<?php
session_start();
require_once '../config/database.php';
// Check if user is logged in and is admin
if (!isset($_SESSION['user_id']) || ($_SESSION['role'] !== 'admin' && $_SESSION['role'] !== 'director')) {
header('Location: login.php');
exit();
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$slider_id = (int)$_POST['slider_id'];
$title = trim($_POST['title'] ?? '');
$description = trim($_POST['description'] ?? '');
$link_url = trim($_POST['link_url'] ?? '');
$status = $_POST['status'] ?? 'active';
$errors = [];
// Validate title
if (empty($title)) {
$errors[] = "Title is required";
}
// Validate status
$valid_statuses = ['active', 'inactive'];
if (!in_array($status, $valid_statuses)) {
$errors[] = "Invalid status";
}
if (empty($errors)) {
// Handle image upload if new image is provided
if (isset($_FILES['image']) && $_FILES['image']['error'] === UPLOAD_ERR_OK) {
$file = $_FILES['image'];
$allowed_types = ['image/jpeg', 'image/png', 'image/gif'];
$max_size = 5 * 1024 * 1024; // 5MB
if (!in_array($file['type'], $allowed_types)) {
$errors[] = "Invalid file type. Only JPG, PNG, and GIF are allowed";
}
if ($file['size'] > $max_size) {
$errors[] = "File size too large. Maximum size is 5MB";
}
if (empty($errors)) {
// Create uploads directory if it doesn't exist
$upload_dir = '../uploads/slider/';
if (!file_exists($upload_dir)) {
mkdir($upload_dir, 0777, true);
}
// Generate unique filename
$file_extension = pathinfo($file['name'], PATHINFO_EXTENSION);
$filename = uniqid() . '.' . $file_extension;
$filepath = $upload_dir . $filename;
// Move uploaded file
if (move_uploaded_file($file['tmp_name'], $filepath)) {
// Get current image URL
$stmt = $conn->prepare("SELECT image_url FROM slider_images WHERE id = ?");
$stmt->bind_param("i", $slider_id);
$stmt->execute();
$result = $stmt->get_result();
$current_image = $result->fetch_assoc()['image_url'];
// Delete old image file
if ($current_image && file_exists('../' . $current_image)) {
unlink('../' . $current_image);
}
// Update with new image
$image_url = 'uploads/slider/' . $filename;
$stmt = $conn->prepare("
UPDATE slider_images
SET title = ?, description = ?, image_url = ?, link_url = ?, status = ?
WHERE id = ?
");
$stmt->bind_param("sssssi", $title, $description, $image_url, $link_url, $status, $slider_id);
} else {
$errors[] = "Error uploading file";
}
}
} else {
// Update without changing image
$stmt = $conn->prepare("
UPDATE slider_images
SET title = ?, description = ?, link_url = ?, status = ?
WHERE id = ?
");
$stmt->bind_param("ssssi", $title, $description, $link_url, $status, $slider_id);
}
if (empty($errors) && $stmt->execute()) {
$_SESSION['success_message'] = "Slider updated successfully";
header('Location: slider.php');
exit();
} else {
$errors[] = "Error updating slider: " . $conn->error;
}
}
// If there are errors, store them in session and redirect back
$_SESSION['error_messages'] = $errors;
$_SESSION['form_data'] = $_POST;
header('Location: slider.php');
exit();
}
// If not POST request, redirect to slider page
header('Location: slider.php');
exit();
