Commit 7b1f6837 authored by Maneesha Fernando's avatar Maneesha Fernando

update admin-update

parent 042bdcab
<?php <?php
if (session_id() == '' || !isset($_SESSION)) {
session_start();
}
//if (session_status() !== PHP_SESSION_ACTIVE) {session_start();} if ($_SESSION["type"] != "admin") {
if(session_id() == '' || !isset($_SESSION)){session_start();}
if($_SESSION["type"]!="admin") {
header("location:index.php"); header("location:index.php");
} }
...@@ -12,34 +12,33 @@ include 'config.php'; ...@@ -12,34 +12,33 @@ include 'config.php';
$_SESSION["products_id"] = array(); $_SESSION["products_id"] = array();
$_SESSION["products_id"] = $_REQUEST['quantity']; $_SESSION["products_id"] = $_REQUEST['quantity'];
$result = $mysqli->query("SELECT * FROM products ORDER BY id asc"); $result = $mysqli->query("SELECT * FROM products ORDER BY id asc");
$i=0; $i = 0;
$x=1; $x = 1;
if($result) { if ($result) {
while($obj = $result->fetch_object()) { while ($obj = $result->fetch_object()) {
if(empty($_SESSION["products_id"][$i])) { if (empty($_SESSION["products_id"][$i])) {
$i++; $i++;
$x++; $x++;
} } else {
else { $newqty = $obj->qty + intval($_SESSION["products_id"][$i]); // Use intval to sanitize input as an integer
$newqty = $obj->qty + $_SESSION["products_id"][$i]; if ($newqty < 0) $newqty = 0; // So, Qty will not be in negative.
if($newqty < 0) $newqty = 0; //So, Qty will not be in negative.
$update = $mysqli->query("UPDATE products SET qty =".$newqty." WHERE id =".$x); // Use prepared statement to update the product quantity
if($update) $stmt = $mysqli->prepare("UPDATE products SET qty = ? WHERE id = ?");
$stmt->bind_param("ii", $newqty, $x);
if ($stmt->execute()) {
echo 'Data Updated'; echo 'Data Updated';
}
$stmt->close();
$i++; $i++;
$x++; $x++;
} }
} }
} }
header("location:success.php");
header ("location:success.php");
?> ?>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment