Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
T
TMP-2023-24-048
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Maneesha Fernando
TMP-2023-24-048
Commits
07e19a48
Commit
07e19a48
authored
Oct 04, 2023
by
Maneesha Fernando
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
changes
parent
88cd8d26
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
24 additions
and
39 deletions
+24
-39
admin-update.php
admin-update.php
+22
-34
cart.php
cart.php
+2
-5
No files found.
admin-update.php
View file @
07e19a48
<?php
// Check if session is not already started, then start it
if
(
session_id
()
==
''
||
!
isset
(
$_SESSION
))
{
session_start
();
}
// Check if $_SESSION["type"] is set and not empty
if
(
isset
(
$_SESSION
[
"type"
])
&&
$_SESSION
[
"type"
]
!==
""
)
{
// The session variable "type" is set and not empty
}
else
{
header
(
"location:index.php"
);
exit
();
// Add an exit to prevent further execution
}
//if (session_status() !== PHP_SESSION_ACTIVE) {session_start();}
if
(
session_id
()
==
''
||
!
isset
(
$_SESSION
)){
session_start
();}
if
(
$_SESSION
[
"type"
]
!=
"admin"
)
{
if
(
$_SESSION
[
"type"
]
!=
"admin"
)
{
header
(
"location:index.php"
);
exit
();
// Add an exit to prevent further execution
}
include
'config.php'
;
$_SESSION
[
"products_id"
]
=
array
();
if
(
isset
(
$_REQUEST
[
'quantity'
]))
{
$_SESSION
[
"products_id"
]
=
$_REQUEST
[
'quantity'
];
}
$_SESSION
[
"products_id"
]
=
$_REQUEST
[
'quantity'
];
$result
=
$mysqli
->
query
(
"SELECT * FROM products ORDER BY id asc"
);
$i
=
0
;
$x
=
1
;
$i
=
0
;
$x
=
1
;
if
(
$result
)
{
while
(
$obj
=
$result
->
fetch_object
())
{
if
(
empty
(
$_SESSION
[
"products_id"
][
$i
]))
{
if
(
$result
)
{
while
(
$obj
=
$result
->
fetch_object
())
{
if
(
empty
(
$_SESSION
[
"products_id"
][
$i
]))
{
$i
++
;
$x
++
;
}
else
{
$newqty
=
$obj
->
qty
+
intval
(
$_SESSION
[
"products_id"
][
$i
]);
// Use intval to sanitize input as an integer
if
(
$newqty
<
0
)
$newqty
=
0
;
// So, Qty will not be in negative.
// Use prepared statement to update the product quantity
$stmt
=
$mysqli
->
prepare
(
"UPDATE products SET qty = ? WHERE id = ?"
);
$stmt
->
bind_param
(
"ii"
,
$newqty
,
$x
);
if
(
$stmt
->
execute
())
{
}
else
{
$newqty
=
$obj
->
qty
+
$_SESSION
[
"products_id"
][
$i
];
if
(
$newqty
<
0
)
$newqty
=
0
;
//So, Qty will not be in negative.
$update
=
$mysqli
->
query
(
"UPDATE products SET qty ="
.
$newqty
.
" WHERE id ="
.
$x
);
if
(
$update
)
echo
'Data Updated'
;
}
$stmt
->
close
();
$i
++
;
$x
++
;
}
}
}
header
(
"location:success.php"
);
exit
();
// Add an exit to prevent further execution
header
(
"location:success.php"
);
?>
cart.php
View file @
07e19a48
<?php
// Check if session is not already started, then start it.
if
(
session_id
()
==
''
||
!
isset
(
$_SESSION
))
{
session_start
();
}
//if (session_status() !== PHP_SESSION_ACTIVE) {session_start();}
if
(
session_id
()
==
''
||
!
isset
(
$_SESSION
)){
session_start
();}
include
'config.php'
;
?>
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment