Commit 07e19a48 authored by Maneesha Fernando's avatar Maneesha Fernando

changes

parent 88cd8d26
<?php <?php
// Check if session is not already started, then start it
if (session_id() == '' || !isset($_SESSION)) {
session_start();
}
// Check if $_SESSION["type"] is set and not empty //if (session_status() !== PHP_SESSION_ACTIVE) {session_start();}
if (isset($_SESSION["type"]) && $_SESSION["type"] !== "") { if(session_id() == '' || !isset($_SESSION)){session_start();}
// The session variable "type" is set and not empty
} else {
header("location:index.php");
exit(); // Add an exit to prevent further execution
}
if ($_SESSION["type"] != "admin") { if($_SESSION["type"]!="admin") {
header("location:index.php"); header("location:index.php");
exit(); // Add an exit to prevent further execution
} }
include 'config.php'; include 'config.php';
$_SESSION["products_id"] = array(); $_SESSION["products_id"] = array();
if (isset($_REQUEST['quantity'])) { $_SESSION["products_id"] = $_REQUEST['quantity'];
$_SESSION["products_id"] = $_REQUEST['quantity'];
}
$result = $mysqli->query("SELECT * FROM products ORDER BY id asc"); $result = $mysqli->query("SELECT * FROM products ORDER BY id asc");
$i = 0; $i=0;
$x = 1; $x=1;
if ($result) { if($result) {
while ($obj = $result->fetch_object()) { while($obj = $result->fetch_object()) {
if (empty($_SESSION["products_id"][$i])) { if(empty($_SESSION["products_id"][$i])) {
$i++; $i++;
$x++; $x++;
} else { }
$newqty = $obj->qty + intval($_SESSION["products_id"][$i]); // Use intval to sanitize input as an integer else {
if ($newqty < 0) $newqty = 0; // So, Qty will not be in negative. $newqty = $obj->qty + $_SESSION["products_id"][$i];
if($newqty < 0) $newqty = 0; //So, Qty will not be in negative.
// Use prepared statement to update the product quantity $update = $mysqli->query("UPDATE products SET qty =".$newqty." WHERE id =".$x);
$stmt = $mysqli->prepare("UPDATE products SET qty = ? WHERE id = ?"); if($update)
$stmt->bind_param("ii", $newqty, $x);
if ($stmt->execute()) {
echo 'Data Updated'; echo 'Data Updated';
}
$stmt->close();
$i++; $i++;
$x++; $x++;
} }
} }
} }
header("location:success.php");
exit(); // Add an exit to prevent further execution
header ("location:success.php");
?> ?>
<?php <?php
// Check if session is not already started, then start it. //if (session_status() !== PHP_SESSION_ACTIVE) {session_start();}
if (session_id() == '' || !isset($_SESSION)) { if(session_id() == '' || !isset($_SESSION)){session_start();}
session_start();
}
include 'config.php'; include 'config.php';
?> ?>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment