BLACKSITE
:
216.73.217.4
:
104.37.75.190 / alpenpass.ca
:
Linux server3.pointsplan.com 5.14.0-503.38.1.el9_5.x86_64 #1 SMP PREEMPT_DYNAMIC Fri Apr 18 08:52:10 EDT 2025 x86_64
:
/
home
/
apca
/
www
/
admin
/
Upload File:
files >> /home/apca/www/admin/edit-product.php
<?php session_start(); //error_reporting(0); date_default_timezone_set('America/Vancouver'); include('includes/config.php'); if(strlen($_SESSION['alogin'])==0) { header('location:index.php'); } else{ if(isset($_POST['submit'])) { $prodCat=(strlen($_POST['ProductsCategoryNew'])>2)? $_POST['ProductsCategoryNew'] : $_POST['ProductsCategory']; $ProductsTitle= $_POST['ProductsTitle']; $ProductsBrnd= $_POST['ProductsBrnd']; $ProductsCategory= $prodCat; $ProductsModelNumber= $_POST['ProductsModelNumber']; $ProductsUPC= $_POST['ProductsUPC']; $ProductsWeight= $_POST['ProductsWeight']; $ProductsOverview= $_POST['ProductsOverview']; $ProductsCost= $_POST['ProductsCost']; $ProductsRetail= $_POST['ProductsRetail']; $ProductsSale= $_POST['ProductsSale']; $ProductsGSTRate= $_POST['ProductsGSTRate']; $ProductsPSTRate= $_POST['ProductsPSTRate']; $ProductsSize= $_POST['ProductsSize']; $ProductsColor= $_POST['ProductsColor']; $ProductsStatus= $_POST['ProductsStatus']; $UpdationDate= date("Y-m-d H:i"); $seasonal_discount= $_POST['seasonal_discount']; $RegDate= $_POST['RegDate']; $ProductQuantity= $_POST['ProductQuantity']; $metaTitle= $_POST['metaTitle']; $metaDescription = $_POST['metaDescription']; $id=intval($_GET['id']); if($_POST['process']<>'add'){ $sql = "UPDATE tblproducts SET ProductsTitle = :ProductsTitle, ProductsBrnd = :ProductsBrnd, ProductsCategory = :ProductsCategory, ProductsModelNumber = :ProductsModelNumber, ProductsUPC = :ProductsUPC, ProductsWeight = :ProductsWeight, ProductsOverview = :ProductsOverview, ProductsCost = :ProductsCost, ProductsRetail = :ProductsRetail, ProductsSale = :ProductsSale, ProductsGSTRate = :ProductsGSTRate, ProductsPSTRate = :ProductsPSTRate, ProductsSize = :ProductsSize, ProductsColor = :ProductsColor, ProductsStatus = :ProductsStatus, UpdationDate = :UpdationDate, seasonal_discount = :seasonal_discount, RegDate = :RegDate, ProductQuantity = :ProductQuantity, metaTitle = :metaTitle, metaDescription = :metaDescription WHERE id = :id"; $query = $dbh->prepare($sql); if (!$query) { $errorInfo = $dbh->errorInfo(); die("Error preparing query: " . $errorInfo[2]); } $query->bindParam(':ProductsTitle', $ProductsTitle, PDO::PARAM_STR); $query->bindParam(':ProductsBrnd', $ProductsBrnd, PDO::PARAM_STR); $query->bindParam(':ProductsCategory', $ProductsCategory, PDO::PARAM_STR); $query->bindParam(':ProductsModelNumber', $ProductsModelNumber, PDO::PARAM_STR); $query->bindParam(':ProductsUPC', $ProductsUPC, PDO::PARAM_STR); $query->bindParam(':ProductsWeight', $ProductsWeight, PDO::PARAM_STR); $query->bindParam(':ProductsOverview', $ProductsOverview, PDO::PARAM_STR); $query->bindParam(':ProductsCost', $ProductsCost, PDO::PARAM_STR); $query->bindParam(':ProductsRetail', $ProductsRetail, PDO::PARAM_STR); $query->bindParam(':ProductsSale', $ProductsSale, PDO::PARAM_STR); $query->bindParam(':ProductsGSTRate', $ProductsGSTRate, PDO::PARAM_STR); $query->bindParam(':ProductsPSTRate', $ProductsPSTRate, PDO::PARAM_STR); $query->bindParam(':ProductsSize', $ProductsSize, PDO::PARAM_STR); $query->bindParam(':ProductsColor', $ProductsColor, PDO::PARAM_STR); $query->bindParam(':ProductsStatus', $ProductsStatus, PDO::PARAM_STR); $query->bindParam(':UpdationDate', date("Y-m-d H:i"), PDO::PARAM_STR); $query->bindParam(':seasonal_discount', $seasonal_discount, PDO::PARAM_STR); $query->bindParam(':RegDate', $RegDate, PDO::PARAM_STR); $query->bindParam(':ProductQuantity', $ProductQuantity, PDO::PARAM_STR); $query->bindParam(':metaTitle', $metaTitle, PDO::PARAM_STR); $query->bindParam(':metaDescription', $metaDescription, PDO::PARAM_STR); $query->bindParam(':id', $id, PDO::PARAM_STR); $query->execute(); if ($query->rowCount() > 