33 lines
1.0 KiB
PHP
33 lines
1.0 KiB
PHP
<?php
|
|
require_once __DIR__ . '/../db/config.php';
|
|
session_start();
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST' || !isset($_SESSION['user_id']) || $_SESSION['role'] !== 'admin') {
|
|
header('Location: /login.php');
|
|
exit;
|
|
}
|
|
|
|
$name = $_POST['name'] ?? '';
|
|
$description = $_POST['description'] ?? '';
|
|
$price = $_POST['price'] ?? 0;
|
|
$barcode = $_POST['barcode'] ?? null;
|
|
|
|
if (empty($name) || !is_numeric($price)) {
|
|
$_SESSION['error_message'] = "Product name and a valid price are required.";
|
|
header('Location: /dashboard.php?page=admin_products');
|
|
exit;
|
|
}
|
|
|
|
try {
|
|
$pdo = db();
|
|
$stmt = $pdo->prepare("INSERT INTO products (name, description, price, barcode) VALUES (?, ?, ?, ?)");
|
|
$stmt->execute([$name, $description, $price, $barcode]);
|
|
$_SESSION['success_message'] = "Product created successfully!";
|
|
} catch (PDOException $e) {
|
|
error_log("Product creation failed: " . $e->getMessage());
|
|
$_SESSION['error_message'] = "Failed to create product. Please try again.";
|
|
}
|
|
|
|
header('Location: /dashboard.php?page=admin_products');
|
|
exit;
|