<?php
session_start();
/*
asaancart - easy shopping cart solution
---------------------------------------
Copyright 2009 Nasir Ahmad Khan
Email: hide@address.com
This file is part of asaancart - open source easy shopping cart solution.
asaancart is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
asaancart is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with asaancart. If not, see <http://www.gnu.org/licenses/>.
*/
include("../config/config.php");
include("includes/chk_login_status_inc.php");
$smarty->assign('title','Edit Product');
$product_id = $_GET['product_id'];
//////////////edit
if($_POST['btn_edit']=="Save")
{
if($product_id==""){
$product_id = $_POST['product_id'];
}
$category_id = $_POST['category_id'];
$brand_id = $_POST['brand_id'];
$attribute_id = $_POST['attribute_id'];
$set_id = $_POST['set_id'];
$product_name = $_POST['product_name'];
$product_name = str_replace("\'","'",$product_name);
$product_name = str_replace("'","\'",$product_name);
$product_description = $_POST['product_description'];
$product_description = str_replace("\'","'",$product_description);
$product_description = str_replace("'","\'",$product_description);
$product_overview = $_POST['product_overview'];
$product_overview = str_replace("\'","'",$product_overview);
$product_overview = str_replace("'","\'",$product_overview);
$product_price = $_POST['product_price'];
$product_deal_price = $_POST['product_deal_price'];
$product_code = $_POST['product_code'];
$is_featured = $_POST['is_featured'];
$is_new = $_POST['is_new'];
$is_special = $_POST['is_special'];
$is_clearence = $_POST['is_clearence'];
$tags = $_POST['tags'];
$product_type = $_POST['product_type'];
$product_status = $_POST['product_status'];
$product_qty = $_POST['product_qty'];
if($product_qty==""){$product_qty=-1;}
$taxable = $_POST['taxable'];
$variant_to_stock = $_POST['variant_to_stock'];
$stock_options = $_POST['stock_options'];
$availability = $_POST['availability'];
if($stock_options=="product_based_stock_level"){
$variant_level_stock="no";
$variant_to_stock = -1;
$availability = "NULL";
}elseif($stock_options=="variant_based_stock_level"){
$variant_level_stock="yes";
$variant_to_stock = $_POST['variant_to_stock'];
$availability = "NULL";
}elseif($stock_options=="no_stock_level"){
$variant_level_stock="no";
$variant_to_stock = -1;
$availability = $_POST['availability'];
}
//inser into product table
$sql = "UPDATE products SET product_name='$product_name',product_overview='$product_overview', product_description='$product_description', product_price=$product_price, product_deal_price=$product_deal_price, brand_id=$brand_id, product_code='$product_code', tags='$tags', is_special='$is_special', is_new='$is_new', is_featured='$is_featured', product_status='$product_status', product_type='$product_type', product_qty=$product_qty, is_clearence='$is_clearence' , taxable='$taxable', variant_level_stock = '$variant_level_stock', stock_variant_group_id = $variant_to_stock, availability = '$availability', stock_options = '$stock_options' WHERE product_id='$product_id'";
//echo $sql;
$results = mysql_query($sql);
//echo $sql;
$tag_array = explode(",",$tags);
foreach ($tag_array as $temp_tag){
$temp_tag = str_replace(" ","*",$temp_tag);
$temp_tag = str_replace("*","",$temp_tag);
if($temp_tag!=""){
$sql = "SELECT * FROM available_tags WHERE tag='".$temp_tag."'";
$results = mysql_query($sql);
$total_found_rec = mysql_num_rows($results);
if($total_found_rec>0){
}else{
//
$sql2 = "INSERT INTO available_tags (tag) VALUES ('".$temp_tag."')";
$results2 = mysql_query($sql2);
//
}
}
}
//update stock varaint tbl
/*
if($variant_level_stock=="yes"){
$sql_temp = "DELETE FROM product_stock WHERE product_id='$product_id'";
$results_temp = mysql_query($sql_temp);
$sql_all_stock_variants = "SELECT * FROM variants WHERE variant_group_id=".$_POST['stock_variant_group_id'];
$results_all_stock_variants = mysql_query($sql_all_stock_variants);
while($row_all_stock_variants = mysql_fetch_array($results_all_stock_variants) )
{
$stock_variant_qty_value = $_POST['stock_variant_qty_'.$row_all_stock_variants['variant_id']]; //qty
$stock_variant_id = $row_all_stock_variants['variant_id'];
