function admin_edit($id = null)
{
if (!$id) {
$this->setFlash('Wrong category id');
}
if (!empty($this->data)) {
if ($this->Category->save($this->data)) {
$this->Session->setFlash('Category has been edited successfully');
$this->redirect(array('action' => 'admin_index', 'admin' => true));
}
} else {
$this->data = $this->Category->read(null, $id);
}
$cat_parent_id = $this->Category->find('list', array('conditions' => array('Category.cat_parent_id' => '0'), 'fields' => array('Category.id', 'Category.cat_name')));
array_unshift($cat_parent_id, 'PARENT');
$this->set(compact('cat_parent_id'));
}
public static function read()
{
session_start();
$headers = apache_request_headers();
$token = $headers['X-Auth-Token'];
if (!$headers['X-Auth-Token']) {
header('Invalid CSRF Token', true, 401);
return print json_encode(array('success' => false, 'status' => 400, 'msg' => 'Invalid CSRF Token / Bad Request / Unauthorized ... Please Login again'), JSON_PRETTY_PRINT);
} else {
if ($token != $_SESSION['form_token']) {
header('Invalid CSRF Token', true, 401);
return print json_encode(array('success' => false, 'status' => 400, 'msg' => 'Invalid CSRF Token / Bad Request / Unauthorized ... Please Login again'), JSON_PRETTY_PRINT);
} else {
Category::read();
}
}
}
$category->title = $_POST['title'];
$category->content = $_POST['content'];
if ($category->save()) {
header('Location: ' . HOST_NAME . 'admin/' . $view . '/?message=success');
} else {
header('Location: ' . HOST_NAME . 'admin/' . $view . '/?message=failed');
}
}
} else {
header('Location: ' . HOST_NAME . 'admin/404.php');
}
}
} elseif ($action != null && $action == 'delete') {
$item = isset(Path::get_path()['call_parts'][2]) ? (int) Path::get_path()['call_parts'][2] : null;
if ($item) {
$category = Category::read("SELECT * FROM categories WHERE id = ?", PDO::FETCH_CLASS, 'Category', [$item]);
if ($category != false) {
if ($category->delete()) {
header('Location: ' . HOST_NAME . 'admin/' . $view . '/?message=success');
} else {
header('Location: ' . HOST_NAME . 'admin/' . $view . '/?message=failed');
}
}
} else {
header('Location: ' . HOST_NAME . 'admin/404.php');
}
}
?>
<h3>Manage Your Website Categories</h3>
<p>Please use this panel to manage your categories</p>
<td><input type='text' name='price' class='form-control' required></td>
</tr>
<tr>
<td>Description</td>
<td><textarea name='description' class='form-control'></textarea></td>
</tr>
<tr>
<td>Category</td>
<td>
<?php
// read the product categories from the database
include_once 'objects/category.php';
$category = new Category($db);
$stmt = $category->read();
// put them in a select drop-down
echo "<select class='form-control' name='category_id'>";
echo "<option>Select category...</option>";
while ($row_category = $stmt->fetch(PDO::FETCH_ASSOC)) {
extract($row_category);
echo "<option value='{$id}'>{$name}</option>";
}
echo "</select>";
?>
</td>
</tr>
<tr>
<td></td>
<td>
public function read()
{
return Category::read($this->params);
}
