aboutsummaryrefslogtreecommitdiff
path: root/public/admin-product.php
blob: 8e04e30485e15761eb967fe123592ae2abf819c0 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
<!DOCTYPE html>
<?php require "../lib/login.php"; ?>
<?php if_privileged(PRIVILEGE_ADMIN, "/") ?>
<?php
$res = $cursor->query("select max(id)+1 as id from webs.product");
$obj = $res->fetch_object();
$new_id = $obj->id;
?>
<?php do {
	if ($_SERVER['REQUEST_METHOD'] !== 'POST') break;
	$name = $_POST['name'];
	$description = $_POST['description'];
	$price = $_POST['price'];
	$category = $_POST['category'];
	$img = !!$_FILES['img'];
	if (!$name) break;
	if (!$description) break;
	if (!$price) break;
	if (!$category) break;

	$statement = $cursor->prepare("insert into webs.product (`name`, `description`, `price`, `category`, `image`) values (?, ?, ?, ?, ?)");
	$statement->bind_param("ssdii", $name, $description, $price, $category, $img);
	$statement->execute();

	$data = file_get_contents($_FILES["img"]["tmp_name"]);
	$image = imagecreatefromstring($data);
	if (!$image) break;

	$full_path = "img/product/$new_id-full.jpg";
	imagejpeg($image, $full_path);

	$thumb = imagescale($image, 250);
	$thumb_path = "img/product/$new_id-thumb.jpg";
	imagejpeg($thumb, $thumb_path);
} while (false); ?>
<html>
<head>
	<?php include 'head.php' ?>
	<title>product toevoegen</title>
	<link rel="stylesheet" href="admin.css">
</head>
<body>
	<?php include 'navbar.php' ?>
	<div class="main limwidth">
		<h2>product toevoegen</h2>
		<p><a href="/admin-category.php">Categorie toevoegen</a></p>
		<form action="/admin-product.php" method="post" enctype="multipart/form-data">
			<label for="id">ID (automatisch)</label>
			<input id="id" type="text" disabled value="<?php echo $new_id; ?>">
			<label for="name">Naam</label>
			<input id="name" name="name" type="text" placeholder="Naam">
			<label for="price">Prijs</label>
			<input id="price" name="price" type="number" value="0" min="0" max="999.99" step="0.01">
			<label for="category">Categorie</label>
			<select id="category" name="category">
				<?php
					$res = $cursor->query("select id, name from webs.category");
					while ($c = $res->fetch_object()) echo "<option value='$c->id'>$c->name</option>";
				?>
			</select>
			<label for="description">Beschrijving (ondersteunt HTML)</label>
			<textarea id="description" name="description" placeholder="Beschrijving" rows="3"></textarea>
			<label for="img">Productafbeelding</label>
			<input id="img" name="img" type="file" accept="image/png, image/gif, image/jpeg">
			<input id="submit" type="submit" value="Toevoegen">
		</form>
	</div>
	<?php include 'footer.php' ?>
</body>
</html>