-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathEditHandler.php
90 lines (55 loc) · 2.1 KB
/
EditHandler.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
<?php session_start();
// edit handler for products
if(isset($_POST["btnSubmit"])){
$productName = $_POST["txtTitle"];
$desc = $_POST["txtDescription"];
$price = $_POST["price"];
$stock = $_POST["stock"];
if(isset($_POST["txtPublish"])){
$status = 1;
}
else{
$status = 0;
}
if(!file_exists($_FILES["imageFile"]["tmp_name"]) ||
!is_uploaded_file($_FILES["imageFile"]["tmp_name"])){
$image = $_SESSION["imagePath"];
}
else{
$image = "uploads/" . basename($_FILES["imageFile"]["name"]);
move_uploaded_file($_FILES["imageFile"]["tmp_name"], $image);
}
$con = mysqli_connect("localhost", "root", "", "novatech_database", "3306");
if(!$con){
die("Sorry, you can't connect to the database.");
}
$sql = "UPDATE `product_tbl` SET `productName` = '$productName', `description` = '$desc', `publish` = '$status', `price` = '$price', `stock` = '$stock', `imagePath` = '$image' WHERE `product_tbl`.`productID` = " . $_GET["id"];
if(mysqli_query($con, $sql)){
echo "<script>
alert('Saved changes');
window.location.href = 'admin.php#my-products';
</script>";
}
}
// edit handler for profile
if(isset($_POST["btnSubmitProfile"])){
$name = $_POST["txtName"];
$email = $_POST["txtEmail"];
$phone = $_POST["txtPhone"];
$address = $_POST["txtAddress"];
$password = $_POST["txtPassword"];
$image = "uploads/" . basename($_FILES["imageFile"]["name"]);
move_uploaded_file($_FILES["imageFile"]["tmp_name"], $image);
$con = mysqli_connect("localhost", "root", "", "novatech_database", "3306");
if(!$con){
die("Sorry, you can't connect to the database.");
}
$sql = "UPDATE `user_tbl` SET `email` = '$email', `name` = '$name', `contactNumber` = '$phone', `address` = '$address', `password` = '$password', `imagePath` = '$image' WHERE `user_tbl`.`userID` = " . $_GET["id"];
if(mysqli_query($con, $sql)){
echo "<script>
alert('Saved changes');
window.location.href = 'profile.php';
</script>";
}
}
?>