<?php
// Start session if not already started
if (session_status() === PHP_SESSION_NONE) {
session_start();
}
// Check if user is logged in and is admin
if (!isset($_SESSION['user_id']) || ($_SESSION['role'] !== 'admin' && $_SESSION['role'] !== 'director')) {
header('Location: login.php');
exit();
}
// Include database configuration
require_once 'database/db_config.php';
// Process form submission for adding/updating gallery image
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action'])) {
$action = $_POST['action'];
if ($action === 'add' || $action === 'update') {
$title = mysqli_real_escape_string($conn, $_POST['title']);
$description = mysqli_real_escape_string($conn, $_POST['description']);
$status = mysqli_real_escape_string($conn, $_POST['status']);
$sort_order = intval($_POST['sort_order']);
// Handle file upload
$image_path = '';
$upload_success = false;
if (isset($_FILES['image']) && $_FILES['image']['error'] === 0) {
$upload_dir = 'uploads/gallery/';
// Create directory if it doesn't exist
if (!file_exists($upload_dir)) {
mkdir($upload_dir, 0777, true);
}
$file_name = time() . '_' . basename($_FILES['image']['name']);
$target_file = $upload_dir . $file_name;
// Check if image file is actual image
$check = getimagesize($_FILES['image']['tmp_name']);
if ($check !== false) {
// Check file size (limit to 5MB)
if ($_FILES['image']['size'] <= 5000000) {
$allowed_types = ['jpg', 'jpeg', 'png', 'gif'];
$file_ext = strtolower(pathinfo($target_file, PATHINFO_EXTENSION));
if (in_array($file_ext, $allowed_types)) {
if (move_uploaded_file($_FILES['image']['tmp_name'], $target_file)) {
$image_path = $target_file;
$upload_success = true;
} else {
$_SESSION['error'] = "Error uploading file.";
}
} else {
$_SESSION['error'] = "Only JPG, JPEG, PNG & GIF files are allowed.";
}
} else {
$_SESSION['error'] = "File is too large. Maximum size is 5MB.";
}
} else {
$_SESSION['error'] = "File is not an image.";
}
}
if ($action === 'add') {
if (!empty($title) && $upload_success) {
$query = "INSERT INTO about_gallery (title, description, image_path, sort_order, status)
VALUES ('$title', '$description', '$image_path', $sort_order, '$status')";
if (mysqli_query($conn, $query)) {
$_SESSION['success'] = "Gallery image added successfully.";
header('Location: gallery.php');
exit();
} else {
$_SESSION['error'] = "Error: " . mysqli_error($conn);
}
} elseif (empty($title)) {
$_SESSION['error'] = "Title is required.";
} elseif (!$upload_success) {
$_SESSION['error'] = "Image upload is required.";
}
} elseif ($action === 'update') {
$id = intval($_POST['id']);
// If no new image is uploaded, keep the existing one
if (!$upload_success && isset($_POST['existing_image'])) {
$image_path = $_POST['existing_image'];
$upload_success = true;
}
if (!empty($title) && $upload_success && $id > 0) {
$query = "UPDATE about_gallery
SET title = '$title',
description = '$description',
image_path = '$image_path',
sort_order = $sort_order,
status = '$status'
WHERE id = $id";
if (mysqli_query($conn, $query)) {
$_SESSION['success'] = "Gallery image updated successfully.";
header('Location: gallery.php');
exit();
} else {
$_SESSION['error'] = "Error: " . mysqli_error($conn);
}
} elseif (empty($title)) {
$_SESSION['error'] = "Title is required.";
} elseif (!$upload_success) {
$_SESSION['error'] = "Image upload is required.";
}
}
} elseif ($action === 'delete' && isset($_POST['id'])) {
$id = intval($_POST['id']);
// Get the image path before deleting the record
$query = "SELECT image_path FROM about_gallery WHERE id = $id";
$result = mysqli_query($conn, $query);
if ($result && mysqli_num_rows($result) > 0) {
$row = mysqli_fetch_assoc($result);
$image_path = $row['image_path'];
// Delete record from database
$delete_query = "DELETE FROM about_gallery WHERE id = $id";
if (mysqli_query($conn, $delete_query)) {
// Delete the image file if it exists
if (!empty($image_path) && file_exists($image_path)) {
unlink($image_path);
}
$_SESSION['success'] = "Gallery image deleted successfully.";
} else {
$_SESSION['error'] = "Error: " . mysqli_error($conn);
}
} else {
$_SESSION['error'] = "Gallery image not found.";
}
header('Location: gallery.php');
exit();
}
}
// Fetch all gallery images
$query = "SELECT * FROM about_gallery ORDER BY sort_order ASC";
$gallery_result = mysqli_query($conn, $query);
// Get gallery image for editing
$edit_image = null;
if (isset($_GET['edit']) && is_numeric($_GET['edit'])) {
$edit_id = intval($_GET['edit']);
$edit_query = "SELECT * FROM about_gallery WHERE id = $edit_id";
$edit_result = mysqli_query($conn, $edit_query);
if ($edit_result && mysqli_num_rows($edit_result) > 0) {
$edit_image = mysqli_fetch_assoc($edit_result);
}
}
// Include header
include 'includes/header.php';
?>
<div class="container-fluid">
<div class="row">
<!-- Gallery Form Card -->
<div class="col-lg-4">
<div class="card shadow mb-4">
<div class="card-header py-3 d-flex flex-row align-items-center justify-content-between">
<h6 class="m-0 font-weight-bold text-primary">
<?php echo isset($edit_image) ? 'Edit Gallery Image' : 'Add Gallery Image'; ?>
</h6>
</div>
<div class="card-body">
<?php if (isset($_SESSION['error'])): ?>
<div class="alert alert-danger">
<?php
echo $_SESSION['error'];
unset($_SESSION['error']);
?>
</div>
<?php endif; ?>
<form action="gallery.php" method="POST" enctype="multipart/form-data">
<input type="hidden" name="action" value="<?php echo isset($edit_image) ? 'update' : 'add'; ?>">
<?php if (isset($edit_image)): ?>
<input type="hidden" name="id" value="<?php echo $edit_image['id']; ?>">
<input type="hidden" name="existing_image" value="<?php echo $edit_image['image_path']; ?>">
<?php endif; ?>
<div class="mb-3">
<label for="title" class="form-label">Title <span class="text-danger">*</span></label>
<input type="text" class="form-control" id="title" name="title" required
value="<?php echo isset($edit_image) ? htmlspecialchars($edit_image['title']) : ''; ?>">
</div>
<div class="mb-3">
<label for="description" class="form-label">Description</label>
<textarea class="form-control" id="description" name="description" rows="3"><?php echo isset($edit_image) ? htmlspecialchars($edit_image['description']) : ''; ?></textarea>
</div>
<div class="mb-3">
<label for="image" class="form-label">Image <?php echo isset($edit_image) ? '' : '<span class="text-danger">*</span>'; ?></label>
<input type="file" class="form-control" id="image" name="image" accept="image/*" <?php echo isset($edit_image) ? '' : 'required'; ?>>
<?php if (isset($edit_image) && !empty($edit_image['image_path'])): ?>
<div class="mt-2">
<img src="<?php echo $edit_image['image_path']; ?>" alt="Current Image" class="img-thumbnail" style="max-width: 100px;">
<p class="small text-muted">Current image. Upload a new one to replace it.</p>
</div>
<?php endif; ?>
</div>
<div class="mb-3">
<label for="sort_order" class="form-label">Sort Order</label>
<input type="number" class="form-control" id="sort_order" name="sort_order" min="0"
value="<?php echo isset($edit_image) ? $edit_image['sort_order'] : '0'; ?>">
<div class="small text-muted">Images are displayed in ascending order (smaller numbers first).</div>
</div>
<div class="mb-3">
<label for="status" class="form-label">Status</label>
