ok

Mini Shell

Direktori : /proc/self/root/home2/selectio/www/wedding-info-new/api/
Upload File :
Current File : //proc/self/root/home2/selectio/www/wedding-info-new/api/seller.php

<?php
include_once ('config/config.php');
session_start();
$return_arr = array(); // Initialize the return array

error_log('seller profile starts..............');

    $id = $_SESSION['user']['id'];
    // $profile_created_for = $_POST['profile_created_for'];
    // $profile_name = $_POST['profile_name'];
    // $gender = $_POST['gender'];
    // $dob = $_POST['dob'];
    // $age = $_POST['age'];
    // $country = $_POST['country'];
    // $mobile_no = $_POST['mobile_no'];
    // $address = $_POST['address'];
    // $city = $_POST['city'];
    // $state = $_POST['state'];
    // $pin_code = $_POST['pin_code'];
    // $land_mark = $_POST['land_mark'];
    // $email_id = $_POST['email_id'];

// c_pin_code
// c_land_mark
// c_email_id
if (isset($_POST['type']) && $_POST['type'] == 'upload') {
// owner_limit
// wa_limit
// email_limit
// c_phone_limit
// c_email_limit




    // $wa_limit = $_POST['wa_limit'];
    // $occupation_limit = $_POST['occupation_limit'];
    // $annual_incm_limit = $_POST['annual_incm_limit'];
    // $annual_incm_limit = 2;
    // $phy_limit = $_POST['phy_limit'];
    // $marital_status_limit = $_POST['marital_status_limit'];
    // $intrest_limit = $_POST['intrest_limit'];
    
    $profile_created_by = $_POST['profile_created_by'];
    $profile_name = $_POST['profile_name'];
    $gender = $_POST['gender'];
    $dob = $_POST['dob'];
    $age = $_POST['age'];
    $country = $_POST['country'];
    $mobile_no = $_POST['mobile_no'];
    $mobile_no_alt = $_POST['mobile_no_alt'];
    $owner_limit = $_POST['owner_limit'];
    $c_phone_limit = $_POST['c_phone_limit'];
    $c_phone = $_POST['c_phone'];
    $email_limit = $_POST['email_limit'];
    $wa_limit = $_POST['wa_limit'];
    $c_email_limit = $_POST['c_email_limit'];
    $lgl_address = $_POST['lgl_address'];
    $city = $_POST['city'];
    $state = $_POST['state'];
    $pin_code = $_POST['pin_code'];
    $land_mark = $_POST['land_mark'];
    $email_id = $_POST['email_id'];
    $cat_limit = $_POST['cat_limit'];
    $cat = $_POST['cat'];
    $sub_cat = $_POST['sub_cat'];
    
    $company_name = $_POST['company_name'];
    $c_address = $_POST['c_address'];
    $c_city = $_POST['c_city'];
    $c_state = $_POST['c_state'];
    $c_pin_code = $_POST['c_pin_code'];
    $c_land_mark = $_POST['c_land_mark'];
    $gst_no = $_POST['gst_no'];
    $c_email_id = $_POST['c_email_id'];
    
    if ($_POST['edit'] == 'edit') {
        $statement = $pdo->prepare("SELECT * FROM `tbl_seller` WHERE `id` = ?");
        $statement->execute([$_SESSION['user']['id']]);
        $match = $statement->fetch(PDO::FETCH_ASSOC);
        error_log($owner_limit."owner change before");
        $annual_incm_limit = ($annual_income == $match['annual_incm']) ? $annual_incm_limit : ($annual_incm_limit - 1);
        $marital_status_limit = ($marital_status == $match['martial_status']) ? $marital_status_limit : ($marital_status_limit - 1);
        $owner_limit = ($profile_name == $match['profile_name']) ? $owner_limit : ($owner_limit - 1);
        $c_phone_limit = ($c_phone == $match['c_phone']) ? $c_phone_limit : ($c_phone_limit - 1);
        $email_limit = ($alter_mobile_no == $match['mobile_no_alt']) ? $email_limit : ($email_limit - 1);
        $wa_limit = ($alter_mobile_no == $match['mobile_no_alt']) ? $wa_limit : ($wa_limit - 1);
        $c_email_limit = ($c_email_id == $match['c_email_id']) ? $c_email_limit : ($c_email_limit - 1);
        $occupation_limit = ($occupation == $match['occupation']) ? $occupation_limit : ($occupation_limit - 1);
        $phy_limit = ($physical_status == $match['phy_status']) ? $phy_limit : ($phy_limit - 1);
        $intrest_limit = ($intrests == $match['intrests']) ? $intrest_limit : ($intrest_limit - 1);
    }
    error_log($owner_limit."owner change");
   
