<?php header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . "GMT"); header("Cache-Control: no-cache, must-revalidate"); header("Pragma: no-cache"); header("Content-type: application/json"); header("access-control-allow-origin: *"); $method = $_SERVER['REQUEST_METHOD']; //// REST Decoder // evaluate method switch ($method) { case 'PUT': UpdateProduct(); break; case 'POST': SaveProduct(); break; case 'GET': GetProducts(); break; case 'HEAD': echo "HEAD"; break; case 'DELETE': DeleteProduct(); break; case 'OPTIONS': echo "OPTIONS"; break; default:
function _importProduct($row, $dbc, $identity_column, $dbcPhotos, $updated_extra_option, $currentCategoryID) { $row["not defined"] = ""; $row[$identity_column] = trim($row[$identity_column]); //search for product within current category $q = db_query("select productID, categoryID, customers_rating from " . PRODUCTS_TABLE . " where categoryID=" . (int) $currentCategoryID . " and " . xEscSQL($_POST["update_column"]) . " LIKE '" . xEscSQL(trim($row[$identity_column])) . "'"); $rowdb = db_fetch_row($q); if (!$rowdb && $_POST["update_column"] == 'product_code') { //not found //search for product in all categories $q = db_query("select productID, categoryID, customers_rating from " . PRODUCTS_TABLE . " where " . xEscSQL($_POST["update_column"]) . " LIKE '" . xEscSQL(trim($row[$identity_column])) . "'"); $rowdb = db_fetch_row($q); } $currency = $_POST['currencyISO'] ? $_POST['currencyISO'] : CONF_DEFAULT_CURRENCY; if (strcmp($dbc['ISO'], "not defined")) { $currencyID = getCurrencyID($row[$dbc['ISO']]); $currency = $currencyID ? $currencyID : $currency; } if ($rowdb) { //update product info $productID = $rowdb["productID"]; $rowdb = GetProduct($productID); if (strcmp($dbc["Price"], "not defined")) { $Price = $row[$dbc["Price"]]; $Price = str_replace(" ", "", $Price); $Price = str_replace(",", ".", $Price); $Price = (double) $Price; } else { $Price = $rowdb["Price_admin"]; } if (strcmp($dbc["list_price"], "not defined")) { $list_price = $row[$dbc["list_price"]]; $list_price = str_replace(" ", "", $list_price); $list_price = str_replace(",", ".", $list_price); $list_price = (double) $list_price; } else { $list_price = $rowdb["list_price_base"]; } if (strcmp($dbc["sort_order"], "not defined")) { $sort_order = (int) $row[$dbc["sort_order"]]; } else { $sort_order = $rowdb["sort_order"]; } if (strcmp($dbc["in_stock"], "not defined")) { $in_stock = (int) $row[$dbc["in_stock"]]; } else { $in_stock = $rowdb["in_stock"]; } if (strcmp($dbc["eproduct_filename"], "not defined")) { $eproduct_filename = $row[$dbc["eproduct_filename"]]; } else { $eproduct_filename = $rowdb["eproduct_filename"]; } if (strcmp($dbc["eproduct_available_days"], "not defined")) { $eproduct_available_days = (int) $row[$dbc["eproduct_available_days"]]; } else { $eproduct_available_days = $rowdb["eproduct_available_days"]; } if (strcmp($dbc["eproduct_download_times"], "not defined")) { $eproduct_download_times = (int) $row[$dbc["eproduct_download_times"]]; } else { $eproduct_download_times = $rowdb["eproduct_download_times"]; } if (strcmp($dbc["weight"], "not defined")) { $weight = (double) $row[$dbc["weight"]]; } else { $weight = $rowdb["weight"]; } if (strcmp($dbc["free_shipping"], "not defined")) { $free_shipping = trim($row[$dbc["free_shipping"]]) == "+" ? 1 : 0; } else { $free_shipping = $rowdb["free_shipping"]; } if (strcmp($dbc["min_order_amount"], "not defined")) { $min_order_amount = (int) $row[$dbc["min_order_amount"]]; } else { $min_order_amount = $rowdb["min_order_amount"]; } if (strcmp($dbc["shipping_freight"], "not defined")) { $shipping_freight = (double) $row[$dbc["shipping_freight"]]; } else { $shipping_freight = $rowdb["shipping_freight"]; } if (strcmp($dbc["description"], "not defined")) { $description = $row[$dbc["description"]]; } else { $description = $rowdb["description"]; } if (strcmp($dbc["brief_description"], "not defined")) { $brief_description = $row[$dbc["brief_description"]]; } else { $brief_description = $rowdb["brief_description"]; } if (strcmp($dbc["product_code"], "not defined")) { $product_code = $row[$dbc["product_code"]]; } else { $product_code = xHtmlSpecialCharsDecode($rowdb["product_code"]); } if (strcmp($dbc["meta_description"], "not defined")) { $meta_description = $row[$dbc["meta_description"]]; } else { $meta_description = xHtmlSpecialCharsDecode($rowdb["meta_description"]); } if (strcmp($dbc["meta_keywords"], "not defined")) { $meta_keywords = $row[$dbc["meta_keywords"]]; } else { $meta_keywords = xHtmlSpecialCharsDecode($rowdb["meta_keywords"]); } if (strcmp($dbc["name"], "not defined")) { $name = $row[$dbc["name"]]; } else { $name = xHtmlSpecialCharsDecode($rowdb["name"]); } if (strcmp($dbc["title"], "not defined")) { $title = $row[$dbc["title"]]; } else { $title = xHtmlSpecialCharsDecode($rowdb["title"]); } if (strcmp($dbc["sef"], "not defined")) { $sef = $row[$dbc["sef"]]; } else { $sef = xHtmlSpecialCharsDecode($rowdb["sef"]); } $opt_margin = $rowdb["opt_margin"]; $categoryID = $rowdb["categoryID"]; $customers_rating = $rowdb["customers_rating"]; $ProductIsProgram = trim($eproduct_filename) != ""; UpdateProduct($productID, $categoryID, $name, $Price, $description, $in_stock, $customers_rating, $brief_description, $list_price, $product_code, $sort_order, $ProductIsProgram, "", $eproduct_available_days, $eproduct_download_times, $weight, $meta_description, $meta_keywords, $free_shipping, $min_order_amount, $shipping_freight, null, $currency, $opt_margin, $sef, $title, 0); } else { // add new product $Price = 0.0; $list_price = 0.0; $sort_order = 0; $in_stock = 0; $eproduct_filename = ""; $eproduct_available_days = 0; $eproduct_download_times = 0; $weight = 0.0; $free_shipping = 0; $min_order_amount = 1; $shipping_freight = 0.0; if (strcmp($dbc["Price"], "not defined")) { $Price = (double) $row[$dbc["Price"]]; } if (strcmp($dbc["list_price"], "not defined")) { $list_price = (double) $row[$dbc["list_price"]]; } if (strcmp($dbc["sort_order"], "not defined")) { $sort_order = (int) $row[$dbc["sort_order"]]; } if (strcmp($dbc["in_stock"], "not defined")) { $in_stock = (int) $row[$dbc["in_stock"]]; } if (strcmp($dbc["eproduct_filename"], "not defined")) { $eproduct_filename = $row[$dbc["eproduct_filename"]]; } if (strcmp($dbc["eproduct_available_days"], "not defined")) { $eproduct_available_days = (int) $row[$dbc["eproduct_available_days"]]; } if (strcmp($dbc["eproduct_download_times"], "not defined")) { $eproduct_download_times = (int) $row[$dbc["eproduct_download_times"]]; } if (strcmp($dbc["weight"], "not defined")) { $weight = (double) $row[$dbc["weight"]]; } if (strcmp($dbc["free_shipping"], "not defined")) { $free_shipping = trim($row[$dbc["free_shipping"]]) == "+" ? 1 : 0; } if (strcmp($dbc["min_order_amount"], "not defined")) { $min_order_amount = (int) $row[$dbc["min_order_amount"]]; } if (strcmp($dbc["shipping_freight"], "not defined")) { $shipping_freight = (double) $row[$dbc["shipping_freight"]]; } $ProductIsProgram = trim($row[$dbc["eproduct_filename"]]) != ""; $sef = $row[$dbc["sef"]]; $productID = AddProduct($currentCategoryID, $row[$dbc["name"]], $Price, $row[$dbc["description"]], $in_stock, $row[$dbc["brief_description"]], $list_price, $row[$dbc["product_code"]], $sort_order, $ProductIsProgram, "", $eproduct_available_days, $eproduct_download_times, $weight, $row[$dbc["meta_description"]], $row[$dbc["meta_keywords"]], $free_shipping, $min_order_amount, $shipping_freight, CONF_DEFAULT_TAX_CLASS, $currency, 1, $sef, $row[$dbc["title"]], 0); } if (strlen($eproduct_filename)) { SetProductFile($productID, $eproduct_filename); } _importExtraOptionValues($row, $productID, $updated_extra_option); if (count($dbcPhotos) > 0) { _importProductPictures($row, $dbcPhotos, $productID); } if (!empty($sef)) { fu_generate_product($productID, $sef); } }
if (CONF_UPDATE_GCV == '1') { update_psCount(1); } } // add into new appended category if (isset($_POST["add_category"])) { if (CONF_BACKEND_SAFEMODE) { //this action is forbidden when SAFE MODE is ON Redirect(ADMIN_FILE . "?safemode=yes&productID=" . $_GET["productID"] . "&eaction=prod"); } if ($_POST["add_category"] == 1) { if ($_GET["productID"] == 0) { $productID = AddProduct($_POST["categoryID"], $_POST["name"], $_POST["price"], $_POST["description"], $_POST["in_stock"], $_POST["brief_description"], $_POST["list_price"], $_POST["product_code"], $_POST["sort_order"], isset($_POST["ProductIsProgram"]), "eproduct_filename", $_POST["eproduct_available_days"], $_POST["eproduct_download_times"], $_POST["weight"], $_POST["meta_description"], $_POST["meta_keywords"], isset($_POST["free_shipping"]), $_POST["min_order_amount"], $_POST["shipping_freight"], $_POST["tax_class"], $_POST["currencyID"], $_POST["opt_margin"], $_POST["sef"], $_POST["title"]); $_GET["productID"] = $productID; } else { UpdateProduct($productID, $_POST["categoryID"], $_POST["name"], $_POST["price"], $_POST["description"], $_POST["in_stock"], $_POST["rating"], $_POST["brief_description"], $_POST["list_price"], $_POST["product_code"], $_POST["sort_order"], isset($_POST["ProductIsProgram"]), "eproduct_filename", $_POST["eproduct_available_days"], $_POST["eproduct_download_times"], $_POST["weight"], $_POST["meta_description"], $_POST["meta_keywords"], isset($_POST["free_shipping"]), $_POST["min_order_amount"], $_POST["shipping_freight"], $_POST["tax_class"], $_POST["currencyID"], $_POST["opt_margin"], $_POST["sef"], $_POST["title"]); $updatedValues = ScanPostVariableWithId(array("option_value", "option_radio_type")); configUpdateOptionValue($productID, $updatedValues); } catAddProductIntoAppendedCategory($_GET["productID"], $_POST["new_appended_category"]); if (CONF_UPDATE_GCV == '1') { update_psCount(1); } } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html class="admin"> <head> <meta http-equiv="content-type" content="text/html; charset={$smarty.const.DEFAULT_CHARSET}">
<body> <?php require_once '../../includes/session-start.php'; require_once '../../includes/access-required.html.php'; include_once '../../functions/dbConnect.php'; include_once '../../functions/category-functions.php'; include_once '../../functions/products-functions.php'; include_once '../../functions/until.php'; $results3 = ''; if (isPostRequest()) { $product_id = filter_input(INPUT_POST, 'product_id'); $product = filter_input(INPUT_POST, 'product'); $price = filter_input(INPUT_POST, 'price'); $image = filter_input(INPUT_POST, 'image'); UpdateProduct($product_id, $product, $price, $image); if (UpdateProduct($product_id, $product, $price, $image) == true) { $results = 'Product updated'; } else { $results = 'Product was not updated'; } } ?> <center> <h1>Update Product</h1> <form method="post" action="#"> <div class="form-group"> New Product Name: <br/><br/> <input type="text" name="product" value=""/> <br /><br/>