$sql_stock_variant_group = "INSERT INTO product_stock (product_id, product_qty, variant_id) VALUES ('$product_id', $stock_variant_qty_value, $stock_variant_id)";
$results_stock_variant_group = mysql_query($sql_stock_variant_group);
}//end while
//update pro table
$sql_temp = "UPDATE products SET product_qty='', stock_variant_group_id=$stock_variant_group_id WHERE product_id='$product_id'";
$results_temp = mysql_query($sql_temp);
}else{
$sql_temp = "SELECT sum(product_qty) FROM product_stock WHERE product_id='$product_id'";
$results_temp = mysql_query($sql_temp);
while($row_temp = mysql_fetch_array($results_temp) )
{
$total_pro_qty = $row_temp[0];
}
//update pro table
$sql_temp = "UPDATE products SET product_qty=$total_pro_qty, stock_variant_group_id='' WHERE product_id='$product_id'";
$results_temp = mysql_query($sql_temp);
$sql_temp = "DELETE FROM product_stock WHERE product_id='$product_id'";
$results_temp = mysql_query($sql_temp);
}
//end stock variant
*/ //disabled in this version
/////insert cat
//
$sql = "DELETE FROM product_category WHERE product_id='".$product_id."'";
$results = mysql_query($sql);
if($category_id!=""){
foreach ($category_id as $temp_cat_id){
$sql = "SELECT * FROM product_category WHERE product_id='".$product_id."' AND category_id=".$temp_cat_id;
$results = mysql_query($sql);
$total_found_rec = mysql_num_rows($results);
if($total_found_rec>0){
}else{
$sql2 = "INSERT INTO product_category (product_id, category_id) VALUES ('".$product_id."',".$temp_cat_id.")";
$results2 = mysql_query($sql2);
}
}
}//end if chk
////end insert cat
/////variants
///////insert product variants if any
$variant_group_id = "";
$variant_group_id = $_POST['variant_group_id'];
$sql = "DELETE FROM product_variants WHERE product_id='".$product_id."'";
$results = mysql_query($sql);
if($variant_group_id!=""){
//$arr_variant_group_id = explode(",",$variant_group_id);
foreach ($variant_group_id as $temp_id) {
$variant_id ="";
//$variant_id = $_POST[$temp_id.'_variant_id'];
//echo $temp_id;
$sql_all_variants = "SELECT * FROM variants WHERE variant_group_id=".$temp_id;
$results_all_variants = mysql_query($sql_all_variants);
while($row_all_variants = mysql_fetch_array($results_all_variants) )
{
$variant_id_value = $_POST[$row_all_variants['variant_id'].'_variant_id'];
//echo $variant_id;
$variant_id = $row_all_variants['variant_id'];
if($variant_id_value=="yes"){
$show_variant = "yes";
}
else
{
$show_variant = "no";
}
//echo $row_all_variants['variant_id']."=".$show_variant."-";
$surcharge = $_POST['edit_variant_surcharge1_'.$variant_id];
$qty = $_POST['edit_variant_qty_'.$variant_id];
$sort_order = $_POST['edit_variant_order_'.$variant_id];
//if($_POST['add_variants']=="yes"){
//echo $surcharge;
//}else{
//}//end add if
if($qty==""){$qty=0;}
$sql_variant2 = "SELECT * FROM product_variants WHERE variant_id=$variant_id AND product_id='$product_id'";
$results_variant2 = mysql_query($sql_variant2);
$cnt_chk = mysql_num_rows($results_variant2);
if($cnt_chk>0){
$sql_update = "UPDATE product_variants SET surcharge=$surcharge, show_variant='$show_variant', qty=$qty, sort_order=$sort_order WHERE product_id='$product_id' AND variant_id=$variant_id";
$results_sql_update = mysql_query($sql_update);
}else{
$sql_insert = "INSERT INTO product_variants (product_id, variant_group_id, variant_id, surcharge, show_variant, qty, sort_order) VALUES ('$product_id', $temp_id, $variant_id, $surcharge, '$show_variant', $qty, $sort_order)";
$results_insert = mysql_query($sql_insert);
}
}//end while
//$surcharge = "";
}//end foreach
}
///////
///end variants
/*
, product_overview, product_description, product_price, category_id, set_id) VALUES ('".$product_id."', '".$product_name."','".$product_overview."','".$product_description."', $product_price, $category_id, $set_id)";
*/
//get set _id
$sql = "SELECT * FROM products WHERE product_id='".$product_id."'";
$results = mysql_query($sql);
while($row = mysql_fetch_assoc($results) )
{
$set_id = $row['set_id'];
}
//get attributes from the set
$sql = "SELECT * FROM attribute_set_value WHERE set_id=".$set_id;
$results = mysql_query($sql);
if($set_id!=""){
while($row = mysql_fetch_assoc($results) )
{
$attribute_id = $row['attribute_id'];
$sql3 = "SELECT * FROM attribute WHERE attribute_id=".$row['attribute_id'];
