D7net Mini Sh3LL v1
Current File : C:/Domains/maymaytinson.com/httpdocs/lib/images/13/../10/../7/../16/../activity/../JUKI/../15/../zip_food/../18/../17/../2/../21/../20/../22/../5/../11/../7/../5/../22/../22/../20/../19/../10/../../../include/editProduct.php |
<br><h3>Thông tin sản phẩm</h3>
<br>
<div id="editProduct">
<?php
$get=0;
if(isset($_GET['id'])){
$get=1;$update=$_GET['id'];
$stmt=$conn->prepare("SELECT * FROM product WHERE id='".$_GET['id']."'");
$stmt->execute();
$product=$stmt->fetch(PDO::FETCH_ASSOC);
}
?>
<form method="POST" enctype="multipart/form-data">
<table>
<tr>
<td>Tên sản phẩm</td>
<td><input type="text" placeholder="Nhập tên sản phẩm" name="name" value="<?php if(isset($_GET['id'])){ echo $product['name']; }?>"></td>
<td>Giá</td>
<td><input class="number" placeholder="Nhập giá tiền" type="text" name="price" value="<?php if(isset($_GET['id'])){ echo $product['price']; } ?>"></td>
</tr>
<tr>
<td>Loại</td>
<td><select name="type">
<?php
$stmt=$conn->prepare("SELECT * FROM type ");
$stmt->execute();
$type=$stmt->fetchAll(PDO::FETCH_ASSOC);
?>
<option value="">-Chọn loại-</option>
<?php foreach ($type as $type) { ?>
<option value="<?php echo $type['id']; ?>" <?php if(isset($_GET['id'])){if($product['type']==$type['id']){ echo "selected"; }}elseif($_SESSION['loai']==$type['id']){ echo "selected"; } ?>><?php echo $type['name']; ?></option>
<?php } ?></select></td>
<td>Thương hiệu</td>
<td><select name="trademark">
<?php
$stmt=$conn->prepare("SELECT * FROM trademark ");
$stmt->execute();
$trademark=$stmt->fetchAll(PDO::FETCH_ASSOC);
?>
<option value="">-Chọn thương hiệu-</option>
<?php foreach ($trademark as $trademark) { ?>
<option value="<?php echo $trademark['id']; ?>" <?php if(isset($_GET['id'])){if($product['trademark']==$trademark['id']){ echo "selected"; }}elseif($_SESSION['thuonghieu']==$trademark['id']){ echo "selected"; } ?>><?php echo $trademark['name']; ?></option>
<?php } ?>
</select></td>
</tr>
<tr>
<td>Hình ảnh</td>
<td><input type="file" name="image[]" multiple></td>
<td>Giảm giá</td>
<td><input type="number" placeholder="Nhập giá tiền giảm" name="discount" class="number" min="0" value="<?php if(isset($_GET['id'])){ echo $product['discount']; } ?>"></td>
</tr>
<tr>
<td>Nội dung chi tiết</td>
<td></td>
<td>Tình trạng</td>
<td><select name="status">
<option value="0">Còn hàng</option>
<option value="1">Đặt hàng</option>
</select></td>
</tr>
<tr>
<td colspan="4" id="textarea">
<textarea class="ckeditor" id="editor" name="info"><?php if(isset($_GET['id'])){ echo $product['info'];} ?></textarea>
</td>
</tr>
<tr>
<td><button type="submit" name="save">Lưu lại</button></td>
</tr>
</table>
<script type="text/javascript">
// CKEDITOR.replace( 'editor', {
// filebrowserUploadUrl: "include/upload.php"
// });
CKEDITOR.replace( 'editor',{
filebrowserBrowseUrl : 'http://maymaytinson.com/ckfinder/ckfinder.html',
filebrowserImageBrowseUrl : 'http://maymaytinson.com/ckfinder/ckfinder.html?type=Images',
filebrowserFlashBrowseUrl : 'http://maymaytinson.com/ckfinder/ckfinder.html?type=Flash',
filebrowserUploadUrl : 'http://maymaytinson.com/ckfinder/core/connector/php/connector.php?command=QuickUpload&type=Files',
filebrowserImageUploadUrl : 'http://maymaytinson.com/ckfinder/core/connector/php/connector.php?command=QuickUpload&type=Images',
filebrowserFlashUploadUrl : 'http://maymaytinson.com/ckfinder/core/connector/php/connector.php?command=QuickUpload&type=Flash'
} );
</script>
</form>
<?php
if(isset($_POST['save'])){
$_POST['discount'];
if($get==1){
$stmt=$conn->prepare("SELECT id FROM product ORDER BY id DESC");
$stmt->execute();
$updateId=$stmt->fetch(PDO::FETCH_ASSOC);
$update=$updateId['id']+1;
}
if($get==0){
$_SESSION['loai']=$_POST['type'];
$_SESSION['thuonghieu']=$_POST['trademark'];
}
$image='';$count=0;
if(empty($_POST['name'])){
$errors[]="Vui lòng nhập tên sản phẩm";
}
if(empty($_POST['type'])){
$errors[]="Vui lòng chọn loại";
}
if(empty($_POST['trademark'])){
$errors[]="Vui lòng chọn thương hiệu";
}
if(empty($_POST['info'])){
$errors[]="Vui lòng nhập chi tiết sản phẩm";
}
if(empty($_POST['discount'])){
$_POST['discount']=0;
}
if(empty($errors)){
if(!file_exists("lib/images/".vn_str_filter($_POST['trademark']))){
mkdir("lib/images/".vn_str_filter($_POST['trademark']));
}
