function updCat($conn) { require_once 'languageConfig.php'; $id = $conn->real_escape_string($_POST['id']); $updQ = new updateSQL($conn); $updQ->update = ""; $updQ->tableName = "categories"; $updQ->where = "id = '" . $id . "'"; foreach ($langArr as $l) { if (isset($_POST['names'][$l])) { $updQ->update .= "name" . $l . " = '" . $conn->real_escape_string($_POST['names'][$l]) . "',"; } if (isset($_POST['desc'][$l])) { $updQ->update .= "desc" . $l . " = '" . $conn->real_escape_string($_POST['desc'][$l]) . "',"; } } if (isset($_POST['parentid'])) { $updQ->update .= "parentid = '" . $conn->real_escape_string($_POST['parentid']) . "',"; } if (isset($_POST['imgurl'])) { $updQ->update .= "imgurl = '" . $conn->real_escape_string($_POST['imgurl']) . "'"; } else { $updQ->update = substr($updQ->update, 0, -1); } if (!$updQ->executeQuery()) { $statusMessage = $updQ->status; } else { $statusMessage = makeStatusMessage(41, "suscces"); } $GLOBALS['statusMessage'] = $statusMessage; }
} if ($row['Category ID'] == 0) { $row['Category Name'] = "All Categories"; } if ($row['Product ID'] == 0) { $row['Product Name'] = "All Products"; } $discounts[] = $row; } $data = $discounts; $statusMessage = makeStatusMessage(26, "succes"); } else { if (isset($_POST['discountid'])) { $delQ = new deleteSQL($conn); $delQ->tableName = "discounts"; $updQ = new updateSQL($conn); $updQ->update = "userid='" . $conn->real_escape_string($_POST['userid']) . "',categoryid='" . $conn->real_escape_string($_POST['catid']) . "',productid='" . $conn->real_escape_string($_POST['prodid']) . "',flat='" . $conn->real_escape_string($_POST['flat']) . "',percent='" . $conn->real_escape_string($_POST['percent']) . "',minprice='" . $conn->real_escape_string($_POST['minprice']) . "'"; $updQ->where = "id = " . $conn->real_escape_string($_POST['discountid']); if ($updQ->executeQuery()) { $statusMessage = makeStatusMessage(46, "success"); } else { $statusMessage = $updQ->status; } } else { if (isset($_POST['userid'])) { $insQ = new insertSQL($conn); $insQ->tableName = "discounts"; $insQ->insertData = array($conn->real_escape_string($_POST['userid'])); $insQ->cols = array("userid"); if (!empty($_POST['catid'])) { $insQ->insertData[] = $conn->real_escape_string($_POST['catid']);
function updProd($conn) { require_once 'languageConfig.php'; $catid = $conn->real_escape_string($_POST['catid']); $arr = getPropsForCat($conn, $catid); if (!$arr) { return; } $propNamesDef = $arr['propNamesDef']; $propNamesDefld = $arr['propNamesDefld']; $propNames = $arr['propNames']; $propNamesld = $arr['propNamesld']; $updQ = new updateSQL($conn); $updQ->tableName = "products"; $updQ->where = "id = " . $conn->real_escape_string($_POST['id']); $updQ->update = ""; foreach ($propNamesDef as $pn) { if (isset($_POST[$pn])) { $updQ->update[] = $pn . " = '" . $conn->real_escape_string($_POST[$pn]) . "' AND "; } } foreach ($propNamesDefld as $pn) { foreach ($langArr as $l) { if (isset($_POST[$pn][$l])) { $updQ->update[] = $pn . $l . " = '" . $conn->real_escape_string($_POST[$pn][$l]) . "' AND "; } } } $updQ->update = substr($updQ->update, 0, -5); if (!$updQ->executeQuery()) { $GLOBALS['statusMessage'] = $updQ->status; return; } $selQProp = new selectSQL($conn); $selQProp->tableNames = array("products"); $selQProp->select = array("id"); $selQProp->order = "id DESC"; if (!$selQProp->executeQuery()) { $GLOBALS['statusMessage'] = $selQProp->status; return; } $tmp = $selQProp->result->fetch_assoc(); $infoID = $tmp['id']; if (count($propNames)) { $updQ2 = new updateSQL($conn); $updQ2->tableName = "products_" . $catid; $updQ2->where = "id = " . $infoID; $updQ2->update = ""; foreach ($propNames as $pn) { if (isset($_POST[$pn])) { $updQ2->update[] = $pn . " = '" . $conn->real_escape_string($_POST[$pn]) . "' AND "; } } $updQ2->update = substr($updQ2->update, 0, -5); if (!$updQ2Q->executeQuery()) { $GLOBALS['statusMessage'] = $updQ2->status; return; } } if (count($propNamesld)) { foreach ($langArr as $l) { $updQ3 = new updateSQL($conn); $updQ3->tableName = "products_" . $catid . "_" . $l; $updQ3->where = "infoid = " . $infoID; $updQ3->update = ""; foreach ($propNamesld as $pn) { if (isset($_POST[$pn][$l])) { $updQ3->update[] = $pn . $l . " = '" . $conn->real_escape_string($_POST[$pn][$l]) . "' AND "; } } $updQ3->update = substr($updQ3->update, 0, -5); if (!$updQ3Q->executeQuery()) { $GLOBALS['statusMessage'] = $updQ3->status; return; } } } $GLOBALS['statusMessage'] = makeStatusMessage(32, "success"); }