function view_products($products_list)
{
if (@$_POST['but'] && $_COOKIE["editProduct"] == 2) {
editProduct();
echo "Продукт отредактирован!\n\t\t<form method=post action=http://localhost/companies/index.php?page=products> \n\t\t<input class=button type=submit value=ОК>";
set_cookie("editProduct", "0");
}
if ($_COOKIE["editProduct"] == 1) {
$id = $_GET['id'];
$result = mysqli_query(connect(), "SELECT * FROM products WHERE id = '{$id}'");
while ($rslt = mysqli_fetch_row($result)) {
$n = $rslt[1];
$p = $rslt[2];
}
echo "<h1>Редактировать продукт {$n}</h1>\n\t\t<form method=post > \n\t\tНаименование\n\t\t<br><input class=input required name=newnameProduct value={$n}> \n\t\t<br><br>Цена\n\t\t<br><input class=input required name=newPrice value={$p}> \n\t\t<br><br><input class=button type=submit value=Редактировать name = but> \n\t\t</form></h1>";
set_cookie("editProduct", "2");
}
if ($_COOKIE["editProduct"] == 0 || @(!$_POST['but']) && $_COOKIE["editProduct"] == 2) {
echo "<h1>Продукция</h1>\n\t\t<form method=post action=index.php?page=insertProduct> \n\t\t<br><input class=button type=submit value=Добавить>\n\t\t</form>";
echo "<table border='1'>\n\t\t<tr>\n\t\t<th>id</th>\n\t\t<th>Товар</th>\n\t\t<th>Стоимость</th>\n\t\t<th>Выбор действия</th>\n\t\t</tr>";
foreach ($products_list as $row) {
echo "<tr>";
echo "<td>" . $row['id'] . "</td>";
echo "<td>" . $row['name'] . "</td>";
echo "<td>" . $row['price'] . "</td>";
echo "<td><a name=\"del\" href=\"index.php?page=products&action=delete&id=" . $row["id"] . "\"><img src=\"delete.png\" style=\"width: 16px; height: 16px;\"> Удалить</a>\n\t\t\t <a name=\"edit\" href=\"index.php?page=products&action=edit&id=" . $row["id"] . "\"><img src=\"edit.png\" style=\"width: 16px; height: 16px;\">Редактировать</a>\n\t\t\t </td>\n";
echo "</tr>";
}
echo "</table>";
controller_pages('products');
}
}
<?php
if (isset($_SESSION['user_id'])) {
$user = getUserById($_SESSION['user_id']);
} else {
redirect("index.php?controller=user&action=login");
}
if (isset($_GET['action'])) {
$action = $_GET['action'];
switch ($action) {
case "new":
newProduct();
break;
case "edit":
editProduct($_GET['id']);
break;
case "view":
viewProduct($_GET['id']);
break;
case "delete":
deleteProduct($_GET['id']);
break;
default:
echo "URL not found";
}
} else {
include "view/product/index.php";
}
function viewProduct($id)
{
$product = getProductById($id);
} elseif (!is_numeric($_POST['price'])) {
$erro = "Preço inválido.";
} elseif ($_POST['expiration'] < 1 || !is_numeric($_POST['expiration'])) {
$erro = "Dias de validade inválidos.";
} elseif (strlen($_POST['description']) < 3) {
$erro = "Descrição precisa ter pelo menos três caracteres.";
}
if (isset($erro)) {
echo '
<div class="alert alert-danger" role="alert">
<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button>
' . $erro . '
</div>';
exit;
} else {
editProduct($_POST['prod_id'], $_POST['description'], $_POST['production'], $_POST['expiration'], $_POST['price'], $_POST['amount']);
}
}
function editProduct($prod_id, $description, $production, $expiration, $price, $amount)
{
global $conn;
if ($stmt = $conn->prepare("UPDATE products SET prod_description=?, prod_production=?, prod_expiration=?, prod_price=?, prod_amount=? WHERE prod_id=?")) {
$stmt->bind_param("ssssii", $description, $production, $expiration, $price, $amount, $prod_id);
$stmt->execute();
$result = $stmt->affected_rows;
if ($stmt->affected_rows != 1) {
echo '
<div id="atualizarFoto" class="alert alert-info alert-dismissible" role="alert">
<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button>
Produto não alterado.
</div>';
$availability = mysql_real_escape_string($_POST['availability']);
$datestart = mysql_real_escape_string($_POST['datestart']);
$dateend = mysql_real_escape_string($_POST['dateend']);
$bids = mysql_real_escape_string($_POST['bids']);
$description = mysql_real_escape_string($_POST['description']);
$product_data = array('productId' => $product_id, 'brand' => $brand, 'model' => $model, 'mprice' => $mprice, 'aprice' => $aprice, 'category' => $category, 'availability' => $availability, 'datestart' => $datestart, 'dateend' => $dateend, 'bids' => $bids, 'description' => $description, 'modify_by' => $logged);
if ($action == "insert") {
$insert_query = insertProduct($product_data);
if ($insert_query) {
echo 1;
} else {
echo 0;
}
} else {
if ($action == "update") {
$edit_query = editProduct($product_data);
if ($edit_query) {
echo 2;
} else {
echo 0;
}
}
}
} else {
if ($update_type == 'settings') {
$description = mysql_real_escape_string($_POST['description']);
$info_id = mysql_real_escape_string($_POST['info_id']);
$data = array(array(group => "page", Key => $info_id, Value => $description));
$query = updateSettings($data);
if ($query) {
echo 1;
function Products_Spider_Catalog()
{
global $wpdb;
require_once "products.php";
require_once "Products.html.php";
if (!function_exists('print_html_nav')) {
require_once "nav_function/nav_html_func.php";
}
if (isset($_GET['id'])) {
$id = $_GET['id'];
} else {
$id = 0;
}
if (isset($_GET['task'])) {
$task = $_GET['task'];
} else {
$task = "";
}
switch ($task) {
case 'edit_prad':
editProduct($id);
break;
case 'add_prad':
addProduct();
break;
case 'apply':
if ($id) {
check_admin_referer('nonce_sp_cat', 'nonce_sp_cat');
update_prad_cat($id);
} else {
check_admin_referer('nonce_sp_cat', 'nonce_sp_cat');
save_prad_cat();
$id = $wpdb->get_var("SELECT MAX(id) FROM " . $wpdb->prefix . "spidercatalog_products");
}
editProduct($id);
break;
case 'save':
if ($id) {
check_admin_referer('nonce_sp_cat', 'nonce_sp_cat');
update_prad_cat($id);
} else {
check_admin_referer('nonce_sp_cat', 'nonce_sp_cat');
save_prad_cat();
}
showProducts();
break;
case 'saveorder':
break;
case 'publish':
check_admin_referer('nonce_sp_cat', 'nonce_sp_cat');
publish_all(TRUE);
showProducts();
break;
case 'unpublish':
check_admin_referer('nonce_sp_cat', 'nonce_sp_cat');
publish_all(FALSE);
showProducts();
break;
case 'delete':
check_admin_referer('nonce_sp_cat', 'nonce_sp_cat');
delete_all();
showProducts();
break;
case 'unpublish_prad':
$nonce_sp_cat = $_REQUEST['_wpnonce'];
if (!wp_verify_nonce($nonce_sp_cat, 'nonce_sp_cat')) {
die("Are you sure you want to do this?");
}
change_prod($id);
showProducts();
break;
case 'unpublish_prad':
$nonce_sp_cat = $_REQUEST['_wpnonce'];
if (!wp_verify_nonce($nonce_sp_cat, 'nonce_sp_cat')) {
die("Are you sure you want to do this?");
}
change_prod($id);
showProducts();
break;
case 'remove_prod':
$nonce_sp_cat = $_REQUEST['_wpnonce'];
if (!wp_verify_nonce($nonce_sp_cat, 'nonce_sp_cat')) {
die("Are you sure you want to do this?");
}
removeProduct($id);
showProducts();
break;
case 'edit_reviews':
spider_cat_prod_rev($id);
break;
case 'delete_reviews':
check_admin_referer('nonce_sp_cat', 'nonce_sp_cat');
delete_rev($id);
spider_cat_prod_rev($id);
break;
case 'delete_review':
$nonce_sp_cat = $_REQUEST['_wpnonce'];
if (!wp_verify_nonce($nonce_sp_cat, 'nonce_sp_cat')) {
die("Are you sure you want to do this?");
}
delete_single_review($id);
spider_cat_prod_rev($id);
break;
case 'edit_rating':
spider_cat_prod_rating($id);
break;
case 'delete_ratings':
check_admin_referer('nonce_sp_cat', 'nonce_sp_cat');
delete_ratings($id);
spider_cat_prod_rating($id);
break;
case 'delete_rating':
$nonce_sp_cat = $_REQUEST['_wpnonce'];
if (!wp_verify_nonce($nonce_sp_cat, 'nonce_sp_cat')) {
die("Are you sure you want to do this?");
}
delete_single_rating($id);
spider_cat_prod_rating($id);
break;
case 's_p_apply_rating':
check_admin_referer('nonce_sp_cat', 'nonce_sp_cat');
update_s_c_rating($id);
spider_cat_prod_rating($id);
break;
case 's_p_save_rating':
check_admin_referer('nonce_sp_cat', 'nonce_sp_cat');
update_s_c_rating($id);
editProduct($id);
break;
default:
showProducts();
break;
}
}
<?php
require_once dirname(__FILE__) . '/../function/func_product.php';
session_start();
echo "<pre>";
print_r($_POST);
//print_r($_SESSION);
echo "</pre>";
$idproduct = $_GET['idproduct'];
//รับพารามิเตอร์
//กลุ่มรับค่า
//ส่งข้อมูล หน้า add product มาหน้านี้
$name_product = $_POST['productName'];
$idfactory = $_POST['idfactory'];
$detail_product = $_POST['porductDetail'];
$difference_amount_product = $_POST['difference_amount'];
$bigestPriceResult = $_POST['bigestPriceResult'];
$checkEditProduct = editProduct($idproduct, $idfactory, $name_product, $detail_product, $difference_amount_product);
if ($checkEditProduct) {
header("location: ../product.php?action=editProductCompleted");
} else {
header("location: ../product.php?action=editProductError");
}
include_once $BASE_PATH . 'database/products.php';
$name = strip_tags($_POST['name']);
$price = strip_tags($_POST['price']);
$quantity = strip_tags($_POST['quantity']);
$brandid = strip_tags($_POST['brandid']);
$description = strip_tags($_POST['description']);
$id = $_POST['id'];
$image = "";
if (($_FILES["image"]["type"] == "image/jpeg" || $_FILES["image"]["type"] == "image/jpg") && $_FILES["image"]["size"] < $maxfilesize) {
$image = base64_encode(file_get_contents($_FILES['image']['tmp_name']));
} elseif (isset($_POST['delete-image'])) {
$image = null;
}
if (!empty($name) && !empty($price) && isset($quantity) && !empty($brandid)) {
if ($brandid == 'other') {
$newbrand = strip_tags($_POST['newbrand']);
if (!empty($newbrand)) {
include_once $BASE_PATH . 'database/brands.php';
$brandid = addBrand($newbrand);
} else {
echo "Fill new brand name";
die;
}
}
editProduct($name, $price, $quantity, $brandid, $description, $image, $id);
} else {
echo "Fill all fields";
die;
}
redirect('pages/manager/products/list_products.php');
}
<?php
include_once __DIR__ . '/templates/_libAdmin.php';
include_once __DIR__ . '/templates/_header.php';
include_once __DIR__ . '/templates/_top_menu.php';
echo "<div class='wr_cont'>";
if (isset($_GET['item_act'])) {
if (isset($_GET['item_id'])) {
$t_id = $_GET['item_id'];
}
switch ($_GET['item_act']) {
case 'edit':
editProduct($t_id, $connection);
echo "Товар с id='" . $t_id . "' успешно изменён<br/><br/>";
break;
case 'del':
deleteProduct($t_id, $connection);
echo "Товар с id='" . $t_id . "' успешно удалён<br/><br/>";
break;
case 'add':
addProduct($connection);
echo "Товар успешно добавлен<br/><br/>";
break;
}
}
//вывод таблицы товаров на странице редактирования товаров
showTableProducts($connection);
echo "</div>";
include_once __DIR__ . '/templates/_footer.php';
$newauctionend = time() + 45;
}
if ($oldtotalbid > 3800 && $oldtotalbid <= 4000) {
$newtoken = $oldtoken - 20;
$newauctionstart = time();
$newauctionend = time() + 30;
}
if ($oldtotalbid > 4000) {
$newtoken = $oldtoken - 25;
$newauctionstart = time();
$newauctionend = time() + 15;
}
if ($newtoken >= 0) {
$newtotalbid = $oldtotalbid + 1;
$result = checkBiddingLog($pid);
if ($result) {
$newauctionprice = $oldauctionprice + 0.01;
} else {
$newauctionprice = $oldauctionprice - 0.01;
}
$data = array('productId' => $pid, 'customerId' => $logged, 'aprice' => $newauctionprice, 'modify_by' => "s" . $logged, 'datestart' => date("Y-m-d H:i:s", $newauctionstart), 'dateend' => date("Y-m-d H:i:s", $newauctionend), 'bids' => $newtotalbid, 'token' => $newtoken);
$updatebidcustomer = editCustomer($data);
$updatebidproduct = editProduct($data);
$bid_query = insertBiddingLog($data);
$_SESSION['success'] = $lang['success_bidding'];
header("location:" . mainPageURL());
} else {
$_SESSION['error_warning'] = $lang['error_tokens'];
header("location:buy_tokens.html");
}
}
