Etusivu Tutki Apua
Rekisteröidy Kirjaudu sisään
igamebox
/
mtb_crm_asp
1
0
Haarauta 0
Tiedostot Esitykset 0 Vetopyynnöt 0 Wiki
Puu: f84d8d2fb1
Haarat Tunnisteet
mtb_crm_asp
/
system
/
save_product.php

save_product.php 4.5 KB
Historia Raaka

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108 
  1. <?php
    2. 

  2. require_once('conn.php');
    3. 

  3. 

  4. // Check login status
    5. 

  5. checkLogin("信息管理");
    6. 

  6. 

  7. // Initialize all variables to avoid undefined warnings
    8. 

  8. $id = isset($_POST['id']) ? $_POST['id'] : '';
    9. 

  9. $product_name = isset($_POST['ProductName']) ? htmlspecialcharsFix($_POST['ProductName']) : '';
    10. 

  10. $product_img = isset($_POST['ProductImg']) ? htmlspecialcharsFix($_POST['ProductImg']) : '';
    11. 

  11. $unit = isset($_POST['unit']) ? htmlspecialcharsFix($_POST['unit']) : '';
    12. 

  12. $moq = isset($_POST['moq']) ? htmlspecialcharsFix($_POST['moq']) : '';
    13. 

  13. $category_id = isset($_POST['category_id']) ? intval($_POST['category_id']) : 0;
    14. 

  14. $nosale = isset($_POST['nosale']) ? $_POST['nosale'] : array();
    15. 

  15. $num = isset($_POST['num']) ? $_POST['num'] : array();
    16. 

  16. $price = isset($_POST['price']) ? $_POST['price'] : array();
    17. 

  17. $note = isset($_POST['note']) ? htmlspecialcharsFix($_POST['note']) : '';
    18. 

  18. $tips = isset($_POST['tips']) ? htmlspecialcharsFix($_POST['tips']) : '';
    19. 

  19. $keys = isset($_POST['keys']) ? $_POST['keys'] : '';
    20. 

  20. $page = isset($_POST['page']) ? $_POST['page'] : 1;
    21. 

  21. 

  22. // Redirect URL
    23. 

  23. $redirect_url = "products.php?Keys=" . $keys . "&Page=" . $page;
    24. 

  24. if ($category_id) {
    25. 

  25.     $redirect_url .= "&category_id=" . $category_id;
    26. 

  26. }
    27. 

  27. 

  28. // Determine if this is an edit or a new record
    29. 

  29. $is_edit = (!empty($id) && is_numeric($id));
    30. 

  30. 

  31. // Process nosale array into comma-separated string
    32. 

  32. $nosale_str = '';
    33. 

  33. if (is_array($nosale) && !empty($nosale)) {
    34. 

  34.     $nosale_clean = array_map('intval', $nosale); // Ensure all values are integers
    35. 

  35.     $nosale_str = implode(',', $nosale_clean);
    36. 

  36. }
    37. 

  37. 

  38. // Validate form data (add your validation here)
    39. 

  39. if (empty($product_name)) {
    40. 

  40.     // You could add error handling here
    41. 

  41.     header("Location: " . $redirect_url);
    42. 

  42.     exit();
    43. 

  43. }
    44. 

  44. 

  45. if ($is_edit) {
    46. 

  46.     // Update existing product
    47. 

  47.     $sql = "UPDATE products SET 
    48. 

  48.             ProductName = '" . mysqli_real_escape_string($conn, $product_name) . "',
    49. 

  49.             ProductImg = '" . mysqli_real_escape_string($conn, $product_img) . "',
    50. 

  50.             Addtime = NOW(),
    51. 

  51.             moq = '" . mysqli_real_escape_string($conn, $moq) . "',
    52. 

  52.             unit = '" . mysqli_real_escape_string($conn, $unit) . "',
    53. 

  53.             nosale = '" . $nosale_str . "',
    54. 

  54.             note = '" . mysqli_real_escape_string($conn, $note) . "',
    55. 

  55.             tips = '" . mysqli_real_escape_string($conn, $tips) . "',
    56. 

  56.             category_id = " . $category_id . "
    57. 

  57.             WHERE id = " . (int)$id;
    58. 

  58.     mysqli_query($conn, $sql);
    59. 

  59.     
    60. 

  60.     // Handle price updates
    61. 

  61.     mysqli_query($conn, "DELETE FROM price WHERE productId = " . (int)$id . " AND AreaId = 0");
    62. 

  62.     
    63. 

  63.     if (is_array($num) && is_array($price)) {
    64. 

  64.         foreach ($num as $key => $num_value) {
    65. 

  65.             if (isset($price[$key])) { // Only process if we have both num and price
    66. 

  66.                 $num_value = empty($num_value) ? 0 : (float)$num_value;
    67. 

  67.                 $price_value = empty($price[$key]) ? 0 : (float)$price[$key];
    68. 

  68.                 $sql = "INSERT INTO price (productId, AreaId, num, price) VALUES 
    69. 

  69.                         (" . (int)$id . ", 0, " . $num_value . ", '" . $price_value . "')";
    70. 

  70.                 mysqli_query($conn, $sql);
    71. 

  71.             }
    72. 

  72.         }
    73. 

  73.     }
    74. 

  74. } else {
    75. 

  75.     // Insert new product
    76. 

  76.     $sql = "INSERT INTO products (ProductName, ProductImg, Addtime, moq, unit, nosale, note, tips, category_id) 
    77. 

  77.             VALUES (
    78. 

  78.                 '" . mysqli_real_escape_string($conn, $product_name) . "',
    79. 

  79.                 '" . mysqli_real_escape_string($conn, $product_img) . "',
    80. 

  80.                 NOW(),
    81. 

  81.                 '" . mysqli_real_escape_string($conn, $moq) . "',
    82. 

  82.                 '" . mysqli_real_escape_string($conn, $unit) . "',
    83. 

  83.                 '" . $nosale_str . "',
    84. 

  84.                 '" . mysqli_real_escape_string($conn, $note) . "',
    85. 

  85.                 '" . mysqli_real_escape_string($conn, $tips) . "',
    86. 

  86.                 " . $category_id . "
    87. 

  87.             )";
    88. 

  88.     mysqli_query($conn, $sql);
    89. 

  89.     $id = mysqli_insert_id($conn);
    90. 

  90.     
    91. 

  91.     // Handle price insertions
    92. 

  92.     if (is_array($num) && is_array($price)) {
    93. 

  93.         foreach ($num as $key => $num_value) {
    94. 

  94.             if (isset($price[$key])) { // Only process if we have both num and price
    95. 

  95.                 $num_value = empty($num_value) ? 0 : (float)$num_value;
    96. 

  96.                 $price_value = empty($price[$key]) ? 0 : (float)$price[$key];
    97. 

  97.                 $sql = "INSERT INTO price (productId, AreaId, num, price) VALUES 
    98. 

  98.                         (" . (int)$id . ", 0, " . $num_value . ", '" . $price_value . "')";
    99. 

  99.                 mysqli_query($conn, $sql);
    100. 

  100.             }
    101. 

  101.         }
    102. 

  102.     }
    103. 

  103. }
    104. 

  104. 

  105. // Redirect after save
    106. 

  106. mysqli_close($conn);
    107. 

  107. header("Location: " . $redirect_url);
    108. 

  108. exit(); 
    109.