function view_products($products_list) { if (@$_POST['but'] && $_COOKIE["editProduct"] == 2) { editProduct(); echo "Продукт отредактирован!\n\t\t<form method=post action=http://localhost/companies/index.php?page=products> \n\t\t<input class=button type=submit value=ОК>"; set_cookie("editProduct", "0"); } if ($_COOKIE["editProduct"] == 1) { $id = $_GET['id']; $result = mysqli_query(connect(), "SELECT * FROM products WHERE id = '{$id}'"); while ($rslt = mysqli_fetch_row($result)) { $n = $rslt[1]; $p = $rslt[2]; } echo "<h1>Редактировать продукт {$n}</h1>\n\t\t<form method=post > \n\t\tНаименование\n\t\t<br><input class=input required name=newnameProduct value={$n}> \n\t\t<br><br>Цена\n\t\t<br><input class=input required name=newPrice value={$p}> \n\t\t<br><br><input class=button type=submit value=Редактировать name = but> \n\t\t</form></h1>"; set_cookie("editProduct", "2"); } if ($_COOKIE["editProduct"] == 0 || @(!$_POST['but']) && $_COOKIE["editProduct"] == 2) { echo "<h1>Продукция</h1>\n\t\t<form method=post action=index.php?page=insertProduct> \n\t\t<br><input class=button type=submit value=Добавить>\n\t\t</form>"; echo "<table border='1'>\n\t\t<tr>\n\t\t<th>id</th>\n\t\t<th>Товар</th>\n\t\t<th>Стоимость</th>\n\t\t<th>Выбор действия</th>\n\t\t</tr>"; foreach ($products_list as $row) { echo "<tr>"; echo "<td>" . $row['id'] . "</td>"; echo "<td>" . $row['name'] . "</td>"; echo "<td>" . $row['price'] . "</td>"; echo "<td><a name=\"del\" href=\"index.php?page=products&action=delete&id=" . $row["id"] . "\"><img src=\"delete.png\" style=\"width: 16px; height: 16px;\"> Удалить</a>\n\t\t\t <a name=\"edit\" href=\"index.php?page=products&action=edit&id=" . $row["id"] . "\"><img src=\"edit.png\" style=\"width: 16px; height: 16px;\">Редактировать</a>\n\t\t\t </td>\n"; echo "</tr>"; } echo "</table>"; controller_pages('products'); } }
<?php if (isset($_SESSION['user_id'])) { $user = getUserById($_SESSION['user_id']); } else { redirect("index.php?controller=user&action=login"); } if (isset($_GET['action'])) { $action = $_GET['action']; switch ($action) { case "new": newProduct(); break; case "edit": editProduct($_GET['id']); break; case "view": viewProduct($_GET['id']); break; case "delete": deleteProduct($_GET['id']); break; default: echo "URL not found"; } } else { include "view/product/index.php"; } function viewProduct($id) { $product = getProductById($id);
} elseif (!is_numeric($_POST['price'])) { $erro = "Preço inválido."; } elseif ($_POST['expiration'] < 1 || !is_numeric($_POST['expiration'])) { $erro = "Dias de validade inválidos."; } elseif (strlen($_POST['description']) < 3) { $erro = "Descrição precisa ter pelo menos três caracteres."; } if (isset($erro)) { echo ' <div class="alert alert-danger" role="alert"> <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button> ' . $erro . ' </div>'; exit; } else { editProduct($_POST['prod_id'], $_POST['description'], $_POST['production'], $_POST['expiration'], $_POST['price'], $_POST['amount']); } } function editProduct($prod_id, $description, $production, $expiration, $price, $amount) { global $conn; if ($stmt = $conn->prepare("UPDATE products SET prod_description=?, prod_production=?, prod_expiration=?, prod_price=?, prod_amount=? WHERE prod_id=?")) { $stmt->bind_param("ssssii", $description, $production, $expiration, $price, $amount, $prod_id); $stmt->execute(); $result = $stmt->affected_rows; if ($stmt->affected_rows != 1) { echo ' <div id="atualizarFoto" class="alert alert-info alert-dismissible" role="alert"> <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button> Produto não alterado. </div>';
