1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
<!DOCTYPE html>
<?php require "../lib/login.php"; ?>
<?php if_privileged(PRIVILEGE_ADMIN, "/") ?>
<?php
$res = $cursor->query("select max(id)+1 as id from webs.product");
$obj = $res->fetch_object();
$new_id = $obj->id;
?>
<?php
do {
if ($_SERVER['REQUEST_METHOD'] !== 'POST') break;
$name = $_POST['name'];
$description = $_POST['description'];
$price = $_POST['price'];
$category = $_POST['category'];
$img = !!$_FILES['img'];
if (!$name) break;
if (!$description) break;
if (!$price) break;
if (!$category) break;
$statement = $cursor->prepare("insert into webs.product (`name`, `description`, `price`, `category`, `image`) values (?, ?, ?, ?, ?)");
$statement->bind_param("ssdii", $name, $description, $price, $category, $img);
$statement->execute();
$data = file_get_contents($_FILES["img"]["tmp_name"]);
$image = imagecreatefromstring($data);
if (!$image) break;
$full_path = "img/product/$new_id-full.jpg";
imagejpeg($image, $full_path);
$thumb = imagescale($image, 250);
$thumb_path = "img/product/$new_id-thumb.jpg";
imagejpeg($thumb, $thumb_path);
} while (false);
?>
<html>
<head>
<?php include 'head.php' ?>
<title>product toevoegen</title>
<link rel="stylesheet" href="admin.css">
</head>
<body>
<?php include 'navbar.php' ?>
<div class="main limwidth">
<h2>product toevoegen</h2>
<form action="/admin-product.php" method="post" enctype="multipart/form-data">
<label for="id">ID (automatisch)</label>
<input id="id" type="text" disabled value="<?php echo $new_id; ?>">
<label for="name">Naam</label>
<input id="name" name="name" type="text" placeholder="Naam">
<label for="price">Prijs</label>
<input id="price" name="price" type="number" value="0" min="0" max="999.99" step="0.01">
<label for="category">Categorie</label>
<select id="category" name="category" placeholder="Categorie">
<?php
$res = $cursor->query("select id, name from webs.category");
while ($c = $res->fetch_object()) echo "<option value='$c->id'>$c->name</option>";
?>
</select>
<label for="description">Beschrijving (ondersteunt HTML)</label>
<textarea id="description" name="description" placeholder="Beschrijving" rows="3"></textarea>
<label for="img">Productafbeelding</label>
<input id="img" name="img" type="file" accept="image/png, image/gif, image/jpeg">
<input id="submit" type="submit" value="Toevoegen">
</form>
</div>
<?php include 'footer.php' ?>
</body>
</html>
|