<?php
session_start();
/*
asaancart - easy shopping cart solution
---------------------------------------
Copyright 2009 Nasir Ahmad Khan
Email: hide@address.com
This file is part of asaancart - open source easy shopping cart solution.
asaancart is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
asaancart is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with asaancart. If not, see <http://www.gnu.org/licenses/>.
*/
include("../config/config.php");
include("includes/chk_login_status_inc.php");
$smarty->assign('title','Add Product');
$category_id = $_POST['category_id'];
$brand_id = $_POST['brand_id'];
$attribute_id = $_POST['attribute_id'];
$set_id = $_POST['set_id'];
$product_name = $_POST['product_name'];
$product_name = str_replace("'","\'",$product_name);
$product_description = $_POST['product_description'];
$product_description = str_replace("'","\'",$product_description);
$product_overview = $_POST['product_overview'];
$product_overview = str_replace("'","\'",$product_overview);
$product_price = $_POST['product_price'];
$product_deal_price = $_POST['product_deal_price'];
$product_code = $_POST['product_code'];
$selected_cross_product_id = $_POST['selected_cross_product_id'];
$is_featured = $_POST['is_featured'];
$is_new = $_POST['is_new'];
$is_special = $_POST['is_special'];
$is_clearence = $_POST['is_clearence'];
$tags = $_POST['tags'];
$product_type = $_POST['product_type'];
$product_status = $_POST['product_status'];
$product_qty = $_POST['product_qty'];
if($product_qty==""){$product_qty=0;}
$taxable = $_POST['taxable'];
$variant_level_stock = $_POST['variant_level_stock'];
$variant_to_stock = $_POST['variant_to_stock'];
$stock_options = $_POST['stock_options'];
$availability = $_POST['availability'];
if($stock_options=="product_based_stock_level"){
$variant_level_stock="no";
$variant_to_stock = -1;
$availability = "NULL";
}elseif($stock_options=="variant_based_stock_level"){
$variant_level_stock="yes";
$variant_to_stock = $_POST['variant_to_stock'];
$availability = "NULL";
}elseif($stock_options=="no_stock_level"){
$variant_level_stock="no";
$variant_to_stock = -1;
$availability = $_POST['availability'];
}
if($_POST['btn_create']=="Create")
{
srand((double)microtime()*1000000);
$product_id = md5(uniqid(rand()));
//inser into product table
if($set_id!=""){
$sql = "INSERT INTO products (product_id, product_name, brand_id, product_overview, product_description, product_price, product_deal_price, set_id, product_code, is_featured, is_new, is_special, is_clearence, tags, product_status, product_type, product_qty, taxable, variant_level_stock, stock_variant_group_id, availability, stock_options) VALUES ('".$product_id."', '".$product_name."', $brand_id, '".$product_overview."','".$product_description."', $product_price, $product_deal_price, $set_id, '".$product_code."', '$is_featured', '$is_new', '$is_special', '$is_clearence', '$tags', '$product_status', '$product_type', $product_qty, '$taxable', '$variant_level_stock', $variant_to_stock, '$availability', '$stock_options')";
}else{
$sql = "INSERT INTO products (product_id, product_name, brand_id, product_overview, product_description, product_price, product_deal_price, product_code, is_featured, is_new, is_special, is_clearence, tags, product_status, product_type, product_qty, taxable, variant_level_stock, stock_variant_group_id, availability, stock_options) VALUES ('".$product_id."', '".$product_name."', $brand_id, '".$product_overview."','".$product_description."', $product_price, $product_deal_price, '".$product_code."', '$is_featured', '$is_new', '$is_special', '$is_clearence', '$tags', '$product_status', '$product_type', $product_qty, '$taxable', '$variant_level_stock', $variant_to_stock, '$availability', '$stock_options')";
