76 lines
2.7 KiB
PHP
76 lines
2.7 KiB
PHP
<?php
|
|
session_start();
|
|
require_once __DIR__ . '/../../db/config.php';
|
|
|
|
if (!isset($_SESSION["user_id"]) || $_SESSION["role"] !== 'admin') {
|
|
header("Location: ../../login.php");
|
|
exit();
|
|
}
|
|
|
|
$id = $_GET['id'] ?? null;
|
|
if (!$id) {
|
|
header("Location: index.php");
|
|
exit();
|
|
}
|
|
|
|
$stmt = db()->prepare("SELECT * FROM products WHERE id = ?");
|
|
$stmt->execute([$id]);
|
|
$product = $stmt->fetch();
|
|
|
|
if (!$product) {
|
|
header("Location: index.php");
|
|
exit();
|
|
}
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$name = $_POST['name'] ?? '';
|
|
$description = $_POST['description'] ?? '';
|
|
$price = $_POST['price'] ?? '';
|
|
$image_url = $_POST['image_url'] ?? '';
|
|
|
|
if (!empty($name) && !empty($price)) {
|
|
try {
|
|
$stmt = db()->prepare("UPDATE products SET name = ?, description = ?, price = ?, image_url = ? WHERE id = ?");
|
|
$stmt->execute([$name, $description, $price, $image_url, $id]);
|
|
header("Location: index.php");
|
|
exit();
|
|
} catch (PDOException $e) {
|
|
$error = "Database error: " . $e->getMessage();
|
|
}
|
|
} else {
|
|
$error = "Please fill all required fields.";
|
|
}
|
|
}
|
|
|
|
include __DIR__ . '/../templates/header.php';
|
|
?>
|
|
|
|
<div class="container">
|
|
<h1 class="mt-4">Edit Product</h1>
|
|
<?php if (isset($error)): ?>
|
|
<div class="alert alert-danger"><?= htmlspecialchars($error) ?></div>
|
|
<?php endif; ?>
|
|
<form action="edit.php?id=<?= $id ?>" method="POST">
|
|
<div class="mb-3">
|
|
<label for="name" class="form-label">Product Name</label>
|
|
<input type="text" class="form-control" id="name" name="name" value="<?= htmlspecialchars($product['name']) ?>" required>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label for="description" class="form-label">Description</label>
|
|
<textarea class="form-control" id="description" name="description" rows="3"><?= htmlspecialchars($product['description']) ?></textarea>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label for="price" class="form-label">Price</label>
|
|
<input type="number" step="0.01" class="form-control" id="price" name="price" value="<?= htmlspecialchars($product['price']) ?>" required>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label for="image_url" class="form-label">Image URL</label>
|
|
<input type="text" class="form-control" id="image_url" name="image_url" value="<?= htmlspecialchars($product['image_url']) ?>">
|
|
</div>
|
|
<button type="submit" class="btn btn-primary">Update Product</button>
|
|
<a href="index.php" class="btn btn-secondary">Cancel</a>
|
|
</form>
|
|
</div>
|
|
|
|
<?php include __DIR__ . '/../templates/footer.php'; ?>
|