31 lines
1008 B
PHP
31 lines
1008 B
PHP
<?php
|
|
require_once __DIR__ . '/../db/config.php';
|
|
session_start();
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST' || !isset($_SESSION['user_id']) || $_SESSION['role'] !== 'admin') {
|
|
header('Location: /login.php');
|
|
exit;
|
|
}
|
|
|
|
$product_id = $_POST['product_id'] ?? null;
|
|
$quantity = $_POST['quantity'] ?? null;
|
|
|
|
if (empty($product_id) || !is_numeric($quantity) || $quantity < 0) {
|
|
$_SESSION['error_message'] = "Invalid data provided. Please enter a valid quantity.";
|
|
header('Location: /dashboard.php?page=admin_inventory');
|
|
exit;
|
|
}
|
|
|
|
try {
|
|
$pdo = db();
|
|
$stmt = $pdo->prepare("UPDATE inventory SET quantity = ? WHERE product_id = ?");
|
|
$stmt->execute([$quantity, $product_id]);
|
|
$_SESSION['success_message'] = "Inventory updated successfully!";
|
|
} catch (PDOException $e) {
|
|
error_log("Inventory update failed: " . $e->getMessage());
|
|
$_SESSION['error_message'] = "Failed to update inventory. Please try again.";
|
|
}
|
|
|
|
header('Location: /dashboard.php?page=admin_inventory');
|
|
exit;
|