Server : LiteSpeed System : Linux nl-srv-web1396.main-hosting.eu 4.18.0-553.83.1.lve.el8.x86_64 #1 SMP Wed Nov 12 10:04:12 UTC 2025 x86_64 User : u107206879 ( 107206879) PHP Version : 7.2.34 Disable Function : NONE Directory : /home/u107206879/domains/annoncelights.dk/public_html/services_html/ |
<?php
require "../db_connection.php";
include "../sessioncheck.php";
function friendly_seo_string($vp_string){
$vp_string = trim($vp_string);
$vp_string = html_entity_decode($vp_string);
$vp_string = strip_tags($vp_string);
$vp_string = strtolower($vp_string);
$vp_string = preg_replace('~[^ a-z0-9_.]~', ' ', $vp_string);
$vp_string = preg_replace('~ ~', '-', $vp_string);
$vp_string = preg_replace('~-+~', '-', $vp_string);
return $vp_string;
} # friendly_seo_string()
$error = true;
if(isset($_SESSION['pay_ad_id']) && empty($_SESSION['pay_ad_id']) && isset($_POST['categories'])){
//form validation function to prevent from hacker
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
//function to create thumbnail
function create_thumb($target,$ext,$thumb_path,$w,$h){
list($w_orig,$h_orig)=getimagesize($target);
$scale_ratio=$w_orig/$h_orig;
if(($w/$h)>$scale_ratio)
$w=$h*$scale_ratio;
else
$h=$w/$scale_ratio;
if($w_orig<=$w){
$w=$w_orig;
$h=$h_orig;
}
$img="";
$info = getimagesize($target);
if($info['mime']=="image/gif")
$img=imagecreatefromgif($target);
else if($info['mime']=="image/png")
$img=imagecreatefrompng($target);
else if($info['mime']=="image/jpeg")
$img=imagecreatefromjpeg($target);
$tci=imagecreatetruecolor($w,$h);
imagecopyresampled($tci,$img,0,0,0,0,$w,$h,$w_orig,$h_orig);
imagejpeg($tci,$thumb_path,80);
imagedestroy($tci);
}//end function create_thumb()
//Compress Function
function compress($source, $destination, $quality) {
list($w,$h)=getimagesize($source);
$info = getimagesize($source);
if ($info['mime'] == 'image/jpeg'){
$image = imagecreatefromjpeg($source);
imagejpeg($image, $destination, $quality);
}elseif ($info['mime'] == 'image/gif') {
$image = imagecreatefromgif($source);
imagejpeg($image, $destination, $quality);
}elseif ($info['mime'] == 'image/png') {
$image = imagecreatefrompng($source);
$tci=imagecreatetruecolor($w,$h);
imagealphablending($tci, false);
imagesavealpha($tci, true);
imagecopyresampled($tci,$image,0,0,0,0,$w,$h,$w,$h);
imagepng($tci,$destination,1);
}
return true;
}
/* Advertise Table */
$emailid=$_SESSION['id'];
$category=test_input($_POST['categories']);
$bsname=test_input($_POST['bsname']);
$services=test_input($_POST['service']);
$alder=test_input($_POST['alder']);
$kon=test_input($_POST['kon']);
$bryst=test_input($_POST['bryst']);
$weight=test_input($_POST['weight']);
$height=test_input($_POST['height']);
$street=test_input($_POST['street']);
$incall_postal= test_input($_POST['incall_postal']);
if($services=='3'){
$incall_postal= test_input($_POST['outcall_postal']);
}
$outcall_postal=test_input($_POST['outcall_postal']);
$radius=test_input($_POST['radius']);
$postal_code=test_input($_POST['postal_code']);
$city=test_input($_POST['town']);
$nationality=test_input($_POST['nationality']);
$country_code=test_input($_POST['country_code']);
$telephone=test_input($_POST['telephone']);
$website=test_input($_POST['website']);
$prof_title=test_input($_POST['prof_title']);
$prof_beskrivelse=test_input($_POST['prof_beskrivelse']);
$createdat = date("Y-m-d");
$startdate=date("Y-m-d H:i:s");
$enddate = date('Y-m-d H:i:s', strtotime('+3 month'));
$update_date = date("Y-m-d H:i:s");
$adstatus=0;
$planid=0;
$isApproved=0;
#event code comes here
if($category=="5"){
$prof_title=test_input($_POST['event_title']);
$prof_beskrivelse=test_input($_POST['event_description']);
$event_date=test_input($_POST['event_date']);
$event_date = date('Y-m-d', strtotime($event_date));
$event_time_from=test_input($_POST['time_from']);
$event_time_to=test_input($_POST['time_to']);
$event_place=test_input($_POST['event_place']);
$street=test_input($_POST['event_street']);
$postal_code=test_input($_POST['event_postal_code']);
$sprice = test_input($_POST['price']);
$price1 = test_input($_POST['custom_price']);
if ($sprice == "") {
$event_price = $price1;
} else {
$event_price = $sprice;
}
$event_register_type=test_input($_POST['event_register_type']);
$event_reg_email=test_input($_POST['event_email']);
$country_code=test_input($_POST['event_country_code']);
$telephone=test_input($_POST['event_telephone']);
}
if($postal_code != ''){
$postal_region=$postal_code;
}elseif($outcall_postal != ''){
$postal_region=$outcall_postal;
}elseif($incall_postal != ''){
$postal_region=$incall_postal;
}
if($postal_region!=''){
$region_query=mysqli_query($connection,"SELECT ward, district, sub_country, region FROM area_code WHERE area_code='$postal_region'");
