API tools faq
paste
Guest User

Untitled

a guest
Jul 1st, 2018
98
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.01 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. session_start();
  4.  
  5. if(isset($_POST['button'])) {
  6.  
  7. include_once("../storescripts/connect_to_mysql.php");
  8. $con = mysqli_connect("$db_host","$db_username","$db_pass","$db_name");
  9. $username = mysqli_real_escape_string($con, $_POST['username']);
  10. $password = mysqli_real_escape_string($con, $_POST['password']);
  11.  
  12. //Error handler
  13. //Check for empty fields
  14. if (empty($username) || empty($password)) {
  15. header("Location: ../admin_login.php?admin_login=empty");
  16. exit();
  17. } else {
  18. //Check if charactors are valid
  19. if (!preg_match("/^[a-zA-Z0-9]*$/", $username) || !preg_match("/^[a-zA-Z0-9]*$/", $password)) {
  20. header("Location: ../admin_login.php?admin_login=invalid");
  21. exit();
  22. } else {
  23. $sql = "SELECT * FROM admin WHERE username = '$username'' AND password = '$password'";
  24. $result = mysqli_query($con, $sql);
  25. $resultCheck = mysqli_num_rows($result);
  26. if ($resultCheck < 1) {
  27. header("Location: ../admin_login.php?admin_login=invalid");
  28. exit();
  29. } else {
  30. if ($row = mysqli_fetch_assoc($result)) {
  31.  
  32. $_SESSION['manager'] = $row['username'];
  33. $_SESSION['manager_pwd'] = $row['password'];
  34. header("Location: admin_index.php"); //relocate to index page
  35. exit();
  36. } else{
  37. echo 'username and password invalid. Please try again';
  38. }
  39. }
  40. }
  41. }
  42.  
  43. }
  44. ?>
  45. <?php
  46. // Script Error Reporting
  47. error_reporting(E_ALL);
  48. ini_set('display_errors', '1');
  49. ?>
  50. <?php
  51. // Delete Item Question to Admin, and Delete Product if they choose
  52. if (isset($_GET['deleteid'])) {
  53. echo 'Do you really want to delete product with ID of ' . $_GET['deleteid'] . '? <a href="inventory_list.php?yesdelete=' . $_GET['deleteid'] . '">Yes</a> | <a href="inventory_list.php">No</a>';
  54. exit();
  55. }
  56. if (isset($_GET['yesdelete'])) {
  57. // remove item from system and delete its picture
  58. // delete from database
  59. $id_to_delete = $_GET['yesdelete'];
  60. $result = mysqli_query("DELETE FROM products WHERE id='$id_to_delete' LIMIT 1") or die (mysqli_error());
  61. // unlink the image from server
  62. // Remove The Pic -------------------------------------------
  63. $pictodelete = ("inventory_images/$id_to_delete.jpg");
  64. if (file_exists($pictodelete)) {
  65. unlink($pictodelete);
  66. }
  67. header("location: inventory_list.php");
  68. exit();
  69. }
  70. ?>
  71. <?php
  72. // Parse the form data and add inventory item to the system
  73. if (isset($_POST['item_number'])) {
  74.  
  75. $item_number = mysqli_real_escape_string($_POST['item_number']);
  76. $price = mysqli_real_escape_string($_POST['price']);
  77. $category = mysqli_real_escape_string($_POST['category']);
  78. $subcategory = mysqli_real_escape_string($_POST['subcategory']);
  79. $description = mysqli_real_escape_string($_POST['dscription']);
  80. // See if that product name is an identical match to another product in the system
  81. $sql = mysqli_query("SELECT id FROM products WHERE item_number='$item_number' LIMIT 1");
  82. $productMatch = mysql_num_rows($sql); // count the output amount
  83. if ($productMatch > 0) {
  84. echo 'Sorry you tried to place a duplicate "item_number" into the system, <a href="inventory_list.php">click here</a>';
  85. exit();
  86. }
  87. // Add this product into the database now
  88. $sql = mysqli_query("INSERT INTO products (item_number, price, description, category, date_added)
  89. VALUES('$item_number','$price','$description','$category',now())") or die (mysql_error());
  90. $pid = mysqli_insert_id();
  91. // Place image in the folder
  92. $newname = "$pid.jpg";
  93. move_uploaded_file( $_FILES['fileField']['tmp_name'], "inventory_items/$newname");
  94. header("location: inventory_list.php");
  95. exit();
  96. }
  97. ?>
  98. <?php
  99. // This block grabs the whole list for viewing
  100. $product_list = "";
  101. $sql = "SELECT * FROM products ORDER BY date_added DESC";
  102. $productCount = mysqli_num_rows($sql); // count the output amount
  103. if ($productCount > 0) {
  104. while($row = mysqli_fetch_array($sql)){
  105. $id = $row["id"];
  106. $item_number = $row["item_number"];
  107. $price = $row["price"];
  108. $date_added = strftime("%b %d, %Y", strtotime($row["date_added"]));
  109. $product_list .= "Product ID: $id - <strong>$product_name</strong> - $$price - <em>Added $date_added</em> &nbsp; &nbsp; &nbsp; <a href='inventory_edit.php?pid=$id'>edit</a> &bull; <a href='inventory_list.php?deleteid=$id'>delete</a><br />";
  110. $qty = $row["qty"];
  111. }
  112. } else {
  113. $product_list = "You have no products listed in your store yet";
  114. }
  115. ?>
  116. <!DOCTYPE html>
  117. <html xmlns="http://www.w3.org/1999/xhtml">
  118. <head>
  119. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  120. <title>Inventory List</title>
  121. <link rel="stylesheet" href="../style.css" type="text/css" media="screen" />
  122. </head>
  123.  
  124. <body>
  125. <div align="center" id="mainWrapper">
  126. <div id="pageContent"><br />
  127. <div align="right" style="margin-right:32px;"><a href="inventory_list.php#inventoryForm">+ Add New Inventory Item</a></div>
  128. <div align="left" style="margin-left:24px;">
  129. <h2>Inventory list</h2>
  130. <?php echo $product_list; ?>
  131. </div>
  132. <hr />
  133. <a name="inventoryForm" id="inventoryForm"></a>
  134. <h3>
  135. &darr; Add New Inventory Item Form &darr;
  136. </h3>
  137. <form action="inventory_list.php" enctype="multipart/form-data" name="myForm" id="myform" method="post">
  138. <table width="90%" border="0" cellspacing="0" cellpadding="6">
  139. <tr>
  140. <td width="20%" align="right">Item Number</td>
  141. <td width="80%"><label>
  142. <input name="item_number" type="text" id="item_number" size="64" />
  143. </label></td>
  144. </tr>
  145. <tr>
  146. <td align="right">Product Price</td>
  147. <td><label>
  148. $
  149. <input name="price" type="text" id="price" size="12" />
  150. </label></td>
  151. </tr>
  152. <tr>
  153. <td align="right">Category</td>
  154. <td><label>
  155. <select name="category" id="category">
  156. <option value="Bracelets">Bracelet</option>
  157. <option value="Necklace">Necklace</option>
  158. <option value="Earring">Earring</option>
  159. <option value="Childrens">Childrens</option>
  160. <option value="Sets">Sets</option>
  161. <option value="Rosary">Rosary</option>
  162. <option value="Accessories">Accessories</option>
  163. </select>
  164. </label>
  165. </tr>
  166. <tr>
  167. <td align="right">Description</td>
  168. <td><label>
  169. <textarea name="description" id="description" cols="64" rows="20"></textarea>
  170. </label></td>
  171. </tr>
  172. <tr>
  173. <td align="right">Product Image</td>
  174. <td><label>
  175. <input type="file" name="fileField" id="fileField" />
  176. </label></td>
  177. </tr>
  178. <tr>
  179. <td>&nbsp;</td>
  180. <td><label>
  181. <input type="submit" name="button" id="button" value="Submit" />
  182. </label></td>
  183. </tr>
  184. </table>
  185. </form>
  186. <br />
  187. <br />
  188. </div>
  189. </div>
  190. </body>
  191. </html>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!