    // $result="1";
    // Prepare and execute the SQL statement
$statement = $pdo->prepare("UPDATE `tbl_seller`
SET
    `profile_created_by` = ?,
    `profile_name` = ?,
    `gender` = ?,
    `dob` = ?,
    `age` = ?,
    `country` = ?,
    `mobile_no` = ?,
    `mobile_no_alt` = ?,
    `owner_limit` = ?,
    `c_phone_limit` = ?,
    `email_limit` = ?,
    `wa_limit` = ?,
    `c_email_limit` = ?,
    `lgl_address` = ?,
    `city` = ?,
    `state` = ?,
    `pin_code` = ?,
    `land_mark` = ?,
    `email_id` = ?,
    `cat_limit` = ?,
    `cat` = ?,
    `sub_cat` = ?,
    `company_name` = ?,
    `c_address` = ?,
    `c_city` = ?,
    `c_state` = ?,
    `c_pin_code` = ?,
    `c_land_mark` = ?,
    `gst_no` = ?,
    `c_phone` = ?,
    `c_email_id` = ?
WHERE
    `id` = ?");

$result = $statement->execute([
    $profile_created_by,
    $profile_name,
    $gender,
    $dob,
    $age,
    $country,
    $mobile_no,
    $mobile_no_alt,
    $owner_limit,
    $c_phone_limit,
    $email_limit,
    $wa_limit,
    $c_email_limit,
    $lgl_address,
    $city,
    $state,
    $pin_code,
    $land_mark,
    $email_id,
    $cat_limit,
    $cat,
    $sub_cat,
    $company_name,
    $c_address,
    $c_city,
    $c_state,
    $c_pin_code,
    $c_land_mark,
    $gst_no,
    $c_phone,
    $c_email_id,
    $id
]);

    // $_SESSION['user']['personal_info_cmt'] = 1;
    if ($result) {
        $return_arr['message'] = 'Profile Updated successfully.';
        $return_arr['status'] = 200;
    } else {
        $return_arr['message'] = 'Something went wrong.';
        $return_arr['status'] = 400;
    }
    echo json_encode($return_arr);
}

if (isset($_POST['type']) && $_POST['type'] == 'verification') {
    try {
          function generateUniqueFileName($originalName) {
            $extension = pathinfo($originalName, PATHINFO_EXTENSION);
            $image = rand(10, 1000000000) . "-" . date('Y-m-d_his') . "-images." . $extension;
            return $image;
        }
        $fileFields = ['profile_img', 'aadhar_img', 'pan_card_pic'];
        $fileNames = [];

        foreach ($fileFields as $fieldName) {
            if (isset($_FILES[$fieldName]) && $_FILES[$fieldName]["name"] != "") {
                $fileName = './uploads/seller_proof/' . generateUniqueFileName($_FILES[$fieldName]['name']);
                $targetPath = "." . $fileName;
                if (move_uploaded_file($_FILES[$fieldName]['tmp_name'], $targetPath)) {
                    $fileNames[$fieldName] = $fileName;
                } else {
                    throw new Exception('Failed to move uploaded file.');
                }
            } else {
                $fileNames[$fieldName] = $_POST['oldfileInput_' . $fieldName];
            }
        }

