<?php
session_start();
/*
asaancart - easy shopping cart solution
---------------------------------------
Copyright 2009 Nasir Ahmad Khan
Email: hide@address.com
This file is part of asaancart - open source easy shopping cart solution.
asaancart is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
asaancart is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with asaancart. If not, see <http://www.gnu.org/licenses/>.
*/
include("../config/config.php");
include("includes/chk_login_status_inc.php");
$smarty->assign('title','Add Product');
$category_id = $_POST['category_id'];
$attribute_id = $_POST['attribute_id'];
$set_id = $_POST['set_id'];
$product_name = $_POST['product_name'];
$product_description = $_POST['product_description'];
$product_overview = $_POST['product_overview'];
$product_price = $_POST['product_price'];
if($_POST['btn_edit']=="save")
{
//inser into product table
$sql = "UPDATE products SET(product_name='$product_name') WHERE product_id='$product_id'";
$results = mysql_query($sql);
/*
, product_overview, product_description, product_price, category_id, set_id) VALUES ('".$product_id."', '".$product_name."','".$product_overview."','".$product_description."', $product_price, $category_id, $set_id)";
*/
//get set _id
$sql = "SELECT * FROM products WHERE product_id='".$product_id."'";
$results = mysql_query($sql);
while($row = mysql_fetch_assoc($results) )
{
$set_id = $row['set_id'];
}
//get attributes from the set
$sql = "SELECT * FROM attribute_set_value WHERE set_id=".$set_id;
$results = mysql_query($sql);
while($row = mysql_fetch_assoc($results) )
{
$attribute_id = $row['attribute_id'];
$sql3 = "SELECT * FROM attribute WHERE attribute_id=".$row['attribute_id'];
$results3 = mysql_query($sql3);
while($row3 = mysql_fetch_assoc($results3) )
{
$attribute_name = $row3['attribute_name'];
}
$product_attribute_id = $_POST["product_attribute_id_".$row['attribute_id']];
$attribute_value = $_POST["attribute_value_".$row['attribute_id']];
if($attribute_value!=""){
$sql4 = "UPDATE product_attributes SET (attribute_value='$attribute_value') WHERE id=".$product_attribute_id;
}
//inser into product_attributes table
/*$sql4 = "INSERT INTO product_attributes (product_id, attribute_id, attribute_name, attribute_value) VALUES ('".$product_id."', ".$attribute_id.", '".$attribute_name."','".$attribute_value."')";
$results4 = mysql_query($sql4);*/
}
$uploaddir = $_SERVER['DOCUMENT_ROOT'].'/'.APP_ROOT_DIR.'/product_images/';
for($img_cnt=1;$img_cnt<=$_POST['image_count'];$img_cnt++){
if(basename($_FILES['image_'.$img_cnt]['name'])!=''){
$uploadfile = $uploaddir ."$product_id"."_".basename($_FILES['image_'.$img_cnt]['name']);
$image_filename = "$product_id"."_".basename($_FILES['image_'.$img_cnt]['name']);
if (move_uploaded_file($_FILES['image_'.$img_cnt]['tmp_name'], $uploadfile)) {
//echo "File is valid, and was successfully uploaded.\n";
} else {
echo "Possible file upload attack!\n";
}
$sql_image = "INSERT INTO product_images (product_id, image_filename) VALUES ('".$product_id."', '".$image_filename."')";
$results_image = mysql_query($sql_image);
$uploadfile = "";
} //end if
}// for end
$smarty->assign('msg_pro','Done: Added Successfully');
}
/*/ delete
if($_GET['mode']=="delete")
{
$sql = "DELETE FROM products WHERE product_id=".$product_id;
$results = mysql_query($sql);
$smarty->assign('msg','Done: Deleted Successfully');
}
//end delete
/manage
$sql = "SELECT * FROM product ORDER BY product_name";
$results = mysql_query($sql);
$total_pro = mysql_num_rows($results);
$smarty->assign('total_pro', $total_pro);
while($row = mysql_fetch_assoc($results) )
{
$pro_list[] = $row;
}
$smarty->assign('pro_list', $pro_list);
//end manage*/
$smarty->display('edit_product.tpl');
?>