<?php
//product_classs.php file eka
class product{
var $table_name = "products";
var $rows;
public $ProductCategoryID , $manufacturer , $ProductLocation , $ProductName , $ProductPrice , $ProductWeight , $ProductStatus , $ProductStock , $ProductCartDesc , $Product_image , $ProductThumb , $ProductShortDesc , $ProductLongDesc ;
public $pressSumbitButton , $productImage;
public $cur_auto_id;
public $updateProductID;
//*******************************************************************
// Anti MySQL injection Method
//*******************************************************************
function cleanVer($formVar) {
if(!get_magic_quotes_gpc()){
$formVar = mysql_real_escape_string($formVar);
$formVar = htmlspecialchars($formVar, ENT_IGNORE, 'utf-8');
$formVar = strip_tags($formVar);//remove html internal tags
$formVar = stripslashes($formVar);
$formVar = trim($formVar);
return $formVar;
}
}
//*****************************************************************
// Update Product Method
//******************************************************************
function updateFormToDB($id){
$pid = $id;
if(isset($this->pressSumbitButton)){
$manufacturer = $this->manufacturer ;
$ProductLocation = $this->ProductLocation ;
$ProductName = $this->ProductName ;
$ProductPrice = $this->ProductPrice ;
$ProductWeight = $this->ProductWeight ;
$ProductStatus = $this->ProductStatus ;
$ProductStock = $this->ProductStock ;
$ProductCartDesc = $this->ProductCartDesc ;
$cur_auto_id = $this->cur_auto_id ;
$ProductShortDesc = $this->ProductShortDesc;
$ProductLongDesc = $this->ProductLongDesc;
mysql_query("BEGIN");
$sql = ("UPDATE Products SET manufacturer = '$manufacturer',ProductLocation = '$ProductLocation',ProductName = '$ProductName' ,ProductPrice = '$ProductPrice' ,ProductWeight = '$ProductWeight' ,ProductStatus = '$ProductStatus' ,ProductStock = '$ProductStock',ProductCartDesc ='$ProductCartDesc' , ProductShortDesc = '$ProductShortDesc' ,ProductLongDesc = '$ProductLongDesc' WHERE ProductID = '$pid'");
mysql_query($sql) or die(trigger_error("<br><storng><u>MySQL Error:</u></strong><br>".mysql_error()."<br><br><storng><u>Query Used:</u></strong><br>".$sql."<br><br><storng><u>Info:</u></strong><br>",E_USER_ERROR));
if(mysql_affected_rows()){ echo "update sucessfuly"; }
mysql_query("COMMIT");
}
}
}
?>
<?//mehema class ekak heduwa mama form ekak haraha mage data me function eken update karanna heduwama eka update karanna be kiyanawa
phala form eka ethi.HELP ekak oneeeeee?>
<div>
<?
//edit.php kiyala ekaka
if(!isset($_POST['update'])){
foreach($updateProduct as $u){?>
<form action="edit.php" method="post" enctype="multipart/form-data" name="addProduct">
<table width="595" border="1" cellspacing="1px" cellpadding="2px">
<tr>
<th colspan="2" bgcolor="#4180BE"><font color="#FFFFFF">Update Product Details Panal</font></th>
</tr>
<tr>
<td width="238">Product Category Id</td>
<td width="340"><input name="ProductCategoryID" type="text" value=" <? echo $u['ProductID']; ?>" /></td>
</tr>
<tr>
<td width="238">ProductName</td>
<td width="340"><input type="text" name="ProductName" value="<? echo $u['ProductName'] ?>" /></td>
</tr>
<tr>
<td>ProductPrice</td>
<td><input type="text" name="ProductPrice" value="<? echo $u['ProductPrice']?>"/></td>
</tr>
<tr>
<td>ProductWeight</td>
<td><input type="text" name="ProductWeight" value="<? echo $u['ProductWeight']?>" /></td>
</tr>
<tr>
<td>ProductStatus</td>
<td><input type="text" name="ProductStatus" value="<? echo $u['ProductStatus']?>" /></td>
</tr>
<tr>
<td>ProductCartDesc</td>
<td><input type="text" name="ProductCartDesc" value="<? echo $u['ProductCartDesc']?>" /></td>
</tr>
<tr>
<td>ProductShortDesc</td>
<td><input type="text" name="ProductShortDesc" value="<? echo $u['ProductShortDesc']?>" /></td>
</tr>
<tr>
<td>ProductLongDesc</td>
<td><input type="text" name="ProductLongDesc" value="<? echo $u['ProductLongDesc']?>" /></td>
</tr>
<tr>
<td>productImage</td>
<td><input name="productImage" type="file" value="<? $u['ProductImages']?>" /></td>
</tr>
<tr>
<td>Product Stock</td>
<td><select name="ProductStock" >
<option value="<? echo $u['ProductStock']?>" selected="selected"><?php echo $u['ProductStock']?></option>
<option value="inStock">inStock</option>
<option value="outStock">out of stock</option>
<option value="unlimited">unlimited</option>
</select></td>
</tr>
<tr>
<td>ProductLocation</td>
<td><input type="text" name="ProductLocation" value="<? echo $u['ProductLocation']?>" /></td>
</tr>
<tr>
<td>manufacturer</td>
<td><input type="text" name="manufacturer" value="<? echo $u['manufacturer']?>" /></td>
</tr>
<tr ><td colspan="2" align="center">
<input type="hidden" name="pid" value="<?php $u['ProductID'] ?>"/>
<input name="update" type="submit" value="Update Product Details" /></td>
</tr>
</table>
</form>
<? }}else{
$product->manufacturer = $product->cleanVer($_POST['manufacturer']);
$product->ProductLocation = $product->cleanVer($_POST['ProductLocation']);
$product->ProductName = $product->cleanVer($_POST['ProductName']);
$product->ProductPrice = $product->cleanVer($_POST['ProductPrice']);
$product->ProductWeight = $product->cleanVer($_POST['ProductWeight']);
$product->ProductStatus = $product->cleanVer($_POST['ProductStatus']);
$product->ProductStock = $product->cleanVer($_POST['ProductStock']);
$product->ProductCartDesc = $product->cleanVer($_POST['ProductCartDesc']);
$product->pressSumbitButton = $product->cleanVer($_POST['update']);
$product->productImage = $_FILES['productImage'];
$product->ProductShortDesc = $product->cleanVer($_POST['ProductShortDesc']);
$product->ProductLongDesc = $product->cleanVer($_POST['ProductLongDesc']);
$updated = $product->updateFormToDB($_POST['pid']);
if($updated){ echo "update was successfully";}else{ echo "counld not update,try again later";}
$product->addProductImages();} ?>
</div>
//product_classs.php file eka
class product{
var $table_name = "products";
var $rows;
public $ProductCategoryID , $manufacturer , $ProductLocation , $ProductName , $ProductPrice , $ProductWeight , $ProductStatus , $ProductStock , $ProductCartDesc , $Product_image , $ProductThumb , $ProductShortDesc , $ProductLongDesc ;
public $pressSumbitButton , $productImage;
public $cur_auto_id;
public $updateProductID;
//*******************************************************************
// Anti MySQL injection Method
//*******************************************************************
function cleanVer($formVar) {
if(!get_magic_quotes_gpc()){
$formVar = mysql_real_escape_string($formVar);
$formVar = htmlspecialchars($formVar, ENT_IGNORE, 'utf-8');
$formVar = strip_tags($formVar);//remove html internal tags
$formVar = stripslashes($formVar);
$formVar = trim($formVar);
return $formVar;
}
}
//*****************************************************************
// Update Product Method
//******************************************************************
function updateFormToDB($id){
$pid = $id;
if(isset($this->pressSumbitButton)){
$manufacturer = $this->manufacturer ;
$ProductLocation = $this->ProductLocation ;
$ProductName = $this->ProductName ;
$ProductPrice = $this->ProductPrice ;
$ProductWeight = $this->ProductWeight ;
$ProductStatus = $this->ProductStatus ;
$ProductStock = $this->ProductStock ;
$ProductCartDesc = $this->ProductCartDesc ;
$cur_auto_id = $this->cur_auto_id ;
$ProductShortDesc = $this->ProductShortDesc;
$ProductLongDesc = $this->ProductLongDesc;
mysql_query("BEGIN");
$sql = ("UPDATE Products SET manufacturer = '$manufacturer',ProductLocation = '$ProductLocation',ProductName = '$ProductName' ,ProductPrice = '$ProductPrice' ,ProductWeight = '$ProductWeight' ,ProductStatus = '$ProductStatus' ,ProductStock = '$ProductStock',ProductCartDesc ='$ProductCartDesc' , ProductShortDesc = '$ProductShortDesc' ,ProductLongDesc = '$ProductLongDesc' WHERE ProductID = '$pid'");
mysql_query($sql) or die(trigger_error("<br><storng><u>MySQL Error:</u></strong><br>".mysql_error()."<br><br><storng><u>Query Used:</u></strong><br>".$sql."<br><br><storng><u>Info:</u></strong><br>",E_USER_ERROR));
if(mysql_affected_rows()){ echo "update sucessfuly"; }
mysql_query("COMMIT");
}
}
}
?>
<?//mehema class ekak heduwa mama form ekak haraha mage data me function eken update karanna heduwama eka update karanna be kiyanawa
phala form eka ethi.HELP ekak oneeeeee?>
<div>
<?
//edit.php kiyala ekaka
if(!isset($_POST['update'])){
foreach($updateProduct as $u){?>
<form action="edit.php" method="post" enctype="multipart/form-data" name="addProduct">
<table width="595" border="1" cellspacing="1px" cellpadding="2px">
<tr>
<th colspan="2" bgcolor="#4180BE"><font color="#FFFFFF">Update Product Details Panal</font></th>
</tr>
<tr>
<td width="238">Product Category Id</td>
<td width="340"><input name="ProductCategoryID" type="text" value=" <? echo $u['ProductID']; ?>" /></td>
</tr>
<tr>
<td width="238">ProductName</td>
<td width="340"><input type="text" name="ProductName" value="<? echo $u['ProductName'] ?>" /></td>
</tr>
<tr>
<td>ProductPrice</td>
<td><input type="text" name="ProductPrice" value="<? echo $u['ProductPrice']?>"/></td>
</tr>
<tr>
<td>ProductWeight</td>
<td><input type="text" name="ProductWeight" value="<? echo $u['ProductWeight']?>" /></td>
</tr>
<tr>
<td>ProductStatus</td>
<td><input type="text" name="ProductStatus" value="<? echo $u['ProductStatus']?>" /></td>
</tr>
<tr>
<td>ProductCartDesc</td>
<td><input type="text" name="ProductCartDesc" value="<? echo $u['ProductCartDesc']?>" /></td>
</tr>
<tr>
<td>ProductShortDesc</td>
<td><input type="text" name="ProductShortDesc" value="<? echo $u['ProductShortDesc']?>" /></td>
</tr>
<tr>
<td>ProductLongDesc</td>
<td><input type="text" name="ProductLongDesc" value="<? echo $u['ProductLongDesc']?>" /></td>
</tr>
<tr>
<td>productImage</td>
<td><input name="productImage" type="file" value="<? $u['ProductImages']?>" /></td>
</tr>
<tr>
<td>Product Stock</td>
<td><select name="ProductStock" >
<option value="<? echo $u['ProductStock']?>" selected="selected"><?php echo $u['ProductStock']?></option>
<option value="inStock">inStock</option>
<option value="outStock">out of stock</option>
<option value="unlimited">unlimited</option>
</select></td>
</tr>
<tr>
<td>ProductLocation</td>
<td><input type="text" name="ProductLocation" value="<? echo $u['ProductLocation']?>" /></td>
</tr>
<tr>
<td>manufacturer</td>
<td><input type="text" name="manufacturer" value="<? echo $u['manufacturer']?>" /></td>
</tr>
<tr ><td colspan="2" align="center">
<input type="hidden" name="pid" value="<?php $u['ProductID'] ?>"/>
<input name="update" type="submit" value="Update Product Details" /></td>
</tr>
</table>
</form>
<? }}else{
$product->manufacturer = $product->cleanVer($_POST['manufacturer']);
$product->ProductLocation = $product->cleanVer($_POST['ProductLocation']);
$product->ProductName = $product->cleanVer($_POST['ProductName']);
$product->ProductPrice = $product->cleanVer($_POST['ProductPrice']);
$product->ProductWeight = $product->cleanVer($_POST['ProductWeight']);
$product->ProductStatus = $product->cleanVer($_POST['ProductStatus']);
$product->ProductStock = $product->cleanVer($_POST['ProductStock']);
$product->ProductCartDesc = $product->cleanVer($_POST['ProductCartDesc']);
$product->pressSumbitButton = $product->cleanVer($_POST['update']);
$product->productImage = $_FILES['productImage'];
$product->ProductShortDesc = $product->cleanVer($_POST['ProductShortDesc']);
$product->ProductLongDesc = $product->cleanVer($_POST['ProductLongDesc']);
$updated = $product->updateFormToDB($_POST['pid']);
if($updated){ echo "update was successfully";}else{ echo "counld not update,try again later";}
$product->addProductImages();} ?>
</div>
