        $land_mark=$_POST['land_mark'];
        $occupation=$_POST['occupation'];
        $education=$_POST['education'];
        $experience=$_POST['experience'];
        $language=$_POST['language'];
        $c_time=$_POST['c_time'];
        $price=$_POST['price'];



 // Prepare and execute the SQL statement

$statement = $pdo->prepare("INSERT INTO `tbl_astrologer` (`profile_ctd_fr`, `name`, `gender`, `dob`, `age`, `mobile_no`, `mobile_no_alt`, `lgl_address`, `city`, `state`, `pincode`, `l_mark`,  `occupation`, `education`, `experience`, `language`, `v_profile_photo`,`call_time`,`price`) VALUES (?,?,?,?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
$result = $statement->execute([$profile_created_for, $profile_name, $gender, $dob, $age, $mobile_no, $alter_mobile_no, $address, $city, $state, $pin_code, $land_mark, $occupation, $education, $experience, $language, $fileName0,$c_time,$price]);

        if ($result) {
            $return_arr['message'] = 'Astorloger Created added successfully.';
            $return_arr['status'] = 200;
        } else {
            $return_arr['message'] = 'Something went wrong.';
            $return_arr['status'] = 400;
        }
    } catch (Exception $e) {
        $return_arr['message'] = $e->getMessage();
        $return_arr['status'] = 500;
        error_log($e->getMessage());
    }

    echo json_encode($return_arr);
}


if (isset($_POST['type']) && $_POST['type'] == 'photos_form') {
    error_log('all profile photos .....................');
    $return_arr = array();

    try {
        $count = $_POST['count'];
        $uid = $_SESSION['user']['id'];
        function generateUnique($originalName) {
    $extension = pathinfo($originalName, PATHINFO_EXTENSION);
    $image = rand(10, 1000000000) . "-" . date('Y-m-d_his') . "-images." . $extension;
    return $image;
}

        for ($i = 0; $i < $count; $i++) {
            $fieldName = "files";
            if (isset($_FILES[$fieldName]['name'][$i]) && $_FILES[$fieldName]['name'][$i] != "") {
                $fileName0 = './uploads/user_img/' . generateUnique($_FILES[$fieldName]['name'][$i]);
                $targetPath0 = "." . $fileName0;
                move_uploaded_file($_FILES[$fieldName]['tmp_name'][$i], $targetPath0);
            } else {
                $fileName0 = $_POST['oldfileInput_' . $i]; // Use dynamic index for old files
            }

            // Prepare and execute the SQL statement with prepared statements
            $statement = $pdo->prepare("INSERT INTO `tbl_images` (`user_id`, `image`) VALUES (?, ?)");
            $result = $statement->execute([$uid, $fileName0]);
        }

        if ($result) {
            $return_arr['message'] = 'Image(s) added successfully.';
            $return_arr['status'] = 200;
        } else {
            $return_arr['message'] = 'Failed to add image(s).';
            $return_arr['status'] = 400;
        }
    } catch (PDOException $e) {
        $return_arr['message'] = 'Database error: ' . $e->getMessage();
        $return_arr['status'] = 500;
        error_log($e->getMessage());
    } catch (Exception $e) {
        $return_arr['message'] = 'Error: ' . $e->getMessage();
        $return_arr['status'] = 500;
        error_log($e->getMessage());
    }

    echo json_encode($return_arr);
}
if (isset($_POST['type']) && $_POST['type'] == 'rewards_form') {
    error_log("start................rewards");
    $return_arr = array();

    try {
        $count = $_POST['count'];
        $uid = $_SESSION['user']['id'];
        function generateUnique($originalName) {
    $extension = pathinfo($originalName, PATHINFO_EXTENSION);
    $image = rand(10, 1000000000) . "-" . date('Y-m-d_his') . "-images." . $extension;
    return $image;
}

        for ($i = 0; $i < $count; $i++) {
            $fieldName = "rewards";
            if (isset($_FILES[$fieldName]['name'][$i]) && $_FILES[$fieldName]['name'][$i] != "") {
                $fileName0 = './uploads/rewards/' . generateUnique($_FILES[$fieldName]['name'][$i]);
                $targetPath0 = "." . $fileName0;
                move_uploaded_file($_FILES[$fieldName]['tmp_name'][$i], $targetPath0);
            } else {
                $fileName0 = $_POST['oldfileInput_' . $i]; // Use dynamic index for old files
            }