        $ids = $_SESSION['user']['id'];
        $aadhar_name = $_POST['aadhar_name'];
        $aadh_no = $_POST['aadh_no'];
        $mobile_no = $_POST['mobile_no'];
        $pan_name = $_POST['pan_name'];
        $pan_no = $_POST['pan_no'];
        $pan_mobile = $_POST['pan_mobile'];
        $gst_no = $_POST['gst_no'];
         
        // Your validation and sanitization code goes here
        
        // Prepare the SQL query (removed extra comma, added placeholder for verification_info_cmt)
     $statement = $pdo->prepare("UPDATE `tbl_seller` SET
            `profile_img` = ?,
            `aadhar_img` = ?,
            `pan_card_pic` = ?,
            `aadhar_name` = ?,
            `aadh_no` = ?,
            `mobile_no` = ?,
            `pan_name` = ?,
            `pan_no` = ?,
            `pan_mobile` = ?,
            `gst_no` = ?
            WHERE `id` = ?");

// Execute the query with appropriate parameters
$result = $statement->execute([
    $fileNames['profile_img'],
    $fileNames['aadhar_img'],
    $fileNames['pan_card_pic'],
    $aadhar_name,
    $aadh_no,
    $mobile_no,
    $pan_name,
    $pan_no,
    $pan_mobile,
    $gst_no,
    $id
]);

        if ($result) {
            // Update session variable only if the update operation is successful
            $_SESSION['user']['verification_info_cmt'] = 1;
            $return_arr['message'] = 'Details Updated successfully.';
            $return_arr['status'] = 200;
        } else {
            $return_arr['message'] = 'Something went wrong.';
            $return_arr['status'] = 400;
        }
    } catch (Exception $e) {
        $return_arr['message'] = 'Internal Server Error: ' . $e->getMessage();
        $return_arr['status'] = 500;
        error_log($e->getMessage());
    }

    echo json_encode($return_arr);
}
if (isset($_POST['type']) && $_POST['type'] == 'seller') {
    error_log('form starts...............');
    try {
            error_log('inner starts...............');

        $ids = $_SESSION['user']['id'];
        $form_id = $_POST['form_id'];
        $field1 = $_POST['field1'];
        $field2 = $_POST['field2'];
        $field3 = $_POST['field3'];
        $field4 = $_POST['field4'];
        $field5 = $_POST['field5'];
        $field6 = $_POST['field6'];
        $field7 = $_POST['field7'];
        $field8 = $_POST['field8'];
        $field9 = $_POST['field9'];
        $field10 = $_POST['field10'];
        $field11 = $_POST['field11'];
        $field12 = $_POST['field12'];
        $field13 = $_POST['field13'];
        $field14 = $_POST['field14'];
        $field15 = $_POST['field15'];
        $select1 = $_POST['select1'];
        $product_thumnail = $_POST['product_thumnail'];
        $pdt_status = $_POST['pdt_status'];
        $select2 = $_POST['select2'];
        $select4 = $_POST['select4'];
        $select5 = $_POST['select5'];
        
         
        // Your validation and sanitization code goes here
        
        // Prepare the SQL query (removed extra comma, added placeholder for verification_info_cmt)
     $statement = $pdo->prepare("INSERT INTO `seller_product_forms` (`form_id`, `field1` ,`field2` ,`field3` ,`field4` ,`field5` ,`field6` ,`field7` ,`field8` ,`field9` ,`field10` ,`field11` ,`field12` ,`field13` ,`field14` ,`field15`,`seller_id`,`select1` ,`product_thumpnail`,`pdt_status`,`select2`,`select4`,`select5`)
    VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)");
    $result = $statement->execute([
                $form_id,
                $field1,
                $field2,
                $field3,
                $field4,
                $field5,
                $field6,
                $field7,
                $field8,
                $field9,
                $field10,
                $field11,
                $field12,
                $field13,
                $field14,
                $field15,
                $_SESSION['user']['id'],
                $select1,
                $product_thumnail,
                $pdt_status,
                $select2,
                $select4,
                $select5
                ]);
                
