<?php
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . "GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
header("Content-type: application/json");
header("access-control-allow-origin: *");
$method = $_SERVER['REQUEST_METHOD'];
//// REST Decoder
// evaluate method
switch ($method) {
case 'PUT':
UpdateProduct();
break;
case 'POST':
SaveProduct();
break;
case 'GET':
GetProducts();
break;
case 'HEAD':
echo "HEAD";
break;
case 'DELETE':
DeleteProduct();
break;
case 'OPTIONS':
echo "OPTIONS";
break;
default:
function _importProduct($row, $dbc, $identity_column, $dbcPhotos, $updated_extra_option, $currentCategoryID)
{
$row["not defined"] = "";
$row[$identity_column] = trim($row[$identity_column]);
//search for product within current category
$q = db_query("select productID, categoryID, customers_rating from " . PRODUCTS_TABLE . " where categoryID=" . (int) $currentCategoryID . " and " . xEscSQL($_POST["update_column"]) . " LIKE '" . xEscSQL(trim($row[$identity_column])) . "'");
$rowdb = db_fetch_row($q);
if (!$rowdb && $_POST["update_column"] == 'product_code') {
//not found
//search for product in all categories
$q = db_query("select productID, categoryID, customers_rating from " . PRODUCTS_TABLE . " where " . xEscSQL($_POST["update_column"]) . " LIKE '" . xEscSQL(trim($row[$identity_column])) . "'");
$rowdb = db_fetch_row($q);
}
$currency = $_POST['currencyISO'] ? $_POST['currencyISO'] : CONF_DEFAULT_CURRENCY;
if (strcmp($dbc['ISO'], "not defined")) {
$currencyID = getCurrencyID($row[$dbc['ISO']]);
$currency = $currencyID ? $currencyID : $currency;
}
if ($rowdb) {
//update product info
$productID = $rowdb["productID"];
$rowdb = GetProduct($productID);
if (strcmp($dbc["Price"], "not defined")) {
$Price = $row[$dbc["Price"]];
$Price = str_replace(" ", "", $Price);
$Price = str_replace(",", ".", $Price);
$Price = (double) $Price;
} else {
$Price = $rowdb["Price_admin"];
}
if (strcmp($dbc["list_price"], "not defined")) {
$list_price = $row[$dbc["list_price"]];
$list_price = str_replace(" ", "", $list_price);
$list_price = str_replace(",", ".", $list_price);
$list_price = (double) $list_price;
} else {
$list_price = $rowdb["list_price_base"];
}
if (strcmp($dbc["sort_order"], "not defined")) {
$sort_order = (int) $row[$dbc["sort_order"]];
} else {
$sort_order = $rowdb["sort_order"];
}
if (strcmp($dbc["in_stock"], "not defined")) {
$in_stock = (int) $row[$dbc["in_stock"]];
} else {
$in_stock = $rowdb["in_stock"];
}
if (strcmp($dbc["eproduct_filename"], "not defined")) {
$eproduct_filename = $row[$dbc["eproduct_filename"]];
} else {
$eproduct_filename = $rowdb["eproduct_filename"];
}
if (strcmp($dbc["eproduct_available_days"], "not defined")) {
$eproduct_available_days = (int) $row[$dbc["eproduct_available_days"]];
} else {
$eproduct_available_days = $rowdb["eproduct_available_days"];
}
if (strcmp($dbc["eproduct_download_times"], "not defined")) {
$eproduct_download_times = (int) $row[$dbc["eproduct_download_times"]];
} else {
$eproduct_download_times = $rowdb["eproduct_download_times"];
}
if (strcmp($dbc["weight"], "not defined")) {
$weight = (double) $row[$dbc["weight"]];
} else {
$weight = $rowdb["weight"];
}
if (strcmp($dbc["free_shipping"], "not defined")) {
$free_shipping = trim($row[$dbc["free_shipping"]]) == "+" ? 1 : 0;
} else {
$free_shipping = $rowdb["free_shipping"];
}
if (strcmp($dbc["min_order_amount"], "not defined")) {
$min_order_amount = (int) $row[$dbc["min_order_amount"]];
} else {
$min_order_amount = $rowdb["min_order_amount"];
}
if (strcmp($dbc["shipping_freight"], "not defined")) {
$shipping_freight = (double) $row[$dbc["shipping_freight"]];
} else {
$shipping_freight = $rowdb["shipping_freight"];
}
if (strcmp($dbc["description"], "not defined")) {
$description = $row[$dbc["description"]];
} else {
$description = $rowdb["description"];
}
if (strcmp($dbc["brief_description"], "not defined")) {
$brief_description = $row[$dbc["brief_description"]];
} else {
$brief_description = $rowdb["brief_description"];
}
if (strcmp($dbc["product_code"], "not defined")) {
$product_code = $row[$dbc["product_code"]];
} else {
$product_code = xHtmlSpecialCharsDecode($rowdb["product_code"]);
}
if (strcmp($dbc["meta_description"], "not defined")) {
$meta_description = $row[$dbc["meta_description"]];
} else {
$meta_description = xHtmlSpecialCharsDecode($rowdb["meta_description"]);
}
if (strcmp($dbc["meta_keywords"], "not defined")) {
$meta_keywords = $row[$dbc["meta_keywords"]];
} else {
$meta_keywords = xHtmlSpecialCharsDecode($rowdb["meta_keywords"]);
}
if (strcmp($dbc["name"], "not defined")) {
$name = $row[$dbc["name"]];
} else {
$name = xHtmlSpecialCharsDecode($rowdb["name"]);
}
if (strcmp($dbc["title"], "not defined")) {
$title = $row[$dbc["title"]];
} else {
$title = xHtmlSpecialCharsDecode($rowdb["title"]);
}
if (strcmp($dbc["sef"], "not defined")) {
$sef = $row[$dbc["sef"]];
} else {
$sef = xHtmlSpecialCharsDecode($rowdb["sef"]);
}
$opt_margin = $rowdb["opt_margin"];
$categoryID = $rowdb["categoryID"];
$customers_rating = $rowdb["customers_rating"];
$ProductIsProgram = trim($eproduct_filename) != "";
UpdateProduct($productID, $categoryID, $name, $Price, $description, $in_stock, $customers_rating, $brief_description, $list_price, $product_code, $sort_order, $ProductIsProgram, "", $eproduct_available_days, $eproduct_download_times, $weight, $meta_description, $meta_keywords, $free_shipping, $min_order_amount, $shipping_freight, null, $currency, $opt_margin, $sef, $title, 0);
} else {
// add new product
$Price = 0.0;
$list_price = 0.0;
$sort_order = 0;
$in_stock = 0;
$eproduct_filename = "";
$eproduct_available_days = 0;
$eproduct_download_times = 0;
$weight = 0.0;
$free_shipping = 0;
$min_order_amount = 1;
$shipping_freight = 0.0;
if (strcmp($dbc["Price"], "not defined")) {
$Price = (double) $row[$dbc["Price"]];
}
if (strcmp($dbc["list_price"], "not defined")) {
$list_price = (double) $row[$dbc["list_price"]];
}
if (strcmp($dbc["sort_order"], "not defined")) {
$sort_order = (int) $row[$dbc["sort_order"]];
}
if (strcmp($dbc["in_stock"], "not defined")) {
$in_stock = (int) $row[$dbc["in_stock"]];
}
if (strcmp($dbc["eproduct_filename"], "not defined")) {
$eproduct_filename = $row[$dbc["eproduct_filename"]];
}
if (strcmp($dbc["eproduct_available_days"], "not defined")) {
$eproduct_available_days = (int) $row[$dbc["eproduct_available_days"]];
}
if (strcmp($dbc["eproduct_download_times"], "not defined")) {
$eproduct_download_times = (int) $row[$dbc["eproduct_download_times"]];
}
if (strcmp($dbc["weight"], "not defined")) {
$weight = (double) $row[$dbc["weight"]];
}
if (strcmp($dbc["free_shipping"], "not defined")) {
$free_shipping = trim($row[$dbc["free_shipping"]]) == "+" ? 1 : 0;
}
if (strcmp($dbc["min_order_amount"], "not defined")) {
$min_order_amount = (int) $row[$dbc["min_order_amount"]];
}
if (strcmp($dbc["shipping_freight"], "not defined")) {
$shipping_freight = (double) $row[$dbc["shipping_freight"]];
}
$ProductIsProgram = trim($row[$dbc["eproduct_filename"]]) != "";
$sef = $row[$dbc["sef"]];
$productID = AddProduct($currentCategoryID, $row[$dbc["name"]], $Price, $row[$dbc["description"]], $in_stock, $row[$dbc["brief_description"]], $list_price, $row[$dbc["product_code"]], $sort_order, $ProductIsProgram, "", $eproduct_available_days, $eproduct_download_times, $weight, $row[$dbc["meta_description"]], $row[$dbc["meta_keywords"]], $free_shipping, $min_order_amount, $shipping_freight, CONF_DEFAULT_TAX_CLASS, $currency, 1, $sef, $row[$dbc["title"]], 0);
}
if (strlen($eproduct_filename)) {
SetProductFile($productID, $eproduct_filename);
}
_importExtraOptionValues($row, $productID, $updated_extra_option);
if (count($dbcPhotos) > 0) {
_importProductPictures($row, $dbcPhotos, $productID);
}
if (!empty($sef)) {
fu_generate_product($productID, $sef);
}
}
if (CONF_UPDATE_GCV == '1') {
update_psCount(1);
}
}
// add into new appended category
if (isset($_POST["add_category"])) {
if (CONF_BACKEND_SAFEMODE) {
//this action is forbidden when SAFE MODE is ON
Redirect(ADMIN_FILE . "?safemode=yes&productID=" . $_GET["productID"] . "&eaction=prod");
}
if ($_POST["add_category"] == 1) {
if ($_GET["productID"] == 0) {
$productID = AddProduct($_POST["categoryID"], $_POST["name"], $_POST["price"], $_POST["description"], $_POST["in_stock"], $_POST["brief_description"], $_POST["list_price"], $_POST["product_code"], $_POST["sort_order"], isset($_POST["ProductIsProgram"]), "eproduct_filename", $_POST["eproduct_available_days"], $_POST["eproduct_download_times"], $_POST["weight"], $_POST["meta_description"], $_POST["meta_keywords"], isset($_POST["free_shipping"]), $_POST["min_order_amount"], $_POST["shipping_freight"], $_POST["tax_class"], $_POST["currencyID"], $_POST["opt_margin"], $_POST["sef"], $_POST["title"]);
$_GET["productID"] = $productID;
} else {
UpdateProduct($productID, $_POST["categoryID"], $_POST["name"], $_POST["price"], $_POST["description"], $_POST["in_stock"], $_POST["rating"], $_POST["brief_description"], $_POST["list_price"], $_POST["product_code"], $_POST["sort_order"], isset($_POST["ProductIsProgram"]), "eproduct_filename", $_POST["eproduct_available_days"], $_POST["eproduct_download_times"], $_POST["weight"], $_POST["meta_description"], $_POST["meta_keywords"], isset($_POST["free_shipping"]), $_POST["min_order_amount"], $_POST["shipping_freight"], $_POST["tax_class"], $_POST["currencyID"], $_POST["opt_margin"], $_POST["sef"], $_POST["title"]);
$updatedValues = ScanPostVariableWithId(array("option_value", "option_radio_type"));
configUpdateOptionValue($productID, $updatedValues);
}
catAddProductIntoAppendedCategory($_GET["productID"], $_POST["new_appended_category"]);
if (CONF_UPDATE_GCV == '1') {
update_psCount(1);
}
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html class="admin">
<head>
<meta http-equiv="content-type" content="text/html; charset={$smarty.const.DEFAULT_CHARSET}">
<body>
<?php
require_once '../../includes/session-start.php';
require_once '../../includes/access-required.html.php';
include_once '../../functions/dbConnect.php';
include_once '../../functions/category-functions.php';
include_once '../../functions/products-functions.php';
include_once '../../functions/until.php';
$results3 = '';
if (isPostRequest()) {
$product_id = filter_input(INPUT_POST, 'product_id');
$product = filter_input(INPUT_POST, 'product');
$price = filter_input(INPUT_POST, 'price');
$image = filter_input(INPUT_POST, 'image');
UpdateProduct($product_id, $product, $price, $image);
if (UpdateProduct($product_id, $product, $price, $image) == true) {
$results = 'Product updated';
} else {
$results = 'Product was not updated';
}
}
?>
<center>
<h1>Update Product</h1>
<form method="post" action="#">
<div class="form-group">
New Product Name:
<br/><br/>
<input type="text" name="product" value=""/>
<br /><br/>
