0) {
$row = mysqli_fetch_assoc($res);
} else {
echo "Destination not found.";
exit; // Exit if destination not found
}
} else {
echo "ID parameter missing.";
exit; // Exit if ID parameter is missing
}
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['submit'])) {
// Escape user inputs for security (assuming 'name', 'h2', 'para1', 'para2' are columns in your 'destination' table)
$name = mysqli_real_escape_string($con, $_POST['name']);
$h2 = mysqli_real_escape_string($con, $_POST['h2']);
$para1 = mysqli_real_escape_string($con, $_POST['para1']);
$para2 = mysqli_real_escape_string($con, $_POST['para2']);
// File upload handling
if (isset($_FILES['image']) && $_FILES['image']['error'] === UPLOAD_ERR_OK) {
$image = $_FILES['image'];
$image_name = mysqli_real_escape_string($con, $image['name']);
$image_tmp = $image['tmp_name'];
$image_path = "../../images/destination/" . basename($image_name); // Unique filename
if (move_uploaded_file($image_tmp, $image_path)) {
// Update query with image path
$query = "UPDATE `destination` SET `name`='$name', `h2`='$h2', `para1`='$para1', `para2`='$para2', `image`='$image_name' WHERE id='$id'";
} else {
echo "Error uploading file.";
exit;
}
} else {
// Update query without changing the image
$query = "UPDATE `destination` SET `name`='$name', `h2`='$h2', `para1`='$para1', `para2`='$para2' WHERE id='$id'";
}
// Execute the query
$result = mysqli_query($con, $query);
if ($result) {
header('location: destination.php');
exit;
} else {
echo "Error updating destination.";
}
}
?>
Admin