H69UNtblNBNpha2dtB1Odn8qYp1Qk5NK2gi7yfceofo9N

/home/ymswebso/public_html/postads/control/

<?php
ob_start();
?>
<?php include("includes/session.php"); ?>
<?php include("checkextension.php"); ?>
<?php include("includes/login-verify.php"); ?>
<?php include("includes/connection.php"); ?>
<?php include("fckeditor.php"); 
$did = $_POST['listing_id'];
$redirect_page = $_POST['redirect_page'];
$today=date("Y-n-j H:i:s");
$ad_title = htmlspecialchars($_POST['ad_title'], ENT_QUOTES);
$ad_price = htmlspecialchars($_POST['ad_price'], ENT_QUOTES);
$unit_level = htmlspecialchars($_POST['unit_level'], ENT_QUOTES);
$street_number = htmlspecialchars($_POST['street_number'], ENT_QUOTES);
$street_name = htmlspecialchars($_POST['street_name'], ENT_QUOTES);
$street_type = htmlspecialchars($_POST['street_type'], ENT_QUOTES);
$suberb = htmlspecialchars($_POST['suberb'], ENT_QUOTES);
$city = htmlspecialchars($_POST['city'], ENT_QUOTES);
$post_code = htmlspecialchars($_POST['post_code'], ENT_QUOTES);
$ad_email = htmlspecialchars($_POST['ad_email'], ENT_QUOTES);
$ad_contact_name = htmlspecialchars($_POST['ad_contact_name'], ENT_QUOTES);
$ad_phone_number = htmlspecialchars($_POST['ad_phone_number'], ENT_QUOTES);
$description = htmlspecialchars($_POST['description'], ENT_QUOTES);

if(!empty($_POST['subcategory']))
{
	$category=mysql_real_escape_string($_POST['category']);
	$subcategory=mysql_real_escape_string($_POST['subcategory']);
	$subcategory=@array_unique($_POST['subcategory']);
	if ((count($subcategory)>0))
	{
 		$subcategory=@implode(',',@array_unique($_POST['subcategory']));
	}
	mysql_query("UPDATE business_ads SET main_category = '".$category."', sub_category = '".$subcategory."' WHERE id = '".$did."'");
}

if($_FILES['business_ad_image']['name']!='')
{
	$business_ad_image = $_FILES['business_ad_image']['name'];
//////// checking file extension /////////////
	$filename = $business_ad_image;
	// 1. The "explode/end" approach
	$ext = end(explode('.', $filename));
	// 2. The "strrchr" approach
	$ext = substr(strrchr($filename, '.'), 1);
	// 3. The "strrpos" approach
	$ext = substr($filename, strrpos($filename, '.') + 1);
	// 4. The "preg_replace" approach
	$ext = preg_replace('/^.*\.([^.]+)$/D', '$1', $filename);
	// 5. The "never use this" approach
	//   From: http://php.about.com/od/finishedphp1/qt/file_ext_PHP.htm
	$exts = split("[/\\.]", $filename);
	$n = count($exts)-1;
	$ext = $exts[$n];
//////////////////////////////////////////////////////////////////////////////////////////
	$rand_number=rand()."".rand(5, 10);
	$new_file_name=$rand_number.".".$ext;
	
	$path= "../imgs/".$new_file_name;

if($ext=="jpg" || $ext=="jpeg" || $ext=="gif" || $ext=="png" || $ext=="bmp" || $ext=="JPG" || $ext=="JPEG" || $ext=="GIF")
	{
		move_uploaded_file($_FILES['business_ad_image']['tmp_name'], $path);
		
		$sql = "update `business_ads` set  business_ad_image = '".$new_file_name."' WHERE id = '".$did."'";
		
		mysql_query($sql) or die(mysql_error());
		
	}
}

/*$subcategory=@array_unique($_POST['subcategory']);
if ((count($subcategory)>0))
{
 $subcategory=@implode(',',@array_unique($_POST['subcategory']));
}

$category = htmlspecialchars($_POST['category'], ENT_QUOTES);*/

$query ="update `business_ads` set  	ad_title = '".$ad_title."', ad_price = '".$ad_price."', unit_level = '".$unit_level."' ,street_number = '".$street_number."',  street_name = '".$street_name."', street_type = '".$street_type."', suberb = '".$suberb."', city = '".$city."', post_code = '".$post_code."', ad_email = '".$ad_email."', ad_contact_name = '".$ad_contact_name."', ad_phone_number = '".$ad_phone_number."', description = '".$description."', membership_status = '1',
ad_order = '1', modified = '$today' WHERE id = $did";
$result=mysql_query($query) or die("DB error");
$_SESSION['msg'] = "<div class='message' style='width:95%; text-align:center; height:25px; background-color:#FEDC65; margin:6px;'>Your ad listing has been successfully Update and published on our website.</div>";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Add New Brand</title>
<script language=JavaScript>

function win(){
window.opener.location.href="<?php echo $redirect_page; ?>";
self.close();

}
</script>
</head>

Nama File / Folder	Size	Action
Wp	--	NONE
css	--	NONE
ddlevelsfiles	--	NONE
editor	--	NONE
images	--	NONE
includes	--	NONE
js	--	NONE
Thumbs.db	5.5KB	Hapus Edit Rename
ad_business_listing_search.php	19.885KB	Hapus Edit Rename
as-edit-main-image.php	1.42KB	Hapus Edit Rename
edit-ad_listing.php	24.004KB	Hapus Edit Rename
edit-city-process.php	1.946KB	Hapus Edit Rename
edit-city.php	5.485KB	Hapus Edit Rename
edit-featured_listing.php	22.988KB	Hapus Edit Rename
edit-list-silver-process.php	5.944KB	Hapus Edit Rename
edit-states-process.php	1.985KB	Hapus Edit Rename
edit-sub-category.php	6.637KB	Hapus Edit Rename
fckeditor_php4.php	6.037KB	Hapus Edit Rename
feature_ad_edit-process.php	4.382KB	Hapus Edit Rename
gold_deal_update_process.php	2.608KB	Hapus Edit Rename
gold_sub_image_edit.php	1.733KB	Hapus Edit Rename
header.php	7.578KB	Hapus Edit Rename
index.php	4.549KB	Hapus Edit Rename
main-business-list.php	14.005KB	Hapus Edit Rename
main-delite_listing.php	0.502KB	Hapus Edit Rename
manage-city.php	5.684KB	Hapus Edit Rename
manage-expired-featured.php	18.887KB	Hapus Edit Rename
manage-users.php	14.106KB	Hapus Edit Rename
new_business-process.php	4.474KB	Hapus Edit Rename
notfound.php	1.504KB	Hapus Edit Rename
set-expiry-admin.php	3.732KB	Hapus Edit Rename
showmaincategories.php	0.455KB	Hapus Edit Rename
silver_deal_process.php	1.005KB	Hapus Edit Rename
video-upload-process.php	0.9KB	Hapus Edit Rename