$availability = mysql_real_escape_string($_POST['availability']); $datestart = mysql_real_escape_string($_POST['datestart']); $dateend = mysql_real_escape_string($_POST['dateend']); $bids = mysql_real_escape_string($_POST['bids']); $description = mysql_real_escape_string($_POST['description']); $product_data = array('productId' => $product_id, 'brand' => $brand, 'model' => $model, 'mprice' => $mprice, 'aprice' => $aprice, 'category' => $category, 'availability' => $availability, 'datestart' => $datestart, 'dateend' => $dateend, 'bids' => $bids, 'description' => $description, 'modify_by' => $logged); if ($action == "insert") { $insert_query = insertProduct($product_data); if ($insert_query) { echo 1; } else { echo 0; } } else { if ($action == "update") { $edit_query = editProduct($product_data); if ($edit_query) { echo 2; } else { echo 0; } } } } else { if ($update_type == 'settings') { $description = mysql_real_escape_string($_POST['description']); $info_id = mysql_real_escape_string($_POST['info_id']); $data = array(array(group => "page", Key => $info_id, Value => $description)); $query = updateSettings($data); if ($query) { echo 1;
function Products_Spider_Catalog() { global $wpdb; require_once "products.php"; require_once "Products.html.php"; if (!function_exists('print_html_nav')) { require_once "nav_function/nav_html_func.php"; } if (isset($_GET['id'])) { $id = $_GET['id']; } else { $id = 0; } if (isset($_GET['task'])) { $task = $_GET['task']; } else { $task = ""; } switch ($task) { case 'edit_prad': editProduct($id); break; case 'add_prad': addProduct(); break; case 'apply': if ($id) { check_admin_referer('nonce_sp_cat', 'nonce_sp_cat'); update_prad_cat($id); } else { check_admin_referer('nonce_sp_cat', 'nonce_sp_cat'); save_prad_cat(); $id = $wpdb->get_var("SELECT MAX(id) FROM " . $wpdb->prefix . "spidercatalog_products"); } editProduct($id); break; case 'save': if ($id) { check_admin_referer('nonce_sp_cat', 'nonce_sp_cat'); update_prad_cat($id); } else { check_admin_referer('nonce_sp_cat', 'nonce_sp_cat'); save_prad_cat(); } showProducts(); break; case 'saveorder': break; case 'publish': check_admin_referer('nonce_sp_cat', 'nonce_sp_cat'); publish_all(TRUE); showProducts(); break; case 'unpublish': check_admin_referer('nonce_sp_cat', 'nonce_sp_cat'); publish_all(FALSE); showProducts(); break; case 'delete': check_admin_referer('nonce_sp_cat', 'nonce_sp_cat'); delete_all(); showProducts(); break; case 'unpublish_prad': $nonce_sp_cat = $_REQUEST['_wpnonce']; if (!wp_verify_nonce($nonce_sp_cat, 'nonce_sp_cat')) { die("Are you sure you want to do this?"); } change_prod($id); showProducts(); break; case 'unpublish_prad': $nonce_sp_cat = $_REQUEST['_wpnonce']; if (!wp_verify_nonce($nonce_sp_cat, 'nonce_sp_cat')) { die("Are you sure you want to do this?"); } change_prod($id); showProducts(); break; case 'remove_prod': $nonce_sp_cat = $_REQUEST['_wpnonce']; if (!wp_verify_nonce($nonce_sp_cat, 'nonce_sp_cat')) { die("Are you sure you want to do this?"); } removeProduct($id); showProducts(); break; case 'edit_reviews': spider_cat_prod_rev($id); break; case 'delete_reviews': check_admin_referer('nonce_sp_cat', 'nonce_sp_cat'); delete_rev($id); spider_cat_prod_rev($id); break; case 'delete_review': $nonce_sp_cat = $_REQUEST['_wpnonce']; if (!wp_verify_nonce($nonce_sp_cat, 'nonce_sp_cat')) { die("Are you sure you want to do this?"); } delete_single_review($id); spider_cat_prod_rev($id); break; case 'edit_rating': spider_cat_prod_rating($id); break; case 'delete_ratings': check_admin_referer('nonce_sp_cat', 'nonce_sp_cat'); delete_ratings($id); spider_cat_prod_rating($id); break; case 'delete_rating': $nonce_sp_cat = $_REQUEST['_wpnonce']; if (!wp_verify_nonce($nonce_sp_cat, 'nonce_sp_cat')) { die("Are you sure you want to do this?"); } delete_single_rating($id); spider_cat_prod_rating($id); break; case 's_p_apply_rating': check_admin_referer('nonce_sp_cat', 'nonce_sp_cat'); update_s_c_rating($id); spider_cat_prod_rating($id); break; case 's_p_save_rating': check_admin_referer('nonce_sp_cat', 'nonce_sp_cat'); update_s_c_rating($id); editProduct($id); break; default: showProducts(); break; } }
