forked from Astha1404/charvi
-
Notifications
You must be signed in to change notification settings - Fork 1
/
dummy.php
86 lines (83 loc) · 3.35 KB
/
dummy.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
<form action='<?php echo $_SERVER['PHP_SELF']; ?>' method="post" enctype="multipart/form-data">
<div>
<label for="productName">Enter Product Name : </label>
<input type="text" name="productName" id="productName">
</div>
<div>
<label for="price">Enter Price : </label>
<input type="number" name="price" id="price">
</div>
<div>
<label for="description">Enter description : </label>
<textarea name="description" id="description" cols="30" rows="10"></textarea>
</div>
<div>
<label for="quantity">Enter quantity : </label>
<input type="number" name="quantity" id="quantity">
</div>
<div>
<label for="category">Choose Category : </label>
<select name="category" id="category">
<option value="0">Select Category</option>
<?php
require 'dbconnection.php';
$sql = "SELECT * FROM category";
$result = mysqli_query($con,$sql);
if(mysqli_num_rows($result)>0)
{
while(($row = mysqli_fetch_assoc($result))!=null)
{
echo "<option value={$row['CATEGORY_ID']}>{$row['CATEGORY_NAME']}</option>";
// die(print_r($row));
}
}
?>
</select>
</div>
<div>
<label for="company">Choose Company : </label>
<select name="company" id="company">
<option value="0">Select Category</option>
<?php
$sql = "SELECT * FROM company";
$result = mysqli_query($con,$sql);
if(mysqli_num_rows($result)>0)
{
while(($row = mysqli_fetch_assoc($result))!=null)
{
echo "<option value={$row['COMPANY_ID']}>{$row['COMPANY_NAME']}</option>";
// die(print_r($row));
}
}
?>
</select>
</div>
<div>
<label for="image">Choose Image : </label>
<input type="file" name="image" id="image">
</div>
<input type="submit" name="submit">
<?php
if(isset($_POST['submit']))
{
$pname = mysqli_real_escape_string($con,$_POST['productName']);
$price = mysqli_real_escape_string($con,$_POST['price']);
$desc = mysqli_real_escape_string($con,$_POST['description']);
$qty = mysqli_real_escape_string($con,$_POST['quantity']);
$category = mysqli_real_escape_string($con,$_POST['category']);
$img = mysqli_real_escape_string($con,$_FILES['image']['name']);
$company = mysqli_real_escape_string($con,$_POST['company']);
$tmp_img = mysqli_real_escape_string($con,$_FILES['image']['tmp_name']);
$sql = "INSERT INTO `product`(`PRODUCT_ID`, `PRODUCT_NAME`, `PRICE`, `DESCRIPTION`, `QUANTITY`, `CATEGORY_ID`, `COMPANY_ID`, `IMAGE`) VALUES (NULL,'{$pname}','{$price}','{$desc}','{$qty}','{$category}','{$company}','{$img}')";
$result = mysqli_query($con,$sql);
if($result)
{
move_uploaded_file($tmp_img,"Assets/Images/Products/{$img}");
}
else
{
echo "QUERY FAILED";
}
}
?>
</form>