Location: PHPKode > scripts > Idut Shop for Google Checkout > idut-shop-for-google-checkout/admin.php
<?php
/* Idut Shop 1.0 (beta)
 * (c) 2008 Idut - www.idut.co.uk
 * admin.php
 */
session_start();
include("config.php");
include("header.php");
doLogin();

if(!$IS_CONFIG['db_already_connected']){
        $link = mysql_connect($IS_CONFIG['db_host'], $IS_CONFIG['db_user'], $IS_CONFIG['db_pass']) or die('Could not connect: ' . mysql_error());
        mysql_select_db($IS_CONFIG['db_database']) or die('Could not select database');
}

if($_GET['c'] == "details"){
        showDetails();
}elseif($_GET['c'] == "products"){
        showProducts();
}elseif($_GET['c'] == "new"){
        showNew();
}elseif($_POST['c'] == "donew"){
        doNew();
}elseif($_GET['c'] == "install"){
        showInstall();
}elseif($_GET['c'] == "doinstall"){
        doInstall();
}elseif($_POST['c'] == "doupdate"){
        doUpdate($_POST['id']);
}elseif($_GET['c'] == "delete"){
        doDelete($_GET['id']);
}else{
        showMain();
}
echo '<br/><br/><a href="?">Return to Admin home?</a>';
echo '<br/><br/><a href="http://www.idut.co.uk/"><img src="http://www.idut.co.uk/idutpowered.png" border=0 alt="Powered by Idut Shop"/></a>';
include("footer.php");
function showMain(){
?>
<ul>
<li><a href="?c=install">Install Shop Database</a></li>
<li><a href="?c=products">Manage Existing Products</a></li>
<li><a href="?c=new">Add New Product</a></li>
</ul>
<?php
}//showMain

function showProducts(){
        global $IS_CONFIG;
        echo "<b>Select a product to manage:</b><br/>";
        $query = 'SELECT * FROM '.$IS_CONFIG['db_table'].' ORDER BY id';
        $result = mysql_query($query) or die('Query failed: ' . mysql_error());

        echo "<table>";
        while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
            echo "<tr>";
            echo "<td><a href=\"?c=details&id=$line[id]\">$line[title]</a></td><td align=\"right\">$IS_CONFIG[currency_symbol]$line[price]</td>";
            echo "<td width=\"110\" rowspan=2>";
            if($line[thumb]) echo "<a href=\"?c=details&id=$line[id]\"><img src=\"$IS_CONFIG[thumb_dir]$line[thumb]\" style=\"border:1px solid black;\"/></a>";
            echo "</td>";
            echo "</tr><tr><td colspan=2 valign=top>$line[description]</td>";
            echo "</tr><tr><td colspan=3 align=\"center\"><hr></td>";
            echo "</tr>";
        }
        echo "</table>";
}//showProducts

function showDetails(){
        global $IS_CONFIG;
        $query = "SELECT * FROM $IS_CONFIG[db_table] WHERE id = '$_GET[id]'";
        $result = mysql_query($query) or die('Query failed: ' . mysql_error());
        echo "<table>";
        $line = mysql_fetch_array($result, MYSQL_ASSOC);
        echo "<tr>";
            echo "<td><big><b>$line[title]</b></big></td><td align=\"right\">$IS_CONFIG[currency_symbol]$line[price]</td>";
            echo "<td width=\"110\" rowspan=2>";
            if($line[thumb]) echo "<img src=\"$IS_CONFIG[thumb_dir]$line[thumb]\" style=\"border:1px solid black;\"/>";
            echo "</td>";
            echo "</tr><tr><td colspan=2 valign=top>$line[description]</td>";
            echo "</tr>";
        echo "</table>";
        echo "<a href=\"?c=products\">Return to products?</a>";
        
