-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfilea.php
88 lines (70 loc) · 2.75 KB
/
filea.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
<?php
session_start();
require_once("includes/connection.php");
require_once("includes/functions.php");
if (!loggedin()){
$rmessage = "You must be logged in to use this page!";
$_SESSION['rmessage'] = $rmessage;
toindex();
}
// code for adding new products
$erors = array();// set an empty array that will contains the errors
$update = array(); // an empty array if isbn already exists to update
if(isset($_POST['anpsubmit'])){ //logging in users
$_POST = array_map("strip_tags",$_POST);
$_POST = array_map("trim",$_POST);
$isbn1 = $connection->real_escape_string($_POST['isbn1']);
$proname = $connection->real_escape_string($_POST['proname']);
$dimensions = $connection->real_escape_string($_POST['dimensions']);
$sprice = $connection->real_escape_string($_POST['sprice']);
$weight = $connection->real_escape_string($_POST['weight']);
$code = $connection->real_escape_string($_POST['code']);
$userid = $_SESSION['userid'];
settype($sprice, "double");
settype($code, "integer");
/*
if ( $sprice == 0 || gettype($sprice) != "double") {
$erors[] = "Enter Numbers only PLS!!";
}
*/
if ( gettype($code) != "integer") {
$erors[] = "Enter Numbers only PLS!!";
}
$num_length = strlen((string)$code);
if($num_length != 5) {
$erors[] = "Code can only be 5 numbers long!!";
}
// if isbn already in products table
$existquery = "SELECT * FROM `products` WHERE `ISBN` = {$isbn1}";
$exist = $connection->query($existquery);
if ($exist->num_rows > 0){
$update[] = "This ISBN is in the products table!!";
}
// if code already in products table
$existquery1 = "SELECT * FROM `products` WHERE `code` = {$code} AND `ISBN` != {$isbn1}";
$exist1 = $connection->query($existquery1);
if ($exist1->num_rows > 0){
$erors[] = "This code is already associated with another ISBN!!<br />
Enter a new code.";
}
if ( $isbn1 == 0 || strlen($isbn1) != 13) {
$erors[] = "ISBN cannot be less or greater than 13!!";
}// 13 numbers in isbn entered
/* if (count($update) > 0){ // product needs to be updated instead of insert query
$uquery = "UPDATE `products` SET `product_name`= {$proname},`dimensions`= {$dimensions},`selling_price`= {$sprice},`weight`= {$weight},`code`= {$code},`User_ID`= {$userid} WHERE `ISBN`= {$isbn1};";
if (!$uquery1 = $connection->query($uquery)) $erors[] = $connection->sqlstate;
} */
if (count($erors) < 1){ // if no errors or update
$iquery1 = "INSERT INTO `products` (`ISBN`, `product_name`, `dimensions`, `selling_price`, `weight`, `code`, `User_ID`) VALUES ({$isbn1}, {$proname}, {$dimensions}, {$sprice}, {$weight}, {$code}, {$userid});";
if (!$insert1 = $connection->query($iquery1)) {
$erors[] = $connection->sqlstate;
}
} // if no errors
else { //errors!!!
$rmessage = implode('<br />', $erors);
$_SESSION['rmessage'] = $rmessage;
toview();
}
toindex();
} //post for adding new products
?>