PK
<?php
if($_POST['doAction'] == "add" || $_POST['doAction'] == "edit") {
$fields = " products set
category_id = '" . mysqli_escape_string($conn, $_POST['category_id']) . "',
titl = '" . mysqli_escape_string($conn, $_POST['titl']) . "',
short_descp = '" . mysqli_escape_string($conn, $_POST['short_descp']) . "',
descp = '" . mysqli_escape_string($conn, $_POST['descp']) . "'
";
if ($_POST['doAction'] == "add") {
$query = "INSERT into $fields";
mysqli_query($conn, $query) or die(mysqli_error($conn));
$product_id=mysqli_insert_id($conn);
$_SESSION['msg']="Record added successfully.";
}elseif ($_POST['doAction'] == "edit") {
$query = "UPDATE $fields
where product_id='".$_GET['product_id']."'
";
mysqli_query($conn, $query) or die(mysqli_error($conn));
$product_id=$_POST['product_id'];
$_SESSION['msg']="Record updated successfully.";
}
//echo $query;
// var_dump($_FILES);
for($i=1; $i<=2; $i++) {
if($_FILES['img'.$i]['name']){
$ext2 = strtolower(substr($_FILES['img'.$i]['name'], -4));
if($ext2 == ".jpg" || $ext2 == ".jpeg" || $ext2 == ".gif" ||$ext2 == ".png") {
// @unlink("site_data/$row[img]");
// @unlink("site_data/th_$row[img]");
$uploaddir="../site_data/products/";
$ext2=strstr($_FILES['img'.$i]['name'],'.');
$picname1=$product_id."_prd_".$i.$ext2;
$uploadfile = $uploaddir . $picname1;
// if($_FILES['img'.$i]['tmp_name']) {
if(move_uploaded_file($_FILES['img'.$i]['tmp_name'], $uploadfile)) {
// createthumb1($picname1,"site_data/");
// thumb_jpeg($_FILES['img'.$i]['tmp_name'],$picname1,$uploaddir,500,500);
// thumb_jpeg($_FILES['img'.$i]['tmp_name'],"th_".$picname1,$uploaddir,120,120);
$query="UPDATE products set img".$i."= '$picname1' where product_id = '".$product_id."' ";
// echo $query; die;
mysqli_query($conn, $query);
}
}else{
echo "<font color='red'><b>SORRY only .jpg, .png, .gif file is allowed<br></b></font>";
//die();
}
}
}
echo "<script>window.location.href='main.php?action=product_add'</script>";
die;
}
if($_GET['delimg']){
$query = "UPDATE products set img".$_GET['i']."='' where product_id = '$_GET[product_id]' ";
mysqli_query($conn, $query) or die(mysqli_error($conn));
@unlink("../site_data/products/".$_GET['delimg']);
echo "<script>window.location.href='main.php?action=product_add'</script>";
die;
}
if($_SESSION['msg']){$msg=$_SESSION['msg']; unset($_SESSION['msg']);}
if($_SESSION['errmsg']){$errmsg=$_SESSION['errmsg']; unset($_SESSION['errmsg']);}
$query = "SELECT * from products where product_id = '$_GET[product_id]'";
$query = mysqli_query($conn, $query) or die(mysqli_error($conn));
if ($editrow = mysqli_fetch_array($query)) {
}
?>
<div class="content-wrapper">
<!-- Content Header (Page header) -->
<section class="content-header">
<div class="container-fluid">
<div class="row mb-2">
<div class="col-sm-6">
<h1>Product <?php echo ($_GET['product_id'] != ""?"Edit":"Add");?></h1>
</div>
<div class="col-sm-6">
<ol class="breadcrumb float-sm-right">
<li class="breadcrumb-item"><a href="#">Home</a></li>
<li class="breadcrumb-item active">Product <?php echo ($_GET['product_id'] != ""?"Edit":"Add");?></li>
</ol>
</div>
</div>
</div><!-- /.container-fluid -->
</section>
<!-- Main content -->
<section class="content">
<div class="row">
<div class="col-md-12">
<?php if($msg){?><div class="alert alert-success"><strong>Success!</strong> <?php echo $msg;?></div><?php }?>
<?php if($errmsg){?><div class="alert alert-danger"><strong>Success!</strong> <?php echo $errmsg;?></div><?php }?>
<div class="card card-outline card-info">
<!-- <div class="card-header">
<h3 class="card-title">Body</h3>
</div> -->
<!-- /.card-header -->
<form name="textEditor" method="POST" action="" enctype="multipart/form-data">
<input type="hidden" name="doAction" value="<?php if ($_GET['product_id'] != "") { echo "edit"; } else { echo "add"; } ?>">
<input type="hidden" name="product_id" value="<?php echo $_GET['product_id']; ?>">
<div class="card-body">
<div class="form-group">
<label for="category_id">Category</label>
<select name="category_id" id="category_id" required class="form-control">
<option value="">Select</option>
<?php
$q = "SELECT * from categories order by category";
//echo "$query <br>";
$q = mysqli_query($conn, $q) or die(mysqli_error($conn));
while ($row = mysqli_fetch_array($q)) {
?>
<option <?php echo ($row['category_id']==$editrow['category_id']?"selected":"");?> value="<?php echo $row['category_id'] ?>"><?php echo $row['category'];?></option>
<?php
}
?>
</select>
</div>
<div class="form-group">
<label for="titl">Product Title</label>
<input type="text" class="form-control" name="titl" id="titl" value="<?php echo $editrow['titl'];?>" required />
</div>
<div class="form-group">
<label for="exampleInputPassword1">Short Description</label>
<textarea name="short_descp" class="form-control" rows="5"><?php echo $editrow['short_descp']; ?></textarea>
</div>
<div class="form-group">
<label for="exampleInputPassword1">Product Description</label>
<textarea class="summernote" name="descp" id="summernote"><?php echo $editrow['descp']; ?></textarea>
</div>
<?php
for($i=1; $i<=2; $i++) {
?>
<div class="form-group">
<label for="exampleInputFile">Image <?php echo $i;?> - [1000 x 1000px]</label>
<div class="input-group">
<div class="custom-file">
<input type="file" class="custom-file-input" name="img<?php echo $i;?>">
<label class="custom-file-label" for="exampleInputFile">Choose file</label>
</div>
</div>
<?php
if($editrow['img'.$i]){
?>
<img src="../site_data/products/<?php echo $editrow['img'.$i];?>" width="80" />
<a href="main.php?action=product_add&product_id=<?php echo $_GET['product_id'];?>&i=<?php echo $i;?>&delimg=<?php echo $editrow['img'.$i];?>" class="btn btn-sm btn-info mt-2">Delete Image</a>
<?php
}
?>
</div>
<?php
}
?>
</div>
<!-- /.card-body -->
<div class="card-footer">
<button type="submit" value="1" name="sbmt_btn" class="btn btn-primary"><?php echo($_GET['product_id']?"Update":"Add");?></button>
</div>
</form>
</div>
</div>
<!-- /.col-->
</div>
</section>
<!-- /.content -->
</div>
PK 99