<?php
include 'config.php';
/** Switch Case to Get Action from controller **/
switch ($_GET['action']) {
case 'add_product':
add_product();
break;
case 'get_product':
get_product();
break;
case 'edit_product':
edit_product();
break;
case 'delete_product':
delete_product();
break;
case 'update_product':
update_product();
break;
}
/** Function to Add Product **/
function add_product()
{
$data = json_decode(file_get_contents("php://input"));
$prod_name = $data->prod_name;
$prod_desc = $data->prod_desc;
$prod_price = $data->prod_price;
$prod_quantity = $data->prod_quantity;
print_r($data);
$qry = 'INSERT INTO product (prod_name,prod_desc,prod_price,prod_quantity) values ("' . $prod_name . '","' . $prod_desc . '",' . $prod_price . ',' . $prod_quantity . ')';
if ($get_product['img'] != "no_image.jpg") {
$baseimg = '<img class="delimg" rel="0" width="48" src="' . PRODUCTIMG . $get_product['img'] . '" alt="' . $get_product['img'] . '">';
} else {
$baseimg = '<input type="file" name="baseimg" />';
}
// если есть картинки галереи
$imgslide = "";
if ($get_product['img_slide']) {
$images = explode("|", $get_product['img_slide']);
foreach ($images as $img) {
$imgslide .= "<img class='delimg' rel='1' alt='{$img}' src='" . GALLERYIMG . "thumbs/{$img}'>";
}
}
// если есть картинки галереи
if ($_POST) {
if (edit_product($goods_id)) {
redirect("?view=cat&category={$brand_id}");
} else {
redirect();
}
}
/* $goods_id = $_GET['goods_id'];
$get_product = get_product($goods_id);
$brand_id = $get_product['goods_brandid'];
//если есть основная картинка
if($get_product['img'] != "no_image.jpg"){
$baseimg = '<img class="delimg" rel="0" width="50px" src="' .PRODUCTIMG. 'baseimg/' .$get_product['img']. '"alt="' .$get_product['img']. '">';
}else{
$baseimg = '<input type="file" name="baseimg" />';
}
if($_POST){
echo create_task($_POST);
} else {
if (strpos($uri, '/product') !== false) {
echo get_product($_GET);
} else {
if (strpos($uri, '/get_product_review') !== false) {
echo get_product_review($_GET);
} else {
if (strpos($uri, '/add_product_review') !== false) {
echo add_product_review($_POST);
} else {
if (strpos($uri, '/add_like_dislike') !== false) {
echo add_like_dislike($_POST);
} else {
if (strpos($uri, '/edit_product') !== false) {
echo edit_product($_POST);
} else {
if (strpos($uri, '/upp') !== false) {
echo upload_profile_picture($_POST, $_FILES);
} else {
if (strpos($uri, '/ucp') !== false) {
echo upload_company_picture($_POST, $_FILES);
} else {
if (strpos($uri, '/ucl') !== false) {
echo upload_company_logo($_POST, $_FILES);
} else {
if (strpos($uri, '/uci') !== false) {
echo upload_company_image($_POST, $_FILES);
} else {
if (strpos($uri, '/ucsi') !== false) {
echo upload_company_skill_image($_POST, $_FILES);
$query = 'SELECT productCode, productName, listPrice FROM products
WHERE productID = :product_id';
$statement = $db->prepare($query);
$statement->bindValue(':product_id', $product_id);
$statement->execute();
$products = $statement->fetch();
$statement->closeCursor();
$product_code = $products['productCode'];
$product_name = $products['productName'];
$product_listPrice = $products['listPrice'];
}
$categories = get_categories();
include "product_edit.php";
} else {
if ($action == 'update_product') {
$category_id = filter_input(INPUT_POST, 'category_id', FILTER_VALIDATE_INT);
$code = filter_input(INPUT_POST, 'code');
$name = filter_input(INPUT_POST, 'productName');
$price = filter_input(INPUT_POST, 'price', FILTER_VALIDATE_FLOAT);
$product_id = filter_input(INPUT_POST, 'product_id', FILTER_VALIDATE_INT);
edit_product($category_id, $code, $name, $price, $product_id);
header('Location: .?action=list_products');
}
}
}
}
}
}
}
}
}
render_new_product();
break;
case 'save':
create_product(post('name'), post('quantity'));
redirect($g["abs_url"] . '/inventory/');
break;
case 'edit':
// Make sure productid set to edit
if (isset($inventory_command)) {
// Get productid to edit
$productid = $inventory_command;
// Check if updating product
if (isset($_POST) && isset($_POST['name']) && isset($_POST['quantity'])) {
$new_name = $_POST['name'];
$quantity = $_POST['quantity'];
edit_product($productid, $new_name, $quantity);
echo "Update product to '" . $new_name . "' and quantity: " . $quantity;
}
// Show the updated product
render_edit_product($productid);
} else {
redirect($g["abs_url"] . '/error/invalid-page');
}
break;
case 'delete':
if (isset($inventory_command)) {
delete_product($inventory_command);
redirect($g["abs_url"] . '/inventory/list/');
}
break;
default:
case 'UPDATE':
$product_id = filter_input(INPUT_POST, 'product_id', FILTER_SANITIZE_NUMBER_INT);
$product_id = filter_var($product_id, FILTER_VALIDATE_INT);
$category_id = filter_input(INPUT_POST, 'category_id', FILTER_SANITIZE_NUMBER_INT);
$category_id = filter_var($category_id, FILTER_VALIDATE_INT);
$product_name = filter_input(INPUT_POST, 'name', FILTER_SANITIZE_STRING);
$product_price = filter_input(INPUT_POST, 'price', FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION);
$product_price = filter_var($product_price, FILTER_VALIDATE_FLOAT);
$product_description = filter_input(INPUT_POST, 'description', FILTER_SANITIZE_STRING);
if ($category_id == NULL || $category_id == FALSE || $product_name == NULL || $product_price == NULL || $product_price == FALSE) {
$message = "Invalid product data. Check all fields and try again.";
$categories = get_categories();
$product['product_id'] = $product_id;
$product['category_id'] = $category_id;
$product['product_name'] = $product_name;
$product['product_price'] = $product_price;
$product['product_description'] = $product_description;
include 'product_edit.php';
} else {
$product_id = edit_product($product_id, $product_name, $product_price, $product_description, $category_id);
header("Location: .?action=grid_products");
}
break;
case 'delete_product':
$product_id = filter_input(INPUT_GET, 'product_id', FILTER_SANITIZE_NUMBER_INT);
$product_id = filter_var($product_id, FILTER_VALIDATE_INT);
delete_image_by_product($product_id);
delete_product($product_id);
header("Location: .?action=grid_products");
break;
}
function edit_products()
{
$category_id = filter_input(INPUT_POST, 'category_id');
$product_id = filter_input(INPUT_POST, 'product_id');
$code = filter_input(INPUT_POST, 'code');
$name = filter_input(INPUT_POST, 'name');
$price = filter_input(INPUT_POST, 'price');
edit_product($product_id, $category_id, $code, $name, $price);
//header('Location: .?action=list_categories');
//header("Location: .?category_id=$category_id");
//header("Location: .?product_id=$product_id");
/*$code = filter_input(INPUT_POST, 'code');
$name = filter_input(INPUT_POST, 'name');
$price = filter_input(INPUT_POST, 'price');
edit_product($category_id, $code, $name, $price);
header("Location: .?category_id=$category_id");
*/
/*
if ($category_id == NULL || $category_id == FALSE || $code == NULL ||
$name == NULL || $price == NULL || $price == FALSE) {
$error = "Invalid product data. Check all fields and try again.";
include('../errors/error.php');
} else {
edit_product($category_id, $code, $name, $price);
header("Location: .?category_id=$category_id");
}
*/
}
$categories = get_categories();
$product = get_product($product_id);
include 'product_edit.php';
}
} else {
if ($action == 'edit_product') {
$category_id = filter_input(INPUT_POST, 'category_id', FILTER_VALIDATE_INT);
$product_id = filter_input(INPUT_POST, 'product_id', FILTER_VALIDATE_INT);
$product_code = filter_input(INPUT_POST, 'code');
$product_name = filter_input(INPUT_POST, 'name');
$list_price = filter_input(INPUT_POST, 'price', FILTER_VALIDATE_FLOAT);
if ($category_id == null || $category_id == false || $product_id == null || $product_id == false || $product_code == null || $product_name == null || $list_price == null || $list_price == false) {
$error = "Invalid product data. Return and try to edit again.";
include '../errors/error.php';
} else {
edit_product($category_id, $product_id, $product_code, $product_name, $list_price);
header("Location: .?category_id={$category_id}");
}
} else {
if ($action == 'list_categories') {
$categories = get_categories();
include 'category_list.php';
} else {
if ($action == 'add_category') {
$category_name = filter_input(INPUT_POST, 'new_category_name');
if ($category_name == NULL) {
$error = "Please enter a valid category name.";
include '../errors/error.php';
} else {
add_category($category_name);
header('Location: .?action=list_categories');
try {
$statement = $db_connexion->prepare("SELECT max(niveau) as max FROM categorie ");
$statement->execute();
$level = $statement->fetch();
$maxLevel = $level["max"];
category_children(0, 1, $db_connexion);
// niveau de départ
} catch (PDOException $e) {
echo $e->getMessage();
}
echo "</ul>\r\n </div>";
echo "<div class='col-md-9'>";
if (isset($_GET["id"])) {
// Recupperation de l'id produit
$id = $_GET["id"];
$produit = edit_product($id, $db_connexion);
if (isset($_POST["btn-cart"])) {
// envoi du formulaire
if (!empty($_POST["qty"]) && is_numeric($_POST["qty"])) {
// Validation de qty doit etre numerique
if (!isset($_SESSION["cart"])) {
// element de session panier vide par défaut si on a aucun produit selectioné
$_SESSION["cart"][] = array('id' => $_POST["id_produit"], 'qty' => $_POST["qty"]);
header("Location:produit.php?id={$id}");
} else {
// Si on en a un on voit les produits qui y figurent
$cart = $_SESSION["cart"];
$ids = array();
$qtys = array();
foreach ($cart as $key => $c) {
$ids[$key] = $c["id"];
function save_product()
{
$data = array('product' => array('name' => '', 'description' => '', 'price' => 0, 'url' => ''));
$errors = array();
$data['success'] = false;
if (empty($_POST['action'])) {
$errors['action'] = 'Внутренняя ошибка';
}
if ($_POST['action'] == 'edit') {
if (empty($_POST['id'])) {
$errors['action'] = 'Внутренняя ошибка';
} else {
$data['product']['id'] = $_POST['id'];
}
}
if (empty($_POST['name'])) {
$errors['name'] = 'Нужно указать название товара';
} else {
$data['product']['name'] = $_POST['name'];
}
if (empty($_POST['price'])) {
$errors['price'] = 'Нужно указать цену';
} else {
$data['product']['price'] = trim($_POST['price']);
preg_match('/^(?:\\d+|\\d{1,3}(?:,\\d{3})+)(?:\\.\\d+)?$/', $data['product']['price'], $match);
if (empty($match)) {
$errors['price'] = 'Цена в не правильном формате, пример: 1232.20';
}
}
if (!empty($_POST['description'])) {
$data['product']['description'] = $_POST['description'];
}
if (!empty($_POST['url'])) {
$data['product']['url'] = $_POST['url'];
}
if (!empty($errors)) {
$data['errors'] = $errors;
} else {
switch ($_POST['action']) {
case 'edit':
if (edit_product($data['product'])) {
$data['success'] = true;
}
break;
case 'add':
if (add_product($data['product'])) {
$data['success'] = true;
}
break;
}
clear_cache();
}
// return all our data to an AJAX call
echo json_encode($data);
}
<?php
require_once './function.php';
$product_id = $_GET['product_id'];
$product_info = edit_product($product_id);
?>
<!DOCTYPE html>
<html>
<head>
<title>Edit Product</title>
<link rel="stylesheet" type="text/css" href="./css/bootstrap.min.css" />
<script src="js/jquery.min.js"></script>
<script src="js/bootstrap.js"></script>
</head>
<body>
<nav class="navbar navbar-inverse navbar-fixed-top">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#my_menu">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a href="#" class="navbar-brand">My Site</a>
</div>
<div class="navbar-collapse collapse" id="my_menu">
<?php
require_once 'includes/db.inc.php';
include 'includes/user.inc.php';
include 'includes/product.inc.php';
// Redirection si pas connecté
$out = "";
if (!empty($_SESSION["user_session"])) {
$userID = $_SESSION["user_session"];
$output = '<div class="right bottom-aligned-text"><a href="logout.php?logout=true">Déconnexion</a></div>';
$output .= '<div class="right"><h1>Bonjour <a href="profile.php">' . user_edit($db_connexion, $userID)['user_name'] . "</a></h1></div>";
if (isset($_SESSION["cart"])) {
$cart = $_SESSION["cart"];
foreach ($cart as $c) {
$produit = edit_product($c['id'], $db_connexion);
$output .= '<div>nom du produit ' . $produit["nom"] . ' : , qty :' . $c["qty"] . '
<a href="panier.php?action=delete&id=' . $c['id'] . '" ><span class="glyphicon glyphicon-remove"></span></a>
<br/><a href="">Voir mon panier</a>
</div>';
}
}
} else {
header("Location:inscription.php");
}
// récupperation de l'identifiant de la session
$user_id = $_SESSION["user_session"];
$action = isset($_GET["action"]) ? $_GET["action"] : "";
switch ($action) {
case 'modifier':
if (!empty($_GET["id"])) {
// récupperation de l'id dans l'url
require "templates/admin/grant-admin-priviliges.php";
}
else if($_GET['action'] == 'delete_admin_priviliges'){
if(isset($_POST['id'])){
delete_admin_priviliges($_POST['id']);
}
require "templates/admin/delete-admin-priviliges.php";
}
else if(isset($_GET['action']) && $_GET['action'] == 'delete_product' && isset($_GET['id'])){
delete_product($_GET['id']);
}
else if(isset($_GET['action']) && $_GET['action'] == 'edit_product' && isset($_GET['id'])){
if(isset($_POST['name'])){
edit_product($_POST['name'], $_POST['contents'], $_POST['amount'], $_POST['nutriments'], $_POST['allergens'], $_POST['category'], $_POST['price'], $_POST['comparement_price'], $_POST['comparement_type'], $_GET['id']);
}
require "templates/admin/edit-product.php";
}
}
else if($page == 'browse'){
if(isset($_GET['sort_by'])){
require "templates/sort-by-category.php";
}
else{
require "templates/browse.php";
}
}
function edit_save()
{
global $db, $t, $vars;
$p = new product($vars);
convert_period_fields($p);
$error = validate_product_fields($p);
if ($error) {
edit_product($error);
return;
}
//print_rr($p);
$err = $db->update_product($vars['product_id'], $p->config);
if ($err) {
fatal_error("Cannot update product info: {$err}", false);
}
admin_log("Product updated {$vars['product_id']}");
$t->assign('url', "products.php");
$t->display("admin/product_saved.html");
}
