Location: PHPKode > projects > Caleb's Code > Cafe_Cart/admin/modules/add_product.php
<?php

if($pnconfig[Version_Sub] == "Rogue")
{
    if (!eregi('admin.php', $PHP_SELF)) die ('Access Denied: You can\'t access this file directly.');
    if (!authorised(0, "$ModName::", '::', ACCESS_ADMIN)) die ('Access Denied: No permissions');
}
else
{
    if (!eregi("admin.php", $PHP_SELF)) die ("Access Denied");
}

include ("header.php");
include ("modules/$ModName/classes/products.php");
GraphicAdmin($hlpfile);
cp_menu();
OpenTable();

// output an edit/delete box for current hosts
if (mysql_num_rows($result = mysql_query("SELECT prod, name, ptype FROM $pntable[cp_products] ORDER BY ptype"))) {
   echo "   <table border=0>\n"
       ."    <tr>\n"
       ."     <td>\n"
       ."      <form action=\"admin.php\" method=\"post\" style=\"margin: 0;\">\n"
       ."       <input type=hidden name=op value=add_product_$ModName>\n"
       ."       <input type=hidden name=cpop value=edit_product>\n"
       ."       <b>Edit Product:&nbsp;&nbsp;</b>\n"
       ."     </td>\n"
       ."     <td>\n"
       ."       <select name=editProd>\n";
   while ($row = mysql_fetch_array($result)) {
      $kind = $row[ptype];
      echo "        <option value=\"$row[prod]\">$products[$kind]: $row[name] - #$row[prod]</option>\n";
      }
   $result = mysql_query("SELECT prod, name, ptype FROM $pntable[cp_products] ORDER BY ptype");
   echo "       </select>\n"
       ."       <input type=submit value=\"Edit\" style=\"width: 40px;\">\n"
       ."      </form>\n"
       ."     </td>\n"
       ."    </tr>\n"
       ."    <tr>\n"
       ."     <td>\n"
       ."      <form action=\"admin.php\" method=\"post\" style=\"margin: 0;\">\n"
       ."       <input type=hidden name=op value=add_product_$ModName>\n"
       ."       <input type=hidden name=cpop value=delete_product>\n"
       ."       <b>Delete Product:&nbsp;&nbsp;</b>\n"
       ."     </td>\n"
       ."     <td>\n"
       ."       <select name=deleteProd>\n";
   while ($row = mysql_fetch_array($result)) {
      $kind = $row[ptype];
      echo "        <option value=\"$row[prod]\">$products[$kind]: $row[name] - #$row[prod]</option>\n";
      }
   echo "       </select>\n"
       ."       <input type=submit value=\"Delete\" style=\"width: 40px;\">\n"
       ."      </form>\n"
       ."     </td>\n"
       ."    </tr>\n"
       ."   </table>\n";
   CloseTable();
   echo "   <br>\n";
   OpenTable();
   }

// shows form to add a store/also is where we redirect unfinnished forms
function showAddForm($prod, $store, $ptype, $name, $charge, $description, $def_view, $active, $error) {
   global $ModName, $pntable, $products;
   if (!$stores = mysql_query("SELECT id, acct FROM $pntable[CP_Stores]")) die ("<font color=red>ERROR: </font>".mysql_error()."<br>");
   if (!mysql_num_rows($stores)) die ("You must have at least one store to add a product.");
   $charge = preg_replace("/\\$/", "", $charge);
   
