<?php include ('staff.php');?><?phpinclude 'connectiondb.php';if (isse

1. <?php
2. include ('staff.php');
3. ?>
4. <?php
5. include 'connectiondb.php';
6. if (isset($_GET['id'])) {
7. $targetID = $_GET['id'];
8. $sql = mysql_query("SELECT * FROM products WHERE id='$targetID' LIMIT 1");
9. $productCount = mysql_num_rows($sql); // count the output amount
10. if ($productCount > 0) {
11. while($row = mysql_fetch_array($sql)){
12. $id=$row["id"];
13. $prod_title = $row["pname"];
14. $prod_category = $row["category"];
15. $prod_desc = $row["description"];
16. $price = $row["price"];
17. $stock = $row["stock"];
18. $ext = $row["ext"];
19. $date_added = strftime("%b %d, %Y", strtotime($row["date_added"]));
20.  
21. $temprod_title = $prod_title;
22. $temprod_desc = $prod_desc;
23. $temprice = $price;
24. $temstock = $stock;
25. $temext = $ext;
26.  
27. echo'<tr>
28. <table style="width:50%;">
29. <tr>
30. <td align="right"><h2><font color="darkgreen">Edit Product</font></h2></td>
31. </tr>
32. <td width="89" align="right" > <div><img src="uploads/'.$id.'.'.$ext.'" width="100" height="100" /></div></td>
33. </tr>
34. </table>';
35.  
36. }
37. } else {
38. echo "<div id='error'>Invalid Id</div>";
39. }
40. }
41. ?>
42. <?php
43. if (isset($_FILES['image']))
44. {
45. $pid = addslashes(strip_tags($_POST['id']));
46. $prod_title = addslashes(strip_tags($_POST['prod_title']));
47. $prod_desc = addslashes(strip_tags($_POST['prod_desc']));
48. $price = addslashes(strip_tags($_POST['price']));
49. $image_name = $_FILES['image']['name'];
50. $image_size = $_FILES['image']['size'];
51. $image_temp = $_FILES['image']['tmp_name'];
52. $allowed_ext = array ('jpg', 'jpeg', 'png', 'gif');
53. $image_ext = strtolower(pathinfo($image_name, PATHINFO_EXTENSION));
54. $errors = array();
55. $name = $_SESSION['username'];
56. if ($image_name&&$prod_desc&&$prod_title&&$price&&$stock)
57. {
58. if (in_array($image_ext, $allowed_ext ) === false)
59. {
60. $errors[] = "<div id='error'>File type not allowed</div>";
61. }
62. if ($image_size > 9097152)
63. {
64. $errors[] = "<div id='error'>Maximum file size is 2mb</div>";
65. }
66. if (!empty($errors))
67. {
68. foreach ($errors as $error)
69. {
70. echo $error, '<br/>';
71. }
72. }
73. else{
74. unlink('uploads/'.$pid.'.'.$image_ext);
75. unlink('uploads/thumbs/'.$pid.'.'.$image_ext);
76. include ('inc/thumb.php');
77. // include '../inc/connectdb.php';
78.  
79. /*$sql = mysql_query("UPDATE products SET
80. pname='$prod_title',description='$prod_desc',price='$price',ext='$image_ext'
81. WHERE id='$pid'");*/
82.  
83. $sql=mysql_query("SELECT * FROM products WHERE id='$pid'");
84. while ($row = mysql_fetch_assoc($sql))
85. {
86. $pidfromprod=$row['id'];
87. }
88.  
89. mysql_query("INSERT INTO editproduct_request VALUES ('$pid','$prod_category','$prod_title','$prod_desc','$price','$image_ext',now(),'$temprod_title','$temprod_desc','$temprice','$temext','Pending','Pending','$name','Pending')");
90.  
91.  
92. if ($image_name&&$image_size&&$image_temp!= "")
93. {
94. $image_file = "$pid".'.'.$image_ext;
95. move_uploaded_file($image_temp, 'uploads/'.$image_file);
96. create_thumb('uploads/', $image_file, 'uploads/thumbs/');
97. echo "<script>alert('Request Sent to Admin!')</script>
98.  
99. <script>location.href = 'staffeditrequest.php'</script> ";
100. }
101. }
102. }
103. else
104. {
105. echo "<div id='error'>Please fill in all fields</div>";
106. }
107. }
108. ?>
109. <font color="#FFF">
110. <table style="width:100%;">
111. <form action="" method="POST" enctype="multipart/form-data" >
112.  
113. <tr>
114. <td align="right">Change Image:</td>
115. <td align="left"><input type="file" name="image" /></td>
116. </tr>
117. <tr>
118. <td align="right">Product Name:</td>
119. <td align="left"><input type="text" name="prod_title" value="<?php echo $prod_title; ?>"
120. size="30"></td>
121. </tr>
122. <tr>
123. <td align="right">Product Description:</td>
124. <td align="left"><textarea name="prod_desc" cols="25" rows="10" id="comment"><?php echo
125. $prod_desc; ?></textarea></td>
126. </tr>
127. <tr>
128. <td align="right">Price:</td>
129. <td align="left"><input type="text" name="price" value= "<?php echo $price; ?>"></td>
130. </tr
131. ><tr><td></td><td align="left">
132. <input name="id" type="hidden" value="<?php echo $targetID; ?>" />
133. <input type="submit" name="submit" value="Update products" style="font-family: verdana;border: 1px solid #1F79AE;
134. background-color: #1F79AE;
135. border-radius: 4px;
136. box-shadow: inset 0 1px 3px #fff, inset 0 -15px #cbe6f2, 0 0 3px #8ec1da;
137. -o-box-shadow: inset 0 1px 3px #fff, inset 0 -15px #cbe6f2, 0 0 3px #8ec1da;
138. -webkit-box-shadow: inset 0 1px 3px #fff, inset 0 -15px #1F79AE, 0 0 3px #8ec1da;
139. -moz-box-shadow: inset 0 1px 3px #fff, inset 0 -15px #cbe6f2, 0 0 3px #8ec1da;
140. color: #336600;
141. text-shadow: 0 1px #fff;
142. padding: 2px 5px;" /></td></tr>
143. <tr> <td></td><td align="right"></td></tr>
144. </form>
145. </table>
146. </td>
147. </tr>;
148. <tr>
149.  
150. </table>
151. <html>
152. <table height="300px">
153. <td></td>
154. </table>
155. <table border=0 align="center" style="width:100%;">
156. <td>
157. <p style = "font-size:12px;text-align:left;font-color:black;">2013 © New Horizon Infinity Global Solutions, Inc. ALL Rights Reserved. Privacy Policy | Terms of Service </td>
158. <td align="right"><font style="font-size: 12px;">Developed and Designed by Jaylord & Ron</td>
159.  
160. </table>
161.  
162.  
163. </html>