-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathAdmin_update.php
92 lines (77 loc) · 2.87 KB
/
Admin_update.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" href="css/style.css" media="screen">
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"> </script>
<script src="js/colpick.js" type="text/javascript"></script>
<link rel="stylesheet" href="css/colpick.css" type="text/css"/>
<script src = "js/usersChoice.js"></script>
</head>
<body background="images/background.jpg">
<?php include('interface.php'); ?>
<div>
<table border = "1" bgcolor = "#85C285">
<tr>
<form action="Admin_update.php" method="post">
<td>
<table>
<tr>
<td><label for="productnameID" > Name: </label></td>
<td><input type="text" name="Product_name" id="productnameID"></td>
</tr>
<tr>
<td><label for="descriptionID" > Description: </label></td>
<td><textarea name="Description" >Description:</textarea></td>
</tr>
<tr>
<td> <label for = "priceID"> Price: </label></td>
<td> <input type = "text" id = "priceID" name = "Price"></td>
</tr>
<tr>
<td> <label for = "YearID"> Year: </label></td>
<td> <input type = "text" id = "YearID" name = "Year"></td>
</tr>
<tr>
<td></td>
<td> <input type = "submit" name = "add_item" value = "Add item"> </td>
</tr>
</table>
</td>
</form>
</tr>
</table>
<?php
$host="mysql.metropolia.fi"; // Host name
$username="anp"; // Mysql username
$password="anphu123"; // Mysql password
$db_name="anp"; // Database name
$tbl_name="product_info"; // Table name
// Connect to server and select databse.
$connect = mysqli_connect("$host", "$username", "$password");
if(mysqli_connect_errno($connect)) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
var_dump($col4);
if ($col4 == "admin")
echo "Welcome admin";
mysqli_select_db($connect, "$db_name")or die("cannot select DB");
if (isset($_POST['add_item'])) {
$p_name = $_POST['Product_name'];
$description = $_POST['Description'];
$price = $_POST['Price'];
$year = $_POST['Year'];
$sql = "INSERT INTO product_info (Name, Description, Price, Year) VALUES (?, ?, ?, ?)";
$stmt = mysqli_prepare($connect, $sql);
mysqli_stmt_bind_param($stmt, "sssi", $val1, $val2, $val3, $val4);
$val1 = $p_name;
$val2 = $description;
$val3 = $price;
$val4 = $year;
$temp = mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
}
?>
</div>
</body>
</html>