ok
Direktori : /home2/selectio/public_html/wedding-info-new/api/ |
Current File : /home2/selectio/public_html/wedding-info-new/api/seller.php |
<?php include_once ('config/config.php'); session_start(); $return_arr = array(); // Initialize the return array error_log('seller profile starts..............'); $id = $_SESSION['user']['id']; // $profile_created_for = $_POST['profile_created_for']; // $profile_name = $_POST['profile_name']; // $gender = $_POST['gender']; // $dob = $_POST['dob']; // $age = $_POST['age']; // $country = $_POST['country']; // $mobile_no = $_POST['mobile_no']; // $address = $_POST['address']; // $city = $_POST['city']; // $state = $_POST['state']; // $pin_code = $_POST['pin_code']; // $land_mark = $_POST['land_mark']; // $email_id = $_POST['email_id']; // c_pin_code // c_land_mark // c_email_id if (isset($_POST['type']) && $_POST['type'] == 'upload') { // owner_limit // wa_limit // email_limit // c_phone_limit // c_email_limit // $wa_limit = $_POST['wa_limit']; // $occupation_limit = $_POST['occupation_limit']; // $annual_incm_limit = $_POST['annual_incm_limit']; // $annual_incm_limit = 2; // $phy_limit = $_POST['phy_limit']; // $marital_status_limit = $_POST['marital_status_limit']; // $intrest_limit = $_POST['intrest_limit']; $profile_created_by = $_POST['profile_created_by']; $profile_name = $_POST['profile_name']; $gender = $_POST['gender']; $dob = $_POST['dob']; $age = $_POST['age']; $country = $_POST['country']; $mobile_no = $_POST['mobile_no']; $mobile_no_alt = $_POST['mobile_no_alt']; $owner_limit = $_POST['owner_limit']; $c_phone_limit = $_POST['c_phone_limit']; $c_phone = $_POST['c_phone']; $email_limit = $_POST['email_limit']; $wa_limit = $_POST['wa_limit']; $c_email_limit = $_POST['c_email_limit']; $lgl_address = $_POST['lgl_address']; $city = $_POST['city']; $state = $_POST['state']; $pin_code = $_POST['pin_code']; $land_mark = $_POST['land_mark']; $email_id = $_POST['email_id']; $cat_limit = $_POST['cat_limit']; $cat = $_POST['cat']; $sub_cat = $_POST['sub_cat']; $company_name = $_POST['company_name']; $c_address = $_POST['c_address']; $c_city = $_POST['c_city']; $c_state = $_POST['c_state']; $c_pin_code = $_POST['c_pin_code']; $c_land_mark = $_POST['c_land_mark']; $gst_no = $_POST['gst_no']; $c_email_id = $_POST['c_email_id']; if ($_POST['edit'] == 'edit') { $statement = $pdo->prepare("SELECT * FROM `tbl_seller` WHERE `id` = ?"); $statement->execute([$_SESSION['user']['id']]); $match = $statement->fetch(PDO::FETCH_ASSOC); error_log($owner_limit."owner change before"); $annual_incm_limit = ($annual_income == $match['annual_incm']) ? $annual_incm_limit : ($annual_incm_limit - 1); $marital_status_limit = ($marital_status == $match['martial_status']) ? $marital_status_limit : ($marital_status_limit - 1); $owner_limit = ($profile_name == $match['profile_name']) ? $owner_limit : ($owner_limit - 1); $c_phone_limit = ($c_phone == $match['c_phone']) ? $c_phone_limit : ($c_phone_limit - 1); $email_limit = ($alter_mobile_no == $match['mobile_no_alt']) ? $email_limit : ($email_limit - 1); $wa_limit = ($alter_mobile_no == $match['mobile_no_alt']) ? $wa_limit : ($wa_limit - 1); $c_email_limit = ($c_email_id == $match['c_email_id']) ? $c_email_limit : ($c_email_limit - 1); $occupation_limit = ($occupation == $match['occupation']) ? $occupation_limit : ($occupation_limit - 1); $phy_limit = ($physical_status == $match['phy_status']) ? $phy_limit : ($phy_limit - 1); $intrest_limit = ($intrests == $match['intrests']) ? $intrest_limit : ($intrest_limit - 1); } error_log($owner_limit."owner change"); // $result="1"; // Prepare and execute the SQL statement $statement = $pdo->prepare("UPDATE `tbl_seller` SET `profile_created_by` = ?, `profile_name` = ?, `gender` = ?, `dob` = ?, `age` = ?, `country` = ?, `mobile_no` = ?, `mobile_no_alt` = ?, `owner_limit` = ?, `c_phone_limit` = ?, `email_limit` = ?, `wa_limit` = ?, `c_email_limit` = ?, `lgl_address` = ?, `city` = ?, `state` = ?, `pin_code` = ?, `land_mark` = ?, `email_id` = ?, `cat_limit` = ?, `cat` = ?, `sub_cat` = ?, `company_name` = ?, `c_address` = ?, `c_city` = ?, `c_state` = ?, `c_pin_code` = ?, `c_land_mark` = ?, `gst_no` = ?, `c_phone` = ?, `c_email_id` = ? WHERE `id` = ?"); $result = $statement->execute([ $profile_created_by, $profile_name, $gender, $dob, $age, $country, $mobile_no, $mobile_no_alt, $owner_limit, $c_phone_limit, $email_limit, $wa_limit, $c_email_limit, $lgl_address, $city, $state, $pin_code, $land_mark, $email_id, $cat_limit, $cat, $sub_cat, $company_name, $c_address, $c_city, $c_state, $c_pin_code, $c_land_mark, $gst_no, $c_phone, $c_email_id, $id ]); // $_SESSION['user']['personal_info_cmt'] = 1; if ($result) { $return_arr['message'] = 'Profile Updated successfully.'; $return_arr['status'] = 200; } else { $return_arr['message'] = 'Something went wrong.'; $return_arr['status'] = 400; } echo json_encode($return_arr); } if (isset($_POST['type']) && $_POST['type'] == 'verification') { try { function generateUniqueFileName($originalName) { $extension = pathinfo($originalName, PATHINFO_EXTENSION); $image = rand(10, 1000000000) . "-" . date('Y-m-d_his') . "-images." . $extension; return $image; } $fileFields = ['profile_img', 'aadhar_img', 'pan_card_pic']; $fileNames = []; foreach ($fileFields as $fieldName) { if (isset($_FILES[$fieldName]) && $_FILES[$fieldName]["name"] != "") { $fileName = './uploads/seller_proof/' . generateUniqueFileName($_FILES[$fieldName]['name']); $targetPath = "." . $fileName; if (move_uploaded_file($_FILES[$fieldName]['tmp_name'], $targetPath)) { $fileNames[$fieldName] = $fileName; } else { throw new Exception('Failed to move uploaded file.'); } } else { $fileNames[$fieldName] = $_POST['oldfileInput_' . $fieldName]; } } $ids = $_SESSION['user']['id']; $aadhar_name = $_POST['aadhar_name']; $aadh_no = $_POST['aadh_no']; $mobile_no = $_POST['mobile_no']; $pan_name = $_POST['pan_name']; $pan_no = $_POST['pan_no']; $pan_mobile = $_POST['pan_mobile']; $gst_no = $_POST['gst_no']; // Your validation and sanitization code goes here // Prepare the SQL query (removed extra comma, added placeholder for verification_info_cmt) $statement = $pdo->prepare("UPDATE `tbl_seller` SET `profile_img` = ?, `aadhar_img` = ?, `pan_card_pic` = ?, `aadhar_name` = ?, `aadh_no` = ?, `mobile_no` = ?, `pan_name` = ?, `pan_no` = ?, `pan_mobile` = ?, `gst_no` = ? WHERE `id` = ?"); // Execute the query with appropriate parameters $result = $statement->execute([ $fileNames['profile_img'], $fileNames['aadhar_img'], $fileNames['pan_card_pic'], $aadhar_name, $aadh_no, $mobile_no, $pan_name, $pan_no, $pan_mobile, $gst_no, $id ]); if ($result) { // Update session variable only if the update operation is successful $_SESSION['user']['verification_info_cmt'] = 1; $return_arr['message'] = 'Details Updated successfully.'; $return_arr['status'] = 200; } else { $return_arr['message'] = 'Something went wrong.'; $return_arr['status'] = 400; } } catch (Exception $e) { $return_arr['message'] = 'Internal Server Error: ' . $e->getMessage(); $return_arr['status'] = 500; error_log($e->getMessage()); } echo json_encode($return_arr); } if (isset($_POST['type']) && $_POST['type'] == 'seller') { error_log('form starts...............'); try { error_log('inner starts...............'); $ids = $_SESSION['user']['id']; $form_id = $_POST['form_id']; $field1 = $_POST['field1']; $field2 = $_POST['field2']; $field3 = $_POST['field3']; $field4 = $_POST['field4']; $field5 = $_POST['field5']; $field6 = $_POST['field6']; $field7 = $_POST['field7']; $field8 = $_POST['field8']; $field9 = $_POST['field9']; $field10 = $_POST['field10']; $field11 = $_POST['field11']; $field12 = $_POST['field12']; $field13 = $_POST['field13']; $field14 = $_POST['field14']; $field15 = $_POST['field15']; $select1 = $_POST['select1']; $product_thumnail = $_POST['product_thumnail']; $pdt_status = $_POST['pdt_status']; $select2 = $_POST['select2']; $select4 = $_POST['select4']; $select5 = $_POST['select5']; // Your validation and sanitization code goes here // Prepare the SQL query (removed extra comma, added placeholder for verification_info_cmt) $statement = $pdo->prepare("INSERT INTO `seller_product_forms` (`form_id`, `field1` ,`field2` ,`field3` ,`field4` ,`field5` ,`field6` ,`field7` ,`field8` ,`field9` ,`field10` ,`field11` ,`field12` ,`field13` ,`field14` ,`field15`,`seller_id`,`select1` ,`product_thumpnail`,`pdt_status`,`select2`,`select4`,`select5`) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)"); $result = $statement->execute([ $form_id, $field1, $field2, $field3, $field4, $field5, $field6, $field7, $field8, $field9, $field10, $field11, $field12, $field13, $field14, $field15, $_SESSION['user']['id'], $select1, $product_thumnail, $pdt_status, $select2, $select4, $select5 ]); $product_id = $pdo->lastInsertId(); error_log($product_id); error_log('update tbl_seller_product_img set product_id = '.$product_id.' where product_id=0'); $statement = $pdo->prepare('update tbl_seller_product_img set product_id = ? where product_id=0'); $result = $statement->execute([$product_id]); if ($result) { // Update session variable only if the update operation is successful $return_arr['message'] = 'Details form Updated successfully.'; $return_arr['status'] = 200; } else { $return_arr['message'] = 'Something went wrong.'; $return_arr['status'] = 400; } } catch (Exception $e) { $return_arr['message'] = 'Internal Server Error: ' . $e->getMessage(); $return_arr['status'] = 500; error_log($e->getMessage()); } echo json_encode($return_arr); } if (isset($_POST['type']) && $_POST['type'] == 'seller_form_edit') { error_log('form starts...............'); try { $p_id = $_POST['p_id']; $field1 = $_POST['field1']; $field2 = $_POST['field2']; $field3 = $_POST['field3']; $field4 = $_POST['field4']; $field5 = $_POST['field5']; $field6 = $_POST['field6']; $field7 = $_POST['field7']; $field8 = $_POST['field8']; $field9 = $_POST['field9']; $field10 = $_POST['field10']; $field11 = $_POST['field11']; $field12 = $_POST['field12']; $field13 = $_POST['field13']; $field14 = $_POST['field14']; $field15 = $_POST['field15']; $select1 = $_POST['select1']; $product_thumnail = $_POST['product_thumnail']; $pdt_status = $_POST['pdt_status']; $select2 = $_POST['select2']; $select4 = $_POST['select4']; $select5 = $_POST['select5']; // Your validation and sanitization code goes here // Prepare the SQL query for update $statement = $pdo->prepare(" UPDATE `seller_product_forms` SET `field1` = ?, `field2` = ?, `field3` = ?, `field4` = ?, `field5` = ?, `field6` = ?, `field7` = ?, `field8` = ?, `field9` = ?, `field10` = ?, `field11` = ?, `field12` = ?, `field13` = ?, `field14` = ?, `field15` = ?, `select1` = ?, `product_thumpnail` = ?, `pdt_status`=?, `select2`=?, `select4`=?, `select5`=? WHERE `id` = ? "); $result = $statement->execute([ $field1, $field2, $field3, $field4, $field5, $field6, $field7, $field8, $field9, $field10, $field11, $field12, $field13, $field14, $field15, $select1, $product_thumnail, $pdt_status, $select2, $select4, $select5, $p_id ]); $product_id = $pdo->lastInsertId(); error_log($product_id); error_log('update tbl_seller_product_img set product_id = '.$product_id.' where product_id=0'); $statement = $pdo->prepare('update tbl_seller_product_img set product_id = ? where product_id=0'); $result = $statement->execute([$product_id]); if ($result) { // Update session variable only if the update operation is successful $return_arr['message'] = 'Details form Updated successfully.'; $return_arr['status'] = 200; } else { $return_arr['message'] = 'Something went wrong.'; $return_arr['status'] = 400; } } catch (Exception $e) { $return_arr['message'] = 'Internal Server Error: ' . $e->getMessage(); $return_arr['status'] = 500; error_log($e->getMessage()); } echo json_encode($return_arr); } if (isset($_POST['del']) && $_POST['del'] == 'delete_pic') { $return_arr = array(); // Initialize the response array try { $pic_id = $_POST['d_id']; $statement = $pdo->prepare("DELETE FROM `tbl_seller_product_img` WHERE id = ?"); $result = $statement->execute([$pic_id]); if ($result) { // Successful deletion $return_arr['message'] = 'Picture deleted successfully.'; $return_arr['status'] = 200; echo json_encode($return_arr); } else { // Handle SQL query execution failure $return_arr['message'] = 'Failed to delete picture.'; $return_arr['status'] = 400; echo json_encode($return_arr); } } catch (PDOException $e) { // Handle PDO exceptions $return_arr['message'] = 'PDO Exception: ' . $e->getMessage(); $return_arr['status'] = 500; error_log($e->getMessage()); echo json_encode($return_arr); } catch (Exception $e) { // Handle other exceptions $return_arr['message'] = 'Error: ' . $e->getMessage(); $return_arr['status'] = 500; error_log($e->getMessage()); echo json_encode($return_arr); } } if (isset($_POST['type']) && $_POST['type'] == 'photos_form') { error_log('all profile photos .....................'); $return_arr = array(); try { $count = $_POST['count']; $uid = $_SESSION['user']['id']; function generateUnique($originalName) { $extension = pathinfo($originalName, PATHINFO_EXTENSION); $image = rand(10, 1000000000) . "-" . date('Y-m-d_his') . "-images." . $extension; return $image; } for ($i = 0; $i < $count; $i++) { $fieldName = "files"; if (isset($_FILES[$fieldName]['name'][$i]) && $_FILES[$fieldName]['name'][$i] != "") { $fileName0 = './uploads/user_img/' . generateUnique($_FILES[$fieldName]['name'][$i]); $targetPath0 = "." . $fileName0; move_uploaded_file($_FILES[$fieldName]['tmp_name'][$i], $targetPath0); } else { $fileName0 = $_POST['oldfileInput_' . $i]; // Use dynamic index for old files } // Prepare and execute the SQL statement with prepared statements $statement = $pdo->prepare("INSERT INTO `tbl_images` (`user_id`, `image`) VALUES (?, ?)"); $result = $statement->execute([$uid, $fileName0]); } if ($result) { $return_arr['message'] = 'Image(s) added successfully.'; $return_arr['status'] = 200; } else { $return_arr['message'] = 'Failed to add image(s).'; $return_arr['status'] = 400; } } catch (PDOException $e) { $return_arr['message'] = 'Database error: ' . $e->getMessage(); $return_arr['status'] = 500; error_log($e->getMessage()); } catch (Exception $e) { $return_arr['message'] = 'Error: ' . $e->getMessage(); $return_arr['status'] = 500; error_log($e->getMessage()); } echo json_encode($return_arr); } if (isset($_POST['type']) && $_POST['type'] == 'product_photos_form') { error_log('all profile photos .....................'); $return_arr = array(); try { $count = $_POST['count']; $uid = $_SESSION['user']['id']; if($_POST['p_id']!