aboutsummaryrefslogtreecommitdiff
path: root/public/admin-product.php
diff options
context:
space:
mode:
Diffstat (limited to 'public/admin-product.php')
-rw-r--r--public/admin-product.php50
1 files changed, 48 insertions, 2 deletions
diff --git a/public/admin-product.php b/public/admin-product.php
index d65fc9e..a760ebe 100644
--- a/public/admin-product.php
+++ b/public/admin-product.php
@@ -1,14 +1,60 @@
<!DOCTYPE html>
<?php require "../lib/login.php"; ?>
+<?php if_privileged(PRIVILEGE_ADMIN, "/") ?>
+<?php
+$res = $cursor->query("select max(id)+1 as id from webs.product");
+$obj = $res->fetch_object();
+$new_id = $obj->id;
+?>
+<?php
+do {
+ if ($_SERVER['REQUEST_METHOD'] !== 'POST') break;
+ $name = $_POST['name'];
+ $description = $_POST['description'];
+ $image = $_POST['img'];
+ $price = $_POST['price'];
+ $category = $_POST['category'];
+ $image = true;
+ if (!$name) break;
+ if (!$description) break;
+ if (!$price) break;
+ if (!$category) break;
+
+ $statement = $cursor->prepare("insert into webs.product (`name`, `description`, `price`, `category`, `image`) values (?, ?, ?, ?, ?)");
+ $statement->bind_param("ssdii", $name, $description, $price, $category, $image);
+ $statement->execute();
+} while (false);
+?>
<html>
<head>
<?php include 'head.php' ?>
- <title>super secret admin page</title>
+ <title>product toevoegen</title>
+ <link rel="stylesheet" href="admin.css">
</head>
<body>
<?php include 'navbar.php' ?>
<div class="main limwidth">
- <h2>admin</h2>
+ <h2>product toevoegen</h2>
+ <form action="/admin-product.php" method="post">
+ <label for="id">ID (automatisch)</label>
+ <input id="id" type="text" disabled value="<?php echo $new_id; ?>">
+ <label for="name">Naam</label>
+ <input id="name" name="name" type="text" placeholder="Naam">
+ <label for="price">Prijs</label>
+ <input id="price" name="price" type="number" value="0" min="0" max="999.99" step="0.01">
+ <label for="category">Categorie</label>
+ <select id="category" name="category" placeholder="Categorie">
+ <?php
+ $res = $cursor->query("select id, name from webs.category");
+ while ($c = $res->fetch_object()) echo "<option value='$c->id'>$c->name</option>";
+ ?>
+ </select>
+ <label for="description">Beschrijving (ondersteunt HTML)</label>
+ <textarea id="description" name="description" placeholder="Beschrijving" rows="3"></textarea>
+ <label for="img">Productafbeelding</label>
+ <input id="img" name="img" type="file" accept="image/png, image/gif, image/jpeg">
+ <input id="submit" type="submit" value="Toevoegen">
+ </form>
</div>
<?php include 'footer.php' ?>
</body>