admin/34000-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

shopping cart

Browse Source
This commit is contained in:
Flatlogic Bot 2025-09-10 21:21:48 +00:00
parent 8d45670c2f
commit 4442e0bd2e
10 changed files with 323 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
admin/edit_product.php
View File

@ -57,7 +57,7 @@ if (isset($_GET['id'])) {
<div class="card">
<div class="card-body">
<form action="save_product.php" method="POST">
<form action="save_product.php" method="POST" enctype="multipart/form-data">
<?php if ($product['id']): ?>
<input type="hidden" name="id" value="<?php echo $product['id']; ?>">
<?php endif; ?>
@ -81,8 +81,12 @@ if (isset($_GET['id'])) {
</div>
</div>
<div class="mb-3">
<label for="image_url" class="form-label">Image URL</label>
<input type="text" class="form-control" id="image_url" name="image_url" value="<?php echo htmlspecialchars($product['image_url']); ?>">
<label for="image" class="form-label">Product Image</label>
<input type="file" class="form-control" id="image" name="image">
<?php if ($product['image_url']): ?>
<p class="form-text mt-2">Current image:</p>
<img src="../uploads/<?php echo htmlspecialchars($product['image_url']); ?>" alt="<?php echo htmlspecialchars($product['name']); ?>" style="max-width: 100px; max-height: 100px;">
<?php endif; ?>
</div>
<button type="submit" class="btn btn-primary">Save Product</button>

42
admin/save_product.php
View File

@ -13,7 +13,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$description = trim($_POST['description'] ?? '');
$price = filter_var($_POST['price'], FILTER_VALIDATE_FLOAT);
$stock_quantity = filter_var($_POST['stock_quantity'], FILTER_VALIDATE_INT);
$image_url = trim($_POST['image_url'] ?? '');
$id = $_POST['id'] ?? null;
// Basic validation
@ -24,6 +23,46 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
}
$pdo = db();
$image_url = '';
if ($id) {
// Fetch existing product's image url
$stmt = $pdo->prepare("SELECT image_url FROM products WHERE id = ?");
$stmt->execute([$id]);
$image_url = $stmt->fetchColumn();
}
// Handle file upload
if (isset($_FILES['image']) && $_FILES['image']['error'] === UPLOAD_ERR_OK) {
$uploadDir = __DIR__ . '/../uploads/';
// Sanitize the filename
$originalName = basename($_FILES['image']['name']);
$safeName = preg_replace("/[^a-zA-Z0-9-_.]+/", "", $originalName);
$fileName = uniqid('', true) . '_' . $safeName;
$uploadFile = $uploadDir . $fileName;
// Validate file type
$imageFileType = strtolower(pathinfo($uploadFile, PATHINFO_EXTENSION));
$allowedTypes = ['jpg', 'jpeg', 'png', 'gif'];
if (!in_array($imageFileType, $allowedTypes)) {
$_SESSION['error_message'] = 'Only JPG, JPEG, PNG & GIF files are allowed.';
header('Location: ' . ($_SERVER['HTTP_REFERER'] ?? 'index.php'));
exit;
}
if (move_uploaded_file($_FILES['image']['tmp_name'], $uploadFile)) {
// Delete old image if a new one is uploaded
if ($image_url && file_exists($uploadDir . $image_url)) {
unlink($uploadDir . $image_url);
}
$image_url = $fileName;
} else {
$_SESSION['error_message'] = 'Failed to upload image.';
header('Location: ' . ($_SERVER['HTTP_REFERER'] ?? 'index.php'));
exit;
}
}
try {
if ($id) {
@ -40,7 +79,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$_SESSION['success_message'] = 'Product added successfully.';
}
} catch (PDOException $e) {
// In a real app, you would log this error, not show it to the user
$_SESSION['error_message'] = 'Database error. Could not save product.';
}

BIN
assets/pasted-20250910-210544-2d3a1682.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 67 KiB

BIN
assets/pasted-20250910-211133-18a40e8c.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 60 KiB

