Location: PHPKode > projects > Simple PHP Shopping cart - asaancart > asaancart v-0.9/admin/add_product.php
<?php
session_start();
/*
asaancart - easy shopping cart solution
---------------------------------------

Copyright 2009 Nasir Ahmad Khan
Email: hide@address.com

This file is part of asaancart - open source easy shopping cart solution.

asaancart is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

asaancart is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with asaancart.  If not, see <http://www.gnu.org/licenses/>.

*/

include("../config/config.php");
include("includes/chk_login_status_inc.php");

$smarty->assign('title','Add Product');

$category_id = $_POST['category_id'];
$brand_id = $_POST['brand_id'];
$attribute_id = $_POST['attribute_id'];
$set_id = $_POST['set_id'];
$product_name = $_POST['product_name'];
$product_name = str_replace("'","\'",$product_name);

$product_description = $_POST['product_description'];
$product_description = str_replace("'","\'",$product_description);

$product_overview = $_POST['product_overview'];
$product_overview = str_replace("'","\'",$product_overview);


$product_price = $_POST['product_price'];

$product_deal_price = $_POST['product_deal_price'];
$product_code = $_POST['product_code'];
$selected_cross_product_id = $_POST['selected_cross_product_id'];
$is_featured = $_POST['is_featured'];
$is_new = $_POST['is_new'];
$is_special = $_POST['is_special'];
$is_clearence = $_POST['is_clearence'];
$tags = $_POST['tags'];

$product_type = $_POST['product_type'];
$product_status = $_POST['product_status'];
$product_qty = $_POST['product_qty'];
if($product_qty==""){$product_qty=0;}
$taxable = $_POST['taxable'];

$variant_level_stock = $_POST['variant_level_stock'];


$variant_to_stock = $_POST['variant_to_stock'];
$stock_options = $_POST['stock_options'];
$availability = $_POST['availability'];


if($stock_options=="product_based_stock_level"){
	$variant_level_stock="no"; 
	$variant_to_stock = -1;
	$availability = "NULL";
}elseif($stock_options=="variant_based_stock_level"){
	$variant_level_stock="yes";
	$variant_to_stock = $_POST['variant_to_stock'];
	$availability = "NULL";
}elseif($stock_options=="no_stock_level"){
	$variant_level_stock="no";
	$variant_to_stock = -1;
	$availability = $_POST['availability'];
}



if($_POST['btn_create']=="Create")
{	
	
		srand((double)microtime()*1000000);
		$product_id = md5(uniqid(rand()));
		
		//inser into product table
		if($set_id!=""){ 
		$sql = "INSERT INTO products (product_id, product_name, brand_id, product_overview, product_description, product_price, product_deal_price, set_id, product_code, is_featured, is_new, is_special, is_clearence, tags, product_status, product_type, product_qty, taxable, variant_level_stock, stock_variant_group_id, availability, stock_options) VALUES ('".$product_id."', '".$product_name."', $brand_id, '".$product_overview."','".$product_description."', $product_price, $product_deal_price, $set_id, '".$product_code."', '$is_featured', '$is_new', '$is_special', '$is_clearence', '$tags', '$product_status', '$product_type', $product_qty, '$taxable', '$variant_level_stock', $variant_to_stock, '$availability', '$stock_options')";
		}else{
		$sql = "INSERT INTO products (product_id, product_name, brand_id, product_overview, product_description, product_price, product_deal_price, product_code, is_featured, is_new, is_special, is_clearence, tags, product_status, product_type, product_qty, taxable, variant_level_stock, stock_variant_group_id, availability, stock_options) VALUES ('".$product_id."', '".$product_name."', $brand_id, '".$product_overview."','".$product_description."', $product_price, $product_deal_price, '".$product_code."', '$is_featured', '$is_new', '$is_special', '$is_clearence', '$tags', '$product_status', '$product_type', $product_qty, '$taxable', '$variant_level_stock', $variant_to_stock, '$availability', '$stock_options')";

		}
		//echo $sql;
		$results = mysql_query($sql);
		
		//update stock varaint tbl
		/*
		if($variant_level_stock=="yes"){
		
			$sql_temp = "DELETE FROM product_stock WHERE product_id='$product_id'";
			$results_temp = mysql_query($sql_temp);
		
