HEX
Server: nginx/1.24.0
System: Linux webserver-one 6.8.0-101-generic #101-Ubuntu SMP PREEMPT_DYNAMIC Mon Feb 9 10:15:05 UTC 2026 x86_64
User: www-data (33)
PHP: 8.4.18
Disabled: NONE
$ pwd: /srv/www/rectt-csmcri.res.in/admin_html/
Upload Files
File: /srv/www/rectt-csmcri.res.in/admin_html/generate_excel.php
<?php
session_start();
// ini_set("display_errors", 1);
// ini_set("display_startup_errors", 1);
// error_reporting(E_ALL);
require_once dirname(__DIR__) . '/public_html/sites/config/config.php';

if (!isset($_SESSION['admin_logged_in']) || !in_array($_SESSION['admin_role'], ['superadmin', 'manager'])) {
    header("Location: admin_dashboard.php");
    // echo $_SESSION['admin_role'];

    exit;
}

// 1) basic session checks
if (
    empty($_SESSION['admin_id']) || empty($_SESSION['session_token'])
) {
    header("Location: admin_login.php");
    exit;
}

// 2) pull the token (and role) from the database
$stmt = $conn->prepare("SELECT session_token FROM admin_users WHERE id = ?");
$stmt->bind_param("i", $_SESSION['admin_id']);
$stmt->execute();
$result = $stmt->get_result()->fetch_assoc();
$stmt->close();

// 3) if the DB token is gone or doesn’t match the session’s, force logout
if (
    ! $result || $result['session_token'] !== $_SESSION['session_token']
) {
    session_unset();
    session_destroy();
    header("Location: admin_login.php?error=" . urlencode("Your session has expired."));
    exit;
}

function getAdvertisements($conn)
{
    $ads = [];
    $res = $conn->query("SELECT id, Ad_id, title FROM Advertisement ORDER BY id DESC");
    while ($row = $res->fetch_assoc()) $ads[] = $row;
    return $ads;
}

function getPosts($conn, $ad_id)
{
    $posts = [];
    if (!$ad_id) return $posts;
    $stmt = $conn->prepare("SELECT id, post_title, post_code FROM posts WHERE advertisement_id = ?");
    $stmt->bind_param("i", $ad_id);
    $stmt->execute();
    $res = $stmt->get_result();
    while ($row = $res->fetch_assoc()) $posts[] = $row;
    $stmt->close();
    return $posts;
}

// Load form selections
$ads = getAdvertisements($conn);
$selected_ad = $_POST['ad_id'] ?? '';
$selected_post = $_POST['post_id'] ?? '';
$posts = $selected_ad ? getPosts($conn, $selected_ad) : [];

// On form submit
if ($_SERVER['REQUEST_METHOD'] === 'POST' && $selected_ad && $selected_post) {
    $stmt = $conn->prepare("SELECT type FROM posts WHERE id = ?");
    $stmt->bind_param("i", $selected_post);
    $stmt->execute();
    $res = $stmt->get_result();
    $type_row = $res->fetch_assoc();
    $stmt->close();

    $app_type = $type_row['type'] ?? '';
    $export_file = match ($app_type) {
        'non-technical' => 'export_non_tech.php',
        'technical' => 'export_tech.php',
        'scientist' => 'export_scientist.php',
        default => ''
    };

    if ($export_file) {
        header("Location: $export_file?ad_id=$selected_ad&post_id=$selected_post&download=1");
        exit;
    } else {
        echo "<div style='color:red;text-align:center;'>Unknown application type.</div>";
    }
}
?>

<!DOCTYPE html>
<html>

<head>
    <title>Generate Excel Report</title>
    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
</head>

<body class="bg-light">
    <div class="container mt-4">
        <center>
            <h3 class="mb-4 text-center">Generate Excel Export</h3>
            <div class="d-flex justify-content-center align-items-center my-3 gap-2">
                <a href="admin_dashboard.php" class="btn btn-secondary btn-sm">Back to Dashboard</a>
                <a href="admin_logout.php" class="btn btn-danger btn-sm ms-2">Logout</a>
            </div>
        </center>
        <form method="post" class="border p-4 rounded bg-white shadow">
            <div class="row mb-3">
                <div class="col-md-6">
                    <label class="form-label">Advertisement</label>
                    <select name="ad_id" class="form-select" onchange="this.form.submit()" required>
                        <option value="">Select Advertisement</option>
                        <?php foreach ($ads as $ad): ?>
                            <option value="<?= $ad['id'] ?>" <?= $ad['id'] == $selected_ad ? 'selected' : '' ?>>
                                <?= htmlspecialchars($ad['Ad_id'] . ' - ' . $ad['title']) ?>
                            </option>
                        <?php endforeach; ?>
                    </select>
                </div>

                <div class="col-md-6">
                    <label class="form-label">Post</label>
                    <select name="post_id" class="form-select" required <?= !$selected_ad ? 'disabled' : '' ?>>
                        <option value="">Select Post</option>
                        <?php foreach ($posts as $post): ?>
                            <option value="<?= $post['id'] ?>" <?= $post['id'] == $selected_post ? 'selected' : '' ?>>
                                <?= htmlspecialchars($post['post_code'] . ' - ' . $post['post_title']) ?>
                            </option>
                        <?php endforeach; ?>
                    </select>
                </div>
            </div>

            <div class="text-center mt-3">
                <button type="submit" class="btn btn-primary">Generate & Download Excel</button>
            </div>
        </form>
    </div>
</body>

</html>
@ Telegram