Exemplo n.º 1
0
        echo '</div>';
        if ($item_exists) {
            if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['csrf']) && check_csrf($_POST['csrf'], 'products_csrf')) {
                if (isset($_POST['store']) && isset($_POST['category']) && isset($_POST['name']) && isset($_POST['price']) && isset($_POST['old_price']) && isset($_POST['currency']) && isset($_POST['description']) && isset($_POST['tags']) && isset($_POST['reward_points']) && isset($_POST['start']) && isset($_POST['end']) && isset($_POST['meta_title']) && isset($_POST['meta_desc'])) {
                    if (actions::edit_product($_GET['id'], array('store' => $_POST['store'], 'image_url' => $_POST['image_url'], 'category' => $_POST['category'], 'popular' => isset($_POST['popular']) ? 1 : 0, 'name' => $_POST['name'], 'price' => $_POST['price'], 'old_price' => $_POST['old_price'], 'currency' => strtoupper($_POST['currency']), 'link' => !isset($_POST['product_ownlink']) && isset($_POST['link']) && filter_var($_POST['link'], FILTER_VALIDATE_URL) ? $_POST['link'] : '', 'description' => $_POST['description'], 'tags' => $_POST['tags'], 'cashback' => $_POST['reward_points'], 'start' => $_POST['start']['date'] . ', ' . $_POST['start']['hour'], 'end' => $_POST['end']['date'] . ', ' . $_POST['end']['hour'], 'publish' => isset($_POST['publish']) ? 1 : 0, 'meta_title' => $_POST['meta_title'], 'meta_desc' => $_POST['meta_desc']))) {
                        $info = \query\main::product_infos($_GET['id']);
                        echo '<div class="a-success">' . $LANG['msg_saved'] . '</div>';
                    } else {
                        echo '<div class="a-error">' . $LANG['msg_error'] . '</div>';
                    }
                }
            } else {
                if (isset($_GET['type']) && isset($_GET['token']) && check_csrf($_GET['token'], 'products_csrf')) {
                    if ($_GET['type'] == 'delete_image') {
                        if (isset($_GET['id'])) {
                            if (actions::delete_product_image($_GET['id'])) {
                                $info->image = '';
                                echo '<div class="a-success">' . $LANG['msg_deleted'] . '</div>';
                            } else {
                                echo '<div class="a-error">' . $LANG['msg_error'] . '</div>';
                            }
                        }
                    }
                }
            }
            $_SESSION['products_csrf'] = $csrf;
            echo '<div class="form-table">

<form action="#" method="POST" enctype="multipart/form-data" autocomplete="off">

<div class="row"><span>' . $LANG['form_store_id'] . ':</span><div data-search="store"><input type="text" name="store" value="' . $info->storeID . '" required /><a href="#">S</a></div></div>