Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- if(isset($_POST['button'])) {
- include_once("../storescripts/connect_to_mysql.php");
- $con = mysqli_connect("$db_host","$db_username","$db_pass","$db_name");
- $username = mysqli_real_escape_string($con, $_POST['username']);
- $password = mysqli_real_escape_string($con, $_POST['password']);
- //Error handler
- //Check for empty fields
- if (empty($username) || empty($password)) {
- header("Location: ../admin_login.php?admin_login=empty");
- exit();
- } else {
- //Check if charactors are valid
- if (!preg_match("/^[a-zA-Z0-9]*$/", $username) || !preg_match("/^[a-zA-Z0-9]*$/", $password)) {
- header("Location: ../admin_login.php?admin_login=invalid");
- exit();
- } else {
- $sql = "SELECT * FROM admin WHERE username = '$username'' AND password = '$password'";
- $result = mysqli_query($con, $sql);
- $resultCheck = mysqli_num_rows($result);
- if ($resultCheck < 1) {
- header("Location: ../admin_login.php?admin_login=invalid");
- exit();
- } else {
- if ($row = mysqli_fetch_assoc($result)) {
- $_SESSION['manager'] = $row['username'];
- $_SESSION['manager_pwd'] = $row['password'];
- header("Location: admin_index.php"); //relocate to index page
- exit();
- } else{
- echo 'username and password invalid. Please try again';
- }
- }
- }
- }
- }
- ?>
- <?php
- // Script Error Reporting
- error_reporting(E_ALL);
- ini_set('display_errors', '1');
- ?>
- <?php
- // Delete Item Question to Admin, and Delete Product if they choose
- if (isset($_GET['deleteid'])) {
- echo 'Do you really want to delete product with ID of ' . $_GET['deleteid'] . '? <a href="inventory_list.php?yesdelete=' . $_GET['deleteid'] . '">Yes</a> | <a href="inventory_list.php">No</a>';
- exit();
- }
- if (isset($_GET['yesdelete'])) {
- // remove item from system and delete its picture
- // delete from database
- $id_to_delete = $_GET['yesdelete'];
- $result = mysqli_query("DELETE FROM products WHERE id='$id_to_delete' LIMIT 1") or die (mysqli_error());
- // unlink the image from server
- // Remove The Pic -------------------------------------------
- $pictodelete = ("inventory_images/$id_to_delete.jpg");
- if (file_exists($pictodelete)) {
- unlink($pictodelete);
- }
- header("location: inventory_list.php");
- exit();
- }
- ?>
- <?php
- // Parse the form data and add inventory item to the system
- if (isset($_POST['item_number'])) {
- $item_number = mysqli_real_escape_string($_POST['item_number']);
- $price = mysqli_real_escape_string($_POST['price']);
- $category = mysqli_real_escape_string($_POST['category']);
- $subcategory = mysqli_real_escape_string($_POST['subcategory']);
- $description = mysqli_real_escape_string($_POST['dscription']);
- // See if that product name is an identical match to another product in the system
- $sql = mysqli_query("SELECT id FROM products WHERE item_number='$item_number' LIMIT 1");
- $productMatch = mysql_num_rows($sql); // count the output amount
- if ($productMatch > 0) {
- echo 'Sorry you tried to place a duplicate "item_number" into the system, <a href="inventory_list.php">click here</a>';
- exit();
- }
- // Add this product into the database now
- $sql = mysqli_query("INSERT INTO products (item_number, price, description, category, date_added)
- VALUES('$item_number','$price','$description','$category',now())") or die (mysql_error());
- $pid = mysqli_insert_id();
- // Place image in the folder
- $newname = "$pid.jpg";
- move_uploaded_file( $_FILES['fileField']['tmp_name'], "inventory_items/$newname");
- header("location: inventory_list.php");
- exit();
- }
- ?>
- <?php
- // This block grabs the whole list for viewing
- $product_list = "";
- $sql = "SELECT * FROM products ORDER BY date_added DESC";
- $productCount = mysqli_num_rows($sql); // count the output amount
- if ($productCount > 0) {
- while($row = mysqli_fetch_array($sql)){
- $id = $row["id"];
- $item_number = $row["item_number"];
- $price = $row["price"];
- $date_added = strftime("%b %d, %Y", strtotime($row["date_added"]));
- $product_list .= "Product ID: $id - <strong>$product_name</strong> - $$price - <em>Added $date_added</em> <a href='inventory_edit.php?pid=$id'>edit</a> • <a href='inventory_list.php?deleteid=$id'>delete</a><br />";
- $qty = $row["qty"];
- }
- } else {
- $product_list = "You have no products listed in your store yet";
- }
- ?>
- <!DOCTYPE html>
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
- <title>Inventory List</title>
- <link rel="stylesheet" href="../style.css" type="text/css" media="screen" />
- </head>
- <body>
- <div align="center" id="mainWrapper">
- <div id="pageContent"><br />
- <div align="right" style="margin-right:32px;"><a href="inventory_list.php#inventoryForm">+ Add New Inventory Item</a></div>
- <div align="left" style="margin-left:24px;">
- <h2>Inventory list</h2>
- <?php echo $product_list; ?>
- </div>
- <hr />
- <a name="inventoryForm" id="inventoryForm"></a>
- <h3>
- ↓ Add New Inventory Item Form ↓
- </h3>
- <form action="inventory_list.php" enctype="multipart/form-data" name="myForm" id="myform" method="post">
- <table width="90%" border="0" cellspacing="0" cellpadding="6">
- <tr>
- <td width="20%" align="right">Item Number</td>
- <td width="80%"><label>
- <input name="item_number" type="text" id="item_number" size="64" />
- </label></td>
- </tr>
- <tr>
- <td align="right">Product Price</td>
- <td><label>
- $
- <input name="price" type="text" id="price" size="12" />
- </label></td>
- </tr>
- <tr>
- <td align="right">Category</td>
- <td><label>
- <select name="category" id="category">
- <option value="Bracelets">Bracelet</option>
- <option value="Necklace">Necklace</option>
- <option value="Earring">Earring</option>
- <option value="Childrens">Childrens</option>
- <option value="Sets">Sets</option>
- <option value="Rosary">Rosary</option>
- <option value="Accessories">Accessories</option>
- </select>
- </label>
- </tr>
- <tr>
- <td align="right">Description</td>
- <td><label>
- <textarea name="description" id="description" cols="64" rows="20"></textarea>
- </label></td>
- </tr>
- <tr>
- <td align="right">Product Image</td>
- <td><label>
- <input type="file" name="fileField" id="fileField" />
- </label></td>
- </tr>
- <tr>
- <td> </td>
- <td><label>
- <input type="submit" name="button" id="button" value="Submit" />
- </label></td>
- </tr>
- </table>
- </form>
- <br />
- <br />
- </div>
- </div>
- </body>
- </html>
Add Comment
Please, Sign In to add comment