<select class="form-control" id="status" name="status">
<option value="active" <?php echo (isset($edit_image) && $edit_image['status'] === 'active') ? 'selected' : ''; ?>>Active</option>
<option value="inactive" <?php echo (isset($edit_image) && $edit_image['status'] === 'inactive') ? 'selected' : ''; ?>>Inactive</option>
</select>
</div>
<div class="d-grid gap-2">
<button type="submit" class="btn btn-primary">
<?php echo isset($edit_image) ? 'Update Image' : 'Add Image'; ?>
</button>
<?php if (isset($edit_image)): ?>
<a href="gallery.php" class="btn btn-secondary">Cancel</a>
<?php endif; ?>
</div>
</form>
</div>
</div>
</div>
<!-- Gallery List Card -->
<div class="col-lg-8">
<div class="card shadow mb-4">
<div class="card-header py-3 d-flex flex-row align-items-center justify-content-between">
<h6 class="m-0 font-weight-bold text-primary">Gallery Images</h6>
</div>
<div class="card-body">
<?php if (isset($_SESSION['success'])): ?>
<div class="alert alert-success">
<?php
echo $_SESSION['success'];
unset($_SESSION['success']);
?>
</div>
<?php endif; ?>
<?php if ($gallery_result && mysqli_num_rows($gallery_result) > 0): ?>
<div class="table-responsive">
<table class="table table-bordered" width="100%" cellspacing="0">
<thead>
<tr>
<th>Image</th>
<th>Title</th>
<th>Description</th>
<th>Order</th>
<th>Status</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php while ($row = mysqli_fetch_assoc($gallery_result)): ?>
<tr>
<td>
<img src="<?php echo $row['image_path']; ?>" alt="<?php echo htmlspecialchars($row['title']); ?>" class="img-thumbnail" style="max-width: 80px;">
</td>
<td><?php echo htmlspecialchars($row['title']); ?></td>
<td><?php echo substr(htmlspecialchars($row['description']), 0, 50) . (strlen($row['description']) > 50 ? '...' : ''); ?></td>
<td><?php echo $row['sort_order']; ?></td>
<td>
<span class="badge bg-<?php echo $row['status'] === 'active' ? 'success' : 'secondary'; ?>">
<?php echo ucfirst($row['status']); ?>
</span>
</td>
<td>
<a href="gallery.php?edit=<?php echo $row['id']; ?>" class="btn btn-sm btn-primary">Edit</a>
<button type="button" class="btn btn-sm btn-danger"
onclick="confirmDelete(<?php echo $row['id']; ?>, '<?php echo addslashes($row['title']); ?>')">
Delete
</button>
</td>
</tr>
<?php endwhile; ?>
</tbody>
</table>
</div>
<?php else: ?>
<div class="alert alert-info">
No gallery images found. Add your first image using the form.
</div>
<?php endif; ?>
</div>
</div>
</div>
</div>
</div>
<!-- Delete Confirmation Modal -->
<div class="modal fade" id="deleteModal" tabindex="-1" aria-labelledby="deleteModalLabel" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="deleteModalLabel">Confirm Delete</h5>
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<div class="modal-body">
Are you sure you want to delete the image "<span id="deleteImageTitle"></span>"?
This action cannot be undone.
</div>
<div class="modal-footer">
<form action="gallery.php" method="POST">
<input type="hidden" name="action" value="delete">
<input type="hidden" name="id" id="deleteImageId">
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Cancel</button>
<button type="submit" class="btn btn-danger">Delete</button>
</form>
</div>
</div>
</div>
</div>
<script>
function confirmDelete(id, title) {
document.getElementById('deleteImageId').value = id;
document.getElementById('deleteImageTitle').textContent = title;
// Initialize the modal if using Bootstrap 5
var deleteModal = new bootstrap.Modal(document.getElementById('deleteModal'));
deleteModal.show();
}
</script>
<?php
// Include footer
include 'includes/footer.php';
?>