			$use_variant_id = explode(",",$_POST['use_variant_id']);
			foreach ($use_variant_id as $temp_variant_select_id){
				$stock_variant_qty_value = $_POST['stock_variant_qty_'.$temp_variant_select_id]; //qty
				
				$sql_stock_variant_chk = "SELECT * FROM product_stock WHERE product_id='$product_id' AND variant_id=$temp_variant_select_id";
				$results_stock_variant_chk = mysql_query($sql_stock_variant_chk);
				$total_stock_found_rec = mysql_num_rows($results_stock_variant_chk);
				if($total_stock_found_rec>0){
					$sql_stock_variant_group = "UPDATE product_stock SET product_qty=$stock_variant_qty_value WHERE product_id='$product_id' AND variant_id=$temp_variant_select_id";
					$results_stock_variant_group = mysql_query($sql_stock_variant_group);	
				}else{
					$sql_stock_variant_group = "INSERT INTO product_stock (product_id, product_qty, variant_id) VALUES ('$product_id', $stock_variant_qty_value, $temp_variant_select_id)";
					$results_stock_variant_group = mysql_query($sql_stock_variant_group);	
				}
				
				
				
				
			}//end foe each
		}
		*/
		//end stock variant
		 //disabled in this version
		
		//update tags database
		$tag_array = explode(",",$tags);
		
		foreach ($tag_array as $temp_tag){
		$temp_tag = str_replace(" ","*",$temp_tag);
		$temp_tag = str_replace("*","",$temp_tag);
		if($temp_tag!=""){
			$sql = "SELECT * FROM available_tags WHERE tag='".$temp_tag."'";
			$results = mysql_query($sql);
			$total_found_rec = mysql_num_rows($results);
			if($total_found_rec>0){
			}else{
				//
					$sql2 = "INSERT INTO available_tags (tag) VALUES ('".$temp_tag."')";
					$results2 = mysql_query($sql2);
				//
			}
		}
		}	
		
		
		//end tag db
		/////insert cat
		//
		foreach ($category_id as $temp_cat_id){
		$sql = "SELECT * FROM product_category WHERE product_id='".$product_id."' AND category_id=".$temp_cat_id;
		$results = mysql_query($sql);
		$total_found_rec = mysql_num_rows($results);
			if($total_found_rec>0){
			}else{
			$sql2 = "INSERT INTO product_category (product_id, category_id) VALUES ('".$product_id."',".$temp_cat_id.")";
			$results2 = mysql_query($sql2);
			}
		
		
		}
		////end insert cat
		///////insert cross selling products if any
		
		if($selected_cross_product_id!=""){
		$arr_cross_pro_id = explode(",",$selected_cross_product_id);
			foreach ($selected_cross_product_id as $temp_id) {
				$sql_cross = "INSERT INTO cross_selling_products (product_id, cross_product_id) VALUES ('".$product_id."', '".$temp_id."')";
				$results_cross = mysql_query($sql_cross);
			}//end foreach
		}
		///////
		
		///////insert related products if any
		
		if($selected_related_product_id!=""){
		$arr_related_pro_id = explode(",",$selected_related_product_id);
			foreach ($selected_related_product_id as $temp_id) {
				$sql_related = "INSERT INTO related_products (product_id, related_product_id) VALUES ('".$product_id."', '".$temp_id."')";
				$results_related = mysql_query($sql_related);
			}//end foreach
		}
		///////
		
		///////insert product variants if any
		$variant_group_id = "";
		$variant_group_id = $_POST['variant_group_id'];
		if($variant_group_id!=""){
		//$arr_variant_group_id = explode(",",$variant_group_id);
			foreach ($variant_group_id as $temp_id) {
			$variant_id ="";
			//$variant_id = $_POST[$temp_id.'_variant_id'];
			//echo $temp_id;
			$sql_all_variants = "SELECT * FROM variants WHERE variant_group_id=".$temp_id;
			$results_all_variants = mysql_query($sql_all_variants);
			while($row_all_variants = mysql_fetch_array($results_all_variants) )
			{
				$variant_id_value = $_POST[$row_all_variants['variant_id'].'_variant_id'];
				//echo $variant_id;
				$variant_id = $row_all_variants['variant_id'];
				if($variant_id_value=="yes"){
				$show_variant = "yes";
				}
				else
				{
				$show_variant = "no";
				}
				//echo $row_all_variants['variant_id']."=".$show_variant."-";
				$surcharge = $_POST['edit_variant_surcharge1_'.$variant_id];
				$qty = $_POST['edit_variant_qty_'.$variant_id];
				$sort_order = $_POST['edit_variant_order_'.$variant_id];
				//echo $sort_order;
				//if($variant_level_stock=="yes"){
				if($qty!=""){
					$sql_variant_group = "INSERT INTO product_variants (product_id, variant_group_id, variant_id, surcharge, show_variant, qty, sort_order) VALUES ('$product_id', $temp_id, $variant_id, $surcharge, '$show_variant', $qty, $sort_order)";
				}else{
					$sql_variant_group = "INSERT INTO product_variants (product_id, variant_group_id, variant_id, surcharge, show_variant, sort_order) VALUES ('$product_id', $temp_id, $variant_id, $surcharge, '$show_variant', $sort_order)";
				}
					$results_variant_group = mysql_query($sql_variant_group);	
			}//end while

					//$surcharge = "";
				
			}//end foreach
		}
		///////
		//echo $sql_variant_group;
		//get attributes from the set
		if($set_id!=""){
		$sql = "SELECT * FROM attribute_set_value WHERE set_id=".$set_id;
		$results = mysql_query($sql);
			
		
		while($row = mysql_fetch_array($results) )
		{
		$attribute_id = $row['attribute_id'];
			$sql3 = "SELECT * FROM attribute WHERE attribute_id=".$row['attribute_id'];
			$results3 = mysql_query($sql3);
			while($row3 = mysql_fetch_assoc($results3) )
			{
				$attribute_name = $row3['attribute_name'];
			}
			
			if($_POST['add_attribute_'.$row['attribute_id']]=="yes"){
			if ($_POST["attribute_user_value_".$row['attribute_id']]!=""){
				$attribute_value = $_POST["attribute_user_value_".$row['attribute_id']];
				//inser into attribute_value table 
				$sql_user_value = "INSERT INTO attribute_value (attribute_id, attribute_value) VALUES ($attribute_id, '".$attribute_value."')";
				$results_user_value = mysql_query($sql_user_value);
				
			}else{
				$attribute_value = $_POST["attribute_".$row['attribute_id']];
			}
			//inser into product_attributes table 
		$sql4 = "INSERT INTO product_attributes (product_id, attribute_id, attribute_name, attribute_value) VALUES ('".$product_id."', ".$attribute_id.", '".$attribute_name."','".$attribute_value."')";
		$results4 = mysql_query($sql4);
			}//end if add attribute yes
		}
		
		}//end set chk
		
		$uploaddir = $_SERVER['DOCUMENT_ROOT'].'/'.APP_ROOT_DIR.'/product_images/';
		
		for($img_cnt=1;$img_cnt<=$_POST['image_count'];$img_cnt++){
			if(basename($_FILES['image_'.$img_cnt]['name'])!=''){
				$uploadfile = $uploaddir ."$product_id"."_".basename($_FILES['image_'.$img_cnt]['name']);
				$image_filename = "$product_id"."_".basename($_FILES['image_'.$img_cnt]['name']);
				if (move_uploaded_file($_FILES['image_'.$img_cnt]['tmp_name'], $uploadfile)) {
				//echo "File is valid, and was successfully uploaded.\n";
				} else {
					echo "Possible file upload attack!\n";
				}
				if($mainImgSet!=1){
				$sql_image = "INSERT INTO product_images (product_id, image_filename, is_main) VALUES ('".$product_id."', '".$image_filename."', 1)";
				$mainImgSet=1;
				}else{
				$sql_image = "INSERT INTO product_images (product_id, image_filename, is_main) VALUES ('".$product_id."', '".$image_filename."', 0)";
				}
				$results_image = mysql_query($sql_image);
				$uploadfile = "";
			} //end if 
		}// for end
		$smarty->assign('msg_pro','Done: Added Successfully');

}
/*/ delete
if($_GET['mode']=="delete")
{	
	$sql = "DELETE FROM products WHERE product_id=".$product_id;
	$results = mysql_query($sql);
	$smarty->assign('msg','Done: Deleted Successfully');
	