$region_row = mysqli_fetch_array($region_query);
$region = $region_row['region'];
$sub_country = $region_row['sub_country'];
$district = $region_row['district'];
$ward = $region_row['ward'];
}else{
$ward='';
$sub_country='';
$district='';
$region='';
}
#main profile code, check for event cateory
if($category!="5"){
$usrtbl="SELECT count(*) as numad from advertise WHERE em_id='".$emailid."'";
$usrresult=mysqli_query($connection,$usrtbl);
$row = mysqli_fetch_array($usrresult);
$numb = $row['numad'];
if($numb > 0){
$mainprofile=0;
}else{
$mainprofile=1;
}
}
$advtbl = "INSERT INTO `advertise` (`em_id`, `category_id`, `business_name`, `services`,`incall`, `outcall`, `radius`, `ward`, `district`, `sub_country`, `region`, `alder`, `kon`, `bryst`, `weight`, `height`, `street`, `post_code`, `city`, `nationality`, `country_code`, `telephone_no`, `website`, `profile_tile`, `profile_beskrivelse`, `createdat`, `start_date`, `end_date`, `update_date`, `adstatus`, `main_profile`, `plan_id`, `isApproved`, `event_date`,`event_time_from`,`event_time_to`, `event_place`, `event_price`,`event_register_type`, `event_reg_email`) VALUES ('".addslashes($emailid) ."', '".addslashes($category)."', '".addslashes($bsname)."', '".addslashes($services)."', '".addslashes($incall_postal)."', '".addslashes($outcall_postal)."', '".addslashes($radius)."', '".addslashes($ward)."', '".addslashes($district)."', '".addslashes($sub_country)."', '".addslashes($region)."', '".addslashes($alder)."', '".addslashes($kon)."', '".addslashes($bryst)."', '".addslashes($weight)."', '".addslashes($height)."', '".addslashes($street)."', '".addslashes($postal_code)."', '".addslashes($city)."', '".addslashes($nationality)."', '".addslashes($country_code)."', '".addslashes($telephone)."', '".addslashes($website)."', '".addslashes($prof_title)."', '".addslashes($prof_beskrivelse)."', '".addslashes($createdat)."', '".addslashes($startdate)."', '".addslashes($enddate)."', '".addslashes($update_date)."', '".addslashes($adstatus)."', '".addslashes($mainprofile)."', ".$planid.", ".$isApproved.", '".addslashes($event_date)."', '".addslashes($event_time_from)."', '".addslashes($event_time_to)."', '".addslashes($event_place)."', '".addslashes($event_price)."', '".addslashes($event_register_type)."', '".addslashes($event_reg_email)."')";
$advresult=mysqli_query($connection,$advtbl);
if($advresult){
$que3="SELECT id from advertise WHERE em_id='".$emailid."' ORDER BY id DESC";
$result3=mysqli_query($connection,$que3);
$row3 = mysqli_fetch_array($result3);
$adid = $row3['id'];
$_SESSION['pay_ad_id'] = $adid;
$isprofile=1;
$cnt = count($_FILES['image']['name']);
for($i=0; $i<count($_FILES['image']['name']); $i++){
$tmp_name = $_FILES['image']['tmp_name'][$i];
$path = "../user_images/";
$thumb_path = "../thumbnails/";
$name = $_FILES['image']['name'][$i];
$size = $_FILES['image']['size'][$i];
$type = $_FILES['image']['type'][$i];
$ext = strtolower(substr($name, strrpos($name, '.') +1));
$name = time()."_".rand(0,999999).".".$ext;
$thumb_1 = '178_'.$name;
$thumb_2 = '310_'.$name;
if(($ext=='jpg' || $ext=='jpeg' || $ext=='png' || $ext=='gif')&&($type=='image/jpeg' || $type=='image/png' || $type=='image/gif')){
if(compress($_FILES['image']['tmp_name'][$i], $path.$name, 80)){
mysqli_query($connection,"INSERT into `images` (ad_id,em_id,photo,is_profile) VALUES ('$adid', '$emailid', '$name', '$isprofile')");
create_thumb($path.$name,$ext,$thumb_path.$thumb_1,178,178);
create_thumb($path.$name,$ext,$thumb_path.$thumb_2,510,510);
$isprofile=0;
}
}
}
foreach($_POST['adservices_values'] as $adservice_id){
mysqli_query($connection,"INSERT into `ads_adservices` (ad_id, adservice_id, updated_date) VALUES ('$adid', '$adservice_id', '$now')");
}
$error = false;
}
}
#user information fetching
$mainadqry=mysqli_query($connection,"SELECT id,profile_tile, category_id FROM advertise WHERE em_id=".$_SESSION['id']." AND id=".$_SESSION['pay_ad_id']);
$mainad=mysqli_fetch_array($mainadqry);
$sendid=$mainad['id'];
$title=$mainad['profile_tile'];
$usrname = $_SESSION['usrname'];
$category_id=$mainad['category_id'];
if(!$error || (isset($_SESSION['pay_ad_id']) && !empty($_SESSION['pay_ad_id']))){
$to="[email protected]";
$subject="New advert created";
$headers='From:'.MAIN_EMAIL_NAME.' <'.MAIN_EMAIL.'>';
if($category_id==5){
$msg ="New event has been created\n";
}else{
$msg ="New advert has been created\n";
}
$msg.="Username ".$usrname."\n";
if($category_id==5){
$msg.="Below is the link of profile.\n".SUB_URL."/events/".$sendid."/".friendly_seo_string($title);
}else{
$msg.="Below is the link of profile.\n".SUB_URL."/user_detail/".$sendid."/".friendly_seo_string($title);
}
mail($to,$subject,$msg,$headers);
echo $_SESSION['pay_ad_id'];
}else{
echo 0;
}
?>