   echo "   <form action=\"admin.php\" method=\"get\">\n"
       ."   <input type=hidden name=op value=\"add_product_$ModName\">\n"
       ."   <input type=hidden name=cpop value=\"add_new\">\n"
       ."   <table border=0 width=\"100%\">\n";
   if ($error) echo "    <tr>\n"
                   ."     <td colspan=2 align=center><b><font color=red>ERROR: </font>$error</b></td>\n"
                   ."    </tr>\n";
   echo "    <tr>\n"
       ."     <td valign=top width=\"85%\"><h3>Add Product</h3></td>\n"
       ."     <td rowspan=2 valign=top align=center><a href=\"http://www.cafepress.com/cp/info/storeref.aspx?refby=rastafari\" target=\"_blank\"><img src=\"modules/$ModName/images/admin.gif\" alt=\"Don't have a store? Click to signup!\" border=0><br>Click to Get a Store!</a></td>\n"
       ."    </tr>\n"
       ."    <tr>\n"
       ."     <td>\n"
       ."      Product Number:<br>\n"
       ."      <input type=text size=30 maxlength=11 name=prod value=\"$prod\"><br>\n"
       ."      Product Name:<br>\n"
       ."      <input type=text size=30 maxlength=50 name=name value=\"$name\"><br>\n"
       ."      Product Type:<br>\n"
       ."      <select name=ptype>\m";
   foreach ($products as $key => $value) {
      if ($key == '99') echo '';
      elseif ($ptype == $key) echo "       <option value=\"$key\" SELECTED>$value</option>\n";
      else echo "       <option value=\"$key\">$value</option>\n";
      }
   echo "      </select><br>\n"
       ."      Charge:<br>\n"
       ."      <input type=text size=30 maxlength=10 name=charge value=\"$charge\"><br>\n"
       ."      Store Name/Account:<br>\n"
       ."      <select name=store>\n";
   while ($row = mysql_fetch_array($stores)) {
      if ($store == $row[id]) echo "       <option value=\"$row[id]\" SELECTED>$row[acct]</option>\n";
      else echo "       <option value=\"$row[id]\">$row[acct]</option>\n";
      }
   echo "      </select><br>\n"
       ."      Description:<br>\n"
       ."      <textarea name=description style=\"width: 75%; height: 100px;\">".stripslashes($description)."</textarea><br>\n"
       ."      Defalut View:<br>\n"
       ."      <table border=0>\n"
       ."       <tr><td width=50px>&nbsp;&nbsp;<b>Front</b></td><td><input type=radio name=def_view value=F";
   if ($def_view == 'F') echo " CHECKED";
   echo "></td></tr>\n"
       ."       <tr><td width=50px>&nbsp;&nbsp;Back</td><td><input type=radio name=def_view value=B";
   if ($def_view == 'B') echo " CHECKED";
   echo "></td></tr>\n"
       ."      </table><br>\n"
       ."      Enabled?<br>\n"
       ."      <table border=0>\n"
       ."       <tr><td width=50px>&nbsp;&nbsp;<b>Enabled</b></td><td><input type=radio name=active value=1";
   if ($active == '1') echo " CHECKED";
   echo "></td></tr>\n"
       ."       <tr><td width=50px>&nbsp;&nbsp;Disabled</td><td><input type=radio name=active value=0";
   if ($active == '0') echo " CHECKED";
   echo "></td></tr>\n"
       ."      </table><br>\n"
       ."      <br>\n"
       ."      <input type=submit value=\"Add Product\">\n"
       ."     </td>\n"
       ."    </tr>\n"
       ."   </table>\n"
       ."   </form>\n";
   }

// this allows us to edit a product
function cpedit($editProd, $error) {
   global $pntable, $ModName, $products;
   if (!$prod = mysql_fetch_array(mysql_query("SELECT * FROM $pntable[cp_products] WHERE prod='$editProd'"))) die ("Could not access database, or product #$editProd doesn't exist.");
   $stores = mysql_query("SELECT id, acct FROM $pntable[CP_Stores]");
   $prod[charge] = preg_replace("/\\$/", "", $prod[charge]);
   
   echo "   <form action=\"admin.php\" method=\"post\">\n"
       ."   <input type=hidden name=op value=\"add_product_$ModName\">\n"
       ."   <input type=hidden name=cpop value=\"update_product\">\n"
       ."   <input type=hidden name=prod value=\"$editProd\">\n"
       ."   <table border=0 width=\"100%\">\n";
   if ($error) echo "    <tr>\n"
                   ."     <td colspan=2 align=center><b>ERROR: $error</b></td>\n"
                   ."    </tr>\n";
   echo "    <tr>\n"
       ."     <td valign=top width=\"85%\"><h3>Edit Product</h3></td>\n"
       ."     <td rowspan=2 valign=top align=center><a href=\"http://www.cafepress.com/cp/info/storeref.aspx?refby=rastafari\" target=\"_blank\"><img src=\"modules/$ModName/images/admin.gif\" alt=\"Don't have a store? Click to signup!\" border=0><br>Click to Get a Store!</a></td>\n"
       ."    </tr>\n"
       ."    <tr>\n"
       ."     <td>\n"
       ."      Product Name:<br>\n"
       ."      <input type=text size=30 maxlength=50 name=name value=\"$prod[name]\"><br>\n"
       ."      Product Type:<br>\n"
       ."      <select name=ptype>\n";
   foreach ($products as $key => $value) {
      if ($key == '99') echo "";
      elseif ($prod[ptype] == $key) echo "       <option value=\"$key\" SELECTED>$value</option>\n";
      else echo "       <option value=\"$key\">$value</option>\n";
      }
   echo "      </select><br>\n"
       ."      Charge:<br>\n"
       ."      <input type=text size=30 maxlength=10 name=charge value=\"$prod[charge]\"><br>\n"
       ."      Store Name/Account:<br>\n"
       ."      <select name=store>\n";
   while ($row = mysql_fetch_array($stores)) {
      if ($prod[store] == $row[id]) echo "       <option value=\"$row[id]\" SELECTED>$row[acct]</option>\n";
      else echo "       <option value=\"$row[id]\">$row[acct]</option>\n";
      }
   echo "      </select><br>\n"
       ."      Description:<br>\n"
       ."      <textarea name=description style=\"width: 75%; height: 100px;\">$prod[description]</textarea><br>\n"
       ."      Defalut View:<br>\n"
       ."      <table border=0>\n"
       ."       <tr><td width=50px>&nbsp;&nbsp;Front</td><td><input type=radio name=def_view value=F";
   if ($prod[def_view] == 'F') echo " CHECKED";
   echo "></td></tr>\n"
       ."       <tr><td width=50px>&nbsp;&nbsp;Back</td><td><input type=radio name=def_view value=B";
   if ($prod[def_view] == 'B') echo " CHECKED";
   echo "></td></tr>\n"
       ."      </table><br>\n"
       ."      Enabled?<br>\n"
       ."      <table border=0>\n"
       ."       <tr><td width=50px>&nbsp;&nbsp;Enabled</td><td><input type=radio name=active value=1";
   if ($prod[active] == '1') echo " CHECKED";
   echo "></td></tr>\n"
       ."       <tr><td width=50px>&nbsp;&nbsp;Disabled</td><td><input type=radio name=active value=0";
   if ($prod[active] == '0') echo " CHECKED";
   echo "></td></tr>\n"
       ."      </table><br>\n"
       ."      <br>\n"
       ."      <input type=submit value=\"Update Product\">\n"
       ."     </td>\n"
       ."    </tr>\n"
       ."   </table>\n"
       ."   </form>\n";
   }