0) { echo "Data updated successfully."; } else { echo "No rows were updated. Check if the `id` exists or if the data is already the same."; } }else{ $sql = "INSERT INTO tblproducts (ProductsTitle, ProductsBrnd, ProductsCategory, ProductsModelNumber, ProductsUPC, ProductsWeight, ProductsOverview, ProductsCost, ProductsRetail, ProductsSale, ProductsGSTRate, ProductsPSTRate, ProductsSize, ProductsColor, ProductsStatus, UpdationDate, seasonal_discount, RegDate, ProductQuantity, metaTitle, metaDescription) VALUES (:ProductsTitle, :ProductsBrnd, :ProductsCategory, :ProductsModelNumber, :ProductsUPC, :ProductsWeight, :ProductsOverview, :ProductsCost, :ProductsRetail, :ProductsSale, :ProductsGSTRate, :ProductsPSTRate, :ProductsSize, :ProductsColor, :ProductsStatus, :UpdationDate, :seasonal_discount, :RegDate, :ProductQuantity, :metaTitle, :metaDescription)"; $query = $dbh->prepare($sql); // Bind parameters $query->bindParam(':ProductsTitle', $ProductsTitle, PDO::PARAM_STR); $query->bindParam(':ProductsBrnd', $ProductsBrnd, PDO::PARAM_STR); $query->bindParam(':ProductsCategory', $ProductsCategory, PDO::PARAM_STR); $query->bindParam(':ProductsModelNumber', $ProductsModelNumber, PDO::PARAM_STR); $query->bindParam(':ProductsUPC', $ProductsUPC, PDO::PARAM_STR); $query->bindParam(':ProductsWeight', $ProductsWeight, PDO::PARAM_STR); $query->bindParam(':ProductsOverview', $ProductsOverview, PDO::PARAM_STR); $query->bindParam(':ProductsCost', $ProductsCost, PDO::PARAM_STR); $query->bindParam(':ProductsRetail', $ProductsRetail, PDO::PARAM_STR); $query->bindParam(':ProductsSale', $ProductsSale, PDO::PARAM_STR); $query->bindParam(':ProductsGSTRate', $ProductsGSTRate, PDO::PARAM_STR); $query->bindParam(':ProductsPSTRate', $ProductsPSTRate, PDO::PARAM_STR); $query->bindParam(':ProductsSize', $ProductsSize, PDO::PARAM_STR); $query->bindParam(':ProductsColor', $ProductsColor, PDO::PARAM_STR); $query->bindParam(':ProductsStatus', $ProductsStatus, PDO::PARAM_STR); $query->bindParam(':UpdationDate', date("Y-m-d H:i"), PDO::PARAM_STR); $query->bindParam(':seasonal_discount', $seasonal_discount, PDO::PARAM_STR); $query->bindParam(':RegDate', $RegDate, PDO::PARAM_STR); $query->bindParam(':ProductQuantity', $ProductQuantity, PDO::PARAM_STR); $query->bindParam(':metaTitle', $metaTitle, PDO::PARAM_STR); $query->bindParam(':metaDescription', $metaDescription, PDO::PARAM_STR); $query->execute(); // Debug for SQL errors if ($query->errorCode() !== '00000') { $errorInfo = $query->errorInfo(); echo "SQL Error: " . $errorInfo[2]; exit; } $lastInsertId = $dbh->lastInsertId(); echo "Last Insert ID: " . $lastInsertId; if ($lastInsertId) { $msg .= "Product posted successfully"; } else { $error = "Something went wrong. Please try again"; } } } ?> <!doctype html> <html lang="en" class="no-js"> <head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1, maximum-scale=1"> <meta name="description" content=""> <meta name="author" content=""> <meta name="theme-color" content="#3e454c"> <title>Alpenpass Motorcycle Rental Portal | Admin Product Info</title> <!-- Font awesome --> <link rel="stylesheet" href="css/font-awesome.min.css"> <!-- Sandstone Bootstrap CSS --> <link rel="stylesheet" href="css/bootstrap.min.css"> <!-- Bootstrap Datatables --> <link rel="stylesheet" href="css/dataTables.bootstrap.min.css"> <!-- Bootstrap social button library --> <link rel="stylesheet" href="css/bootstrap-social.css"> <!-- Bootstrap select --> <link rel="stylesheet" href="css/bootstrap-select.css"> <!-- Bootstrap file input --> <link rel="stylesheet" href="css/fileinput.min.css"> <!-- Awesome Bootstrap checkbox --> <link rel="stylesheet" href="css/awesome-bootstrap-checkbox.css"> <!-- Admin Stye --> <link rel="stylesheet" href="css/style.css"> <script type="text/javascript" src="nicEdit.js"></script> <script type="text/javascript"> bkLib.onDomLoaded(function() { nicEditors.allTextAreas() }); </script> <style> .errorWrap { padding: 10px; margin: 0 0 20px 0; background: #fff; border-left: 4px solid #dd3d36; -webkit-box-shadow: 0 1px 1px 0 rgba(0,0,0,.1); box-shadow: 0 1px 1px 0 rgba(0,0,0,.1); } .succWrap{ padding: 10px; margin: 0 0 20px 0; background: #CCFFCC; border-left: 4px solid #5cb85c; -webkit-box-shadow: 0 1px 1px 0 rgba(0,0,0,.1); box-shadow: 0 1px 1px 0 rgba(0,0,0,.1); } input{ margin-top: 10px; } label{ margin-top: 10px; } .imgBlock{ display: block; margin-top: 5px; margin-bottom: 5px; } .sel{ margin-top: 20px; padding:15px 30px; text-align:center; border-color: #dfd7ca; } </style> </head> <body> <?php include('includes/header.php');?> <div class="ts-main-content"> <?php include('includes/leftbar.php');?> <div class="content-wrapper"> <div class="container-fluid"> <div class="row"> <div class="col-md-12"> <?php if($_REQUEST['process']=='add'){ echo"<h2 class=\"page-title\">Add Product</h2>"; }else{ echo"<div class='col-sm-3'><h2 class=\"page-title\">Edit Product</h2></div> <div class='col-sm-8'> <form method=\"POST\" action=\"duplicate_product.php\" style=\"display:inline !important;\"> <input type=\"hidden\" name=\"product_id\" value='".$_GET['id']."'> <button type=\"submit\" class=\"btn btn-primary\" style=\"display:inline !important;\">Duplicate Product</button> </form></div>"; } ?> <div class="row"> <div class="col-md-12"> <div class="panel panel-default" style="padding-bottom: 30px;"> <div class="panel-heading">Basic Info</div> <div class="panel-body"> <?php $msg.=($_GET['message'])? $_GET['message'] : ""; if($msg){?><div class="succWrap"><strong>SUCCESS</strong>:<?php echo htmlentities($msg); ?> </div><?php } ?> <?php $id = isset($_GET['id']) ? intval($_GET['id']) : 0; $results = null; // Initialize $results to null if ($id > 0) { // Run the SQL query only if $id is greater than 0 $sql = "SELECT tblproducts.*, tblbrands.BrandName, tblbrands.id as bid FROM tblproducts JOIN tblbrands ON tblbrands.id = tblproducts.ProductsBrnd WHERE tblproducts.id = :id"; $query = $dbh->prepare($sql); $query->bindParam(':id', $id, PDO::PARAM_INT); $query->execute(); if ($query->rowCount() > 0) { $result = $query->fetch(PDO::FETCH_OBJ); // Fetch only the first result } } ?> <form method="post" class="form-horizontal" enctype="multipart/form-data"> <div class="form-group"> <label class="col-sm-2 control-label">Product Name<span style="color:red">*</span></label> <div class="col-sm-4"> <input type="hidden" name="process" value="<?php echo $_GET['process']; ?>"> <input type="text" name="ProductsTitle" class="form-control" value="<?php echo htmlentities($result->ProductsTitle)?>" required> </div> <label class="col-sm-1 control-label">Product Model<span style="color:red">*</span></label> <div class="col-sm-2"> <input type="text" name="ProductsModelNumber" class="form-control" value="<?php echo htmlentities($result->ProductsModelNumber)?>" required> </div> <label class="col-sm-1 control-label">Select Brand <span style="color:red">*</span></label> <div class="col-sm-2"> <select class="selectpickerXX btnXX sel" name="ProductsBrnd" required> <option value="">Choose Brand </option> <?php $ret="select id,BrandName from tblbrands"; $query= $dbh -> prepare($ret); //$query->bindParam(':id',$id, PDO::PARAM_STR); $query-> execute(); $resultss = $query -> fetchAll(PDO::FETCH_OBJ); if($query -> rowCount() > 0) { foreach($resultss as $results) { $selected=($results->id==$result->ProductsBrnd)? ' selected ' : ''; ?> <option value="<?php echo $results->id;?>" <?php echo $selected;?> ><?php echo htmlentities($results->BrandName);?></option> <?php } }?> </select> <?php /** <option value="<?php echo htmlentities($result->bid);?>"><?php echo htmlentities($bdname=$result->BrandName); ?> </option> <?php $ret="select id,BrandName from tblbrands"; $query= $dbh -> prepare($ret); //$query->bindParam(':id',$id, PDO::PARAM_STR); $query-> execute(); $resultss = $query -> fetchAll(PDO::FETCH_OBJ); if($query -> rowCount() > 0) { foreach($resultss as $results) { if($results->BrandName==$bdname) { continue; } else{ ?> <option value="<?php echo htmlentities($results->id);?>"><?php echo htmlentities($results->BrandName);?></option> <?php }}} ?> </select> */ ?> </div> </div> <div class="form-group"> <label class="col-sm-2 control-label">Select Category<span style="color:red">*</span></label> <div class="col-sm-2"> <select class="selectpickerXX btnXX sel" name="ProductsCategory" > <option value="">Choose Status</option> <?php $ret="select DISTINCT ProductsCategory from tblproducts"; $query= $dbh -> prepare($ret); //$query->bindParam(':id',$id, PDO::PARAM_STR); $query-> execute(); $resultss = $query -> fetchAll(PDO::FETCH_OBJ); if($query -> rowCount() > 0) { foreach($resultss as $results) { $selected=($results->ProductsCategory==$result->ProductsCategory)? ' selected ' : ''; ?> <option value="<?php echo $results->ProductsCategory;?>" <?php echo $selected;?>><?php echo htmlentities($results->ProductsCategory);?></option> <?php }} ?> </select> <?php /** <option value="<?php echo htmlentities($result->ProductsCategory);?>"><?php echo htmlentities($bdname=$result->ProductsCategory); ?> </option> <?php $ret="select DISTINCT ProductsCategory from tblproducts"; $query= $dbh -> prepare($ret); //$query->bindParam(':id',$id, PDO::PARAM_STR); $query-> execute(); $resultss = $query -> fetchAll(PDO::FETCH_OBJ); if($query -> rowCount() > 0) { foreach($resultss as $results) { if($results->ProductsCategory==$ProductsCategory) { continue; } else{ ?> <option value="<?php echo htmlentities($results->ProductsCategory);?>"><?php echo htmlentities($results->ProductsCategory);?></option> <?php }}} ?> */ ?> </select> </div> <div class="row"> <label class="col-sm-1 control-label">Add New Category<span style="color:red">*</span></label> <div class="col-sm-2"> <input type="text" name="ProductsCategoryNew" class="form-control" value="" > </div> <label class="col-sm-1 control-label">Products UPC<span style="color:red">*</span></label> <div class="col-sm-2"> <input type="text" name="ProductsUPC" class="form-control" value="<?php echo htmlentities($result->ProductsUPC);?>" > </div> <label class="col-sm-1 control-label">Products Weight<span style="color:red">*</span></label> <div class="col-sm-1"> <input type="text" name="ProductsWeight" class="form-control" value="<?php echo htmlentities($result->ProductsWeight);?>" > </div> </div> <div class="form-group"> <label class="col-sm-2 control-label">Products Cost<span style="color:red">*</span></label> <div class="col-sm-1"> <input type="text" name="ProductsCost" class="form-control" value="<?php echo htmlentities($result->ProductsCost);?>" > </div> <label class="col-sm-2 control-label">Products Retail<span style="color:red">*</span></label> <div class="col-sm-1"> <input type="text" name="ProductsRetail" class="form-control" value="<?php echo htmlentities($result->ProductsRetail);?>" required> </div> <label class="col-sm-2 control-label">Products Sale Price<span style="color:red">*</span></label> <div class="col-sm-1"> <input type="text" name="ProductsSale" class="form-control" value="<?php echo htmlentities($result->ProductsSale);?>" > </div> </div> <div class="row"> <label class="col-sm-2 control-label">Meta Title Tag</label> <div class="col-sm-10"> <input type="text" name="metaTitle" class="form-control" value="<?php echo htmlentities($result->metaTitle);?>" > </div> <label class="col-sm-2 control-label">Meta Description</label> <div class="col-sm-10"> <input type="text" name="metaDescription" class="form-control" value="<?php echo htmlentities($result->metaDescription);?>" > </div> </div> </div> </div> <div class="hr-dashed"></div> <div class="form-group"> <label class="col-sm-2 control-label">Product Overview<span style="color:red">*</span></label> <div class="col-sm-10" style="padding-bottom: 20px;"> <textarea class="form-control" name="ProductsOverview" id="pgedetails" style="resize: vertical; height: 400px; white-space: pre-wrap" required><?php echo htmlentities($result->ProductsOverview);?