BIN
assets/pasted-20250910-211808-2c0c6132.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 36 KiB

206
basket.php Normal file
View File

@ -0,0 +1,206 @@
<?php
session_start();
require_once 'db/config.php';
// Initialize basket if it doesn't exist
if (!isset($_SESSION['basket'])) {
$_SESSION['basket'] = [];
}
$pdo = db();
// Handle actions
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action'])) {
$productId = $_POST['product_id'] ?? null;
switch ($_POST['action']) {
case 'add':
if ($productId) {
// Check if product exists and is in stock
$stmt = $pdo->prepare('SELECT name, stock_quantity FROM products WHERE id = ?');
$stmt->execute([$productId]);
$product = $stmt->fetch();
if ($product && $product['stock_quantity'] > 0) {
if (isset($_SESSION['basket'][$productId])) {
// Prevent adding more than available stock
if ($_SESSION['basket'][$productId] < $product['stock_quantity']) {
$_SESSION['basket'][$productId]++;
} else {
$_SESSION['message']['warning'] = "Cannot add more of this item. Not enough stock for " . $product['name'];
}
} else {
$_SESSION['basket'][$productId] = 1;
}
} else {
$_SESSION['message']['danger'] = "Cannot add item. Not enough stock for " . $product['name'];
}
}
break;
case 'update':
$quantity = $_POST['quantity'] ?? 1;
if ($productId && $quantity > 0) {
// Check stock
$stmt = $pdo->prepare('SELECT name, stock_quantity FROM products WHERE id = ?');
$stmt->execute([$productId]);
$product = $stmt->fetch();
if ($product && $quantity <= $product['stock_quantity']) {
$_SESSION['basket'][$productId] = (int)$quantity;
} else {
$_SESSION['message']['danger'] = "Cannot update quantity. Not enough stock for " . $product['name'];
}
} else if ($productId && $quantity <= 0) {
unset($_SESSION['basket'][$productId]);
}
break;
case 'remove':
if ($productId) {
unset($_SESSION['basket'][$productId]);
}
break;
}
// Redirect to avoid form resubmission
$redirect_url = $_POST['return_url'] ?? 'basket.php';
header('Location: ' . $redirect_url);
exit;
}
// Fetch product details for items in basket
$basketItems = [];
$totalPrice = 0;
if (!empty($_SESSION['basket'])) {
$productIds = array_keys($_SESSION['basket']);
$placeholders = implode(',', array_fill(0, count($productIds), '?'));
$stmt = $pdo->prepare("SELECT id, name, price, description, stock_quantity FROM products WHERE id IN ($placeholders)");
$stmt->execute($productIds);
$products = $stmt->fetchAll(PDO::FETCH_ASSOC | PDO::FETCH_GROUP);
foreach ($_SESSION['basket'] as $productId => $quantity) {
if (isset($products[$productId])) {
$product = $products[$productId][0];
$itemPrice = $product['price'] * $quantity;
$totalPrice += $itemPrice;
$basketItems[] = [
'id' => $productId,
'name' => $product['name'],
'price' => $product['price'],
'quantity' => $quantity,
'stock_quantity' => $product['stock_quantity'],
'total' => $itemPrice
];
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Shopping Basket - GiftShop</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.3/font/bootstrap-icons.min.css">
<link rel="stylesheet" href="assets/css/custom.css">
</head>
<body>
<!-- Navbar -->
<nav class="navbar navbar-expand-lg navbar-light bg-white shadow-sm">
<div class="container">
<a class="navbar-brand" href="index.php">GiftShop</a>
<div class="collapse navbar-collapse">
<ul class="navbar-nav ms-auto">
<li class="nav-item"><a class="nav-link" href="index.php#products">Products</a></li>
<li class="nav-item"><a class="nav-link" href="index.php#contact">Contact</a></li>
<li class="nav-item">
<a class="nav-link active" href="basket.php">
<i class="bi bi-cart-fill"></i> Basket (<?= array_sum($_SESSION['basket'] ?? []) ?>)
</a>
</li>
</ul>
</div>
</div>
</nav>
<!-- Main Content -->
<main class="container py-5">
<h1 class="mb-4">Your Shopping Basket</h1>
<?php if (isset($_SESSION['message'])):
foreach ($_SESSION['message'] as $type => $message):
?>
<div class="alert alert-<?= $type ?> alert-dismissible fade show" role="alert">
<?= htmlspecialchars($message) ?>
<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
</div>
<?php
endforeach;
unset($_SESSION['message']);
endif;
?>
<?php if (empty($basketItems)): ?>
<div class="alert alert-info text-center">
<p class="mb-0">Your basket is empty.</p>
<a href="index.php" class="btn btn-primary mt-3">Start Shopping</a>
</div>
<?php else: ?>
<div class="row">
<div class="col-lg-8">
<div class="card">
<div class="card-body">
<?php foreach ($basketItems as $item): ?>
<div class="row align-items-center mb-3 pb-3 border-bottom">
<div class="col-md-7">
<h5><?= htmlspecialchars($item['name']) ?></h5>
<p class="text-muted mb-0">$<?= number_format($item['price'], 2) ?></p>
</div>
<div class="col-md-3">
<form action="basket.php" method="post" class="d-flex align-items-center">
<input type="hidden" name="action" value="update">
<input type="hidden" name="product_id" value="<?= $item['id'] ?>">
<input type="number" name="quantity" value="<?= $item['quantity'] ?>" min="1" max="<?= $item['stock_quantity'] ?>" class="form-control form-control-sm" style="width: 70px;" onchange="this.form.submit()">
</form>
</div>
<div class="col-md-2 text-end">
<form action="basket.php" method="post">
<input type="hidden" name="action" value="remove">
<input type="hidden" name="product_id" value="<?= $item['id'] ?>">
<button type="submit" class="btn btn-sm btn-outline-danger"><i class="bi bi-trash"></i></button>
</form>
</div>
</div>
<?php endforeach; ?>
</div>
</div>
</div>
<div class="col-lg-4">
<div class="card shadow-sm">
<div class="card-body">
<h5 class="card-title mb-3">Order Summary</h5>
<div class="d-flex justify-content-between mb-4">
<span class="h5">Total</span>
<span class="h5 text-primary">$<?= number_format($totalPrice, 2) ?></span>
</div>
<a href="#" class="btn btn-primary w-100 mb-2">Proceed to Checkout</a>
<a href="index.php" class="btn btn-outline-secondary w-100">Continue Shopping</a>
</div>
</div>
</div>
</div>
<?php endif; ?>
</main>
<!-- Footer -->
<footer class="py-4 mt-5 bg-light">
<div class="container text-center">
<p class="mb-0">&copy; <?= date("Y") ?> GiftShop. All Rights Reserved.</p>
</div>
</footer>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>

1
db/migrations/003_add_image_url_to_products.sql Normal file
View File

@ -0,0 +1 @@
ALTER TABLE products ADD COLUMN image_url VARCHAR(255) DEFAULT NULL;

74
index.php
View File

@ -1,3 +1,4 @@
<?php session_start(); ?>
<!DOCTYPE html>
<html lang="en">
<head>
@ -28,6 +29,11 @@
<li class="nav-item"><a class="nav-link" href="#products">Products</a></li>
<li class="nav-item"><a class="nav-link" href="#about">About</a></li>
<li class="nav-item"><a class="nav-link" href="#contact">Contact</a></li>
<li class="nav-item">
<a class="nav-link" href="basket.php">
<i class="bi bi-cart"></i> Basket (<?= array_sum($_SESSION['basket'] ?? []) ?>)
</a>
</li>
</ul>
<a href="#products" class="btn btn-primary ms-lg-3">Browse Catalog</a>
</div>
@ -67,41 +73,63 @@
</div>
</section>
<!-- Products/Categories Section -->
<!-- Products Section -->
<section id="products" class="py-5 bg-light">
<div class="container">
<div class="text-center mb-5">
<h2>Our Presents</h2>
<p class="lead">A glimpse into our curated collection.</p>
<h2>Our Products</h2>
<p class="lead">Browse our curated collection of gifts.</p>
</div>
<?php if (isset($_SESSION['message'])):
foreach ($_SESSION['message'] as $type => $message):
?>
<div class="alert alert-<?= $type ?> alert-dismissible fade show" role="alert">
<?= htmlspecialchars($message) ?>
<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
</div>
<?php
endforeach;
unset($_SESSION['message']);
endif;
?>
<div class="row">
<?php
require_once 'db/config.php';
$pdo = db();
$stmt = $pdo->query('SELECT id, name, description, price, stock_quantity, image_url FROM products ORDER BY name');
$products = $stmt->fetchAll(PDO::FETCH_ASSOC);
if ($products):
foreach ($products as $product):
?>
<div class="col-md-4 mb-4">
<div class="card h-100">
<img src="https://picsum.photos/seed/flowers/600/400" class="card-img-top" alt="A vibrant bouquet of fresh flowers.">
<div class="card-body text-center">
<h5 class="card-title">Flowers</h5>
<p class="card-text">Stunning bouquets for any celebration.</p>
<img src="<?= htmlspecialchars($product['image_url'] ? 'uploads/' . $product['image_url'] : 'https://picsum.photos/seed/product-' . $product['id'] . '/600/400') ?>" class="card-img-top" alt="<?= htmlspecialchars($product['name']) ?>">
<div class="card-body d-flex flex-column">
<h5 class="card-title"><?= htmlspecialchars($product['name']) ?></h5>
<p class="card-text"><?= htmlspecialchars($product['description']) ?></p>
<div class="mt-auto">
<p class="h4 text-primary mb-3">$<?= number_format($product['price'], 2) ?></p>
<form action="basket.php" method="post">
<input type="hidden" name="product_id" value="<?= $product['id'] ?>">
<input type="hidden" name="action" value="add">
<input type="hidden" name="return_url" value="index.php">
<button type="submit" class="btn btn-primary w-100" <?= ($product['stock_quantity'] <= 0) ? 'disabled' : '' ?>>
<i class="bi bi-cart-plus"></i> <?= ($product['stock_quantity'] > 0) ? 'Add to Basket' : 'Out of Stock' ?>
</button>
</form>
</div>
</div>
</div>
<div class="col-md-4 mb-4">
<div class="card h-100">
<img src="https://picsum.photos/seed/candies/600/400" class="card-img-top" alt="An assortment of colorful, artisanal candies.">
<div class="card-body text-center">
<h5 class="card-title">Candies & Sweets</h5>
<p class="card-text">Delicious treats to sweeten their day.</p>
</div>
</div>
</div>
<div class="col-md-4 mb-4">
<div class="card h-100">
<img src="https://picsum.photos/seed/books/600/400" class="card-img-top" alt="A stack of books tied with a ribbon.">
<div class="card-body text-center">
<h5 class="card-title">Books & Stationery</h5>
<p class="card-text">Inspiring reads and beautiful paper goods.</p>
</div>
</div>
<?php
endforeach;
else:
?>
<div class="col-12">
<p class="text-center">No products found. Please check back later!</p>
</div>
<?php endif; ?>
</div>
</div>
</section>

16
update_user_role.php Normal file
View File

@ -0,0 +1,16 @@
<?php
require_once __DIR__ . '/db/config.php';
try {
$pdo = db();
$stmt = $pdo->prepare("UPDATE users SET role = 'super_admin' WHERE username = 'admin'");
$stmt->execute();
if ($stmt->rowCount() > 0) {
echo "User role updated successfully. You can now log in to the admin panel. Please delete this file immediately.";
} else {
echo "Could not find the 'admin' user or the role is already 'super_admin'. Please check your database. You can delete this file.";
}
} catch (PDOException $e) {
echo "Database error: " . $e->getMessage();
}

BIN
uploads/68c1e8788f2356.53020190_Screenshot2025-09-10at23.03.50.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 229 KiB