                
    $product_id = $pdo->lastInsertId();
    error_log($product_id);
    error_log('update tbl_seller_product_img  set product_id = '.$product_id.' where product_id=0');
    $statement = $pdo->prepare('update tbl_seller_product_img  set product_id = ? where product_id=0');
    $result = $statement->execute([$product_id]);
    
    


        if ($result) {
            // Update session variable only if the update operation is successful
            $return_arr['message'] = 'Details form Updated successfully.';
            $return_arr['status'] = 200;
        } else {
            $return_arr['message'] = 'Something went wrong.';
            $return_arr['status'] = 400;
        }
    } catch (Exception $e) {
        $return_arr['message'] = 'Internal Server Error: ' . $e->getMessage();
        $return_arr['status'] = 500;
        error_log($e->getMessage());
    }

    echo json_encode($return_arr);
}
if (isset($_POST['type']) && $_POST['type'] == 'seller_form_edit') {
    error_log('form starts...............');
    try {
$p_id = $_POST['p_id'];
$field1 = $_POST['field1'];
$field2 = $_POST['field2'];
$field3 = $_POST['field3'];
$field4 = $_POST['field4'];
$field5 = $_POST['field5'];
$field6 = $_POST['field6'];
$field7 = $_POST['field7'];
$field8 = $_POST['field8'];
$field9 = $_POST['field9'];
$field10 = $_POST['field10'];
$field11 = $_POST['field11'];
$field12 = $_POST['field12'];
$field13 = $_POST['field13'];
$field14 = $_POST['field14'];
$field15 = $_POST['field15'];
$select1 = $_POST['select1'];
$product_thumnail = $_POST['product_thumnail'];
$pdt_status = $_POST['pdt_status'];
$select2 = $_POST['select2'];
$select4 = $_POST['select4'];
$select5 = $_POST['select5'];

// Your validation and sanitization code goes here

// Prepare the SQL query for update
$statement = $pdo->prepare("
    UPDATE `seller_product_forms`
    SET
        `field1` = ?,
        `field2` = ?,
        `field3` = ?,
        `field4` = ?,
        `field5` = ?,
        `field6` = ?,
        `field7` = ?,
        `field8` = ?,
        `field9` = ?,
        `field10` = ?,
        `field11` = ?,
        `field12` = ?,
        `field13` = ?,
        `field14` = ?,
        `field15` = ?,
        `select1` = ?,
        `product_thumpnail` = ?,
        `pdt_status`=?,
        `select2`=?,
        `select4`=?,
        `select5`=?
    WHERE
        `id` = ?
");

$result = $statement->execute([
    $field1,
    $field2,
    $field3,
    $field4,
    $field5,
    $field6,
    $field7,
    $field8,
    $field9,
    $field10,
    $field11,
    $field12,
    $field13,
    $field14,
    $field15,
    $select1,
    $product_thumnail,
    $pdt_status,
    $select2,
    $select4,
    $select5,
    $p_id
]);






    $product_id = $pdo->lastInsertId();
    error_log($product_id);
    error_log('update tbl_seller_product_img  set product_id = '.$product_id.' where product_id=0');
    $statement = $pdo->prepare('update tbl_seller_product_img  set product_id = ? where product_id=0');
    $result = $statement->execute([$product_id]);
    
    


        if ($result) {
            // Update session variable only if the update operation is successful
            $return_arr['message'] = 'Details form Updated successfully.';
            $return_arr['status'] = 200;
        } else {
            $return_arr['message'] = 'Something went wrong.';
            $return_arr['status'] = 400;
        }
    } catch (Exception $e) {
        $return_arr['message'] = 'Internal Server Error: ' . $e->getMessage();
        $return_arr['status'] = 500;
        error_log($e->getMessage());
    }

    echo json_encode($return_arr);
}


if (isset($_POST['del']) && $_POST['del'] == 'delete_pic') {
    $return_arr = array(); // Initialize the response array

    try {
        $pic_id = $_POST['d_id'];
        $statement = $pdo->prepare("DELETE FROM `tbl_seller_product_img` WHERE id = ?");
        $result = $statement->execute([$pic_id]);
        if ($result) {
            // Successful deletion
            $return_arr['message'] = 'Picture deleted successfully.';
            $return_arr['status'] = 200;
            echo json_encode($return_arr);
        } else {
            // Handle SQL query execution failure
            $return_arr['message'] = 'Failed to delete picture.';
            $return_arr['status'] = 400;
            echo json_encode($return_arr);
        }
    } catch (PDOException $e) {
        // Handle PDO exceptions
        $return_arr['message'] = 'PDO Exception: ' . $e->getMessage();
        $return_arr['status'] = 500;
        error_log($e->getMessage());
        echo json_encode($return_arr);
    } catch (Exception $e) {
        // Handle other exceptions
        $return_arr['message'] = 'Error: ' . $e->getMessage();
        $return_arr['status'] = 500;
        error_log($e->getMessage());
        echo json_encode($return_arr);
    }
}






if (isset($_POST['type']) && $_POST['type'] == 'photos_form') {
    error_log('all profile photos .....................');
    $return_arr = array();

    try {
        $count = $_POST['count'];
        $uid = $_SESSION['user']['id'];
        function generateUnique($originalName) {
    $extension = pathinfo($originalName, PATHINFO_EXTENSION);
    $image = rand(10, 1000000000) . "-" . date('Y-m-d_his') . "-images." . $extension;
    return $image;
}

        for ($i = 0; $i < $count; $i++) {
            $fieldName = "files";
            if (isset($_FILES[$fieldName]['name'][$i]) && $_FILES[$fieldName]['name'][$i] != "") {
                $fileName0 = './uploads/user_img/' . generateUnique($_FILES[$fieldName]['name'][$i]);
                $targetPath0 = "." . $fileName0;
                move_uploaded_file($_FILES[$fieldName]['tmp_name'][$i], $targetPath0);
            } else {
                $fileName0 = $_POST['oldfileInput_' . $i]; // Use dynamic index for old files
            }

            // Prepare and execute the SQL statement with prepared statements
            $statement = $pdo->prepare("INSERT INTO `tbl_images` (`user_id`, `image`) VALUES (?, ?)");
            $result = $statement->execute([$uid, $fileName0]);
        }

        if ($result) {
            $return_arr['message'] = 'Image(s) added successfully.';
            $return_arr['status'] = 200;
        } else {
            $return_arr['message'] = 'Failed to add image(s).';
            $return_arr['status'] = 400;
        }
    } catch (PDOException $e) {
        $return_arr['message'] = 'Database error: ' . $e->getMessage();
        $return_arr['status'] = 500;
        error_log($e->getMessage());
    } catch (Exception $e) {
        $return_arr['message'] = 'Error: ' . $e->getMessage();
        $return_arr['status'] = 500;
        error_log($e->getMessage());
    }

    echo json_encode($return_arr);
}

if (isset($_POST['type']) && $_POST['type'] == 'product_photos_form') {
    error_log('all profile photos .....................');
    $return_arr = array();

    try {
        $count = $_POST['count'];
        $uid = $_SESSION['user']['id'];
          if($_POST['p_id']!=''){
                $product_id =$_POST['p_id'];
            }else{
                $product_id = 0;
                
            }
        function generateUnique($originalName) {
    $extension = pathinfo($originalName, PATHINFO_EXTENSION);
    $image = rand(10, 1000000000) . "-" . date('Y-m-d_his') . "-images." . $extension;
    return $image;
}

        for ($i = 0; $i < $count; $i++) {
            $fieldName = "files";
            if (isset($_FILES[$fieldName]['name'][$i]) && $_FILES[$fieldName]['name'][$i] != "") {
                $fileName0 = './uploads/seller_product/' . generateUnique($_FILES[$fieldName]['name'][$i]);
                $targetPath0 = "." . $fileName0;
                move_uploaded_file($_FILES[$fieldName]['tmp_name'][$i], $targetPath0);
            } else {
                
                $fileName0 = $_POST['oldfileInput_' . $i];
            }
          
            
            // Prepare and execute the SQL statement with prepared statements
            $statement = $pdo->prepare("INSERT INTO `tbl_seller_product_img` (`user_id`, `image`,`product_id`) VALUES (?,?, ?)");
            $result = $statement->execute([$uid, $fileName0,$product_id]);
        }

        if ($result) {
            $return_arr['message'] = 'Image(s) added successfully.';
            $return_arr['status'] = 200;
        } else {
            $return_arr['message'] = 'Failed to add image(s).';
            $return_arr['status'] = 400;
        }
    } catch (PDOException $e) {
        $return_arr['message'] = 'Database error: ' . $e->getMessage();
        $return_arr['status'] = 500;
        error_log($e->getMessage());
    } catch (Exception $e) {
        $return_arr['message'] = 'Error: ' . $e->getMessage();
        $return_arr['status'] = 500;
        error_log($e->getMessage());
    }

    echo json_encode($return_arr);
}
if (isset($_POST['type']) && $_POST['type'] == 'product_photos_form_edit') {
    error_log('all profile photos .....................');
    $return_arr = array();

    try {
        $count = $_POST['count'];
        $uid = $_SESSION['user']['id'];
        function generateUnique($originalName) {
    $extension = pathinfo($originalName, PATHINFO_EXTENSION);
    $image = rand(10, 1000000000) . "-" . date('Y-m-d_his') . "-images." . $extension;
    return $image;
}

        for ($i = 0; $i < $count; $i++) {
            $fieldName = "files";
            if (isset($_FILES[$fieldName]['name'][$i]) && $_FILES[$fieldName]['name'][$i] != "") {
                $fileName0 = './uploads/seller_product/' . generateUnique($_FILES[$fieldName]['name'][$i]);
                $targetPath0 = "." . $fileName0;
                move_uploaded_file($_FILES[$fieldName]['tmp_name'][$i], $targetPath0);
            } else {
                $fileName0 = $_POST['oldfileInput_' . $i];
            }
            $p_id = $_POST['p_id'];
            // Prepare and execute the SQL statement with prepared statements
            $statement = $pdo->prepare("INSERT INTO `tbl_seller_product_img` (`user_id`, `image`,`product_id`) VALUES (?,?,?)");
            $result = $statement->execute([$uid,$p_id, $fileName0]);
        }

        if ($result) {
            $return_arr['message'] = 'Image(s) added successfully.';
            $return_arr['status'] = 200;
        } else {
            $return_arr['message'] = 'Failed to add image(s).';
            $return_arr['status'] = 400;
        }
    } catch (PDOException $e) {
        $return_arr['message'] = 'Database error: ' . $e->getMessage();
        $return_arr['status'] = 500;
        error_log($e->getMessage());
    } catch (Exception $e) {
        $return_arr['message'] = 'Error: ' . $e->getMessage();
        $return_arr['status'] = 500;
        error_log($e->getMessage());
    }

    echo json_encode($return_arr);
}

if (isset($_POST['type']) && $_POST['type'] == 'model') {

    //     $statement = $pdo->prepare("SELECT * FROM `tbl_seller` WHERE `id` = ?");
    //     $statement->execute([$_SESSION['user']['id']]);
    //     $match = $statement->fetch(PDO::FETCH_ASSOC);
    //     if ($annual_income == $match['annual_incm']) {
    //         error_log('success');
    //     }

    // if ($result) {
    //     $return_arr['message'] = 'Profile Updated successfully.';
    //     $return_arr['status'] = 200;
    // } else {
    //     $return_arr['message'] = 'Something went wrong.';
    //     $return_arr['status'] = 400;
    // }
    echo json_encode($return_arr);
}













?>

Zerion Mini Shell 1.0