></textarea> </div> </div> <div class="form-group"><br /> <label class="col-sm-2 control-label">GST Rate<span style="color:red">*</span></label> <div class="col-sm-1"> <input type="text" name="ProductsGSTRate" class="form-control" value="<?php echo htmlentities($result->ProductsGSTRate);?>" > </div> <label class="col-sm-1 control-label">PST Rate<span style="color:red">*</span></label> <div class="col-sm-1"> <input type="text" name="ProductsPSTRate" class="form-control" value="<?php echo htmlentities($result->ProductsPSTRate);?>" > </div> <label class="col-sm-1 control-label">Products Size<span style="color:red">*</span></label> <div class="col-sm-1"> <input type="text" name="ProductsSize" class="form-control" value="<?php echo htmlentities($result->ProductsSize);?>" > </div> <label class="col-sm-1 control-label">Products Color<span style="color:red">*</span></label> <div class="col-sm-1"> <input type="text" name="ProductsColor" class="form-control" value="<?php echo htmlentities($result->ProductsColor);?>" > </div> <label class="col-sm-1 control-label">Seasonal Discount<span style="color:red">*</span></label> <div class="col-sm-1"> <input type="text" name="seasonal_discount" class="form-control" value="<?php echo htmlentities($result->seasonal_discount);?>" > </div> <div class="col-sm-1"> </div> <label class="col-sm-2 control-label">Status<span style="color:red">*</span></label> <div class="col-sm-2"> <select class="sel" name="ProductsStatus" required> <option value="">Choose Status</option> <?php $statusArray=array('Active','Inactive'); foreach($statusArray as $value) { $selected=($value==$result->ProductsStatus)? ' selected ' : ''; ?> <option value="<?php echo $value;?>" <?php echo $selected;?>><?php echo htmlentities($value);?></option> <?php } ?> </select> </div> <?php if($_REQUEST['process']<>"add"){ ?> <div class="hr-dashed"></div> <div class="form-group"> <div class="col-sm-12"> <h4><br /><br /><b>Product Images</b></h4> </div> </div> <div class="form-group"> <?php for ($i = 1; $i <= 10; $i++) { ?> <div class="col-sm-12 col-6-md col-lg-3"> <div class="imgBlock" style="border:solid 1px #000; width: 300px; height:200px; margin-top: 20px;"> <?php // Dynamically access the property name $imageField = "Pimage" . $i; if (!empty($result->$imageField)) { ?> <img src="img/productimages/<?php echo htmlentities($result->$imageField); ?>" width="300" height="200" style="object-fit: contain;"> <?php } else { ?> <p><br /><strong> No image available</strong></p> <?php } ?> </div> <a href="changeimage.php?imgid=<?php echo htmlentities($result->id); ?>&imgName=img<?php echo $i; ?>&imageType=product"> Add/Change Image <?php echo $i; ?><br /> </a> </div> <?php } ?> <br /><br /> <div class="hr-dashed"></div> <?php }else{?> <div class="col-sm-12"> <h4><b>Add Product Images from Edit</b></h4> </div> <?php } ?> </div> </div> </div> </div> <div class="row"> <div class="col-md-12"> <div class="panel panel-default"> <div class="panel-body"> <div class="form-group"> <div class="form-group"> <div class="col-sm-8 col-sm-offset-2" > <button class="btn btn-primary submit" name="submit" type="submit" value="submit" style="margin-top:4%">Save changes</button> </div> </div> </form> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> <!-- Loading Scripts --> <script src="js/jquery.min.js"></script> <script src="js/bootstrap-select.min.js"></script> <script src="js/bootstrap.min.js"></script> <script src="js/jquery.dataTables.min.js"></script> <script src="js/dataTables.bootstrap.min.js"></script> <script src="js/Chart.min.js"></script> <script src="js/fileinput.js"></script> <script src="js/chartData.js"></script> <script src="js/main.js"></script> <script> $('button[type=submit]').bind('click', function () { $('textarea').each(function(){ nicEditors.findEditor(this.id).saveContent(); }); }); </script> </body> </html> <?php } ?>