<?php include 'config.php'; /** Switch Case to Get Action from controller **/ switch ($_GET['action']) { case 'add_product': add_product(); break; case 'get_product': get_product(); break; case 'edit_product': edit_product(); break; case 'delete_product': delete_product(); break; case 'update_product': update_product(); break; } /** Function to Add Product **/ function add_product() { $data = json_decode(file_get_contents("php://input")); $prod_name = $data->prod_name; $prod_desc = $data->prod_desc; $prod_price = $data->prod_price; $prod_quantity = $data->prod_quantity; print_r($data); $qry = 'INSERT INTO product (prod_name,prod_desc,prod_price,prod_quantity) values ("' . $prod_name . '","' . $prod_desc . '",' . $prod_price . ',' . $prod_quantity . ')';
if ($get_product['img'] != "no_image.jpg") { $baseimg = '<img class="delimg" rel="0" width="48" src="' . PRODUCTIMG . $get_product['img'] . '" alt="' . $get_product['img'] . '">'; } else { $baseimg = '<input type="file" name="baseimg" />'; } // если есть картинки галереи $imgslide = ""; if ($get_product['img_slide']) { $images = explode("|", $get_product['img_slide']); foreach ($images as $img) { $imgslide .= "<img class='delimg' rel='1' alt='{$img}' src='" . GALLERYIMG . "thumbs/{$img}'>"; } } // если есть картинки галереи if ($_POST) { if (edit_product($goods_id)) { redirect("?view=cat&category={$brand_id}"); } else { redirect(); } } /* $goods_id = $_GET['goods_id']; $get_product = get_product($goods_id); $brand_id = $get_product['goods_brandid']; //если есть основная картинка if($get_product['img'] != "no_image.jpg"){ $baseimg = '<img class="delimg" rel="0" width="50px" src="' .PRODUCTIMG. 'baseimg/' .$get_product['img']. '"alt="' .$get_product['img']. '">'; }else{ $baseimg = '<input type="file" name="baseimg" />'; } if($_POST){
echo create_task($_POST); } else { if (strpos($uri, '/product') !== false) { echo get_product($_GET); } else { if (strpos($uri, '/get_product_review') !== false) { echo get_product_review($_GET); } else { if (strpos($uri, '/add_product_review') !== false) { echo add_product_review($_POST); } else { if (strpos($uri, '/add_like_dislike') !== false) { echo add_like_dislike($_POST); } else { if (strpos($uri, '/edit_product') !== false) { echo edit_product($_POST); } else { if (strpos($uri, '/upp') !== false) { echo upload_profile_picture($_POST, $_FILES); } else { if (strpos($uri, '/ucp') !== false) { echo upload_company_picture($_POST, $_FILES); } else { if (strpos($uri, '/ucl') !== false) { echo upload_company_logo($_POST, $_FILES); } else { if (strpos($uri, '/uci') !== false) { echo upload_company_image($_POST, $_FILES); } else { if (strpos($uri, '/ucsi') !== false) { echo upload_company_skill_image($_POST, $_FILES);
$query = 'SELECT productCode, productName, listPrice FROM products WHERE productID = :product_id'; $statement = $db->prepare($query); $statement->bindValue(':product_id', $product_id); $statement->execute(); $products = $statement->fetch(); $statement->closeCursor(); $product_code = $products['productCode']; $product_name = $products['productName']; $product_listPrice = $products['listPrice']; } $categories = get_categories(); include "product_edit.php"; } else { if ($action == 'update_product') { $category_id = filter_input(INPUT_POST, 'category_id', FILTER_VALIDATE_INT); $code = filter_input(INPUT_POST, 'code'); $name = filter_input(INPUT_POST, 'productName'); $price = filter_input(INPUT_POST, 'price', FILTER_VALIDATE_FLOAT); $product_id = filter_input(INPUT_POST, 'product_id', FILTER_VALIDATE_INT); edit_product($category_id, $code, $name, $price, $product_id); header('Location: .?action=list_products'); } } } } } } } } }
render_new_product(); break; case 'save': create_product(post('name'), post('quantity')); redirect($g["abs_url"] . '/inventory/'); break; case 'edit': // Make sure productid set to edit if (isset($inventory_command)) { // Get productid to edit $productid = $inventory_command; // Check if updating product if (isset($_POST) && isset($_POST['name']) && isset($_POST['quantity'])) { $new_name = $_POST['name']; $quantity = $_POST['quantity']; edit_product($productid, $new_name, $quantity); echo "Update product to '" . $new_name . "' and quantity: " . $quantity; } // Show the updated product render_edit_product($productid); } else { redirect($g["abs_url"] . '/error/invalid-page'); } break; case 'delete': if (isset($inventory_command)) { delete_product($inventory_command); redirect($g["abs_url"] . '/inventory/list/'); } break; default:
case 'UPDATE': $product_id = filter_input(INPUT_POST, 'product_id', FILTER_SANITIZE_NUMBER_INT); $product_id = filter_var($product_id, FILTER_VALIDATE_INT); $category_id = filter_input(INPUT_POST, 'category_id', FILTER_SANITIZE_NUMBER_INT); $category_id = filter_var($category_id, FILTER_VALIDATE_INT); $product_name = filter_input(INPUT_POST, 'name', FILTER_SANITIZE_STRING); $product_price = filter_input(INPUT_POST, 'price', FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION); $product_price = filter_var($product_price, FILTER_VALIDATE_FLOAT); $product_description = filter_input(INPUT_POST, 'description', FILTER_SANITIZE_STRING); if ($category_id == NULL || $category_id == FALSE || $product_name == NULL || $product_price == NULL || $product_price == FALSE) { $message = "Invalid product data. Check all fields and try again."; $categories = get_categories(); $product['product_id'] = $product_id; $product['category_id'] = $category_id; $product['product_name'] = $product_name; $product['product_price'] = $product_price; $product['product_description'] = $product_description; include 'product_edit.php'; } else { $product_id = edit_product($product_id, $product_name, $product_price, $product_description, $category_id); header("Location: .?action=grid_products"); } break; case 'delete_product': $product_id = filter_input(INPUT_GET, 'product_id', FILTER_SANITIZE_NUMBER_INT); $product_id = filter_var($product_id, FILTER_VALIDATE_INT); delete_image_by_product($product_id); delete_product($product_id); header("Location: .?action=grid_products"); break; }
function edit_products() { $category_id = filter_input(INPUT_POST, 'category_id'); $product_id = filter_input(INPUT_POST, 'product_id'); $code = filter_input(INPUT_POST, 'code'); $name = filter_input(INPUT_POST, 'name'); $price = filter_input(INPUT_POST, 'price'); edit_product($product_id, $category_id, $code, $name, $price); //header('Location: .?action=list_categories'); //header("Location: .?category_id=$category_id"); //header("Location: .?product_id=$product_id"); /*$code = filter_input(INPUT_POST, 'code'); $name = filter_input(INPUT_POST, 'name'); $price = filter_input(INPUT_POST, 'price'); edit_product($category_id, $code, $name, $price); header("Location: .?category_id=$category_id"); */ /* if ($category_id == NULL || $category_id == FALSE || $code == NULL || $name == NULL || $price == NULL || $price == FALSE) { $error = "Invalid product data. Check all fields and try again."; include('../errors/error.php'); } else { edit_product($category_id, $code, $name, $price); header("Location: .?category_id=$category_id"); } */ }
$categories = get_categories(); $product = get_product($product_id); include 'product_edit.php'; } } else { if ($action == 'edit_product') { $category_id = filter_input(INPUT_POST, 'category_id', FILTER_VALIDATE_INT); $product_id = filter_input(INPUT_POST, 'product_id', FILTER_VALIDATE_INT); $product_code = filter_input(INPUT_POST, 'code'); $product_name = filter_input(INPUT_POST, 'name'); $list_price = filter_input(INPUT_POST, 'price', FILTER_VALIDATE_FLOAT); if ($category_id == null || $category_id == false || $product_id == null || $product_id == false || $product_code == null || $product_name == null || $list_price == null || $list_price == false) { $error = "Invalid product data. Return and try to edit again."; include '../errors/error.php'; } else { edit_product($category_id, $product_id, $product_code, $product_name, $list_price); header("Location: .?category_id={$category_id}"); } } else { if ($action == 'list_categories') { $categories = get_categories(); include 'category_list.php'; } else { if ($action == 'add_category') { $category_name = filter_input(INPUT_POST, 'new_category_name'); if ($category_name == NULL) { $error = "Please enter a valid category name."; include '../errors/error.php'; } else { add_category($category_name); header('Location: .?action=list_categories');
try { $statement = $db_connexion->prepare("SELECT max(niveau) as max FROM categorie "); $statement->execute(); $level = $statement->fetch(); $maxLevel = $level["max"]; category_children(0, 1, $db_connexion); // niveau de départ } catch (PDOException $e) { echo $e->getMessage(); } echo "</ul>\r\n </div>"; echo "<div class='col-md-9'>"; if (isset($_GET["id"])) { // Recupperation de l'id produit $id = $_GET["id"]; $produit = edit_product($id, $db_connexion); if (isset($_POST["btn-cart"])) { // envoi du formulaire if (!empty($_POST["qty"]) && is_numeric($_POST["qty"])) { // Validation de qty doit etre numerique if (!isset($_SESSION["cart"])) { // element de session panier vide par défaut si on a aucun produit selectioné $_SESSION["cart"][] = array('id' => $_POST["id_produit"], 'qty' => $_POST["qty"]); header("Location:produit.php?id={$id}"); } else { // Si on en a un on voit les produits qui y figurent $cart = $_SESSION["cart"]; $ids = array(); $qtys = array(); foreach ($cart as $key => $c) { $ids[$key] = $c["id"];
function save_product() { $data = array('product' => array('name' => '', 'description' => '', 'price' => 0, 'url' => '')); $errors = array(); $data['success'] = false; if (empty($_POST['action'])) { $errors['action'] = 'Внутренняя ошибка'; } if ($_POST['action'] == 'edit') { if (empty($_POST['id'])) { $errors['action'] = 'Внутренняя ошибка'; } else { $data['product']['id'] = $_POST['id']; } } if (empty($_POST['name'])) { $errors['name'] = 'Нужно указать название товара'; } else { $data['product']['name'] = $_POST['name']; } if (empty($_POST['price'])) { $errors['price'] = 'Нужно указать цену'; } else { $data['product']['price'] = trim($_POST['price']); preg_match('/^(?:\\d+|\\d{1,3}(?:,\\d{3})+)(?:\\.\\d+)?$/', $data['product']['price'], $match); if (empty($match)) { $errors['price'] = 'Цена в не правильном формате, пример: 1232.20'; } } if (!empty($_POST['description'])) { $data['product']['description'] = $_POST['description']; } if (!empty($_POST['url'])) { $data['product']['url'] = $_POST['url']; } if (!empty($errors)) { $data['errors'] = $errors; } else { switch ($_POST['action']) { case 'edit': if (edit_product($data['product'])) { $data['success'] = true; } break; case 'add': if (add_product($data['product'])) { $data['success'] = true; } break; } clear_cache(); } // return all our data to an AJAX call echo json_encode($data); }
<?php require_once './function.php'; $product_id = $_GET['product_id']; $product_info = edit_product($product_id); ?> <!DOCTYPE html> <html> <head> <title>Edit Product</title> <link rel="stylesheet" type="text/css" href="./css/bootstrap.min.css" /> <script src="js/jquery.min.js"></script> <script src="js/bootstrap.js"></script> </head> <body> <nav class="navbar navbar-inverse navbar-fixed-top"> <div class="container"> <div class="navbar-header"> <button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#my_menu"> <span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a href="#" class="navbar-brand">My Site</a> </div> <div class="navbar-collapse collapse" id="my_menu">
<?php require_once 'includes/db.inc.php'; include 'includes/user.inc.php'; include 'includes/product.inc.php'; // Redirection si pas connecté $out = ""; if (!empty($_SESSION["user_session"])) { $userID = $_SESSION["user_session"]; $output = '<div class="right bottom-aligned-text"><a href="logout.php?logout=true">Déconnexion</a></div>'; $output .= '<div class="right"><h1>Bonjour <a href="profile.php">' . user_edit($db_connexion, $userID)['user_name'] . "</a></h1></div>"; if (isset($_SESSION["cart"])) { $cart = $_SESSION["cart"]; foreach ($cart as $c) { $produit = edit_product($c['id'], $db_connexion); $output .= '<div>nom du produit ' . $produit["nom"] . ' : , qty :' . $c["qty"] . ' <a href="panier.php?action=delete&id=' . $c['id'] . '" ><span class="glyphicon glyphicon-remove"></span></a> <br/><a href="">Voir mon panier</a> </div>'; } } } else { header("Location:inscription.php"); } // récupperation de l'identifiant de la session $user_id = $_SESSION["user_session"]; $action = isset($_GET["action"]) ? $_GET["action"] : ""; switch ($action) { case 'modifier': if (!empty($_GET["id"])) { // récupperation de l'id dans l'url
require "templates/admin/grant-admin-priviliges.php"; } else if($_GET['action'] == 'delete_admin_priviliges'){ if(isset($_POST['id'])){ delete_admin_priviliges($_POST['id']); } require "templates/admin/delete-admin-priviliges.php"; } else if(isset($_GET['action']) && $_GET['action'] == 'delete_product' && isset($_GET['id'])){ delete_product($_GET['id']); } else if(isset($_GET['action']) && $_GET['action'] == 'edit_product' && isset($_GET['id'])){ if(isset($_POST['name'])){ edit_product($_POST['name'], $_POST['contents'], $_POST['amount'], $_POST['nutriments'], $_POST['allergens'], $_POST['category'], $_POST['price'], $_POST['comparement_price'], $_POST['comparement_type'], $_GET['id']); } require "templates/admin/edit-product.php"; } } else if($page == 'browse'){ if(isset($_GET['sort_by'])){ require "templates/sort-by-category.php"; } else{ require "templates/browse.php"; } }
function edit_save() { global $db, $t, $vars; $p = new product($vars); convert_period_fields($p); $error = validate_product_fields($p); if ($error) { edit_product($error); return; } //print_rr($p); $err = $db->update_product($vars['product_id'], $p->config); if ($err) { fatal_error("Cannot update product info: {$err}", false); } admin_log("Product updated {$vars['product_id']}"); $t->assign('url', "products.php"); $t->display("admin/product_saved.html"); }