            // Prepare and execute the SQL statement with prepared statements
            $statement = $pdo->prepare("INSERT INTO `tbl_rewards` (`user_id`, `photo`) VALUES (?, ?)");
            $result = $statement->execute([$uid, $fileName0]);
        }

        if ($result) {
            $return_arr['message'] = 'Image(s) added successfully.';
            $return_arr['status'] = 200;
        } else {
            $return_arr['message'] = 'Failed to add image(s).';
            $return_arr['status'] = 400;
        }
    } catch (PDOException $e) {
        $return_arr['message'] = 'Database error: ' . $e->getMessage();
        $return_arr['status'] = 500;
        error_log($e->getMessage());
    } catch (Exception $e) {
        $return_arr['message'] = 'Error: ' . $e->getMessage();
        $return_arr['status'] = 500;
        error_log($e->getMessage());
    }

    echo json_encode($return_arr);
}
if (isset($_POST['type']) && $_POST['type'] == 'img-delete') {
    $return_arr = array();

    try {
        $id = $_POST['id'];
        $uid = $_SESSION['user']['id'];

        // Retrieve the image file name from the database using $id
        $statement = $pdo->prepare("SELECT `image` FROM `tbl_images` WHERE `id` = ?");
        $statement->execute([$id]);
        $imageRow = $statement->fetch(PDO::FETCH_ASSOC);

        if ($imageRow) {
            $imageFileName = $imageRow['image'];

            // Delete the image file from the server
            $filePath = '.'.$imageFileName;
            error_log($filePath);
            if ($filePath) {
                unlink($filePath); // Unlink (delete) the file
            }

            // Delete the record from the database
            $deleteStatement = $pdo->prepare("DELETE FROM `tbl_images` WHERE `id` = ?");
            $deleteResult = $deleteStatement->execute([$id]);

            if ($deleteResult) {
                $return_arr['message'] = 'Image deleted successfully.';
                $return_arr['status'] = 200;
            } else {
                $return_arr['message'] = 'Failed to delete image.';
                $return_arr['status'] = 400;
            }
        } else {
            $return_arr['message'] = 'Image not found.';
            $return_arr['status'] = 404;
        }
    } catch (PDOException $e) {
        $return_arr['message'] = 'Database error: ' . $e->getMessage();
        $return_arr['status'] = 500;
        error_log($e->getMessage());
    } catch (Exception $e) {
        $return_arr['message'] = 'Error: ' . $e->getMessage();
        $return_arr['status'] = 500;
        error_log($e->getMessage());
    }

    echo json_encode($return_arr);
}
if (isset($_POST['type']) && $_POST['type'] == 'rwd-delete') {
    $return_arr = array();

    try {
        $id = $_POST['id'];
        $uid = $_SESSION['user']['id'];

        // Retrieve the image file name from the database using $id
        $statement = $pdo->prepare("SELECT `photo` FROM `tbl_rewards` WHERE `id` = ?");
        $statement->execute([$id]);
        $imageRow = $statement->fetch(PDO::FETCH_ASSOC);

        if ($imageRow) {
            $imageFileName = $imageRow['photo'];

            // Delete the image file from the server
            $filePath = '.'.$imageFileName;
            error_log($filePath);
            if ($filePath) {
                unlink($filePath); // Unlink (delete) the file
            }

            // Delete the record from the database
            $deleteStatement = $pdo->prepare("DELETE FROM `tbl_rewards` WHERE `id` = ?");
            $deleteResult = $deleteStatement->execute([$id]);

            if ($deleteResult) {
                $return_arr['message'] = 'Image deleted successfully.';
                $return_arr['status'] = 200;
            } else {
                $return_arr['message'] = 'Failed to delete image.';
                $return_arr['status'] = 400;
            }
        } else {
            $return_arr['message'] = 'Image not found.';
            $return_arr['status'] = 404;
        }
    } catch (PDOException $e) {
        $return_arr['message'] = 'Database error: ' . $e->getMessage();
        $return_arr['status'] = 500;
        error_log($e->getMessage());
    } catch (Exception $e) {
        $return_arr['message'] = 'Error: ' . $e->getMessage();
        $return_arr['status'] = 500;
        error_log($e->getMessage());
    }

    echo json_encode($return_arr);
}














?>

Zerion Mini Shell 1.0