Location: PHPKode > projects > Simple PHP Shopping cart - asaancart > asaancart v-0.9/admin/edit_product.php
<?php
session_start();
/*
asaancart - easy shopping cart solution
---------------------------------------

Copyright 2009 Nasir Ahmad Khan
Email: hide@address.com

This file is part of asaancart - open source easy shopping cart solution.

asaancart is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

asaancart is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with asaancart.  If not, see <http://www.gnu.org/licenses/>.

*/

include("../config/config.php");
include("includes/chk_login_status_inc.php");

$smarty->assign('title','Edit Product');

$product_id = $_GET['product_id'];

//////////////edit


if($_POST['btn_edit']=="Save")
{	
if($product_id==""){
$product_id = $_POST['product_id'];
}


$category_id = $_POST['category_id'];
$brand_id = $_POST['brand_id'];
$attribute_id = $_POST['attribute_id'];
$set_id = $_POST['set_id'];
$product_name = $_POST['product_name'];

$product_name = str_replace("\'","'",$product_name);
$product_name = str_replace("'","\'",$product_name);


$product_description = $_POST['product_description'];
$product_description = str_replace("\'","'",$product_description);
$product_description = str_replace("'","\'",$product_description);

$product_overview = $_POST['product_overview'];
$product_overview = str_replace("\'","'",$product_overview);
$product_overview = str_replace("'","\'",$product_overview);

$product_price = $_POST['product_price'];
$product_deal_price = $_POST['product_deal_price'];
$product_code = $_POST['product_code'];
$is_featured = $_POST['is_featured'];
$is_new = $_POST['is_new'];
$is_special = $_POST['is_special'];
$is_clearence = $_POST['is_clearence'];
$tags = $_POST['tags'];

$product_type = $_POST['product_type'];
$product_status = $_POST['product_status'];
$product_qty = $_POST['product_qty'];
if($product_qty==""){$product_qty=-1;}

$taxable = $_POST['taxable'];

$variant_to_stock = $_POST['variant_to_stock'];
$stock_options = $_POST['stock_options'];
$availability = $_POST['availability'];


if($stock_options=="product_based_stock_level"){
	$variant_level_stock="no"; 
	$variant_to_stock = -1;
	$availability = "NULL";
}elseif($stock_options=="variant_based_stock_level"){
	$variant_level_stock="yes";
	$variant_to_stock = $_POST['variant_to_stock'];
	$availability = "NULL";
}elseif($stock_options=="no_stock_level"){
	$variant_level_stock="no";
	$variant_to_stock = -1;
	$availability = $_POST['availability'];
}



		//inser into product table 
		$sql = "UPDATE products SET product_name='$product_name',product_overview='$product_overview', product_description='$product_description', product_price=$product_price, product_deal_price=$product_deal_price, brand_id=$brand_id,  product_code='$product_code', tags='$tags', is_special='$is_special', is_new='$is_new', is_featured='$is_featured', product_status='$product_status', product_type='$product_type', product_qty=$product_qty, is_clearence='$is_clearence' , taxable='$taxable', variant_level_stock = '$variant_level_stock', stock_variant_group_id = $variant_to_stock, availability = '$availability', stock_options = '$stock_options'  WHERE product_id='$product_id'";
		//echo $sql;
		$results = mysql_query($sql);
		//echo $sql;
		$tag_array = explode(",",$tags);
		
		foreach ($tag_array as $temp_tag){
		$temp_tag = str_replace(" ","*",$temp_tag);
		$temp_tag = str_replace("*","",$temp_tag);
		if($temp_tag!=""){
			$sql = "SELECT * FROM available_tags WHERE tag='".$temp_tag."'";
			$results = mysql_query($sql);
			$total_found_rec = mysql_num_rows($results);
			if($total_found_rec>0){
			}else{
				//
					$sql2 = "INSERT INTO available_tags (tag) VALUES ('".$temp_tag."')";
					$results2 = mysql_query($sql2);
				//
			}
		}
		}
				
		//update stock varaint tbl
		/*
		if($variant_level_stock=="yes"){
		
			$sql_temp = "DELETE FROM product_stock WHERE product_id='$product_id'";
			$results_temp = mysql_query($sql_temp);
		
			$sql_all_stock_variants = "SELECT * FROM variants WHERE variant_group_id=".$_POST['stock_variant_group_id'];
			$results_all_stock_variants = mysql_query($sql_all_stock_variants);
			while($row_all_stock_variants = mysql_fetch_array($results_all_stock_variants) )
			{
				$stock_variant_qty_value = $_POST['stock_variant_qty_'.$row_all_stock_variants['variant_id']]; //qty
				$stock_variant_id = $row_all_stock_variants['variant_id'];
				
				$sql_stock_variant_group = "INSERT INTO product_stock (product_id, product_qty, variant_id) VALUES ('$product_id', $stock_variant_qty_value, $stock_variant_id)";
					$results_stock_variant_group = mysql_query($sql_stock_variant_group);	
			}//end while
			
			//update pro table
		$sql_temp = "UPDATE products SET product_qty='', stock_variant_group_id=$stock_variant_group_id  WHERE product_id='$product_id'";
		$results_temp = mysql_query($sql_temp);
		
		
		}else{
		
		$sql_temp = "SELECT sum(product_qty) FROM product_stock WHERE product_id='$product_id'";
		$results_temp = mysql_query($sql_temp);
		while($row_temp = mysql_fetch_array($results_temp) )
			{
				$total_pro_qty = $row_temp[0];
			}
		//update pro table
		$sql_temp = "UPDATE products SET product_qty=$total_pro_qty, stock_variant_group_id=''  WHERE product_id='$product_id'";
		$results_temp = mysql_query($sql_temp);
		
		$sql_temp = "DELETE FROM product_stock WHERE product_id='$product_id'";
		$results_temp = mysql_query($sql_temp);
		}
		
		//end stock variant
		*/ //disabled in this version
		/////insert cat
		//
		$sql = "DELETE FROM product_category WHERE product_id='".$product_id."'";
		$results = mysql_query($sql);
		if($category_id!=""){
			foreach ($category_id as $temp_cat_id){
			$sql = "SELECT * FROM product_category WHERE product_id='".$product_id."' AND category_id=".$temp_cat_id;
			$results = mysql_query($sql);
			$total_found_rec = mysql_num_rows($results);
				if($total_found_rec>0){
				}else{
					$sql2 = "INSERT INTO product_category (product_id, category_id) VALUES ('".$product_id."',".$temp_cat_id.")";
					$results2 = mysql_query($sql2);
				}
			
			
			}
		}//end if chk
		////end insert cat
		
		
		/////variants
		///////insert product variants if any
		$variant_group_id = "";
		$variant_group_id = $_POST['variant_group_id'];
		
		
		$sql = "DELETE FROM product_variants WHERE product_id='".$product_id."'";
		$results = mysql_query($sql);
		
		if($variant_group_id!=""){
		//$arr_variant_group_id = explode(",",$variant_group_id);
			foreach ($variant_group_id as $temp_id) {
			$variant_id ="";
			//$variant_id = $_POST[$temp_id.'_variant_id'];
			//echo $temp_id;
			$sql_all_variants = "SELECT * FROM variants WHERE variant_group_id=".$temp_id;
			$results_all_variants = mysql_query($sql_all_variants);
			while($row_all_variants = mysql_fetch_array($results_all_variants) )
			{
				$variant_id_value = $_POST[$row_all_variants['variant_id'].'_variant_id'];
				//echo $variant_id;
				$variant_id = $row_all_variants['variant_id'];
				if($variant_id_value=="yes"){
				$show_variant = "yes";
				}
				else
				{
				$show_variant = "no";
				}
				//echo $row_all_variants['variant_id']."=".$show_variant."-";
				$surcharge = $_POST['edit_variant_surcharge1_'.$variant_id];
				$qty = $_POST['edit_variant_qty_'.$variant_id];
				$sort_order = $_POST['edit_variant_order_'.$variant_id];
				//if($_POST['add_variants']=="yes"){
				
				//echo $surcharge;		
				//}else{
				
					//}//end add if
					
				if($qty==""){$qty=0;}
				
				
				$sql_variant2 = "SELECT * FROM product_variants WHERE variant_id=$variant_id AND product_id='$product_id'";
					$results_variant2 = mysql_query($sql_variant2);
					$cnt_chk = mysql_num_rows($results_variant2);
					if($cnt_chk>0){
						
						$sql_update = "UPDATE product_variants SET surcharge=$surcharge, show_variant='$show_variant', qty=$qty, sort_order=$sort_order  WHERE product_id='$product_id' AND variant_id=$variant_id";
						$results_sql_update = mysql_query($sql_update);
					}else{
						$sql_insert = "INSERT INTO product_variants (product_id, variant_group_id, variant_id, surcharge, show_variant, qty, sort_order) VALUES ('$product_id', $temp_id, $variant_id, $surcharge, '$show_variant', $qty, $sort_order)";
						$results_insert = mysql_query($sql_insert);
					}


			}//end while

					//$surcharge = "";
				
			}//end foreach
		}
		///////
		///end variants
		
		
		/*
		, product_overview, product_description, product_price, category_id, set_id) VALUES ('".$product_id."', '".$product_name."','".$product_overview."','".$product_description."', $product_price, $category_id, $set_id)";
		*/
		//get set _id
		$sql = "SELECT * FROM products WHERE product_id='".$product_id."'";
		$results = mysql_query($sql);
		
		
		while($row = mysql_fetch_assoc($results) )
		{
			$set_id = $row['set_id'];
		}
		
		//get attributes from the set
		$sql = "SELECT * FROM attribute_set_value WHERE set_id=".$set_id;
		$results = mysql_query($sql);
		
		if($set_id!=""){
		while($row = mysql_fetch_assoc($results) )
		{
		$attribute_id = $row['attribute_id'];
			$sql3 = "SELECT * FROM attribute WHERE attribute_id=".$row['attribute_id'];
			$results3 = mysql_query($sql3);
			while($row3 = mysql_fetch_assoc($results3) )
			{
				$attribute_name = $row3['attribute_name'];
			}
			$product_attribute_id = $_POST["product_attribute_id_".$row['attribute_id']];
			$attribute_value = $_POST["attribute_value_".$row['attribute_id']];
			$old_attribute_value = $_POST["old_attribute_value_".$row['attribute_id']];
			
			if($attribute_value!=""){
			$sql4 = "UPDATE product_attributes SET attribute_value='$attribute_value' WHERE id=".$product_attribute_id;
			$results4 = mysql_query($sql4);
				if($attribute_value!=$old_attribute_value){
				
				$sql_user_value = "SELECT * FROM attribute_value WHERE attribute_value='".$attribute_value."'";
				$results_user_value = mysql_query($sql_user_value);
				$match_found = 0;
				$match_found = mysql_num_rows($results_user_value);
					if($match_found == 0){
					$sql_user_value = "INSERT INTO attribute_value (attribute_id, attribute_value) VALUES ($attribute_id, '".$attribute_value."')";
					$results_user_value = mysql_query($sql_user_value);
					}
				}
				
			}
			//inser into product_attributes table 
		/*$sql4 = "INSERT INTO product_attributes (product_id, attribute_id, attribute_name, attribute_value) VALUES ('".$product_id."', ".$attribute_id.", '".$attribute_name."','".$attribute_value."')";
		$results4 = mysql_query($sql4);*/
				
		}
		}//chk set
		
		$uploaddir = $_SERVER['DOCUMENT_ROOT'].'/'.APP_ROOT_DIR.'/product_images/';
		
		for($img_cnt=1;$img_cnt<=$_POST['image_count'];$img_cnt++){
			if(basename($_FILES['image_'.$img_cnt]['name'])!=''){
				$uploadfile = $uploaddir ."$product_id"."_".basename($_FILES['image_'.$img_cnt]['name']);
				$image_filename = "$product_id"."_".basename($_FILES['image_'.$img_cnt]['name']);
				if (move_uploaded_file($_FILES['image_'.$img_cnt]['tmp_name'], $uploadfile)) {
				//echo "File is valid, and was successfully uploaded.\n";
				} else {
					echo "Possible file upload attack!\n";
				}
				$sql_image = "INSERT INTO product_images (product_id, image_filename) VALUES ('".$product_id."', '".$image_filename."')";
				$results_image = mysql_query($sql_image);
				$uploadfile = "";
			} //end if 
		}// for end
		$smarty->assign('msg_pro','Done: Changes saved successfully');

}
/////////////////end edit

//manage
$sql = "SELECT * FROM products WHERE product_id='".$product_id."'";
$results = mysql_query($sql);

while($row = mysql_fetch_assoc($results) )
{
	$selected_product[] = $row;
	//get pro image
	$sql_img = "SELECT * FROM product_images WHERE product_id='".$row['product_id']."' ORDER BY is_main DESC";
	$results_img = mysql_query($sql_img);
	while($row_img = mysql_fetch_assoc($results_img) )
	{
		
			$product_images[] = $row_img;
				
	}
	
	
	// end pro img		
}


//get all pro cat info
$sql = "SELECT * FROM product_category WHERE product_id='".$product_id."'";
$results = mysql_query($sql);

while($row = mysql_fetch_assoc($results) )
{
	$selected_product_cat[] = $row;
}
//end get info
$smarty->assign('selected_product_cat', $selected_product_cat);

$smarty->assign('product_images', $product_images);
$smarty->assign('selected_product', $selected_product);

//
//get cat list
$sql = "SELECT * FROM category ORDER BY category_name";
$results = mysql_query($sql);
$total_cat = mysql_num_rows($results);

while($row = mysql_fetch_assoc($results) )
{
	$all_categories[] = $row;		
}

$smarty->assign('all_categories', $all_categories);
$smarty->assign('cat_list', $all_categories); //for select box
//end cat list

//get brand list
$sql = "SELECT * FROM brands ORDER BY brand_name";
$results = mysql_query($sql);
$total_brand = mysql_num_rows($results);

while($row = mysql_fetch_assoc($results) )
{
	$all_brands[] = $row;		
}

$smarty->assign('all_brands', $all_brands);
//end brand list

/*/get attribute set list
$sql = "SELECT * FROM products WHERE product_id='".$product_id."'";
$results = mysql_query($sql);

while($row = mysql_fetch_assoc($results) )
{
	$set_id = $row['set_id'];
}
$sql = "SELECT * FROM attribute_set_value WHERE set_id=".$set_id." ORDER BY attribute_name";
$results = mysql_query($sql);

while($row = mysql_fetch_assoc($results) )
{
	$product_attributes[] = $row;		
}
*/
$sql = "SELECT * FROM product_attributes WHERE product_id='".$product_id."'";
$results = mysql_query($sql);

while($row = mysql_fetch_assoc($results) )
{
	$product_attributes[] = $row;
}
$smarty->assign('product_attributes', $product_attributes);
//end attribute set list


//////////////////
//get attribute set value list
$sql = "SELECT * FROM products WHERE product_id='".$product_id."'";
$results = mysql_query($sql);

while($row = mysql_fetch_assoc($results) )
{
	$set_id = $row['set_id'];
	$stock_variant_group_id = $row['stock_variant_group_id'];
}

	if($set_id!=""){
	$sql = "SELECT * FROM attribute_set_value WHERE set_id=$set_id";
	$results = mysql_query($sql);

	while($row = mysql_fetch_assoc($results) )
	{	
	//echo "<br>-------------------<br>"; //attribute_set_value table fields
	$all_attribute_set_id[] = $row;
	//echo $row['set_id']. " ==== ".$row['attribute_name']."<br>";
	
			$sql2 = "SELECT * FROM attribute_value WHERE attribute_id=".$row['attribute_id'];
			$results2 = mysql_query($sql2);
			while($row2 = mysql_fetch_assoc($results2) )
			{
				$all_attribute_set_value[] = $row2;
				//echo $row2['attribute_id']. " === ".$row2['attribute_value']."<br>";
			}	
	
	}
	}//ens set chk
	
	$smarty->assign('all_attribute_set_value', $all_attribute_set_value);
	$smarty->assign('all_attribute_set_id', $all_attribute_set_id);
	$smarty->assign('attribute_set_id', $set_id);

//end attribute set value list

//////////////////

//list variants
//manage this is to show only stock mangement at variant level
$sql = "SELECT * FROM products WHERE product_id='$product_id'";
$results = mysql_query($sql);
$total_v = mysql_num_rows($results);
while($row = mysql_fetch_assoc($results) )
{
	
	$sql2 = "SELECT * FROM variant_group WHERE variant_group_id=".$row['stock_variant_group_id'];
	$results2 = mysql_query($sql2);
	while($row2 = mysql_fetch_assoc($results2) )
	{
		//$list_product_variant_groups[] = $row2;	
		//$list_product_variant_groups_id[] = $row['variant_group_id'];
	}
			
}
/**/
//manage
//get $row['stock_variant_group_id'];

//this is returning all variant groups
$sql = "SELECT DISTINCT variant_group_id FROM product_variants WHERE product_id='$product_id'";
$results = mysql_query($sql);
while($row = mysql_fetch_assoc($results) )
{
	$sql2 = "SELECT * FROM variant_group WHERE variant_group_id=".$row['variant_group_id'];
	//$sql2 = "SELECT * FROM variant_group WHERE variant_group_id=".$row['variant_group_id'];
	$results2 = mysql_query($sql2);
	while($row2 = mysql_fetch_assoc($results2) )
	{
		$list_product_variant_groups[] = $row2;	
		//$list_product_variant_groups_id[] = $row['variant_group_id'];
	}
}

$smarty->assign('list_product_variant_groups', $list_product_variant_groups);
//end manage

///list all sub variants
//manage
$sql = "SELECT * FROM product_variants WHERE product_id='$product_id' ORDER BY sort_order";
$results = mysql_query($sql);
$total_v = mysql_num_rows($results);
while($row = mysql_fetch_assoc($results) )
{
	$list_all_product_sub_variants[] = $row;
	
			
}
$smarty->assign('list_all_product_sub_variants', $list_all_product_sub_variants);
//end manage

//end list variants

//remaining

$sql = "SELECT * FROM variant_group WHERE variant_group_id NOT IN (SELECT DISTINCT variant_group_id FROM product_variants WHERE product_id='$product_id')";;
$results = mysql_query($sql);

while($row = mysql_fetch_assoc($results) )
{
	$list_remaining_variant_group[] = $row;		
}

$smarty->assign('list_remaining_variant_group', $list_remaining_variant_group);

//list variants
//manage
$sql = "SELECT * FROM variant_group ORDER BY group_name";
$results = mysql_query($sql);
$total_group = mysql_num_rows($results);
$smarty->assign('total_group', $total_group);

while($row = mysql_fetch_assoc($results) )
{
	$list_all_variant_group[] = $row;		
}

$smarty->assign('list_all_variant_group', $list_all_variant_group);
//end manage



///list all sub variants
//manage
$sql = "SELECT * FROM variants ORDER BY variant_name";
$results = mysql_query($sql);
$total_sub_variants = mysql_num_rows($results);
$smarty->assign('total_sub_variants', $total_sub_variants);

while($row = mysql_fetch_assoc($results) )
{
	$list_all_sub_variants[] = $row;		
}

$smarty->assign('list_all_sub_variants', $list_all_sub_variants);

//end manage

//end list variants

//list all tags
$sql = "SELECT * FROM available_tags ORDER BY tag";
$results = mysql_query($sql);
while($row = mysql_fetch_assoc($results) )
{
	$available_tags[] = $row;		
}

$smarty->assign('available_tags', $available_tags);

//manage




//end list all tags
$smarty->assign('product_id', $product_id);

$smarty->display('edit_product.tpl');
?>
Return current item: Simple PHP Shopping cart - asaancart