}


//end delete

/manage
$sql = "SELECT * FROM product ORDER BY product_name";
$results = mysql_query($sql);
$total_pro = mysql_num_rows($results);
$smarty->assign('total_pro', $total_pro);

while($row = mysql_fetch_assoc($results) )
{
	$pro_list[] = $row;		
}

$smarty->assign('pro_list', $pro_list);
//end manage*/

//get cat list
$sql = "SELECT * FROM category ORDER BY category_name";
$results = mysql_query($sql);
$total_cat = mysql_num_rows($results);

while($row = mysql_fetch_assoc($results) )
{
	$all_categories[] = $row;		
}

$smarty->assign('all_categories', $all_categories);
$smarty->assign('cat_list', $all_categories); //for select box
//end cat list

//get brand list
$sql = "SELECT * FROM brands ORDER BY brand_name";
$results = mysql_query($sql);
$total_cat = mysql_num_rows($results);

while($row = mysql_fetch_assoc($results) )
{
	$all_brands[] = $row;		
}

$smarty->assign('all_brands', $all_brands);
//end brand list

//get attribute set list
$sql = "SELECT * FROM attribute_set ORDER BY attribute_set_name";
$results = mysql_query($sql);
$total_attribute_set = mysql_num_rows($results);

while($row = mysql_fetch_assoc($results) )
{
	$all_attribute_set[] = $row;		
}

$smarty->assign('all_attribute_set', $all_attribute_set);
//end attribute set list

/////get all products
//manage
$sql = "SELECT * FROM products ORDER BY product_name";
$results = mysql_query($sql);
$total_products = mysql_num_rows($results);
$smarty->assign('total_products', $total_products);

while($row = mysql_fetch_assoc($results) )
{
	$all_product_list[] = $row;
	$related_product_list[] = $row;
	//get pro image
	$sql_img = "SELECT * FROM product_images WHERE product_id='".$row['product_id']."'";
	$results_img = mysql_query($sql_img);
	$img_cnt = 0;
	while($row_img = mysql_fetch_assoc($results_img) )
	{
		if($img_cnt<1){
			$product_images[] = $row_img;
			$img_cnt++;
		}
				
	}
	
	
	// end pro img		
}
$smarty->assign('product_images', $product_images);
$smarty->assign('all_product_list', $all_product_list);
$smarty->assign('related_product_list', $related_product_list);

//end manage
///end pro get

//list variants
//manage
$sql = "SELECT * FROM variant_group ORDER BY group_name";
$results = mysql_query($sql);
$total_group = mysql_num_rows($results);
$smarty->assign('total_group', $total_group);

while($row = mysql_fetch_assoc($results) )
{
	$list_all_variant_group[] = $row;		
}

$smarty->assign('list_all_variant_group', $list_all_variant_group);
//end manage

///list all sub variants
//manage
$sql = "SELECT * FROM variants ORDER BY variant_name";
$results = mysql_query($sql);
$total_sub_variants = mysql_num_rows($results);
$smarty->assign('total_sub_variants', $total_sub_variants);

while($row = mysql_fetch_assoc($results) )
{
	$list_all_sub_variants[] = $row;		
}

$smarty->assign('list_all_sub_variants', $list_all_sub_variants);
//end manage

//end list variants

//manage
$sql = "SELECT * FROM variant_group WHERE enable_stock='yes'";
$results = mysql_query($sql);
$total_variant_stock = mysql_num_rows($results);
$smarty->assign('total_variant_stock', $total_variant_stock);

while($row = mysql_fetch_assoc($results) )
{
	$stock_variant_group_id = $row['variant_group_id'];
	$list_stock_variant_group[] = $row;
			
}
$smarty->assign('list_stock_variant_group', $list_stock_variant_group);
$smarty->assign('stock_variant_group_id', $stock_variant_group_id);

if($stock_variant_group_id!=""){
//manage
$sql = "SELECT * FROM variants WHERE variant_group_id=".$stock_variant_group_id;
$results = mysql_query($sql);

while($row = mysql_fetch_a($results) )
{
	$list_stock_variants[] = $row;		
}

$smarty->assign('list_stock_variants', $list_stock_variants);
//end manage

}

//end manage


//list all tags
$sql = "SELECT * FROM available_tags ORDER BY tag";
$results = mysql_query($sql);
while($row = mysql_fetch_assoc($results) )
{
	$available_tags[] = $row;		
}

$smarty->assign('available_tags', $available_tags);


//end list all tags

$smarty->display('add_product.tpl');
?>
Return current item: Simple PHP Shopping cart - asaancart