$results3 = mysql_query($sql3);
while($row3 = mysql_fetch_assoc($results3) )
{
$attribute_name = $row3['attribute_name'];
}
$product_attribute_id = $_POST["product_attribute_id_".$row['attribute_id']];
$attribute_value = $_POST["attribute_value_".$row['attribute_id']];
$old_attribute_value = $_POST["old_attribute_value_".$row['attribute_id']];
if($attribute_value!=""){
$sql4 = "UPDATE product_attributes SET attribute_value='$attribute_value' WHERE id=".$product_attribute_id;
$results4 = mysql_query($sql4);
if($attribute_value!=$old_attribute_value){
$sql_user_value = "SELECT * FROM attribute_value WHERE attribute_value='".$attribute_value."'";
$results_user_value = mysql_query($sql_user_value);
$match_found = 0;
$match_found = mysql_num_rows($results_user_value);
if($match_found == 0){
$sql_user_value = "INSERT INTO attribute_value (attribute_id, attribute_value) VALUES ($attribute_id, '".$attribute_value."')";
$results_user_value = mysql_query($sql_user_value);
}
}
}
//inser into product_attributes table
/*$sql4 = "INSERT INTO product_attributes (product_id, attribute_id, attribute_name, attribute_value) VALUES ('".$product_id."', ".$attribute_id.", '".$attribute_name."','".$attribute_value."')";
$results4 = mysql_query($sql4);*/
}
}//chk set
$uploaddir = $_SERVER['DOCUMENT_ROOT'].'/'.APP_ROOT_DIR.'/product_images/';
for($img_cnt=1;$img_cnt<=$_POST['image_count'];$img_cnt++){
if(basename($_FILES['image_'.$img_cnt]['name'])!=''){
$uploadfile = $uploaddir ."$product_id"."_".basename($_FILES['image_'.$img_cnt]['name']);
$image_filename = "$product_id"."_".basename($_FILES['image_'.$img_cnt]['name']);
if (move_uploaded_file($_FILES['image_'.$img_cnt]['tmp_name'], $uploadfile)) {
//echo "File is valid, and was successfully uploaded.\n";
} else {
echo "Possible file upload attack!\n";
}
$sql_image = "INSERT INTO product_images (product_id, image_filename) VALUES ('".$product_id."', '".$image_filename."')";
$results_image = mysql_query($sql_image);
$uploadfile = "";
} //end if
}// for end
$smarty->assign('msg_pro','Done: Changes saved successfully');
}
/////////////////end edit
//manage
$sql = "SELECT * FROM products WHERE product_id='".$product_id."'";
$results = mysql_query($sql);
while($row = mysql_fetch_assoc($results) )
{
$selected_product[] = $row;
//get pro image
$sql_img = "SELECT * FROM product_images WHERE product_id='".$row['product_id']."' ORDER BY is_main DESC";
$results_img = mysql_query($sql_img);
while($row_img = mysql_fetch_assoc($results_img) )
{
$product_images[] = $row_img;
}
// end pro img
}
//get all pro cat info
$sql = "SELECT * FROM product_category WHERE product_id='".$product_id."'";
$results = mysql_query($sql);
while($row = mysql_fetch_assoc($results) )
{
$selected_product_cat[] = $row;
}
//end get info
$smarty->assign('selected_product_cat', $selected_product_cat);
$smarty->assign('product_images', $product_images);
$smarty->assign('selected_product', $selected_product);
//
//get cat list
$sql = "SELECT * FROM category ORDER BY category_name";
$results = mysql_query($sql);
$total_cat = mysql_num_rows($results);
while($row = mysql_fetch_assoc($results) )
{
$all_categories[] = $row;
}
$smarty->assign('all_categories', $all_categories);
$smarty->assign('cat_list', $all_categories); //for select box
//end cat list
//get brand list
$sql = "SELECT * FROM brands ORDER BY brand_name";
$results = mysql_query($sql);
$total_brand = mysql_num_rows($results);
while($row = mysql_fetch_assoc($results) )
{
$all_brands[] = $row;
}
$smarty->assign('all_brands', $all_brands);
//end brand list
/*/get attribute set list
$sql = "SELECT * FROM products WHERE product_id='".$product_id."'";
$results = mysql_query($sql);
while($row = mysql_fetch_assoc($results) )
{
$set_id = $row['set_id'];
}
$sql = "SELECT * FROM attribute_set_value WHERE set_id=".$set_id." ORDER BY attribute_name";
$results = mysql_query($sql);
while($row = mysql_fetch_assoc($results) )
{
$product_attributes[] = $row;
}
*/
$sql = "SELECT * FROM product_attributes WHERE product_id='".$product_id."'";
$results = mysql_query($sql);
while($row = mysql_fetch_assoc($results) )
{
$product_attributes[] = $row;
}
$smarty->assign('product_attributes', $product_attributes);
//end attribute set list