}
//echo $sql;
$results = mysql_query($sql);
//update stock varaint tbl
/*
if($variant_level_stock=="yes"){
$sql_temp = "DELETE FROM product_stock WHERE product_id='$product_id'";
$results_temp = mysql_query($sql_temp);
$use_variant_id = explode(",",$_POST['use_variant_id']);
foreach ($use_variant_id as $temp_variant_select_id){
$stock_variant_qty_value = $_POST['stock_variant_qty_'.$temp_variant_select_id]; //qty
$sql_stock_variant_chk = "SELECT * FROM product_stock WHERE product_id='$product_id' AND variant_id=$temp_variant_select_id";
$results_stock_variant_chk = mysql_query($sql_stock_variant_chk);
$total_stock_found_rec = mysql_num_rows($results_stock_variant_chk);
if($total_stock_found_rec>0){
$sql_stock_variant_group = "UPDATE product_stock SET product_qty=$stock_variant_qty_value WHERE product_id='$product_id' AND variant_id=$temp_variant_select_id";
$results_stock_variant_group = mysql_query($sql_stock_variant_group);
}else{
$sql_stock_variant_group = "INSERT INTO product_stock (product_id, product_qty, variant_id) VALUES ('$product_id', $stock_variant_qty_value, $temp_variant_select_id)";
$results_stock_variant_group = mysql_query($sql_stock_variant_group);
}
}//end foe each
}
*/
//end stock variant
//disabled in this version
//update tags database
$tag_array = explode(",",$tags);
foreach ($tag_array as $temp_tag){
$temp_tag = str_replace(" ","*",$temp_tag);
$temp_tag = str_replace("*","",$temp_tag);
if($temp_tag!=""){
$sql = "SELECT * FROM available_tags WHERE tag='".$temp_tag."'";
$results = mysql_query($sql);
$total_found_rec = mysql_num_rows($results);
if($total_found_rec>0){
}else{
//
$sql2 = "INSERT INTO available_tags (tag) VALUES ('".$temp_tag."')";
$results2 = mysql_query($sql2);
//
}
}
}
//end tag db
/////insert cat
//
foreach ($category_id as $temp_cat_id){
$sql = "SELECT * FROM product_category WHERE product_id='".$product_id."' AND category_id=".$temp_cat_id;
$results = mysql_query($sql);
$total_found_rec = mysql_num_rows($results);
if($total_found_rec>0){
}else{
$sql2 = "INSERT INTO product_category (product_id, category_id) VALUES ('".$product_id."',".$temp_cat_id.")";
$results2 = mysql_query($sql2);
}
}
////end insert cat
///////insert cross selling products if any
if($selected_cross_product_id!=""){
$arr_cross_pro_id = explode(",",$selected_cross_product_id);
foreach ($selected_cross_product_id as $temp_id) {
$sql_cross = "INSERT INTO cross_selling_products (product_id, cross_product_id) VALUES ('".$product_id."', '".$temp_id."')";
$results_cross = mysql_query($sql_cross);
}//end foreach
}
///////
///////insert related products if any
if($selected_related_product_id!=""){
$arr_related_pro_id = explode(",",$selected_related_product_id);
foreach ($selected_related_product_id as $temp_id) {
$sql_related = "INSERT INTO related_products (product_id, related_product_id) VALUES ('".$product_id."', '".$temp_id."')";
$results_related = mysql_query($sql_related);
}//end foreach
}
///////
///////insert product variants if any
$variant_group_id = "";
$variant_group_id = $_POST['variant_group_id'];
if($variant_group_id!=""){
//$arr_variant_group_id = explode(",",$variant_group_id);
foreach ($variant_group_id as $temp_id) {
$variant_id ="";
//$variant_id = $_POST[$temp_id.'_variant_id'];
//echo $temp_id;
$sql_all_variants = "SELECT * FROM variants WHERE variant_group_id=".$temp_id;
$results_all_variants = mysql_query($sql_all_variants);
while($row_all_variants = mysql_fetch_array($results_all_variants) )
{
$variant_id_value = $_POST[$row_all_variants['variant_id'].'_variant_id'];
//echo $variant_id;
$variant_id = $row_all_variants['variant_id'];
if($variant_id_value=="yes"){
$show_variant = "yes";
}
else
{
$show_variant = "no";
}
//echo $row_all_variants['variant_id']."=".$show_variant."-";
$surcharge = $_POST['edit_variant_surcharge1_'.$variant_id];
$qty = $_POST['edit_variant_qty_'.$variant_id];
$sort_order = $_POST['edit_variant_order_'.$variant_id];
//echo $sort_order;
//if($variant_level_stock=="yes"){
if($qty!=""){
$sql_variant_group = "INSERT INTO product_variants (product_id, variant_group_id, variant_id, surcharge, show_variant, qty, sort_order) VALUES ('$product_id', $temp_id, $variant_id, $surcharge, '$show_variant', $qty, $sort_order)";
}else{
$sql_variant_group = "INSERT INTO product_variants (product_id, variant_group_id, variant_id, surcharge, show_variant, sort_order) VALUES ('$product_id', $temp_id, $variant_id, $surcharge, '$show_variant', $sort_order)";
}
$results_variant_group = mysql_query($sql_variant_group);
}//end while
//$surcharge = "";
}//end foreach
}
///////
//echo $sql_variant_group;
//get attributes from the set
if($set_id!=""){
$sql = "SELECT * FROM attribute_set_value WHERE set_id=".$set_id;
$results = mysql_query($sql);
while($row = mysql_fetch_array($results) )
{
$attribute_id = $row['attribute_id'];
$sql3 = "SELECT * FROM attribute WHERE attribute_id=".$row['attribute_id'];
$results3 = mysql_query($sql3);
while($row3 = mysql_fetch_assoc($results3) )
{
$attribute_name = $row3['attribute_name'];
}
if($_POST['add_attribute_'.$row['attribute_id']]=="yes"){
if ($_POST["attribute_user_value_".$row['attribute_id']]!=""){
$attribute_value = $_POST["attribute_user_value_".$row['attribute_id']];
//inser into attribute_value table
$sql_user_value = "INSERT INTO attribute_value (attribute_id, attribute_value) VALUES ($attribute_id, '".$attribute_value."')";
$results_user_value = mysql_query($sql_user_value);
}else{
$attribute_value = $_POST["attribute_".$row['attribute_id']];
}
//inser into product_attributes table
$sql4 = "INSERT INTO product_attributes (product_id, attribute_id, attribute_name, attribute_value) VALUES ('".$product_id."', ".$attribute_id.", '".$attribute_name."','".$attribute_value."')";
$results4 = mysql_query($sql4);
}//end if add attribute yes
}
}//end set chk
$uploaddir = $_SERVER['DOCUMENT_ROOT'].'/'.APP_ROOT_DIR.'/product_images/';
for($img_cnt=1;$img_cnt<=$_POST['image_count'];$img_cnt++){
if(basename($_FILES['image_'.$img_cnt]['name'])!=''){
$uploadfile = $uploaddir ."$product_id"."_".basename($_FILES['image_'.$img_cnt]['name']);
$image_filename = "$product_id"."_".basename($_FILES['image_'.$img_cnt]['name']);
if (move_uploaded_file($_FILES['image_'.$img_cnt]['tmp_name'], $uploadfile)) {
//echo "File is valid, and was successfully uploaded.\n";
} else {
echo "Possible file upload attack!\n";
}
if($mainImgSet!=1){
$sql_image = "INSERT INTO product_images (product_id, image_filename, is_main) VALUES ('".$product_id."', '".$image_filename."', 1)";
$mainImgSet=1;
}else{
$sql_image = "INSERT INTO product_images (product_id, image_filename, is_main) VALUES ('".$product_id."', '".$image_filename."', 0)";
}
$results_image = mysql_query($sql_image);
$uploadfile = "";
} //end if
}// for end
$smarty->assign('msg_pro','Done: Added Successfully');
}
/*/ delete
if($_GET['mode']=="delete")
{
$sql = "DELETE FROM products WHERE product_id=".$product_id;
$results = mysql_query($sql);
$smarty->assign('msg','Done: Deleted Successfully');
}
//end delete
/manage
$sql = "SELECT * FROM product ORDER BY product_name";
$results = mysql_query($sql);
$total_pro = mysql_num_rows($results);
$smarty->assign('total_pro', $total_pro);
while($row = mysql_fetch_assoc($results) )
{
$pro_list[] = $row;
}
$smarty->assign('pro_list', $pro_list);
//end manage*/
//get cat list
$sql = "SELECT * FROM category ORDER BY category_name";
$results = mysql_query($sql);
$total_cat = mysql_num_rows($results);
while($row = mysql_fetch_assoc($results) )
{
$all_categories[] = $row;
}
$smarty->assign('all_categories', $all_categories);
$smarty->assign('cat_list', $all_categories); //for select box
//end cat list
//get brand list
$sql = "SELECT * FROM brands ORDER BY brand_name";
$results = mysql_query($sql);
$total_cat = mysql_num_rows($results);
while($row = mysql_fetch_assoc($results) )
{
$all_brands[] = $row;
}
$smarty->assign('all_brands', $all_brands);
//end brand list
//get attribute set list
$sql = "SELECT * FROM attribute_set ORDER BY attribute_set_name";
$results = mysql_query($sql);
$total_attribute_set = mysql_num_rows($results);
while($row = mysql_fetch_assoc($results) )
{
$all_attribute_set[] = $row;
}
$smarty->assign('all_attribute_set', $all_attribute_set);
//end attribute set list
/////get all products
//manage
$sql = "SELECT * FROM products ORDER BY product_name";
$results = mysql_query($sql);
$total_products = mysql_num_rows($results);
$smarty->assign('total_products', $total_products);
while($row = mysql_fetch_assoc($results) )
{
$all_product_list[] = $row;
$related_product_list[] = $row;
//get pro image
$sql_img = "SELECT * FROM product_images WHERE product_id='".$row['product_id']."'";
$results_img = mysql_query($sql_img);
$img_cnt = 0;
while($row_img = mysql_fetch_assoc($results_img) )
{
if($img_cnt<1){
$product_images[] = $row_img;
$img_cnt++;
}
}
// end pro img
}
$smarty->assign('product_images', $product_images);
$smarty->assign('all_product_list', $all_product_list);
$smarty->assign('related_product_list', $related_product_list);
//end manage
///end pro get
//list variants
//manage
$sql = "SELECT * FROM variant_group ORDER BY group_name";
$results = mysql_query($sql);
$total_group = mysql_num_rows($results);
$smarty->assign('total_group', $total_group);
while($row = mysql_fetch_assoc($results) )
{
$list_all_variant_group[] = $row;
}
$smarty->assign('list_all_variant_group', $list_all_variant_group);
//end manage
///list all sub variants
//manage
$sql = "SELECT * FROM variants ORDER BY variant_name";
$results = mysql_query($sql);
$total_sub_variants = mysql_num_rows($results);
$smarty->assign('total_sub_variants', $total_sub_variants);
while($row = mysql_fetch_assoc($results) )
{
$list_all_sub_variants[] = $row;
}
$smarty->assign('list_all_sub_variants', $list_all_sub_variants);
//end manage
//end list variants
//manage
$sql = "SELECT * FROM variant_group WHERE enable_stock='yes'";
$results = mysql_query($sql);
$total_variant_stock = mysql_num_rows($results);
$smarty->assign('total_variant_stock', $total_variant_stock);
while($row = mysql_fetch_assoc($results) )
{
$stock_variant_group_id = $row['variant_group_id'];
$list_stock_variant_group[] = $row;
}
$smarty->assign('list_stock_variant_group', $list_stock_variant_group);
$smarty->assign('stock_variant_group_id', $stock_variant_group_id);
if($stock_variant_group_id!=""){
//manage
$sql = "SELECT * FROM variants WHERE variant_group_id=".$stock_variant_group_id;
$results = mysql_query($sql);
while($row = mysql_fetch_a($results) )
{
$list_stock_variants[] = $row;
}
$smarty->assign('list_stock_variants', $list_stock_variants);
//end manage
}
//end manage
//list all tags
$sql = "SELECT * FROM available_tags ORDER BY tag";
$results = mysql_query($sql);
while($row = mysql_fetch_assoc($results) )
{
$available_tags[] = $row;
}
$smarty->assign('available_tags', $available_tags);
//end list all tags
$smarty->display('add_product.tpl');
?>