1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
|
<?php
include 'config.php';
// Check if the user is logged in
if ((!isSet($_SESSION['loginname'])) || ($loggin <> '1'))
{
header("Location: login.php");
exit;
}
require("configure.php");
$pdid = htmlspecialchars($_POST["pdid"],ENT_QUOTES);
$pdcode = htmlspecialchars($_POST["pdcode"],ENT_QUOTES);
$pdprice = htmlspecialchars($_POST["pdprice"],ENT_QUOTES);
$pdorgprice = htmlspecialchars($_POST["pdorgprice"],ENT_QUOTES);
$pdweight = htmlspecialchars($_POST["pdweight"],ENT_QUOTES);
$promo = htmlspecialchars($_POST["promo"],ENT_QUOTES);
$pdtitleen = htmlspecialchars($_POST["pdtitleen"],ENT_QUOTES);
$pdtitletc = htmlspecialchars($_POST["pdtitletc"],ENT_QUOTES);
$pdingredientsen = htmlspecialchars($_POST["pdingredientsen"],ENT_QUOTES);
$pdingredientstc = htmlspecialchars($_POST["pdingredientstc"],ENT_QUOTES);
$pddescen = preg_replace("/'/","\'",$_POST["pddescen"]);
$pddesctc = preg_replace("/'/","\'",$_POST["pddesctc"]);
$metapagetitleen = htmlspecialchars($_POST["metapagetitleen"],ENT_QUOTES);
$metapagetitletc = htmlspecialchars($_POST["metapagetitletc"],ENT_QUOTES);
$metakeyworden = htmlspecialchars($_POST["metakeyworden"],ENT_QUOTES);
$metakeywordtc = htmlspecialchars($_POST["metakeywordtc"],ENT_QUOTES);
$metadescen = htmlspecialchars($_POST["metadescen"],ENT_QUOTES);
$metadesctc = htmlspecialchars($_POST["metadesctc"],ENT_QUOTES);
$nowdate = date("Y-m-d H:i:s");
// old record
$result5 = mysql_query("SELECT * FROM product_cat_item WHERE pdid= '".$pdid."' ");
$a_inc2 = array();
while($row5 = mysql_fetch_array($result5,MYSQL_ASSOC)){
$a_inc2[$row5{'pdcatid'}] = $row5{'pdcatid'};
}
$cntpdcatid = count($_POST['pdcatidSelect']);
$i=1;
foreach($_POST['pdcatidSelect'] as $pdcatidbox){
$pdcatid[$i++] = $pdcatidbox;
}
$oldpdcatlist = $a_inc2;
$newpdcatlist = $pdcatid;
foreach($oldpdcatlist as $oldpdcatid){
if(in_array($oldpdcatid, $newpdcatlist)==false ){
// Delete Product Category db
$sql3 = "DELETE FROM product_cat_item WHERE pdcatid=". $oldpdcatid ." AND pdid=". $pdid ." ";
mysql_query($sql3);
// Update Category Sort
$sql5 = "UPDATE product_cat_item SET psort = psort-1 WHERE psort >=(select psort from product_cat_item where pdcatid=". $oldpdcatid ." AND pdid=". $pdid .") AND pdcatid=". $oldpdcatid ." AND pdid=". $pdid ." ";
mysql_query($sql5);
}
}
foreach($newpdcatlist as $newpdcatid){
if(in_array($newpdcatid, $oldpdcatlist)==false ){
// Sort
$sql = "select max(psort) as maxid ";
$sql .= "from product_cat_item WHERE pdcatid = '".$newpdcatid."' ";
$result=mysql_query($sql);
$row = mysql_fetch_array($result,MYSQL_ASSOC);
$psort = $row{maxid}+1;
$sql2 = "insert into product_cat_item (pdid, pdcatid, psort) values ('$pdid', '".$newpdcatid."', '$psort')";
mysql_query($sql2);
}
}
// Modify
$sql = "update product_detail set pdcode='$pdcode', pdprice='$pdprice', pdorgprice='$pdorgprice', pdweight='$pdweight', promo='$promo', pdtitleen='$pdtitleen', pdtitletc='$pdtitletc', pdingredientsen='$pdingredientsen', pdingredientstc='$pdingredientstc', pddescen='$pddescen', pddesctc='$pddesctc', metapagetitleen='$metapagetitleen', metapagetitletc='$metapagetitletc', metakeyworden='$metakeyworden', metakeywordtc='$metakeywordtc', metadescen='$metadescen', metadesctc='$metadesctc', modifyday='$nowdate', cmsloginid='".$_SESSION['cmsloginid']."' ";
$sql .= " where pdid=". $pdid ." ";
mysql_query($sql);
if( mysql_errno() > 0 ){
echo 'Modify Product Detail Error:<br />'. mysql_error() .'<br />SQL: '. $sql;
exit;
}
mysql_close($dbh);
header("Location: product_detail_index.php?msg=Modify Successful");
?>
|