Psst.. new poll here.
Psst.. new forums here.
Microsoft is blocking us again (TY IP Reputation!) so just use oauth login instead. :)
Paste
Pasted as PHP by dab ( 14 years ago )
<?php
require_once 'includes/session.php';
require_once 'includes/functions.php';
require_once 'includes/my_functions.php';
require_once 'includes/smarty.php';
// Useful functions for debugging
// var_dump($array|$variable);
// var_export($array|$variable);
// echo $variable;
/*-- include possible solution for demonstration purposes
if (DBTYPE == "mysqli") {
require_once 'loesung/mysqli/products.php';
} elseif (DBTYPE == "PDO") {
include 'loesung/PDO/products.php';
} elseif (DBTYPE == "SQLite") {
echo "SQLite not realized yet";
} else {
echo "wrong DBTYPE";
}
//*/
//## begin exercise
$errors='';
// Make the connection:
$dbc = @mysqli_connect (HOST, DBUSER, DBUSERPWD, DBNAME) OR die ('Could not connect to MySQL: ' . mysqli_connect_error() );
mysqli_set_charset($dbc, "utf8");
if (!isset($_SESSION[LOGGED_IN])) {
$_SESSION['redirect_url'] = basename($_SERVER['SCRIPT_NAME']);
$url = absolute_url('login.php');
header("Location: $url");
exit();
}
$smarty->assign('active',1);
if (isset($_POST['submitted'])){
// Validate the productname:
if (!empty($_POST['pname'])) {
$pname = mysqli_real_escape_string ($dbc, $_POST['pname']);
} else {
$pname = FALSE;
$errors .= '<p class="error">You forgot to enter a product name!</p>';
}
// Validate the price:
if (!empty($_POST['price'])) {
$price = mysqli_real_escape_string ($dbc, $_POST['price']);
} else {
$price = FALSE;
$errors .= '<p class="error">You forgot to enter a product price!</p>';
}
// Validate the shortdesc:
if (!empty($_POST['shortdesc'])) {
$shortdesc = mysqli_real_escape_string ($dbc, $_POST['shortdesc']);
} else {
$shortdesc = FALSE;
$errors .= '<p class="error">You forgot to enter a short description!</p>';
}
// Validate the longdesc:
if (!empty($_POST['longdesc'])) {
$longdesc = mysqli_real_escape_string ($dbc, $_POST['longdesc']);
} else {
$longdesc = FALSE;
$errors .= '<p class="error">You forgot to enter a long description!</p>';
}
// variable for active or inactive
$active = $_POST['active'];
// variable for ptype
$ptype = $_POST['ptype'];
// Everything is Ok
if($pname && $price && $shortdesc && $longdesc){
// Add the user to the database:
$q = "INSERT INTO products (product_name, product_category_name, price, short_description, long_description, active, date_added) VALUES ('$pname', '$ptype', '$price', '$shortdesc', '$longdesc', '$active', NOW())";
$r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
if (mysqli_affected_rows($dbc) == 1) { // If it ran OK.
$acknowledgment = "
<p>product name: '$pname'</p>
<p>category name: '$ptype'</p>
<p>price: '$price'</p>
<p>short description: </p>: '$shortdesc'</p>
<p>long description: '$longdesc'</p>
<p>active: '$active'</p>
";
echo $acknowledgment;
} else { // If it did not run OK.
$errors .= '<p class="error">The products could not be inserted into the database.</p>';
}
}
}
$assoc ["1"] = array("product_category_name" => "Grundstück");
$assoc ["2"] = array("product_category_name" => "Haus");
$assoc ["3"] = array("product_category_name" => "Wohnung");
// assign Array to Smarty, which can handle arrays
$smarty->assign('results', $assoc);
// end exercise */
$smarty->assign('errors', $errors);
$pname = param('pname');
$price = param('price');
$shortdesc = param('shortdesc');
$longdesc = param('longdesc');
$smarty->display('products.tpl');
?>
Revise this Paste