<?php require_once 'includes/load.php'; if (!$session->isUserLoggedIn(true)) { redirect('index.php', false); } $product = find_by_product_id((int) $_GET['id']); $all_categories = all_catgories(); if (!$product) { $session->msg("d", "Missing product id."); redirect('product.php'); } if (isset($_POST['product'])) { $req_fields = array('product-title', 'product-categorie', 'product-quantity', 'buying-price', 'saleing-price'); validate_fields($req_fields); if (empty($errors)) { $p_name = remove_junk(real_escape($_POST['product-title'])); $p_cat = (int) $_POST['product-categorie']; $p_qty = remove_junk(real_escape($_POST['product-quantity'])); $p_buy = remove_junk(real_escape($_POST['buying-price'])); $p_sale = remove_junk(real_escape($_POST['saleing-price'])); $query = "UPDATE products SET"; $query .= " name ='{$p_name}', quantity ='{$p_qty}',"; $query .= " buy_price ='{$p_buy}', sale_price ='{$p_sale}', categorie_id ='{$p_cat}'"; $query .= " WHERE id ='{$product['id']}'"; $result = mysqli_query($con, $query); if ($result && mysqli_affected_rows($con) == 1) { $session->msg('s', "Product updated "); redirect('product.php', false); } else { $session->msg('d', ' Sorry failed to updated!');
<?php require_once 'includes/load.php'; if (!$session->isUserLoggedIn(true)) { redirect('index.php', false); } $sale = find_by_sale_id((int) $_GET['id']); if (!$sale) { $session->msg("d", "Missing product id."); redirect('sales.php'); } $product = find_by_product_id($sale['product_id']); if (isset($_POST['update_sale'])) { $req_fields = array('title', 'quantity', 'price', 'total', 'date'); validate_fields($req_fields); if (empty($errors)) { $p_id = real_escape((int) $product['id']); $s_qty = real_escape((int) $_POST['quantity']); $s_total = real_escape($_POST['total']); $date = real_escape($_POST['date']); $s_date = date("Y-m-d", strtotime($date)); $sql = "UPDATE sales SET"; $sql .= " product_id= '{$p_id}',qty={$s_qty},price='{$s_total}',date='{$s_date}'"; $sql .= " WHERE id ='{$sale['id']}'"; $result = mysqli_query($con, $sql); if ($result && mysqli_affected_rows($con) == 1) { update_product_qty($s_qty, $p_id); $session->msg('s', "Sale updated."); redirect('edit_sale.php?id=' . $sale['id'], false); } else { $session->msg('d', ' Sorry failed to updated!');