<?php include '../config/config.php'; //TODO user validation if (isset($_GET['product_id'])) { ?> <?php include HEADER; error_reporting(-1); include MODEL_PATH . 'model.php'; include CONFIG_PATH . 'flash.php'; $model = new Model(); $row = $model->show(htmlspecialchars($_GET['product_id'])); ?> <?php flash("notice"); ?> <div class="content"> <h2>Edit Product</h2> <form class="product_form" action="update.php" method="post" enctype="multipart/form-data"> <input type="hidden" name="product_id" value="<?php echo $row['product_id']; ?> "> <label for="product_name">Product Name</label> <input type="text" name="product_name" value=<?php echo $row['product_name']; ?>
<?php error_reporting(-1); include 'config/config.php'; include MODEL_PATH . 'model.php'; include HEADER; $model = new Model(); $product_array = $model->show_all(); ?> <?php if (isset($_GET['product_id'])) { //TODO sanitize this $_GET $product_id = htmlspecialchars($_GET['product_id']); $row = $model->show($product_id); if (!empty($row)) { ?> <div class="content"> <h3><?php echo $row['product_name']; ?> </h3> <div class="product_view_image_parent"> <img class="product_view_image" src=uploads/<?php echo $row['product_image']; ?> > </div> </div>