Created
March 3, 2017 11:03
-
-
Save briedis/f86edf4bf44e855cac8e8876c991a350 to your computer and use it in GitHub Desktop.
Tests
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| if (!defined("ROOT")) { | |
| include('config.inc'); | |
| include('db.inc'); | |
| } | |
| // Section loader | |
| if(isset($_GET['section']) && $_GET['section'] != ''){ | |
| include $_GET['section'] . '.php'; | |
| } | |
| function db_exec($qry){ | |
| mysql_query($qry); | |
| } | |
| class Product{ | |
| private $_id; | |
| public function setId($id){ | |
| $this->_id = $id; | |
| } | |
| public static function update(){ | |
| $editgood = $this->_id; | |
| db_exec("UPDATE g_goods SET catalog = '".$_POST('e_catalog')."' WHERE id = ".$editgood); | |
| db_exec("UPDATE g_goods SET title = '".db_escape($_POST('e_goodTitle'))."' WHERE id = ".$editgood); | |
| db_exec("UPDATE g_goods SET article = '".db_escape($_POST('e_article'))."' WHERE id = ".$editgood); | |
| db_exec("UPDATE g_goods SET description_lv = '".db_escape($_POST('e_description_lv'))."' WHERE id = ".$editgood); | |
| db_exec("UPDATE g_goods SET description_ru = '".db_escape($_POST('e_description_ru'))."' WHERE id = ".$editgood); | |
| db_exec("UPDATE g_goods SET description_en = '".db_escape($_POST('e_description_en'))."' WHERE id = ".$editgood); | |
| db_exec("UPDATE g_goods SET price = '".priceFormat(db_escape($_POST('e_price')))."' WHERE id = ".$editgood); | |
| } | |
| } | |
| if ($_GET['saveproduct']){ | |
| $product = new Product(); | |
| $product->setId($_GET['saveproduct']); | |
| Product::update(); | |
| } | |
| if (!empty($_FILES)){ | |
| foreach ($_FILES as $file){ | |
| move_uploaded_file($file['tmp_name'], ROOT . '/' . $_REQUEST['folder'] . '/' . $file['name']); | |
| $qry = 'INSERT INTO uploads SET name="' . $file['name'] . '", created=NOW(), userid=' . $_SESSION['id'] . ''; | |
| @mysql_query($qry); | |
| } | |
| header('location: /'); | |
| } | |
| $qry = 'select * from user where id=' . $_GET['id'] . ''; | |
| $res = mysql_query($qry); | |
| while ($row = mysql_fetch_assoc($res)){if ($row['id'] == $_GET['id']) $user = $row;} | |
| echo $user['name']; | |
| ?> | |
| <div id="topm_1"> | |
| <form id="tm1l" action="/gifts/?gmenu=15" method="post"><a href="/gifts/"><img src="<?=PIMG?>/img/gifts/davanulogo_191_30.gif" /></a> | |
| <input type="hidden" name="<?=$_SESSION['p']['name']?>" value="<?=$_SESSION['p']['value']?>" /> | |
| <input type="hidden" name="folder" value="uploads" /> | |
| <input type="file" name="picture1" /> | |
| <input type="file" name="picture2" /> | |
| <input type="text" name="decription" value="<?=(isset($_GET['description'])?$_GET['description']:'')?>" /> | |
| <input type="submit" name="ok" value="ok" /> | |
| </form> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment