/
product.php
53 lines (49 loc) · 2.09 KB
/
product.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
<?
if (! isset ($errorsChecked)) {
if (! ereg ('.+', $_POST['title']))
$errors[] = $lang[103];
if (dbq ("SELECT * FROM {$cfg['db']['prefix']}_structure WHERE parent = {$record['parent']} AND id <> $id AND title = '" . addslashes ($_POST['title']) . "' AND title <> ''"))
$errors[] = $lang[104];
$uri = strtolower (ereg_replace ('[^A-Za-z0-9]+', '-', strip_accents ($_POST['title'])));
if (! isset ($errors) && dbq ("SELECT * FROM {$cfg['db']['prefix']}_structure WHERE parent = {$record['parent']} AND id <> $id AND uri = '$uri' AND uri <> ''"))
$errors[] = $lang[105];
if(!isset($_POST['product_postage1']) || $_POST['product_postage1'] == "" || $_POST['product_postage1'] == null){
$errors[] = $lang[122];
}
if(!isset($_POST['product_postage2']) || $_POST['product_postage2'] == "" || $_POST['product_postage2'] == null){
$errors[] = $lang[123];
}
if(!isset($_POST['product_postage3']) || $_POST['product_postage3'] == "" || $_POST['product_postage3'] == null){
$errors[] = $lang[124];
}
$errorsChecked = true;
} else {
if ($record['position'] != $_POST['position'])
dbq ("UPDATE {$cfg['db']['prefix']}_structure SET position = position + 1 WHERE position >= {$_POST['position']} ORDER BY position DESC");
dbq ("UPDATE
{$cfg['db']['prefix']}_structure,
{$cfg['db']['prefix']}_product
SET
title = '" . addslashes ($_POST['title']) . "',
uri = '$uri',
online = $online,
sort = '{$_POST['sort']}',
position = {$_POST['position']},
modified = '$time',
price = '{$_POST['price']}',
product_code = '{$_POST['product_code']}',
product_postage1 = '{$_POST['product_postage1']}',
product_postage2 = '{$_POST['product_postage2']}',
product_postage3 = '{$_POST['product_postage3']}',
sizes = '{$_POST['sizes']}',
colours = '{$_POST['colours']}',
viewRights = '$viewRights',
createRights = '$createRights',
editRights = '$editRights',
deleteRights = '$deleteRights',
content = '" . addslashes (preg_replace('/src="..\//', 'src="', $_POST['content'])) . "'
WHERE
link = id AND
id = $id");
}
?>