        if($line['instock']){
                $instock = 'checked="checked"';
        }
        ?>
        <script>
        function confirmation(id) {
        var answer = confirm("Continue to delete this product?")
        if (answer){
                window.location = "?c=delete&id="+id;
        }
        }
        </script>
<form name="" id="" method="post" action="?">
  <table border="0" cellspacing="0" cellpadding="5">
    <tr>
      <td align="right">Product Name: </td>
      <td><input name="title" type="text" id="title" value="<?php echo $line['title'];?>"/></td>
    </tr>
    <tr>
      <td align="right">Description:</td>
      <td><textarea name="description" id="description" cols="50" rows="4"><?php echo $line['description'];?></textarea></td>
    </tr>
    <tr>
      <td align="right">Price:</td>
      <td><?php echo $IS_CONFIG['currency_symbol']; ?><input name="price" type="text" id="price" size="5" value="<?php echo $line['price'];?>"/></td>

    </tr>
    <tr>
      <td align="right">Large Image: </td>
      <td><input name="image" type="text" id="image"  value="<?php echo $line['image'];?>"/></td>

    </tr>
    <tr>
      <td align="right">Thumbnail image:</td>
      <td><input name="thumb" type="text" id="thumb"  value="<?php echo $line['thumb'];?>"/></td>

    </tr>
    <tr>
      <td align="right">Current in stock: </td>
      <td><input name="instock" type="checkbox" id="instock" value="true" <?php echo $instock;?> /></td>

    </tr>
    <tr>
      <td align="right"><input name="c" type="hidden" id="c"  value="doupdate" />
      <input name="id" type="hidden" id="id"  value="<?php echo $line['id'];?>" /></td>
      <td><input type="submit" value="Update Product" /> <a href="#" onclick="confirmation('<?php echo $line['id'];?>');">Delete this product</a> </td>

    </tr>
  </table>
</form>
        <?php
}//showDetails

function doUpdate($id){
        global $IS_CONFIG;
        if($_POST['instock']){
                $instock = '1';
        }else{
                $instock = '0';
        }
        
        $query = "UPDATE $IS_CONFIG[db_table] SET title = '$_POST[title]',description = '$_POST[description]',price = '$_POST[price]',image = '$_POST[image]',thumb = '$_POST[thumb]',instock = '$instock' WHERE id = $id";
        $result = mysql_query($query) or die('Query failed: ' . mysql_error());
        
        echo 'This product has been updated!<br/><br/>';
        echo "<a href=\"?c=products\">Return to products?</a>";

}//doUpdate

function showNew(){
?>
<form name="" id="" method="post" action="?" enctype="multipart/form-data">
  <table border="1" cellspacing="0" cellpadding="5">
    <tr>
      <td align="right">Product Name: </td>
      <td><input name="title" type="text" id="title"/></td>
    </tr>
    <tr>
      <td align="right">Description:</td>
      <td><textarea name="description" id="description" cols="50" rows="4"></textarea></td>
    </tr>
    <tr>
      <td align="right">Price:</td>
      <td><?php echo $IS_CONFIG['currency_symbol']; ?><input name="price" type="text" id="price" size="5" /></td>
    </tr>
    <tr>
      <td align="right">Upload new photo: </td>
      <td><input name="f" type="file" id="f" />
      <br/><b>or use existing:</b><br/>
      Large Image: <input name="image" type="text" id="image"/>
      Thumbnail image: <input name="thumb" type="text" id="thumb"/></td>
    </tr>
    <tr>
      <td align="right">Current in stock: </td>
      <td><input name="instock" type="checkbox" id="instock" value="true" checked /></td>
    </tr>
    <tr>
      <td align="right"><input name="c" type="hidden" id="c"  value="donew" /></td>
      <td><input type="submit" value="Add Product" /></td>
    </tr>
  </table>
</form>
<?php
}//showNew
function doNew(){
        global $IS_CONFIG;
        
        $f = $_FILES['f'];

        $uploaddir = $IS_CONFIG['image_dir'];
        $uploadfile = $IS_CONFIG['image_dir']. basename($f['name']);
        if(file_exists($uploadfile)){
                $keepgoing = true;
                $count = 1;
                $t = explode(".",$f['name']);
                $t1 = null;
                for($i = 0;$i<count($t)-1;$i++){
                        $t1 = $t1.$t[$i];
                }
                while($keepgoing){
                        if(!file_exists($uploaddir.$t1."_$count.".$t[(count($t)-1)])){
                                $keepgoing = false;
                                $f['name'] = $t1."_$count.".$t[(count($t)-1)];
                                $uploadfile = $uploaddir . basename($f['name']);
                        }
                        $count++;
                }
        }

        if (move_uploaded_file($f['tmp_name'], $uploadfile)) {
        //IMAGE
                $width = 500;
                $height = 375;

                $file = $uploadfile;
                $filetype = substr($file,-3);
        if($filetype == "jpg"){
                $img = imagecreatefromjpeg($file);
        }elseif($filetype == "gif"){
                $img = imagecreatefromgif($file);
        }elseif($filetype == "png"){
                $img = imagecreatefrompng($file);
        }

        $imgsize = getimagesize($file);
        $newimg = imagecreatetruecolor($width,$height);
        $ratioH = (double)($imgsize[1] / $height);
        $newWidth = round($width * $ratioH);
        if ($newWidth > $imgsize[0]){
                $ratio = (double)($imgsize[0] / $width);
                $newWidth = $imgsize[0];
                $newHeight = round($height * $ratio);
                $xOffset = 0;
                $yOffset = round(($imgsize[1] - $newHeight) / 2);
        }else{
                $newHeight = $imgsize[1];
                $xOffset = round(($imgsize[0] - $newWidth) / 2);
                $yOffset = 0;
        }

        imagecopyresampled($newimg, $img, 0, 0, $xOffset, $yOffset, $width, $height, $newWidth, $newHeight);
        if($filetype == "jpg"){
                $img = imagejpeg($newimg, $file);
        }elseif($filetype == "gif"){
                $img = imagegif($newimg, $file);
        }elseif($filetype == "png"){
                $img = imagepng($newimg, $file);
        }
        imagedestroy($newimg);
        
        //THUMB
        $width = 110;
        $height = 75;
                $file = $IS_CONFIG['thumb_dir'].$f['name'];
                $filetype = substr($file,-3);
        if($filetype == "jpg"){
                $img = imagecreatefromjpeg($uploadfile);
        }elseif($filetype == "gif"){
                $img = imagecreatefromgif($uploadfile);
        }elseif($filetype == "png"){
                $img = imagecreatefrompng($uploadfile);
        }

        $imgsize = getimagesize($uploadfile);
        $newimg = imagecreatetruecolor($width,$height);
        $ratioH = (double)($imgsize[1] / $height);
        $newWidth = round($width * $ratioH);
        if ($newWidth > $imgsize[0]){
                $ratio = (double)($imgsize[0] / $width);
                $newWidth = $imgsize[0];
                $newHeight = round($height * $ratio);
                $xOffset = 0;
                $yOffset = round(($imgsize[1] - $newHeight) / 2);
        }else{
                $newHeight = $imgsize[1];
                $xOffset = round(($imgsize[0] - $newWidth) / 2);
                $yOffset = 0;
        }

        imagecopyresampled($newimg, $img, 0, 0, $xOffset, $yOffset, $width, $height, $newWidth, $newHeight);
        if($filetype == "jpg"){
                $img = imagejpeg($newimg, $file);
        }elseif($filetype == "gif"){
                $img = imagegif($newimg, $file);
        }elseif($filetype == "png"){
                $img = imagepng($newimg, $file);
        }
        imagedestroy($newimg);
        chmod($IS_CONFIG['thumb_dir'].$f['name'], 0644);
        chmod($IS_CONFIG['image_dir'].$f['name'], 0644);
        $_POST['image'] = $f['name'];
        $_POST['thumb'] = $f['name'];
        }else{
                echo "It was not possible to upload your file.<br/>";
                if($f['error'] == 1){
                        echo "Your file was too large. Try making it smaller by compressing it or reducing the quality.";
                }elseif($f['error'] == 2){
                        echo "Your file was too large. Try making it smaller by compressing it or reducing the quality.";
                }elseif($f['error'] == 3){
                        echo "Your file was only partially uploaded. Please try again.";
                }elseif($f['error'] == 4){
                        echo "You didn't select a file to upload. Please try again.";
                }else{
                        echo "If you continue to experience this error, please contact support to resolve this and quote number $f[error]";
                }
        }
        
        if($_POST['instock']){
                $instock = '1';
        }else{
                $instock = '0';
        }

        $query = "INSERT INTO $IS_CONFIG[db_table](title,description,price,image,thumb,instock) VALUES('$_POST[title]','$_POST[description]','$_POST[price]','$_POST[image]','$_POST[thumb]','$instock')";
        $result = mysql_query($query) or die('Query failed: ' . mysql_error());

        echo 'This product has been added!<br/><br/>';
        echo "<a href=\"?c=products\">Return to products?</a>";
}//doNew

function showInstall(){
?>
<a href="?c=doinstall">Click here to create the database table so you can add products.</a><br/><br/>
Please note that this should only be done once.
<?php
}//showInstall

function doInstall(){
        global $IS_CONFIG;
        $query = "CREATE TABLE IF NOT EXISTS `$IS_CONFIG[db_table]` (
  `id` int(6) unsigned NOT NULL auto_increment,
  `title` varchar(100) NOT NULL default '',
  `description` text,
  `price` decimal(3,2) NOT NULL default '0.00',
  `image` varchar(255) default NULL,
  `thumb` varchar(255) default NULL,
  `instock` tinyint(1) NOT NULL default '1',
  PRIMARY KEY  (`id`)
) ENGINE=MyISAM  DEFAULT CHARSET=latin1;";
        $result = mysql_query($query) or die('Query failed: ' . mysql_error());
        echo "The database table has been installed. You can now add products.";
        echo "<a href=\"?\">Return to admin home?</a>";
}//doInstall

function doDelete($id){
        global $IS_CONFIG;
        $query = "DELETE FROM $IS_CONFIG[db_table] WHERE id = '$id'";
        $result = mysql_query($query) or die('Query failed: ' . mysql_error());
        echo "The product has been deleted.<br/><br/>";
        echo "<a href=\"?c=products\">Return to products?</a>";
}//doDelete
function doLogin(){
        global $IS_CONFIG;
        if(isset($_SESSION['user']) AND isset($_SESSION['pass'])){
                if($_SESSION['user'] != $IS_CONFIG['username'] OR $_SESSION['pass'] != md5($IS_CONFIG['password'])){
                        unset($_SESSION['user']);
                        unset($_SESSION['pass']);
                        doLogin();
                        exit;
                }
        }elseif(isset($_POST['username']) AND isset($_POST['password'])){
                if($_POST['username'] == $IS_CONFIG['username'] AND $_POST['password'] == $IS_CONFIG['password']){
                        $_SESSION['user'] = $_POST['username'];
                        $_SESSION['pass'] = md5($_POST['password']);
                }else{
                        echo "<b>Error:</b> your username and password were not recognised. Please try again";
                        exit;
                }
        }else{
                $form_to = "http://$_SERVER[HTTP_HOST]$_SERVER[PHP_SELF]";
                if(isset($_SERVER["QUERY_STRING"]))
                $form_to = $form_to ."?". $_SERVER["QUERY_STRING"];
                ?>
                <table class="canvas" align="center"><tr><td align="center">
                <form method="post" action="<?php echo $form_to; ?>">
                <table border=0 width=350 align="center" >
                <TR>
                <TD>User Name:</TD>
                <TD><input type="text" name="username" size=20></TD></TR>
                <TR>
                <TD>Password:</TD>
                <TD><input type="password" name="password" size=20></TD>
                </TR>
                </table>
                <input type="submit" value="Login"><br/><br/>To log out, simply close this browser window.</form>
                </table>
                <?php
                exit;
        }
}//doLogin
?>
Return current item: Idut Shop for Google Checkout