function newProduct()
{
if (isset($_POST['ok'])) {
if ($_POST['name'] == "") {
$error = "Chưa nhập tên sản phẩm";
} else {
if ($_POST['price'] == "") {
$error = "Chưa nhập giá sản phẩm";
} else {
if ($_FILES['img']['name'] == "") {
$error = "Chưa thêm ảnh sản phẩm";
} else {
$img_name = "images/" . md5($_FILES['img']['name'] . time()) . ".png";
move_uploaded_file($_FILES["img"]["tmp_name"], $img_name);
insertProduct($_POST['name'], $_POST['price'], $_POST['info'], $img_name);
$error = "Thêm sản phẩm mới thành công";
redirect("index.php?controller=product");
}
}
}
}
include "view/product/new.php";
}
$file_path = insertFile($_POST["menu_id"], $sub_id_insert);
$data['Image_name'] = $file_path;
}
if (isset($_POST["prID"])) {
$data['prID'] = $_POST["prID"];
if ($sub_id_insert == 'other') {
$data['subID'] = NULL;
}
updateProduct($data);
} else {
/*
var_dump($_POST);
echo "<br><br><br><br>";
var_dump($data);
*/
insertProduct($data);
}
}
}
if (isset($_GET["sub_id"])) {
$sub_id = $_GET["sub_id"];
} else {
$sub_id = null;
$subs = getMenuSubs($menu_id);
}
$res = getMenuProducts($menu_id, $sub_id);
if (isset($_GET["prID"])) {
$pr = getProductByID($_GET["prID"]);
}
} else {
$res = getTotalProducts();
<?php
//stop the direct browsing to this file - let index.php handle which files get displayed
checkLogin();
# Deal with op and add some basic sanity checking
$op = !empty($_POST['op']) ? addslashes($_POST['op']) : NULL;
#insert product
$saved = false;
if ($op === 'insert_product') {
if ($id = insertProduct()) {
$saved = true;
//saveCustomFieldValues($_POST['categorie'], lastInsertId());
}
}
if ($op === 'edit_product') {
if (isset($_POST['save_product']) && updateProduct()) {
$saved = true;
//updateCustomFieldValues($_POST['categorie'],$_GET['id']);
}
}
$refresh_total = isset($refresh_total) ? $refresh_total : ' ';
$smarty->assign('saved', $saved);
//$smarty -> assign('display_block',$display_block);
//$smarty -> assign('refresh_total',$refresh_total);
$smarty->assign('pageActive', 'product_manage');
$smarty->assign('active_tab', '#product');
<?php
include "db_facade.php";
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$postdata = file_get_contents("php://input");
$request = json_decode($postdata, true);
if (array_key_exists('name', $request) && array_key_exists('description', $request) && array_key_exists('price', $request) && array_key_exists('url', $request)) {
$insertResult = insertProduct($request['name'], $request['description'], $request['price'], $request['url']);
if ($insertResult == false) {
failWithError('Data insertion failed', '500 Internal Server Error');
}
} else {
failWithError('Invalid input data', '400 Bad Request');
}
}
exit("no save action");
}
$saved = false;
$type = $_POST['type'];
if ($_POST['action'] == "insert") {
if (insertInvoice($type)) {
$id = lastInsertId();
//saveCustomFieldValues($_POST['categorie'],$invoice_id);
$saved = true;
}
/*
* 1 = Total Invoices
*/
if ($type == total_invoice && $saved) {
$logger->log('Total style invoice created, ID: ' . $id, Zend_Log::INFO);
insertProduct(0, 0);
$product_id = lastInsertId();
if (insertInvoiceItem($id, 1, $product_id, 1, $_POST['tax_id'][0], $_POST['description'], $_POST['unit_price'])) {
//$saved = true;
} else {
die(end($dbh->errorInfo()));
}
} elseif ($saved) {
$logger->log('Max items:' . $_POST['max_items'], Zend_Log::INFO);
$i = 0;
while ($i <= $_POST['max_items']) {
$logger->log('i=' . $i, Zend_Log::INFO);
$logger->log('qty=' . $_POST["quantity{$i}"], Zend_Log::INFO);
if ($_POST["quantity{$i}"] != null) {
if (insertInvoiceItem($id, $_POST["quantity{$i}"], $_POST["products{$i}"], $i, $_POST["tax_id"][$i], $_POST["description{$i}"], $_POST["unit_price{$i}"])) {
// insert_invoice_item_tax(lastInsertId(), )
if ($update_type == 'product') {
$product_id = mysql_real_escape_string($_POST['product_id']);
$action = mysql_real_escape_string($_POST['action']);
$brand = mysql_real_escape_string($_POST['brand']);
$model = mysql_real_escape_string($_POST['model']);
$mprice = mysql_real_escape_string($_POST['mprice']);
$aprice = mysql_real_escape_string($_POST['aprice']);
$category = mysql_real_escape_string($_POST['category']);
$availability = mysql_real_escape_string($_POST['availability']);
$datestart = mysql_real_escape_string($_POST['datestart']);
$dateend = mysql_real_escape_string($_POST['dateend']);
$bids = mysql_real_escape_string($_POST['bids']);
$description = mysql_real_escape_string($_POST['description']);
