HEX
Server: Apache
System: Linux sg2plmcpnl492417.prod.sin2.secureserver.net 4.18.0-553.58.1.lve.el8.x86_64 #1 SMP Fri Jul 4 12:07:06 UTC 2025 x86_64
User: nyiet8349bzl (9207396)
PHP: 8.1.34
Disabled: NONE
$ pwd: /home/nyiet8349bzl/Backup/sbc_back/homedir/public_html/old-myadmin/mytender/
Upload Files
File: /home/nyiet8349bzl/Backup/sbc_back/homedir/public_html/old-myadmin/mytender/processTender.php
<?php
require_once '../../library/config.php';
require_once '../library/functions.php';
checkUser();
$action = isset($_GET['action']) ? $_GET['action'] : '';
switch ($action) {

	case 'add' :
		addTender();
		break;
	case 'modify':
		modifyTender();
		break;
		
	case 'delete' :
		deleteTender();
		break;
	
	case 'putON':
		putON();
		break;
	
	case 'putOFF':
		putOFF();
		break;

		
	default :
		header('Location: index.php');
}
function addTender()
{
	$title	= $_POST['txtTitle'];
	$link	= $_POST['nwlink'];
	$sql   = "INSERT INTO mytender (tq_title, tq_link, tq_add_date, tq_IsActive )
	VALUES ('$title', '$link', NOW(), 1)";
	$result = dbQuery($sql);
	header("Location: index.php");	
}
/*
	Modify a Deals
*/
function modifyTender()
{
	if (isset($_GET['Id']) && (int)$_GET['Id'] > 0) {
		$Id = (int)$_GET['Id'];
	} else {
		header('Location: index.php');
	}
	$title	= $_POST['nw_title'];
	$link	= $_POST['nwlink'];
	if($link == "")
	{
	$sql   = "UPDATE mytender SET tq_title = '$title', tq_edit_date = NOW()
			WHERE tq_id = $Id";  
	}
	else
	{
		$sql   = "UPDATE mytender SET tq_title = '$title', tq_link = '$link', tq_edit_date = NOW()
			WHERE tq_id = $Id";
	}
	$result = dbQuery($sql);
	header('Location: index.php');			  
}

function putON()
{
	if (isset($_GET['Id']) && (int)$_GET['Id'] > 0) {
		$Id = (int)$_GET['Id'];
	} else {
		header('Location: index.php');
	}
	
	
	$sql   = "UPDATE mytender SET tq_IsActive=1
			WHERE tq_id = $Id";  
	$result = dbQuery($sql);
	
	if (isset($_GET['page']) && (int)$_GET['page'] > 0) {
		$p = (int)$_GET['page']; 
		header("Location: index.php?page=$p");
	} else {
	header('Location: index.php');			  
	}
}

function putOFF()
{
	if (isset($_GET['Id']) && (int)$_GET['Id'] > 0) {
		$Id = (int)$_GET['Id'];
	} else {
		header('Location: index.php');
	}
	
	
	$sql   = "UPDATE mytender SET tq_IsActive=0
			WHERE tq_id = $Id";  
	$result = dbQuery($sql);
	
	if (isset($_GET['page']) && (int)$_GET['page'] > 0) {
		$p = (int)$_GET['page']; 
		header("Location: index.php?page=$p");
	} else {
	header('Location: index.php');			  
	}
}



/*
	Remove a product
*/
function deleteTender()
{
	if (isset($_GET['Id']) && (int)$_GET['Id'] > 0) {
		$Id = (int)$_GET['Id'];
	} else {
		header('Location: index.php');
	}
	$sql = "DELETE FROM mytender 
	        WHERE tq_id = $Id";
	dbQuery($sql);

	header('Location: index.php');
}
/*
	Remove a product image
*/
function deleteImage()
{
	if (isset($_GET['bId']) && (int)$_GET['bId'] > 0) {
		$bId = (int)$_GET['bId'];
	} else {
		header('Location: index.php');
	}
	if (isset($_GET['img']) && $_GET['img'] > 0) {
		$img = $_GET['img'];
	} else {
		header('Location: index.php');
	}
	
	$deleted = _deleteImage($bId);

	// update the image and thumbnail name in the database
	$sql = "UPDATE chbanner
			SET $img = ''	WHERE PID = $bId";
	dbQuery($sql);		

	header("Location: index.php?view=modify&BID=$bId");
}

function _deleteImage($bId, $img)
{
	// we will return the status
	// whether the image deleted successfully
	$deleted = false;
	
	$sql = "SELECT $img FROM chbanner
			WHERE BID = $bId";
	$result = dbQuery($sql) or die('Cannot delete product image. ' . mysql_error());
	
	if (dbNumRows($result)) {
		$row = dbFetchAssoc($result);
		extract($row);
		
		if ($img) {
			// remove the image file
			$deleted = @unlink(SRV_ROOT . "images/banner/$row[$img]");
			//$deleted = @unlink(SRV_ROOT . "images/product/$pd_thumbnail");
		}
	}
	
	return $deleted;
}

?>
@ Telegram