session_start(); require "../includes/checkPermission.php"; require "../../deny/connector.php"; require "class/class.Product.php"; require "../includes/injection.php"; require "../../includes/trackXML.php"; $cate = sqlInjection($_POST['CateID']); $lable = sqlInjection($_POST['Lable']); $price = sqlInjection($_POST['Price']); $artist = sqlInjection($_POST['Artist']); $producer = sqlInjection($_POST['Producer']); $year = sqlInjection($_POST['pubYear']); $disktype = sqlInjection($_POST['DiskType']); $description = sqlInjection($_POST['Description']); $tracklist = ""; $image = sqlInjection($_POST['proImage']); $status = sqlInjection($_POST['ProStatus']); $id = sqlInjection($_GET['pID']); $trck = new TrackXML(); $prod = new Product(); if (isset($_POST['trackname']) && isset($_POST['tracklength'])) { $tracklist = $trck->createXML($_POST['trackname'], $_POST['tracklength']); } /*echo $lable."<br>".$cate."<br>".$price ."<br>".$artist."<br>".$producer."<br>".$year."<br>".$disktype."<br>".$description ."<br>".$tracklist."<br>".$image."<br>".$status;*/ $prod->update($id, $lable, $cate, $price, $artist, $producer, $year, $disktype, $description, $tracklist, $image, $status); echo "<meta http-equiv='refresh' content='0;url=../admincp.php?opt=listproduct'>"; //header("location: ../admincp.php?opt=listproduct"); //exit();
<?php require_once "deny/connector.php"; //require_once("administrator/process/class/class.Category.php"); require_once "administrator/process/class/class.Product.php"; require_once "administrator/process/class/class.Disktype.php"; //require_once("administrator/includes/injection.php"); require_once "includes/trackXML.php"; $prod = new Product(); //$cate = new Category(); $dsk = new DiskType(); $trck = new TrackXML(); $disktype = array(); //$categories = array(); $product = array(); $tracklist = array(); //$categories = $cate->getCategories(); $disktype = $dsk->getAll(); if (isset($_GET['pid']) && is_numeric($_GET['pid'])) { $id = sqlInjection($_GET['pid']); $product = $prod->getProductById($id); $tracklist = $trck->xml2Array($product['tracklist']); } else { echo "<meta http-equiv='refresh' content='0;url=index.php'>"; } ?> <div class="width"> <div class="box"> <div id="vmMainPage"> <div class="clear indent"> <?php