if (!isset($_SESSION['user']) && !isset($_COOKIE['user'])) {
header("Location: Login.php");
}
if (isset($_SESSION['user'])) {
if ($_SESSION['user'] != "admin") {
header("Location: MyOrders.php");
}
}
if (isset($_COOKIE['user'])) {
if ($_COOKIE['user'] != "admin") {
header("Location: MyOrders.php");
}
}
require_once 'database/model.php';
$mydb = new ORM();
$mydb->setTable("users");
if (isset($_POST["id"])) {
$user = $mydb->select(array("id" => $_POST["id"]));
$row = $user->fetch_assoc();
}
?>
<nav class="navbar navbar-inverse navbar-static-top">
<div class="container-fluid">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1" aria-expanded="false">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<li>
<form action="Logout.php" method="post" >
<input type="hidden" name="ss" value="any">
<button type="submit" class="add-user btn btn-default logout">Logout</button>
</form>
</li>
</ul>
</div>
</div>
</nav>
<div class="container" id="wrapper">
<?php
require_once 'database/model.php';
$cat_db = new ORM();
$cat_db->setTable("categories");
$categories = $cat_db->select_all();
if (isset($_POST["product_name"])) {
$key = 0;
if (empty($_POST["product_name"])) {
echo "<h4 class='alert-danger'> Product name is required</h4>";
$key = 1;
}
if (empty($_POST["price"])) {
echo "<h4 class='alert-danger'> Price is required</h4>";
$key = 1;
}
if (empty($_POST["category"])) {
echo "<h4 class='alert-danger'> Category is required</h4>";
$key = 1;
}
$key = 1;
}
if ($key == 0) {
// image handling
if (!empty($_FILES['image']['name'])) {
$image_path = "images/products/" . $_FILES['image']['name'];
move_uploaded_file($_FILES["image"]["tmp_name"], $image_path);
$image = $_FILES['image']['name'];
} else {
$image = 'default.jpg';
}
// database insertion
$selected = $cat_db->select(array('name' => $_POST["category"]));
$category = $selected->fetch_assoc();
$prod_db = new ORM();
$prod_db->setTable("products");
$product = array('name' => $_POST["product_name"], 'price' => $_POST["price"], 'category_id' => $category[id], 'is_available' => 1, 'pic' => $image);
$result = $prod_db->insert($product);
header("Location: Products.php");
}
}
?>
<h1>Add Product</h1>
<form method="post" action="AddProduct.php" class="form-horizontal" enctype="multipart/form-data">
<div class="form-group panel">
<label class="control-label">Prduct Name</label>
<input required type="text" name="product_name" class="form-control"><br>
<label>Price</label><br>
<input required type="number" name="price" min="0" class="form-control price" > <span class="desc">EGP</span> <br>
<label class="control-label">Category</label><br>
}
if (isset($_SESSION['user'])) {
if ($_SESSION['user'] != "admin") {
echo "You have no access to this page!";
exit;
}
}
if (isset($_COOKIE['user'])) {
if ($_COOKIE['user'] != "admin") {
echo "You have no access to this page!";
exit;
}
}
require_once 'database/model.php';
$mydb = new ORM();
$mydb->setTable("products");
if ($_POST) {
$where = array('id' => $_POST['id']);
$mydb->delete($where);
}
$products = $mydb->select_all();
?>
<nav class="navbar navbar-inverse navbar-static-top">
<div class="container-fluid">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1" aria-expanded="false">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
if ($_SESSION['user'] != "admin") {
echo "You have no access to this page!";
exit;
}
}
if (isset($_COOKIE['user'])) {
if ($_COOKIE['user'] != "admin") {
echo "You have no access to this page!";
exit;
}
}
require_once 'database/model.php';
$mydb = new ORM();
$mydb->setTable("users");
$myord = new ORM();
$myord->setTable("orders");
if ($_POST) {
$where = array('user_id' => $_POST['id']);
$result = $myord->delete($where);
echo $result;
$where = array('id' => $_POST['id']);
$result = $mydb->delete($where);
echo $result;
}
$users = $mydb->select_all();
?>
<nav class="navbar navbar-inverse navbar-static-top">
<div class="container-fluid">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1" aria-expanded="false">