<?php require_once dirname(__FILE__) . '/../function/func_product.php'; session_start(); echo "<pre>"; print_r($_POST); //print_r($_SESSION); echo "</pre>"; $idproduct = $_GET['idproduct']; //รับพารามิเตอร์ //กลุ่มรับค่า //ส่งข้อมูล หน้า add product มาหน้านี้ $name_product = $_POST['productName']; $idfactory = $_POST['idfactory']; $detail_product = $_POST['porductDetail']; $difference_amount_product = $_POST['difference_amount']; $bigestPriceResult = $_POST['bigestPriceResult']; $checkEditProduct = editProduct($idproduct, $idfactory, $name_product, $detail_product, $difference_amount_product); if ($checkEditProduct) { header("location: ../product.php?action=editProductCompleted"); } else { header("location: ../product.php?action=editProductError"); }
include_once $BASE_PATH . 'database/products.php'; $name = strip_tags($_POST['name']); $price = strip_tags($_POST['price']); $quantity = strip_tags($_POST['quantity']); $brandid = strip_tags($_POST['brandid']); $description = strip_tags($_POST['description']); $id = $_POST['id']; $image = ""; if (($_FILES["image"]["type"] == "image/jpeg" || $_FILES["image"]["type"] == "image/jpg") && $_FILES["image"]["size"] < $maxfilesize) { $image = base64_encode(file_get_contents($_FILES['image']['tmp_name'])); } elseif (isset($_POST['delete-image'])) { $image = null; } if (!empty($name) && !empty($price) && isset($quantity) && !empty($brandid)) { if ($brandid == 'other') { $newbrand = strip_tags($_POST['newbrand']); if (!empty($newbrand)) { include_once $BASE_PATH . 'database/brands.php'; $brandid = addBrand($newbrand); } else { echo "Fill new brand name"; die; } } editProduct($name, $price, $quantity, $brandid, $description, $image, $id); } else { echo "Fill all fields"; die; } redirect('pages/manager/products/list_products.php'); }
<?php include_once __DIR__ . '/templates/_libAdmin.php'; include_once __DIR__ . '/templates/_header.php'; include_once __DIR__ . '/templates/_top_menu.php'; echo "<div class='wr_cont'>"; if (isset($_GET['item_act'])) { if (isset($_GET['item_id'])) { $t_id = $_GET['item_id']; } switch ($_GET['item_act']) { case 'edit': editProduct($t_id, $connection); echo "Товар с id='" . $t_id . "' успешно изменён<br/><br/>"; break; case 'del': deleteProduct($t_id, $connection); echo "Товар с id='" . $t_id . "' успешно удалён<br/><br/>"; break; case 'add': addProduct($connection); echo "Товар успешно добавлен<br/><br/>"; break; } } //вывод таблицы товаров на странице редактирования товаров showTableProducts($connection); echo "</div>"; include_once __DIR__ . '/templates/_footer.php';
$newauctionend = time() + 45; } if ($oldtotalbid > 3800 && $oldtotalbid <= 4000) { $newtoken = $oldtoken - 20; $newauctionstart = time(); $newauctionend = time() + 30; } if ($oldtotalbid > 4000) { $newtoken = $oldtoken - 25; $newauctionstart = time(); $newauctionend = time() + 15; } if ($newtoken >= 0) { $newtotalbid = $oldtotalbid + 1; $result = checkBiddingLog($pid); if ($result) { $newauctionprice = $oldauctionprice + 0.01; } else { $newauctionprice = $oldauctionprice - 0.01; } $data = array('productId' => $pid, 'customerId' => $logged, 'aprice' => $newauctionprice, 'modify_by' => "s" . $logged, 'datestart' => date("Y-m-d H:i:s", $newauctionstart), 'dateend' => date("Y-m-d H:i:s", $newauctionend), 'bids' => $newtotalbid, 'token' => $newtoken); $updatebidcustomer = editCustomer($data); $updatebidproduct = editProduct($data); $bid_query = insertBiddingLog($data); $_SESSION['success'] = $lang['success_bidding']; header("location:" . mainPageURL()); } else { $_SESSION['error_warning'] = $lang['error_tokens']; header("location:buy_tokens.html"); } }