<?php $getPId = $_GET['pId']; //collect all informaion from database $qry = mysql_fetch_object(mysql_query("SELECT * FROM product WHERE pID = '{$getPId}' ")); $existingPName = $qry->pName; if (@$_POST['submit']) { //collecting userinfo $pName = formItemValidation($_POST['pName']); $pBarCode = formItemValidation($_POST['pBarCode']); $pQuantity = formItemValidation($_POST['pQuantity']); $pBuyingPrice = formItemValidation($_POST['pBuyingPrice']); $pSellingPrice = formItemValidation($_POST['pSellingPrice']); if ($existingPName != $pName) { if (!checkUniqueUsername($pName)) { $update = "UPDATE product SET pName = '" . $pName . "' , pBarCode = '" . $pBarCode . "', pQuantity = '" . $pQuantity . "' , pBuyingPrice = '" . $pBuyingPrice . "', pSellingPrice = '" . $pSellingPrice . "' WHERE pId = '" . $getPId . "' "; $qry = mysql_query($update) or die(mysql_error()); if ($qry) { $insertSuccess = 1; } else { $insertError = 1; } } else { //set used variable $uniquenessError = 1; } } else { $update = "UPDATE product SET pBarCode = '" . $pBarCode . "' WHERE pId = '" . $getPId . "' "; $qry = mysql_query($update) or die(mysql_error()); if ($qry) { $insertSuccess = 1;
$name = stripslashes(trim($_POST['name'])); $school = stripslashes(trim($_POST['school'])); $picture = stripslashes(trim($_POST['picture'])); $password = stripslashes(trim($_POST['password'])); $description = stripslashes(trim($_POST['description'])); require_once 'functions.php'; // Validate inputed fields validateNewUser($username, $name, $school, $password); // Set default icon if ($picture == "") { $picture = 'pictures/icon_default.png'; } require_once 'connect.php'; require_once 'passwordLib.php'; // Encrypt the password $hash = password_hash($password, PASSWORD_BCRYPT); // Create connection global $conn; $result = checkUniqueUsername($conn, $username); if ($result == 0) { // Unique user // Register the user registerUser($conn, $username, $name, $school, $picture, $hash, $description); $response = ["success" => "User registered"]; echo json_encode($response); } else { $response = ["Error" => "Username taken"]; echo json_encode($response); } $conn->close(); die;