//////////////////
//get attribute set value list
$sql = "SELECT * FROM products WHERE product_id='".$product_id."'";
$results = mysql_query($sql);
while($row = mysql_fetch_assoc($results) )
{
$set_id = $row['set_id'];
$stock_variant_group_id = $row['stock_variant_group_id'];
}
if($set_id!=""){
$sql = "SELECT * FROM attribute_set_value WHERE set_id=$set_id";
$results = mysql_query($sql);
while($row = mysql_fetch_assoc($results) )
{
//echo "<br>-------------------<br>"; //attribute_set_value table fields
$all_attribute_set_id[] = $row;
//echo $row['set_id']. " ==== ".$row['attribute_name']."<br>";
$sql2 = "SELECT * FROM attribute_value WHERE attribute_id=".$row['attribute_id'];
$results2 = mysql_query($sql2);
while($row2 = mysql_fetch_assoc($results2) )
{
$all_attribute_set_value[] = $row2;
//echo $row2['attribute_id']. " === ".$row2['attribute_value']."<br>";
}
}
}//ens set chk
$smarty->assign('all_attribute_set_value', $all_attribute_set_value);
$smarty->assign('all_attribute_set_id', $all_attribute_set_id);
$smarty->assign('attribute_set_id', $set_id);
//end attribute set value list
//////////////////
//list variants
//manage this is to show only stock mangement at variant level
$sql = "SELECT * FROM products WHERE product_id='$product_id'";
$results = mysql_query($sql);
$total_v = mysql_num_rows($results);
while($row = mysql_fetch_assoc($results) )
{
$sql2 = "SELECT * FROM variant_group WHERE variant_group_id=".$row['stock_variant_group_id'];
$results2 = mysql_query($sql2);
while($row2 = mysql_fetch_assoc($results2) )
{
//$list_product_variant_groups[] = $row2;
//$list_product_variant_groups_id[] = $row['variant_group_id'];
}
}
/**/
//manage
//get $row['stock_variant_group_id'];
//this is returning all variant groups
$sql = "SELECT DISTINCT variant_group_id FROM product_variants WHERE product_id='$product_id'";
$results = mysql_query($sql);
while($row = mysql_fetch_assoc($results) )
{
$sql2 = "SELECT * FROM variant_group WHERE variant_group_id=".$row['variant_group_id'];
//$sql2 = "SELECT * FROM variant_group WHERE variant_group_id=".$row['variant_group_id'];
$results2 = mysql_query($sql2);
while($row2 = mysql_fetch_assoc($results2) )
{
$list_product_variant_groups[] = $row2;
//$list_product_variant_groups_id[] = $row['variant_group_id'];
}
}
$smarty->assign('list_product_variant_groups', $list_product_variant_groups);
//end manage
///list all sub variants
//manage
$sql = "SELECT * FROM product_variants WHERE product_id='$product_id' ORDER BY sort_order";
$results = mysql_query($sql);
$total_v = mysql_num_rows($results);
while($row = mysql_fetch_assoc($results) )
{
$list_all_product_sub_variants[] = $row;
}
$smarty->assign('list_all_product_sub_variants', $list_all_product_sub_variants);
//end manage
//end list variants
//remaining
$sql = "SELECT * FROM variant_group WHERE variant_group_id NOT IN (SELECT DISTINCT variant_group_id FROM product_variants WHERE product_id='$product_id')";;
$results = mysql_query($sql);
while($row = mysql_fetch_assoc($results) )
{
$list_remaining_variant_group[] = $row;
}
$smarty->assign('list_remaining_variant_group', $list_remaining_variant_group);
//list variants
//manage
$sql = "SELECT * FROM variant_group ORDER BY group_name";
$results = mysql_query($sql);
$total_group = mysql_num_rows($results);
$smarty->assign('total_group', $total_group);
while($row = mysql_fetch_assoc($results) )
{
$list_all_variant_group[] = $row;
}
$smarty->assign('list_all_variant_group', $list_all_variant_group);
//end manage
///list all sub variants
//manage
$sql = "SELECT * FROM variants ORDER BY variant_name";
$results = mysql_query($sql);
$total_sub_variants = mysql_num_rows($results);
$smarty->assign('total_sub_variants', $total_sub_variants);
while($row = mysql_fetch_assoc($results) )
{
$list_all_sub_variants[] = $row;
}
$smarty->assign('list_all_sub_variants', $list_all_sub_variants);
//end manage
//end list variants
//list all tags
$sql = "SELECT * FROM available_tags ORDER BY tag";
$results = mysql_query($sql);
while($row = mysql_fetch_assoc($results) )
{
$available_tags[] = $row;
}
$smarty->assign('available_tags', $available_tags);
//manage
//end list all tags
$smarty->assign('product_id', $product_id);
$smarty->display('edit_product.tpl');
?>