=''){ $product_id =$_POST['p_id']; }else{ $product_id = 0; } function generateUnique($originalName) { $extension = pathinfo($originalName, PATHINFO_EXTENSION); $image = rand(10, 1000000000) . "-" . date('Y-m-d_his') . "-images." . $extension; return $image; } for ($i = 0; $i < $count; $i++) { $fieldName = "files"; if (isset($_FILES[$fieldName]['name'][$i]) && $_FILES[$fieldName]['name'][$i] != "") { $fileName0 = './uploads/seller_product/' . generateUnique($_FILES[$fieldName]['name'][$i]); $targetPath0 = "." . $fileName0; move_uploaded_file($_FILES[$fieldName]['tmp_name'][$i], $targetPath0); } else { $fileName0 = $_POST['oldfileInput_' . $i]; } // Prepare and execute the SQL statement with prepared statements $statement = $pdo->prepare("INSERT INTO `tbl_seller_product_img` (`user_id`, `image`,`product_id`) VALUES (?,?, ?)"); $result = $statement->execute([$uid, $fileName0,$product_id]); } if ($result) { $return_arr['message'] = 'Image(s) added successfully.'; $return_arr['status'] = 200; } else { $return_arr['message'] = 'Failed to add image(s).'; $return_arr['status'] = 400; } } catch (PDOException $e) { $return_arr['message'] = 'Database error: ' . $e->getMessage(); $return_arr['status'] = 500; error_log($e->getMessage()); } catch (Exception $e) { $return_arr['message'] = 'Error: ' . $e->getMessage(); $return_arr['status'] = 500; error_log($e->getMessage()); } echo json_encode($return_arr); } if (isset($_POST['type']) && $_POST['type'] == 'product_photos_form_edit') { error_log('all profile photos .....................'); $return_arr = array(); try { $count = $_POST['count']; $uid = $_SESSION['user']['id']; function generateUnique($originalName) { $extension = pathinfo($originalName, PATHINFO_EXTENSION); $image = rand(10, 1000000000) . "-" . date('Y-m-d_his') . "-images." . $extension; return $image; } for ($i = 0; $i < $count; $i++) { $fieldName = "files"; if (isset($_FILES[$fieldName]['name'][$i]) && $_FILES[$fieldName]['name'][$i] != "") { $fileName0 = './uploads/seller_product/' . generateUnique($_FILES[$fieldName]['name'][$i]); $targetPath0 = "." . $fileName0; move_uploaded_file($_FILES[$fieldName]['tmp_name'][$i], $targetPath0); } else { $fileName0 = $_POST['oldfileInput_' . $i]; } $p_id = $_POST['p_id']; // Prepare and execute the SQL statement with prepared statements $statement = $pdo->prepare("INSERT INTO `tbl_seller_product_img` (`user_id`, `image`,`product_id`) VALUES (?,?,?)"); $result = $statement->execute([$uid,$p_id, $fileName0]); } if ($result) { $return_arr['message'] = 'Image(s) added successfully.'; $return_arr['status'] = 200; } else { $return_arr['message'] = 'Failed to add image(s).'; $return_arr['status'] = 400; } } catch (PDOException $e) { $return_arr['message'] = 'Database error: ' . $e->getMessage(); $return_arr['status'] = 500; error_log($e->getMessage()); } catch (Exception $e) { $return_arr['message'] = 'Error: ' . $e->getMessage(); $return_arr['status'] = 500; error_log($e->getMessage()); } echo json_encode($return_arr); } if (isset($_POST['type']) && $_POST['type'] == 'model') { // $statement = $pdo->prepare("SELECT * FROM `tbl_seller` WHERE `id` = ?"); // $statement->execute([$_SESSION['user']['id']]); // $match = $statement->fetch(PDO::FETCH_ASSOC); // if ($annual_income == $match['annual_incm']) { // error_log('success'); // } // if ($result) { // $return_arr['message'] = 'Profile Updated successfully.'; // $return_arr['status'] = 200; // } else { // $return_arr['message'] = 'Something went wrong.'; // $return_arr['status'] = 400; // } echo json_encode($return_arr); } ?>