40 lines
1.2 KiB
PHP
40 lines
1.2 KiB
PHP
<?php
|
|
require_once __DIR__ . '/db/config.php';
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$id = $_POST['id'];
|
|
$name = $_POST['name'];
|
|
$sku = $_POST['sku'];
|
|
$category = $_POST['category'];
|
|
$price = $_POST['price'];
|
|
$stock = $_POST['stock'];
|
|
|
|
// Basic validation
|
|
if (empty($name) || empty($price) || !is_numeric($price) || !is_numeric($stock)) {
|
|
// Handle validation error, e.g., redirect back with an error message
|
|
header('Location: product_edit.php?id=' . $id . '&error=validation');
|
|
exit;
|
|
}
|
|
|
|
try {
|
|
$stmt = db()->prepare(
|
|
'UPDATE products SET name = ?, sku = ?, category = ?, price = ?, stock = ? WHERE id = ?'
|
|
);
|
|
$stmt->execute([$name, $sku, $category, $price, $stock, $id]);
|
|
|
|
// Redirect to products list on success
|
|
header('Location: products.php?status=updated');
|
|
exit;
|
|
} catch (PDOException $e) {
|
|
// Handle DB error, e.g., log error and redirect
|
|
// For development, you might want to see the error
|
|
// error_log($e->getMessage());
|
|
header('Location: product_edit.php?id=' . $id . '&error=db');
|
|
exit;
|
|
}
|
|
}
|
|
|
|
// Redirect if accessed directly
|
|
header('Location: products.php');
|
|
exit;
|