// adds the product to database
function cpadd($prod, $store, $ptype, $name, $charge, $description, $def_view, $active) {
   global $pntable;
   $charge = preg_replace("/\\$/", "", $charge);
   if ($def_view && $ptype != '7' && $ptype != '8' && $ptype != '9' && $ptype != '13') $def_view_query = ", def_view='$def_view'";
   if ($active == '0' || $active == '1') $active_query = ", active='$active'";
   if (!$prod || !$store || !$ptype || !$name || !$charge) showAddForm($prod, $store, $ptype, $name, $charge, $description, $def_view, $active, "Please make sure all feilds are filled in.");
   elseif (mysql_num_rows(mysql_query("SELECT prod FROM $pntable[cp_products] WHERE prod='$prod'"))) showAddForm($prod, $store, $ptype, $name, $charge, $description, $def_view, $active, "Product ID#$prod is already in the database, please try another.");
   elseif (!mysql_query("INSERT INTO $pntable[cp_products] SET prod='$prod', store='$store', ptype='$ptype', name='$name', charge='$charge', description='$description'$def_view_query$active_query")) die ("Could not insert into database.<br>".mysql_errno().": ".mysql_error()."<br>");
   else echo "   <center>\n"
            ."    <h2>Product ID# $prod Added!</h2>\n"
            ."   </center>";
   }

// updates a prodcut
function cpupdate($prod, $store, $ptype, $name, $charge, $description, $def_view, $active) {
   global $pntable;
   $charge = preg_replace("/\\$/", "", $charge);
   if ($def_view && $ptype != '7' && $ptype != '8' && $ptype != '9' && $ptype != '13') $def_view_query = ", def_view='$def_view'";
   if ($active == '0' || $active == '1') $active_query = ", active='$active'";
   if (!$store || !$ptype || !$name || !$charge) cpedit($prod, "Please make sure all feilds are filled in.");
   elseif (!mysql_query("UPDATE $pntable[cp_products] SET store='$store', ptype='$ptype', name='$name', charge='$charge', description='$description'$def_view_query$active_query WHERE prod='$prod'")) die ("Could not update database.");
   else echo "   <center>\n"
            ."    <h2>Product ID# $prod Edited!</h2>\n"
            ."   </center>";
   }

function cpdelete($deleteProd) {
   global $pntable;
   if (!mysql_query("DELETE FROM $pntable[cp_products] WHERE prod='$deleteProd'")) $error .= "Couldn't delete product # $deleteProd from table.<br>";
   else echo "<center><h2>Product # $deleteProd Deleted</h2></center>";
   echo $error;
   }

switch ($cpop) {
   case "add_new":
      cpadd($prod, $store, $ptype, $name, $charge, $description, $def_view, $active);
      break;
   case "update_product":
      cpupdate($prod, $store, $ptype, $name, $charge, $description, $def_view, $active);
      break;
   case "edit_product":
      cpedit($editProd, '');
      break;
   case "delete_product":
      cpdelete($deleteProd);
      break;
   default:
      showAddForm($prod, $store, $ptype, $name, $charge, $description, $def_view, $active, $error);
      break;
   }

CloseTable();
include ("footer.php");
?>
Return current item: Caleb's Code