Example #1
0
        if ($errmsg == '') {
            function check_input($data)
            {
                $data = trim($data);
                $data = stripslashes($data);
                $data = htmlspecialchars($data);
                $data = mysql_real_escape_string($data);
                return $data;
            }
            $Productid = check_input($_POST['Productid']);
            $Product_name = check_input($_POST['Product_name']);
            $Product_type = check_input($_POST['Product_type']);
            $Product_price = check_input($_POST['Product_price']);
            $Product_description = check_input($_POST['Product_description']);
            $Productobj = new Product();
            if ($Productobj->update_product($Productid, $Product_name, $Product_type, $Product_price, $Product_description)) {
                $msg .= 'Product Details successfully updated.<br>';
            } else {
                $errmsg .= '!Opps Some thing went wrong.<br>';
            }
        }
    }
}
include_once "../../includes/dbclose.inc.php";
?>

<?php 
require_once "../layouts/user_header.php";
?>
		 <!-- Begin lefttcolumn -->
		<div id="leftcolumn">
Example #2
0
$price1 = $_REQUEST['price'];
$image_name1 = $_REQUEST['image_name'];
$description1 = $_REQUEST['description'];
if ($_FILES["image_path"]["error"] > 0) {
    echo "<font size = '5'><font color=\"#e31919\">Error: NO CHOSEN FILE <br />";
    echo "<p><font size = '5'><font color=\"#e31919\">INSERT TO DATABASE FAILED";
} else {
    $uploaddir = "images/";
    move_uploaded_file($_FILES["image_path"]["tmp_name"], "{$uploaddir}" . $_FILES["image_path"]["name"]);
    echo "<font size = '5'><font color=\"#0CF44A\">SAVED<br>";
}
$file1 = "{$uploaddir}" . $_FILES["image_path"]["name"];
switch ($_REQUEST['operation']) {
    case "add":
        $product->add_product("product_details", "product_name,price,image_name,image_path,description", "'{$product_name}','{$price}','{$image_name}','{$file}','{$description}'");
        break;
    case "update":
        $product->update_product("product_details", "product_name='{$product_name1}',price='{$price1}',image_name='{$image_name1}',image_path='{$file1}',description='{$description1}'", "product_id='{$product_id1}'");
        break;
    case "delete_rec":
        $product->delete_product("product_details", "product_id='{$product_id}'");
        break;
    case "view":
        $product->view_product($product_list, $table);
        break;
    case "view_single":
        $product->view_single_product($product_list, $table, $condition);
        break;
    default:
        echo "<H3 color='red'>Invalid Option Please Try again!</h3>";
}
Example #3
0
<?php

require_once "../controllers/DbConnection.php";
require_once "../controllers/Product.php";
$pro = new Product(DbConnection::getConnection());
$DOCUMENT_ROOT = $_SERVER['DOCUMENT_ROOT'];
$upfile = "../assets/img/" . $_FILES['p_img']['name'];
// Does the file have the right MIME type?
if (!($_FILES['p_img']['type'] == "image/jpg" or $_FILES['p_img']['type'] == "image/gif" or $_FILES['p_img']['type'] == "image/jpeg" or $_FILES['p_img']['type'] == "image/png")) {
    header("Location: ../views/EditProduct.php");
}
if (is_uploaded_file($_FILES['p_img']['tmp_name'])) {
    if (!move_uploaded_file($_FILES['p_img']['tmp_name'], $upfile)) {
        echo 'Problem: Could not move file to destination directory';
    } else {
        echo 'Problem: Possible file upload attack. Filename: ';
        echo $_FILES['p_img']['name'];
    }
    //echo 'File uploaded successfully<br><br>';
}
$result = $pro->update_product($_GET["id"], $_POST["p_name"], $_POST["u_price"], $_POST["ctg_id"], $_FILES['p_img']['name']);
header("Location: ../views/Show_Products.php");
Example #4
0
if (isset($_GET['products']) && $_GET['products'] != '') {
    $product->find_product($_GET['products']);
    if ($product->product_exists) {
        $product_name = $product->product_name;
        $product_short_details = $product->product_short_details;
        $product_image = $product->product_image;
        if (isset($_POST['product_name'])) {
            if ($product->product_image == '') {
                $rand = round(rand() * 10000, 4);
                $product->product_image = preg_replace('/[^a-zA-Z0-9\']/', '_', $_POST['product_name']) . $rand;
                $product->product_image = "images/product/" . $product->product_image . '.jpg';
            }
            if (isset($_FILES['product_image_new']) && $_FILES['product_image_new']['name'] != '' && $_FILES["product_image_new"]["type"] == "image/jpeg") {
                move_uploaded_file($_FILES["product_image_new"]["tmp_name"], '../' . $product->product_image);
            }
            $product->update_product();
            header('location:index.php?productskjjknjkn=' . $product->product_id);
        }
    }
}
if (isset($_POST['product_name'])) {
    if ($product->product_image == '') {
        $rand = round(rand() * 10000, 4);
        $product->product_image = preg_replace('/[^a-zA-Z0-9\']/', '_', $_POST['product_name']) . $rand;
        $product->product_image = "images/product/" . $product->product_image . '.jpg';
    }
    if (isset($_FILES['product_image_new']) && $_FILES['product_image_new']['name'] != '' && $_FILES["product_image_new"]["type"] == "image/jpeg") {
        move_uploaded_file($_FILES["product_image_new"]["tmp_name"], '../' . $product->product_image);
    }
    $product->product_id = $product->add_product();
    header('location:index.php?products=' . $product->product_id);