34 lines
1.1 KiB
PHP
34 lines
1.1 KiB
PHP
<?php
|
|
require_once __DIR__ . '/../db/config.php';
|
|
session_start();
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST' || !isset($_SESSION['user_id']) || $_SESSION['role'] !== 'admin') {
|
|
header('Location: /login.php');
|
|
exit;
|
|
}
|
|
|
|
$id = $_POST['id'] ?? null;
|
|
$name = $_POST['name'] ?? '';
|
|
$description = $_POST['description'] ?? '';
|
|
$price = $_POST['price'] ?? 0;
|
|
$barcode = $_POST['barcode'] ?? null;
|
|
|
|
if (empty($id) || empty($name) || !is_numeric($price)) {
|
|
$_SESSION['error_message'] = "Invalid data provided.";
|
|
header('Location: /dashboard.php?page=admin_products');
|
|
exit;
|
|
}
|
|
|
|
try {
|
|
$pdo = db();
|
|
$stmt = $pdo->prepare("UPDATE products SET name = ?, description = ?, price = ?, barcode = ? WHERE id = ?");
|
|
$stmt->execute([$name, $description, $price, $barcode, $id]);
|
|
$_SESSION['success_message'] = "Product updated successfully!";
|
|
} catch (PDOException $e) {
|
|
error_log("Product update failed: " . $e->getMessage());
|
|
$_SESSION['error_message'] = "Failed to update product. Please try again.";
|
|
}
|
|
|
|
header('Location: /dashboard.php?page=admin_products');
|
|
exit;
|