]]jkjjgdjffksdkdfdkasertertertrtetsadskdfgjdskfgj
במ12[aspddfasdaertertertertetghjghjsadasbvxcvxcv;'
/
home
/
u181040597
/
domains
/
jyotielevator.com
/
public_html
/
admin
/
Upload FileeE
HOME
<?php include("header.php"); include("aside.php"); include("db_connect.php"); // Assuming you have a separate file for database connection $id = $_GET['id']; // Prepared statement to prevent SQL injection $stmt = $connect->prepare("SELECT * FROM `product` WHERE `id` = ?"); $stmt->bind_param("i", $id); $stmt->execute(); $result = $stmt->get_result(); $row = $result->fetch_assoc(); $update_img = $row['pro_image']; if (isset($_POST['submit'])) { $name = $_POST['name']; $slug = trim($_POST['slug']); $desc = $_POST['desc']; // Replace spaces with underscores in $slug $slug = str_replace(' ', '-', $slug); $image = $_FILES['image']['name']; $img_path = "./product/" . $image; // Prepare SQL update statement if (empty($image)) { $update_stmt = $connect->prepare("UPDATE `product` SET `pro_name` = ?, `slug_url` = ?, `pro_description` = ? WHERE `id` = ?"); $update_stmt->bind_param("sssi", $name, $slug, $desc, $id); } else { $update_stmt = $connect->prepare("UPDATE `product` SET `pro_name` = ?, `slug_url` = ?, `pro_description` = ?, `pro_image` = ? WHERE `id` = ?"); $update_stmt->bind_param("ssssi", $name, $slug, $desc, $image, $id); } if ($update_stmt->execute()) { if (!empty($image)) { // Delete old image and move new image unlink("./product/" . $update_img); move_uploaded_file($_FILES['image']['tmp_name'], $img_path); } header('Location: categoriesdatatable.php'); // exit; } else { echo "Data did not update: " . $connect->error; } } ?> <div class="container w-100 h-100 mt-5"> <button> <a class="btn btn-outline-primary" href="categoriesdatatable.php">View Data</a></button> <h3 class="text-center">Update Product</h3> <div class="row"> <div class="col-md-9 mt-5"> <form method="post" enctype="multipart/form-data"> <div class="form-group"> <label for="name">Product name:</label> <input class="form-control" name="name" type="text" value="<?php echo htmlspecialchars($row['pro_name']); ?>" id="name"> </div> <div class="form-group"> <label for="slug">Product Slug:</label> <input class="form-control" name="slug" type="text" value="<?php echo htmlspecialchars($row['slug_url']); ?>" id="slug"> </div> <div class="form-group"> <label for="desc">Product Description:</label> <textarea name="desc" id="desc"><?php echo htmlspecialchars($row['pro_description']); ?></textarea> </div> <div class="form-group"> <label for="image">Product Image:</label> <input type="file" class="form-control" name="image" id="image"> </div> <button type="submit" class="btn btn-primary" name="submit">Submit</button> </form> </div> </div> </div> <?php include("footer.php"); ?>