$product_data = array('productId' => $product_id, 'brand' => $brand, 'model' => $model, 'mprice' => $mprice, 'aprice' => $aprice, 'category' => $category, 'availability' => $availability, 'datestart' => $datestart, 'dateend' => $dateend, 'bids' => $bids, 'description' => $description, 'modify_by' => $logged);
if ($action == "insert") {
$insert_query = insertProduct($product_data);
if ($insert_query) {
echo 1;
} else {
echo 0;
}
} else {
if ($action == "update") {
$edit_query = editProduct($product_data);
if ($edit_query) {
echo 2;
} else {
echo 0;
}
}
}
<tr>
<td align="right">Regime: </td>
<td><input type="text" name="regime" value="3"/></td>
</tr>
<tr>
<td align="right">PIS: </td>
<td><input type="text" name="PIS" value="07"/></td>
</tr>
<tr>
<td align="right">Cofins: </td>
<td><input type="text" name="cofins" value="07"/></td>
</tr>
<tr>
<td align="right"><input type="submit" value="Inserir Produto" onClick=<?php
insertProduct();
?>
/></td>
<td><input type="reset" value="Limpar campos"/></td>
</tr>
</table>
</form>
<?php
include 'dbInterface.php';
// put your code here
?>
</body>
</html>
// 이미지 저장 디렉터리
$productImgSavePath = "../../img/product/";
$thumbnailImgSavePath = "../../img/product_s/";
$thumbnailImgHeight = 300;
// 썸네일 이미지 높이를 150px로 설정
$fileMaxSize = 2000000;
// 파일 최대 크기 2Mbyte 설정
$data['pcategory'] = isset($_REQUEST['pcategory']) ? $_REQUEST['pcategory'] : null;
$data['pcode'] = $data['pcategory'] . strval($getPnum);
// pnum값을 이용하여 pcode값 생성
$data['pname'] = isset($_REQUEST['pname']) ? $_REQUEST['pname'] : null;
$data['pstock'] = isset($_REQUEST['pstock']) ? $_REQUEST['pstock'] : null;
$data['pprice'] = isset($_REQUEST['pprice']) ? $_REQUEST['pprice'] : null;
$data['pfimage'] = isset($_REQUEST['pfimage']) ? $_REQUEST['pfimage'] : null;
$data['psimage'] = isset($_REQUEST['psimage']) ? $_REQUEST['psimage'] : null;
$retArr = insertProduct($data);
if (!$retArr['result']) {
$action = 9210;
//다시 입력하도록 실패메시지 뷰로 리다이렉트
header("location:../view/MainView.php?action={$action}");
} else {
$getPnum = $retArr['autoPnum'];
// 자동 입력된 pnum 값을 가져온다.
// 이미지 정보 로드
$upImgFileInfo['name'] = isset($_FILES['pfimage']['name']) ? $_FILES['pfimage']['name'] : null;
$upImgFileInfo['tmp_name'] = isset($_FILES['pfimage']['tmp_name']) ? $_FILES['pfimage']['tmp_name'] : null;
$upImgFileInfo['type'] = isset($_FILES['pfimage']['type']) ? $_FILES['pfimage']['type'] : null;
$upImgFileInfo['size'] = isset($_FILES['pfimage']['size']) ? $_FILES['pfimage']['size'] : null;
$upImgFileInfo['error'] = isset($_FILES['pfimage']['error']) ? $_FILES['pfimage']['error'] : null;
// 파일 업로드를 시도했고 오류가 없다면.
if ($upImgFileInfo['name'] && $upImgFileInfo['error'] == 0) {
if (!isTxnUnique($txnId)) {
doError("txn_id ({$txnId}) is not unique\n");
}
# this was a succesful transaction. Log details in the database
# and notify me with an e-mail
$id = logTransactionDetails();
$pwd = genPwd();
insertOneVar($id, 'dl_pwd', $pwd);
$customerEmail = getPostVar('payer_email');
$body = getLoggedVars($id);
$subject = "[PP] TD {$customerEmail}";
$ret = sendEmail(MYEMAIL, $subject, $body);
# update the database with products to download
$login = $customerEmail;
foreach ($productsBought as $prod) {
insertProduct($login, $pwd, $prod);
}
# send confirmation e-mail to the customer
$body = "Thank you for purchasing ArsLexis software.\n";
$body .= "To download the software please go to http://www.arslexis.com/dl.html\n";
$body .= "and use '{$login}' as login and '{$pwd}' as a password.\n";
$body .= "\n";
$body .= "Please use only a standard browser like IE or Netscape to download.\n";
$body .= "Other software, esp. download managers, may fail to download.\n";
$body .= "\n";
$body .= "Let us know if you have problems downloading by e-mailing support@arslexis.com\n";
$body .= "Regards,\n";
$body .= "\n";
$body .= "ArsLexis support\n";
$body .= "\n";
$body .= "http://www.arslexis.com\n";
}
if (!($paid = getProductAttributeExtraID($pid, $optvalid))) {
insertProductAttributeExtra($pid, $optvalid, $price, $valstat, $pprefix);
} else {
updateProductAttributeExtra($pid, $paid, $optvalid, $price, $valstat, $pprefix);
}
}
}
} else {
removeProductAttributeExtra($pid);
}
}
} else {
if ($product_name) {
// if products name is defined add it
$pid = insertProduct($product_name, $model, $price);
$referred_cid = array();
// hold the refereed cid
$multicats = checkMultiCat($pid);
$category2 = explode(';', $category);
for ($c = 0; $c < count($category2); $c++) {
$catdata = explode('||', $category2[$c]);
$catdata_id = array();
for ($s = 0; $s < count($catdata); $s++) {
if ($s > 0) {
$cid = getCategoryID($catdata[$s], $this->sys_language_uid, $catdata_id[$s - 1]);
} else {
$cid = getCategoryID($catdata[$s], $this->sys_language_uid);
}
if (!$cid) {
if ($s > 0) {