foreach ($_FILES["image"]['name'] as $file) {
$count++;
}
for($i=0; $i< $count; $i++)
{
move_uploaded_file($_FILES['image']['tmp_name'][$i],"lib/images/".vn_str_filter($_POST['trademark'])."/".str_replace(' ','-',vn_str_filter($_FILES['image']['name'][$i])));
$image.=$url="lib/images/".vn_str_filter($_POST['trademark'])."/".str_replace(' ','-',vn_str_filter($_FILES['image']['name'][$i]));
$name=$_FILES['image']['name'][$i];
}
if(strlen($_FILES['image']['name'][0])!=0){
if(isset($_GET['id'])){
$stmt=$conn->prepare("UPDATE product SET id=:id,name=:name,image=:image,price=:price,type=:type,trademark=:trademark,info=:info,status=:status,discount=:discount WHERE id='".$_GET['id']."'");
$stmt->bindParam(":id",$update,PDO::PARAM_INT);
}else{
$stmt=$conn->prepare("INSERT INTO product(name,image,price,type,trademark,info,status,discount) VALUES(:name,:image,:price,:type,:trademark,:info,:status,:discount)");
}
$stmt->bindParam(":image",$image,PDO::PARAM_STR);
}else{
if(isset($_GET['id'])){
$stmt=$conn->prepare("UPDATE product SET id=:id,name=:name,price=:price,type=:type,trademark=:trademark,info=:info,status=:status,discount=:discount WHERE id='".$_GET['id']."'");
$stmt->bindParam(":id",$update,PDO::PARAM_INT);
}else{
$stmt=$conn->prepare("INSERT INTO product(name,price,type,trademark,info,status,discount) VALUES(:name,:price,:type,:trademark,:info,:status,:discount)");
}
}
$stmt->bindParam(":name",$_POST['name'],PDO::PARAM_STR);
$stmt->bindParam(":price",$_POST['price'],PDO::PARAM_INT);
$stmt->bindParam(":type",$_POST['type'],PDO::PARAM_INT);
$stmt->bindParam(":trademark",$_POST['trademark'],PDO::PARAM_STR);
$stmt->bindParam(":info",$_POST['info'],PDO::PARAM_STR);
$stmt->bindParam(":status",$_POST['status'],PDO::PARAM_STR);
$stmt->bindParam(":discount",$_POST['discount'],PDO::PARAM_INT);
//echo $_POST['info'];
$stmt->execute();
if(empty($_GET['id'])){
success("Cập nhật","editProduct.php");
}else{
success("Cập nhật","editProduct.php?id=".$update);
}
}else{
notice($errors);
}
}
?>
<?php
ob_start();
session_start();
$stmt=$conn->prepare("SELECT *,trademark.name as trademark,type.name as type FROM product JOIN type ON product.type=type.id JOIN trademark ON product.trademark=trademark.id WHERE product.del=0 ORDER BY product.id DESC LIMIT 0,3");
$stmt->execute();
$justAdd=$stmt->fetchAll(PDO::FETCH_ASSOC);
echo "<p style='margin-left:10%'><u>Sản phẩm mới thêm :</u></p>";
?>
<div id="list1">
<table>
<thead>
<th>Stt</th>
<th>Tên sản phẩm</th>
<th>Thương hiệu</th>
<th>Loại</th>
<th>Tình trạng</th>
<th>...</th>
</thead>
<?php
if(isset($_GET['id'])){
$loai=$product['type'];$thuonghieu=$product['trademark'];
}else{
$loai=$_SESSION['loai'];$thuonghieu=$_SESSION['thuonghieu'];
}
$stmt=$conn->prepare("SELECT *,product.id as idProduct,product.name as name,type.name as type,trademark.name as trademark FROM product JOIN type ON product.type=type.id JOIN trademark ON product.trademark=trademark.id WHERE product.type='".$loai."' AND product.trademark='".$thuonghieu."' AND product.del=0 ORDER BY product.id DESC LIMIT 0,3");
$stmt->execute();
$product=$stmt->fetchAll(PDO::FETCH_ASSOC);
$stt=1;
foreach ($product as $product) {
if($product['del']==0){?>
<tr title="Nhấp vào để chỉnh sửa">
<td align="center" onclick="document.location = 'editProduct.php?id=<?php echo $product['idProduct'] ?>';"><?php echo $stt;$stt++; ?></td>
<td onclick="document.location = 'editProduct.php?id=<?php echo $product['idProduct'] ?>';"><?php echo $product['name']; ?></td>
<td align="center" onclick="document.location = 'editProduct.php?id=<?php echo $product['idProduct'] ?>';"><?php echo $product['trademark']; ?></td>
<td align="center" onclick="document.location = 'editProduct.php?id=<?php echo $product['idProduct'] ?>';"><?php echo $product['type']; ?></td>
<td align="center" onclick="document.location = 'editProduct.php?id=<?php echo $product['idProduct'] ?>';"><?php if($product['status']==0){ echo "<span class='avail'>Còn hàng</span>"; }if($product['status']==1){ echo "<span class='empty'>Hết hàng</span>"; } ?></td>
<td align="center"><a id="lastCheck" href="deleteAdmin.php?table=product&id=<?php echo $product['idProduct'] ?>"><button><img align="center" src="lib/icons/delete.png"></button></a></td>
</tr>
<?php } }?>
</table>
</div>
</div>
<br><br><br>
AnonSec - 2021 | Recode By D7net